AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 12/27/2022

‘Tis the season for gaming: Keeping children safe (and parents sane)

Despite gathering macro-economic headwinds, US consumers are set to increase their total retail spending by around 7% year-on-year this holiday season, and by 3.5% on electronics. But while several weeks of uninterrupted gaming might seem like the dream Christmas for many youngsters, there are also risks that parents need to be aware of. Whether your children are playing a console in the living room, or accessing games via their mobile device or PC, it’s worth familiarizing yourself with some of the main threats. Take a look at the below and check out our advice to keep the holidays happy this year.

What Kind of Data Gets Stolen When a Developer is Compromised?

We have spent a long time convincing people they shouldn’t open email attachments from unknown senders. We have spent considerably less time convincing the wider developer community that installing packages from unknown sources is a terrible idea. While phishing campaigns remain effective, they often land the attacker in some unrelated part of the organization and still require a pivot to the final target. Supply chain attacks cut to the heart of the organization, compromising the developer and their privileged accesses. In some cases, like typosquatting and dependency confusion, these attacks are carried out without direct communication between the attacker and the developer. There is no email attachment to open since the developer willingly pulls in the code (which contains the malware).

Meta agrees to pay $725 million to settle Cambridge Analytica class action lawsuit

Facebook’s parent company Meta has agreed to pay $725 million to settle a years-long class action lawsuit triggered by disclosures in 2018 that the company shared user data with consulting firm Cambridge Analytica that was used for political advertising. The settlement (which can be read in full here, via Reuters) does not include an admission of wrongdoing on Meta’s part, and will still have to be approved by federal judges in the Northern District of California, reports CNBC. The settlement document states that the $725 million fee is the largest ever in a data privacy class action case, as well as the most Facebook has ever paid to resolve a class action lawsuit.

Global counter-ransomware task force to become active in January

Clare O’Neil, the Australian cybersecurity minister, plans to announce in coming days that a global task force to counter ransomware will become operational next month, the latest step in a global effort that began in Washington to fight back against the growing number of cyberattacks, a senior Biden administration official told CyberScoop. As first announced during a recent summit in Washington, Australia will lead the International Counter Ransomware Task Force, which includes the U.S. and its allies, in an effort to foster greater international information sharing and exchanging capabilities to battling the global ransomware problem. 

W4SP Stealer Discovered in Multiple PyPI Packages Under Various Names

Threat actors have published yet another round of malicious packages to Python Package Index (PyPI) with the goal of delivering information-stealing malware on compromised developer machines. Interestingly, while the malware goes by a variety of names like ANGEL Stealer, Celestial Stealer, Fade Stealer, Leaf $tealer, PURE Stealer, Satan Stealer, and @skid Stealer, cybersecurity company Phylum found them all to be copies of W4SP Stealer. W4SP Stealer primarily functions to siphon user data, including credentials, cryptocurrency wallets, Discord tokens, and other files of interest. It’s created and published by an actor who goes by the aliases BillyV3, BillyTheGoat, and billythegoat356. “For some reason, each deployment appears to have simply tried to do a find/replace of the W4SP references in exchange for some other seemingly arbitrary name,” the researchers said in a report published earlier this week.

Everyone Is Using Google Photos Wrong

EVERY YEAR, MORE than a billion people use the Google Photos app to upload and store billions of pictures and videos. For many, the process is likely identical: You snap some photos with your phone and they’re automatically uploaded to Google’s cloud service. You might pick the best photo and share it on WhatsApp or Instagram and then never think about the rest of them ever again. The photos join a constantly updating stream of data about life. But it shouldn’t be this way. Uploading thousands of photos and never taking any steps to sort or manage them creates a series of privacy risks and is making it impossible to maintain your photo collection in the future. Now is the time to stop being an information hoarder, before it spirals out of control.

TikTok parent company ByteDance revealed the use of TikTok data to track journalists

TikTok parent company ByteDance revealed that several employees accessed the TikTok data of two journalists to investigate leaks of company information to the media. According to an email from ByteDance’s general counsel Erich Andersen which was seen by the AFP news agency, the Chinese company was attempting to discover who shared company information with a Financial Times reporter and a former BuzzFeed journalist. The company fired an undisclosed number of employees who were involved in the data leak because they violated the company’s Code of Conduct, but it did not reveal their names. In an attempt to discover the location of the unfaithful employees, the Chinese personnel analyzed their IP addresses, but this method was approximate.

CPRA explained: New California privacy law ramps up restrictions on data use

On January 1, 2023, 20, the California Privacy Rights Act (CPRA) will go into effect. Approved by ballot measure as Proposition 24 in November 2020, it created a new consumer data privacy agency and put California another step ahead of other states in terms of privacy productions for consumers—and data security requirements for enterprises. California already had a privacy law in place, the California Consumer Privacy Act (CCPA), adopted in 2018. It went into effect in January 2020, and enforcement officially began in July 2020.

Related Posts