AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 2/12/2024

Google unmasks 5 spyware firms from Italy, Greece and Spain that infect phones all over the world 

Wow, that Mediterranean climate sure is something! Five companies from Southern Europe have been called out by Google and accused of producing spyware software that infects and affects phones all over the world. The search engine giant said these five companies from Italy, Greece and Spain were “enabling the use of dangerous hacking tools”, and urged the United States and its allies to do more to combat the spyware industry (via Reuters). 


Prince Harry settles a case against a U.K. tabloid publisher that hacked his phone 

A British newspaper publisher has agreed to pay Price Harry a “substantial” sum in costs and damages for invading his privacy with phone hacking and other illegal snooping, Harry’s lawyer said Friday. Attorney David Sherborne said Mirror Group Newspapers had agreed to pay Harry legal costs and damages and would make an interim payment of 400,000 pounds ($505,000). Harry was awarded 140,000 pounds ($177,000) in damages in December after a judge found that phone hacking was “widespread and habitual” at Mirror Group Newspapers in the 1990s, and that executives at the papers covered it up. Judge Timothy Fancourt found that Harry’s phone was hacked “to a modest extent.” 


New USB stick has a self-destruct feature that heats it to over 100 degrees Celsius 

Through GitHub and Crowd Supply, Ryan Walker of Interrupt Labs (via CNX Software) is releasing a security-focused, open-source USB flash drive called Ovrdrive USB, which boasts a self-destruct mechanism that heats the flash chip to over 100 degrees Celsius. The Ovrdrive USB is unencrypted by default, so it should still be legal in countries where encryption is otherwise illegal while providing an extra degree of (physical) security not matched by our current best flash drives. 


UN Experts Investigating 58 Suspected North Korean Cyberattacks Valued at About $3 Billion 

U.N. experts say they are investigating 58 suspected North Korean cyberattacks between 2017 and 2023 valued at approximately $3 billion, with the money reportedly being used to help fund its development of weapons of mass destruction. And the high volume of cyberattacks by North Korean hacking groups who report to the Reconnaissance General Bureau, North Korea’s primary foreign intelligence organization, is reportedly continuing, the panel of experts said in the executive summary of a new report to the U.N. Security Council obtained Friday by The Associated Press. 


ExpressVPN bug has been leaking some DNS requests for years 

ExpressVPN has removed the split tunneling feature from the latest version of its software after finding that a bug exposed the domains users were visiting to configured DNS servers. The bug was introduced in ExpressVPN Windows versions 12.23.1 – 12.72.0, published between May 19, 2022, and Feb. 7, 2024, and only affected those using the split tunneling feature. The split tunneling feature allows users to selectively route some internet traffic in and out of the VPN tunnel, providing flexibility to those needing both local access and secure remote access simultaneously. 


Related Posts