AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 3/16/2020

1 – US is preparing to ban foreign-made drones from government use

The Trump administration is preparing an executive order to ban federal departments and agencies from buying or using foreign-made drones, citing a risk to national security, TechCrunch has learned. The draft order, which was drafted in the past few weeks and seen by TechCrunch, would effectively ban both foreign-made drones or drones made with foreign components out of fear that sensitive data collected during their use could be transferred to adversarial nation-states. The order specifically calls out threats posed by China, a major hub for drone manufacturers that supply both government and consumers, with the prospect that other countries could be added later. The order says it’s government policy to “encourage” the use of domestically built drones instead.


2 – Dutch government loses hard drives with data of 6.9 million registered donors

The Dutch government said it lost two external hard disk storage devices that contained the personal data of more than 6.9 million organ donors. The hard drives stored electronic copies of all donor forms filed with the Dutch Donor Register between February 1998 to June 2010, officials from the Dutch Minister of Health, Wellness, and Sport said earlier this week. The disks were last used in 2016 and were placed inside a secure vault for storage, as Dutch authorities rotated to using newer drives. Authorities discovered that the two disks had gone missing earlier this year when they purged old donor registration paper forms and wanted to remove their electronic copies.


3 – Cyber hackers demand $30m from ‘major international company’ with office in Perth

A global company with an office in Perth has been attacked by hackers who are demanding a $30 million ransom to unlock its computer system in Australia. Consumer Protection WA has not named the “major international company” but said the cyber attack had forced it to stop trading. The company — which said the personal data of its clients had not been compromised — has indicated it will not bow to the ransom demand as IT experts from a parent company in the US work to block the hackers and build a new website. The ransomware attack is similar to one that affected Toll Group two weeks ago, disrupting freight and parcel deliveries.


4 – Europol takes down SIM-swap hacking rings responsible for theft of millions of euros

Europol, with help from local law enforcement, has made a series of arrests across Europe in a crackdown on SIM-swapping attacks.   Under the name “Operation Quinientos Dusim,” Europol’s European Cybercrime Centre (EC3), the Spanish National Police, and Spanish Civil Guard arrested 12 suspects across Benidorm, Granada, and Valladolid. Law enforcement in Romania and Austria arrested a further 14 alleged members of a separate gang under “Operation Smart Cash.”  The first hacking ring is believed to be responsible for the theft of over €3 million in a series of SIM-swapping attacks.


5 – UK government enlists influencers to battle coronavirus misinformation

You’ve probably seen posts on Facebook, Instagram and Twitter that say you can self-test for COVID-19, the disease caused by the novel coronavirus, by holding your breath for 10 seconds. According to medical experts the Associated Press interviewed, those posts aren’t accurate. And it’s precisely that type of misinformation the UK government hopes to combat by turning to some of the same people who help spread them: social media influencers. The UK’s Department for International Development (DFID) will provide £500,000 (approximately $623,000) to the Humanitarian-to-Humanitarian (H2H) Network, an organization made up of approximately 50 other groups that fought misinformation during the Ebola outbreak in 2013.


6 – Brave to generate random browser fingerprints to preserve user privacy

The Brave browser is working on a feature that will randomize its “fingerprint” every time a user visits a website in an attempt to preserve the user’s privacy. Brave’s decision comes as online advertisers and analytics firms are moving away from tracking users via cookies to using fingerprints. This shift began last year, in May 2019, after Google announced plans to block third-party tracking cookies. Throughout 2019, advertisers and analytics providers have begun adapting to this upcoming change, that came with the release of Chrome 80, in February 2020. Nowadays, most advertising and analytics firms are relying on “user fingerprints” as their primary method of tracking users across the web.


7 – Coronavirus-linked hacks likely as Czech hospital comes under attack

As countries around Europe enact drastic measures to try to contain the spread of the Covid-19 coronavirus, a hospital in Brno, Czechia, has been forced to cancel all planned operations and farm out acute patients to other hospitals after falling victim to a major cyber attack. At the time of writing, according to local media reporting, the exact nature of the attack on University Hospital Brno was unknown, but it is understood that hospital staff have had to turn off IT systems, suggesting that its infrastructure may have been encrypted by ransomware. The incident was confirmed by the Czech National Office for Cyber and Information Security (NÚKIB). In a statement on its website, a spokesperson said NÚKIB was notified about the incident on the morning of 13 March.


8 – With painted faces, artists fight facial recognition tech

As night falls in London, Georgina Rowlands and Anna Hart start applying makeup. Instead of lipstick and eyeliner, they’re covering their faces with geometric shapes. Rowlands has long narrow blue triangles and thin white rectangles criss-crossing her face. Hart has a collection of red, orange and white angular shapes on hers. They’re two of the four founders of the Dazzle Club, a group of artists set up last year to provoke discussion about the growing using of facial recognition technology. The group holds monthly silent walks through different parts of London to raise awareness about the technology, which they say is being used for “rampant surveillance.” Other concerns include its lack of regulation, inaccuracy and how it affects public spaces.


9 – Don’t Use Tor Right Now If You’re Working From Home

With more people staying at home and working remotely to avoid the COVID-19 outbreak, online security has become an even higher priority. Using a web browser that respects user privacy and keeps your data safe is a telecommuting necessity, but you should probably avoid using the Tor web browser for now, even though it’s one of the best ways to anonymize your web activity. According to the Tor development team, a bug is accidentally allowing Javascript to run on webpages even when users have specifically disabled it or have the browser’s strictest settings turned on (via ZDNet). Disabling and blocking Javascript is one of Tor’s key features, but the malfunction undermines its safety and makes the browser potentially dangerous for users who rely on its anonymity since companies, government entities, and even hackers can use Javascript to find IP addresses.


10 – Google is making a coronavirus information site to help find testing as more kits become available

Google and its parent company Alphabet are working on a website for coronavirus testing, according the internal materials viewed by CNBC and an announcement by President Donald Trump on Friday. Trump said during a press conference announcing a state of emergency due to the coronavirus that Google has 1,700 engineers working on the effort now. The screening website from Google will be where people can fill out a questionnaire and learn how they can get a test for the coronavirus, government officials said during the press conference. The website will have options to learn about risk factors and symptoms of coronavirus.


11 – Coronavirus tracking app locks up Android phones for ransom

A malicious Android app that supposedly helps track cases of the coronavirus actually locks users’ phones and demands a ransom in order to restore access. Dubbed CovidLock, the newly discovered ransomware performs a screen-lock attack by forcing a change in the password required to unlock a phone, explains DNS threat intelligence company DomainTools today in a blog post authored by Tarik Saleh, senior security engineer and malware researcher. For Android Nougat devices and later versions, the attack only works if the user never bothers to set a password in the first place. Victims are given a 48-hour deadline to pay a $100 ransom in bitcoin. 


12 – French antitrust body fines Apple 1.1 billion euros for anti-competitive behavior

France’s competition watchdog on Monday fined iPhone maker Apple 1.1 billion euros for anti-competitive behavior in its distribution network and an abuse of economic dependence on its resellers. Apple wholesalers Tech Data and Ingram Micro were also fined 76 million and 63 million euros, respectively, for unlawfully agreeing on prices, the authority said. “Apple and its two wholesalers have agreed not to compete with each other and to prevent distributors from competing with each other, thereby sterilizing the wholesale market for Apple products,” the authority’s head Isabelle de Silva said.

Related Posts