AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 3/26/2020

You Can FaceTime Your Doctor Now

Last week, the Centers for Medicare and Medicaid Services (CMS) and the Department of Health and Human Services (HHS) announced two measures to expand telehealth access for patients across the country. As of March 6, 2020, providers can offer telehealth visits to all of their Medicare and Medicaid patients, regardless of location, and still get reimbursed for the costs. (Previously, only patients in certain rural areas were eligible.) And, until further notice, the HHS Office for Civil Rights (OCR) has chosen not to enforce HIPAA Rules violations for telehealth services. In other words, for the duration of the COVID-19 public health emergency, healthcare providers can communicate with any patient, anywhere, via video chat without getting dinged for HIPAA noncompliance.


Google Podcasts app comes to iOS as part of a larger redesign

It turns out that an updated Android app was just the start of Google’s plans for a Podcasts overhaul. The internet giant has released its first version of Podcasts for iOS, giving you a way to listen to the likes of Dolly Parton’s America or The Engadget Podcast (you knew we’d plug it) that syncs with virtually any device where your Google account works. This new app is also a showcase for a larger redesign (including on Android and the web) meant to not only help you find new shows, but satisfy your curiosity about subjects mentioned in those shows.


Sony says PlayStation might experience ‘slower or delayed game downloads’

You might be using your PS4 a whole lot more during the coronavirus outbreak, but Sony warned that downloads may slow down as it works with carriers to keep the internet running smoothly. It seems the warning only applies to Europe for now, as the company follows streaming services like Netflix and Disney Plus in throttling downloads. “Players may experience somewhat slower or delayed game downloads but will still enjoy robust gameplay,” PlayStation boss Jim Ryan said in a release Tuesday, implying that multiplayer gaming won’t be impacted.


UK banks scramble to protect customers from wave of coronavirus scams

UK banks are stepping up fraud prevention measures to protect customers from scammers eager to exploit the coronavirus pandemic with a whole range of new tricks, including fake sales of medical supplies and bogus government relief schemes. With British households effectively on lockdown, some banks said customers had already been caught out by fraudsters posing as banks, government and even health service providers to persuade victims to hand over passwords or other sensitive data. Barclays , HSBC , Lloyds Banking Group and Royal Bank of Scotland have launched social media campaigns to flag ploys. Metro Bank said its fraud team was still operating a 24-hour, seven-day service to help affected customers.


China borrowing Russian tactics to spread coronavirus disinformation

Amidst the COVID-19 pandemic, China’s state-backed information operations have been following Russia’s playbook for spreading disinformation, an expert on the subject told a panel on Monday. The Chinese Communist Party, typically thought to run disinformation operations aimed at controlling the narrative, is mirroring behavior that is historically associated with  Russian disinformation — spreading chaos and confusion. In this case, it’s about whether the coronavirus actually originated in China, Laura Rosenberger, the director of the Alliance for Securing Democracy, said during a disinformation event hosted by the CyberPeace Institute (CPI), a nonprofit founded last year to call out malicious cyber activities.


Abuse.ch Launches Free Malware Repository

A newly launched service from abuse.ch aims to make it easy for the community to share known malware samples and access additional intelligence on them. Called MalwareBazaar, the service is provided for free for both commercial and non-commercial usage, and only collects known malware samples, which are then shared with the community. Only vetted malware samples are accepted, but not adware or potentially unwanted applications (PUA/PUP). Using the service, anyone can download as many malware samples as they like, search for samples by malware family name, fuzzy hashing and tags, and access additional information about malware samples distributed via email by using spamtrap data. An extensive API for automation is also provided, along with support for the export of hashes, and daily malware batches available for download. 


Tech Giant GE Discloses Data Breach After Service Provider Hack

Fortune 500 technology giant General Electric (GE) disclosed that personally identifiable information of current and former employees, as well as beneficiaries, was exposed in a security incident experienced by one of GE’s service providers. GE is a multinational operating in a wide range of tech segments including aviation, power, healthcare, and renewable energy, and it is currently ranked by Fortune 500 as the 21st-largest company in the U.S. by revenue. GE currently has customers in more than 180 countries and in excess of 280,000 employees according to the company’s 2018 annual report.


FireEye warns about the proliferation of ready-made ICS hacking tools

FireEye security researchers warn that the proliferation of hacking tools with capabilities for targeting industrial control systems (ICS) is lowering the entry bar for attackers and increasing risks for organizations operating in the industrial sector. In a study published today, the US cybersecurity firm said it analyzed all the hacking tools with ICS targeting capabilities that were released in recent years. “While some of the tools included in our list were created as early as 2004, most of the development has taken place during the last 10 years,” FireEye said today. Most of the tools were vendor agnostic, the company said, having the ability to scan for generic indicators usually found on all ICS networks.


Verizon gives all mobile customers 15GB of extra data during coronavirus pandemic

Verizon has announced that it is automatically adding 15GB of high-speed data to wireless plans in response to the coronavirus pandemic. Additionally, the company announced it will waive overage charges and late fees for those affected by the crisis, waive internet and voice service for those on its discount Lifeline plan, and reiterated its previous pledge of free international calling for consumer wireless and home voice customers to CDC level 3 countries, among other efforts. The changes are in response to the Federal Communications Commission’s 60-day Keep Americans Connected Pledge. The pledge asks US internet service providers to not terminate service for residential and small business customers, waive late fees incurred as a result of the pandemic, and provide open access public Wi-Fi hotspots to “any American who needs them.” It also urges companies to suspend data caps and fees for long distance calls.


Attorney General James Asks GoDaddy and Other Online Registrars to Halt and De-list Domain Names Used for Coronavirus-Related Scams and Fake Remedies

New York Attorney General Letitia James today sent letters to a number of domain name registrars — including GoDaddy.com, Dynadot.com, Name.com, Namecheap.com, and Registrar.com, as well as the Endurance International Group, which owns Bluehost.com, Domain.com, and HostGator.com — in an effort to stop the registration and use of internet domain names by individuals trying to unlawfully and fraudulently profit off consumers’ fears around the coronavirus disease 2019 (COVID-19). Over the last two months, the Office of the Attorney General (OAG) has seen a spike in coronavirus-related domains being registered for the purposes of deceptive advertising, phishing schemes, and malware dissemination.


Mozilla Firefox Gets a HTTPS Only Mode For More Secure Browsing

Mozilla Firefox 76 is getting a new ‘HTTPS Only’ mode that automatically upgrades all HTTP requests to HTTPS when browsing the web and blocks all connections that can’t be upgraded. When connecting to an HTTP site, your connection is not encrypted and your ISP and programs running on the computer can monitor the data being sent over it. This includes your passwords, credit card info, and other sensitive information. Due to this, it is always recommended that you only use HTTPS sites, which encrypt the connection between the browser and the web site.


Babbel makes its language learning app free for all US students

Babbel, the Berlin-based paid language learning app, today announced that, in light of the COVID-19 pandemic, it is making its service available for free to all K-12 and college students until the end of the term. Previously, the company offered a similar deal for students in Italy, the U.K., Germany, Spain and France. The service currently offers courses for Spanish, French, German, Italian, Portuguese, Polish, Russian, Dutch, Turkish, Danish, Norwegian, Swedish, Indonesian and English. Students who want to sign up (or whose parents force them to do so) only need a valid school address to get started.


Hackers Are Taking Over Twitter Accounts to Advertise Face Masks

Hackers have taken over a wave of Twitter accounts to aggressively advertise a website that claims to be selling face masks and toilet paper during the coronavirus pandemic. The news highlights the sorts of unusual steps those trying to make a profit during the pandemic are taking. Accounts posted hundreds of tweets linking to the website over the last few hours. “Wearing mask make you away from COVID-19,” one tweet in broken English from a hacked account reads, which then includes a tweet to a website called “Masks 2 U.”


On Google Search, Scammy Unemployment Ads Are Targeting Some of the Most Vulnerable People

Pandemics don’t just stress test the physical and mental health for potentially millions of folks across the country, but their livelihoods as well. Close to one-fifth of Americans have reported either being laid off or having their hours slashed in the wake of the covid-19 outbreak, with the newly jobless in every state from Colorado to Utah, to Iowa flooding their respective unemployment offices with no sign of stopping anytime soon. Of course, panicked people aren’t just turning to these offices for answers—they’re also turning to Google. In the past week, we’ve seen spikes in searches for phrases like “unemployed,” “laid off,” and “unemployment benefits,” to name a few. While many of these searchers will find the information they’re looking for, too many are likely to encounter Google ads for sites that could scam them out of their hard-earned savings. And Google is so far continuing to allow these ads to run.


ZenKey: How Major Mobile Carriers Are Teaming Up to Eliminate Passwords

Four major U.S. carriers are developing a new single sign-on variant they believe will do away with the need for passwords. Their solution is new mobile app called ZenKey that securely ties the user’s device to the carrier, and the carrier logs on to the service. Once set up, no passwords or additional third party are are involved — it’s as simple as ‘log on with Facebook’ without involving Facebook. Online business faces two competing demands: more secure authentication to fight the booming cyber fraud industry, and more friction-free authentication to attract and keep increasingly fickle customers. The difficulty is that ‘enhanced security’ and ‘friction-free’ are two mutually exclusive concepts. It is a circle that needs to be squared — those companies that succeed will thrive; those that fail will languish.


Telecoms are sneaking ‘stay home’ messages onto customers’ smartphones

Some mobile phone operators, including Vodafone and Orange S.A., have started inserting coronavirus-related public health suggestions to stay indoors onto customers’ smartphones in recent days, using the small snippet of text that typically accompanies the connection signal symbols in the top left of a phone screen. According to social media consultant Matt Navarra, who began posting and retweeting examples to his Twitter account on Tuesday afternoon, messages are appearing on the phones of customers in Germany, courtesy of UK-based telecom Vodafone.


Digital bullying and exclusion: How to keep our kids emotionally safe while they’re home

With crisis comes opportunity and what’s happening in our world with the coronavirus is no exception. We will all be forced to communicate, convene and connect more virtually during this time of disruption. This is an opportunity to teach our children better digital citizenship and to set an example by practicing it ourselves.  It’s time to give our kids a whole new way of looking at their devices and apps. This is an opportunity to plant the seeds of a movement that replaces cyber-bullying with cyber-compassion.


YouTube to Limit Video Quality Around the World for a Month

YouTube will reduce the quality of videos around the world starting Tuesday, an effort by the world’s most popular video site to ease internet traffic during the coronavirus outbreak. Over the coming days, viewers will at first see YouTube videos in standard definition, the company said. Users will still be able to watch in high definition if they want, but will have to choose to do so. YouTube, part of Alphabet Inc.’s Google, is extending a policy it already instituted in Europe, where regulators have asked major streaming services, including Netflix Inc. and Amazon Prime Video, to reduce their bandwidth usage.


Related Posts