AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 4/26/2024

FCC votes to restore Obama-era network neutrality rules

The Federal Communications Commission (FCC) on Thursday voted to restore Obama-era network neutrality rules that reclassify Internet service providers like Comcast and Charter under Title II of the Communications Act. The vote was along party lines, with three commissioners voting in favor of the restoration of network neutrality rules and two commissioners dissenting. Supporters of the measure, including some within the FCC, said a restoration of network neutrality rules would ensure Internet traffic is treated equitably and indiscriminately. Those proponents include Consumer Reports, which responded positively to the FCC’s vote on Thursday.


FBI warns against using unlicensed crypto transfer services

The FBI has warned today that using unlicensed cryptocurrency transfer services can result in financial loss if law enforcement takes down these platforms. This announcement is aimed at crypto transfer platforms not registered as Money Services Businesses (MSB) and non-compliant with anti-money laundering requirements as mandated by U.S. federal law. Such cryptocurrency services are frequently targeted by law enforcement operations, particularly if criminals use them to transfer or launder funds acquired through unlawful means.


Russian hacking group claims responsibility for cyberattack on Indiana wastewater plant

A video by a Russian hacking group claiming responsibility for last week’s cyberattack on Tipton West Wastewater Treatment Plant in Indiana surfaced on social media Thursday. It’s evidence of the latest cyberattack by nation state cybercriminals targeting water facilities in small towns across the United States. The “People’s Cyber Army of Russia” took credit last Saturday for the incident on the messaging app Telegram. A message accompanying the video read: “We continue to look partially cover our series of work on US infrastructure. Today, we’ll look at Indiana. Let’s consider the work on municipal water treatment plants. Enjoy watching, friends.”


Millions of IPs remain infected by USB worm years after its creators left it for dead

A now-abandoned USB worm that backdoors connected devices has continued to self-replicate for years since its creators lost control of it and remains active on thousands, possibly millions, of machines, researchers said Thursday. The worm—which first came to light in a 2023 post published by security firm Sophos—became active in 2019 when a variant of malware known as PlugX added functionality that allowed it to infect USB drives automatically. In turn, those drives would infect any new machine they connected to, a capability that allowed the malware to spread without requiring any end-user interaction. Researchers who have tracked PlugX since at least 2008 have said that the malware has origins in China and has been used by various groups tied to the country’s Ministry of State Security.


Almost every Chinese keyboard app has a security flaw that reveals what users type

Almost all keyboard apps used by Chinese people around the world share a security loophole that makes it possible to spy on what users are typing. The vulnerability, which allows the keystroke data that these apps send to the cloud to be intercepted, has existed for years and could have been exploited by cybercriminals and state surveillance groups, according to researchers at the Citizen Lab, a technology and security research lab affiliated with the University of Toronto. These apps help users type Chinese characters more efficiently and are ubiquitous on devices used by Chinese people. The four most popular apps—built by major internet companies like Baidu, Tencent, and iFlytek—basically account for all the typing methods that Chinese people use. Researchers also looked into the keyboard apps that come preinstalled on Android phones sold in China. 


The Army is trying to identify all the obstacles to adopting AI in 100 days

Poisoned data sets, trojan horses, and ever-changing cyber threats could derail the Army’s plan to broadly adopt AI. But a new 100-day plan aims to root out obstacles and prepare the service to scale third-party models and algorithms. The plan, released in March by the Army’s assistant secretary for acquisitions, logistics and technology, comes after the Army released a software directive that aims to help the service—and industry partners—deliver capabilities faster by mimicking how commercial developers work. 


Related Posts