AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 4/30/2024

Encrypted email service files DMA complaint claiming it vanished from Google Search

Tutao, known for the encrypted email service Tuta Mail, has filed a Digital Markets Act (DMA) complaint to the EU over an alleged de-ranking in Google Search. Google Search rankings are all too familiar to search engine optimization (SEO) specialists charged with ensuring web pages rise to the top of search results. In the case of Tutao’s products – Tuta Mail and Tuta Calendar – all was going well until the beginning of March 2024, when the company claims tuta.com was abruptly de-ranked in Google Search. Rather than being displayed as a search result of thousands of keywords, the count dropped to the hundreds, the developer alleges. Matthias Pfau, co-founder of Tuta Mail, said: “This reduction in Google Search took us by surprise as we did not change anything on our website during that time. We tried to reach out to Google about this issue, but were met with radio silence.”

 

Hackers Claim to Have Infiltrated Belarus’ Main Security Service

A Belarusian hacker activist group claims to have infiltrated the network of the country’s main KGB security agency and accessed personnel files of over 8,600 employees of the organization, which still goes under its Soviet name. The authorities have not commented on the claim, but the website of the Belarusian KGB was opening with an empty page on Friday that said it was “in the process of development”. Seeking to back up its claim, the Belarusian Cyber-Partisans group published a list of the website’s administrators, its database and server logs on its page in the messaging app Telegram.

 

Google Chrome’s new post-quantum cryptography may break TLS connections

Some ​Google Chrome users report having issues connecting to websites, servers, and firewalls after Chrome 124 was released last week with the new quantum-resistant X25519Kyber768 encapsulation mechanism enabled by default. Google started testing the post-quantum secure TLS key encapsulation mechanism in August and has now enabled it in the latest Chrome version for all users. The new version utilizes the Kyber768 quantum-resistant key agreement algorithm for TLS 1.3 and QUIC connections to protect Chrome TLS traffic against quantum cryptanalysis.

 

UK becomes first country to ban default bad passwords on IoT devices

Seven years ago, a cyberattack left many of the most popular websites based in the United States inaccessible. For three extended periods on October 21, 2016, internet users were left without their doses of Twitter, CNN and Netflix among other popular sites. Naturally there was speculation about the powerful threat actors who could have caused such a disruption. But the incident was not conducted by a hostile state. It turned out to be extremely unsophisticated, just a distributed-denial-of-service attack targeting Dyn, a company which provided Domain Name System (DNS) services — a critical part of the internet’s communications structure.

 

Collection agency FBCS warns data breach impacts 1.9 million people

Financial Business and Consumer Solutions (FBCS) is warning 1,955,385 impacted individuals in the United States that the company suffered a data breach after discovering unauthorized access to specific systems in its network. FBCS is a nationally licensed debt collection agency in the U.S., specializing in collecting unpaid debts from consumer credit, healthcare, commercial, auto loans and leases, student loans, and utilities. According to a data breach notification sample the firm shared with the authorities late last week, on February 26, 2024, it discovered that unauthorized actors had breached its network since February 14, 2024.

Related Posts