AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 4/8/2020

Firefox’s revamped address bar is designed to make searching a lot faster

Mozilla has given Firefox’s address bar a refreshed look and a couple of updates that can make searches go faster. To start with, the browser will now enlarge the address bar whenever you want to do a search and will show the popular sites that show up when you type with larger fonts and shorter URLs. It has also introduced “smarter searches,” which shows additional bolded keywords as you type. The hope is that it can suggest search strings you might not have thought of that can help you find what you’re looking for a lot faster. Clicking on the address bar will now automatically show your most visited websites, as well. And in case you’ve already got one of those websites open, Firefox will show a “Switch to Tab” shortcut right next to its URL.

 

Hacker ‘Ceasefire’ Gets Little Traction as Pandemic Fuels Attacks

Internet users have seen a surge in COVID-related cyberattacks and fraud schemes which could add to the misery of the pandemic, even as some hackers have called for dialing back their criminal efforts. A deluge of attacks has included phishing emails purported to be from health agencies, counterfeit product offers and bogus charity donation requests, according to security analysts. Over the past month, at least 100,000 new web domain names were registered containing terms like covid, corona, and virus, many of which are considered “malicious,” according to a report prepared for the global internet registry agency ICANN. “The pandemic has led to an explosion of cybercrime, preying upon a population desperate for safety and reassurance,” said the report released this week by Interisle Consulting Group.

 

Rights groups appeal to governments over COVID-19 surveillance

Digital and human rights groups have joined in a rare worldwide appeal to governments to respect privacy when handling the COVID-19 crisis. As the number of known COVID-19 cases around the world exceeds 1.2m and the number of deaths reaches 70,000, more than 100 groups signed a letter to governments urging them to be measured in their response to the virus. They should consider human rights in their effort to track the potential spread of the disease among their populations, the letter said: States’ efforts to contain the virus must not be used as a cover to usher in a new era of greatly expanded systems of invasive digital surveillance. Signatories included technology-focused groups such as AI Now, Algorithm Watch, and the World Wide Web Foundation, along with human rights groups like Amnesty International and Human Rights Watch. Several country-specific groups like the Irish Council for Civil Liberties and the Swedish Consumers’ Association also signed up.

 

WhatsApp Tightens Sharing Limits to Curb Virus Misinformation

WhatsApp on Tuesday placed new limits on message forwarding as part of an effort to curb the spread of misinformation about the coronavirus pandemic. The new policy limits users to forwarding certain messages to one “chat” at a time, aiming to limit the rapid propagation of content which is provocative but likely to be false. The Facebook-owned messaging platform said it took the action to enable people to concentrate on personal and private communications during the health crisis. In recent weeks, “we’ve seen a significant increase in the amount of forwarding which users have told us can feel overwhelming and can contribute to the spread of misinformation,” WhatsApp said in a blog post. “We believe it’s important to slow the spread of these messages down to keep WhatsApp a place for personal conversation.”

 

PayPal and Venmo Are Letting SIM Swappers Hijack Accounts

Several major apps and websites, such as Paypal and Venmo have a flaw that lets hackers easily take over users’ accounts once they have taken control of the victim’s phone number. Earlier this year, researchers at Princeton University found 17 major companies, among them Amazon, Paypal, Venmo, Blizzard, Adobe, eBay, Snapchat, and Yahoo, allowed users to reset their passwords via text message sent to a phone number associated with their accounts. This means that if a hacker takes control of a victim’s cellphone number via a common and tragically easy to perform hack known as SIM swapping, they can then hack into the victim’s online accounts with these apps and websites.

 

FBI Anticipates Rise in Business Email Compromise Schemes Related to the COVID-19 Pandemic

Fraudsters will take advantage of any opportunity to steal your money, personal information, or both. Right now, they are using the uncertainty surrounding the COVID-19 pandemic to further their efforts. Business email compromise (BEC) is a scam that targets anyone who performs legitimate funds transfers. Recently, there has been an increase in BEC frauds targeting municipalities purchasing personal protective equipment or other supplies needed in the fight against COVID-19. In a typical BEC scheme, the victim receives an email they believe is from a company they normally conduct business with, but this specific email requests funds be sent to a new account or otherwise alters the standard payment practices.

Related Posts