AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 5/12/2020

Google expects its staff to work from home until 2021 and it’s not alone

According to a Bloomberg report, Sundar Pichai, Google’s CEO, told Google employees on Thursday to be ready to work remotely through October and possibly to the end of the year. Actually, a Google spokeswoman said most Google workers are expected to work from home until 2021. So, life’s going back to normal? Not at this tech giant.  It’s not just Google. Facebook has also told its staffers that most of them can continue to work from home through the end of the year. Zillow, the online real-estate company, has also announced that its people can work from home until 2021. And, Sagicor, a major Caribbean’s insurance provider, announced their employees would be working from home until 2021.

 

Microsoft now blocks reply-all email storms to end our inbox nightmares

Microsoft is rolling out a new reply-all protection feature for Office 365 and Exchange Online. It’s designed to prevent email storms (reply allpocalypse), when hundreds or thousands of people start replying to an email thread after someone forgot to BCC everyone or a distribution list was misconfigured. The new block feature will mostly benefit large organizations, and is initially being rolled out to detect 10 reply-all emails to over 5,000 recipients within 60 minutes. “Over time, as we gather usage telemetry and customer feedback, we expect to tweak, fine-tune, and enhance the Reply All Storm Protection feature to make it even more valuable to a broader range of Office 365 customers,” explains Microsoft’s Exchange transport team.

 

North Korean hackers infect real 2FA app to compromise Macs

Hackers have hidden malware in a legitimate two-factor authentication (2FA) app for macOS to distribute Dacls, a remote access trojan associated with the North Korean Lazarus group. Dacls has been used to target Windows and Linux platforms and the recently discovered RAT variant for macOS borrows from them much of the functionality and code. The threat actor planted the malware in the freely available MinaOTP application that is prevalent among Chinese users. A sample of its weaponized version with the name TinkaOTP was uploaded from Hong Kong last month to the VirusTotal scanning service.

 

US government plans to urge states to resist ‘high-risk’ internet voting

The Department of Homeland Security has come out strongly against internet voting in new draft guidelines, breaking with its longstanding reluctance to formally weigh in on the controversial issue, even after the 2016 Russian election hacking efforts. The move comes as a number of states push to expand the use of ballots cast online. The eight-page document, obtained by the Guardian, pulls no punches in calling the casting of ballots over the internet a “high-risk” endeavor that would allow attackers to alter votes and results “at scale” and compromise the integrity of elections. The guidelines advise states to avoid it altogether or restrict it to voters who have no other means of casting a ballot.

 

Ransomware Hit ATM Giant Diebold Nixdorf

Diebold Nixdorf, a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. The company says the hackers never touched its ATMs or customer networks, and that the intrusion only affected its corporate network. Canton, Ohio-based Diebold [NYSE: DBD] is currently the largest ATM provider in the United States, with an estimated 35 percent of the cash machine market worldwide. The 35,000-employee company also produces point-of-sale systems and software used by many retailers.

Related Posts