AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 5/5/2020

New Firefox service will generate unique email aliases to enter in online forms

Browser maker Mozilla is working on a new service called Private Relay that generates unique aliases to hide a user’s email address from advertisers and spam operators when filling in online forms. The service entered testing last month and is currently in a closed beta, with a public beta currently scheduled for later this year, ZDNet has learned. Private Relay will be available as a Firefox add-on that lets users generate a unique email address — an email alias — with one click. The user can then enter this email address in web forms to send contact requests, subscribe to newsletters, and register new accounts. “We will forward emails from the alias to your real inbox,” Mozilla says on the Firefox Private Relay website.


Make papercraft models of vintage computers and gaming systems

If you’re looking for a nostalgia fix and something crafty to do during your coronavirus lockdown, why not build a vintage computer or gaming system with these easy paper model kits? These highly detailed color paper models are free to download and share. “Construct the computer from your childhood or build an entire computer museum at home with these paper models,” artist and designer Rocky Bergen wrote about his papercraft kits. Just print, cut, score, fold and glue these papercraft computer models of the Amiga 500, Apple II, Apple Lisa, IBM 5150 personal computer, Radio Shack’s TRS-80 Model III, and IMSAI 8080. You can also print out and make vintage gaming systems like the Commodore 64, Sega Master System and Atari 520ST.


Uber is developing tech to ensure drivers wear face masks

Uber is coming to terms with the new reality imposed by the COVID-19 pandemic, and it’s using technology to make sure everyone adjusts. The company has confirmed to CNN Business that it’s requiring face masks or similar coverings for both drivers and passengers in countries like the US, and is developing technology to detect whether or not drivers are abiding by those rules. It didn’t elaborate on how the technology would work, although Uber already has a Real Time ID-check feature that periodically asks drivers to take selfies. A CNN tipster added that Uber was looking into ways to ensure riders wore masks, although privacy concerns clearly make that more difficult.


Love Bug’s creator tracked down to repair shop in Manila

The man behind the world’s first major computer virus outbreak has admitted his guilt, 20 years after his software infected millions of machines worldwide. Filipino Onel de Guzman, now 44, says he unleashed the Love Bug computer worm to steal passwords so he could access the internet without paying. He claims he never intended it to spread globally. And he says he regrets the damage his code caused. “I didn’t expect it would get to the US and Europe. I was surprised,” he said in an interview for Crime Dot Com, a forthcoming book on cyber-crime. The Love Bug pandemic began on 4 May, 2000. Victims received an email attachment entitled LOVE-LETTER-FOR-YOU. It contained malicious code that would overwrite files, steal passwords, and automatically send copies of itself to all contacts in the victim’s Microsoft Outlook address book.


Yelp is making it easier for businesses to highlight their virtual services

As businesses struggle to reinvent themselves in the midst of the COVID-19 pandemic, Yelp  is launching new features to help highlight these changes. For one thing, it’s adding a new information category called virtual service offerings, which will allow businesses to showcase the fact that they’re providing things like virtual consultations, classes, tours and performances. Then anyone browsing Yelp can search for those categories. The company said businesses are already starting to introduce virtual services to their profiles, particularly in the categories of home services, fitness, gyms, health and real estate. And Yelp plans to create new Collections that highlight businesses that are still open and providing these services.


Power Supply Can Turn Into Speaker for Data Exfiltration Over Air Gap

A researcher has demonstrated that threat actors could exfiltrate data from an air-gapped device over an acoustic channel even if the targeted machine does not have any speakers, by abusing the power supply. Some isolated systems may have their audio hardware disabled in an effort to prevent stealthy data exfiltration. However, researcher Mordechai Guri from the Cyber-Security Research Center at the Ben-Gurion University of the Negev in Israel has shown that a piece of malware can cause a device’s power supply unit to generate sounds that can be picked up by a nearby receiver. The malware, which requires no special permissions, can modulate information from the air-gapped device over the acoustic signals and send them to a smartphone that “listens.” This method can be used to exfiltrate passwords, encryption keys, and files from PCs, servers and even IoT devices that have no audio hardware.

Related Posts