Our website may use cookies to improve and personalize your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense or Google Analytics. By using the website, you consent to the use of cookies. We’ve updated our Privacy Policy. Please click on the button to check our Privacy Policy.

AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 5/6/2020

The New United Nations Coronavirus Social Distancing App Doesn’t Even Work

This week a division of the United Nations announced its new social distancing app designed to help alert people when they get too close to another person during the ongoing coronavirus pandemic. Motherboard has found that the app, called 1point5, is barely functional, and an independent researcher highlighted how the app may be largely ineffective due to how it informs users when they are near any other device which uses Bluetooth, rather than only mobile phones, which a human is presumably carrying in their pocket. The news highlights the haphazard roll-out of various different apps and technologies that are supposed to help during the pandemic, including those from governments.

 

It’s Not Just Zoom. Google Meet, Microsoft Teams, and Webex Have Privacy Issues, Too

We had already looked at Zoom, which is now fixing a number of privacy and security problems. Next, we decided to evaluate the privacy policies of the biggest, best-known videoconferencing platforms. These are Webex from Cisco; Skype and Teams from Microsoft; and Meet, Duo, and Hangouts from Google. A single privacy policy governs Google’s three videoconferencing services, and Teams and Skype share the same Microsoft privacy policy. “While there are differences among the privacy policies of the different platforms, on balance, the differences aren’t enormous,” says Bill Fitzgerald, a privacy researcher in Consumer Reports’ Digital Lab who analyzed the documents. “And from a privacy point of view, none of these options are great.”

 

Hacker Bribed ‘Roblox’ Insider to Access User Data

A hacker bribed a Roblox worker to gain access to the back end customer support panel of the massively popular online video game, giving them the ability to lookup personal information on over 100 million active monthly users and grant virtual in-game currency. With this access, the hacker could see users’ email address, as well as change passwords, remove two-factor authentication from their accounts, ban users, and more, according to the hacker and screenshots of the internal system. The screenshots shared with Motherboard include the personal information of some of the most high profile users on the platform.

 

Citing hacking threats, Trump limits foreign-sourced equipment in U.S. electric sector

President Donald Trump on Friday issued an executive order barring federal agencies and companies under U.S. jurisdiction from installing foreign-owned equipment in the electric sector that might pose “an unacceptable risk to national security.” The sweeping directive authorizes Trump’s energy secretary, Dan Brouillette, to work with U.S. national security agencies and the energy industry to vet equipment before it gets installed, and to identify vulnerable gear already in place. It is the latest move by the administration to clamp down on foreign-sourced software and hardware, following an order last year covering U.S. companies’ procurement of telecommunications gear.

 

CursedChrome turns your browser into a hacker’s proxy

Last week, a security researcher published a proof-of-concept Chrome extension that turns Chrome browsers into proxy bots, allowing hackers to navigate the web using an infected user’s identity. The tool, named CursedChrome, was created by security researcher Matthew Bryant, and released on GitHub as an open-source project. Under the hood, CursedChrome has two different parts — a client-side component (the Chrome extension itself) and a server-side counterpart (a control panel where all CursedChrome bots report). Once the extension has been installed on a few browsers, the attacker can log into the CursedChrome control panel and establish a connection to each infected host. The link between the extension and the control panel is a simple WebSocket connection that works as a classic HTTP reverse proxy.

 

FCC: No more warnings for robocallers before fines

The US Federal Communications Commission (FCC) today issued an order saying that it will no longer warn robocallers before fining them for harassing consumers and violating the law. Today’s order also extends the timeframe within which the FCC can penalize robocallers for Telephone Consumer Protection Act (TCPA) and spoofing calls violations, and increases the penalties for intentional unlawful robocalls. “Robocall scam operators don’t need a warning these days to know what they are doing is illegal, and this FCC has long disliked the statutory requirement to grant them mulligans,” FCC Chairman Ajit Pai said today.

Related Posts