AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 7/29/2020

Dave ShinyHunters hack exposes 7.5 million user records

Overdraft protection and cash advance service Dave suffered a data breach that appeared to involve the practices of a former third-party vendor, resulting in its database containing 7.5 million user records being sold at auction and then released later for free on hacker forums. The stolen information, which appeared to be taken by hacking group ShinyHunters, included personal user information including names, emails, birth dates, physical addresses and phone numbers, but not bank account numbers, credit card numbers, records of financial transactions, or unencrypted Social Security numbers, according to a company blog post. Third-party vendor Waydev, a former business partner that used to work with Dave, apparently used compromised OAuth tokens.


Apple Glass headset could sense users’ physiological states

Apple Watch already features heart rate-tracking technology. But Apple may go even further with its biometric-reading tech — and it could be used to make an eventual Apple Glass head-up display more reactive to users in the process. Published Thursday, a new Apple patent application describes how the company could turn information such as temperature and brainwave-reading into an assessment of the “physiological condition of the user.” It means that Apple is interested in Apple Glass being able to figure out how a user is feeling. The headset could then change content accordingly.


Source code from dozens of companies leaked online

Source code from exposed repositories of dozens of companies across various fields of activity (tech, finance, retail, food, eCommerce, manufacturing) is publicly available as a result of misconfigurations in their infrastructure. A public repository of leaked code includes big names like Microsoft, Adobe, Lenovo, AMD, Qualcomm, Motorola, Hisilicon (owned by Huawei), Mediatek, GE Appliances, Nintendo, Roblox, Disney, Johnson Controls; and the list keeps growing. The leaks have been collected by Tillie Kottmann, a developer and reverse engineer, from various sources and from their own hunting for misconfigured devops tools that offer access to source code.


This is what a deepfake voice clone used in a failed fraud attempt sounds like

One of the stranger applications of deepfakes — AI technology used to manipulate audiovisual content — is the audio deepfake scam. Hackers use machine learning to clone someone’s voice and then combine that voice clone with social engineering techniques to convince people to move money where it shouldn’t be. Such scams have been successful in the past, but how good are the voice clones being used in these attacks? We’ve never actually heard the audio from a deepfake scam — until now. Security consulting firm NISOS has released a report analyzing one such attempted fraud, and shared the audio with Motherboard. The clip below is part of a voicemail sent to an employee at an unnamed tech firm, in which a voice that sounds like the company’s CEO asks the employee for “immediate assistance to finalize an urgent business deal.”


Chinese Drone Giant DJI Responds to Disclosure of Android App Security Issues

France-based cybersecurity company Synacktiv recently conducted an analysis of the DJI GO 4 application for Android. The app allows users to control and manage their DJI drones, and it’s mainly designed for recreational products. DJI, similar to Huawei and several other major Chinese tech companies, has come under scrutiny over the past few years, with some U.S. government officials and agencies being concerned that it may be assisting the Chinese government’s spying efforts. DJI has always denied these accusations and it has pointed to analysis conducted by the U.S. Department of Homeland Security and Booz Allen Hamilton, which shows that there is no evidence the company’s government and professional drones send user data to DJI, China or other third parties. Synacktiv’s analysis, which has been validated by US-based cybersecurity company GRIMM, found several security holes. 


TikTok dumps QAnon channels, following Twitter’s crackdown

The only thing social media companies can seemingly agree upon when it comes to moderating content on their platforms is that QAnon crosses the line. TikTok has removed a number of hashtags associated with the far-right conspiracy theory group, limiting the spread of the group that the FBI has described as a domestic terrorism threat. The company has made it more difficult for users to search for popular hashtags, reportedly including “QAnon” and “QAnonTruth,” among others, following a similar announcement from Twitter that it would remove 7,000 accounts and limit 150,000 more.

Related Posts