AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 8/15/2024

US appeals court rules geofence warrants are unconstitutional 

A federal appeals court has ruled that geofence warrants are unconstitutional, a decision that will limit the use of the controversial search warrants across several U.S. states. The Friday ruling from the U.S. Court of Appeals for the Fifth Circuit, which covers Louisiana, Mississippi and Texas, found that geofence warrants are “categorically prohibited by the Fourth Amendment,” which protects against unwarranted searches and seizures. Civil liberties and privacy advocates applauded the ruling, which effectively makes the use of geofence warrants unlawful across the three U.S. states for now. 

 

AutoCanada discloses cyberattack impacting internal IT systems 

Hackers targeted AutoCanada in a cyberattack last Sunday that impacted the automobile dealership group’s internal IT systems, which may lead to disruptions. The company says that it took action immediately after detecting the incident to protect its network and data. External cybersecurity experts have been contracted to help with containment and remediation efforts. The investigation has yet to determine if any data has been compromised during the incident. 

 

Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now 

Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems using IPv6, which is enabled by default. Found by Kunlun Lab’s XiaoWei and tracked as CVE-2024-38063, this security bug is caused by an Integer Underflow weakness, which attackers could exploit to trigger buffer overflows that can be used to execute arbitrary code on vulnerable Windows 10, Windows 11, and Windows Server systems. 

 

Google Warns of Iranian Cyber-Attacks on Presidential Campaigns 

An Iranian state-backed threat actor is targeting individuals associated with the Harris and Trump Presidential campaigns, according to Google’s Threat Analysis Group (TAG). The group, APT42, has been observed attempting to compromise email accounts of individuals associated with the respective US Presidential campaigns via spearphishing attacks. TAG said APT42 targeted the personal email accounts of roughly a dozen affiliated with President Biden and with former President Trump, including current and former officials in the US government, in May and June. 

 

Russia-Backed Hackers Target Human Rights Groups With Sophisticated Emails 

A Russian hacker ring is targeting human rights groups around the globe with sophisticated spear phishing campaigns. Two campaigns, highlighted in a new report from digital rights group Access Now and the University of Toronto’s Citizen Lab, appear to be the work of the Russian government or those closely aligned with its interests. The first, known as ColdRiver, targeted people between April and June 2024 and “is attributed to the Russian Federal Security Service (FSB),” Citizen Lab says. The second, ColdWastrel, operated between October 2022 and August 2024 and is “distinct from ColdRiver, [with] targeting that we have observed aligns with the interests of the Russian government.” 

Related Posts