AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 8/30/2019

NIST Wants Insight on Combatting Telehealth Cybersecurity Risks

The National Institute of Standards and Technology wants to hear from vendors who can deliver technical expertise and products that can help secure health organizations’ telehealth capabilities.  According to a notice set to be published in the Federal Register Thursday, the agency wants vendors to provide insight and demonstrations to support the National Cybersecurity Center of Excellence’s health care sector-specific use case, “Securing Telehealth Remote Patient Monitoring Ecosystem.” “This notice is the initial step for the NCCoE in collaborating with technology companies to address cybersecurity challenges identified under the health care sector program,” officials wrote. 


Malware Takes Down Lumber Liquidators’ Network

North American hard-surface flooring retailer Lumber Liquidators this week revealed that it managed to restore most of its network after a malware attack disabled parts of it for nearly a week.  The incident, the company said, was discovered on August 21, when its network and computer systems started showing signs of a malware infection that “ultimately disabled certain corporate and store systems nationwide.” The company says it started remediation operations and the investigation into the incident almost immediately. In addition to mobilizing its own team to address the infection, the company also employed outside expertise.


Venmo Is Still Exposing Your Connections to Everyone You Know

In an open letter to PayPal leadership published Wednesday, the Electronic Frontier Foundation and the Mozilla Foundation are urging Venmo to fix its privacy practices. “We are writing to express our deep concern about Venmo’s disregard for the importance of user privacy, and to call on Venmo to make two critical changes to its privacy settings: make transactions private by default, and give users privacy settings for their friend lists,” the letter states. Venmo, which is owned by PayPal, is an app for charging and paying people for things as small as a bar tab and as big as rent checks and beyond.


Starbucks Abandons Azure Site, Exposed Subdomain to Hijacking

An oversight from Starbucks exposed one of its subdomains to takeover threat, which could be further leveraged in attacks against customers and the company. A security researcher found that a Starbucks subdomain had a DNS pointer to an Azure cloud host that had been abandoned. The problem is that anyone registering the cloud host would receive data intended for the subdomain. The error consisted in leaving active for the subdomain “datacafe-cert.starbucks.com” a CNAME (canonical name) record that pointed to an abandoned resource on Azure with the name “s00397nasv101-datacafe-cert.azurewebsites.net.”


City approves $5M more for ongoing cyberattack remediation

Baltimore City’s spending panel voted Wednesday to spend another $5 million to help cover the cost of repairs following a May ransomware attack on the city’s computer network. Already $5.3 million has been spent on professional services and equipment to address the breach, which the city’s budget office has estimated will cost around $18 million in total. The May 7 hack gummed up city operations such as permitting and real estate settlement deals, locked city employees out of their email accounts for weeks and shut down the Department of Public Works’ water billing system for three months. Billing was recently resumed in early August.


Android 10 coming soon, with important privacy upgrades

It’s official: Android 10, the next version of the Android operating system, ships 3 September 2019. Well, it’s semi-official, at least. Mobile site PhoneArena reports that Google’s customer support staff let the date slip to a reader during a text conversation. Expect the operating system, also known as Android Q, to hit Google’s Pixel phones first before rolling out to other models. It will include a range of privacy and security improvements that should keep Android users a little safer.


Harvard student denied entry into US due to friends’ social media posts

The US government’s probing visa applicants’ social media profiles apparently resulted in a Harvard student being denied entry into the US on Friday. Ismail Ajjawi, who lives in Lebanon, was questioned for hours at Boston’s Logan airport and ultimately had his visa canceled after immigration officials searched his phone and laptop, according to The Harvard Crimson. After the search, an officer questioned the 17-year-old about his friends’ social media activity and told him she’d found some “posting political points of view that oppose the US,” the student paper noted. Despite Ajjawi’s protests, the officer denied the student’s entry and let him call his parents.


Related Posts