AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 9/12/2019

‘Cobalt Dickens’ group is phishing universities at scale again, researchers say

An Iran-linked hacking group whose operatives the U.S. government indicted last year has launched a phishing operation to steal login credentials against computer users at over 60 universities in the United States, the United Kingdom, and elsewhere, researchers said Wednesday. The campaign sees victims redirected to spoofed login pages, where their passwords are stolen, said Secureworks, a Dell-owned cybersecurity company that uncovered the activity.


Weakness in Intel chips lets researchers steal encrypted SSH keystrokes

In late 2011, Intel introduced a performance enhancement to its line of server processors that allowed network cards and other peripherals to connect directly to a CPU’s last-level cache, rather than following the standard (and significantly longer) path through the server’s main memory. By avoiding system memory, Intel’s DDIO—short for Data-Direct I/O—increased input/output bandwidth and reduced latency and power consumption. Now, researchers are warning that, in certain scenarios, attackers can abuse DDIO to obtain keystrokes and possibly other types of sensitive data that flow through the memory of vulnerable servers.


Major Groupon, Ticketmaster Fraud Scheme Exposed By Insecure Database

After discovering a cache of 17 million emails exposed on an unsecured database, researchers with vpnMentor began to hunt for its owner — but to their surprise, they found that the database belonged not to a company, but to a sophisticated criminal network. Cybercriminals had been both collecting emails — and creating their own — as part of a major fraud scheme targeting Groupon, Ticketmaster and other major online vendors. Utilizing stolen credit cards, cybercriminals opened millions of fake accounts and used them to buy tickets on various ticket vendor sites, and then resell them to others online. The scheme has been ongoing since 2016, until the fraudsters made a fatal flaw — leaving the emails open to the public on the unsecured database.


Google’s new addiction recovery website is more useful than a Google search

Google is launching a new website it’s calling “Recover Together” that collates resources for addiction recovery in the United States. The site includes Google Maps-based search for resources like recovery support meetings and pharmacies that offer Naloxone without a prescription — it’s a drug that can be used to counteract opioid overdoses. The new site will be linked under the search bar on Google’s most valuable real estate: its home page.


Apple stops signing iOS 12.4 after iOS 12.4.1 patches jailbreak bug

Typical of Apple’s operating system release cycle, the halt to code signing for iOS 12.4 arrives about two weeks after iOS 12.4.1 was pushed out in late August. The point update was issued in large part to close a once-secured flaw that was reintroduced with the release of in iOS 12.4 in June. Google security researchers discovered the vulnerability earlier this year and Apple subsequently squashed the bug in iOS 12.3. Shortly after iOS 12.4 went live, researcher “pwn2ownd” harnessed the software flaw to build a jailbreak as an extension of their ongoing project “unc0ver.” It was one of the first jaibreaks to impact a then-current version of iOS in years.


It Only Takes 3 Hours for Social Media to Worsen Your Mental State

A paper published Wednesday in JAMA Psychiatry shows evidence that for teenagers, using social media for more than 30 minutes a day was linked to increased mental health risks. But the most powerful effects were seen in teens who used social media for more than 3 hours per day. Teenagers in this study who immersed themselves in social media for 3 hours or more each day had a 60 percent higher risk of mental health problems compared to teens who didn’t use social media. Those who spent 6 or more hours more increased their risk by 78 percent.


The Next Generation of Aircraft Will Track Your Bathroom Visits

Attention airline bathroom loiterers: The next generation of Airbus aircraft will track how long you’ve been in there. It’s all part of an effort to make commercial cabins a digitally aware domain. The program is Airbus’s bid to raise the Internet of Things—that buzz-phrase for connected household gadgets—to cruising altitude.  The Airbus Connected Experience aims to give flight attendants a more detailed survey of the cabin, with sensors for such critical data as when bathroom soap is running low and how much toilet paper remains in each bathroom. But the rethinking of the passenger environment doesn’t just stop with the lavatory.


The world’s most viral robot issues new warning: Humans create technology’s problems

Sophia, the viral robot from Hanson Robotics, famous for becoming the first world citizen and once threatening to destroy humankind, is issuing a new warning for how humans operate with technology. In an exclusive interview with Yahoo Finance’s YFi PM, the three-year-old robot noted that inherently imperfect humans coding the technologies of tomorrow remain an error-prone liability. “Humans using technology, that creates problems,” she said, ironically just a few feet from her tethered human operator. “It’s important to be kind and fair. Well, they are my friends, but they can be unkind to each other.”


Vulnerabilities Exposed 2 Million Verizon Customer Contracts

Vulnerabilities discovered by a security researcher in Verizon Wireless systems could have been exploited by hackers to gain access to 2 million customer contracts. UK-based researcher Daley Bee was analyzing Verizon Wireless systems when he came across a subdomain that appeared to be used by the company’s employees to access internal point-of-sale tools and view customer information. Further analysis led to the discovery of a URL pointing to PDF format contracts for Verizon Wireless customers who used the company’s monthly installment program to pay for their devices.


Worldwide Sweep Targets Business Email Compromise

The FBI and federal partners today announced scores of arrests in the United States and overseas in a coordinated law enforcement sweep targeting perpetrators of an insidious scam that tricks businesses and individuals into wiring money to criminals. Operation reWired, a months-long, multi-agency effort to disrupt and dismantle international business email compromise (BEC) schemes, resulted in 281 arrests, including 74 in the United States, officials announced. Arrests were also made in Nigeria, Turkey, Ghana, France, Italy, Japan, Kenya, Malaysia, and the United Kingdom. The sweep resulted in the seizure of nearly $3.7 million and the disruption and recovery of approximately $118 million in fraudulent wire transfers.


Credit card data from Russell Stover breach shows up for sale on the dark web

In an August 30th press release, posted previously on DataBreaches.net, chocolatier Russell Stover disclosed that point-of-sale (POS) terminals in their retail stores appeared to have been compromised by malware. Analysts at Gemini Advisory subsequently identified more than 74,000 Card Present (CP) records available for purchase on the dark web. Sharing their findings exclusively with DataBreaches.net, Stas Alforov, Gemini’s Director of Research and Development, reported that the records were first added to the dark web on August 16, 2019, and included both track 1 and track 2 data, i.e., they included card numbers, expiration dates, and cardholders’ names.


France seeks Facebook Libra cryptocurrency ban in Europe

France’s economic minister declared that the French government intends to block the development of Facebook’s Libra cryptocurrency in Europe because of the systematic threats it poses to financial security and stability. During remarks at an OECD conference dedicated to cryptocurrencies, France’s Bruno Le Maire said that risks are simply too great and trust in Facebook is too low, according to French newspaper Le Figaro.

Related Posts