AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 9/27/2019

Microsoft challenges ‘sneak and peek’ warrant that requests data from one of its big corporate customers

Microsoft said on Wednesday it was challenging a federal judge’s order that prevents the software maker from informing one of its large corporate customers that the U.S. government has issued a warrant for the customer’s data. “We have challenged that order in the lower court, and we will pursue an appeal in the appellate court if necessary,” said Dev Stahlkopf, Microsoft’s general counsel said in a blogpost.

 

AG Barr Seeks DOJ Facebook Antitrust Probe, Despite the Already Launched FTC Inquiry

The Justice Department intends to investigate Facebook after prodding from U.S. Attorney General William Barr, according to a person familiar with the matter, even though the Federal Trade Commission already has an inquiry underway. The social-media giant now faces parallel probes by two federal agencies over whether it has harmed competition in violation of antitrust laws. The Justice Department’s case will focus on conduct that’s separate from what the FTC is examining, said the person, who declined to be named because the matter is confidential. The two federal inquiries are in addition to investigations by state attorneys general and the House Judiciary Committee.

 

Couple says Nest home security system hack turned into worst nightmare ever

Samantha and Lamont Westmoreland installed the $700 system, which included a Nest camera, doorbell and thermostat, in their Milwaukee home in 2018, WGNO-TV reported. It seems the system worked fine until last week when Samantha Lamont said she returned home from work Tuesday and discovered the temperature inside her home was 90 degrees. She told WITI-TV she thought it was a glitch and reset the thermostat, but what followed was anything but a glitch. The hacker reset the couple’s thermostat to 90 degrees and even spoke to them through their kitchen camera before playing vulgar music, they said. 

 

Twitter details new policies designed to crack down on financial scams

Twitter  says it’s expanding its policies to prohibit financial scams on its platform — something you’d think would have already been banned, but apparently was never directly addressed through Twitter’s policy documentation. Instead, financial scams until now have been handled through Twitter’s spam reporting tool, which was expanded last year to specifically identify what exact type of spam a tweet contained.

 

REvil (Sodinokibi) Ransomware Targets Chinese Users with DHL Spam

A new spam campaign is underway that is targeting Chinese recipients to trick them into installing the REvil (Sodinokibi) Ransomware. This spam campaign was discovered by security researcher onion and pretends to be an email from DHL stating that the delivery of a package has been delayed due to an incorrect customs declaration. It then proceeds to inform the recipient that they must download the enclosed “Customs documents”, fill them out correctly, and send it back in order for the package to be properly delivered.

 

A second mass breach of Ecuadorian personal data is discovered on a German server

Security researchers have discovered yet another unsecured server exposing sensitive data on Ecuadorian citizens. According to Bloomberg News, the server is located in Germany and is being used by an Ecuadorian company called DataBook. The server, hosting the details of some 17 million Ecuadorian people, was spotted by Noam Rotem and Ran Locar, two Israeli computer programmers, who do security research in their free time.

 

Hackers looking into injecting card stealing code on routers, rather than websites

Security researchers at IBM have found evidence that hackers have been working on creating malicious scripts they can deploy on commercial-grade “Layer 7” routers to steal payment card details. This discovery is a game-changer in what researchers call Magecart attacks, also known as web skimming. These are attacks where hackers plant malicious code on an online store that records and steals payment card details.

 

‘But who’s in charge’ is the question for feds in cybersecurity

It was an issue pondered aloud by Sen. Ron Johnson, R-Wisc., the chairman of the Senate’s Homeland Security committee. Johnson said Sept. 19 he had recently sat through a classified 5G briefing with cabinet officials and had a similar inquiry then. “The No. 1 question I [had] is ‘who’s in charge? Who is actually doing the problem definition when it comes to our challenge with 5G?,’” Johnson said at the Cybersecurity and Infrastructure Security Agency’s second annual national cybersecurity summit at National Harbor. “And nobody would really answer the question.”

 

DoorDash Data Breach Exposes Info of Roughly 5 Million Users

DoorDash has announced a data breach where an unauthorized user was able to gain access to the personal information of 4.9 million consumers, Dashers, and merchants. In a security notice published on their site and through emails being sent to affected users, DoorDash states that an unauthorized party was able to gain access to user data on May 4, 2019. The data is only for users, Dashers, and merchants who joined their platform on or before April 5, 2018.

Related Posts