AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 9/5/2019

Scamming You Through Social Media

Many of us have received phishing email, either at work or home. These emails look legitimate, such as from your bank, your boss, or your favorite online store, but are really an attack, attempting to pressure or trick you into taking an action you should not take, such as opening an infected email attachment, sharing your password, or transferring money. The challenge is, the more savvy we become at spotting and stopping these email attacks, the more cyber criminals try other ways of contacting and scamming us.

US and Poland sign agreement to cooperate on 5G technology

The U.S. and Poland signed an agreement Monday to cooperate on new 5G technology as concerns grow about Chinese telecommunications giant Huawei. Vice President Mike Pence and Polish Prime Minister Mateusz Morawiecki signed the deal in Warsaw, where Pence is filling in for President Donald Trump, who scrapped his trip at the last minute because of Hurricane Dorian. The signing comes during a global battle between the U.S. and Huawei, the world’s biggest maker of network infrastructure equipment, over network security and fears of Chinese access.

Brazilian citizen data under threat with sale of national tech firms

One of the state-controlled firms the Brazilian government is planning to sell has voiced concerns around areas including citizen data protection as the privatization agenda advances. Employees at the Social Security Technology and Information Company (Dataprev) released a manifesto following the announcement that the company is one of the assets that Jair Bolsonaro’s government is looking to sell in order to raise 1.3 trillion reais ($313 billion). Dataprev provides technology information services to the Brazilian social welfare system. It treats and stores data related to millions of citizens on benefits. The federal data processing service, Serpro, is also on the privatization list.

North Korea denies it amassed $2 billion through cyberattacks on banks

A United Nations report seen by Reuters last month said North Korea had used “widespread and increasingly sophisticated” cyberattacks to steal from banks and cryptocurrency exchanges, amassing $2 billion which it used to fund weapons of mass destruction programs. “The United States and other hostile forces are now spreading ill-hearted rumors,” North Korea’s state-run KCNA news agency reported, citing a statement from the spokesperson for the National Coordination Committee of the DPRK for Anti-Money Laundering and Countering the Financing of Terrorism.

Huawei hasn’t given up on Australia as it plugs 6G smarts

Even though Australia blindly followed the US down the Huawei-accusation rabbit hole, the Chinese vendor hasn’t given up on the country, using the 6G carrot to tempt the Aussies back into the fray. Speaking at the Emerging Innovation Summit in Melbourne, a Huawei executive suggested Australian decision-makers have been short-sighted in addressing cyber-security concerns. “The current approach being taken towards cyber-security on 5G mobile networks solves absolutely nothing – and that will be exposed further in 6G,” said Huawei Australia Chief Technology and Cyber Security Officer David Soldani.

Coin-mining malware jumps from Arm IoT gear to Intel servers

A coin-mining malware infection previously only seen on Arm-powered IoT devices has made the jump to Intel systems. Akamai senior security researcher Larry Cashdollar says one of his honeypot systems recently turned up what appears to be an IoT malware that targets Intel machines running Linux. “I suspect it’s probably a derivate of other IoT crypto mining botnets,” Cashdollar told The Register. “This one seems to target enterprise systems.”

Facebook shrugs as Free Basics private key found to be signing unrelated apps

Facebook has insisted that losing control of the private key used to sign its Facebook Basics app is no biggie despite totally unrelated apps from other vendors, signed with the same key, popping up in unofficial repositories. Targeted mainly at third-world countries, Facebook Basics is the latest incarnation of Internet.org and Free Basics. The idea was to offer free access to Facebook-owned internet properties (and only Facebook-owned ones) with the intention of getting the great unconnected hooked on The Social Network, WhatsApp and Instagram.

Cracked Passwords for Poshmark Accounts Being Sold Online

Dehashed login details for customers of Poshmark, an online marketplace for buying and selling used clothes and accessories, have been circulating online following the data breach a few months ago. At the beginning of the year, Poshmark announced that it had 40 million community members. According to data breach platform Have I Been Pwned, login details of more than 36 million customers were acquired by an unauthorized party. The data includes email addresses, hashed passwords, gender, geographic location, names, and usernames.

Over a billion Android phones vulnerable to phishing attack

A new report from Check Point Research has uncovered a security flaw that could leave users open to advanced phishing attacks that would steal personal information. The company says that hundreds of millions of Android phones across the world are at risk from the attack, with devices from Samsung, Huawei, LG and Sony among those affected. The flaw allowed hackers to steal user email addresses using counterfeit Android SMS messages that have been custom-engineered to intercept all email traffic to and from mobiles. 

Lawmakers Want to Expand DHS’ Cyber Monitoring Program to State and Local Governments

A bipartisan pair of lawmakers are trying to make the Continuous Diagnostics and Mitigation program a permanent fixture in the government’s cybersecurity toolkit. Launched in 2013 by the Homeland Security Department, the program offers agencies across government a full suite of cyber tools, dashboards and services. The tools and their associated sensors feed network data back to a central dashboard, which gives both agencies and Homeland Security officials a bird’s-eye view of the government’s cyber landscape. Lawmakers want to make it easier for agencies to put data collected under the initiative to good use.

Mozilla flips the default switch on Firefox tracker cookie blocking

From today Firefox users who update to the latest version of the browser will find a pro-privacy setting flipped for them on desktop and Android  smartphones, assuming they didn’t already have the anti-tracking cookie feature enabled. Mozilla  launched the Enhanced Tracking Protection (ETP) feature in June as a default setting for new users — but leaving existing Firefox users’ settings unchanged at that point. It’s now finishing what it started by flipping the default switch across the board in v69.0 of the browser.

Chicago super-hacker rousted from prison for grand jury grilling

A convicted hacker from Glendale Heights who’s serving 10 years in prison for breaking into corporate and government computer systems has been subpoenaed to appear in front of a federal grand jury in Virginia. Supporters of Jeremy Hammond, an idolized member of the Anonymous hacking group, say that prosecutors want Hammond to testify against his will to a grand jury in Alexandria. Hammond disciples believe the subpoena is related to a federal investigation of WikiLeaks and its founder Julian Assange. The appearance is apparently set for next Tuesday.

Google finally adds image blocking to Gmail on the iPhone

Google today added a new setting to the iOS version of its Gmail app that will let you more easily block unwanted email tracking. The setting in question, the ability to prevent Gmail from automatically loading attached images, used to be found only on the web version of Gmail. Toggling that setting on allows Gmail to block incoming images, including invisible email trackers hiding in the body of email messages that, in most cases, will tell senders when and sometimes even where you opened the message.

Android exploits are now worth more than iOS exploits for the first time

Zerodium, a company which claims it buys and then resells software exploits to government and law enforcement agencies, has updated its price list today, and Android exploits are worth more than iOS exploits for the first time ever. According to the company, starting today, a zero-click (no user interaction) exploit chain for Android can get hackers and security researchers up to $2.5 million in rewards. A similar exploit chain impacting iOS is worth only $2 million.

Facebook’s latest security lapse exposes millions of user phone numbers and more

Facebook’s latest privacy lapse has exposed over 400 million user records on a server that wasn’t protected with a password. TechCrunch reports today that each record contained a user’s Facebook ID and the phone number linked to their account. The server included records across several databases, including 133 million records for US Facebook users, as well as records for 18 million UK users and over 50 million users in Vietnam. Each record included a user’s Facebook ID, which TechCrunch describes as a “long, unique, and public number associated” with Facebook accounts. That ID can then be used to figure out an account’s username. Each record also contained a user’s phone number, and in some instances name, gender, and location by country.

Facebook, Google meet intelligence agencies to talk 2020 election security

Both intelligence agencies and tech companies are gearing up to secure the 2020 US election, and that apparently includes some heart-to-heart conversations between the two. Bloomberg sources have learned that Facebook, Google, Microsoft and Twitter are meeting members of the FBI, Homeland Security and the Office of the Director of National Intelligence to discuss the industry’s security strategy. This reportedly includes plans for tighter coordination between tech and government, as well as curbing disinformation campaigns.

Related Posts