AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 9/9/2019

South Korean Firm’s Email Leak Exposes Global Clients

Security researchers have discovered a South Korean company leaking highly sensitive client and personal emails, which has refused to engage with either them or journalists asking for more info. Industrial pipe manufacturer DKLOK exposed an unprotected email database to the public internet, where white hat hackers from vpnMentor were able to probe it using simple port scanning techniques. “Our team was able to access this database through a vulnerability in a peripheral system linked to their email hosting service, which has left its entire email database unsecured and unencrypted,” it explained in a blog post.

 

SalesPharce: Hackers Exploit Salesforce, Phish Partners and Customers

Avanan recently uncovered a phishing attack that was using Salesforce’s invoice-sending functionality against one of our customers (a Fortune 500 company). Hackers compromised one of their vendors’ Salesforce account to send the customer phishing emails with fake invoices. Because these fake invoices replicated the patterns of legitimate invoices, they were almost untraceable by the security layers of Office 365. 

 

Apple Disputes Some Details of Google’s Project Zero Report on iOS Security Vulnerabilities

Google’s Project Zero last week shared details about multiple serious iOS vulnerabilities that allowed malicious websites to access a victim’s phone. Apple says the attack was “narrowly-focused” rather than a broad-based exploit of iPhones as described. Fewer than a dozen websites targeting Uighur Muslims were affected, according to Apple. Further, Apple says that Google created a false impression of mass exploitation, causing fear among iPhone owners.

 

Australia is getting a new cybersecurity strategy

The federal government wants an updated strategy to cover the current cyber threat climate, publishing a discussion paper [PDF] that seeks to gain a better understanding of the magnitude of the threats faced by Australian businesses and families, saying that as the threat evolves, so too must government’s response. The Australian government in April 2016 launched the country’s current cybersecurity strategy, handing over AU$230 million to the cause. “Despite making strong progress against the goals set in 2016, the threat environment has changed significantly and we need to adapt our approach to improve the security of business and the community,” Minister for Home Affairs Peter Dutton is attributed as saying in the discussion paper’s foreword.

 

Apple, Samsung slapped with class action over handset RF emissions

The class action suit, filed with the U.S. District Court for the Northern District of California on Friday, claims RF radiation emitted from smartphone devices designed and manufactured by Apple and Samsung exceed legal limits set forth by the Federal Communications Commission. Further, the case takes issue with marketing materials that claim the products operate within regulated guidelines, with neither company issuing warnings about potential negative health effects related to the allegedly high RF emissions.

 

WoW Classic reportedly continues to be affected by DDoS attacks

World of Warcraft Classic has been hit by DDoS attacks this weekend, which started on Saturday, and although Blizzard says the issues are now resolved, some players are still reporting that they are unable to log in on certain servers. As Kotaku reports, these DDoS attacks began at around 11 AM ET (3pm UK time) yesterday, with a group going by the name of UKDrillas claiming responsibility, stating on Twitter that they would cycle through WoW Classic servers with their DDoS fire (the group’s Twitter account has since been suspended).

 

A.I. technology could identify those at risk of fatal heart attacks, research claims

Researchers at the University of Oxford have developed artificial intelligence (AI) technology that could identify whether someone is at high risk of a fatal heart attack years before it occurs. Machine learning has been used to create a fingerprint called a “fat radiomic profile.” It’s able to identify “red flags” such as inflammation, scarring and changes in blood vessels that supply blood to the heart. Factors such as these point to future heart attacks.

 

Australia blocks access to eight websites showing video of New Zealand mosque attacks

Australia has ordered internet service providers to block access to eight websites still showing footage of deadly attacks on two mosques in New Zealand earlier this year. Most websites quickly removed links to the video, but Australia’s eSafety commissioner Julie Inman Grant said on Sunday eight local sites had defied her requests for the content to be deleted. The blocking of the eight websites comes amid a concentrated effort by Australia to clamp-down on the sharing of violent content online.

 

U.S. Cyber Command Shares 11 New Malware Samples

U.S. Cyber Command has released 11 malware samples to the malware aggregation tool and repository, VirusTotal. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review U.S. Cyber Command’s VirusTotal page to view the samples. CISA also recommends users and administrators review the CISA Tip on Protecting Against Malicious Code for best practices on protecting systems and networks against malware.

 

Russia accuses Google, Facebook of election interference

A new country says Google and Facebook may have interfered in its elections — just maybe not the one you’d expect. Officials in Russia have said that Google and Facebook published election-related ads in violation of the country’s laws, Reuters reported.  Yes, you read that correctly: Russia is accusing the two tech giants of election interference. At issue are laws that prohibit political ads “during elections on Sunday and on the preceding day,” according to Reuters. Russia’s Roskomnadzor, the government body that oversees the country’s media laws, has said Facebook and Google both ran ads during Sunday elections. 

 

Huawei Eyes ProtonMail as It Searches for Gmail Alternative

ProtonMail is in talks with Huawei Technologies Co. about including its encrypted email service in future mobile devices, part of the Chinese phone maker’s plan to develop an alternative to Alphabet Inc.’s Google ecosystem. The Swiss company’s service could come preloaded on future Huawei mobile devices or be offered inside its app store, AppGallery, said Andy Yen, ProtonMail’s chief executive officer. The company hasn’t made a final decision about offering its service on Huawei’s channel, he said.

Related Posts