AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – April, 10, 2019

1 Huawei would reportedly sell 5G chips to Apple, if U.S. ban isn’t an issue

In what may be the most unlikely business deal of the year, Huawei is apparently interested in selling 5G chips to Apple — exclusively. The team-up would make plenty of sense, if it wasn’t for the continued swirling of global controversies over the security of Huawei’s 5G hardware. The unlikely prospect of a Huawei-Apple deal was reported today by Engadget, which claims that Huawei is “open” to selling its Balong 5000 modems solely to Apple as the U.S. company struggles to move from the older 4G cellular standard to new 5G chips. Recent reports have suggested that Apple is continuing to wait on long-time partner Intel to offer an iPhone-suitable 5G modem, but might be waiting longer than 2020 — a suggestion Intel has rebuffed. Apple has apparently opted not to use 5G chips from Qualcomm, Samsung, or Mediatek, leaving only itself and arguably Huawei as options.

 

2 SEC Allows Shareholder Votes on Amazon Facial "Rekognition"

Amazon shareholders will get the opportunity to vote on two non-binding shareholders' resolutions concerning the Amazon Rekognition facial recognition system. Amazon sought to exclude the resolutions from its upcoming annual meeting (usually in May) but was informally told by the SEC that it couldn't do so. Amazon appealed this, but were told by the SEC on 3 April 2019, "we find no basis to reconsider our position." The votes will go ahead. The two resolutions are couched in terms of a business threat to Amazon from sales of Rekognition, but are primarily concerned with civil liberties issues. The first resolution calls for a halt to sales of the product to government (that is, law enforcement) unless the board "concludes the technology does not pose actual or potential civil and human rights risk." The second calls for an independent study into whether the technology may "endanger, threaten, or violate" privacy or civil rights.

 

3 Myspace songs come back from the dead

Somebody stuck their arm into the back of their backup cupboard, rummaged around, and dragged out a small (but perhaps important to someone) fraction of the 50 million Myspace songs that the social platform admitted to losing in a server migration. The Internet Archive has published those retrieved tunes and put them up in a catalog of 490,000 mp3 files. The source of the collection, it said, is an “anonymous academic study,” conducted between 2008 and 2010, that was analyzing music networks while Myspace was still active. During the research, those participating in the study downloaded 1.3 terabytes of music from the service. When the news of Myspace’s mega-fumble came to light, the researchers contacted the Internet Archive and offered to send over the files.

 

4 Ongoing DNS Hijacking Campaign Targets Gmail, PayPal, Netflix Users

A DNS hijacking campaign that has been ongoing for the past three months is targeting the users of popular online services, including Gmail, PayPal, and Netflix. As part of the campaign, the attackers compromised consumer routers to modify their DNS settings and redirect users to rogue websites to steal their login credentials. Bad Packets security researchers, who have been following the attacks since December, have identified four distinct rogue DNS servers being used to redirect web traffic for malicious purposes. “All exploit attempts have originated from hosts on the network of Google Cloud Platform (AS15169),” the researchers reveal.

 

5 Anti-Semitic comments have flooded a New Jersey Facebook page. The state wants Facebook to step in.​

Anti-Semitic comments, such as arguments for eradicating Jews “like Hitler did,” have flooded a New Jersey Facebook page. And the state’s attorney general wants Facebook to step up and start monitoring them. A letter sent by the office’s Division on Civil Rights highlighted anti-Semitic comments left on a Lakewood, New Jersey, group’s page that officials say illustrates the “rising tide of hate” around the state and country. The anonymous group, called Rise Up Ocean County, allegedly promotes negative stereotypes of Orthodox Jews to discourage new residents and development. The group’s profile photo — which includes a cross, a Star of David, and the Islamic star and crescent — brands the page as "united against anti-gentilism,” or what its members consider prejudice against non-Jews.

 

6 VoterVoice database leaks email addresses, messages to elected officials

An unsecured database at VoterVoice exposed a trove of personal information, including more than 300,000 unique email addresses, home addresses and phone numbers of people who have sent messages to legislators or participated in campaigns around hot political topics through “the grassroots advocacy system.”  “In a leak that has an eerie resemblance to the 2016 leak of voter data via Facebook, this incident at VoterVoice has the potential to have far-reaching impacts,” said Warren Poschman, senior solutions architect with comforte AG.

 

7 Microsoft lets Windows users off the update leash

The company is changing the way that Windows Update downloads and installs releases, enabling users to delay them. In older versions of Windows, users could choose which updates they wanted to install. Home editions of Windows 10 bucked that trend with a single ‘check for updates’ button that downloaded and installed everything. Not clicking the box wouldn’t save you from forced updates; the OS would eventually go and get them anyway. Professional editions were at least able to delay updates using a ‘defer upgrades’ option. This allowed business users to wait until sacrificial guinea pigs using the home edition had been burned first. In a blog post announcing the change, corporate VP of Windows Mike Fortin acknowledged that the mandatory update process isn’t every user’s cup of tea.

 

8 NSA Releases the Dragon

The National Security Agency is now sharing the source code of Ghidra, its reverse engineering tool developed by the agency’s Research Directorate in support of its cybersecurity mission. Ghidra, a suite of software analysis tools, examines complied code using capabilities such as disassembly, assembly, decompilation, graphing and scripting. Ghidra helps analyze malicious code and malware and improves cybersecurity professionals’ understanding of potential vulnerabilities in their networks and systems. With this release, developers can now collaborate, create patches and extend the tool to fit their cybersecurity needs. The source code repository contains instructions about how to build on all support platforms, including Window, Mac OS and Linux. In addition, users may develop their own Ghidra plug-in components and scripts using the exposed application program interface.

 

9 Firefox draws battle lines against push notification spam

Mozilla doesn’t yet know how to solve the problem of website push notification spam in the Firefox browser, but it wants you to know it’s working on it. If you’re a sentient web user, the push notification phenomenon needs little explanation: visit a site and it almost immediately throws up a prompt that asks you whether you’re happy to “allow notifications.” Unlike other annoying website pop-ups, push permissions are powerful because they can activate even when users are not on that website. In extreme examples, they’re deployed by scam sites as a way of pushing fake extensions and rogue sites, unleashing today’s equivalent of the endless adware pop-ups that used to swarm browsers. Push notifications have become so ubiquitous that Mozilla’s own telemetry suggests they are now by some distance the most frequently shown permission request, generating 18 million of them in the month to 25 January for a sample set of its users.

 

10 Microsoft confirms you really, really don’t need to ‘safely remove’ USB flash drives anymore

You know how every tech expert in your life told you how crucially important it was to safely eject a flash drive before ripping it out of your PC? Have you been that tech expert yourself? Well, Microsoft is confirming once and for all that — in Windows 10 — it’s no longer a thing you need to worry about. Windows 10 has a feature called “quick removal” that lets you yank a drive anytime (so long as you’re not actively writing files to it), and it’s now the default setting for each new drive you plug in as of Windows 10 version 1809, according to Microsoft’s own support guidance. Basically, “quick removal” keeps Windows from continuously trying to write to a flash drive, which could help in the event you disconnect it.

 

11 Bitcoin wallet Electrum hit by DoS attack from 140,000-strong botnet

The servers of popular Bitcoin $BTC0.02% wallet Electrum are under heavy attack, and users are advised to be extra careful when using the platform until it’s resolved. A sophisticated botnet of more than 140,000 machines has launched Denial-of-Service (DoS) attacks on Electrum‘s servers, with apparent intent to direct users to compromised versions of the software designed to steal their Bitcoin. Bad actors have even deployed their own Electrum servers hosting “backdoored” versions of the Electrum client en masse. If a user successfully syncs their vulnerable Electrum wallet with a malicious server (hundreds detected so far), they’re instructed to “update” their client with a hacked version.

 

12 BC Pension Plan warns 8,000 people about privacy breach after box goes missing

About 8,000 College Pension Plan members are receiving notification from the B.C. Pension Corporation that their personal information may be at risk after a box went missing during an office move earlier this year. The box contained microfiche with personal information of members who worked from 1982 to 1997. Some of the information includes, names, social insurance numbers and dates of birth. "We did an extensive search and because we couldn't find it, we took the safe route and declared a breach," said Sherry Sheffman with the B.C. Pension Corporation. BC Information and Privacy Commissioner Michael McEvoy said in a statement that the breach was discovered in October of 2018, after the corporation moved offices in September. However, the public body did not report the missing personal information to his office until March 8.

 

13 The government is about to permanently bar the IRS from creating a free electronic filing system

Thanks to pressure from tax preparation industry, Congress is getting ready to ban the Internal Revenue Service  from ever building a free electronic tax filing system. As ProPublica reports, the effort is a bipartisan one. The House Ways and Means Committee, led by Massachusetts Democrat, Richard Neal, passed the Taxpayer First Act. The bill would make changes to the IRS and is sponsored by Georgia Democratic Congressman John Lewis  and Mike Kelly, a Republican from Pennsylvania. One of its stipulations would make it illegal for the IRS to create its own online system for tax filing. That’s right, members of Congress are prohibiting a branch of the federal government from providing a much-needed service that would make the lives of all of their constituents much easier.

Related Posts