AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – April 16, 2019

On Saturday, Microsoft confirmed to TechCrunch that some users of the company’s email service had been targeted by hackers. A hacker or group of hackers had first broken into a customer support account for Microsoft, and then used that to gain access to information related to customers’ email accounts such as the subject lines of their emails and who they’ve communicated with. But the issue is much worse than previously reported, with the hackers able to access email content from a large number of Outlook, MSN, and Hotmail email accounts, according to a source who witnessed the attack in action and described it before Microsoft’s statement, as well as screenshots provided to Motherboard. Microsoft confirmed to Motherboard that hackers gained access to the content of some customers’ emails.


2 The Nasty List Phishing Scam is Sweeping Through Instagram

A new phishing scam called the "The Nasty List" is sweeping through Instagram and is targeting victim’s login credentials. If a user falls victim, the hackers will utilize their accounts to further promote the phishing scam. The Nasty List scam is being spread through hacked accounts that send messages to their followers stating that they were spotted on a so-called "Nasty List". These messages state something like "OMG your actually on here, @TheNastyList_34, your number is 15! its really messed up." According to screenshots shared with BleepingComputer, the scammers attempt to send these messages to all followers of a hacked account. If a recipient visits the listed profile, it will be named something like "The Nasty", "Nasty List", or "YOUR ON HERE!!". The profiles include a description similar to "People are really putting all of us on here, I’m already in 37th position, if your reading this you must be on it too." or "WOW you are really on here, ranked 100! this is horrible, CANT WAIT TO REVEAL THE TOP 10!" as shown below.


3 San Francisco inches closer to banning facial recognition

San Francisco took a step closer to becoming the first city in the country to ban facial recognition software use with the passage of some amendments to the Stop Secret Surveillance ordinance today. The ordinance will face additional public comment before the County Board of Supervisors votes on it, said Supervisor and Rules Committee chair Aaron Peskin. “The propensity for facial recognition technology to endanger civil rights and civil liberties substantially outweighs its purported benefits, and the technology will exacerbate racial injustice and threaten our ability to live free of continuous government monitoring,” reads the ordinance as proposed by Peskin in January. Surveillance technology is defined by the city as including things like license plate readers, surveillance cameras, software designed to forecast criminal activity, and biometrics such as iris scanners and facial or gait recognition software.


4 Google agrees to pay $3.8 million to Louisville to clean up failed fiber roadways

Google has agreed to pay Louisville $3.84 million in order to restore roads and public rights-of-way following the tech giant’s exit from the fiber business in the city. On Monday, the Louisville Metro Government (LMG) said the amount has been agreed to fulfill Google’s obligations under franchise agreements and local regulations, which state that rights-of-way must be restored should a service provider remove itself from the area. Over the next 20 months, Google will make the payments to cover the cost of the removal of fiber cable and sealant from roads; milling and paving to restore walkways and road systems; and the removal of above-ground infrastructure. The hefty bill relates to Google’s exit from the fiber market in the city, based in Kentucky. As reported by sister site CNET, Google Fiber performed an experiment in the area called "micro-trenching," which was designed to speed up the deployment of gigabit cables in cities.


5 Facebook challenged to give TED talk on political ads

The investigative journalist who revealed the Cambridge Analytica scandal has demanded answers from tech giants about political ads. In her TED talk, Carole Cadwalladr called on the executives of Facebook and Twitter to come to the conference and discuss their role in influencing elections around the world. Twitter boss Jack Dorsey is due to speak later this week. TED curator Chris Anderson also invited Facebook to address the conference. Alongside staff of the New York Times, Cadwalladr was named as a finalist for the prestigious Pulitzer Prize for journalism for her work on the Cambridge Analytica story. It involved the discovery that an academic at the University of Cambridge used a personality quiz to harvest up to 87 million Facebook users’ details.


6 CERT, CISA Warn of Vuln in at Least 4 Major VPNs

The US-CERT Cybersecurity and Infrastructure Security Agency issued a warning today after CERT Coordination Center reported that multiple VPN vendors store authentication and/or session cookies insecurely in memory and/or log files. "If an attacker has persistent access to a VPN user’s endpoint or exfiltrates the cookie using other methods, they can replay the session and bypass other authentication methods," the CERT advisory states. "An attacker would then have access to the same applications that the user does through their VPN session." CERT confirmed that Cisco, Palo Alto Networks, F5 Networks, and Pulse Secure products are affected by this vulnerability. However, the issue is repaired in the latest versions of Palo Alto’s products and partly fixed in F5’s. 


7 Amazon ‘flooded by fake five-star reviews’ – Which? report

Online retail giant Amazon’s website is flooded with fake five-star reviews for products from unfamiliar brands, consumer group Which? has claimed. Top-rated reviews on popular items such as headphones, smart watches and fitness trackers were dominated by unknown brands, its probe concluded. Thousands of these were unverified, meaning there was no evidence the reviewer bought the product, it said. Amazon said it was using automated technology to weed out false reviews. It said it invested "significant resources" to protect its review system "because we know customers value the insights and experiences shared by fellow shoppers". "Even one inauthentic review is one too many," it added. But Which?’s probe suggested fake reviews were commonplace.

Related Posts