Our website may use cookies to improve and personalize your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense or Google Analytics. By using the website, you consent to the use of cookies. We’ve updated our Privacy Policy. Please click on the button to check our Privacy Policy.

AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – April 18, 2019

The long night has finally ended. Game of Thrones fans can finally come in from the cold and, like a starving dragon, start devouring the latest and final season of the massively popular TV show. But unlike the fantasy series, what is far more real is the plethora of phishing scams facing enthusiasts. While there have been many such deceptions, from malware via pirate torrent sites to phishing scams, Check Point Research recently came across the latest in this line of malicious activities bent on taking advantage of unsuspecting fans. Below is an example of such a site that uses the official branding of the show that poses as a legitimate competition for fans to win a special gift pack of GoT merchandise. There is however, no such prize and the site instead collects as many email and mobile phone details as possible that could possibly be used in future spamming campaign.

 

2 THE LEGAL PROBLEMS WITH AI AND MUSIC ARE COMING, AND NO ONE’S PREPARED

The word “human” does not appear at all in US copyright law, and there’s not much existing litigation around the word’s absence. This has created a giant gray area and left AI’s place in copyright unclear. It also means the law doesn’t account for AI’s unique abilities, like its potential to work endlessly and mimic the sound of a specific artist. Depending on how legal decisions shake out, AI systems could become a valuable tool to assist creativity, a nuisance ripping off hard-working human musicians, or both.

 

3 Hey, remember that California privacy law? Big Tech is trying to ram a massive hole in it

A proposed amendment to California's new data privacy law would drive a huge hole through the legislation, privacy advocates have warned. The change to the California Consumer Protection Act (CCPA) – in state senate bill 753 – will be reviewed by Cali's Senate Judiciary Committee next week and effectively adds Google and Facebook's entire business models to an exemption list, meaning consumers would not be able to sue tech giants for misusing their personal data. The exemption list is intended to ensure that companies can use personal data if consumers actively agree to it. However a new addition to the limited list would include any business that "shares, discloses, or otherwise communicates to another business or third party an online identifier, an Internet Protocol address, a cookie identifier, a device identifier, or any unique identifier only to the extent necessary to deliver, show, measure, or otherwise serve or audit a specific advertisement to the consumer."

 

4 Major Bug in EA’s Origin Client Gives Hackers the Keys to Your PC

A security vulnerability in the Windows version of Electronic Arts’ Origin client allows hackers to run code with the same privileges as the logged-in user. The online gaming platform, which is available on Windows and macOS to download and launch EA’s games, uses its very own origin:// protocol in browsers to directly load games. Security researchers Daley Bee and Dominik Penner of Underdog Security, discovered a way to abuse this system and run pretty much any app on a compromised host. In a demo for TechCrunch, the two researchers launched the built-in Calculator app after a malicious page was loaded on the target computer.

 

5 Script Kiddies Do What They Do Best: Infect Themselves

It's easy to set up a cybercriminal operation these days. But not all crooks are cut out for this game, some ending up not just infecting their own computers but also leaving identifying evidence on supporting infrastructure that is insecure and open to snooping. Unskilled cybercriminals are common, but what changed over the years is their age, shifting from fully-grown individuals to early-teen children, making the description literal. Various malware strains bundle in all the components required to get the 'business' going, including code for the command and control (C2) server for managing the operation.

 

6 Student used ‘USB Killer’ device to destroy $58,000 worth of college computers

A former student of The College of Saint Rose in Albany, New York, has pled guilty to charges that he destroyed tens of thousands of dollars worth of campus computers using a USB device designed to instantly overwhelm and fry their circuitry. The plea was announced Tuesday by the Department of Justice, FBI, and Albany Police Department. Vishwanath Akuthota, the former student, now faces up to 10 years in prison (with up to three years of supervision after release) and a fine totaling up to $250,000. He was arrested and taken into custody in North Carolina on February 22nd, just over a week after he went on a spree of inserting the “USB Killer” device into 66 of Saint Rose’s computers around various locations on campus. Such devices can be easily and freely purchased online and can overload the surge protection in many PCs.

 

7 Utah Bans Police From Searching Digital Data Without A Warrant, Closes Fourth Amendment Loophole

In a major win for digital privacy, Utah became the first state in the nation to ban warrantless searches of electronic data. Under the Electronic Information or Data Privacy Act (HB 57), state law enforcement can only access someone’s transmitted or stored digital data (including writing, images, and audio) if a court issues a search warrant based on probable cause. Simply put, the act ensures that search engines, email providers, social media, cloud storage, and any other third-party “electronic communications service” or “remote computing service” are fully protected under the Fourth Amendment (and its equivalent in the Utah Constitution).

 

8 Russian Hackers Use RATs to Target Financial Entities

A financially motivated threat actor believed to speak Russian has used remote access Trojans (RATs) in attacks on financial entities in the United States and worldwide, Israel-based security firm CyberInt reports. Tracked by the research community as TA505, the Russian threat group is known for the use of banking Trojans such as Shifu and Dridex, as well as for the massive Locky ransomware campaigns observed several years ago. Over the past months, the actor was observed switching to new backdoors in their attacks, including tRat, which is modular in nature, and ServHelper. Both RATs are written in Delphi.

Related Posts