Our website may use cookies to improve and personalize your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense or Google Analytics. By using the website, you consent to the use of cookies. We’ve updated our Privacy Policy. Please click on the button to check our Privacy Policy.

AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – April 8, 2019

1 Amazon's big internet plan: 3,236 satellites to beam faster, cheaper web to millions

Amazon has plans to establish a constellation of 3,236 satellites in low Earth orbit to patch up areas with poor or no internet connectivity. Amazon's planned push into satellite-delivered broadband is taking shape under Project Kuiper, details of which appear in three documents filed with the International Telecommunication Union (ITU) last month. The documents were filed by Kuiper Systems LLC. First spotted by Geekwire, the documents reveal Amazon plans to put 3,236 satellites at three different altitudes. There would be 784 satellites orbiting at an altitude of 367 miles (590km); 1,296 satellites at 379 miles (610km); and 1,156 satellites at 391-mile (630km). An Amazon spokesperson confirmed the existence of Amazon's satellite broadband ambitions, noting that it was a "long-term project that envisions serving tens of millions of people who lack basic access to broadband internet".

 

2 Michigan medical practice folds after ransomware attack

A Battle Creek, Mich. medical practice is being forced to shut its doors after cyberattackers wiped out its files when the firm refused to pay a ransom. Brookside ENT and Hearing Center’s Dr. William Scalf told wwmt.com the center was hit with ransomware which locked up its files and presented the practice with a $6,500 ransom demand. Scalf and his partner Dr. John Bizon did not believe their files would be released so they refused to pony up the money. As a result, wwmt.com reported, the attackers wiped all the office files including appointment schedules, payment and patient information. Faced with the daunting task of rebuilding their practice’s database from scratch the two doctors instead decided to retire. Until the office closes on April 30 its staff is referring patients to other practices.

 

3 DHS official sounds alarm on authoritarian states ‘operationalizing their tech sectors’

The willingness of authoritarian governments to leverage native tech companies to achieve their national goals has forced U.S. officials to adapt in how they view risk from those companies, according to a senior Department of Homeland Security official. “Our focus is not on the country of origin, or the company, but it’s about what is the rule of law under which that product is potentially subject to,” Chris Krebs, head of DHS’s Cybersecurity and Infrastructure Security Agency, said Thursday at the Cybersecurity Leadership Forum presented by Forcepoint and produced by CyberScoop and FedScoop. The problem lies with foreign tech companies that are subject to government demands without the visibility or appeal process that exists in the United States, he said.

 

4 China admits for the first time that US officials ‘have a point’ on IP theft and hacking

China has acknowledged for the first time that the United States has legitimate gripes about IP theft, forced technology transfer and cyber hacking, White House economic advisor Larry Kudlow told reporters Wednesday. “They have for the first time acknowledged that we have a point. Several points,” Kudlow told reporters at an event hosted by The Christian Science Monitor. Previously, he said, “they were in denial.” “And I think that has led to, you know, good negotiations,” Kudlow added.

 

5 Researchers say the USA is doing a fine job of harboring its own crimeware flingers

A collection of servers found in the US are responsible for some of the nation's biggest malware and phishing attacks. This according to a report from security company Bromium, which said just over a dozen servers are being used to spread 10 of the major malware and phishing campaigns spreading around the internet at the moment, including the infamous Dridex and GandCrab attacks. The findings, said Bromium, should shatter the notion that malware operations are mainly foreign based and operating well outside the reach of US law enforcement. Rather, the friendly hosts that enable these campaigns are operating in our own backyard. "It was interesting to us that the hosting infrastructure is located in the United States and not in a jurisdiction that is known to be uncooperative with law enforcement," Bromium said.

 

6 Apple is letting this app override devices on silent in emergencies

Hedge Tactical Solutions, a real-time emergency response technology, has reached an agreement with Apple Inc. to override the silent setting for its customers who have Apple products such as the iPhone and iPad. Just as all Apple devices emit a loud audible tone during specific events like an amber alert, all Hedge Tactical Solutions customers using Apple products will be alerted to an active shooter situation by a distinct audio alert. “This is a huge step forward in the development of our mobile app technology,” Kevin Grundstrom, founder and CEO of Hedge Tactical Solutions, said. “We know our technology will save lives in the event of an active shooter situation. Now, being able to alert even people whose iPhones are set to silent mode will enable us to notify more occupants of a facility and save even more lives.”

 

7 DHS tech manager admits stealing data on 150,000 internal investigations, nearly 250,000 workers

A federal technology manager admitted Thursday to conspiring with a former acting inspector general of the U.S. Department of Homeland Security to steal a data­base managing more than 150,000 internal investigations and containing personal data of nearly 250,000 DHS employees, court filings show. The manager gave copies of the database — valued at more than $3.1 million and including “critical, confidential information,” a federal judge said at a plea hearing — to a former DHS acting inspector general to develop a commercial version of the management system and sell that back to other government agencies.

 

8 Facebook's black markets just keystrokes away

Facebook is connecting not only old friends, but also new criminals. Researchers uncovered more than 70 Facebook groups openly selling black-market cyberfraud services, some of which they say had been running for up to eight years. The now-removed groups had more than 385,000 members in total and offered a variety of illegal services, from credit card information and identity theft to website hacking and email phishing, according to cybersecurity researchers at Talos, the threat intelligence division for the technology company Cisco. By searching for a few well-known fraud terms, the researchers exposed a sizable online black market hiding in plain sight on the world’s most popular social media site.

 

9 Major Browsers to Prevent Disabling of Click Tracking Privacy Risk

A HTML standard called hyperlink auditing that allows sites to track link clicks is enabled by default on Safari, Chrome, Opera, and Microsoft Edge, but will soon have no way to disable it. As it is considered a privacy risk, browsers previously allowed you to disable this feature. Now they are going in the opposite direction. Hyperlink auditing is a HTML standard that allows the creation of special links that ping back to a specified URL when they are clicked on. These pings are done in the form of a POST request to the specified web page that can then examine the request headers to see what page the link was clicked on. With privacy and online tracking being such a large problem and major concern for many users, you would think that browser developers would give you the option to disable anything that could affect your privacy.

 

10 DARPA Wants AI to Learn Language as Human Babies Do

The latest artificial intelligence project at Pentagon’s research office is shedding new light on the phrase “mean what you say.” The Defense Advanced Research Projects Agency on Thursday announced it would begin funding research to reshape the way AI language systems like Alexa and Siri learn to speak. Instead of crunching gargantuan datasets to learn the ins and outs of language, the agency wants the tech to teach itself by observing the world like human babies do. Using this approach, the Grounded Artificial Intelligence Language Acquisition, or GAILA, program aims to build AI tools that understand the meaning of what they’re saying instead of stringing together words based on statistics.

 

11 Remote AR will make it so we can work — or play — anywhere

Augmented reality has been something of a trailblazer in the gaming industry in recent years. The technology has been hovering around the periphery of the mainstream for some years in the form unsuccessful endeavors like Sony PlayStation 2’s Eye Toy: Play — which used a camera to embed a digital world over a real-life canvas that users could interact with — and various games for Nintendo Wii. However, it wasn’t until the explosion in mobile gaming over the last decade that AR really began to announce itself on the biggest stage. While such developments were occurring, very few could’ve foreseen augmented reality’s relationship with business collaboration tools blossoming as the technology developed. But with endeavors like PowerX’s augmented reality table presenting itself as a solution for providing complex visualizations and digital learning tools within organisations, it’s clear to see that a symbiotic relationship between the technology and corporate adopters is emerging.

 

12 Payment Card Data Stolen From AeroGrow Website

AeroGrow International, the company that makes the popular AeroGarden smart countertop gardens, recently informed customers that their payment card information may have been compromised as a result of a cybersecurity incident impacting its website. In a letter sent to customers and submitted to the California Office of the Attorney General, AeroGrow said it had identified malicious code on its website’s payment page. The company’s investigation revealed that the malicious code had been present for more than four months, between October 29, 2018, and March 4, 2019. The malware was designed to harvest the card number, expiration date, and CVV/CCV code entered by customers on the payment page.

Related Posts