AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – April 9, 2019

1 Exodus Spyware Found Targeting Apple iOS Users

The spyware that was recently found lurking in 25 different malicious apps on Google Play has been ported to the Apple iOS ecosystem. The surveillance package – dubbed Exodus – can exfiltrate contacts, take audio recordings and photos, track location data and more on mobile devices. Earlier this month, word came that Google had booted a raft of Exodus-laden apps. According to Lookout Security, it turns out that iOS versions had become available outside the App Store, through phishing sites that imitate Italian and Turkmenistani mobile carriers. These are notable in that they abused the Apple Developer Enterprise program.


2 Motel 6 To Pay $12 Million After Improperly Giving Guest Lists To ICE

The hotel chain Motel 6 has agreed to pay $12 million to settle a lawsuit filed by the state of Washington after several locations gave information on thousands of guests to Immigration and Customs Enforcement without warrants. Washington state Attorney General Bob Ferguson said Thursday that Motel 6 shared the information of about 80,000 guests in the state from 2015 to 2017. That led to targeted investigations of guests with Latino-sounding names, according to Ferguson. He said many guests faced questioning from ICE, detainment or deportation as a result of the disclosures. It's the second settlement over the company's practice in recent months.


3 Beware of Calls Saying Your Social Security Number is Suspended

A common phone call scam that people have been receiving states that your Social Security number is suspended for suspicious activity. It then prompts you to speak to a government agent in order to receive help resolving the issue. This scam has been going on for over a year, if not longer, and are robocalls that pretend to be from a government official who states that suspicious or fraudulent activity associated with your social security number has been detected. The robocall then prompts you to call back or speak to an agent in order to resolve the issue. As the FTC notes, Social Security numbers cannot be suspended, so any calls stating that they are is simply a scam. The attackers are just trying to trick you into providing your birth date, bank account numbers, social security numbers, and other sensitive information.


4 Google to pull plug on AI ethics council

Alphabet Inc’s Google said on Thursday it was dissolving a council it had formed a week earlier to consider ethical issues around artificial intelligence and other emerging technologies. The council had run into controversy over two of its members, according to online news portal Vox, which first reported the dissolution of the council. The council, launched on March 26, was meant to provide recommendations for Google and other companies and researchers working in areas such as facial recognition software, a form of automation that has prompted concerns about racial bias and other limitations. The eight-member Advanced Technology External Advisory Council (ATEAC) included technology experts and digital ethicists.


5 Cyberattack diverts almost $500,000 out of city of Tallahassee payroll account

Nearly half a million dollars was diverted out of the city of Tallahassee’s employee payroll this week after a suspected foreign cyberattack of the city's human resources management application. Hackers attempt every day to breach the city’s security, officials say, but Wednesday's operation netted about $498,000. The employees have all been paid, said city spokeswoman Alison Faris, and officials are working to determine the hack’s origins. “Early indication is that it was possibly initiated outside of the U.S.,” Faris said in an email. The out-of-state, third-party vendor that hosts the city's payroll services was hacked and as a result the direct deposit paychecks were redirected. Employees throughout the city’s workforce were affected.


6 Uber scientist says some time before self-driving cars dominate the road

Uber Technologies Inc believes it will take a long time for self-driving cars to be used at scale but the technology will save lives, the chief scientist at its self-driving car unit said on Monday. Raquel Urtasun, who is chief scientist at Uber Advanced Technologies Group (ATG) and heads the group's unit in Toronto, spoke at a Reuters Newsmaker www.reuters.com/newsmakers event in New York. The progress of Uber’s self-driving car unit is in the spotlight as the company prepares to go public later this year. The unit is a significant contributor to Uber’s losses, which in 2018 were $1.8 billion before taxes, depreciation and other expenses. However, some consider Uber’s ability to successful navigate the transition to autonomous vehicles as crucial to the company’s long-term prospects.


7 Trump Shakeup Impacts Cybersecurity Policy

The exits of the Department of Homeland Security secretary and the Secret Service director are prompting discussion about the continuity of U.S. cybersecurity policy, as the agencies play a key role in securing infrastructure and investigating financial cybercrime.

Along with Nielsen, Trump also has replaced U.S. Secret Service Director Randolph Alles. The Secret Service plays a role in cybersecurity, particularly its Electronic Crimes Task Forces. Those branches investigate international cybercriminal activity targeting the financial sector, data breaches and other computer crimes. The leadership shake-up comes as experts warn of an unending wave of hacking activity targeting U.S. companies and expected efforts by other countries to influence the 2020 presidential election. It also comes as the U.S. has undertaken a campaign to strengthen critical infrastructure, such as power plants, waste treatment facilities and dams.


8 Mar-a-Lago Infiltrator Had Hidden-Camera Detector

A Chinese woman recently arrested at President Donald Trump’s Mar-a-Lago club lied repeatedly to Secret Service agents while carrying computer malware unlike anything a government analyst had ever seen and had more than $8,000 in cash at her hotel room, along with an electronic device that detects hidden cameras, federal authorities told a judge Monday. Assistant U.S. Attorney Rolando Garcia told Magistrate Judge William Matthewman during a bond hearing that “there are a lot of questions that remain” about 32-year-old Yujing Zhang. He said the FBI is still investigating whether Zhang is a spy.


9 Samsung Galaxy S10’s Fingerprint Scanner Hacked Using 3D Printed Fingerprint

A security flaw in Samsung’s Galaxy S10 ultrasonic biometric fingerprint scanner can be bypassed by just having the duped 3D Printed Fingerprint of the mobile owner. The ultrasonic fingerprint scanner comes with S10 and S10+ models, it offers additional security and it captures a 3D image when the traditional security scanners capture only a 2D one. Samsung claims this won’t let anyone compromise that smartphone ever they have a 3D map of your fingerprint. But now the researcher’s proven that fingerprint scanner can be fooled by using a 3D-printed fingerprint.


10 Guilty Plea in Senate Data Theft

A former senate staff member stole personal information about three senators and published it on Wikipedia.

Jackson Cosko, a former Senate staff member, has pled guilty to five federal crimes: two counts of making public restricted personal information, one count of computer fraud, one count of witness tampering, and one count of obstruction of justice. According to evidence, federal authorities were alerted to the data theft when the Wikipedia pages of three US senators were edited to include home addresses and personal phone numbers, information that is considered restricted. The information breach is known as "doxxing," defined in the government announcement as " … the act of gathering, by licit and illicit means, and posting on the Internet personal identifying information (PII) and other sensitive information about an individual."


11 Leap in Cyber Attacks Against Elections in OECD Countries: Canada

Cyber attackers targeted half the member states of the Organization for Economic Cooperation and Development that held national elections in 2018, the agency that monitors Canada's telecoms networks said Monday. "The proportion of elections targeted by cyber threat activity has more than tripled" since 2015, said the Canadian Security Establishment (CSE), which warned of a further spike this year. "A small number of nation-states have undertaken most cyber threat activity against democratic processes worldwide," the center said, mostly pointing the finger at Russia. The OECD is a grouping of 36 of the world's richest nations that describe themselves as committed to democracy and the free market, founded in 1961 to promote trade.

Related Posts