AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – February 28, 2019

1 A simple and secure biometric login for Android 7.0+

FIDO Alliance announced that Android is now FIDO2 Certified, bringing simpler, stronger authentication capabilities to over a billion devices that use this platform every day. With this news, any compatible device running Android 7.0+ is now FIDO2 Certified out of the box or after an automated Google Play Services update. This gives users the ability to leverage their device’s built-in fingerprint sensor and/or FIDO security keys for secure passwordless access to websites and native applications that support the FIDO2 protocols.

 
2 Government-funded researchers investigate vulnerabilities in EV charging stations

Charging stations for electric cars have sprung up across the country in recent years as hybrid vehicles continue to gain popularity. As those stations carry more wattage, their potential effect on local power flows has grown. In a video, Rohde approached a charging station and ran an attack on the human machine interface (HMI), which affects the charging process by communicating with a control system. “Now you’ll see this power meter is jumping all over the place,” Rohde said. He executed a spoofing command to trick the charging station into thinking the vehicle was 90-percent charged when it was really at a third of its power. He ended the demonstration by issuing an emergency command that abruptly halted the charging.

 

3 Verizon says phone-sale fraud is up, wants to lock new phones to fight it

Verizon—the only major US mobile carrier that routinely sells unlocked 4G LTE phones to consumers—last week asked for government permission to lock its phones for 60 days after purchase. An unlocked phone can be used by a consumer on any carrier's network (as long as the phone and network are compatible), while a locked phone can only be used with the carrier that applied the lock. Verizon's phones are unlocked because of open-access rules the Federal Communications Commission applied to 700MHz spectrum that Verizon bought at auction in 2008. That could change if the FCC grants Verizon's request to let the carrier lock phones for 60 days in order to deter fraud when people buy phones on payment plans that require little or no down payment.

 

4 Security ills of health care sector draw senator's attention

A vocal senator on U.S. cybersecurity matters wrote on Monday to four government agencies, seeking more information about how they are working to mitigate cyber risk in the health care sector. Sen. Mark Warner, D-Va., asked the agencies how they were working to resolve apparent security vulnerabilities and urged them to provide strategic recommendations on how to fend off attacks in the medical sector. Warner’s office wrote to the Food and Drug Administration, the Department of Health and Human Services, the Centers for Medicare and Medicaid Services and National Institute of Standards and Technology.

 

5 Former Student Charged with Damaging Computers at Albany College

Vishwanath Akuthota, age 26, of Albany, was arrested on February 22 in North Carolina after being charged with intentionally causing damage to protected computers owned by The College of Saint Rose in Albany. According to a criminal complaint, on February 14, 2019, Akuthota entered numerous locations around the Saint Rose campus and inserted a device into more than 50 computers used by students.  The device, which resembles a normal USB memory stick, sends a rapid series of power surges into a computer’s electrical hardware, rendering it inoperable.  The damage exceeds $50,000.  The charges in the complaint are merely accusations. The defendant is presumed innocent unless and until proven guilty.

 

6 Stouffville parents fear potential breach, want kids’ information off education app

The use of a cloud-based software application by York Region District School Board for reporting absences and other functions isn’t sitting well with some Stouffville parents who fear it puts their children at risk of privacy violations. The parents are alarmed and are calling for the school board to take action after a Jan. 15 security breach, which was “patched.” Richmond Hill-based Edsby gives both teachers and parents digital tools such as an option to call in sick for a child and checking approvals for field trips by using its social networking app.

 

7 DNA Collection: The Next Big Thing in Privacy Litigation?

The use of biometric technology is fast becoming the next big thing in privacy litigation. There was last month’s decision by the Illinois Supreme Court that upheld a consumer’s right to sue companies for collecting biometric data – such as fingerprints and iris scans – without first disclosing how such information will be used. See our blog on that ruling here. And now, the debate surrounding the use and collection of biometric data has expanded beyond challenging the biometric collection practices in the private sector, to challenging the practices of state and local governments including law enforcement.

 

8 Gemalto promises world’s first 5G SIM card for first half of 2019

Two months after cellular industry association SIMalliance called for a new and more secure 5G SIM card standard, digital security company Gemalto announced today that it has developed the world’s first 5G SIM — a more secure solution that will roll out in the first half of this year. Recognizing both increasing and evolving types of cellular devices, the 5G SIM will be offered in three form factors: a traditional removable SIM card, an embedded SIM (eSIM), and a machine-to-machine (M2M) SIM designed for internet of things devices. All of the versions will support both the 3GPP’s specifications and SIMalliance’s recommendations for 5G SIMs, enabling Gemalto to be the first to offer a solution deemed capable of securing 5G network access.

 

9 Consumer Groups Protest Being Left Out of Senate Privacy Hearing

Consumer groups voiced dismay Friday after a US Senate panel considering privacy legislation scheduled a largely industry-packed witness list for an upcoming hearing. Senate Commerce Committee Chairman Roger Wicker, a Republican, announced the witness list for Wednesday's hearing on "policy principles for a federal data privacy framework in the United States." The list "is stuffed with well-paid 'inside the Beltway' lobbyists from the data gathering industry," said Jeffrey Chester of the Center for Digital Democracy, a privacy rights group. "Senator Wicker's lineup raises questions about whether he can be trusted to develop legislation that will empower the public and rein in what is now a 'wild west' data collection industry."

 

10 Trump Calls For More Biometric Scans, Data Sharing To Stop Terrorism

Travelers coming to the U.S. might have seen new biometric facial readers at airports, ports and land crossings this year and, per a new national security strategy, are likely to see a lot more in the near future. President Donald Trump on Wednesday signed the National Strategy to Combat Terrorist Travel, a new policy document that calls for increased use of biometric technologies and sharing of the data being collected in order to prevent the travel of known or suspected terrorists. “Key to detecting and interdicting terrorists attempting to travel will be enhancing systems that validate identities and advancing the use of biometric technologies,” Trump wrote in the introduction.

 

11 Missile warning sent from Tampa mayor’s hijacked Twitter account

Officials in Tampa, Florida, were scrabbling to regain control of the mayor’s Twitter account this week after a hacker hijacked it to post bomb threats and child sex abuse images. The attacker, who took over the account just two weeks before the city’s municipal elections, tried to implicate others in the hijacking. Mayor Bob Buckhorn’s account is normally filled with pro-Tampa messages. He encourages developers to submit innovative ideas for urban expansion and promotes owner-occupied home repair programs. Early on Thursday morning, however, things went sideways. The mayor’s account was hacked to post messages, most of which were too vile to reproduce here.

 

12 Cisco partners with Google Station to provide sustainable public Wi-Fi

Cisco announced that it is working with Google Station on a mission to include one billion people in the growth opportunities of the digital economy. The program will provide communities with limited connectivity around the world sustainable public Wi-Fi that is easily highly secure, accessible, fast, and reliable. Connectivity and technology have become the foundation for many peoples’ economic, social, and cultural opportunities. However, nearly half of the world’s population remain unconnected, restricting their inclusion in economic growth opportunities. Nearly 10 percent of the world’s population continues to struggle for basic needs daily, making it critical for partnerships between technology leaders, public, and private sectors.

 

13 TURBOTAX HACK: INTUIT SAYS THERE WAS NO DATA BREACH, USERS ARE NOT AT RISK

TurboTax parent company Intuit said Monday that it did not suffer a data breach that resulted in a third party gaining access to the personal information of users. The company shared the statement Monday, after a blog post was released earlier in the day claiming that the company had suffered a breach. "A recent blog post referencing a data breach of Intuit is inaccurate. The document referenced in the blog post was a notification to a state that a customer’s account experienced unauthorized access by a third party using legitimate log-in credentials that Intuit believes were obtained from sources outside the company," read the statement from Intuit.

 

14 Network Tallahassee Internet provider hacked, pays ransom to get back online

Hackers attacked a Tallahassee-based broadband provider and demanded $6,000 ransom to get its operations back online.  Network Tallahassee's website is down and calls to its landline go directly to a pre-recorded message, explaining how the hacking, which was discovered Saturday, has compromised its entire network. "We have been in contact with the hackers and paid the ransom and have been advised it will be tomorrow, Tuesday (today), before we get the compiled encrypter tools," the message recorded shortly after 5 p.m. Monday said. "If the hackers deliver, it will probably be Wednesday before we are partially back up and running."

 

15 CISA Makes Tech and Cyber Centerpieces of National Emergency Comms Plan

The Homeland Security Department wants citizens to weigh in on its updated strategy for improving the country’s emergency communications network, which is chock-full of tech and cyber measures. The latest National Emergency Communications Plan places a strong emphasis on bolstering public safety infrastructure against emerging digital threats and making it easier for organizations to share information across their disparate networks. The Cybersecurity and Infrastructure Security Agency released the strategy for public comment on Friday.

 

16 Adobe Sends Emails About Retirement of Shockwave on April 9th

Adobe has started sending out emails to enterprise clients about the imminent retirement of Adobe Shockwave. These emails state that Adobe Shockwave player for Windows will no longer be available for download starting on April 9th 2019. Released in 1995 by Macromedia, Shockwave brought interactive content and games to the web in a way that was never seen before. In 2005, Adobe purchased Macromind and all of their interactive web products such as Flash and Shockwave continued under the Adobe name. With developers moving their interactive projects away from products like Flash and Shockwave and towards HTML5 and WebGL, Adobe had decided to retire Shockwave on April 9th, 2019.

 

17 FedEx rolls out prototype of autonomous SameDay Bot

FedEx on Wednesday unveiled a prototype of its SameDay Bot, an autonomous delivery vehicle designed to get smaller deliveries from retailers to nearby customers. Like Amazon and FedEx's other competitors in the shipping business, FedEx is hoping that autonomous vehicles can help it solve the challenges of last-mile logistics. Developed in collaboration with DEKA Development & Research Corp., the SameDay Bot is designed to basically go anywhere a human can go — on sidewalks, streets or grass, over steps and up steep ramps. The battery-powered robot is designed to communicate with those around it about its next moves, and it's equipped with LiDAR and multiple cameras that keep it aware of its surroundings. Its AI algorithms help it plot a safe path to its destination, as well as detect and avoid obstacles.

 

18 Technology Helps San Francisco Erase 8,000 Pot Convictions

Over 8,000 marijuana-related convictions were erased or reduced using a technological approach that prosecutors nationwide should adopt to address a growing backlog of criminal cases eligible for modification, San Francisco's district attorney announced Monday. San Francisco is the first California county to announce full compliance with the state's broad legalization of marijuana that also made an estimated 200,000 past pot convictions eligible for erasure or reduction. San Francisco District Attorney George Gascon credited the nonprofit technology organization Code for America for solving the biggest hurdle to identifying eligible cases dating back decades.

 

19 5 handy Google Fi features you shouldn't forget

Got Fi? Google's unusual wireless service may have shifted its name from Project Fi to Google Fi this fall, but its core proposition remains the same: Pay only for the data you use, and avoid all the traditional carrier gotchas and nonsense. For the right kind of person, especially among those of us on Android, Fi can be a real cost- and hassle-saver. And aside from its most prominently promoted perks — the seamless network-switching, the public Wi-Fi use, the fee-free roaming and hotspot capabilities, and so on — Fi has some pretty interesting out-of-the-way options that can really elevate your experience.

 

20 IBM says most hackers just PowerShell through boxes now, leaving little in the way of footprints

A company's internal network, once compromised, is now more likely to be ransacked by automated scripts than a piece of malware. This according to researchers with IBM's X-Force, who found that in 2018 just 43 per cent of the attacks it analyzed utilized any sort of locally installed files. Rather, the hackers utilized PowerShell scripts to execute their dirty deeds in memory without significantly touching file systems, if at all. This finding is important because it is another reminder that admins can no longer solely rely on detecting malicious executables and similar data on hard drives and other storage, to identify cyber-intrusions.

Related Posts