AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – February 6, 2019

Crooks Continue to Exploit GoDaddy Hole

Godaddy.com, the world’s largest domain name registrar, recently addressed an authentication weakness that cybercriminals were using to blast out spam through legitimate, dormant domains. But several more recent malware spam campaigns suggest GoDaddy’s fix hasn’t gone far enough, and that scammers likely still have a sizable arsenal of hijacked GoDaddy domains at their disposal. On January 22, KrebsOnSecurity published research showing that crooks behind a series of massive sextortion and bomb threat spam campaigns throughout 2018 — an adversary that’s been dubbed “Spammy Bear” —  achieved an unusual amount of inbox delivery by exploiting a weakness at GoDaddy which allowed anyone to add a domain to their GoDaddy account without validating that they actually owned the domain.

Social media firms face crackdown over child protection

Social media companies are to be told to sign a legally binding code of conduct as ministers seek to force them to protect young people online, it has been reported. Ministers have been considering proposals for an internet regulator and a statutory duty of care. It was reported on Monday that the digital minister, Margot James, was planning to announce such plans on Tuesday. “We have heard calls for an internet regulator and to place a statutory ‘duty of care’ on platforms and are seriously considering all options,” said a spokesman for the Department for Digital, Culture, Media and Sport (DCMS). “Social media companies clearly need to do more to ensure they are not promoting harmful content to vulnerable people. Our forthcoming white paper will set out their responsibilities, how they should be met and what should happen if they are not.”

Huddle House hit with point-of-sale data breach

The Huddle House restaurant chain reported it has closed a point-of-sale data breach that existed one of its third-party vendors from August 2017 until now. The malware resided on a third-party system and exposed payment card information at some of the chain’s corporate and franchised locations. The company became aware of the situation when it was informed by law enforcement and its credit card processor that some of the locations were infected with malware. The information possibly involved includes cardholder name, credit/debit card number, expiration date, cardholder verification value, and service code. “Criminals compromised a third-party point of sale (POS) vendor’s data system and utilized the vendor’s assistance tools to gain remote access—and the ability to deploy malware—to some Huddle House corporate and franchisee POS systems,” the company said in a statement.

The FBI reportedly raided a Huawei lab and set up a sting at CES as part of a previously unrevealed investigation

The FBI raided a Huawei lab in San Diego and set up a sting operation at CES in Las Vegas in January as part of a third investigation into the smartphone maker, according to a new report by Bloomberg Businessweek. Last week, the U.S. Department of Justice charged Huawei and its chief financial officer, Meng Wanzhou, with an alleged violation of sanctions against Iran. It also charged Huawei for allegedly stealing trade secrets from T-Mobile. The newly reported third investigation similarly deals with trade secrets, but carries the added weight of federal regulations around technologies with the potential for use in defense. It also sheds light on how far Huawei is willing to go for a competitive edge, and on the extent of FBI fact-finding operations involved in these investigations.

Cryptocurrency investors locked out of $190m after exchange founder dies

About $190m in cryptocurrency has been locked away in a online black hole after the founder of a currency exchange died, apparently taking his encrypted access to their money with him. Investors in QuadrigaCX, Canada’s largest cryptocurrency exchange, were unable to access their funds after its founder, Gerald Cotten, died last year. According to a court filing first reported by CoinDesk, a cryptocurrency news and events company, Jennifer Robertson, identified as Cotten’s widow, said the exchange owes its customers roughly C$250m (US$190m) in cash and cryptocurrency held in its “cold storage”. “Quadriga’s inventory of cryptocurrency has become unavailable and some of it may be lost,” Robertson wrote in the filing.

Glowing reviews tout counterfeit cash on the dark web

When Secret Service Agent Matthew Britsch began trawling for major counterfeiters in the shadowy marketplaces of the dark web, he acted like any smart consumer on eBay — he studied the reviews. Britsch knew he had struck gold when he found Billmaker, the online moniker of an anonymous counterfeiter who promised a high-quality $100 bill and a money-back guarantee. He even had a loyal fan base who praised his work and customer service with scores of positive reviews. “Very good quality and got here quick,” one gushed. “All passed with no issue whatsoever,” another wrote, approvingly. “FRESH CLEAN BILLS!” agreed a third. “Billmaker was a five-star guy,” said Britsch. “He wanted those five-star reviews to help him sell more bills. That was clearly his goal.”

This App Wants to Track Every Homeless Person in San Francisco

City officials have spent the past two years building a digital program called ONE System that can track and monitor every homeless person in San Francisco. The idea is simple: Collect and sort information associated with the homeless to more effectively assess risk factors, determine those most in need, and get those people into available shelters and transitional housing. But the reality is more complicated. Five months after its introduction, ONE System has helped get only 70 people off the streets as it contends with the same challenges that have plagued past efforts—as well as new ones, including persuading the city’s most at-risk population to sign on to a program with echoes of Big Brother.

Famed investor Roger McNamee once advised Facebook — now he’s certain it’s destroying our democracy

Given that McNamee had been an advisor to Mark Zuckerberg early in the company’s life and profited from an early investment in the company, reporters wanted to know exactly what he saw as the problem — and he was happy to tell them. He saw bad actors on Facebook . He saw data being scraped and sold and he saw disinformation campaigns. He was frustrated, he said, and users needed to get frustrated, too. He’d tried to talk privately to both Zuckerberg and COO Sheryl Sandberg — who he says he helped connect with Zuckerberg years ago — and they treated his concerns not as a legitimate threat to their users but as a PR crisis. When he wrote them again, he was passed along to other executives at Facebook who similarly, politely, gave him the brush-off.

NIST narrows field of post-quantum crypto contenders

The National Institute of Standards and Technology has been working to ensure that public-key cryptosystems will not be hackable once large-scale quantum computers are built. Although the delivery timeline of a mature quantum computer is under debate, NIST has already begun to prepare IT security to be able to resist quantum computing. It plans to supplement or replace three standards considered most vulnerable to a quantum attack: FIPS 186-4 — which specifies the suite of algorithms to use to generate digital signatures– NIST SP 800-56A and NIST SP 800-56B – which both relate to establishing keys used in public-key cryptography. 

Fire (and lots of it): Berkeley researcher on the only way to fix cryptocurrency

Nicholas Weaver made no bones about it: he really, really dislikes cryptocurrencies. Speaking at the Enigma security conference in Burlingame, California, last week, the researcher at UC Berkeley’s International Computer Science Institute characterized bitcoin and its many follow-on digital currencies as energy-sucking leeches with no redeeming qualities. Their chief, if not only, function, he said, is to fund ransomware campaigns, online drug bazaars, and other criminal enterprises. Meanwhile, Weaver said, there’s no basis for the promises that cryptocurrencies’ decentralized structure and blockchain basis will fundamentally transform commerce or economics. That means the sky-high valuations spawned by those false promises are completely unjustified. He also said investors’ irrational exuberance just adds to the unviability of cryptocurrency.

Related Posts