AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – June 14, 2018

Deepfake Videos Are Getting Impossibly Good

As a newly revealed video-manipulation system shows, super-realistic fake videos are improving faster than some of us thought possible. The SIGGRAPH 2018 computer graphics and design conference is scheduled for August 12 to 16 in Vancouver, British Columbia, but we’re already getting a taste of the jaw-dropping technologies that are set to go on display. Zollhöfer’s new approach uses input video to create photorealistic re-animations of portrait videos. These input videos are created by a source actor, the data from which is used to manipulate the portrait video of a target actor. So for example, anyone can serve as the source actor and have their facial expressions transferred to video of, say, Barack Obama or Vladimir Putin.

Trik Spam Botnet Leaks 43 Million Email Addresses

Over 43 million email addresses have leaked from the command and control server of a spam botnet, a security researcher has told Bleeping Computer today. The leaky server came to light while a threat intelligence analyst from Vertek Corporation, was looking into a recent malware campaign distributing a version of the Trik trojan, which was later infecting users with a second-stage payload —the GandCrab 3 ransomware. The Vertek researcher discovered that Trik and GandCrab would download the malicious files that infected users’ systems from an online server located on a Russian IP address. The researcher told Bleeping Computer that the group behind this operation misconfigured its server and left its content accessible to anyone accessing the IP directly.

BYPASS GLITCH ALLOWS MALWARE TO MASQUERADE AS LEGIT APPLE FILES

Masquerading as an official Apple system file sounds like a wonderful way for malware to worm its way onto Macs – and a recently discovered code-signing bypass flaw allows bad code to do just that. The way some developers have implemented Apple’s official code-signing API can be exploited by attackers. Essentially, Apple makes an API available to developers that want to create a security function that verifies Apple files as being legitimate (by making sure the file’s code is signed). However, many of these developers have not used the API properly, so it introduces a vulnerability into the security product or function that allows for unsigned malicious code to appear to be signed by Apple. The result is that malware can fool vulnerable security products and services into thinking that it’s just another legitimate Apple file – so it slips past their security checks and onto the targeted machine.

Trump and Kim USB fan raises cyber-security alert

Cyber-security experts have expressed surprise that journalists at the summit between US President Donald Trump and North Korean leader Kim Jong-Un in Singapore were given USB-powered fans. Some warned reporters not to plug them in to their laptops, as USB devices can carry malware. The fans were part of a gift bag including a branded water bottle and a local guidebook. But cyber-security expert Prof Alan Woodward, from Surrey University, said: “For years now, engineering people to plug in a USB stick you supplied has been a classic way of circumventing security measures to get your software on their machine.

Inspector general: 2 US dams at risk of ‘insider threats’

Two dams critical to U.S. national security are at high risk for “insider threats” that could impair operations because of poor computer security practices such as too many employees having access to administrator accounts and failures to routinely change passwords, according to a new inspector general report. An evaluation released Monday by the U.S. Department of the Interior doesn’t name the two dams, and spokeswoman Nancy DiPaolo cited national security concerns. But they are among five dams operated by the U.S. Bureau of Reclamation that are considered “critical infrastructure,” meaning their destruction or impairment could hurt national security. Those five dams are Shasta and Folsom Dams in California, Glen Canyon Dam in Arizona, Grand Coulee Dam in Washington and Hoover Dam, which straddles Nevada and Arizona.

World Cup watching: The common threats found when using streaming sites

With the start of FIFA World Cup on June 14 just a day away, many fans will be looking for streaming sites where they can watch the matches taking place at Russia 2018. If you are one of them, it is important that you understand the security risks that you will be exposed to if you do not take sufficient precautions. Several of these sites are illegal (piracy issues) and many are used by cybercriminals to disseminate campaigns that go beyond the traditional scams that are spread by email to compromise users’ devices. And we’re not just talking about invasive advertising, which by the way these websites are awash with. We are referring to malicious campaigns designed to take advantage of the anxiety of many soccer fans who are looking for a way to view the matches and when caught up in World Cup fever, they become more exposed to risks as their desire to watch the matches sometimes outweighs common sense.

National Quantum Initiative bill is coming soon, House Science chairman says

The chairman of the House Science, Space and Technology Committee says he will soon offer new legislation that would foster a collaborative framework for government, industry and academia to handle developments in quantum computing. Lamar Smith, R-Texas, signaled his intent to introduce the National Quantum Initiative Act to help solidify the disparate sectors of quantum research into a national movement to capitalize on the nuanced potential of the emerging technology. Hosting IBM officials Tuesday for a demonstration of the company’s 50-qubit quantum computer on Capitol Hill, Smith said in a release that the proposal would boost the U.S. at a time when countries are investing more in the technology.

AI startup Clarifai hacked by Russian source while part of Pentagon’s Project Maven

Computer vision company Clarifai is being accused of being hacked last year by one or more people in Russia while participating in the Department of Defense’s Project Maven, then failing to report the breach to the Pentagon. Former Clarifai employee and Air Force captain Amy Liu filed a lawsuit earlier this month in which she accuses the AI startup of being compromised by sources in Russia, then failing to report the breach to the Department of Defense in a timely fashion, Wired reported. Liu claims she was fired days after the breach was discovered for asking the company to report the incident to the Pentagon, while an unnamed former employee says handling of the breach led him to leave the company. Multiple employees left due to the company’s involvement with Maven.

Amid Hawaii’s volcanic eruption, drones and maps revealed hidden fissure

Lava moves slowly, but relentlessly. And pinpointing where it will flow is tricky. That’s why about a week after the May 3 eruption of Hawaii’s Kilauea volcano, a team from the Center for Robot-Assisted Search and Rescue, or CRASAR, a nonprofit volunteer group that surveys disaster sites with unmanned vehicles, shipped to the Big Island and started flying its aerial drones over the widening lava flows. CRASAR, which was spun out of Texas A&M University about a decade ago, has sent unmanned ground and aerial vehicles into disaster zones around the world since first forming after the September 11 terrorist attacks. Since then, it’s also surveyed hurricanes, wildfires, mudslides, mine collapses and the 2011 nuclear meltdown in Fukushima, Japan. Kilauea was the group’s first volcano, and the first known instance, the group says, of small unmanned aircraft being used in an emergency response to a volcanic eruption anywhere in the world.

Librarian Sues Equifax Over 2017 Data Breach, Wins $600

In the days following revelations last September that big-three consumer credit bureau Equifax had been hacked and relieved of personal data on nearly 150 million people, many Americans no doubt felt resigned and powerless to control their information. But not Jessamyn West. The 49-year-old librarian from a tiny town in Vermont took Equifax to court. And now she’s celebrating a small but symbolic victory after a small claims court awarded her $600 in damages stemming from the 2017 breach.

Researcher hacks smart fingerprint padlock in mere seconds

The Tapplock one “smart” padlock, which received many rave reviews by tech-focused news sites and YouTubers, can be forced to open in under two seconds with a smartphone. Tapplock one is a padlock that can be opened by placing your finger on the fingerprint sensor, via Bluetooth through a phone app, or by pressing the power button in a specific pattern. Tierney discovered that the communication between the lock and the app is unencrypted, and that he app would send the same string of data over Bluetooth Low Energy (BLE) to the lock every time it connected to it, which means it’s vulnerable to replay attacks.

Related Posts