AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – June 18, 2018

23,000 Individuals Affected in HealthEquity Breach

A company that handles millions of health savings accounts (HSAs) has suffered a data breach in which the information of 23,000 was compromised.  On 11 April, the email account of a HealthEquity employee was accessed by an unauthorized person. Two days later, the malicious activity was discovered, at which point the Utah-based firm – a custodian of more than 3.4 million HSAs – expunged the mailbox and contacted a forensics firm. HealthEquity has reportedly offered five years of credit monitoring and identity theft protection in response to the incident.

Following Chrome’s Lead, Microsoft Edge Also Moves to Block Autoplay Videos

The Microsoft Edge browser will gain the ability to block auto-playing media, such as sounds and web videos. The feature was announced today for Edge browsers part of Insiders program, Microsoft’s testing ground for new Windows 10 features. The ability to block auto-playing media will land in the mainstream Edge distribution this fall when Microsoft launches the next major version of the Windows 10 operating system. The feature is not enabled by default, in its current form. Microsoft engineers have added a new setting in Microsoft Edge to allow users to control whether sites can autoplay media.

After Trump courts Kim, U.S. issues warning on North Korean malware

Days after the historic United States-North Korea summit, the Department of Homeland Security and FBI have warned U.S. industry about a malware variant tied to North Korean government hackers. The DHS-FBI report released Thursday on the malware, dubbed Typeframe, analyzes 11 samples, including infected Windows files and a malicious Microsoft Word document. “These files have the capability to download and install malware, install proxy and remote access Trojans, connect to command and control servers to receive additional instructions, and modify the victim’s firewall to allow incoming connections,” the report states.

Top Marine says cyber warriors must get more flexibility

The Marine Corps must be “more flexible” when it comes to retaining cyber warriors, its top officer said, a recognition that the service needs to bolster its recruiting effort for the digital fight. During a June 12 speech, Marine Corps Commandant Gen. Robert Neller said that cyber fighters may follow a different career trajectory than traditional recruits. “If you get qualified as a cyber Marine, you ain’t ever leaving, unless you want to. If you want to stay there and do ones and zeros” that’s fine, Neller said.

Booz Allen’s Chief Warns U.S. of a ‘Close Race’ With China on AI

The chief executive officer of government contractor Booz Allen Hamilton Inc. warned that the U.S. has only a small advantage over China in the rising field of artificial intelligence and is at risk of falling behind without a “national strategy.” “It’s not the 50-year edge that we have in building aircraft carriers,” Horacio Rozanski said Thursday in a meeting with Bloomberg editors and reporters in Washington. “It’s now a much closer race, without a doubt.” Chinese President Xi Jinping has made a 10-fold increase in AI output a national priority as the world’s second-largest economy seeks to dominate the industry by 2030. The U.S. has little formal AI strategy at the federal level, although resources and government projects have accelerated in the last year or so, Rozanski said.

Stanford Researchers Trained a Neural Network to Make These Memes

Peirson and Tolunay trained their machine learning algorithm with a dataset of more than 400 types of memes with multiple captions that they pulled from memegenerator.com using a Python script. To simplify the task, they focused only on “advice animal” style memes, the kind where an image of a specific character like “socially awkward penguin” is overlaid with a caption of text that represents the traits of that character, usually with a humorous observation. “This allows for relatively simple collection of datasets,” the researchers wrote. “In this paper, we specifically refer to meme generation as the task of generating a humorous caption in a manner that is relevant to the initially provided image, which can be a meme template or otherwise.”

Cops Are Confident iPhone Hackers Have Found a Workaround to Apple’s New Security Feature

“Grayshift has gone to great lengths to future proof their technology and stated that they have already defeated this security feature in the beta build. Additionally, the GrayKey has built in future capabilities that will begin to be leveraged as time goes on,” a June email from a forensic expert who planned to meet with Grayshift, and seen by Motherboard, reads, although it is unclear from the email itself how much of this may be marketing bluff. “They seem very confident in their staying power for the future right now,” the email adds.

A hacker was recently still trying to steal Neopets accounts with a phishing login page

In what might be the cybercrime revelation of the century, it turns out that someone, somewhere, cares enough about virtual teddy bear simulator Neopets to try and steal users’ accounts, even fairly recently. A phishing page posted to Twitter shows someone impersonating a Neopets login screen. The page itself appears to have been created around February 2017, and hasn’t been fully functional for some time, but the page is still online, and shows how hackers may even target some of your more trivial online accounts.

Amazon, Microsoft, and Uber are paying big money to kill a California privacy initiative

As data-sharing scandals continue to mount, a new proposal in California offers a potential solution: the California Consumer Privacy Act would require companies to disclose the types of information they collect, like data used to target ads, and allow the public to opt out of having their information sold. Now, some of tech’s most prominent companies are pouring millions of dollars into an effort to to kill the proposal. In recent weeks, Amazon, Microsoft, and Uber have all made substantial contributions to a group campaigning against the initiative, according to state disclosure records. The $195,000 contributions from Amazon and Microsoft, as well as $50,000 from Uber, are only the latest: Facebook, Google, AT&T, and Verizon have each contributed $200,000 to block the measure, while other telecom and advertising groups have also poured money into the opposition group.

The internet is finally going to be bigger than TV worldwide

Next year, for the first time, we’ll spend more time using the internet than watching TV. People will spend an average of 170.6 minutes a day, or nearly three hours, using the internet for things like shopping, browsing social media, chatting with friends, and streaming music and video in 2019, a recent report by media agency Zenith estimated. That’s a tad more than the 170.3 minutes they’re expected to spend watching TV. TV has been losing its hold on audiences since platforms like Netflix and YouTube made it easy to watch video online—including the programming you find on traditional TV. And internet usage has been soaring, aided by increasingly affordable mobile devices that give people access to the web for all their waking hours.

Android-based devices Amazon Fire TV and Fire Stick hit by cryptomining malware

Recently, security experts spotted the crypto mining malware ADB.miner (Android.CoinMine.15) targeting Amazon Fire TV and Fire TV Stick devices. The malicious code is active at least since February when researchers at Qihoo 360’s Netlab have spotted the Android mining botnet that targets Android devices by scanning for open ADB debugging interface (port 5555) and infects them with a Monero cryptocurrency miner. The port 5555 is the working port ADB debug interface on Android device that should be shut down normally. The devices infected by ADB.miner are devices where users or vendors have voluntary enabled the debugging port 5555. The Amazon devices hit by the ADB.miner leverages the ADB (Android Debug Bridge) for uninterrupted internet connections it is no surprise that they are now under attack.

Video Game Addiction Tries to Move From Basement to Doctor’s Office

Video games work hard to hook players. Designers use predictive algorithms and principles of behavioral economics to keep fans engaged. When new games are reviewed, the most flattering accolade might be “I can’t put it down.” Now, the World Health Organization is saying players can actually become addicted. On Monday, “gaming disorder” will appear in a new draft of the organization’s International Classification of Diseases, the highly regarded compendium of medical conditions. Concerns about the influence of video games are dovetailing with increasing scrutiny over the harmful aspects of technology, as consumers look for ways to scale back consumption of social media and online entertainment.

Gaming Companies Remove Analytics App After Massive User Outcry

Several gaming companies have announced plans to remove support for an analytics app they have bundled with their games. The decision to remove the app came after several Reddit and Steam users noticed that many game publishers have recently embedded a controversial analytics SDK (software development kit) part of recent updates to their games. The program bundled with all these games, and at the heart of all the recent controversy is RedShell, an analytics package provided by Innervate, Inc., to game publishers. In several recent online discussions, users are complaining that besides logging the source of a new game install, the app also creates fingerprints for each gamer, with information about their online personas and gaming rigs. Furthermore, many game studios have not told users that this SDK is now part of their games, or if they did, they made it an opt-out package instead of opt-in, as most privacy laws across the globe dictate.

Related Posts