AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – June 21, 2018

IBM Warns That Spammers Once Again Taking Aim at FIFA World Cup

Among the most popular sporting events in the world is the 2018 FIFA World Cup, which runs from June 14 to July 15 in Russia. The popularity of the World Cup has long been a magnet for spammers and so far the 2018 event is no exception. IBM’s X-Force has been tracking the FIFA World Cup 2018 and has already seen multiple types of email scams, spam and phishing attacks launched against unsuspecting World Cup fans. Among the scams IBM has seen already are fake notifications for prize winnings linked to FIFA sponsors as well as fake product sales.

Bumbling Hacker “Bitcoin Baron” Sentenced to 20 Months in Prison

A hacker once considered “the Internet’s most inept criminal” received on Monday a prison sentence of 20 months in prison for launching DDoS attacks against the city of Madison, Wisconsin —attacks which caused delays and outages to various municipality services, including its 911 emergency call center. The DDoS attacks took place between March 9 and March 14, 2015, and the man’s name is Randall Charles Tucker, 23, a hacker who went online under the pseudonym of “Bitcoin Baron.”

New Bill Aims to Prevent the Next Kaspersky, ZTE

Federal agencies would be required to more thoroughly vet products’ cybersecurity supply chains before buying them under bipartisan legislation introduced in the Senate Tuesday. The bill from Sens. Claire McCaskill, D-Mo., and James Lankford, R-Okla., comes six months after Congress ordered agencies to scrub the Russian anti-virus Kaspersky from their systems because of concerns it could be used by the Kremlin as a spying tool. In most cases, government agencies and offices did not contract directly with Kaspersky but received it as part of a package of services from a separate vendor. In other cases, government data and systems were exposed to Kaspersky software that was running on contractor networks.

Civil Liberties Groups Urge IG Investigation Into Faulty FBI Encryption Stats

The Justice Department’s internal watchdog should investigate how the FBI ended up using inaccurate figures to bolster its case that warrant-proof encryption was making Americans unsafe, according to a Monday letter from 20 civil society groups. The FBI acknowledged last month that it could not support the claim made by top officials, including Attorney General Jeff Sessions, that encryption blocked law enforcement from retrieving evidence from 7,775 devices during the 2017 fiscal year. Associate Deputy Director Paul Abbate insisted, however, that end-to-end encryption systems remain a major barrier to investigations and could result in the bureau failing to stop a terrorist attack before it happens or find an abducted child.

These Police Dogs Sniff Out Electronic Devices

Electronic storage detection dogs are trained to sniff out devices like hard drives, thumb drives, smartphones and computers. The training program was developed by Connecticut State Police, and they trained their first ESD dog in 2012. So how do these dogs do it? All electronic devices that have memory storage have a coating of a chemical called triphenylphosphine oxide, or TPPO. This is what the dogs are sniffing out. “We’re fortunate that these devices can’t be made without it,” said Kerry Halligan of the Connecticut State Police.

GitHub and Medium take down database of ICE employee LinkedIn accounts

GitHub and Medium have scrubbed a database of ICE employees off their platforms, soon after a New York-based artist posted the scraped LinkedIn information. Sam Lavigne, who has previously worked on projects like a white collar predictive policing program, wrote in a Medium post today that, “As ICE continues to ramp up its inhumane surveillance and detention efforts, I believe it’s important to document what’s happening, and by whom, in any way we can.” In an attempt to do that, Lavigne wrote a program that scraped LinkedIn for profiles that listed ICE as an employer. The program returned information on nearly 1,600 people, and Lavigne posted the resulting data publicly on GitHub. The database included information like job title, profile picture, and general location of work.

Flightradar24 suffers security breach

Popular flight tracking site Flightradar24 has suffered a security breach that “may” have compromised the email addresses and hashed passwords of “a small subset” of users. Users began receiving emails overnight asking them to reset their passwords, and the company later confirmed in multiple forums the emails were genuine. “The security breach may have compromised the email addresses and hashed passwords for a small subset of Flightradar24 users (those who registered prior to March 16, 2016),” an administrator said.

Cancer Center Fined $4.3M for HIPAA Violations Involving Data Breaches

On 18 June, the United States Department of Health and Human Services (HHS) announced in a press release that one of its Administrative Law Judges (ALJs) ruled in favor of its Office for Civil Rights (OCR) and against The University of Texas MD Anderson Cancer Center (MD Anderson). In a Notice of Proposed Determination, HHS revealed that OCR sought to impose those fines as a result of three data breaches affecting MD Anderson. The first incident, which occurred in April 2012, involved the theft of an unencrypted laptop containing the electronic personal health information (ePHI) of nearly 30,000 individuals. The other incidents, which occurred later in 2012 and 2013, both involved the loss of USB devices on which was stored the ePHI of a combined 6,000 persons.

Blue Bite uses a shopper’s smartphone to determine product authenticity

Blue Bite has figured out a way to authenticate whether a product is real or counterfeit using a smartphone. The company aims to reduce global counterfeiting, which reached $1.2 trillion in 2017, according to the Global Brand Counterfeiting Report. The company said it has created a cost-effective, secure, and scalable service for high-value brands to authenticate items with the tap of a smartphone. Brands can additionally leverage this new, always-on, direct-to-consumer content channel to provide exclusive experiences to consumers.

How a Nigerian Prince scam victim got his money back after 10 years

You can imagine how skeptical Nigerian prince scam victims might be were they to get a letter claiming to be FROM THE ATTORNEY GENERAL! OFFERING HELP IN CLAIMING REFUNDS! But some Kansas residents did receive such letters. One was a self-employed handyman in Wichita, Fred Haines, who, according to The Kansas City Star, re-mortgaged his house three times in an effort to get his hands on the $64 million Nigerian inheritance he’d been led to believe he was getting. Con artists worked Haines over for years: from 2005 to 2008. They promised him that the fictional inheritance was from a Nigerian government official: a scam as old as dirt that’s known as the Nigerian prince scam. Now, thanks to the office of the Kansas Attorney General, he’s no longer where he was a decade ago: namely, wandering around the Wichita airport, waiting for a courier lugging chests stuffed with cash. Rather, Haines has been awarded the $110,000 he’d been scammed out of, courtesy of the wire service whose agents helped to scam him and so many others, and the US agencies that brought that wire service to court.

Google launches a podcast app for Android with personalized recommendations

Google today is introducing a new standalone podcast app for Android. The app, called simply Google Podcasts, will use Google’s recommendation algorithms in an effort to connect people with shows they might enjoy based on their listening habits. While podcasts have previously been available on Android through Google Play Music and third-party apps, Google says the company expects Podcasts to bring the form to hundreds of millions of new listeners around the world. (Google Listen, an early effort to build what was then called a “podcatcher” for Android, was killed off in 2012.)

Widely used D-Link modem/router under mass attack by potent IoT botnet

Malicious hackers are mass exploiting a critical vulnerability in D-Link DSL routers in an attempt to make them part of Satori, the potent Internet-of-things botnet that is used to take down websites and mine digital coins, researchers said. Attack code exploiting the two-year-old remote code-execution vulnerability was published last month, although Satori’s customized payload delivers a worm. That means infections can spread from device to device with no end-user interaction required. D-Link’s website doesn’t show a patch being available for the unindexed vulnerability, and D-Link representatives didn’t respond to an email seeking comment for this post.

Automakers are burning through billions in EV, AV race

The race to develop autonomous and electric vehicles could be a race to the bottom for the automotive industry — at least in the near-term. A new global study by consulting firm AlixPartners paints an ominous forecast for automakers in the next few years, a toxic cocktail of big spending and lots of competition mixed with softening sales in some markets and an unwillingness of consumers to fork over money for the tech. Last year, automakers spent $226 million — a 47 percent increase from 2012 — on electrification and autonomous vehicle technology. And AlixPartners predicts companies will spend $255 billion in R&D and capital expenditures globally by 2023 on electric vehicles. Some 207 electric models are set to hit the market by 2022.

Tesla sues former employee for allegedly stealing gigabytes of data, making false claims to media

The electric car maker said it is only beginning to understand all of former process technician Martin Tripp’s allegedly illegal activity. The suit said, Tripp “has thus far admitted to writing software that hacked Tesla’s manufacturing operating system (‘MOS’) and to transferring several gigabytes of Tesla data to outside entities.” The data include “dozens of confidential photographs and a video of Tesla’s manufacturing systems.” In addition to that, Tesla alleges Tripp wrote computer code to periodically export Tesla’s data to people outside the company.

Instagram Allows Longer Videos in Challenge to YouTube

Expanding further beyond its origins as an app for sharing pretty photos, Instagram said on Wednesday that it will now allow users to post videos up to an hour long, a feature that will thrust it into direct competition with YouTube and its own parent company, Facebook. At an event in San Francisco that was delayed about 45 minutes because of technical issues, Instagram said it was debuting IGTV, a new video section for videos that are shot vertically — which is how people typically record things on smartphones. The company said it would also begin offering IGTV as its own stand-alone app in the next few weeks.

Microsoft Employees Protest Work With ICE, as Tech Industry Mobilizes Over Immigration

In an open letter posted to Microsoft’s internal message board on Tuesday, more than 100 employees protested the software maker’s work with Immigration and Customs Enforcement and asked the company to stop working with the agency, which has been separating migrant parents and their children at the border with Mexico. “We believe that Microsoft must take an ethical stand, and put children and families above profits,” said the letter, which was addressed to the chief executive, Satya Nadella. The letter pointed to a $19.4 million contract that Microsoft has with ICE for processing data and artificial intelligence capabilities.

Related Posts