AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – June 27, 2018

FireEye Denies Hacking Back Against Chinese Cyberspies

In his latest book, New York Times correspondent David Sanger describes how cybersecurity firm Mandiant hacked into the devices of Chinese cyberspies during its investigation into the threat group known as APT1. Mandiant, now owned by FireEye, published its famous report on APT1 back in 2013 when it was led by CEO Kevin Mandia. The company at the time released information apparently showing that the Chinese military had been conducting sophisticated cyber-espionage operations. In a statement published on Monday, FireEye admitted that Sanger was given access to the methods used by Mandiant to gather evidence of APT1’s ties to the Chinese military, but claims the reporter’s description “resulted in a serious mischaracterization of our investigative efforts.”

Wi-Fi Alliance introduces WPA3 and Wi-Fi Easy Connect

Today, a little over five months after it was announced in January, WPA3, a new Wi-Fi security protocol and the successor to WPA2, is finally official. The Wi-Fi Alliance, the nonprofit organization that certifies Wi-Fi networking standards, introduced a certification program for the two forthcoming flavors of WPA3 — WPA3-Personal and WPA3-Enterprise — alongside Wi-Fi Easy Connect, a new program that simplifies the process of pairing Wi-Fi devices without displays. “It’s the next generation of security for personal and enterprise networks,” Kevin Robinson, vice president of marketing at the Wi-Fi Alliance, told VentureBeat in a phone interview. “One of the most important roles for the Wi-Fi Alliance is to ensure that the industry is staying ahead of emerging threats.”

Eight Arrested in Africa-Based Cybercrime and Business Email Compromise Conspiracy

In accordance with the Justice Department’s recent efforts to disrupt business email compromise (BEC) schemes that are designed to intercept and hijack wire transfers from businesses and individuals, including many senior citizens, the Department announced Operation Keyboard Warrior, an effort coordinated by United States and international law enforcement to disrupt online frauds perpetrated from Africa.  Eight individuals have been arrested for their roles in a widespread, Africa-based cyber conspiracy that allegedly defrauded U.S. companies and citizens of approximately $15 million since at least 2012.

Testing Firefox Monitor, a New Security Tool

From shopping to social media, the average online user will have hundreds of accounts requiring passwords. At the same time, the number of user data breaches occurring each year continues to rise dramatically. Understandably, people are now more worried about internet-related crimes involving personal and financial information theft than conventional crimes. In order to help keep personal information and accounts safe, we will be testing user interest in a security tool that lets users check if one of their accounts has been compromised in a data breach.

Orlando abandons Amazon’s Rekognition facial technology

The City of Orlando, Florida today said that it’s ending a pilot program involving the use of Amazon’s Rekognition facial technology. The announcement comes a week after the American Civil Liberties Union (ACLU) and nearly 89 other groups protested the sale of the system to police officers. “Staff continues to discuss and evaluate whether to recommend continuation of the pilot at a further date,” the Orlando Police Department wrote in a statement issued jointly with the city. “At this time, that process is still ongoing and the contract with Amazon remains expired.” But the city and police department left open the possibility that they might pursue a contract at a future date.

IRS’ Rush to Secure Exposed Taxpayer Data Left It Vulnerable Again

In its rush to respond to a 2015 crisis that allowed scammers to access the personal information of more than 350,000 taxpayers, the Internal Revenue Service skipped required security plan updates and risk assessments. That haste may have left the already compromised taxpayer data vulnerable for years to come, according to an audit released Thursday.  IRS officials shut down the Get Transcript feature after they discovered the vulnerability. They also moved Get Transcript application logs—including taxpayers’ personal information—to the agency’s Cybersecurity Data Warehouse in Memphis where a team of 16 digital fraud analysts could comb through the data to spot instances of fraud. The IRS didn’t follow its own processes for ensuring taxpayer data would be safe inside the data warehouse, however, and didn’t document all the changes it made, according to the report from the Treasury Inspector General for Tax Administration.

‘Black hat’ extortionist thrown back in the clink after Yelp-slamming biz

A man previously sent down for trying extort a company with hacking threats has been thrown back behind bars for more than eight years for targeting that same business with negative reviews just weeks after being released. Stanley pled guilty to one count, and received a 37-month prison sentence, in January 2016. The then-53-year-old would be released to a halfway house later that year, only to be accused one month later of again targeting the firm with a negative Yelp review and an SEO-optimized blog page collecting and displaying negative articles about the financial outfit.

Google Earth’s New Tool Measures The Distance and Area of Locations on Earth

Google released an update to Google Earth today that allows you to measure the distance between two locations or the square feet of an area. Now when you get into an argument with a friend about how far apart two locations are or how large an area is, you can simply go to Google Earth and prove each other wrong. This new feature is being rolled out to Chrome later today, with Android coming later this week, and iOS in the near future. While it is not currently available to try, the screenshots in the announcement show that you can use the Measure Tool to measure the distance between two locations as well as get the square feet of a particular location.

New cybersecurity program to teach Burnaby students to foil hackers

A group of Burnaby students will soon have the skills to thwart online bad guys, thanks to a new cybersecurity program launching in the school district this fall. The Palo Alto Academy at Cariboo Hill Secondary will offer students a chance to learn about hacking methods – ransom ware, botnets and an array of other threats – and how to stymie them. By the end of the program, they will have globally recognized cyber-security technician certification. “With business cyber attacks occurring every 40 seconds and 1.5 million jobs forecast worldwide, students will be well equipped to gain immediate employment in an industry where entry-level salaries are higher than average,” states a district description of the program.

Comcast fixes another Xfinity website data leak

A little-known page on Comcast’s Xfinity website was exposing customers’ account information to anyone — or any app — on a customer’s network. An anonymous security researcher dropped ZDNet an email, explaining that an API used by the internet giant could be tricked into returning customer data, including account numbers, a customer’s home address (which can be used to pinpoint a person’s location), account type, and any services enabled on the line, including if a home security setup is active. Comcast shut down the API after we contacted the company Friday.


EARLY ON IN the study of quantum computers, computer scientists posed a question whose answer, they knew, would reveal something deep about the power of these futuristic machines. Twenty-five years later, it’s been all but solved. In a paper posted online at the end of May, computer scientists Ran Raz and Avishay Tal provide strong evidence that quantum computers possess a computing capacity beyond anything classical computers could ever achieve. They prove, with a certain caveat, that quantum computers could handle the problem efficiently while traditional computers would bog down forever trying to solve it. Computer scientists have been looking for such a problem since 1993, when they first defined a class of problems known as “BQP,” which encompasses all problems that quantum computers can solve.

Twitter fights spam by requiring new users to confirm their email or phone number

In a blog post, Twitter’s Yoel Roth and Del Harvey said that new users will now have to confirm either an email address or phone number when they sign up for the platform. This change will be rolled out later this year, and the company says that its two-year-old Trust and Safety Council will also be working with NGOs to “ensure this change does not hurt someone in a high-risk environment where anonymity is important.” The company will also start “auditing existing accounts for signs of automated sign up.”

Office of Cyberspace Reborn In Bill Approved by Senate Panel

The Senate Foreign Relations Committee voted today to advance bill H.R. 3776, the Cyber Diplomacy Act, which had already passed the House of Representatives in January. This bill outlines the restoration of the State Department’s Cyber Office under the new name of Office of Cyberspace and the Digital Economy. Also included in the bill is the reinstatement of a cyberspace head that was previously shuttered by Rex Tillerson. This new Head of the Office of Cyberspace will lead the Department of State’s diplomatic cyberspace efforts and “shall have the rank and status of ambassador and shall be appointed by the President, by and with the advice and consent of the Senate.” according to the bill.

Why Auto Loans Look Like Low-Hanging Fruit To Identity Thieves

So-called “synthetic” fraud, where thieves create a phony identity based in part on genuine customer information, is a growing problem in auto finance. “Synthetic is a massive problem in the marketplace,” said Ken Allen, senior vice president, identity and fraud, for Atlanta-based Equifax Inc., the consumer credit reporting agency. The other two main credit bureaus are Experian, with U.S. headquarters in Costa Mesa, Calif., and TransUnion, Chicago. The credit bureaus maintain and constantly update individual consumers’ credit histories. Lenders use the data to help gauge how likely someone is to repay a loan. Ironically, part of what’s driving identity thieves to go after auto loans is the fact that chip-equipped credit cards have made credit-card fraud more difficult. That makes auto finance fraud a path of less resistance, experts said.

Microsoft’s improved Face API more accurately recognizes a range of skin tones

With the improvements, the Redmond company said, it was able to reduce error rates for men and women with darker skin by up to 20 times, and by 9 times for women. For years, researchers have demonstrated facial ID systems’ susceptibility to ethnic bias. A 2011 study found that algorithms in China, Japan, and South Korea had more trouble distinguishing between Caucasian faces than faces of East Asians, and a separate study showed that widely deployed facial recognition tech from security vendors performed 5 to 10 percent worse on African American faces. To tackle the problem, researchers at Microsoft revised and expanded Face API’s training and benchmark datasets and collected new data across skin tones, genders, and ages. It also worked with experts in artificial intelligence (AI) fairness to improve the precision of the algorithm’s gender classifier.

Why Bitcoin’s about to give up one of its closely guarded secrets

Roll up, roll up for the big reveal – the Bitcoin Core developers are finally set to unveil the not-as-secret-as-it-should-be private key that allows them to send messages to everyone on the entire Bitcoin network. The long-delayed disclosure is the final nail in the coffin for Bitcoin’s alert system, an unwanted relic from its past that’s been undergoing a slow and careful send off for a couple of years now. The drum roll was started by Bitcoin Core developer Bryon Bishop who recently tweeted that “It’s time to reveal the bitcoin alert keys”, before telling CoinDesk that he’s thinking of doing it at next week’s Building on Bitcoin conference. The alert system was created by Satoshi Nakamoto, the software’s pseudonymous creator, to relay important information about Bitcoin to its users.

Related Posts