AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – March 15, 2019

The Defense Department’s cyber warriors shouldn’t be too concerned about artificial intelligence taking their jobs, according to their commander. Instead, U.S. Cyber Command is looking for troops able to wield AI like a weapon. During a budget hearing Wednesday held by the House Armed Services Subcommittee on Intelligence and Emerging Threats and Capabilities, Rep. Anthony Brown, R-Md., asked the Pentagon’s cyber leadership whether AI could help reduce the demand for cyber talent. “AI and machine learning certainly has a place as we look at some of the activities that we are doing day in and day out,” CYBERCOM Commander Gen. Paul Nakasone told the subcommittee. “But I would offer, the people that make AI go, the people who make sure that our algorithms are right for machine learning, they’re the folks that I’m most focused on.”


2 Three in Five Politicians’ Websites Don’t Use HTTPS

Security and politics have become so intertwined since the 2016 presidential election that research group Comparitech decided it was time to look into the security of politicians’ websites. What they found is alarming: Three in five politicians' websites lack basic HTTPS security, according to their new study. "It's really easy for fraudsters to set up a phishing site and collect money," Bischoff says. "There needs to be a push for the politicians to lead by example and make their sites more secure." In conducting the research, the Comparitech team went old-school, Bischoff says, combing websites one-by-one to see whether the URLs contained HTTPS. The researchers only searched for the websites of politicians, not political parties or government agencies.


3 39% of all existing Counter-Strike 1.6 game servers online are malicious

The game Counter-Strike 1.6 was developed by Valve Corporation in 2000. Roughly 20,000 players are using official Counter-Strike 1.6 clients, while the overall number of game servers registered on Steam is over 5,000. Threat actors have set-up the servers in the attempt of hacking gamers’ computers worldwide by exploiting zero-day vulnerabilities in the game client. The owners of many servers raise money from players by selling various privileges, such as access to weapons and protection against bans. “Some server owners advertise themselves independently, while others purchase server promotion services from contractors. Having paid for a service, customers often remain oblivious as to how exactly their servers are advertised.”


4 T-Mobile Reveals More Location Data Abuse Following Questions from Senator Wyden

Since January, Motherboard has reported on a series of abuses with phone location data from major US telecommunications companies. Most recently, we reported how stalkers and people with a history of domestic violence were tricking telecom companies into providing location data by simply impersonating US law enforcement officials on the phone or over email. Now, in response to questions from Senator Ron Wyden, T-Mobile has revealed another case of abuse, in which a “bad actor” acquired location information without consumer consent, according to a letter from T-Mobile to Wyden and obtained by Motherboard. “It is now abundantly clear that you have failed to be good stewards of your customers’ private location information,” Senator Wyden wrote in another letter Wednesday addressed to all of the major telecoms.


5 Ad Network Sizmek Probes Account Breach

Online advertising firm Sizmek Inc. [NASDAQ: SZMK] says it is investigating a security incident in which a hacker was reselling access to a user account with the ability to modify ads and analytics for a number of big-name advertisers. In a recent posting to a Russian-language cybercrime forum, an individual who’s been known to sell access to hacked online accounts kicked off an auction for “the admin panel of a big American ad platform.” “You can add new users to the ad system, edit existing ones and ad offers,” the seller wrote. The starting bid was $800. The seller included several screen shots of the ad company’s user panel. A few minutes on LinkedIn showed that many of these people are current or former employees of Sizmek.


6 Microsoft to start nagging users in April about the January 2020 Windows 7 end-of-support deadline

Just like it did when Windows XP support was ending back in 2014, Microsoft is readying pop-up notification screens that it will start showing to users still running Windows 7. Beginning some time in April 2019, Microsoft will start reminding users that the company will no longer provide free support for Windows 7 after January 14, 2020. Microsoft's March 12 blog post about the coming "courtesy reminder" about Windows 7's end of support notes that users will see the notification "a handful of times in 2019." The notifications will include a user-selectable checkbox for "do not notify me again," enabling them not to see any future reminders. Just closing the pop-up using the X in the right corner won't prevent users from getting more of these notifications, however.


7 New bill would give parents an ‘Eraser Button’ to delete kids’ data

Two US senators on Tuesday proposed a major overhaul of the Children’s Online Privacy Protection Act (COPPA) that would give parents and kids an “Eraser Button” to wipe out personal information scooped up online on kids. The bipartisan bill, put forward by Senators Edward J. Markey (D-Mass.) and Josh Hawley (R-Mo.), would also expand COPPA protection beyond its current coverage of children under 13 in order to protect kids up until the age of 15. The COPPA update also packs an outright ban on targeting ads at children under 13 without parental consent, and from anyone up until the age of 15 without user consent. The bill also includes a “Digital Marketing Bill of Rights for Minors” that limits the collection of personal information on minors.


8 Facebook Blames Protracted Outage on a 'Server Configuration Change'

Small outages are not unusual, even for sites of this size—although, in recent memory, protracted inaccessibility of major services is more often caused by backbone outages. The cause for Facebook, Instagram, and Oculus’s long (and probably costly) goof? Allegedly, some sort of “server configuration change,” according to a company post on competing social network Twitter. Reached for comment, Facebook spokesperson Travis Reed reiterated most of the tweeted statement verbatim but noted that “we made a server configuration change that triggered a cascading series of issues,” a welcome clarification that implies the server change was not caused by someone outside the company.


9 Lawmakers want data on the number of times Senate computers have been hacked

The Senate should have an annual tally of when its computers and smartphones have been breached in order to better inform congressional cybersecurity policy, a pair of bipartisan senators says in a letter sent Wednesday to the Senate Sergeant at Arms. Describing Congress as a perennial target for hackers, Sens. Tom Cotton, R-Arkansas, and Ron Wyden, D-Oregon, have asked the Senate Sergeant at Arms (SAA) to be transparent in providing lawmakers with information about the scale of successful hacks of Senate devices, including smartphones. They want annual reports sent to each senator with aggregate data on compromises of computers and other breaches of sensitive Senate data. The senators also asked the SAA to notify the Senate leadership, along with members of the rules and intelligence committees, within five days of breaches to Senate computers being discovered.


10 Hacking 10 percent of self-driving cars would cause gridlock in NYC

If someone can hack one car, what happens if they manage to hack many at once in a major metropolitan city? That question inspired scientists at the Georgia Institute of Technology to quantify the likely impact of such a large-scale hack on traffic flow in New York City. Skanda Vivek, a postdoctoral researcher at Georgia Tech, described the study's findings at the American Physical Society's 2019 March meeting, held last week in Boston. Worst-case scenario: a small-scale hack affecting just ten percent of cars on the road would be sufficient to cause city-wide gridlock, essentially cutting half of Manhattan off from the rest of the city. And unlike compromised data, compromised vehicles can lead to physical injury.


11 N.S. government confident 600 missing files from data breach destroyed

More than 600 files downloaded as part of the largest information breach ever in Nova Scotia appear to have been destroyed without having been shared. That's the conclusion reached by a senior government official after receiving word about an internal investigation by the Atlantic School of Theology, the location where the information was downloaded using the institution's public WiFi network. "AST has indicated to us that there is a very high probability that the 600 files downloaded there have been contained, and they confirmed that there were no files found on their equipment that were private in nature," Jeff Conrad, the deputy minister of internal services, told a legislature committee Wednesday.

Related Posts