AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – March 21, 2019

1 Volvo will use in-car cameras to combat drunk and distracted driving

Volvo said on Wednesday it will use cameras installed inside its vehicles to monitor driver behavior and intervene if the driver appears to be drunk or distracted. It’s a risky move by an automaker, even one with a reputation for safety like Volvo, which could raise concerns among privacy advocates. Volvo’s in-car cameras will monitor eye movements to gauge driver distraction and / or intoxication. If a driver looks away for a period of time, such as at a smartphone, or fails to keep their hands on the steering wheel, a representative from Volvo’s on-call assistance centers will call them to check in. Drivers who aren’t watching the road, or even have their eyes closed, will be warned as well. If they don’t respond, the car will slow and even stop. The system will roll-out to all Volvo cars by early 2020.


2 AT&T, Comcast successfully test SHAKEN/STIR protocol for fighting robocalls

AT&T and Comcast announced today that they've successfully tested what they believe to be the first SHAKEN/STIR-authenticated call between two different telecom networks. SHAKEN/STIR stands for Signature-based Handling of Asserted Information Using toKENs (SHAKEN) and the Secure Telephone Identity Revisited (STIR), and is a protocol for authenticating phone calls with the help of cryptographic certificates. The protocol was created to address the problem of call spoofing –calls that claim to come from a number or network, but they don't.


3 Fake eBay Ad in Google Search Led to Tech Support Scams

A fake advertisement in the Google search results has been running for the past week that looked just like a legitimate ad for eBay. When you clicked on it, though, instead of being brought to the auction site you would be shown an incredibly annoying tech support scam that would try to lock up your browser. Tech support scams have long been the bane of search engines as they have become very adept at masquerading as legitimate companies. In this particular case, the tech support scammers were instead masquerading as another site utilizing a method called cloaking, which is used by scammers to bypass Google's, Bing's and other search engine's ad review process.


4 Child-friendly search engines: How safe is Kiddle?

The idea behind kid-friendly search engines like Kiddle is to make use of Google’s SafeSearch options and a thick layer of other filters to sanitize search engine results from any potentially inappropriate websites or images. This seems like a gift from the heavens for children learning how to use the internet at home, or for students that need access to lightly supervised internet time at school. Kiddle also specifically offers a “Kimages” search option, which returns images that are all free to use under the Creative Commons Attribution-ShareAlike license (a feature that, frankly, many adults might find useful as well). Ultimately, since these search engines are not hand-curating every single search engine result, it is always technically possible for something naughty or age-inappropriate to sneak past even the most stringent of filters.


5 Payment Card Thieves Slip into MyPillow and AmeriSleep Bedding Sites

One of the biggest threats facing online retailers are malicious scripts that attackers add to checkout pages in order to steal customer payment information. A new report released today details how the bedding sites MyPillow.com and Amerisleep.com were targeted with these types of of attacks. These types of attacks are called MageCart and have affected a large amount of well known online retailers such as NewEgg, TicketMaster, OXO, and British Airways. To pull off the attacks, bad actors will hack web sites to add malicious Javascript to the checkout pages or perform supply-chain attacks against popular third-party JavaScript libraries. Once the malicious script has been added to a site, it will steal customer and payment information from checkout pages when information is submitted. This data is then sent to a remote server where the attackers can retrieve it.

Related Posts