AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – March 7, 2019

1 U.S. Army Assures Public That Robot Tank System Adheres to AI Murder Policy

Last month, the U.S. Army put out a call to private companies for ideas about how to improve its planned semi-autonomous, AI-driven targeting system for tanks. In its request, the Army asked for help enabling the Advanced Targeting and Lethality Automated System (ATLAS) to “acquire, identify, and engage targets at least 3X faster than the current manual process.” But that language apparently scared some people who are worried about the rise of AI-powered killing machines. And with good reason. In response, the U.S. Army added a disclaimer to the call for white papers in a move first spotted by news website Defense One. Without modifying any of the original wording, the Army simply added a note that explains Defense Department policy hasn’t changed. Fully autonomous American killing machines still aren’t allowed to go around murdering people willy nilly. There are rules—or policies, at least. And their robots will follow those policies.


2 Some major Android apps are still sending data directly to Facebook

Major Android mobile apps from companies including Yelp and Duolingo send data that could be used to personally identify you for ad tracking straight to Facebook immediately upon logging in, according to a new report from the London-based UK charity and watchdog group Privacy International (PI). This data transfer happens even if a user isn’t logged into Facebook on that device and even in the event the user doesn’t have an active Facebook account at all. In addition to Yelp and Duolingo, PI found that two Muslim prayer apps, as well as a bible app and a job search app called Indeed, also sent similar data to Facebook that could be used to help identify users for ad targeting purposes when they browse the social network.


3 A Tesla driver appears to be sleeping on the highway in a Twitter video

The video was uploaded by Seth Blake, a guitarist for the band Wage War who said the Tesla vehicle was traveling at 75 mph on a highway when the video was filmed.  In the video, the driver is resting his head against the driver's-seat headrest and does not appear to be steering the vehicle. The driver appears to be using Autopilot, Tesla's semi-autonomous driver-assistance system, which can control functions such as steering, accelerating, and braking under some circumstances but requires the driver to be attentive and able to take control of the vehicle if needed. Tesla did not immediately respond to a request for comment.


4 Chinese hackers targeting universities for maritime technology

Chinese hackers have targeted nearly 30 universities around the world as part of an effort to steal research about maritime technology, The Wall Street Journal reported Tuesday. The news outlet cited research from iDefense, a cybersecurity intelligence unit of Accenture Security, that showed Chinese hackers have targeted the University of Hawaii, the University of Washington and the Massachusetts Institute of Technology, among others. There are reportedly at least two other universities in the U.S., Canada and Southeast Asia that have been targeted as part of the effort to acquire research about technology developed for military use.


5 DHS Telephone Numbers Used in Scam to Obtain Personally Identifiable Information and Extort Money from Victims

The perpetrators of the scam represent themselves as employees with “U.S. Immigration” or other government entities. They alter caller ID systems to make it appear that the call is coming from the DHS HQ Operator number (202-282-8000) or the DHS Civil Rights and Civil Liberties (CRCL) number (202-401-1474). The scammers obtain or verify personally identifiable information from their victims through various tactics, including by telling individuals that they are the victims of identity theft. The scammers also pose as law enforcement or immigration officials and threaten victims with arrest unless they make payments to the scammers using a variety of methods. The scammers have also emailed victims from email addresses ending in “uscis.org.” Many of the scammers reportedly have pronounced accents.


6 Ghidra, the NSA's open-sourced decompiler toolkit is released publicly

The NSA has released its home-grown open-source reverse-engineering suite Ghidra that folks can use to poke around inside applications to hunt down security holes and other bugs. Spoiler alert: it's Apache 2.0-licensed, available for download here, and requires a Java runtime – and the agency swears it hasn't backdoored the suite. Speaking at this year's RSA Conference in San Francisco on Tuesday, Rob Joyce, famed Christmas light hacker and cyber security adviser to the NSA director, unveiled the code-analysis software to a packed house. The agency hopes its open-source code will spark a renaissance in secure software research, he said, and reassured attendees that no dirty tricks are involved.


7 BEC Scammer Gang Takes Aim at Boy Scouts, Other Nonprofts

A Nigeria-based scammer gang dubbed “Scarlet Widow” has been launching email fraud attacks against thousands of targets – including universities, the Salvation Army, and Boy Scouts of America. Researchers with Agari detailed the attack during an RSA Conference session on Tuesday. They said the scammer group has been unleashing a slew of business email compromise (BEC) attacks against K-12 schools, universities and nonprofits around the world. “To launder its proceeds, Scarlet Widow is using Paxful, a U.S.-based peer-to-peer cryptocurrency exchange that allows it to move scammed funds beyond the reach of authorities within minutes,” researchers said. “Scarlet Widow and other West African scammers use this exchange to convert fraudulently obtained gift cards into cryptocurrency for 40 to 80 cents on the dollar.”


8 NSA may kill off mass phone spying program Snowden exposed

Luke Murry is national security advisor to House minority leader Kevin McCarthy (R-CA), and over the weekend told the Lawfare podcast (5 minutes in) that the US spying agency hasn't been using its system for blanket collection of US citizens' telephone metadata for the past six months "because of problems with the way in which that information was collected, and possibly collecting on US citizens." Murry then suggested the White House may simply drop the program, especially since it requires Congress to reauthorize it this December. "I'm not actually certain that the administration will want to start that back up given where they’ve been in the last six months," he said.


9 OpenAI and Google detail activation atlases, a technique for visualizing AI decision-making

Late last year, Google demonstrated that a popular model trained on an open-source image dataset struggled to recognize Asian brides in ethnic dress. More troublingly, MIT researchers recently accused Amazon’s Rekognition service of exhibiting racial and gender bias. In an effort to peel back the curtains on AI systems’ inner workings, scientists at Google and research firm OpenAI today detailed (and open-sourced) a technique that lays bare the component interactions within image-classifying neural networks. They call the visualization an activation atlas, and they say it’s intended to illustrate how those interactions shape the model’s decision-making.


10 Serious Chrome zero-day – Google says update “right this minute”

The reason that even the Chrome team are wading in with you’d-better-update warnings is the recent appearance of a zero-day security vulnerability, dubbed CVE-2019-5786, for which Google says it is “aware of of reports that an exploit […] exists in the wild.” To clarify. A vulnerability, or vuln for short, is a bug that makes software go wrong in a way that reduces computer security. An exploit is a way of deliberately triggering a vulnerability to sneak past a security control. There doesn’t seem to be a workaround, but if you make sure you’re up to date, you don’t need one because the bug will be squashed. Without a vulnerability to exploit, the exploit – rather obviously – isn’t and can’t, so patching is the ultimate fix for this one.


11 Disposing of Your Mobile Device

Mobile devices, such as smartphones, smart watches, and tablets, continue to advance and innovate at an astonishing rate. As a result, some people replace their mobile devices as frequently as every year. Unfortunately, people often do not realize how much personal data is on these devices. Below we cover what may be on your mobile device and how you should securely wipe it before disposing of it. If your mobile device was issued to you by your employer, or has any work data stored on it, be sure to check with your supervisor about proper backup and disposal procedures first.


12 Rush data breach exposes 45,000 patients

Rush System for Health says personal information for about 45,000 patients has been compromised. The health system disclosed in a financial filing that the data breach, which it learned about on Jan. 22, was due to an employee at one of its third-party claims processing vendors sharing a file containing patient information with an unauthorized party. While medical history was not disclosed, patient names, addresses, Social Security numbers, birth dates and health insurance information for those tens of thousands of patients was exposed. Hospital spokeswoman Deb Song said today the firm involved is Lombard-based MiraMed, and the breach is considered low risk since no personal financial information was disclosed. She added that all patients involved have been offered 12 months of identify protection services for free.


13 Huawei set to announce lawsuit against U.S. as it seeks to strike back

Huawei Technologies is set to announce a lawsuit on Thursday against the United States, ratcheting up its response to a campaign aimed at closing it out of Western markets for fear its telecoms equipment could be used by Beijing for spying. The privately owned firm has embarked on a public relations and legal offensive over the past two months as Washington lobbies allies to abandon Huawei when building fifth-generation (5G) mobile networks, centering on a 2017 Chinese law requiring companies cooperate with national intelligence work. Founder and Chief Executive Ren Zhengfei has said Huawei, the world’s biggest telecoms gear maker, has never and will never share data with China’s government.


14 Zuckerberg says Facebook's future is going big on private chats

Facebook Inc Chief Executive Mark Zuckerberg said on Wednesday the company would encrypt conversations on more of its messaging services and make them compatible, the latest sign that the world’s biggest social network sees its future in intimate online chats. Zuckerberg said in a post on his Facebook profile that within a few years direct messaging would dwarf discussion on the traditional, open platform of Facebook’s news feed, where public posts can go viral across the world. “Working towards implementing end-to-end encryption for all private communications is the right thing to do,” Zuckerberg said. He cautioned that details of the plan could change as the company consults experts throughout 2019.

Related Posts