Updates to Anti-Social Media
The Register: Sorry, Mr Zuckerberg isn’t in London that day. Or that one. Nope. I’d give up if I were you – “Facebook boss delays, denies and deflects more invitations to international committee …. The UK’s digital committee has been trying to get Mark Zuckerberg to have a chat with them since the Cambridge Analytica scandal broke in April. Its latest tactic is an “international grand committee” made up of parliamentary committees from five different nations” ”
My attention was drawn via an article from the Homeland Security News Wire – Using social media to weaken impact of terrorist attacks – to a report spearheaded by Cardiff University’s Crime and Security Research Institute and commissioned by the Five Country Ministerial (FCM) Countering Extremism Working Group, and called From Minutes to Months – A rapid evidence assessment of the impact of media and social media during and after terror events. According to the Executive Summary it centres on:
1. An overview of the relationships between terrorist violence and media, and
how these have been influenced by changes to the media ecosystem.
2. A brief outline of the key typical developments that take place in particular
time periods as one moves further away from the occurrence of the original
violence.
3. Recommendations for police, government and others involved in public
safety provision, in terms of what strategic communications postures they
can adopt to limit the impacts and harms of terror attacks.
Interesting stuff.
The Register: As if connected toys weren’t creepy enough, kids’ data could be used against them in future – “Watchdog tells manufacturers to reveal what they slurp on tots …. the UK’s Office of the Children’s Commissioner has said in a report warning of the long-term impact of amassing data on kids…. young folk will have sent out an average of 70,000 social media posts by the time they reach 18, while snap-happy parents will have uploaded 1,300 photos and videos of their offspring online before they become teenagers.”
Graham Cluley: On eve of US elections, Facebook blocked 115 accounts engaged in ‘coordinated inauthentic behavior’ – “In a statement posted on its website … Facebook explained that in the last year it has found and removed bad actors from the site on many occasions – based on its own internal investigations and information provided by law enforcement, and external experts.”
Updates to Cryptocurrency/Crypto-mining News and Resources
Matthieu Faou for ESET: Supply-chain attack on cryptocurrency exchange gate.io – “Latest ESET research shows just how far attackers will go in order to steal bitcoin from customers of one specific virtual currency exchange”
Brian Krebs: Busting SIM Swappers and SIM Swap Myths – “KrebsOnSecurity recently had a chance to interview members of the REACT Task Force, a team of law enforcement officers and prosecutors based in Santa Clara, Calif. that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims.”
Updates to GDPR page
Tomáš Foltýn for ESET: Attackers exploit flaw in GDPR-themed WordPress plugin to hijack websites – “The campaign’s goals aren’t immediately clear, as the malefactors don’t appear to be leveraging the hijacked websites for further nefarious purposes”
ThreatPost: GDPR’s First 150 Days Impact on the U.S. – “So, roughly 150 days after the passage of one of the most significant data privacy laws ever, how has it impacted U.S. companies’ privacy efforts? The reality is, not so much.”
Updates to Internet of (not necessarily necessary) Things
[Many of the Things that crop up on this page are indeed necessary. But that doesn’t mean that connecting them to the Internet of Things (or even the Internet of Everything) is necessary, or even desirable, given how often that connectivity widens the attack surface.]
Well, here’s a twist. For Sophos, Lisa Vaas cites an article in the Washington Post regarding a murder in New Hampshire in January 2017. The Post quotes documents that state:
The court finds there is probable cause to believe the server(s) and/or records maintained for or by Amazon.com contain recordings made by the Echo smart speaker from the period of Jan. 27 to Jan. 29, 2017… and that such information contains evidence of crimes committed against Ms. Sullivan, including the attack and possible removal of the body from the kitchen.
Lisa Vaas also tells us that this is at least the 2nd occasion on which “a court has demanded Alexa recordings so that a digital assistant can testify in a murder case.”
Lisa Vaas also drew my attention to an article from Pen Test Partners article Tracking and snooping on a million kids, which looks at the MiSafes ‘Kids Watcher’ tracking watch, which sounds like a reasonable idea in terms of keeping an eye on your children’s safety. However, it appears that the implementation is far from perfect, in several respects. If you’ve bought or are considering buying one of these, you need to read the article.
The Register: This one weird trick turns your Google Home Hub into a doorstop – “Secret API leaves door open for remote commands from other gadgets sharing its Wi-Fi”
The Register: As if connected toys weren’t creepy enough, kids’ data could be used against them in future – “Watchdog tells manufacturers to reveal what they slurp on tots …. the UK’s Office of the Children’s Commissioner has said in a report warning of the long-term impact of amassing data on kids…. young folk will have sent out an average of 70,000 social media posts by the time they reach 18, while snap-happy parents will have uploaded 1,300 photos and videos of their offspring online before they become teenagers.”
The Register: Creepy or super creepy? That is the question Mozilla’s throwing at IoT Christmas pressies – “‘Tis the season to be tracked by your connected water bottle”
The Register: Bruce Schneier: You want real IoT security? Have Uncle Sam start putting boots to asses – “”I challenge you to find an industry in the last 100 years that has improved security without being told [to do so] by the government.”
Graham Cluley for TripWire: Spam-spewing IoT botnet infects 100,000 routers using five-year-old flaw – “Analysts working at Qihoo 360’s Netlab team say that they first identified the new botnet in September 2018. They have dubbed it “BCMUPnP_Hunter” because of its exploitation of a security hole in the Broadcom UPnP SDK first discovered in 2013.””
Updates to Meltdown/Spectre and other chip-related resources
The Register: Another Meltdown, Spectre security scare: Data-leaking holes riddle Intel, AMD, Arm chips – “CPU slingers insist existing defenses will stop attacks – but eggheads disagree [….] “‘Speculative execution’ is often falsely used as an umbrella term…” they explain in a paper distributed through ArXiv on Tuesday.”
Danny Bradbury for Sophos: PortSmash attack steals secrets from Intel chips on the side – “The proof of concept code, called PortSmash, comes from researchers at Finland’s Tampere University of Technology and the Technical University of Havana, Cuba. It uses a category of exploit called a side channel attack, in which one program spies on another as it runs.”
Updates to Specific Ransomware Families and Types
The Register: Nice work if you can get it: GandCrab ransomware nets millions even though it has been broken – “”Considering the lowest ransom note is $600 and almost half of infected victims give in to ransomware, the developers might have made at least $300m in the past couple of months alone,” says BitDefender’s Liviu Arsene.”
ZDNet: New SamSam ransomware campaign aims at targets across the US
“Hackers behind powerful file-locking malware with high ransom demands continue to target organisations they find vulnerable to attacks.”
David Bisson for Tripwire: Kraken Ransomware Now Being Distributed by Fallout Exploit Kit
Updates to Tech support scams resource page
Jérôme Segura for Malwarebytes: Browlock flies under the radar with complete obfuscation – “Browlocks are the main driving force behind tech support scams, using a combination of malvertising and clever browser locker tricks to fool users. [….] Recently we’ve seen the “evil cursor” that prevents you from closing the fake alert, and the fake virus downloadthat insinuates your computer is already infected. This time, we look at how browser locker pages use encoding to bypass signature-based detection.”
Updates to Mac Virus
Apple and Android updates 17th November 2018
- iPhone X, Galaxy S9, Xiaomi Mi6 Fall at Pwn2Own Tokyo
- ESET: Google’s data charts path to avoiding malware on Android
- Android security patches
- Apple Watch patch
- iOS 12.1 lockscreen bypass
- Krebs on SIM-swapping
David Harley