Security daily (05-06-2020)

Facebook removed white nationalist accounts encouraging guns at anti-racist protests

Facebook removed multiple account networks connected with white nationalist hate groups that encouraged members to bring guns to anti-racism demonstrations throughout the United States. The social media company said Friday it removed sites affiliated with the Proud Boys and American Guard, which have been designated as extremist hate groups by the Southern Poverty Law Center and the Anti-Defamation League, respectively. Facebook removed roughly 30 accounts and 30 Instagram accounts belonging to the Proud Boys, which has appeared at white supremacist rallies like the Charlottesville demonstration in 2017. They also removed approximately 80 accounts and roughly 50 Instagram accounts from American Guard, who have advocated violence against immigrant and refugee communities. Both groups previously had been banned from Facebook, according to Brian Fishman, the company’s director of counterrorism and dangerous organizations. Facebook staff that had been monitoring both networks in an attempt to map their connections accelerated the account removals as […] The post Facebook removed white nationalist accounts encouraging guns at anti-racist protests appeared first on CyberScoop. (CyberScoop)

Ransomware crooks attack Conduent, another large IT provider

A ransomware attack disrupted IT services company Conduent’s work with its clients last week, another example of digital extortionists targeting key technology suppliers. Conduent, which reported $4.5 billion in revenue last year and provides IT services in sectors such as health care and banking, had its European operations temporarily hampered, spokesman Sean Collins said. The incident occurred on May 29. Most systems were functioning nine hours later on that same day, and all have since been restored, he said. It was unclear which Conduent clients were affected by the disruption. Collins did not respond to a question on which clients were affected. The notorious set of hackers behind the Maze ransomware variant claimed responsibility. Like a lot of crooks involved in ransomware, the Russian-speaking Maze affiliates are not one group, but several distinct teams that specialize in writing code or breaching networks. If confirmed, it would be at least the second […] The post Ransomware crooks attack Conduent, another large IT provider appeared first on CyberScoop. (CyberScoop)

GAO: Cyber Command is overspending on data tools

One of the major initiatives that U.S. Cyber Command has been working on for two years is going to cost five times more than what military officials originally estimated, according to a Government Accountability Office report. The program, a software platform called Unified Platform (UP), is meant to help forces and military services working with Cyber Command to reduce the amount of data silos, and to streamline data processing, storage, queries, and information-sharing to enhance overall mission effectiveness. One of the main contributing factors to the miscalculation is that the overall cost of UP was not based on any independent analysis, GAO found. “UP did not have several key elements of its business case approved at the time of program initiation, such as approved requirements, a cost estimate informed by independent analysis, or a formal schedule risk assessment,” the GAO said. “Our prior work has shown that this type of […] The post GAO: Cyber Command is overspending on data tools appeared first on CyberScoop. (CyberScoop)

S2 Ep42: Apple auth attack, Octopus Scanner, Escobar escapades – Naked Security podcast

The latest Naked Security podcast is out now! (Naked Security)

Botnet blasts WordPress sites with configuration download attacks

A million sites attacked by 20,000 different computers. (Naked Security)

How to Enable Offline Chat Communications Over Wi-Fi with an ESP32

PirateBox is a great way to communicate with others nearby when cellular and Wi-Fi networks aren't available. With it, you can anonymously share any kind of media or document and even talk to one another by voice — without being online. However, it needs a Raspberry Pi, which is more expensive than ESP32 boards, and if you only need a text-based chat, there's a much simpler option.

With a cheap ESP32 microcontroller and the ChatterBox sketch for Arduino, you can create an offline anonymous chat server for communicating with others via text. As long as they can connect to the ESP32's network... more (Null Byte « WonderHowTo)

Build an Off-Grid Wi-Fi Voice Communication System with Android & Raspberry Pi

When you don't have a steady cellular signal or immediate Wi-Fi access but need to communicate with others around you, you can set up an off-the-grid voice communications network using a Raspberry Pi and an Android app.

There are apps such as Bridgefy that will create a mesh network to communicate with other devices over Bluetooth. Still, when you're traveling in a convoy and want to message people in other vehicles, all the metal will make that nearly impossible. Even in situations where you're outside, but there are a lot of obstructions to block a Bluetooth signal, you're better off using... more (Null Byte « WonderHowTo)

U.S. Nuclear Contractor Hit With Maze Ransomware, Data Leaked

(News ≈ Packet Storm)

Combat Drone To Compete Against Piloted Plane

(News ≈ Packet Storm)

Iran And China Backed Phishers Try To Hook Candidate Campaigns

(News ≈ Packet Storm)

QNAP NAS Devices Targeted In Ransomware Attacks

(News ≈ Packet Storm)

Evasion Tactics in Hybrid Credit Card Skimmers

The most common type of Magento credit card stealing malware is client-side JavaScript that grabs data entered in a checkout form and sends it to a third-party server controlled by the attackers. Though popular with bad actors, one of the drawbacks of this approach is that it’s possible to track requests to suspicious servers if you monitor the traffic generated by checkout pages — or any other infected pages. A lesser-known, but still very popular, type of skimmer can instead be found harvesting information server-side. Continue reading Evasion Tactics in Hybrid Credit Card Skimmers at Sucuri Blog. (Sucuri Blog)

FTC Slams Children’s App Developer for COPPA Violations

Children's app developer HyperBeard must pay $150,000 after the FTC claimed it violated privacy laws. (Threatpost)

Electrolux, Others Conned Out of Big Money by BEC Scammer

Kenenty Hwan Kim has pleaded guilty to swindling the appliance giant and other companies in a set of elaborate schemes. (Threatpost)

News Wrap: Fake Minneapolis Police Breach, Zoom End-To-End Encryption Debate

Threatpost editors discuss debunked reports of a Minneapolis police department breach and Zoom announcing only paying users would get end-to-end encryption. (Threatpost)

WhatsApp Phone Numbers Pop Up in Google Search Results — But is it a Bug?

A researcher found that phone numbers tied to WhatsApp accounts are indexed publicly on Google Search creating what he claims is a “privacy issue” for users. (Threatpost)


/security-daily/ 06-06-2020 23:44:21