Security daily (11-02-2021)

Warrantless searches of devices at border allowed, appeals court finds

The U.S. Court of Appeals for the First Circuit ruled earlier this week that Customs and Border Protection agents may conduct warrantless searches of cellphones and electronic devices at the U.S. border, in a ruling that is already raising privacy questions among digital rights advocates. The decision, issued by a panel of judges and authored by Judge Sandra Lynch, states that the government’s interest in searching persons at the border is “at its zenith,” therefore trumping privacy concerns. “Electronic device searches do not fit neatly into other categories of property searches, but the bottom line is that basic border searches of electronic devices do not involve an intrusive search of a person,” Lynch writes. The decision is at odds with an earlier district court finding that these kinds of searches violate the Fourth Amendment because there’s no assurance there is a “reasonable suspicion” that the devices in question contained digital […] The post Warrantless searches of devices at border allowed, appeals court finds appeared first on CyberScoop. (CyberScoop)

Biden administration pauses Trump's plans to ban WeChat, TikTok

President Joe Biden is giving a reprieve to Chinese apps that his predecessor’s administration had put on the defensive. On Thursday, the Commerce Department said in a court filing that it was reviewing the Trump administration’s bid to ban WeChat. It comes one day after a similar court filing where Commerce said it was reviewing the proposed ban on TikTok, and after the Biden administration has reportedly “indefinitely” placed on hold the plans to force the sale of TikTok’s American division to Oracle and Walmart. In Thursdays’ filing, the department asked the Ninth Circuit Court of Appeals to pause a court case challenging the WeChat ban, which the Trump administration sought to implement in response to what it deemed the national security threat the app posed. “As the Biden Administration has taken office, the Department of Commerce has begun a review of certain recently issued agency actions, including the Secretary’s […] The post Biden administration pauses Trump's plans to ban WeChat, TikTok appeared first on CyberScoop. (CyberScoop)

Food-delivery fraudsters deploy hacked accounts, stolen credit card info to skim from orders

Food delivery apps have taken off during the pandemic, and it looks like fraudsters have taken notice. Fraud detection company Sift said Thursday it has seen a rash of scams within the chat app Telegram that target restaurants and delivery apps for theft. It’s a low-level grift that goes like this: The fraudsters advertise in Telegram forums that they can illicitly buy food orders at steep discounts, around 60%-75% off. Diners send a direct message with a screen shot of their food app shopping cart and delivery address. The diner then pays the fraudster for the discounted meal in cryptocurrency, and the fraudster in turn covers the full cost through a new account, stolen credit card information or a hacked account. Diners get their food at a discount, restaurants are stuck with bogus payments, and the crooks get away with a profit. And all of it happens in a chat […] The post Food-delivery fraudsters deploy hacked accounts, stolen credit card info to skim from orders appeared first on CyberScoop. (CyberScoop)

Proofpoint sues Facebook over dummy sites used for anti-phishing training

Proofpoint has filed a lawsuit against Facebook arguing that it should be allowed to use domains that imitate the Facebook and Instagram brands to test customers’ ability to avoid online scams. Cybercriminals often imitate popular brands’ sites, including Facebook and Instagram, to dupe unsuspecting users, then pilfer their credentials or distribute malware. Proofpoint is one of several security companies that provides customers with phishing training that includes look-alike domains of popular brands in order to test clients’ wits on avoiding common cons. By sending messages that appear to be from “Instagrarn” rather than “Instagram,” for instance, Proofpoint and other email security firms test clients’ ability to detect attacks. Social media sites, particularly Facebook and Instagram, are typically among the top most imitated in criminals’ so-called typo-squatting schemes, according to Palo Alto Networks research published in September. The suit, filed Tuesday in an Arizona district court, is a countersuit to Facebook’s […] The post Proofpoint sues Facebook over dummy sites used for anti-phishing training appeared first on CyberScoop. (CyberScoop)

Romance scam victims reported $304 million in fraud in 2020, a new high

Deceptive online behavior prompted plenty of emotions last year. Anger, fear, anxiety, frustration — take your pick. Just don’t forget heartbreak. Exactly how much heartbreak? The Federal Trade Commission’s scam-tracking team doesn’t monitor emotions, but it does collect complaints from people who say they were victims of romance scams. In 2020, they were worth a record $304 million — an increase of about 50% over the previous year. Some of the fraud was initiated through dating apps, the FTC said, as people flocked to them during months of stay-at-home orders during the coronavirus pandemic. But social media was an even greater source, the agency said. “Scammers fabricate attractive online profiles to draw people in, often lifting pictures from the web and using made up names. Some go a step further and assume the identities of real people,” the FTC said. “Once they make online contact, they make up reasons not […] The post Romance scam victims reported $304 million in fraud in 2020, a new high appeared first on CyberScoop. (CyberScoop)

Pro-India hacking group expands mobile malware arsenal

A pro-India hacking group has been using two kinds of invasive Android surveillance software to spy on hundreds of victims’ cell phones for years, according to Lookout research published Thursday. The malware, which the researchers have dubbed SunBird and Hornbill, are capable of exfiltrating several kinds of sensitive data, including text messages, call logs, contacts, the contents of encrypted messaging applications and target geolocation. The spyware also allows hackers to take pictures with the targets’ cameras or take screenshots of their devices, according to the research. It’s the kind of information that could reveal targets’ most sensitive and secretive day-to-day lives. In order to assess the scope of the operation and its victims, Lookout researchers examined 18GB of data that were incidentally exposed as a result of the hackers insecurely configuring command and control servers. Overall, the attackers targeted 156 victims with phone numbers from India, Pakistan and Kazakhstan over […] The post Pro-India hacking group expands mobile malware arsenal appeared first on CyberScoop. (CyberScoop)

S3 Ep19: Chrome zero-day, coffee hacking and Perl.com stolen [Podcast]

Latest episode (includes 111,848 "free" cups of coffee) - listen now! (Naked Security)

This VPN Will Give You a Lifetime of Security for Just $18

With everything the last year has thrown at us, the odds are good that you've had to start working from home, complete with all-new challenges both for you and the technology you use.

In 2020, 88% of the organizations worldwide made it mandatory for employees to start working from home to reduce the risk of exposure to COVID-19. Working from home comes with its own new challenges, and one of the most significant new hurdles to leap is security. At work, you had the comfort of knowing your privacy and security were a package deal. Now that you're relying on your own technology, things become a... more (Null Byte « WonderHowTo)

Hacker Sets Alleged Auction For Witcher 3 Source Code

(News ≈ Packet Storm)

Researchers Identify 223 Vulns Used In Ransomware Attacks

(News ≈ Packet Storm)

PayPal Fixed A Cross Site Scripting Vulnerability

(News ≈ Packet Storm)

KeepChange Said It Stopped Hackers From Stealing User Funds, But Not Personal Data

(News ≈ Packet Storm)

Pre-Valentine’s Day Malware Attack Mimics Flower, Lingerie Stores

Emails pretending to confirm hefty orders from lingerie shop Ajour Lingerie and flower store Rose World are actually spreading the BazaLoader malware. (Threatpost)

Celeb SIM-Swap Crime Ring Stole $100M from U.S. Victims

The attackers ported victims' cell phone lines and then defeated 2FA to access accounts and apps. (Threatpost)

How Email Attacks are Evolving in 2021

The money being wire transferred by business email compromise victims is on the rise, as cybersecurity criminals evolve their tactics. (Threatpost)

Various Malware Lurks in Discord App to Target Gamers

Research from Zscaler ThreatLabZ shows attackers using spam emails and legitimate-looking links to gaming software to serve up Epsilon ransomware, the XMRrig cryptominer and various data and token stealers. (Threatpost)

Military, Nuclear Entities Under Target By Novel Android Malware

The two malware families have sophisticated capabilities to exfiltrate SMS messages, WhatsApp messaging content and geolocation. (Threatpost)


/security-daily/ 12-02-2021 23:44:23