Security daily (31-07-2020)

AWS achieves FedRAMP JAB High and Moderate provisional authorization across nine additional services in AWS US Regions

We are pleased to announce that Amazon Web Services (AWS) has achieved FedRAMP JAB authorization on an additional nine AWS services. These services provide capabilities that enable your organization to: Assemble and deploy serverless architectures in powerful new ways using AWS Serverless Application Repository Simplify application delivery and complete workload migration to the cloud using […] (AWS Security Blog)

Another guilty plea in $568 million Infraud crime ring

A Moldovan man on Friday became the second person in as many months to plead guilty to being part of Infraud, a $568 million cybercriminal enterprise that stole payment cards and personal data from around the world, the U.S. Department of Justice said. 30-year-old Valerian Chiochiu, who allegedly trained Infraud members on writing and deploying malware, appeared before a judge in federal court in Nevada, U.S. officials said. Chiochiu’s guilty plea follows that of Sergey Medvedev, a 33-year-old Russian, who is accused of being the group’s co-founder. The pleas are part of the ongoing U.S. effort to prosecute Infraud, which Department of Justice officials say victimized people in all 50 states. At its height, Infraud aspired to be the internet’s top spot for “carding,” or buying things with stolen credit card data. It amassed more than 10,000 members, and claimed to only allow vetted vendors of stolen data to advertise […] The post Another guilty plea in $568 million Infraud crime ring appeared first on CyberScoop. (CyberScoop)

Lawmakers call for FTC investigation of data brokers enabled by online ad industry

A group of 10 U.S. lawmakers on Friday asked the Federal Trade Commission to investigate companies that sell Americans’ personal data by exploiting online advertising, calling for any lawbreaking firms to be shut down. The lawmakers, including Sens. Ron Wyden, D-Ore., and Bill Cassidy, R-La., decried the data-selling practices as an “outrageous privacy violation,” citing reports that Mobilewalla, a data broker, compiled data from Black Lives Matter protestors for marketing purposes. The broader market for consumers’ personal data is lucrative, and includes a bidding process for online ads that include code for gobbling up information on users’ locations and personal devices. The lawmakers want the FTC to use its investigative power to determine if data brokers have broken a federal law that prohibits “unfair and deceptive” business practices. An FTC spokesperson declined to comment. “[T]here is no effective way to control these tools absent intervention by regulators and Congress,” the lawmakers wrote to FTC Chairman Joseph Simons. “Technological […] The post Lawmakers call for FTC investigation of data brokers enabled by online ad industry appeared first on CyberScoop. (CyberScoop)

Accused Twitter hacker arrested in Florida; two others charged

Florida police have arrested a 17-year-old male and the Department of Justice has charged two others for their alleged roles in a breach where attackers seized control of high-profile Twitter accounts to push an apparent bitcoin scam. The state attorney in Hillsborough County, Florida, announced Friday that Graham Ivan Clark “was the mastermind” of the July 15 Twitter breach. In that incident, hackers leveraged accounts belonging to former President Barack Obama, Democratic presidential candidate Joe Biden, Tesla founder Elon Musk and others in an attempt to convince millions of followers to send bitcoin to a particular wallet. The Department of Justice (DOJ) also announced charges against two other individuals in connection with the breach. Mason Sheppard, a 19-year-old man living the U.K., was charged with conspiracy to commit wire fraud; conspiracy to commit money laundering; and the intentional access of a protected computer. Another Florida man, Nima Fazeli, was charged with […] The post Accused Twitter hacker arrested in Florida; two others charged appeared first on CyberScoop. (CyberScoop)

Republican momentum builds for bills requiring encryption circumvention

Republican lawmakers are pushing more legislation on Capitol Hill that would require technology companies give law enforcement access to encrypted devices and services. Rep. Ann Wagner, R-Mo., introduced a bill on Thursday (H.R. 7891) to serve as a companion to a Senate bill that would require manufacturers of encrypted devices and service providers to be able to decrypt data after a court issues a warrant for user communications. Sens. Lindsey Graham, R-S.C., Marsha Blackburn, R-Tenn., and Tom Cotton, R-Ark., co-sponsored the Senate version of the bill, which they have touted as a way to stop child abusers and terrorists who seek to evade law enforcement attention through using encrypted services and devices. It’s just the latest series of GOP-backed bills introduced in the last year on Capitol Hill, including the EARN IT Act, that could degrade encryption’s security and privacy benefits at the peril of all users, for the benefit of some […] The post Republican momentum builds for bills requiring encryption circumvention appeared first on CyberScoop. (CyberScoop)

Hackers breached Twitter accounts by targeting employees by phone

Twitter says the people who took over the accounts of high-profile users in order to launch a bitcoin scam used tactics focused on phones to trick company employees into giving them access. The attackers targeted a “small number of employees through a phone spear phishing attack,” Twitter said in a statement Thursday. Not all the affected employees had access to account management tools, the company said, but hackers used their credentials to gather information about Twitter’s internal processes. They then used that reconnaissance data to inform attacks on Twitter personnel with deeper access. “This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems,” the company said in a blog post. The update clarifies some of the events around a July 15 breach in which attackers took over accounts belonging to former president Barack Obama, Amazon chief […] The post Hackers breached Twitter accounts by targeting employees by phone appeared first on CyberScoop. (CyberScoop)

Twitter says a “phone spear phishing” attack helped hackers – what’s that?

What’s a phone spear phishing attack? Twitter shares some more details related to its serious security breach earlier this month which saw celebrity accounts tweeting a cryptocurrency scam. (Graham Cluley)

Travel company CWT avoids ransomware derailment by paying $4.5m blackmail demand

US travel company CWT has reportedly coughed up $4.5m to ransomware crooks who stole data and scrambled files. (Naked Security)

China Arrests Over 100 People In PlusToken Crypto Currency Scam

(News ≈ Packet Storm)

BootHole Fixes Causing Boot Problems Across Multiple Linux Distros

(News ≈ Packet Storm)

Twitter Hack: Staff Tricked By Phone Spear-Phishing Scam

(News ≈ Packet Storm)

Hackers Broke Into Real News Sites To Plant Fake Stories

(News ≈ Packet Storm)

IBM Completes Successful Field Trials On Fully Homomorphic Encryption

(News ≈ Packet Storm)

EU sanctions hackers from China, Russia, North Korea who're wanted by the FBI

The Council of the European Union has imposed its first-ever sanctions against persons or entities involved in various cyber-attacks targeting European citizens, and its member states.

The directive has been issued against six individuals and three entities responsible for or involved in various cyber-attacks, out of which some publicly known are 'WannaCry', 'NotPetya', and 'Operation Cloud (The Hacker News)

New Attack Leverages HTTP/2 for Effective Remote Timing Side-Channel Leaks

Security researchers have outlined a new technique that renders a remote timing-based side-channel attack more effective regardless of the network congestion between the adversary and the target server.

Remote timing attacks that work over a network connection are predominantly affected by variations in network transmission time (or jitter), which, in turn, depends on the load of the network (The Hacker News)

4 Unpatched Bugs Plague Grandstream ATAs for VoIP Users

The flaws have been confirmed by Grandstream, but no firmware update has yet been issued. (Threatpost)

Authorities Arrest Alleged 17-Year-Old ‘Mastermind’ Behind Twitter Hack

Three have been charged in alleged connection with the recent high-profile Twitter hack - including a 17-year-old teen from Florida who is the reported "mastermind" behind the attack. (Threatpost)

CWT Travel Agency Faces $4.5M Ransom in Cyberattack, Report

The corporate-travel leader has confirmed an attack that knocked systems offline. (Threatpost)

Anti-NATO Disinformation Campaign Leveraged CMS Compromises

Researchers uncovered a disinformation campaign aiming to discredit NATO via fake news content on compromised news websites. (Threatpost)

Twitter: Epic Account Hack Caused by Mobile Spearphishing

Hackers "mislead certain employees" to gain access to internal tools to take over high-profile accounts and push out a Bitcoin scam. (Threatpost)

Black Hat USA 2020 Preview: Election Security, COVID Disinformation and More

Threatpost editors break down the top themes, speakers and sessions to look out for this year at Black Hat 2020 - from election security to remote work and the pandemic. (Threatpost)


/security-daily/ 01-08-2020 23:44:22