This week’s Cyber Security Headlines – Week in Review, May 31- Jun 4, 2021, is hosted by Steve Prentice (@stevenprentice) with our guest, Bryan Zimmer, Head of Security, Humu
Cyber Security Headlines – Week in Review is live every Thursday at 4pm PT/7pm ET. Join us each week by registering for the open discussion.
Lawsuit reveals Google made it nearly impossible for users to keep their locations private
Newly unredacted documents in a lawsuit against Google reveal that the company’s own executives and engineers knew just how difficult the company had made it for smartphone users to keep their location data private. Google continued collecting location data even when users turned off various location-sharing settings, and even pressured LG and other phone makers into hiding these settings. The documents are part of a lawsuit brought against Google by the Arizona Attorney General’s office last year.
US soldiers expose nuclear weapons secrets via flashcard apps
Flashcard learning apps, used by US soldiers tasked with the custody of nuclear weapons in Europe have inadvertently revealed not just the bases, but even identified the exact shelters with “hot” vaults that likely contain nuclear weapons as well as intricate security details and protocols such as the positions of cameras, the frequency of patrols around the vaults, secret duress words that signal when a guard is being threatened and the unique identifiers that a restricted area badge needs to have. Some of these have been findable since 2013. All were taken down after the researchers at Bellingcat contacted NATO and the US military.
Have I Been Pwned goes open source
Security researcher Troy Hunt announced that the popular breach database service is now open source, with code hosted on GitHub. Hunt initially announced his intention to make the service’s code open source in August 2020. The non-profit .NET Foundation assisted in moving the site to an open source model. Hunt also announced Have I Been Pwned will receive compromised passwords discovered during investigations from the US FBI.
Cyberattack forces meat producer to shut down operations in U.S., Australia – Russia suspected
Global food distributor JBS Foods suffered a cyberattack over the weekend that disrupted several servers supporting IT systems and could affect the supply chain for some time. Attackers targeted several servers supporting North American and Australian IT systems of JBS Foods on Sunday, according to a statement by JBS USA. JBS is a global provider of beef, chicken, and pork with 245,000 employees operating on several continents and serving brands such as Country Pride, Swift, Certified Angus Beef, Clear River Farms and Pilgrim’s. JBS notified the White House that the ransom demand came from a criminal organization likely based in Russia. The White House is engaging directly with the Russian government on this matter.
(ThreatPost and The Guardian)
Thanks to our episode sponsor, ReversingLabs
LinkedIn data shows Austin is biggest winner in tech migration
The Texas capital captured a net inflow of 217 software and information technology company workers per 10,000 existing ones, according to data from May 2020 to April 2021 provided by LinkedIn. That’s the best net migration rate among 35 metropolitan areas with gross tech migration of at least 2,000 LinkedIn users in the past 12 months. There’s no telling whether this will last, with many tech companies eyeing large scale return to the office policies, but for now, Austin, Nashville, Charlotte, Jacksonville and Denver are proving the most attractive places to work.
The back-to-work spearfishing campaigns have begun
Researchers from Cofense Phishing Defense Center (PDC) have uncovered a phishing campaign aimed at gathering login credentials from employees by posing as the Chief Information Officer (CIO). The messages pretend to provide information about changes to business operations the company is taking relative to the COVID-19 pandemic. The emails were crafted to steal company and personal credentials, they include a link to a fake Microsoft SharePoint page with two documents that outline new business operations. Upon clicking on the documents, victims have displayed a login panel that prompts them to provide login credentials to access the files. There will likely be many be many stories to this in coming weeks.
DJI drones are good enough for government work
According to a Pentagon report summary seen by The Hill, two DJI drones built for government use have been cleared for use by the Pentagon, with an audit finding “no malicious code or intent.” In January 2020, the Interior Department grounded its fleet of over 500 DJI drones over security concerns that drones were sharing data with the Chinese government. A prior analysis by Booz Allen Hamilton last year found no evidence of data transfers.
(The Hill)
Norton 360 antivirus now lets you mine crypto because reasons
In a noble effort to somehow make its antivirus solution even more of a resource hog, Norton will roll out a Norton Crypto feature to Norton 360 users enrolled in its early adopter program. When activated, Norton Crypto will use a host machine’s GPU to mine Ethereum, which will be stored in a cloud-hosted Norton wallet. It’s not clear if this mining will be done individually or as part of a larger Norton pool, although if part of a pool, Norton could potentially open a new revenue stream through management fees. Norton said that since cryptojacking and other miners are often flagged by antivirus software, this feature will let users participate in the crypto economy without sacrificing security.