Squeeze Volume 4 - Retailers Are Easy Targets, Crime is Up 20% in the U.S., and Yet Another Reminder to UPDATE YOUR SCHWACK
Welcome to Squeeze, a curated selection of interesting infosec articles from the past week that you may have missed.
Welcome to the fourth edition of the Secjuice Squeeze, where we present a selection of last weeks interesting infosec articles curated for your reading enjoyment in case you missed them! This week's volume was created by Chad Calease, Mike Peterson, and Miguel Calles.
Point-of-Sale Attacks Have Leveled Up
Skimmers stealthily installed in credit card readers at gas pumps and other PoS systems are the least of retailers' concerns. Criminals are now using advanced malware like TrickBot to attack PoS systems. It's getting nasty out there and retailers are making themselves easy targets.
Attribution is Hard.
The most common source of suspected fraudulent traffic during the intense shopping days leading up to Christmas was from China. How is this confirmed and/or corroborated? Who knows?
Addons Allow Broad Attacks on Wordpress Sites
Use Wordpress? Your website could easily get hacked if you are using these plugins and haven't updated them recently. How many reminders to update our schwack do we need?
Modern Intel CPUs Have Another Big Security Flaw
Security researchers have discovered a new vulnerability in most modern Intel CPUs that could allow attackers to extract highly sensitive information from a computer. The exploit, which relies on altering the voltage and frequency of the proccessors, has subsequently been dubbed "Plunderbolt."
U.S. Birth Certificate Data Leaked
A third-party government contractor has leaked hundreds of thousands of birth certificate applications by leaving an AWS storage bucket open – which included data including names, addresses, phone numbers and family member information. Interestingly, even after multiple attempts to contact the owner, the bucket is still open and is even updated daily.
Apple Leverages DMCA Notices to Take Down Jailbreaking Info
Apple has used the Digital Millennium Copyright Act (DMCA) to take down a tweet that contained an iPhone encryption key and attempt to do the same for several Reddit posts. The move has drawn criticism from security researchers – and the Subreddit that contained the jailbreaking information is now "on-lockdown" since receiving several of the DMCA notices.
New Orleans Declares State of Emergency Over 'Cybersecurity Incident'
The City of New Orleans has declared a state of emergency after reportedly being hit by a cyberattack on Friday. According to local information security officials, suspicious activity and phishing attempts were detected earlier in the day before a "cybersecurity incident" prompted city officials to start shutting down servers and computers as a precaution. Interestingly, while ransomware was detected, no ransom is currently being demanded.
FBI is Treating Any Russian-Origin Mobile App as a Threat
New York Senator Chuck Schumer was told by the FBI that "any app or product developed in Russia like FaceApp is a potential counterintelligence threat." Given that many users voluntarily divulge information to apps like FaceApp, the FBI might have valid concerns that those apps might be used for counterintelligence. The Russian government is implementing a "sovereign internet" law that will mandate smart devices to come pre-installed with apps, require Internet service providers to install "tracking" software, and allow for controlling access to information.
https://fortune.com/2019/12/02/fbi-russia-apps-faceapp-counterintelligence-threat/
https://www.cyberscoop.com/fbi-russian-apps-counterintelligence-faceapp-schumer/
Google Chrome 79 Provides Better Protection
One new feature the updated Chrome browser provides is notifying you if the password you are submitting is known to have been compromised and will advise you to change your password immediately.
Another new feature is real-time protection against phishing attacks. The browser uses Google's database of known phishing sites, which is updated every 30 minutes, to warn you about potential phishing. Additionally, the browser provides predictive phishing detection in the event you enter your Google credentials into a web site with suspected phishing.
https://blog.google/products/chrome/better-password-protections
https://www.techspot.com/news/83142-chrome-79-has-better-password-protection-real-time.html
The rad gif used in this post is called POS Terminal by the Kinsmen Collective