FFT news digest September 4 2020

Elections

Facebook says it stopped a Russia-linked campaign aimed at provoking political chaos in the US, following a tip off from the FBI. A network of 13 Facebook accounts and two pages posing as journalists had targeted left-wing voters in the US and Britain. Facebook said the campaign had used fake personas to recruit freelance journalists to write about domestic politics. The FBI says it has made significant changes to its processes in order to overcome deficiencies in the way it dealt with incidents during the last US presidential election in 2016. But technology platforms are still grappling with how to combat the disinformation being spread in the run-up to November's poll. It took Google five days to remove ($) misleading ads about voting by mail. And Twitter labeled a tweet by a Republican congressman "misleading" after it was found to have deliberately faked the electronic voice of a disabled activist with motor neurone disease.

Threats

BEC: More evidence of the growing cost of Business Email Compromise. The Anti-Phishing Work Group says in the second quarter of this year the average cost of an attack rose to $80,183, up from $54,000 in the previous quarter. APWG

Tenet: If someone in your household is desperate to see Christopher Nolan's latest film but doesn't want to go the cinema, then make sure they're not tempted to try to download it. Thousands of people have been fooled by fake, malicious copies on torrent sites. TorrentFreak

Sendgrid: The email platform is facing a large number of accounts that have been taken over because the passwords were cracked. Sendgrid says it will introduce multi-factor authentication. Until it does, use a strong, unique passphrase. KrebsonSecurity

Vendor: Attack comes from a compromised account of a legitimate vendor. It's used to send a Sharepoint link to documents that need reviewing but which actually takes the victim to phishing pages for popular email providers. Abnormal Security

Sharepoint/One Note: A similar campaign used Sharepoint and One Note. Naked Security

China/Tibet: COVID-19-themed attacks (impersonating the World Health Organisation) have been used to target European diplomats and the Tibetan community. proofpoint

Printers: Don't ignore your printers!. Security researchers periodically take it upon themselves to hijack unsecured printers to demonstrate how risky they are. In the latest example, 28,000 devices were forced to print out a guide to printer security. CyberNews

Fake notifications: Unwanted pop-up messages have been plaguing Google Android users because of an issue in Google's messaging platform (which it says has not been fixed). Naked Security

CEOs

Up to now, business leaders have paid a relatively small price for the extraordinary data breaches at their organisations - but Gartner believes that's about to change because of the impact of computer technology on the physical world. Its analysis focuses on "cyber-physical systems" which is an ugly term for the solutions designed "to orchestrate sensing, computation, control, networking, and analytics to interact with the physical world, including humans". In other words, smart buildings, connected cars and the multiple low-cost devices that are inherently insecure. Gartner reckons 75% of CEOs will be held personally liable for incidents connected to these solutions - and pressure on governments means they won't be able to plead ignorance or retreat behind insurance policies.

Taxes

Nothing in this world can be said to be certain, except death and taxes...unless you're a technology giant, in which case you just pass the taxes on to someone else. Benjamin Franklin's famous line referred to the US constitution - and he would probably have had some interesting thoughts about how it's surviving contact with Facebook, Amazon, Google and their ilk. As part of attempts by governments to get their hands on what they regard as a fairer slice of tech companies' revenues, the UK, Turkey and Austria came up with the idea of a digital services tax. No problem for Google, which has now announced it will pass on the cost to advertisers. And it's not alone. Apple and Amazon have also revealed they will make similar changes. So, when it comes to tech behemoths, perhaps Franklin's line should read, nothing is certain, except their determination to avoid any dent in their revenues.

FBI advice

The FBI has issued a cybersecurity guide for local police forces that's a bit long, but does have some pretty good advice that anyone could use. The weirdly titled “Digital Exhaust Opt Out Guide” emerged as part of a collection of documents made public by a group of transparency activists. 354 pages long, its advice includes a warning to be wary of fake LinkedIn accounts designed to access personal information. The FBI also suggests removing pictures of homes from online real estate listings, suppressing images from map platforms like Google StreetView and deleting as much information as possible from social media networks and data brokers.

Tracking

A tweet from a gadget reviewer reflects the experience of many of us, as we're bombarded with advertisements on social media platforms. "Seriously is wild how I googled a foldable bike once or twice a couple weeks ago and I've been getting bike ads on Facebook, IG, everywhere. the level to which these companies all team up and know everything about us is wild,"Ben Sin wrote. Of course, as you have probably already found out, you don't even need to carry out the search yourself for the algorithms to decide to start sending adverts your way. And new research has shown how easy it is for advertisers to reliably identify us. The Mozilla employees found that most users have unique browsing habits that can be exploited to create accurate profiles - and a means to track and re-identify us in our online lives.

In brief

Google has removed an app that was being used to spy on protestors in Belarus. It had pretended to be the official Android app for an independent news agency in the country. ZDNet

Amazon appears to have been caught red-handed in a sophisticated scheme designed to spy on its workers. When news emerged it was monitoring its workers' private Facebook groups, it cited an "error". Since then, evidence has emerged to show it was anything but. Motherboard

A US Federal Appeals Court has ruled that the government's bulk collection of phone call metadata violated the Foreign Intelligence Surveillance Act and was probably unconstitutional. EPIC

Google has plans for its news aggregation service, 'Your News Update'. It's adding features designed to make it more personalised and easier to listen to. This includes eight new news anchor voices. WIred

Sick of online meetings? A video editor decided to see whether he could get away with "attending" Zoom meetings by using pre-recorded clips. He did - and some of the meetings were ones where he had to speak! CNET

Another worm in Apple's security bud.
Last year, Apple introduced a scheme called 'notarisation' in a bid to secure macOS apps. Unfortunately, researchers found a malware campaign disguised as an Adobe Flash installer - which Apple had notarised. Objective-See

Updates

Cisco: Two previously unknown ('zero-day') flaws in Cisco's enterprise-grade routers are being actively exploited. Cisco is working on a fix. Until then, Cisco has suggested mitigations on its site.

iOS: Unexpected version (13.7) 'Exposure Notifications Express', the next phase of Apple and Google's joint COVID-19 tracking project. Google will launch its own version of Exposure Notifications Express on Android later this month.

Slack: Update to address vulnerability that could allow code to be executed remotely and enable an attacker to full control the desktop app. The issue was discovered by a researcher who was paid a princely $1,750 for his trouble.

Firefox: Version 80.0.1 fixes a number of bugs in the latest release of the browser.

Windows 10: Continued issues for version 2004 (or May 2020 Update). Microsoft is blocking the upgrade for some users because of problems with some LTE modems.

QNAP: Attacks targeting QNAP Network Attached Storage (NAS) devices have been trying to exploit a vulnerability that was addressed in July 2017.

WordPress File Manager: Update fixes an actively-exploited issue that allowed the full takeover of a website.

Subscribe to receive the digest by email

Address

152-160 City Road
London, EC1V 2NX

Contacts
Email: info@fullframetech.com
Phone: +44 (0) 20 3290 2205
Support: +44 (0) 20 3290 2207

Company registration no. 10243217