TWINN #103 When a criminal takedown becomes impossible
Article Contents
Modern civilization is possible, in part, due to the rule of law. Laws and their enforcement of them serve as a force to make it too expensive or too risky for a crime to be committed. We only need to count on that, of course, without a decent moral compass. So when certain cyber crimes were committed, law enforcement could collect evidence and, through the cooperation of big tech companies, actually disrupt a criminal organization. This still happens regularly, as we saw iSpoof.cc was seized by the FBI a few weeks ago. This is called a takedown.
What happens when we build technology for which there is no takedown? What if C2 (Command and Control) runs on TOR. What if it runs on a blockchain? This is what we’re seeing now.
The 5 Top Cyber Security Stories Of The Week – December 19, 2022
Glupteba Botnet Continues to Thrive Despite Google’s Attempts to Disrupt It. No tech company or law enforcement can execute a takedown. An effective protective measure is to ensure TOR access isn’t allowed on your network. There’s no question that there’s value to having TOR as a technology for legitimate whistleblowers, for example, but it is used more for harm than good, but we have to go out of our way to ensure our devices cannot access TOR.
Attackers use SVG files to smuggle QBot malware onto Windows systems. This self-assembling malware that hides inside of HTML and SVG file(s) can sneak by traditional email scanning tools. To protect systems from HTML smuggling attacks, block JavaScript or VBScript execution for downloaded content.
Three Innocuous Linux Vulnerabilities Chained to Obtain Full Root Privileges. We aren’t concerned only about Windows and macOS systems. Linux systems require the same level of scrutiny, patching and posture-securing as any other device.
Security Firms Warn Microsoft of Signed Drivers Used to Kill EDR, AV Processes. Microsoft, in turn, reported “Microsoft was recently informed that drivers certified by Microsoft’s Windows Hardware Developer Program were being used maliciously in post-exploitation activity.” For protection, having the latest Windows updates and appropriate endpoint protection are a must.
Support King, banned by FTC, linked to new phone spying operation. “A groundbreaking FTC order in 2021 banned the stalkerware app SpyFone, its parent company Support King, and its chief executive Scott Zuckerman from the surveillance industry. The order, unanimously approved by the regulator’s five sitting commissioners, also demanded that Support King delete the phone data it illegally collected and notify victims that its app was secretly installed on their device.
Did you know?
Apple’s new Freeform App that is available on iOS 16.2 and macOS 13.1 and later, is basically a blank digital whiteboard and Gizmodo Australia has a nice walkthrough.
