October 4, 2018

Cop charged with selling phone tracking service on dark web

By Danny Bradbury

A French police officer has been charged with using police intelligence data to power a mobile phone tracking service sold via the dark web.

The law enforcement official is accused of running a service that used police data to track mobile devices based on a phone number. He sold the service as a way for people to track their spouses, and also advertised it as a way for criminal gangs to track their rivals, according to prosecutors.

Operating under the username Haurus, the officer allegedly sold the service via a dark web site called the Black Hand. He also advertised sensitive information that criminals could use to forge documents, say reports.

The officer worked for the French General Directorate for Internal Security, which is an intelligence agency that combats espionage, terrorism and cybercrime, said a report from ZDNet, citing a story in French language newspaper Le Parisien this week.

Law enforcement officials said that they were able to link the documents on the Black Hand with the accused thanks to unique codes embedded on police systems that allowed them to track document history. He was charged on 26 September, and faces up to seven years in prison and a fine of up to €100,000.

Read more at https://nakedsecurity.sophos.com/2018/10/04/cop-charged-with-selling-phone-tracking-service-on-dark-web/

Facebook finds “no evidence” attackers accessed third-party apps

By Lisa Vaas

Facebook said on Tuesday that it’s found no evidence that attackers accessed third-party apps in the breach it announced last week.

Nevertheless, it’s building a tool to allow developers to manually identify which of their apps’ users may have been affected, so they can log them out.

In that breach, attackers exploited a vulnerability in Facebook’s “View As” feature to steal access tokens, which are the keys that allow you to stay logged into Facebook so you don’t need to re-enter your password every time you use the app.

View As lets people see what their own profile looks like to someone else. The vulnerability allowed the attackers to steal Facebook access tokens that they could then use to take over people’s accounts.

Facebook fixed the vulnerability and reset the access tokens for a total of 90 million accounts: 50 million that had access tokens stolen and another 40 million that were subject to a View As look-up in the last year. Those users were subsequently prompted to log back in to Facebook, as well as back into any apps that use Facebook Login.

Read more at https://nakedsecurity.sophos.com/2018/10/04/facebook-finds-no-evidence-that-attackers-accessed-third-party-apps/

NSA staffer takes top-secret hacking tools home ‘to study’, gets 66 months

By Lisa Vaas

Taking work-related documents home to study might get you a promotion and pay raise at some jobs, but not when your employer is the National Security Agency (NSA) – and most certainly not when those materials are classified.

Former NSA employee Nghia Hoang Pho, 68 – a naturalized US citizen who was originally from Vietnam but who’d been living in Ellicott City, Maryland – was sentenced last week to 66 months in prison plus three years of supervised release for willful retention of classified national defense information.

According to the Department of Justice (DOJ), Pho removed “massive troves” of highly classified national defense information without authorization and kept it at his home.

Pho worked as a developer in the NSA’s hacking group, otherwise known as Tailored Access Operations (TAO). He was due to retire in a few years, and as he said in a letter to the judge, he wanted to do so at a higher pay grade so as to increase his pension payments.

Read more at https://nakedsecurity.sophos.com/2018/10/03/nsa-staffer-takes-top-secret-hacking-tools-home-to-study-gets-66-months/

Update now: Adobe fixes 85 serious flaws in Acrobat and Reader

By John E Dunn

Adobe has released updates fixing a long list of security vulnerabilities discovered in the Mac and Windows versions of Acrobat and Reader.

In total, the first October update brings 85 CVEs, including 47 rated as ‘critical’ with the remaining 39 classified as ‘important’.

It’s too early to get much detail on the flaws but those rated critical break down as 46 allowing code execution and one allowing privilege escalation. The majority of the flaws rated important involve out-of-bounds read issues leading to information disclosure.

As far as Adobe is aware, none are being actively exploited.

Read more at https://nakedsecurity.sophos.com/2018/10/03/update-now-adobe-fixes-85-serious-flaws-in-acrobat-and-reader/

Hacked Fortnite accounts and rent-a-botnet being pushed on Instagram

By Lisa Vaas

Hackers are using Instagram as a marketplace, advertising rental of what they say is access to Mirai and other botnets and supposedly selling accounts for Fortnite, Spotify and other social media platforms.

Motherboard’s Joseph Cox has been chatting with Root Senpai – one of the sellers – on Discord, a popular messaging board for gamers.

Senpai told Motherboard that stolen Fortnite accounts are of particular interest to customers. No surprise there: right now, the mobile game is hotter than a blister bug in a pepper patch.

Back in March, fraudsters exploited gamers’ keen anticipation to get invitations to Fortnite’s upcoming release, flogging their fictional “extra free invites!!!” as they looked for profit or for pumped-up Twitter followers/likes/retweets/comments.

Read more at https://nakedsecurity.sophos.com/2018/10/03/hacked-fortnite-accounts-and-rent-a-botnet-being-pushed-on-instagram/

Google’s new rules for developers make Chrome extensions safer for all

By Danny Bradbury

Google has announced a range of security changes to its Chrome browser that will make the use of extensions more secure. The updates, to be introduced in version 70 of the popular browser, cover areas including extension permissions and developer accounts.

Browser extensions are small programs that enhance its functionality. The problem is that misbehaving extensions can steal data or invade users’ browser privacy. Chrome is a trusted application in most operating systems, meaning that if you give an extension permission to do things, the operating system will usually wave it through. This can leave users vulnerable to malicious extensions.

In the past, Google has taken steps to keep extensions in line by limiting what they can do. Late last year, for example, it introduced an optional site isolation feature that made it more difficult for malicious code on one site to steal secrets from another when open in the browser. It also enabled administrators to block extensions based on the kinds of permissions they request, such as access to the webcam or the clipboard.

Read more at https://nakedsecurity.sophos.com/2018/10/03/googles-new-rules-for-developers-make-chrome-extensions-safer-for-all/

Hackers demand ransom from hijacked Instagram influencers

By Danny Bradbury

Hackers are taking over high-profile Instagram users’ accounts and holding them to ransom, it was revealed this week. At least four influencers have lost control of their accounts and received demands to send bitcoin for their return, but in some cases the attackers retained control or deleted the accounts.

Motherboard reported that Los Angeles-based fitness Instagram influencer, Kevin Kreider, lost control of his Instagram account and more than 100,000 followers after falling victim to a phishing scam. The account hijackers sent him a fraudulent email offering a sponsorship deal with French Connection that took him to a fake Instagram portal which then stole his account details.

Cassie Gallegos-Moore, who used the Instagram handle theadventurebitch, blogged about losing her account to hackers who changed the email used to access it. They temporarily blocked the account and demanded a ransom, threatening to delete the account entirely within three hours if she did not pay. Gallegos-Moore, who had 57,000 users on her account, sent them $122 in bitcoin.

While Kreider eventually managed to regain control of his account, Gallegos-Moore was still without hers at the time of writing. Instead, she renamed a backup account to her original adventurebitch handle, but had fewer than 100 followers at last count. She lambasted Instagram for its approach to the hack.

Read more at https://nakedsecurity.sophos.com/2018/10/02/hackers-demand-ransom-from-hijacked-instagram-influencers/


Advanced Computer Services of Central Florida

Centrally located in Winter Haven, we serve residential and business clients in and around Polk County.

9 Camellia Drive
Winter Haven, FL 33880

Our Promise to You

Plain language, no tech-talk

We will never try to over-sell you a product you don't need.

Advanced Computer Services of Central Florida is your local, hometown computer service and repair company that can do more than just fix your PC.  We offer highly skilled professionals who can be counted on to give you sound advice on upgrades, software and hardware, commercial & residential networks, hardwire or secure wireless.

No trip charges within Polk County

No after-hours or weekend fees

$45.00/hr Residential

$65.00/hr Commercial - free system evaluation