January 22, 2019

Bicycle-riding hitman convicted with Garmin GPS watch location data

By Lisa Vaas

A homicidal cycling and running fanatic known for his meticulous nature in tracking his victims has been undone by location data from his Garmin GPS watch.

Police in Merseyside, in northwest England, announced that a jury last week found Mark Fellows, 38, guilty of two gangland murders: that of “career criminal” John Kinsella last year and gang member Paul Massey in 2015. Fellows was sentenced to life in prison without parole.

Kinsella was gunned down on 5 May 2018 by a masked hitman on a bicycle who was wearing a high-visibility vest with yellow markings and black tape that CCTV cameras easily picked up.

Steven Boyle, 36, also found guilty in the killing of Kinsella, gave testimony against Fellows and acted as his spotter in the slaying, according to the Liverpool Echo. Boyle received a sentence of 33 years to life.

GPS watch

As the Liverpool Echo reported in December, during a search of Fellows’ home following Kinsella’s killing, police had seized a Garmin Forerunner 10 GPS watch. A prosecutor pointed out that the seized watch matched one Fellows had been wearing in photos taken during a road race – the Bupa Great Manchester Run – on 10 May 2015.

Read more at https://nakedsecurity.sophos.com/2019/01/22/bicycle-riding-hitman-convicted-with-garmin-gps-watch-location-data/

WhatsApp fights the spread of deadly fake news with recipient limit

By Lisa Vaas

As of July 2018, dozens of mob lynching’s sparked by rumors – many about child abduction – that had been spread virally on social media had led to 33 deaths and at least 99 injured in 69 reported lynching’s. The wave of violence tore through countries including Myanmar and Sri Lanka but was mostly in India.

At least 18 of those incidents were specifically linked to WhatsApp.

In an effort to limit the type of message forwarding that fuels such fake-news wildfires, in July WhatsApp launched a test in which it limited forwarding of chats to 5 people in India, where people forward more messages, photos and videos than any other country in the world.

WhatsApp also imposed a larger limit globally of 20 recipients. At the same time, WhatsApp also removed a quick-forward button next to media messages in India, and it added a feature to more clearly label forwarded messages.

Now, the private-messaging app is taking those changes, including the lower limit of 5 forwarded messages, worldwide. On Monday, Victoria Grand, vice president for policy and communications at WhatsApp, said at an event in the Indonesian capital of Jakarta that the change went into effect immediately. Reuters quoted her:

We’re imposing a limit of five messages all over the world as of today.

WhatsApp’s head of communications Carl Woog told Reuters that starting on Monday, WhatsApp would roll out an update to activate the new forward limit. Android users will receive the update first, followed by iOS.

Read more at https://nakedsecurity.sophos.com/2019/01/22/whatsapp-fights-the-spread-of-deadly-fake-news-with-recipient-limit/

DNC targeted by Russian hackers beyond 2018 midterms, it claims

By Danny Bradbury

The Democratic National Committee (DNC) has filed a civil complaint accusing Russia of trying to hack its computers as recently as November 2018.

In its court filing, the DNC argues that not only did the campaign and several Trump operatives collude with Russia to steal electronic information, but that Russia was still attempting to hack DNC systems in the run up to last year’s midterm elections.

The filing describes an alleged Russian cyberattack campaign that began in July 2015 and which stole information after a hack in April 2016, when the Russians allegedly placed proprietary malware known as X-Agent on the DNC network. It claims that they monitored the malware in real time and collected data including key logs and screenshots. Using malware called X-Tunnel, the hackers exfiltrated several gigabytes of DNC data over the following days to a computer located in Illinois leased by agents of Russia’s GRU military unit, it says.

Russian operatives then placed a version of X-Agent on a DNC server in June that year and hacked DNC virtual machines hosted on Amazon Web Services (AWS) in September to steal voter data, the filing also alleges.

Read more at https://nakedsecurity.sophos.com/2019/01/22/russia-continued-email-hacking-attempts-in-mid-term-runup-says-dnc/

Is the Ten Year Challenge a Facebook scam???

By Mark Stockley

If you have an Instagram account, if you’re on Facebook or you if use Twitter, or any other social media, or read the news, own a phone or have eyes, you will probably have encountered the ten-year challenge.

The challenge is the latest social media craze and it simply involves posting a contemporary photo of yourself alongside another from ten years ago. Ostensibly it’s about nostalgia and showing how much things have changed in the intervening years.

Like all good viral crazes, it’s visually interesting, conceptually simple, easy to do and replete with opportunities for poignancy, reflection, virtue signaling, celebrity humble bragging, commentary (…guilty!) and humor.

Here’s Star Trek Discovery and the Walking Dead’s Sonequa Martin-Green showing us how it’s done.

This meme du jour follows in the footsteps of other social media fripperies, such as the similarly self-descriptive Ice Bucket challenge and the No Makeup challenge.

Social media’s capacity to spawn viral crazes isn’t limited to challenges though. Older readers may remember becoming concerned for friends whose speech turned into incoherent jabbering about crop yields around the turn of the last decade, as they battled crippling Farmville addictions.

Read more at https://nakedsecurity.sophos.com/2019/01/21/is-the-ten-year-challenge-a-facebook-scam/

Twitter bug exposed some Android private tweets to public view

By Lisa Vaas

In October, after Twitter refused to give a user information about how it tracks him when he clicks on links in tweets (as is the right of EU citizens under the newly passed, sweeping General Data Protection Regulation [GDPR] privacy law), Irish privacy authorities launched an investigation into the platform’s privacy practices.

Things could get hairier still, given the major privacy glitch Twitter disclosed on Thursday.

Twitter said that it had become aware of a bug that, under certain circumstances, switched private tweets to public view in Twitter for Android. That bug went unnoticed for four years, from 3 November 2014 until last Monday.

The bug disabled the “Protect your Tweets” setting for Android users if certain account changes were made, Twitter said. Namely, Android users would be well-advised to check their settings if they changed the email address associated with their account during that time period.

This doesn’t affect iOS or web users. Twitter says it fixed the issue on 14 January.

Read more at https://nakedsecurity.sophos.com/2019/01/21/twitter-bug-exposed-some-android-private-tweets-to-public-view/

Attackers used a LinkedIn job ad and Skype call to breach bank’s defenses

By John E Dunn

Last week, Chilean Senator Felipe Harboe took to Twitter with alarming news – he had got wind that the company running the country’s ATM inter-bank network, Redbanc, had suffered a serious cyberattack at the end of December.

Two days later, not long before a local news site published a story offering more detail, Redbanc issued a public admission that the attack had happened, confirming little beyond the statement that its network had not been disrupted and continued functioning normally.

[translated] This event had no impact on our operations, keeping our services running smoothly. As established in our protocols, we kept the different industry players and authorities informed at all times, with total transparency and spirit of collaboration.

Cyberattacks happen all the time, of course, but this one piqued people’s curiosity for several reasons.

The first was that this was a cyberattack on a company that connects and manages the ATM network for a whole country.

In banking terms, that’s quite a big deal, partly because ATM networks are a juicy target but also because it arrived in the wake of last June’s big ransomware attack against Banco de Chile.

A second bump for the story arrived a few days later when security company Flashpoint said it believed the malware used against Redbanc was PowerRatankba, a platform connected to North Korea’s Lazarus group.

Read more at https://nakedsecurity.sophos.com/2019/01/21/attackers-used-a-linkedin-job-ad-and-skype-call-to-breach-banks-defences/

State agency exposes 3TB of data, including FBI info and remote logins

By Danny Bradbury

Oklahoma’s Department of Securities (ODS) exposed three terabytes of files in plain text on the public internet this month, which contained sensitive data including social security numbers, details of FBI investigations, credentials for remote access to computers, and the names of AIDS patients.

Researchers at security company UpGuard found the files using the Shodan search engine, which indexes internet-connected devices. In this case, they ran across an unsecured rsync server registered to ODS.

Rsync is a utility commonly found on Unix and Linux systems that enables administrators to synchronize files between different computers. It is used for ‘delta’ syncing, in which one computer copies to another only the parts of files that have changed, enabling them to maintain identical copies of the files in different locations.

The unsecured computer that UpGuard found to be using rsync meant that anyone could access the data by visiting its IP address. It’s impossible to know who else may have found it first. The one upside is that the data was identified just one week after it was exposed.

The data trove contained millions of files dating back to 1986, according to UpGuard’s report, with the most recent files dated 2016. They offered up sensitive data ranging from personal information (PII) to internal documentation, the researchers explained.

The files included PII on over 100,000 securities brokers, including the social security numbers for around 10,000 of them. One database included the names of AIDS patients.

Read more at https://nakedsecurity.sophos.com/2019/01/21/agency-that-opted-out-of-central-it-service-exposes-3tb-of-data/


Advanced Computer Services of Central Florida

Centrally located in Winter Haven, we serve residential and business clients in and around Polk County.

9 Camellia Drive
Winter Haven, FL 33880

Our Promise to You

Plain language, no tech-talk

We will never try to over-sell you a product you don't need.

Advanced Computer Services of Central Florida is your local, hometown computer service and repair company that can do more than just fix your PC.  We offer highly skilled professionals who can be counted on to give you sound advice on upgrades, software and hardware, commercial & residential networks, hardwire or secure wireless.

No trip charges within Polk County

No after-hours or weekend fees

$45.00/hr Residential

$65.00/hr Commercial - free system evaluation