FBI uses T-shirt, tattoo and Vimeo clips to track down alleged arsonist

By Lisa Vaas

On the afternoon of 30 May, as in other US cities, all hell broke loose in Philadelphia as peaceful Black Lives Matter (BLM) protests turned into the smashing of store windows, looting, and arson, including the torching of two Philadelphia Police Department (PPD) cars.

On Wednesday, a 33-year-old Philadelphia woman was charged with allegedly torching those cars after the FBI tracked her down via a slew of online clues that shows how findable we all are, be we criminals or somebody to be marketed at or tracked.

Namely: her protest T-shirt, which the FBI matched to one sold on the Etsy online marketplace; social media handles; a tattoo of a stylized peace sign on her right forearm; and a Vimeo video that shows a woman matching her description who removed a flaming piece of wooden police barricade from one car and shoved it through the window of another.

It’s worth noting that the FBI and the National Institute of Standards and Technology (NIST) have a tattoo recognition program called Tatt-C (also known as the Tattoo Recognition Challenge) that involves creating an open tattoo database to use in training software to automatically recognize tattoos. However, the FBI didn’t mention using that database, or its vast wealth of facial images, to find the alleged arsonist.

It sounds like investigators didn’t have to resort to anything as fancy as that. The clues that led to a suspect were far simpler to find. Investigators allege that the arsonist was 33-year-old Lore-Elisabeth Blumenthal of Philadelphia.

According to an affidavit filed by FBI special agent Joseph Carpenter, on the same day of the protest and ensuing riot, he viewed a live, aerial news feed from a helicopter that was covering the fire that engulfed the first car.

Read more at https://nakedsecurity.sophos.com/2020/06/19/fbi-uses-t-shirt-tattoo-and-vimeo-clips-to-track-down-alleged-arsonist/

Ripple20 bugs set off wave of security problems in millions of devices

By Danny Bradbury

Security researchers have discovered a handful of game-changing vulnerabilities that spell trouble for dozens of connected device vendors and their customers. On Tuesday this week security company JSOF unveiled 19 CVEs – four of them critical remote code execution flaws – in a low-level networking software library that render millions of devices vulnerable.

Labeling the discovery Ripple20, the researchers said that the bugs enable attackers to take control of internet-facing devices and then lurk undetected for years. Other risks include mass infections inside a network using a hacked device as a foothold, said their vulnerability analysis. No user interaction is necessary for a hacker to take over your network using these flaws.

Getting in touch with vendors has been a priority for JSOF, which said that 15 were affected as of yesterday, including Cisco, HP, and Schneider Electric. Another 57 were still investigating the effect on their products, including EMC, GE, Broadcom, and NVIDIA. Not affected were AMD, Philips, and Texas Instruments (at least, according to their own reports).

Read more at https://nakedsecurity.sophos.com/2020/06/19/ripple20-bugs-set-off-wave-of-security-problems-in-millions-of-devices/

Bundlore adware brings a new nest of risks to Mac users

By Paul Ducklin

A decade or so ago, many Mac users used to claim very confidently that anti-virus software would be wasted on them, “because Macs don’t get malware.”

They’d admit that Mac malware was theoretically possible, but point out that because they’d never run into any problems themselves – problems that they knew of, anyway – and had never heard a fellow Mac user asking for help with a malware attack, they’d decided to ignore the issue of rogue software entirely.

A few Mac fans went further than that, saying that Macs were immune to malware because they’re based on Unix – Unix, they’d say, couldn’t get viruses because the operating system was completely different from Windows internally, and was secure against malware by design.

The problem with definitive claims of this sort is that you only need a single example of Unix malware – what you might call an existence proof – to debunk the theory, such as the infamous Morris Worm that downed the internet back in November 1988.

Of course, we’ve written about Mac malware – including zombies, data stealers, ransomware and many other sorts of badware – many times since 1988.

Even Apple itself came to the anti-virus party back in 2009 when it introduced a rudimentary malware blocking tool called XProtect right into OS X (now macOS).

Whether you called it malware or not, there have long been “software actors” out there ready to go after Mac users in the same way that they’ve been going after Windows users for years.

Well, nothing has changed: although you’re probably more likely to get hit up with malicious or unwanted software on Windows, you aren’t free and clear just because you’re using a Mac.

Read more at https://nakedsecurity.sophos.com/2020/06/18/bundlore-adware-brings-a-new-nest-of-risks-to-mac-users/

Microsoft promises to fix Windows 10 printer problem

By John E Dunn

Windows 10 updates released as part of last week’s Patch Tuesday appear to be making life hard for some printer users.

Problems after monthly updates are not unusual, but the numbers tend to be limited to subgroups of users.

It’s hard to tell how many people have encountered the latest glitch but it was enough to register on Microsoft forums as well as multiple threads on that great bell-weather, Reddit. A typical error message ran something like:

Windows cannot print due to a problem with the current printer setup.

Numerous printer makers seemed to be affected. But other problems were reported too, ranging from application crashes and even the blue screen of death (BSOD), which hints at a deeper issue within Windows itself.

After several days of confusion, Microsoft has acknowledged the issue, describing it in the following terms:

After installing this update, certain printers might fail to print. The print spooler might throw an error or close unexpectedly when attempting to print, and no output will come from the affected printer.

It can also affect users printing to file formats such as PDF. No date for a fix has been set but the company said it was “working on a resolution” and would provide an update as soon as possible.

Read more at https://nakedsecurity.sophos.com/2020/06/18/microsoft-promises-to-fix-windows-10-printer-problem/

Crypto founder admits $25 million ICO backed by celebrities was a scam

By Lisa Vaas

The Miami-based cryptocurrency firm Centra Tech was built on fairy dust and paid celebrity hoo-ha, but co-founder Robert Joseph Farkas is going to be doing real time in a real prison for the $25 million initial coin offering (ICO) rip-off.

An ICO is an unregulated fundraising technique with a dodgy reputation that’s used by blockchain companies where cyptocurrencies like Bitcoin and Ethereum are used to purchase “tokens” from a startup. If the company takes off, they’ll theoretically be worth something. Centra Tech took off, all right, but only because its founders allegedly lied through their teeth.

Farkas – also known as RJ – pled guilty in Manhattan federal court on Tuesday to charges of conspiring to commit securities and wire fraud, according to the US Attorney’s Office for the Southern District of New York.

Sentencing hasn’t been scheduled yet. Farkas, 33, pled guilty to two charges, each of which carries a maximum sentence of five years in prison. Maximum sentences are rarely handed out, but Farkas agreed to serve between 70 and 87 months and a fine of up to $250,000 in a plea deal.

Read more at https://nakedsecurity.sophos.com/2020/06/18/crypto-founder-admits-25-million-ico-backed-by-celebrities-was-a-scam/