• Google Zero day targeting Chrome based crypto wallets
• Barracuda Networks Advises Customers to Replace Compromised Email Security Gateway Devices
• DHS Commissioned a Research Project to Give ‘Risk Scores’ to Social Media Users According to Latest Motherboard Report
• Instagram’s Involvement in a Disturbing Pedophile Network Revealed
• TikTok Now Banned from all US Federal Government Contractors’ Work Devices
• Announcing easyNostr-NIP05 WordPress Plugin
• Redditor moderator backlash ignites over API policies
• Apple loves innovation, except when it challenges their quasi-monopoly
• What really went on inside the Wuhan lab weeks before Covid erupted

Elsewhere online: 

• Leader of Covid disinformation unit reveals ‘hourly contact’ with tech firms
• Payroll Breach Sparks Action: Clop Cybercrime Gang Issues Ultimatum in ICS/OT Sector
• PowerDrop Malware Targets US Aerospace Industry: New Cyber Threat Emerges
• Recent Phishing Campaign Exploits “Picture in Picture” Technique to Deceive Users into Visiting Malicious Websites
• Experts Raise Alarm as Massive Crypto Scam Network is Unearthed Across 1000 Affiliate Sites

Google Zero day targeting Chrome based crypto wallets

Google recently announced that a zero-day vulnerability in its Chrome web browser is being exploited. In response to this, Google has released an emergency security update. While Chrome security updates are not rare, it is unusual for an update to address a single actively exploited 0Day vulnerability. This makes it essential for users to take the update seriously and ensure their browser is protected.

On June 5th, Google announced on the Chrome releases blog that the desktop version of Chrome has been updated to version 114.0.5735.106 for Mac and Linux and 114.0.5735.110 for Windows. These updates will be rolled out over the coming days and weeks. The announcement mentions two security fixes included in this update, but only one is detailed: CVE-2023-3079.

CVE-2023-3079 is a vulnerability in the V8 JavaScript engine that causes type confusion. It was discovered by Google’s Threat Analysis Group. While this is all the technical information that Google has released at this time to allow for the update to be rolled out to as many users as possible, one critical detail has been published: “Google is aware that an exploit for CVE-2023-3079 exists in the wild.” This means that users should not wait but check if their browser has been updated.

Read: https://www.forbes.com/sites/daveywinder/2023/06/08/new-emergency-google-chrome-security-update-0day-exploit-confirmed/

 

Barracuda Networks Advises Customers to Replace Compromised Email Security Gateway Devices

On June 6, Campbell, California-based Barracuda Networks abruptly began advising its ESG customers to tear out and replace their email security appliances rather than update. The reason was the widespread malware attack that compromised its email security appliances to the point that they can no longer be reliably updated with software upgrades.

Initially, after receiving reports about unusual traffic originating from its Email Security Gateway (ESG) devices, Barracuda hired incident response firm Mandiant on May 18. The company also noticed the malicious traffic exploiting a previously unknown vulnerability. This vulnerability was in the Barracuda software component that screened attachments for malware.

In a statement, the company clarified that “no other Barracuda product, including our SaaS email solutions, were impacted by this vulnerability,” However, the company also advised against keeping the affected appliances “out of an abundance of caution and in furtherance of our containment strategy, we recommend impacted customers replace their compromised appliance.“

In the meantime, Barracuda is advising ESG customers to rotate any credentials connected to the appliance(s) along with replacing devices. The company also suggests looking for evidence of a breach dating back to at least October 2022 by using the network and endpoint indicators made available by the company.

Read: https://krebsonsecurity.com/2023/06/barracuda-urges-replacing-not-patching-its-email-security-gateways/

DHS Commissioned a Research Project to Give ‘Risk Scores’ to Social Media Users According to Latest Motherboard Report

According to internal documents reviewed by Motherboard, in 2018, the Department of Homeland Security (DHS) contracted the University of Alabama at Birmingham (UAB) to design methods for assigning a “risk score” to potential pro-terrorist accounts on social media. These risk scores were also meant to identify information regarding illegal opioid supply chain and disinformation efforts. The project is dubbed “Night Fury,” according to a report by the DHS Inspector General.

“The Contractor shall develop these attributes to create a methodology for developing a ranking, or ‘Risk Score,’ associated with the identified accounts. The Contractor shall develop tools to automate the identification process, documenting performance measures and metrics related to automating the identification process,” one of the documents reads. The DHS says it stopped work on the project in 2019.

The news signals the DHS’ continued focus on analyzing social media for a variety of purposes. Recently, Motherboard reported that Customs and Border Protection (CBP) was using an AI-powered tool called BabelX to analyze travelers’ social media at the U.S. border. In an effort by the Brennan Center for Justice, new documents have been obtained under a public records request that included Privacy Threshold Analyses of the project and its contracts. The research planned to involve CBP, ICE, TSA, and USCIS to provide “cross-mission operational context,” according to one of these documents.

“The use of automated processes to analyze social media to determine the likelihood that someone is ‘pro-terrorist’ and to assign a ‘risk score’ to individuals and groups online (is an attempt to) monitor social media and the rest of the open internet to automatically flag people for deportation or visa denial based on whether they would be a ‘positively contributing member of society’,” says Rachel Levinson-Waldman, Managing Director of the Liberty & National Security Program at the Brennan Center for Justice.

“Attempting to make automated judgments about these matters is both impossible and likely to be infected with bias, as these characteristics have no concrete definition,” she added.

Read: https://www.vice.com/en/article/dy33vx/night-fury-documents-detail-dhs-project-to-give-risk-scores-to-social-media-users

 

Instagram’s Involvement in a Disturbing Pedophile Network Revealed

Instagram, a popular social media platform owned by Meta Platforms, has come under scrutiny for its alleged role in promoting and facilitating the commission and sale of underage-sex content. Investigations conducted by The Wall Street Journal, Stanford University, and the University of Massachusetts Amherst revealed that Instagram’s algorithms actively connect and guide pedophiles to content sellers through recommendation systems that excel at linking individuals with shared interests. The researchers found explicit hashtags and accounts advertising child-sex material for sale, in violation of both Meta’s rules and federal law.

The investigations discovered that Instagram accounts involved in selling illicit sex material typically avoid publishing content openly and instead offer “menus” of available content. Some accounts even invite buyers to commission specific acts, including videos of children harming themselves or engaging in sexual acts with animals. Shockingly, children were also offered for in-person meetups at the right price. The prevalence of such content on Instagram raises concerns about the platform’s enforcement operations and its potential contribution to the normalization of child sexual abuse.

In response to inquiries from The Wall Street Journal, Meta acknowledged the existence of problems within its enforcement operations and established an internal task force to address the issues raised. The company stated that it has taken down multiple pedophile networks in the past two years and is planning additional removals. Furthermore, Meta claimed to have blocked thousands of hashtags sexualizing children and restricted its systems from recommending users search for terms associated with sexual abuse. The company is actively working to prevent potentially pedophilic adults from connecting or interacting with each other’s content. However, experts argue that tackling this problem effectively will require sustained efforts, including increased investment in human investigators to combat the issue.

Read: https://www.wsj.com/articles/instagram-vast-pedophile-network-4ab7189

 

TikTok Now Banned from all US Federal Government Contractors’ Work Devices

The US federal government’s TikTok ban has been extended to include devices used by its many contractors – even privately owned ones. NASA, the Department of Defense, and the General Services Administration jointly issued the interim rule, which handles contracting for US federal agencies. The change amends the Federal Acquisition Regulation to prohibit TikTok, any successor application, or any software produced by TikTok’s Beijing-based parent ByteDance from being present on contractor devices.

“This prohibition applies to devices regardless of whether the device is owned by the government, the contractor, or the contractor’s employees. A personal cell phone that is not used in the performance of the contract is not subject to the prohibition,” the trio stated in their notice, published in the Federal Register.

The rule would apply to all contracts, even those below the “simplified acquisition threshold” of $250,000, purchases of commercial and off-the-shelf equipment. The amendment went into effect on June 2, meaning any new government contracts issued now must include language regarding the ban. Contracts that have already been cut, but have yet to be completed, are being given a month to file amendments adding the TikTok ban.

Read: https://www.theregister.com/2023/06/06/us_contractors_tiktok_ban/

Announcing easyNostr-NIP05 WordPress Plugin

We’re pleased to announce that our easyNostr-NIP05 WordPress plugin has been added to the WordPress repository. It is also available via our GitHub.

This plugin enables NIP05 verification for Nostr, the fastest growing decentralized social media network in the world. With it, every registered user on your WordPress site can enter a pubkey and use their WordPress userid at the hostname as their NIP-05.

Read more: https://easydns.com/blog/2023/06/02/announcing-easynostr-nip05-for-wordpress/


Redditor moderator backlash ignites over API policies

Reddit recently announced new API access policies which included rate limiting on free access and charging for API calls on applications doing more than 100 queries per minute per OAuth client id and 10 per minute if not using OAuth.

This has set off a backlash among mods and as of Monday June 12, upwards of 3,500 subbreddits – including some big ones like /r/apple have set themselves private in protest.

See: https://www.reddit.com/r/modnews/comments/13wshdp/api_update_continued_access_to_our_api_for/
And: https://yourstory.com/2023/06/reddit-protest-data-monetization-third-party-apps

Apple loves innovation, except when it challenges their quasi-monopoly

We’ve been writing about Nostr a lot (see our announcement regarding the release of easyNostr-NIP05 elsewhere in this edition).

The decentralized social messaging protocol that has been spreading like wildfire is also on iOS devices with the popular Damus app.

Until later this month, that is, which the date in which Damus will be removed from the Apple Store because the protocol level Nostr feature called “Zaps,” defined in NIP-57, which describes sending satoshis (fractions of a Bitcoin) to authors or notes. It’s like an upvote, but with a small amount of value.

Zaps and Lightning over Nostr open the pathway to what has been the Holy Grail of the Internet since the mid-90’s: micropayments.

That’s never been accomplished so long as all the major payment gateways were a centralized peloton of groupthink, censorship and minimum payment fees that were larger than the actual micropayments themselves.

All that stands to change with Lightning, Nostr and the rapidly emerging Zap culture.

Read more: https://axisofeasy.com/aoe/apple-loves-innovation-except-when-it-challenges-their-quasi-monopoly/

What really went on inside the Wuhan lab weeks before Covid erupted

Despite all the Big Tech censorship, it really is looking like the “lab leak” hypothesis has legs.

The investigator team, after scrutinizing intercepted top-secret communications, believe Chinese scientists were splicing together deadly pathogens shortly before the pandemic.

“They found evidence that researchers working on these experiments were taken to hospital with Covid-like symptoms in November 2019 — a month before the West became aware of the pandemic — and one of their relatives died.*

An investigator said: “We were rock-solid confident that this was likely Covid-19 because they were working on advanced coronavirus research in the laboratory. They’re trained biologists in their thirties and forties. Thirty-five-year-old scientists don’t get very sick with influenza.””

Read: https://www.thetimes.co.uk/article/inside-wuhan-lab-covid-pandemic-china-america-qhjwwwvm0

 

 Elsewhere Online:

 

Leader of Covid disinformation unit reveals ‘hourly contact’ with tech firms
Read: https://www.telegraph.co.uk/news/2023/06/09/covid-disinformation-unit-hourly-tech-lockdown-dissent/

 

Payroll Breach Sparks Action: Clop Cybercrime Gang Issues Ultimatum in ICS/OT Sector
Read: https://www.darkreading.com/ics-ot/clop-cybercrime-gang-delivers-ultimatum-after-payroll-breach

 

PowerDrop Malware Targets US Aerospace Industry: New Cyber Threat Emerges
Read: https://cyware.com/news/new-powerdrop-malware-targets-us-aerospace-industry-146aa0d1/

Recent Phishing Campaign Exploits “Picture in Picture” Technique to Deceive Users into Visiting Malicious Websites
Read: https://www.hackread.com/picture-in-picture-technique-phishing-attack/

Experts Raise Alarm as Massive Crypto Scam Network is Unearthed Across 1000 Affiliate Sites
Read: https://www.darkreading.com/attacks-breaches/sophisticated-crypto-scam-sprawls-1000-affiliate-sites

 

 Previously on #AxisOfEasy