If it’d aid an investigation, would you compromise an official’s security by allowing these hackers to continue to act instead of giving notice?
After number ten’s debate on Net Neutrality, it’s time to come back to day-to-day IT security news. GOT(IT) #11 comes with the aftermath of Fancy Bear’s attack, Apple’s quick reaction to a huge hole in High Sierra’s security, plus how some websites use your CPU to mine cryptocurrencies.
|FBI didn’t notify all those affected by Fancy Bear’s attacks|
Recently, an article on Motherboard sparked a debate: a hacker that works busting child pornography sites found out that one of the top distribution websites was being controlled by Australian police forces. The moral dilemma: they were running the site to uncover suspects, distributors, and buyers.
Depending on the results, some might say the investigation’s worth it. Today, we face a similar discussion with the recent Fancy Bear attack to several politicians and state officials, who were not all warned by the FBI.
According to the report, about 80 interviews took place with US targets, and only 2 of them were informed by the Federal Bureau of Investigation; this is a shockingly low number when you learn that according to the current policy, “notifications should be considered even when it could potentially affect ongoing investigations”.
This Gmail attack started in 2015, with over 500 US groups and persons identified. During AP’s interviews to the targets, they discovered they were the first to reach potentials victims, which included retired officials such as former head of Air Force Intelligence, Lt. Gen. David Deptula.
One of the possible justifications to the FBI’s course of action could be “the volume” the data had; another obvious one, the investigation behind. But the victim’s reaction is the same: they would have wanted to be informed to take preventive measures.
|High Sierra 10.13 Update Came With Root Access Bug|
Apple’s latest High Sierra update, 10.13 came with a simple yet quite big security gap: you could gain root access to a machine using a blank password and a little patience. Thankfully, Apple released a quick patch that should be up now.
Did it come with more trouble? Not at all! And thus, macOS continues to be a safer alternative. However, the patch did cause some issues with file sharing. Which can be fixed using the following command in terminal: sudo /usr/libexec/configureLocalKDC.
|Websites That Use Your CPU to Mine Just got Smarter|
Clever trick by the attackers, but it didn’t secure a long-lasting mining: as soon as the visitor exited the page, the mining stopped. But researchers have discovered a quite clever trick that secured the victim’s CPU for a while.
They now open a pop-up image that hides behind the clock, behind Window’s task bar, and there it remains until the user does something. And it doesn’t stop there! A few changes in this malicious code were made to help hide this: the window makes sure not to max-out the CPU’s usage.
And… it doesn’t stop there, again! It is designed to avoid AdBlockers and closing it manually might not work, making the Task Manager the safe choice.
The boom of cryptocurrencies is taking its toll on security! The latest worry could easily become not having a mining-zombie-pc.