Tech Friday with Dave Hatter - April 24th 2020 - SPONSORED BY INTRUST IT


  • Browser fingerprinting is used to track your web travels:
    • Many organizations use variety of tools and techniques to track you online
    • Some methods, like cookies, have been around for a long time
    • Browsers and adblockers have started clamping down on cookies
    • Browser fingerprinting is a less known but more invasive method of tracking, and it's popularity is growing
    • When you visit a website, your device sends a large amount of information that is typically used to help the site adjust to your device
    • Fingerprinting captures many of your device's unique characteristics such as IP address, MAC Address, software installed, fonts, settings, attached devices, etc.
    • Even settings designed to protect privacy like DoNotTrack are used to aid fingerprinting
    • All this data creates a highly unique "fingerprint" that can be used to track you across sites, and unlike cookies, a fingerprint is dynamic and can't be deleted
    • Advertisers track users as they browse by analyzing the fingerprint as you browse the web
    • Fingerprinting has been used by banking websites for a long time to fight fraud
    • In 2014, fingerprinting was found on 5% of the top 100,000 websites. In 2019, Mozilla found it used on 12% of the top 1,000 sites
    • In some cases, fingerprinters come embedded ad technology, so the website owner may not even be aware the technique is in use
    • Ad blockers block ads but most will not stop fingerprinting
    • There are things your can do to help block fingerprinting:
      • Use a web browser that has tracking protection activated by default
      • Use a web browser with anti-fingerprinting protection included
      • Firefox made Enhanced Tracking Protection a default since June 2019 and made fingerprinting protection a default in 2020
      • Use Tor
  • Critical flaw allows iOS hack merely by receiving an email:
    • The default email application (app) on millions of iOS devices has two critical flaws currently being exploited in the wild
    • ZecOps researchers said the bugs are remote code execution flaws that reside in the MIME library of Apple's mail app
    • These flaws could allow remote hackers to surreptitiously take control over Apple
    • Both flaws get triggered when the content of an email is processed, and one of the two requires no interaction from the recipient
    • The ZecOps researchers said both flaws have existed in iOS since version 6
    • The researchers said it is difficult for users to know if they've been targeted because attackers delete the malicious email after gaining access
    • Multiple groups of attackers have been exploiting these flaws for at least 2 years, targeting high profile individuals in Germany, Israel, Japan, the US and Saudi Arabia
    • When successful exploited, the malicious code allows attackers "to leak, modify, and delete emails."
    • To take full control of a device, attackers need also exploit a separate kernel vulnerability
    • The researchers said "With very limited data, we were able to see that at least six organizations were impacted by this vulnerability – and the full scope of abuse of this vulnerability is enormous"
    • "While ZecOps refrain from attributing these attacks to a specific threat actor, we are aware that at least one 'hackers-for-hire' organization is selling exploits using vulnerabilities that leverage email addresses as the main identifier."
    • Unfortunately, there is no patch available yet, but one should be available with the next iOS update
    • Until then, Apple users are strongly encouraged not to use the built in mail app, rather, use an alternative such as Outlook or Gmail
    • You can read a detailed overview here:https://www.cbronline.com/news/unpatched-iphone-zero-day
  • Cybercrime reports quadrupled during Coronavirus pandemic per the FBI:
    • FBI Deputy Assistant Director Tonya Ugoretz speaking in an online panel hosted by the Aspen Institute recently said the number of Internet crime related reports has quadrupled compared to months before the pandemic
    • "The FBI has an Internet Crime Complaint Center, the IC3, which is our main ingest point. Sadly the IC3 has been incredibly busy over the past few months," Ugoretz said
    • Ugoretz said "Whereas they might typically receive 1,000 complaints a day through their internet portal, they're now receiving something like 3,000 - 4,000 complaints a day not all of those are COVID-related, but a good number of those are.
    • "They really run the gamut. Everything from setting up fraudulent internet domains [...], we've seen people set up fraudulent COVID charities, promise delivery of masks and other equipment, and then deliver fraudulent loans, extortion, etc.. So pretty much, sadly, anything you can think of. Cyber-criminals are quite creative" Ugoretz said
    • Sadly, scammers and cyber criminals are using COVID-19 to launch a wide variety of online scams and attacks
    • For example, a malware based threat reported by MalwareHunterTeam is an app that purports to be a "map of infections" showing real-time coronavirus infections. In actuality, it exfiltrates sensitive information and can create a backdoor for remote access
    • And the FTC recently warned about these types scams on their website: "They’re setting up websites to sell bogus products, and using fake emails, texts, and social media posts as a ruse to take your money and get your personal information."
    • Several Coronavirus phishing scams have been launched including one in which malicious links and PDFs that claim to contain information on how to protect yourself are being sent
    • The email claims to be from a virologist and says "Go through the attached document on safety measures regarding the spreading of corona virus," and "This little measure can save you."
    • And the FDA is issuing warning letters to firms for selling fraudulent products with claims to prevent, treat, mitigate, diagnose or cure Coronavirus disease 2019 (COVID-19)
    • COVID-19-related phishing has been on the rise since January according to security firm Barracuda Networks
    • Researchers have observed a massive 667% spike in these attack since the end of February
    • These COVID-19 phishing email could deliver malware, steal credentials, and scam users out of money, etc.
    • The FBI and Secret Service have recently issued an alert about these types of attacks
    • Barracuda said "The attacks use common phishing tactics that are seen regularly; however, a growing number of campaigns are using the coronavirus as a lure to try to trick distracted users to capitalize on the fear and uncertainty of their intended victims"
    • Barracuda researchers have seen 3 main types of COVID-19 phishing themes: scamming, brand impersonation, and business email compromise (BEC)
    • One of the most disturbing phishing campaigns sends email that purports to be from a local hospital. It tells the recipient they have been exposed to the virus and need to be tested
    • It claims one your colleagues, friends, or family members has tested positive for the virus. You are urged to print the attached “EmergencyContact.xlsm” file to take to a testing center
    • The Excel file has embedded macros which requires that the victim "Enable Content". Doing so enables the infection
    • The malicious code, analyzed by BleepingComputer experts, is an information stealer. It attempts to steal cryptocurrency wallets and web browser cookies as well as capturing a list of running applications, open network shares and local IP addresses
    • What you should do:

55KRC · THE Talk Station in Cincinnati

Listen Now on iHeartRadio