Hey there, FixMeFans and StartMeStars! We’re back with another edition of our weekly roundup where we deliver the most recent comings and goings of the cybersecurity world.
This week we’re dealing with North Korean hackers targeting cybersecurity researchers. Then how Facebook has been providing the FBI with private messages related to the Capitol Hill riots. And finally, the creepy details surrounding a home security technician who’s been using video feeds to spy on customers.
Over the past few months, North Korean hackers have been posing as cybersecurity researchers in order to attack other verified cybersecurity researchers.
According to a report by Google’s Threat Analysis Group, the hackers have been setting up fake Twitter accounts with posts promoting cybersecurity research. The fake accounts would then message legitimate research accounts with links leading to websites lined with malicious code. Once on the website, malware would be uploaded to the victim’s browser, effectively giving the hacker access to their information.
According to the report by Google, it’s likely that a government-backed entity based in North Korea is responsible for the attacks. These attacks have been traced back to a number of different accounts found on Twitter and LinkedIn.
You can read more on the attacks here!
Following the recent riots on Capitol Hill, the FBI has been actively searching for any individuals linked to the event, and have now turned to Facebook for help.
After calls from lawmakers to preserve data linked to Capitol Hill riot investigations, Facebook has opted to provide further details that can help the FBI track individuals that have been involved. In the form of a search warrant, Facebook was able to provide the FBI with relevant private messages, linked IP addresses, phone numbers, and email accounts that had been attached to Facebook. Although Facebook’s chief operating officer Sheryl Sandberg claims that the mobs were mostly organized on smaller fringe sites, there is evidence that numerous Facebook groups and accounts, public and private, were used to help organize the protest.
Curious? You can read more about the Capitol Hill update here.
This past Thursday, former ADT home security technician, Telesfloro Aviles, pleaded guilty to logging into customer’s video feeds to watch naked women and couples having sex. Currently facing up to five years in prison, Aviles had admitted to watching customers for nearly five years, and had accessed approximately 200 customer accounts more than 9,600 times.
According to reports, Aviles would gain access to the video feeds by claiming he needed to temporarily add himself to customers’ accounts to conduct system tests, although there are times when he would add himself without permission as well.
ADT currently faces multiple class action lawsuits over the incident, though ADT claims to be working towards resolving the disputes with customers.
You can read more about the situation here!
That’s all for this week’s roundup folks! We hope you’re staying safe with all that’s going on, especially when it comes to your cybersecurity!