Squeeze Volume 2 - Twitter Hacker Arrested & New MFA, Google Hacking, New Kali Feature & More

Welcome to the second edition of the Secjuice Squeeze, where we present a selection of last weeks interesting infosec articles curated for your reading enjoyment in case you missed them! This week's volume was created by Mike Peterson, Miguel Calles, and Chad Calease.

Member of Group That Hacked Twitter CEO Was Arrested

On August 30, 2019, hackers took over Jack Dorsey, Twitter's CEO, and posted bomb threats and racist messages. The attack used a SIM swap attack, where a hacker convinces a cellular provider representative into activating a new phone with an existing SIM, which allows the hacker to receive text message two-factor authentication codes. Law enforcement agencies arrested a minor for allegedly being a member of The Chuckling Squad, a hacker group that compromised the account.

https://www.cnet.com/news/jack-dorsey-twitter-account-hacking-cops-reportedly-make-arrest/
https://www.vice.com/en_us/article/gyzawx/authorities-arrest-suspected-jack-dorsey-hacker

Twitter Adds Non-SMS-Based Multi-Factor Authentication

Until recently, Twitter only allowed text messages (SMS) in their multi-factor authentication (MFA). Twitter now allows using authenticator apps and security keys to enable MFA. A user may also disable SMS MFA to prevent account takeover using attacks like an SIM swap attack.

https://www.zdnet.com/article/twitter-will-finally-let-users-disable-sms-as-default-2fa-method/
https://help.twitter.com/en/managing-your-account/two-factor-authentication

Ring Security Cameras Could Alert Users of 'Suspicious' Individuals with Facial Recognition

Internal documents reviewed by The Intercept show that Amazon is planning on adding a new facial recognition feature to its Ring security cameras. The feature would alert users if "suspicious" individuals was captured within a camera's frame. While it isn't clear how Ring would determine suspiciousness, the documents repeatedly refer to law enforcement – fueling speculation that it's connected to Amazon's controversial police partnerships.

https://threatpost.com/amazon-ring-facial-recognition-watch-list/150681/
https://theintercept.com/2019/11/26/amazon-ring-home-security-facial-recognition/

Kali Linux 2019.4 Introduces Windows 10-Style 'Undercover Mode'

Working in a public place and don't want the dragon logo on your laptop spooking someone? The latest version of Kali (2019.4) has a new "undercover" mode which can make the Linux distribution look like Windows 10 in a pinch. It isn't a perfect impersonation, but it may be enough to fool the random passerby.

https://www.bleepingcomputer.com/news/security/kali-linux-adds-undercover-mode-to-impersonate-windows-10/
https://www.kali.org/news/kali-linux-2019-4-release/

Europol Shuts Down 'Imminent Monitor RAT' Crime Ring with 13 Arrests

Europol announced on Friday that it had shut down the organized cybercrime network behind the Imminent Monitor RAT hacking tool. As part of the final stage of its operation, Europol last week arrested the malware's author and 13 of its most high-profile users. It also seized the IM-RAT website, backend servers and about 430 machines believed to be used to spread the malware.

https://www.zdnet.com/article/authorities-take-down-imminent-monitor-rat-malware-operation/
https://www.europol.europa.eu/newsroom/news/international-crackdown-rat-spyware-which-takes-total-control-of-victims’-pcs

Attacks on Hotel Front Desks are Ramping Up

The next time you check into a hotel, you may want to consider using a less-important credit card. According to new data from Kaspersky, a new campaign called RevengeHotels has been targeted the hospitality business to steal personal guest information and financial data. While the campaign has been active since 2015, attacks appeared to be significantly higher this year.

https://www.zdnet.com/article/hotel-front-desks-are-now-a-hot-target-for-hackers/
https://securelist.com/revengehotels/95229/

Google Warns 12,000 People They Were Target of Government Hacking Attempts

Between July and September this year, Google said it warned about 12,000 users that they were suspected to have been targets of government-backed hacking attempts to gain access to their Google accounts. The majority of those users were in the U.S. and about 90 percent were the target of phishing emails. While the number may seem high, it's actually consistent with the same period last year.

https://www.forbes.com/sites/thomasbrewster/2019/11/27/google-warns-12000-they-were-hit-by-government-hackers---heres-what-to-do-if-youre-a-target/
https://landing.google.com/advancedprotection/

Target Suing Over 2013 Data Breach

Target filed a lawsuit against ACE American Insurance Co., its insurer from the 2013 data breach. Target is trying to recover $74M in card replacement costs.

https://www.govinfosecurity.com/target-sues-insurer-over-2013-data-breach-costs-a-13435
https://www.businessinsurance.com/article/20191118/NEWS06/912331718/Target-sues-Chubb-in-connection-with-2013-data-breach

Is Twitter Listening to Its Users?

Twitter radically shifted course this week, choosing to pause its initiative to delete inactive accounts after feedback to be more intentional, in particular about memorializing user accounts for those who've passed away.

Credit is due to TechCrunch alum Drew Olanoff, who wrote about this from his own experience. He asked Twitter to think about how deleting inactive accounts willy-nilly would potentially create an enormous amount of emotional fall-out.

Twitter has always had a policy for this and other similar issues but hasn't drawn much attention to it. These policies always have room for improvement and awareness, too. That they're willing to listen to their audience shows promise, especially for an audience that may already be processing the loss of a loved one.