The SecuriTea News - Issue #19

Each week The SecuriTEA Report brings you the latest Cybersecurity News. Receive even more information by signing up for our newsletter. Here's what's new for this week:

Your Phone Bill Details Might Have Been Leaked Recently. Hundreds of thousands of mobile phone bills for AT&T, Verizon, and T-Mobile subscribers have been left open and visible to the public internet, thanks to the oversight of a contractor working with Sprint. According to a media investigation, the contractor misconfigured a cloud storage bucket on Amazon Web Services (AWS), in which more than 261,300 documents were stored – mainly cell phone bills from Sprint customers who switched from other carriers. Cell phone bills are a treasure trove of data and include names, addresses and phone numbers along with spending histories and in many cases, call and text message records. In this case, some of the bills date back to 2015 and it is currently unclear how long the bucket was exposed. To make matters worse, some documents were even more sensitive that included information such as bank statements and screenshots web pages containing subscribers’ online usernames, passwords, and account PINs. This is yet again another case of cloud misconfigurations that lead to the exposure of customers. It is important that you check over your pin numbers and accounts if you have a subscription with any of these providers.

Major Crime Organization Shakedown. Australian and global authorities arrested 13 notorious cybercriminals who were behind a famous tool, dubbed Imminent Monitor Remote Access Tool (RAT), that allowed full control of a victim's computer. This RAT tool first appeared back in 2012 and was being sold in the underground market for $25 a pop. Advertised as “the fastest remote administration tool ever created using new socket technology that has never been used before", the remote access tool allowed attackers to access files, processes, Windows Manager, Windows Registry, the clipboard where you can copy and paste items, as well as the ability to run commands. The cybercriminals formed a group lead by a user named "Shockwave" and claimed the tool was made for legitimate reasons and they are not responsible for the nature in which a buyer uses their services. The features in the tool contradict this claim, for instance, a plugin lets users turn the webcam light off while monitoring possibly leading a victim to believe they are no longer being recorded when they are. This features, and other suspicious ones like it, is what led to authorities investigating and ultimately tracking down the group in Australia to lead to their arrests. More information about this story can be found here.

Politician Facing 3 Years For iCloud Hacking. A Netherland politician is facing three years in prison for hacking into several women's personal iCloud accounts, stealing nude photos and other personal information, and leaking them online. Mitchel van der K, a member of a political party in the Netherlands, was a part of "Celebgate", the global incident in which celebrities such as Jennifer Lawrence and Kirsten Dunst had their nude photos leaked online. The backlash from the attack prompted Apple to patch a vulnerability found in its "Find My iPhone" feature that was likely used by attackers to access the celebrity iCloud accounts. Not only were nude photos stolen but so were documents, agendas, and other personal information. Van der K has not denied the claims, stating that he acknowledges that he hacked several accounts but said he was under pressure by an “unknown extortioner” or said that his own visual material would be leaked if he did not comply, according to Dutch authorities. Van der K should know his sentencing fate just in time for Christmas, as the Dutch court is expected to rule on the case on Dec. 24, according to the prosecution.

"Say Cheese" The Next Time You Travel. The Department of Homeland Security is now stating that all travelers to and from the United States, citizen or not, are subject to facial recognition-based checks. If you have flow international recently, specifically Delta, you may have already experienced these kinds of checks; they have booths set up at the entry-way to the plane that you look into and *boom* your face has been scanned and verified that you are who you said you are. The proposed ruling comes amid an expansion of the DHS’ use of facial recognition checks at the U.S. border. Previously, the DHS facial recognition checks applied to only non-U.S. citizens traveling to and from the U.S. Naturally, this program raises concerns about the privacy and security of facial recognition data collection –particularly after a June data breach exposed photos of the faces and license plates for more than 100,000 travelers driving in and out of the country. The ACLU took a stance against this proposal on Twitter, saying that “Travelers, including U.S. citizens, should not have to submit to invasive face recognition scans simply as a condition of exercising their constitutional right to travel." It is important for users to make sure they are understanding their privacy rights in regards to facial recognization as programs, such as this one, expands.

The Cyberthreat Lurking in Your Living and Bedrooms. These days it is normal to have multiple televisions in the home and if you care about having the latest and greatest, chances are you own multiple smart TVs. Having a smart TV, though, may weaken your home security defenses in a new warning by the FBI. "Smart TVs, which hook up to the internet to allow users to access apps and stream Netflix and other video services, can be gateways for hackers. Hackers can take control of your unsecured TV,” according to the notice. “At the low end of the risk spectrum, they can change channels, play with the volume, and show your kids inappropriate videos. In a worst-case scenario, they can turn on your bedroom TV’s camera and microphone and silently cyberstalk you.” In addition to these security and privacy concerns, connecting your TV to your home WIFI can also allow a hacker to move their way to other connected smart devices and lead to an entire takeover.

“A bad cyber-actor may not be able to access your locked-down computer directly, but it is possible that your unsecured TV can give him or her an easy way in the backdoor through your router,” the bureau said in its notice, issued ahead of Black Friday and Cyber Monday as it tried to be preemptive in warning consumers. The feds also warned of the potential “risk that your TV manufacturer and app developers may be listening and watching you,” noting that newer TVs with built-in cameras allow video-chatting. Also, some models have facial recognition, “so the TV knows who is watching and can suggest programming appropriately,” according to the notice, which also potentially opens up privacy concerns. “If you can’t turn off a camera but want to, a simple piece of black tape over the camera eye is a back-to-basics option,” the FBI noted. “Check the privacy policy for the TV manufacturer and the streaming services you use. Confirm what data they collect, how they store that data, and what they do with it.” To protect themselves from all of these threats, consumers should change smart TVs’ default security settings and passwords, and know how to turn off the microphones, cameras, and collection of personal information if possible, the FBI said. They should also check a manufacturer’s track record with pushing out security patches.

And that's a wrap for your Weekly SecuriTea Report. Be sure to check out the latest every week for the latest in Information Security News. Follow us on social media for daily news.