Google Drive Forensics Blindspot
by Artie Kaye
Users connecting to Google drive are initially set up with the default free account. Free accounts have no tracking or history as to what files have been copied to or from them. Analytics become available when the account is upgraded. This lack of tracking can be used to exfiltrate data without notice. Additionally, an account can have its upgrade status revoked by someone with administrator level access, have files copied, then restored its previous privileges, and the data transfer will not show up. While this activity won’t appear on the logs, the account status changes will, and could be a sign of a compromised system.
Third-Party references:
Click the links below to learn more details. (Opens in a new tab/window.)
Gigabyte Motherboard Flaw
by Artie Kaye
A firmware security hole was discovered in hundreds of motherboards manufactured by Gigabyte. The firmware has a function where it will run a script to download information during the windows boot process. This information is not verified, it happens across non secure protocols, and because of this, can be targeted by man-in-the-middle attacks. Gigabyte is working to address this issue. Until this is fixed, the function can be turned off in the UEFI by disabling the App Center Download and Install. A list of the affected hardware can be found below.
Third-Party references:
Click the links below to learn more details. (Opens in a new tab/window.)