KW 3: Glitch at FU Berlin gives students access to exams data, CDU reports hacker attacks at digital party congress, After hacker attack: Funke media group leaves emergency mode

NEWS

Glitch at FU Berlin gives students access to exams data: Last Tuesday, a technical glitch in the campus management system of the FU Berlin gave all students temporary access to their own and other people’s examination data. Participant lists and grades were not only visible, but could also be changed manually. The reason for this was an accidental setup when the campus management website was restarted, which allowed simple student accounts to switch to „God mode“, through which they gained full access and write rights. Access to the data was probably possible for several hours. How many students made use of the extensive powers is still unknown.
netzpolitik.org

CDU reports hacker attacks at digital party congress: According to CDU Secretary General Paul Ziemiak, numerous hacker attacks occurred at the German party’s first digital federal party convention over the weekend. The attacks came mainly from abroad, but they were expected and fought off, according to Ziemiak. The issue were primarily DDoS attacks on the party’s homepage. The newly elected party chairman Armin Laschet was relieved that the attacks were warded off. An enormous risk was taken with the digital format, but it was „mastered excellently“.
spiegel.de

After hacker attack: Funke media group leaves emergency mode: After a hacker attack on the newspapers of the Funke media group, the group plans to restart the papers over the course of the week. Funke media group said it was making rapid progress with the reconstruction of the infrastructure as well as with the „cleaning“ and reissuing of the notebooks and added it was optimistic that it would be able to leave the emergency mode this week. Since the attack shortly before Christmas, numerous daily newspapers such as the „WAZ“, the „Berliner Morgenpost“ and the „Hamburger Abendblatt“ have been releasing emergency editions.
t-online.de

– Advertisement –
IoT – Ticker -The physical world meets the digital one. Internet of Things as an interface that revolutionizes both the industry and everyday life. Get a weekly update from the world of „Internet of Things“. iot-ticker.net

School platforms in Hessen continue to be targeted: As in other German states, the central school platform for digital teaching in Hessen has also become the target of numerous hacker attacks. So far, however, the site has withstood the attempts of cyber criminals while handling the enormous rush of schoolchildren, the education ministry announced on Tuesday. Representatives of teachers‘ unions criticized serious disruptions at the start of the Hessian school platform on Monday. The school cloud of the Hasso Plattner Institute, which is used by around 100 schools in Hesse, was temporarily disrupted.
fr.de

Telegram bot sells phone numbers to Facebook profiles: In Germany, a Telegram bot is allegedly selling hundreds of millions of phone numbers from Facebook users. So far it is unclear where the data came from. In the past, however, the social media platform Facebook had repeatedly suffered from data leaks and other problems. User phone numbers have also been affected. In order to get to the stolen private numbers via the Telegram bot, one only has to enter the user’s Facebook ID. This also works the other way round, if the interested party has the number and wants to find out a specific Facebook ID. As a result, around six million German Facebook profiles are affected.
heise.de

Operators report successful attack on OpenWrt forums: Attackers have likely succeeded in accessing user data on the Linux distribution OpenWrt, which users usually use as alternative firmware. According to the operators, the OpenWrt Wiki was not affected. The attackers had succeeded in downloading a user list that included e-mail addresses. It is still unclear whether other passwords have been cracked. Those who are active in the forum now have to manually enter a new password, according to the site operator.
heise.de

Scam: Fake Microsoft employees on the phone chip.de
Alternative: Comparing Signal and WhatsApp chip.de
Darknet: Investigators remove large illegal marketplace it-zoom.de
Bureaucracy: ID cards are becoming safer and more expensive augsburger-allgemeine.de
Data leak: More than 45 million medical image files freely accessible worldwide it-daily.net

– Advertisement –
African Edition – The weekly newsletter that provides you with hand-picked news about current discussions and news from Africa: from socio-political developments to African-European relations. The continent at a glance. african-edition.com

NUMBER OF THE WEEK

According to the new Allianz risk barometer, which surveys 2,769 experts from 92 countries, hacker attacks rank third among the greatest threats to companies worldwide, only beaten by pandemics and business interruptions.
automobilwoche.de

BACKGROUND

One month after SolarWinds: On December 9, 2020, the first IT specialists at the security company FireEye noticed that they had apparently been the target of a hacker attack for months. In the following days, the scandal spread – departments of the US government, including the Treasury and Commerce Department, were also affected by the attack. After a little over a month, various superlatives are making the rounds: there is talk of a historic event, one of the largest hacker attacks in decades and even the beginning of a new era of cyber espionage. But are these assessments justified? In view of the continuing danger of a second, still active back door, the dangers may not yet be averted. In addition, despite the successful theft of enormous amounts of data, there have been no ransom demands from the attackers to this day.
spektrum.de

Signal messaging platform restored after surge prompts outage: Messaging platform Signal says it has resolved technical problems which have hampered its service over the past few days, after seeing a rush of new users. On Friday, some users reported messages failing to send on both the mobile and desktop apps for several hours. The company has seen a huge uptick in interest since its rival WhatsApp unveiled new privacy terms last week. The new terms led many users to believe WhatsApp was telling them that they must allow it to share data with its parent company Facebook if they wished to continue using it.
bbc.com

QUOTE

„The Trump era was the exact opposite of safe when it came to cyber security. It was more of a precarious mix – good for war but bad for privacy, with a bit of disinformation as an encore. We have moved from a defensive to an attacking stance as a method of cybersecurity.“
Andreas Müller, Regional Director at Vectra AI, analyzes the expected changes in cybersecurity under the new US President Joe Biden.
infopoint-security.de

– Advertisement –
Blockchain: Bitcoin hits record, Cabinet passes law on electronic securities, Startup SpaceChain receives funding for space blockchain blockchain-ticker.net
AI: Israeli start-up wants to use artificial intelligence to avoid misdiagnosis, EU agency names risks of AI ai-ticker.net
Safety and Security: Data of thousands of Covid infected Russians leaked to the public safety-security-ticker.net
Smart Life: Study shows public opinion about Smart Home providers, Google app enables communication only through eyes smartlife-ticker.net

SECURE?

Linux Mint hacked by children: The Linux Mint project has patched a security flaw this week that could have allowed a threat actor to bypass the OS screensaver and its password and access locked desktops. This particularly nasty security flaw was discovered by two kids playing on their dad’s computer, according to a bug report on GitHub.
zdnet.com

Newsletter subscription

Subscribe to our free weekly newsletter for a compact overview of safety and security topics:

Safety-Security-Ticker

More digital news briefings

Our political briefings