KW 30: German authorities brace for cyberattacks in September federal election, Clubhouse denies data breach, Pharmacies to issue certificates again after security breach

NEWS

German authorities brace for cyberattacks in September federal election: Two and a half months before the federal election in Germany, many hacking attacks and disinformation campaigns are being registered by security authorities. Apparently, however, not just foreign states are at work in spreading false news, but also German extremists as well as supporters of conspiracy theories. The Office for the Protection of the Constitution therefore advises people to use all available information channels in order to exclude the influence of false information. A wave of attacks was also launched on members of the Bundestag as well as state parliaments in February. Arne Schönbohm, President of the Federal Office for Information Security, warns of the complex threat situation. He says his agency has made many offers of help to parties and candidates in recent months. Federal Election Commissioner Georg Thiel is confident that this fall’s election will be tamper-proof.
dw.com

Clubhouse denies data breach: Days after social audio app Clubhouse opened up the app to the general public without invites, allegations emerged on Saturday that the service had suffered a data breach and contact information including 3.8 billion numbers (that were synced with the service) was being sold on the dark web. However, after examining the claims, security experts have now stated that the claims of a data breach seem highly unlikely. Meanwhile, Clubhouse has also issued a statement denying the occurrence of the alleged breach.
tech.hindustantimes.com

Pharmacies to issue certificates again after security breach: Starting next week, pharmacies in Germany will again be able to issue Covid vaccine certificates. The German Pharmacists Association, in consultation with the ministry, had stopped issuing them after a serious security breach was discovered that allowed vaccine certificates to be issued by unauthorized persons. The Federal Ministry of Health and the Federation of German Pharmacists‘ Associations now announced in a joint statement that the portal was usable again.
handelsblatt.com

– Advertisement –
IoT – Ticker -The physical world meets the digital one. Internet of Things as an interface that revolutionizes both the industry and everyday life. Get a weekly update from the world of „Internet of Things“. iot-ticker.net

IT service provider Kaseya with solution for computers encrypted by hackers: The technology provider at the center of a ransomware attack this month said it obtained a tool to unlock data targeted by hackers in an incident that disrupted hundreds of firms in several countries. Kaseya said it received a universal decryptor that would help restore all the computer systems affected by the July 2 hack of one of its products, which acted as a springboard for hackers to reach New Zealand schools, a Dutch information-technology company and other organizations. The ransomware group behind the attack initially demanded $70 million for such a tool. Kaseya spokeswoman Dana Liedholm described the source of the decryptor as a trusted third party, declining to elaborate or comment on whether a ransom was paid.
wsj.com

MagaCoin launch marred by data leak: The launch of a cryptocurrency developed by Donald Trump supporters last week has been marred by a website data breach. According to The Guardian, user information including IP addresses, email addresses and passwords were accessed via a poor security configuration on the project’s website. An unnamed and self-described hacktivist told The Guardian that more than 1,000 people have signed up, including Republican figures and conservative media personalities, with the majority of holders having around 100 MagaCoin. Roughly 75 million MagaCoin were created to represent the 75 million voters who were supposedly “disenfranchised on November 3rd, 2020” — the day of the US election results in which Trump lost to Democrat Joe Biden. Trump supporters have since asserted without evidence that the election was rigged and have lost numerous court cases challenging the results.
theguardian.com, cointelegraph.com

Apple releases iOS 14.7.1 to fix a zero-day exploit: Last week iOS 14.7 appeared, adding features including support for Apple’s magnetic battery pack. Unfortunately, the update also interrupted the “Unlock with iPhone” feature that Apple Watch wearers used for easy access to their wristwear. Now, another update is going out to fix that. According to Security Week, this is the 13th zero-day vulnerability Apple has fixed this year. A zero-day vulnerability is known by this name because the manufacturer has no time to fix the vulnerability before it is exploited by attackers.
theverge.com

Twitter: British man arrested in Spain over alleged role in Twitter hack of high-profile accounts euronews.com
Pegasus: Chief of WhatsApp, which sued NSO over alleged hacking of its product, disputes firm’s denials on scope of, involvement in spyware operations washingtonpost.com
Malware: Beware of fake versions of Windows 11 installers circulating the internet pocnetwork.net
Cybersecurity: Amazon deleted 200 million fake reviews in 2020 notebookcheck.net
THORChain: Possible ‘white hat hacker’ exploits THORChain for $8M, proposes 10% bounty cointelegraph.com

– Advertisement –
African Edition – The weekly newsletter that provides you with hand-picked news about current discussions and news from Africa: from socio-political developments to African-European relations. The continent at a glance. african-edition.com

NUMBER OF THE WEEK

30 billion data sets were stolen in 2020, according to a report by Canalys, an analytics firm specializing in the technology industry.
fundresearch.de

BACKGROUND

German municipalities are at the mercy of hackers: Many municipalities in Germany are helpless against hackers, according to IT security experts. For example, a cyberattack paralyzed the administration in the Anhalt-Bitterfeld district at the beginning of July, and ransomware attacks in particular are becoming more frequent. The situation of the parties represented in parliament is similar to that of local authorities. Left party network policy spokesperson Anke Domscheit-Berg said: „A very high proportion of the many thousands of municipalities in Germany are vulnerable to dangerous and momentous attacks on their IT security.“ Manuel Atug, IT security expert at the Chaos Computer Club, pointed out that „the state and government have slept through this development and failed to arm themselves for cyberspace. It’s not something we screwed up in a few weeks, it took decades to get there, so to speak.“
faz.net

Cybersecurity important factor at Olympics: Even though the Tokyo Olympics will be held without spectators after Japan again declared a state of emergency following a spike in COVID-19 cases, the Games still rely on a variety of cutting-edge digital infrastructure, such as AI-powered live translation devices, facial recognition technology, and ZMP’s Robot Taxi, a driverless car. As the virtual audience grows in our increasingly connected world, cybersecurity must be brought into focus to ensure that such a large-scale event can be held without disruption or security risks. Japan and the IOC have identified cybersecurity as an overwhelmingly important factor and have announced plans to invest in this area to create the most cybersecure environment possible for the Games. However, the IOC notes that it will not disclose the specific details of its cybersecurity plan because cybercriminals could draw information from it.
it-daily.net

QUOTE

„Now we’re seeing an industry based on hacking these phones – and spying on them even more than they already were before. They can take full control of a device.“
Edward Snowden on the Pegasus revelations and the growing cyber espionage industry.
stern.de, theguardian.com

SECURE?

No hacker attack on administration in Bernburg after all: There has not been a Trojan attack in the eastern German town of Bernburg. On Thursday, suspicious activity had been reported in the city administration by the anti-virus software. But this was a false alarm, Michael Klocke, spokesman for the State Criminal Police Office, said Tuesday morning. The shutdown servers are expected to be restarted soon. He said that the anti-virus software had been fine-tuned after the attacks on the administration in the Anhalt-Bitterfeld district three weeks ago. This had led to something being displayed that was not there at all.
mdr.de

Newsletter subscription

Subscribe to our free weekly newsletter for a compact overview of safety and security topics:

Safety-Security-Ticker

More digital news briefings

Our political briefings