KW 35: Google, Microsoft plan to spend billions on cybersecurity, Fake apple employee steals 620,000 photos, Popular WhatsApp extension spreads Trojan to cell phone

NEWS

Google, Microsoft plan to spend billions on cybersecurity: Business leaders in sectors ranging from tech to insurance committed billions of dollars to beefing up cybersecurity efforts at a White House meeting with US President Joe Biden on Wednesday. The meeting comes in the wake of several high-profile cyberattacks, including on government software contractor SolarWinds and oil pipeline Colonial Pipeline, that have brought added urgency to such security issues. Google said it would invest more than $10 billion over five years to strengthen cybersecurity and pledged to train 100,000 Americans in technical fields such as IT support and data analytics. Microsoft committed $20 billion over five years to deliver more advanced security tools.
cnbc.com

Fake apple employee steals 620,000 photos: A 40-year-old man has agreed to plead guilty to US court charges that he broke into thousands of Apple iCloud accounts and stole hundreds of thousands of images and videos of young women. According to court records, Hao Kuo Chi, from La Puente, California, collected over 620,000 private photos and videos from his unsuspecting victims after advertising his services online. Most of Chi’s victims were young women, who were tricked into handing over their iCloud login credentials after the hacker posed as an Apple support employee.
bitdefender.com

Popular WhatsApp extension spreads Trojan to cell phones: A malicious version of the FMWhatsappWhatsApp mod delivers a Triadatrojan payload, a nasty surprise that infects their devices with additional malware, including the very hard-to-remove xHelper trojan. FMWhatsApp promises to improve the WhatsApp user experience with added features such as better privacy, custom chat themes, access to other social networks‘ emoji packs, and app locking using a PIN, password, or the touch ID. However, as Kaspersky researchers found, the FMWhatsapp 16.80.0 version will also drop the Triada trojan on users‘ devices with the help of an advertising SDK.
bleepingcomputer.com

– Advertisement –
IoT – Ticker -The physical world meets the digital one. Internet of Things as an interface that revolutionizes both the industry and everyday life. Get a weekly update from the world of „Internet of Things“. iot-ticker.net

Ransomware can be booked as a service: Cybercriminals are increasingly using a type of rental software in their extortion attacks with encryption software, which is provided as a service by new gangs on the network, according to a report by IT security firm Palo Alto Networks. Among them is „Avos Locker,“ which operates the criminal business as a rental service („ransomware as a service“). The group’s service, which appears on the net with a blue beetle logo, also includes a supposed service center.
zdnet.com

Hacker named John Binns claims responsibility for T-Mobile attack: The hacker who is taking responsibility for breaking into T-Mobile US Inc.’s systems said the wireless company’s lax security eased his path into a cache of records with personal details on more than 50 million people and counting. John Binns, a 21-year-old American who moved to Turkey a few years ago, told The Wall Street Journal he was behind the security breach. Binns, who since 2017 has used several online aliases, communicated with the Journal in Telegram messages from an account that discussed details of the hack before they were widely known.
wsj.com

Critical malicious code gap in wiki software Confluence: A vulnerability has been discovered in the Confluence wiki software that allows attackers to execute their own code on the servers. Atlassian provides patches and updates for several versions. Only users of self-hosted Confluence servers are affected; the cloud variant is not affected. Also, some companies are unable to immediately provide the software with an update. As a temporary solution, there is a script that can be used by admins to quickly eliminate the gap temporarily. Details can be found on Atlassian’s page. The vulnerability is a flaw in the Object-Graph Navigation Language (OGNL) that allows arbitrary code to be executed on the server. While in most cases authentication is required to exploit the vulnerability, in exceptional cases this restriction does not exist.
golem.de

Data leak: One million cell phone signature data publicly available futurezone.at
Switzerland: Citizen and community data published on the darknet heise.de
Pandemic: 70 percent more phishing attacks in home offices worldwide it-daily.net
Evin prison: Iran prisons chief apologises over leaked videos of Evin abuse bbc.com
Health care: Every second company in the healthcare industry fears a cyberattack nzz.ch

– Advertisement –
African Edition – The weekly newsletter that provides you with hand-picked news about current discussions and news from Africa: from socio-political developments to African-European relations. The continent at a glance. african-edition.com

NUMBER OF THE WEEK

83 percent of German companies expect to be affected by data theft in the next twelve months.
elektroniknet.de

BACKGROUND

German parliamentary elections and security: For several years now, hacker attacks against political institutions and politicians have repeatedly made headlines. For this reason, cybersecurity is very much in the spotlight ahead of Germany’s election in September. The actual election process is considered secure due to Germany’s slow progress in digitalization. Some other countries already have digital voting systems or the ability to cast votes via computer, but accidents often happen in the process or the systems prove to be vulnerable in retrospect. In Germany, the registration of election candidates, the retrieval of civil registry data and the transmission of the first results on election night are all carried out digitally. Precautions are taken in these areas. One week before the election, the systems are frozen so that even the smallest changes can be noticed quickly. In addition, the results are not transmitted via the internet on election night, but are encrypted and transmitted over a separate network. Another threat scenario in Germany is foreign interference – for example, hackers stealing data from politicians and publishing it. The targeted dissemination of disinformation is also considered a threat. Facebook has therefore responded by investing in detection systems and setting up new departments to combat disinformation.
deutschlandfunkkultur.de

China’s new data security law causes unease among foreign companies: A comprehensive new set of rules comes into force in China on Wednesday, imposing strict requirements on how companies handle their data. The law is causing a huge amount of extra work, and violations could be costly. It is the Chinese government’s third major set of regulations – following the Cybersecurity Law, which took effect in 2017, and the recently passed Data Protection Law – aimed at gaining complete sovereignty over data. In 51 articles, the Data Security Law stipulates, among other things, how companies must secure and maintain their networks in the future, how data must be stored, and the ways in which China’s authorities will control what data a company may transfer abroad, such as to its headquarters. Foreign-invested companies in particular will be confronted with a significantly greater administrative burden as a result of the new data protection law if they want to ensure that they continue to operate in compliance with the law. Due to a lack of definitions, for example on what the law means by data, some things are still unclear. Companies are therefore waiting for the implementing regulations.
nzz.ch

QUOTE

„A security vulnerability in the software is a material defect.“
Attorney Hendrik Heymel advises that manufacturers must fix security vulnerabilities in the software within the warranty period.
spiegel.de

SECURE?

Man robbed of 16 bitcoin hunts down suspects, sues their parents: In 2018, Andrew Schober had invested 95 percent of his net wealth in cryptocurrency – but then disaster struck. Schober had downloaded an app called “Electrum Atom” after clicking a link on Reddit, mistakenly thinking it was a Bitcoin wallet. Instead, it was malware that allowed hackers to steal 16.4552 bitcoin when he tried moving some of his tokens. At the time, they were worth nearly $200,000. Today, they would be worth over $750,000. After years of private investigations costing more than $10,000, Schober thinks he has found the thieves, and he’s suing their parents to get his bitcoin back. The lawsuit alleges that two men in the UK—both minors at the time, now attending university for computer science—used the supposed wallet app to deliver malware that inserted itself into a computer’s Java libraries.
arstechnica.com

Newsletter subscription

Subscribe to our free weekly newsletter for a compact overview of safety and security topics:

Safety-Security-Ticker

More digital news briefings

Our political briefings