KW 8: Mysterious malware discovered on over 29,000 Macs, Chinese spyware code was copied from America’s NSA, Hackers target Myanmar government websites

NEWS

Mysterious malware discovered on over 29,000 Macs: Security researchers have discovered new malware that has already been installed on Macs. However, so far it has done nothing more than wait for new commands. The malware called Silver Sparrow comes as an installation package on Mac and obviously the user must install it first. There is an “updater.pkg”, which is designed for Intel Macs, and an update.pkg, which delivers a tailored program for Intel and ARM Macs in the standard Mach-O binary format, as explained by security company Red Canary.
techgamingreport.com

Cybercrime boom thanks to Covid: Almost four of every five attacks attributed in 2020 were conducted by cybercriminal groups, a significant jump from 2019, with attacks on healthcare or using the pandemic rising fast. While nation-state operations and espionage claimed the spotlight in 2020, nearly 80% of intrusions involving an attacker at a keyboard were related to cybercrime, security services firm CrowdStrike stated in its annual „Global Threat Report.“ In fact, cybercriminal groups have moved away from automated attacks and toward intrusions involving manual hacking and targeting large enterprises.
darkreading.com

France says multiyear hack similar to Russian attacks: The French cybersecurity agency warned that an attack similar to one used by Russian military hackers has been penetrating companies that use Centreon software for three years. The attack started in late 2017 and continued into 2020, watchdog ANSSI said in a report. A representative for ANSSI declined to identify groups that may have been exposed in the hack, but said that the attack was now over. Suggestions that the attack was connected to Russia are “absurd,” Dmitry Peskov, a spokesman for the Russian government said.
bloomberg.com

– Advertisement –
IoT – Ticker -The physical world meets the digital one. Internet of Things as an interface that revolutionizes both the industry and everyday life. Get a weekly update from the world of „Internet of Things“. iot-ticker.net

Virus alarm for Creality 3D printer software: A software update that is offered on the Creality download page for the Ender 5 printer probably leads to a virus alarm message from Windows. Apparently, the antivirus is sounding an alarm about the Ender-5 SD Card File.zip file. Usually the package is delivered directly on the SD card of the 3D printer. Users who have bought a used printer or want to update their printer should be careful for a while, as Creality has not yet explained whether it is a false alarm or whether it is really necessary to be careful.
heise.de

Chinese spyware code was copied from America’s NSA, say researchers: Chinese spies used code first developed by the US National Security Agency (NSA) to support their hacking operations, Israeli researchers said on Monday. Tel Aviv-based Check Point Software Technologies issued a report noting that some features in a piece of China-linked malware it dubs “Jian” were so similar they could only have been stolen from some of the National Security Agency break-in tools leaked to the internet in 2017. The NSA declined comment.
reuters.com

Expert on North Korea’s cyber warriors: „Kim’s hackers are more innovative than we think“ spiegel.de
Beware of malware: Scanner apps could contain malware zeit.de
Security: Lastpass, take trackers out of the password manager golem.de
Patches: Samsung extends update guarantee of some models by four years t3n.de
Apple wants to prevent zero-click exploits in iOS golem.de

– Advertisement –
African Edition – The weekly newsletter that provides you with hand-picked news about current discussions and news from Africa: from socio-political developments to African-European relations. The continent at a glance. african-edition.com

NUMBER OF THE WEEK

So far, the German government has used so-called state Trojans a total of 15 times to hack suspects‘ devices.
spiegel.de

BACKGROUND

First Swiss bug bounty platform: Bug Bounty Switzerland is launching the first Swiss platform for ethical hacking. Microsoft provides the startup with the necessary infrastructure and expertise. Bug bounty programs mediate between ethical hackers and organizations to uncover vulnerabilities in IT systems. „Unfortunately, this practice is still too rarely used in Switzerland,“ said Florian Badertscher, CTO of Bug Bounty Switzerland. With the help of Microsoft, the startup is now building the Swiss hub for collaboration with ethical hackers.
news.microsoft.com

Hackers target Myanmar government websites: Hackers attacked military-run government websites in Myanmar Thursday as a cyber war erupted after authorities shut down the internet for a fourth straight night. A group called Myanmar Hackers disrupted multiple government websites including the Central Bank, Myanmar Military’s propaganda page, state-run broadcaster MRTV, the Port Authority, Food and Drug Administration. The move comes a day after thousands of people rallied across the country to protest against a military coup that toppled Aung San Suu Kyi’s civilian government from power earlier this month.
afp.com

QUOTE

„The emotional topic of vaccination has the potential to call to action the entire spectrum of attackers, from the ’script kiddie‘ to political activists.“
Tobias Lang from the IT security company Myra states that the company, which protects the portal of the North Rhine Association of Statutory Health Insurance Physicians from hackers, has to ward off dozens of attacks every day.
handelsblatt.com

– Advertisement –
Blockchain: Tesla investment leads to record high for Bitcoin, French official wants to change how Europe regulates crypto and blockchain blockchain-ticker.net
IoT: Physical hard drives are an integral part of the Internet of Things, Vodafone introduces new smart tech tariffs iot-ticker.net
AI: Startup to increase chances of artificial insemination with AI, Volkswagen is exploring flying vehicles in China ai-ticker.net
Smartlife: Google 3D Animals: Awesome beasts from sharks to tigers in life-size 3D, The role of combining new tech with existing infrastructure in energy transition smartlife-ticker.net

SECURE?

Everyone makes mistakes, we are waiting for yours: Dutch police have posted „friendly“ messages on two of today’s largest hacking forums warning cyber-criminals that „hosting criminal infrastructure in the Netherlands is a lost cause.“ The messages were posted following „Operation Ladybird,“ during which law enforcement agencies across several countries intervened to take down Emotet, one of today’s largest botnets.
zdnet.com

Newsletter subscription

Subscribe to our free weekly newsletter for a compact overview of safety and security topics:

Safety-Security-Ticker

More digital news briefings

Our political briefings