This posting is here to collect cyber security news in September 2019.
I post links to security vulnerability news to comments of this article.
If you are interested in cyber security trends, read my Cyber security trends 2019 posting.
You are also free to post related links.
211 Comments
Tomi Engdahl says:
Drivers see porn playing on digital billboard along Michigan highway
https://bit.ly/2mi8k3h
AUBURN HILLS, MI — Drivers traveling along northbound I-75 Saturday night were shocked to see a pornographic film playing on one of the digital billboards, according WNME 5.
Tomi Engdahl says:
German Cops Raid “Cyberbunker 2.0,” Arrest 7 in Child Porn, Dark Web Market Sting
https://krebsonsecurity.com/2019/09/german-cops-raid-cyberbunker-2-0-arrest-7-in-child-porn-dark-web-market-sting/
After the fire in 2002, there was never any data or servers stored in the bunker,” in The Netherlands, Blaauw recalled. “For 11 years they told everyone [the hosting servers where] in this ultra-secure bunker, but it was all in Amsterdam, and for 11 years they scammed all their clients.”
said sometime between 2012 and 2013, Xennt purchased the bunker in Traben-Trarbach, Germany — a much more modern structure that was built in 1997. CyberBunker was reborn, and it began offering many of the same amenities and courted the same customers as CyberBunker 1.0 in The Netherlands.
“They’re known for hosting scammers, fraudsters, pedophiles, phishers, everyone,” Blaauw said. “That’s something they’ve done for ages and they’re known for it.”
Tomi Engdahl says:
Study shows that majority of second-hand hard drives contain previous owner’s data
https://www.zdnet.com/article/study-shows-that-majority-of-second-hand-hard-drives-contain-previous-owners-data/?ftag=COS-05-10aaa0h&utm_campaign=trueAnthem%3A+Trending+Content&utm_content=5d8a1a9b43e1f20001199095&utm_medium=trueAnthem&utm_source=facebook
The problem isn’t just that disks aren’t being wiped, it’s that they many aren’t being wiped properly.
Tomi Engdahl says:
New SIM attacks de-mystified, protection tools now available
https://srlabs.de/bites/sim_attacks_demystified/
SIM cards are at the heart of mobile network security. Vulnerabilities including the 2013 remote applet installation hack [1] and the recent ‘Simjacker’ vulnerability [2] put millions of users at risk.
Key research findings
Around 6% of 800 tested SIM cards in recent years were vulnerable to Simjacker
A second, previously unreported, vulnerability affects an additional 3.5% of SIM cards
The tool SIMtester [3] provides a simple way to check any SIM card for both vulnerabilities (and for a range of other issues reported in 2013 [1])
The SnoopSnitch Android app warns users about binary SMS attacks including Simjacker since 2014. (Attack alerting requires a rooted Android phone with Qualcomm chipset.)
A few Simjacker attacks have been reported since 2016 by the thousands of SnoopSnitch users that actively contribute data (Thank you!)
From our collection of 800 SIM card measurements we could infer:
9.4% of the tested SIMs have the S@T applet installed
A subset of 5.6% are vulnerable to Simjacker, because their protection level was set to zero
10.7% have the WIB applet installed
A subset of 3.5% are vulnerable to a Simjacker-style attack against the WIB applet
In total, 9.1% of tested SIM cards were vulnerable to attacks against either S@T or WIB
Tomi Engdahl says:
Billboards not quite secured…
2 suspects scaled 6-foot fence to put porn on Michigan freeway billboard
https://www.mlive.com/news/2019/09/2-suspects-scaled-6-foot-fence-to-put-porn-on-michigan-freeway-billboard.html?fbclid=IwAR0bMDwKIopIOWd1h1jyDC9sTHh-HWWESoo7LUTSTQn7obfGv8Gh9VtWjU4
AUBURN HILLS, MI – Two hoodie-wearing suspect scaled a 6-foot fence and forced their way into a building housing computer equipment in order to run a pornographic video on a digital billboard along I-75 late Saturday night, police said.
Tomi Engdahl says:
https://ginnoslab.org/2019/09/21/wibattack-vulnerability-in-wib-sim-browser-can-let-attackers-globally-take-control-of-hundreds-of-millions-of-the-victim-mobile-phones-worldwide-to-make-a-phone-call-send-sms-to-any-phone-numbers/
Tomi Engdahl says:
https://www.forbes.com/sites/zakdoffman/2019/09/24/new-cyberwarfare-report-unveils-russias-secret-weapon-against-us-2020-election/
Tomi Engdahl says:
Hackers target transportation and shipping companies in new trojan malware campaign
Previously unknown malicious tools are being deployed in cyberattacks being conducted by a group researchers have named xHunt – after anime references used in their campaigns.
https://www.zdnet.com/article/hackers-target-transportation-and-shipping-industries-in-new-trojan-malware-campaign/
Tomi Engdahl says:
An artificial-intelligence first: Voice-mimicking software reportedly used in a major theft
http://www.impactlab.net/2019/09/17/an-artificial-intelligence-first-voice-mimicking-software-reportedly-used-in-a-major-theft/
Tomi Engdahl says:
https://arstechnica.com/tech-policy/2019/09/feds-seek-to-seize-all-profits-from-snowdens-book-over-nda-violation/