Cyber security news October 2019

This posting is here to collect cyber security news in October 2019.

I post links to security vulnerability news to comments of this article.

If you are interested in cyber security trends, read my Cyber security trends 2019 posting.

You are also free to post related links.

 

223 Comments

  1. Tomi Engdahl says:

    Mark Zuckerberg admits Facebook scans some of the contents of your private Messenger conversations in the latest blow to the scandal hit firm
    http://www.dailymail.co.uk/sciencetech/article-5578619/Facebook-scans-contents-private-Messenger-texts.html?ito=social-facebook

    He was informed that their systems had blocked attempts to send inflammatory Messenger instant messages about ethnic cleansing in Myanmar.

    About the experience, the 33-year-old billionaire said: ‘In that case, our systems detect what’s going on.

    ‘We stop those messages from going through.’

    The company told the website that it uses the same tools to prevent abuse in messages that are in place across Facebook as a whole.

    Users are also able to flag posts or messages that they feel are in violation of the site’s house rules.

    This will either cause one of the social network’s community operations team to manually review the content, or automated systems can also make decisions.

    Reply
  2. Tomi Engdahl says:

    Firefox 70 arrives with social tracking blocked by default, privacy report, and performance gains on macOS
    https://venturebeat.com/2019/10/22/mozilla-firefox-70/

    With Firefox 70, Mozilla now also includes social tracking protection under the Standard setting. It blocks cross-site tracking cookies from sites like Facebook, Twitter, and LinkedIn.

    Mozilla today estimated that Firefox has blocked more than 450 billion tracking requests since July 2 (some 10 billion every day). While this mainly happens in the background, Mozilla wants to give Firefox users more visibility into how they’re being tracked online.

    To access your report, click the shield icon in Firefox’s address bar and then Show Report

    “The industry uses dark patterns to push people to ‘consent’ to an unimaginable amount of data collection. These interfaces are designed to push you to allow tracking your behavior as you browse the web,” Selena Deckelmann, Mozilla senior director, said in a statement.

    Reply
  3. Tomi Engdahl says:

    “YOUR CITY HAS BEEN HACKED” — A hacker group going by the name of Shadow Kill Hackers is holding South Africa’s largest city for ransom, demanding 4 bitcoins from Johannesburg authorities, or they’ll upload stolen city data on the internet. The deadline is October 28, 5 pm, local time, according to a message from the hackers. “Your servers and data have been hacked,” the note reads. “We have dozens of back doors inside your city. We have control of everything in your city. We also compromised all passwords and sensitive data such as finance and personal population information.”

    City of Johannesburg held for ransom by hacker gang
    https://www.zdnet.com/article/city-of-johannesburg-held-for-ransom-by-hacker-gang/

    Reply
  4. Tomi Engdahl says:

    New PHP Flaw Could Let Attackers Hack Sites Running On Nginx Servers
    https://thehackernews.com/2019/10/nginx-php-fpm-hacking.html

    The vulnerability, tracked as CVE-2019-11043, affects websites with certain configurations of PHP-FPM

    The main vulnerability is an “env_path_info” underflow memory corruption issue in the PHP-FPM module, and chaining it together with other issues could allow attackers to remotely execute arbitrary code on vulnerable web servers.

    Reply
  5. Tomi Engdahl says:

    Watch Edward Snowden detail how phones are used to spy on you
    https://www.androidauthority.com/watch-edward-snowden-phones-spying-1045817/?_ga=2.128212164.995104154.1572163524-471518276.1569058944

    Smartphones are an important way for governments, tech companies and bad actors to snoop on you, as you leave a digital paper trail. But how does this happen?

    Snowden noted that the biggest change in how the government conducts surveillance is that it’s moved to a “mobile-first” approach owing to the prevalence of smartphones.

    The whistleblower said that carriers are able to track your device and therefore figure out your identity via cellular towers. Snowden adds that the movements of your phone are the movements of you as a person and are unique, as you go to your home and workplace every day.

    Reply
  6. Tomi Engdahl says:

    Unless your a pedophile, terrorist, or paranoid, this should be good news…?

    Trump signs bill renewing NSA’s internet surveillance program
    https://www.reuters.com/article/us-usa-trump-cyber-surveillance-idUSKBN1F82MK?fbclid=IwAR3CBtwC2ry3RsC-VFZWlDbMOCxjNV2nDQJM2jDYt0ptUVdmXpPkxy50D7w

    Reply
  7. Tomi Engdahl says:

    FTC has banned a stalkerware company from selling its spouse-spying software unless they take measures to ensure it’s being used only for legitimate purposes. The FTC’s [announcement](https://www.ftc.gov/news-events/press-releases/2019/10/ftc-brings-first-case-against-developers-stalking-apps) said it was the “first action” its taken against a stalkerware app-maker, Retina-X, which is “designed to run surreptitiously in the background and are uniquely suited to illegal and dangerous uses,” according to the agency. [https://www.vice.com/en_us/article/7x5m5a/ftc-bans-retinax-from-selling-stalkerware](https://www.vice.com/en_us/article/7x5m5a/ftc-bans-retinax-from-selling-stalkerware)

    Reply
  8. Tomi Engdahl says:

    Thanks to Michael Gillespie, an obscure programmer at a Nerds on Call repair store, hundreds of thousands of ransomware victims have recovered their files for free.

    The Ransomware Superhero of Normal, Illinois
    https://www.propublica.org/article/the-ransomware-superhero-of-normal-illinois

    Reply
  9. Tomi Engdahl says:

    FireEye: “APT41 compromised company behind TeamViewer – which enabled them to access *any* system with TeamViewer installed”
    https://meterpreter.org/fireeye-apt41-compromised-company-behind-teamviewer-which-enabled-them-to-access-any-system-with-teamviewer-installed/

    The well-known remote control software TeamViewer was hacked many years ago, and some of the user computers were controlled by hackers and installed backdoors to steal data. But even now the company does not admit that the server was attacked. On the contrary, the developers said that users were attacked mainly by leaking remote IDs and passwords. However, it is shocking that the security company has once again revealed that TeamViewer has been hacked.

    Recently, the leading security company FireEye, Chief Security Architect, Christopher Glyer wrote the news on Twitter that TeamViewer was hacked and leaked the user’s account password. This hacker group is known as APT41,

    https://mobile.twitter.com/cglyer/status/1182413194360508419

    Reply
  10. Tomi Engdahl says:

    New cyberattacks targeting sporting and anti-doping organizations
    https://blogs.microsoft.com/on-the-issues/2019/10/28/cyberattacks-sporting-anti-doping/

    Today we’re sharing that the Microsoft Threat Intelligence Center has recently tracked significant cyberattacks originating from a group we call Strontium, also known as Fancy Bear/APT28, targeting anti-doping authorities and sporting organizations around the world. As the world looks forward with anticipation to the Tokyo Summer Games in 2020, we thought it important to share information about this new round of activity.

    At least 16 national and international sporting and anti-doping organizations across three continents were targeted in these attacks which began September 16th

    Reply
  11. Tomi Engdahl says:

    EU data watchdog raises concerns over Microsoft contracts

    https://www.euractiv.com/section/digital/news/eu-data-watchdog-raises-concerns-over-microsoft-contracts/

    Microsoft’s contracts with European Union institutions do not fully protect data in line with EU law, the European Data Protection Supervisor (EDPS) said in initial findings published on Monday (21 October).

    Reply
  12. Tomi Engdahl says:

    45,000 Android devices infected by new unremovable xHelper malware
    https://thenextweb.com/security/2019/10/30/45000-android-devices-infected-by-new-unremovable-xhelper-malware/

    A new kind of Android malware capable of reinstalling itself even after being manually removed has reportedly infected more than 45,000 Android devices over the last six months

    https://www.symantec.com/blogs/threat-intelligence/xhelper-android-malware

    Reply
  13. Tomi Engdahl says:

    Hackers hijacked the capital’s surveillance cameras days before Trump’s inauguration and said it was easy
    But they didn’t cover their tracks
    https://www.theverge.com/2019/10/30/20939885/surveillance-hack-trump-inauguration-ransomware-hackers-washington-dc

    An article from The Wall Street Journal details how hackers Alexandru Isvanca and Eveline Cismaru seized control of Washington, DC’s surveillance cameras right before Trump’s inauguration.

    In the end, they controlled 126 out of 186 DC police computers, which in turn controlled the surveillance cameras.

    The Hapless Shakedown Crew That Hacked Trump’s Inauguration
    https://www.wsj.com/articles/the-hapless-shake-down-crew-that-hacked-trumps-inauguration-11572014333

    Days before the big event, hackers seized control of the capital’s surveillance cameras and demanded a ransom. Then everything spiraled out of control.

    Reply
  14. Tomi Engdahl says:

    Educational spyware company to school boards: hire us to spy on your kids and we’ll help you sabotage teachers’ strikes
    https://boingboing.net/2019/10/23/blame-bill-clinton.html?fbclid=IwAR0pcovb48cDF-_oNvFDTjDNw0x-S2TzIUEEt2gMNfHqsZ-f4E0Q6hrdcHE

    Gaggle is one of a handful of creepy companies that sell surveillance software to school districts, which monitor every keystroke and click on school networks — they’re the latest evolution in spy-on-kids tech, which started off by promising that they’d stop kids from seeing porn, then promised they could end bullying, and now advertise themselves as a solution for school shootings, under the banner of being a “Safety Management Platform.”

    Gaggle has plenty of competition from the likes of Securely and Goguardian.

    Reply
  15. Tomi Engdahl says:

    Beware! This Android Malware Can’t Be Removed Even After Factory Reset
    https://fossbytes.com/android-malware-cant-removed-after-factory-reset/

    has affected 45,000 Android devices to date. The malware dubbed xHelper

    Spread By Websites That Allow Sideloading Of Apps

    Reply
  16. Grandad says:

    I’m a long time user of Nordvpn, never had any issues while torrenting etc. I’ve read the full blog post about that “hack” and I’m leaning towards giving them the benefit of the doubt… it sounds like their response was the proper one. I feel even more safe now coz I know that they do not log anything

    Reply
  17. Tomi Engdahl says:

    “Worldwide fraud networks have recently shifted to using CS:GO keys to liquidate their gains. At this point, nearly all key purchases that end up being traded or sold on the marketplace are believed to be fraud-sourced,” Valve says.
    https://www.vice.com/en_us/article/8xw7nx/nearly-all-counter-strike-microtransactions-are-being-used-for-money-laundering

    Reply

Leave a Reply to Grandad Cancel reply

Your email address will not be published. Required fields are marked *

*

*