Cyber security news August 2020

This posting is here to collect cyber security news in August 2020.

I post links to security vulnerability news with short descriptions to comments section of this article.

If you are interested in cyber security trends, read my Cyber security trends 2020 posting.

You are also free to post related links to comments.

cybergedeon_flame_color

240 Comments

  1. Tomi Engdahl says:

    Australia to spend $1.2 billion on cyber security for private sector
    after rise in attacks
    https://www.reuters.com/article/us-australia-cyber/australia-to-spend-1-2-billion-on-cyber-security-for-private-sector-after-rise-in-attacks-idUSKCN25204O
    Australia will spend A$1.66 billion ($1.19 billion) over the next 10
    years to strengthen the cyber defences of companies and households
    after a rise in cyber attacks, Prime Minister Scott Morrison said on
    Thursday. Cyber attacks on businesses and households are costing about
    A$29 billion $20.83 billion) or 1.5% of Australia’s gross domestic
    product (GDP), Morrison told reporters in Canberra.

    Reply
  2. Tomi Engdahl says:

    Scanning Activity Include Netcat Listener
    https://isc.sans.edu/forums/diary/Scanning+Activity+Include+Netcat+Listener/26442/
    This activity started on the 5 July 2020 and has been active to this
    day only scanning against TCP port 81. The GET command is always the
    same except for the Netcat IP which has changed a few times since it
    started. If you have a webserver or a honeypot listening on TCP 81,
    this activity might be contained in your logs. I have included the URL
    to the IPDetails reported to ISC that shows similar activity from the
    same source IP address listed in this diary.

    Reply
  3. Tomi Engdahl says:

    China is now blocking all encrypted HTTPS traffic that uses TLS 1.3
    and ESNI
    https://www.zdnet.com/article/china-is-now-blocking-all-encrypted-https-traffic-using-tls-1-3-and-esni/
    The block was put in place at the end of July and is enforced via
    China’s Great Firewall. The Chinese government has deployed an update
    to its national censorship tool, known as the Great Firewall (GFW), to
    block encrypted HTTPS connections that are being set up using modern,
    interception-proof protocols and technologies. The ban has been in
    place for at least a week, since the end of July, according to a joint
    report published this week by three organizations tracking Chinese
    censorship — iYouPort, the University of Maryland, and the Great
    Firewall Report.

    Reply
  4. Tomi Engdahl says:

    Onko Android-puhelimessasi haittaohjelma? Nämä oireet enteilevät pahaa
    https://www.is.fi/digitoday/tietoturva/art-2000006594928.html
    Haittaohjelmat uhkaavat Android-käyttäjiä jopa virallisessa Google
    Play -latauskaupassa. Niiden aiheuttamat vahingot voivat näkyä
    esimerkiksi puhelinlaskussa, mutta haittaohjelman voi usein tunnistaa
    jo ennen sitä tarkkailemalla puhelimen käytöstä.

    Reply
  5. Tomi Engdahl says:

    A Vulnerability in GNU C Library Could Allow for Remote Code Execution
    https://www.cisecurity.org/advisory/a-vulnerability-in-gnu-c-library-could-allow-for-remote-code-execution_2020-105/

    A vulnerability has been discovered in the GNU C Library (glibc), which could allow for remote code execution. This library is required in all modern distributions of Linux as it defines the system calls and other basic facilities used in the Linux kernel. Successful exploitation of this vulnerability could allow an attacker to execute remote code in the context of the affected application. Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Failed exploitation could result in a denial-of-service condition.

    Reply
  6. Tomi Engdahl says:

    https://www.nytimes.com/2020/08/12/world/middleeast/north-korea-hackers-israel.html

    … Israel claimed Wednesday that it had thwarted a cyberattack by a North Korea-linked hacking group on its classified defense industry.
    The Defense Ministry said the attack was deflected “in real time” and that there was no “harm or disruption” to its computer systems.
    However, security researchers at ClearSky, the international cybersecurity firm that first exposed the attack, said the North Korean hackers penetrated the computer systems and were likely to have stolen a large amount of classified data. Israeli officials fear the data could be shared with North Korea’s ally, Iran.

    Reply
  7. Tomi Engdahl says:

    Musk’s Neuralink Could Lead To Hackers Erasing Memories, Researchers Warn

    Researchers worry about the potential impacts of Neuralink and other brain-computer interfaces, speculating that memory hacking might be possible.

    https://screenrant.com/elon-musk-neuralink-hackers-erasing-memories-warning/

    Reply
  8. Tomi Engdahl says:

    If you thought deleting your photos and direct messages on Instagram meant something, you were wrong. https://tcrn.ch/3fRAGXT

    Reply
  9. Tomi Engdahl says:

    Nikhilesh De / CoinDesk:
    US says it has seized 300+ “cryptocurrency accounts”, worth around $2M, four websites, and four Facebook pages used by al-Qaeda, Hamas’ military wing, and ISIS — The U.S. Department of Justice (DOJ) announced the “largest ever seizure of terrorist organizations’ cryptocurrency accounts” …
    https://www.coindesk.com/us-prosecutors-attempt-to-seize-bitcoin-allegedly-tied-to-al-qaeda

    Reply
  10. Tomi Engdahl says:

    Richard Nieva / CNET:
    YouTube bans videos containing info obtained through hacking that could interfere with the election and will remove content that encourages meddling in voting

    YouTube bans videos containing hacked information that could interfere with the election
    https://www.cnet.com/news/ahead-of-dnc-and-rnc-conventions-youtube-bans-videos-containing-hacked-information/

    The Google-owned video site will also take down content that encourages meddling in the voting process.

    Reply
  11. Tomi Engdahl says:

    Charlie Osborne / ZDNet:
    Researchers say a now-patched Alexa vulnerability could have been exploited to hand over users’ personal data, voice recordings, banking data history, and more

    In one click: Amazon Alexa could be exploited for theft of voice history, PII, skill tampering
    Subdomains belonging to the service were found to be harboring CORS errors and vulnerable to XSS attacks.
    https://www.zdnet.com/article/in-one-click-amazon-alexa-could-be-exploited-for-theft-of-voice-history-pii-skill-tampering/

    Reply
  12. Tomi Engdahl says:

    An Alexa Bug Could Have Exposed Your Voice History to Hackers
    Amazon has patched the flaw, but its discovery underscores the importance of locking down your voice assistant interactions.
    https://www.wired.com/story/amazon-alexa-bug-exposed-voice-history-hackers/

    Reply
  13. Tomi Engdahl says:

    Samsung paikkaa puhelimien kriittisiä aukkoja – päivitys kannattaa asentaa pian
    https://www.is.fi/digitoday/mobiili/art-2000006597573.html?ref=rss

    Samsung on alkanut jakaa puhelimiinsa päivitystä, joka sisältää muiden ominaisuuksien lisäksi tärkeitä parannuksia laitteen tietoturvaan, kertoo Bleeping Computer -verkkolehti.

    Lehden mukaan päivitystä on jaettu viime lauantaista 8. elokuuta lähtien.

    Ehkä tärkein paikkauksista korjaa aukon, jonka kautta hyökkääjä on voinut saada Samsung-puhelimen kokonaan hallintaansa.

    Samsung rolls out Android updates fixing critical vulnerabilities
    https://www.bleepingcomputer.com/news/security/samsung-rolls-out-android-updates-fixing-critical-vulnerabilities/

    Reply
  14. Tomi Engdahl says:

    UK court says face recognition violates human rights
    https://apnews.com/424f063d7fcb0c270bf4f52ce4b8f81b

    The use of facial recognition technology by British police has violated human rights and data protection laws, a court said Tuesday, in a decision praised as a victory against invasive practices by the authorities.

    In a case trumpeted as the first of its kind, Britain’s Court of Appeal ruled Tuesday in the case of civil rights campaigner Ed Bridges, who argued that South Wales Police caused him “distress” by scanning his face as he shopped in 2017 and as he attended a peaceful anti-arms protest in 2018.

    The appeals judges ruled that the way the system was being used during tests was unlawful. The decision does not necessarily mean that facial recognition cannot be used at all, but that authorities should take greater care in how they deploy it.

    Reply
  15. Tomi Engdahl says:

    Intel Patches Many Privilege Escalation Vulnerabilities in Server Boards
    https://www.securityweek.com/intel-patches-many-privilege-escalation-vulnerabilities-server-boards
    One advisory published by the tech giant describes over 20 vulnerabilities affecting Intel Server Boards,

    Server Systems and Compute Modules. A majority of the flaws can be exploited for privilege escalation, and

    a few of them can allow an attacker — one of them can be exploited without authentication — to launch DoS

    attacks via local access.
    The most serious of the security holes is CVE-2020-8708, a critical improper authentication issue that
    allows an unauthenticated attacker to elevate privileges via adjacent access. Server Boards, Server
    Systems and Compute Modules prior to version 1.59 are impacted.
    Ten of the other flaws have been classified as high severity. They can be exploited for privilege
    escalation via local or adjacent access, and they are caused by buffer overflows, improper input
    validation, improper access control, and incorrect execution-assigned permissions in the file system.

    Reply
  16. Tomi Engdahl says:

    A simple telephony honeypot received 1.5 million robocalls across 11 months
    https://www.zdnet.com/google-amp/article/a-simple-telephony-honeypot-received-1-5-million-robocalls-across-11-months/

    Researchers say that most campaigns take place in short-burst storms and that answering a robocall doesn’t mean you’ll be targeted more often in the future.

    Reply
  17. Tomi Engdahl says:

    For six months, security researchers have secretly distributed an Emotet vaccine across the world
    https://www.zdnet.com/article/for-six-months-security-researchers-have-secretly-distributed-an-emotet-vaccine-across-the-world/

    Binary Defense researchers have identified a bug in the Emotet malware and have been using it to prevent the malware from making new victims.

    Most of the time, fighting malware is a losing game. Malware authors create their code, distribute payloads to victims via various methods, and by the time security firms catch up, attackers make small changes in their code to quickly regain their advantage in secrecy.

    It has been like this since the late 80s, when malware first appeared on the scene, and despite the claims of most security firms, it will remain like this for the foreseeable future.

    Once in a while, we do get good news from security researchers or law enforcement authorities. Malware authors can slip up and get arrested, or large-scale coordinated efforts manage to bring down larger botnets.

    However, not all malware operations can be hurt this way.
    Today, Emotet scares IT departments at companies all over the world and has given massive headaches to the entire cyber-security industry.

    As such, Emotet also has bugs.

    In the cyber-security industry, there’s a very dangerous moral line when it comes to exploiting bugs in malware, a line many security companies won’t cross, fearing they might end up harming the infected computers by accident.

    However, a rare bug can sometimes appear that is both safe to exploit and has devastating consequences for the malware itself.

    One such bug came to light earlier this year

    Quinn noticed Emotet was creating a Windows registry key and saving an XOR cipher key inside it.

    Quinn was able to put together a tiny PowerShell script that exploited the registry key mechanism to crash Emotet itself.

    The script, cleverly named EmoCrash, effectively scanned a user’s computer and generated a correct — but malformed — Emotet registry key.

    Effectively, Quinn had created both an Emotet vaccine and killswitch at the same time. But the researcher said the best part happened after the crashes.

    “Two crash logs would appear with event ID 1000 and 1001, which could be used to identify endpoints with disabled and dead Emotet binaries,” Quinn said.

    Working behind the scenes, Team CYMRU made sure that EmoCrash made its way into the hands of national Computer Emergency Response Teams (CERTs), which then spread it to the companies in their respective jurisdictions.

    This broad and well-orchestrated effort has helped EmoCrash make its way around the globe over the course of the past six months.

    Binary Defense doesn’t believe the Emotet gang ever found out about their tool, but the gang most likely knew something was wrong. Since February and through the subsequent months, Emotet iterated through several new versions and changes in its code. None fixed the issue.

    Emotet gang did, eventually, changed its entire persistence mechanism on Aug. 6

    EmoCrash may not be useful to anyone anymore, but for six months, this tiny PowerShell script helped organizations stay ahead of malware operations — a truly rare sight in today’s cyber-security field.

    Reply
  18. Tomi Engdahl says:

    Looking at active Cyber Threats with LeakIX

    https://pentestmag.com/looking-at-active-cyber-threats-with-leakix/

    #pentest #magazine #pentestmag #pentestblog #PTblog #LeakIX #OSINT #tool #cyber #threat #searching #cybersecurity #infosecurity #infosec

    Reply
  19. Tomi Engdahl says:

    U.S. seizes $2 million from more than 300 cryptocurrency accounts used by terror groups
    https://www.cnbc.com/2020/08/13/us-seizes-2-million-dollars-from-crypto-accounts-used-by-terror-groups.html

    The Justice Department said it seized $2 million from more than 300 cryptocurrency accounts in what it described as the largest-ever seizure of its kind.
    The agency said three overseas terrorist groups used cryptocurrencies and social media to raise funds for their terror campaigns.

    Reply
  20. Tomi Engdahl says:

    NSA and FBI Cybersecurity Advisory – Russian GRU 85th GTsSS Deploys
    Previously Undisclosed Drovorub Malware
    https://media.defense.gov/2020/Aug/13/2002476465/-1/-1/0/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDF
    Drovorub is a Linux malware toolset consisting of an implant coupled
    with a kernel module rootkit, a file transfer and port forwarding
    tool, and a Command and Control (C2) server. When deployed on a victim
    machine, the Drovorub implant (client) provides the capability for
    direct communications with actorcontrolled C2 infrastructure; file
    download and upload capabilities; execution of arbitrary commands as
    “root”; and port forwarding of network traffic to other hosts on the
    network.

    Reply
  21. Tomi Engdahl says:

    USA:n vaatimus huolestuttaa perustelee koronavirusta vastaan
    taistelemisella
    https://www.tivi.fi/uutiset/tv/0c589aa6-82d6-48c5-bd03-d3640338f858
    Yhdysvallat toivoo pääsevänsä käsiksi ihmisten paikkatietoihin,
    nimettömät lähteet paljastavat.

    Reply
  22. Tomi Engdahl says:

    Critical Flaws in WordPress Quiz Plugin Allow Site Takeover
    https://threatpost.com/critical-flaws-wordpress-quiz-plugin-site-takeover/158379/
    The recently patched flaws could be abused by an unauthenticated,
    remote attackers to take over vulnerable websites.

    Reply
  23. Tomi Engdahl says:

    Instagram Retained Deleted User Data Despite GDPR Rules
    https://threatpost.com/instagram-retained-deleted-user-data-despite-gdpr-rules/158366/
    The photo-sharing app retained peoples photos and private direct
    messages on its servers even after users removed them.

    Reply
  24. Tomi Engdahl says:

    Elisalla poikkeuksellinen häiriötilanne: Viihde-palvelun ongelmat
    kestäneet jo päiviä
    https://www.is.fi/digitoday/art-2000006603504.html
    Elisan Viihde-palvelun häiriöt alkoivat torstaina. Vielä
    lauantai-iltana vian korjaustoimenpiteet olivat kesken.

    Reply
  25. Tomi Engdahl says:

    PoC Exploit Targeting Apache Struts Surfaces on GitHub
    https://threatpost.com/poc-exploit-github-apache-struts/158393/
    Researchers have discovered freely available PoC code and exploit that
    can be used to attack unpatched security holes in Apache Struts 2.

    Reply
  26. Tomi Engdahl says:

    For six months, security researchers have secretly distributed an
    Emotet vaccine across the world
    https://www.zdnet.com/article/for-six-months-security-researchers-have-secretly-distributed-an-emotet-vaccine-across-the-world/
    Binary Defense researchers have identified a bug in the Emotet malware
    and have been using it to prevent the malware from making new victims.

    Reply
  27. Tomi Engdahl says:

    Tokmannin sivut alhaalla koko viikonlopun syynä kömmähdys
    verkkotunnuksen kanssa: Tapahtui vielä perjantaina
    https://www.is.fi/taloussanomat/art-2000006603134.html
    Tokmannin sijoittajasuhde- ja viestintäpäällikkö Maarit Mikkonen
    kertoo, että sivut ovat todennäköisesti alhaalla maanantaihin saakka..
    toim. huom. sivut palautuivat lauantai-illalla käyttöön

    Reply
  28. Tomi Engdahl says:

    CRA shuts down online service after accounts breached
    https://m.youtube.com/watch?feature=youtu.be&v=eV9_FO3HtX0

    The Canada Revenue Agency says it will be reaching out to those affected by letter.

    Read more: https://www.cbc.ca/1.5688163

    CRA shuts down online services after thousands of accounts breached in cyberattacks

    Temporary measure blocks Canadians from applying for some emergency COVID-19 benefits

    The Canada Revenue Agency has temporarily shut down its online services after the agency confirmed it was recently hit by two cyberattacks that compromised thousands of accounts linked to its services.

    While the breaches have been contained, services connected to My Account, My Business Account and Represent a Client on the CRA website have been disabled as an additional safety measure.

    The agency said Saturday that as of Aug. 14, about 5,500 accounts had been affected by the separate attacks.

    “The CRA quickly identified the impacted accounts and disabled access to these accounts to ensure the safety and security of the taxpayer’s information,”

    Reply
  29. Tomi Engdahl says:

    Popular Notepad++ text editor banned in China
    https://www.bleepingcomputer.com/news/software/popular-notepad-plus-plus-text-editor-banned-in-china/

    China has banned the popular Notepad replacement software called Notepad++ due to the developer’s protests against the political unrest in Hong Kong and China’s human rights violations of the Uyghur people.

    The Notepad++ twitter account states that this block is likely being done due to the release of their ‘Stand with Hong Kong’ and ‘Free Uyghur’ editions

    Reply
  30. Tomi Engdahl says:

    Properly crowdsourced, you don’t even need to hack the application. Just spoof GPS coordinates (easy to do on Android, you don’t even need to root the device) to a particular location and the app itself will do the hard work.

    [https://www.wired.com/story/hacking-traffic-lights-netherlands/](https://www.wired.com/story/hacking-traffic-lights-netherlands/)

    Reply
  31. Tomi Engdahl says:

    Ex-CIA agent arrested, charged with spying for China for years
    https://trib.al/6CwJCEk

    Reply
  32. Tomi Engdahl says:

    Tea at the Ritz soured by credit card scammers
    https://www.bbc.co.uk/news/technology-53793922
    Diners at the luxury Ritz hotel in London have been targeted by
    “extremely convincing” scammers who posed as hotel staff to steal
    payment card details.

    Reply
  33. Tomi Engdahl says:

    Operation Dream Job Widespread North Korean Espionage Campaign
    https://www.clearskysec.com/operation-dream-job/
    During June-August of 2020, ClearSkys analysis team had investigated
    an offensive campaign attributed with high probability to North Korea,
    which we call Dream Job. This campaign has been active since the
    beginning of the year and it succeeded, in our assessment, to infect
    several dozens of companies and organizations in Israel and globally.
    full report
    https://www.clearskysec.com/wp-content/uploads/2020/08/Dream-Job-Campaign.pdf

    Reply
  34. Tomi Engdahl says:

    XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on
    Safari, Other Browsers, Leverages Zero-day Exploits
    https://blog.trendmicro.com/trendlabs-security-intelligence/xcsset-mac-malware-infects-xcode-projects-performs-uxss-attack-on-safari-other-browsers-leverages-zero-day-exploits/
    We have discovered an unusual infection related to Xcode developer
    projects. Upon further investigation, we discovered that a developers
    Xcode project at large contained the source malware, which leads to a
    rabbit hole of malicious payloads.

    Reply
  35. Tomi Engdahl says:

    This surprise Linux malware warning shows that hackers are changing
    their targets
    https://www.zdnet.com/article/this-surprise-linux-malware-warning-shows-that-hackers-are-changing-their-targets/
    The revelation from the FBI and National Security Agency that Russian
    military intelligence has built malware to target Linux systems is the
    latest dramatic twist in the unrelenting cybersecurity battle.

    Reply
  36. Tomi Engdahl says:

    Microsoft Put Off Fixing Zero Day for 2 Years
    https://krebsonsecurity.com/2020/08/microsoft-put-off-fixing-zero-day-for-2-years/
    A security flaw in the way Microsoft Windows guards users against
    malicious files was actively exploited in malware attacks for two
    years before last week, when Microsoft finally issued a software
    update to correct the problem.

    Reply
  37. Tomi Engdahl says:

    Crypto-mining worm steal AWS credentials
    https://www.zdnet.com/article/crypto-mining-worm-steal-aws-credentials/
    TeamTNT has become the first crypto-minining botnet to include a
    feature that scans and steal AWS credentials.

    Reply
  38. Tomi Engdahl says:

    Ruotsin televisio ja radio kielsivät työntekijöiltään Tiktokin
    https://www.is.fi/digitoday/tietoturva/art-2000006605128.html
    SVT:n mukaan Tiktok kerää enemmän tietoa kuin on tarpeellista
    kiinalaiselle omistajayhtiölleen Bytedancelle.

    Reply
  39. Tomi Engdahl says:

    ISIS allegedly used Facebook in bid to scam people desperate for face masks
    https://mashable.com/article/doj-isis-facebook-coronavirus-face-masks/?europe=true

    In mid-March, as the first shelter-in-place orders were issued across the U.S. and desperate public health officials scrounged for medical grade face masks, an online store by the name of FaceMaskCenter.com offered hope. Despite the global shortage, it claimed to have hundreds of thousands of FDA-approved N95 masks, and would be delighted to sell them to businesses in need.

    Unfortunately, as the Department of Justice alleged on Thursday, FaceMaskCenter.com was in fact a scam. Not only were the masks it listed for sale not FDA approved, but according to the DOJ the entire operation was run by a known “ISIS facilitator” by the name of Murat Cakar. That’s right, ISIS got in on the face mask grift.

    Reply
  40. Tomi Engdahl says:

    Thousands of Canadian Government Accounts Hacked
    https://www.securityweek.com/thousands-canadian-government-accounts-hacked

    Thousands of user accounts for online government services in Canada were recently hacked during cyber attacks, authorities said Saturday.

    The attacks targeted the GCKey service, used by some 30 federal departments and Canada Revenue Agency accounts, the Treasury Board of Canada Secretariat explained in a press release.

    The passwords and usernames of 9,041 GCKey account holders “were acquired fraudulently and used to try and access government services,” the authorities said.

    All affected accounts have been cancelled.

    About 5,500 Canada Revenue Agency accounts were targeted in this and another attack, the authorities said, adding that access to these accounts has been suspended to protect taxpayer information.

    Reply
  41. Tomi Engdahl says:

    Mary Jo Foley / ZDNet:
    Microsoft says Teams support for IE 11 will end on Nov 30 and 365 apps on Aug 17, 2021; legacy Edge browser will not receive security updates after Mar 9, 2021 — Microsoft will begin the gradual phase-out of IE11 by ending Teams support for it this fall. Microsoft will stop providing security updates …

    Microsoft outlines its IE, legacy Edge phase-out timetable
    https://www.zdnet.com/article/microsoft-outlines-its-ie-legacy-edge-phase-out-timetable/

    Microsoft will begin the gradual phase-out of IE11 by ending Teams support for it this fall. Microsoft will stop providing security updates for the desktop version of legacy Edge after next March.

    Reply
  42. Tomi Engdahl says:

    Dealing with a Hole in Secure Boot
    What happens when UEFI secure boot isn’t secure? A vulnerability in GRUB2 code has the open-source community hard at work.
    https://www.electronicdesign.com/altembedded/article/21138054/dealing-with-a-hole-in-secure-boot

    Reply
  43. Tomi Engdahl says:

    Cyberattack shuts down Canadian government accounts
    https://amp.cnn.com/cnn/2020/08/17/tech/cyberattack-canada-government-accounts/index.html

    The Canadian government said it was forced to shut down most of its online portals on the weekend after a sustained cyberattack over the last several days.

    At one point over the weekend, Canadian officials disclosed they detected as many as 300,000 attempted attacks to access accounts on at least 24 government systems.

    “Early on Saturday morning a CRA (Canadian Revenue Agency) portal was directly targeted with a large amount of traffic using a botnet to attempt to attack the services through credential stuffing,” said Marc Brouillard, acting Chief Information Officer for the government of Canada. “Out of an abundance of caution the CRA portal was shut down to contain the attack and implement measures to protect CRA services.”

    A “credential stuffing” attack is one in which stolen usernames and passwords are mined to fraudulently access personal accounts.

    In total, more than 11,000 out of 12 million personal accounts were compromised, including tax accounts and online portals accessing Covid-19 relief programs. Government officials say they hope to have online services restored by Wednesday.

    Reply
  44. Tomi Engdahl says:

    Securus sued for ‘recording attorney-client jail calls, handing them to cops’ – months after settling similar lawsuit
    Gonna blame a software bug again?
    https://www.theregister.com/2020/08/19/securus_lawsuit_attorney_client_calls/

    Jail phone telco Securus provided recordings of protected attorney-client conversations to cops and prosecutors, it is claimed, just three months after it settled a near-identical lawsuit.

    The corporate giant controls all telecommunications between the outside world and prisoners in American jails that contract with it. It charges far above market rate, often more than 100 times, while doing so.

    Reply
  45. Tomi Engdahl says:

    Node.js community finally prodded to patch Chromium XHR bug after developer refuses to let flaw stand
    If at first you don’t succeed, try, try… try, try, try… try again
    https://www.theregister.com/2020/08/18/nodejs_chromium_patch/

    Reply
  46. Tomi Engdahl says:

    Trusting OpenPGP and S/Mime with your email secrets? Depending on your mail client, you might want to rethink that
    Encryption’s solid yet that’s not the whole story by a long chalk
    https://www.theregister.com/2020/08/19/openpgp_smime_email_client_flaws/

    Boffins testing the security of OpenPGP and S/MIME, two end-to-end encryption schemes for email, recently found multiple vulnerabilities in the way email client software deals with certificates and key exchange mechanisms.

    They found that five out of 18 OpenPGP-capable email clients and six out of 18 S/MIME-capable clients are vulnerable to at least one attack.

    These flaws are not due to cryptographic weaknesses. Rather they arise from the complexity of email infrastructure, based on dozens of standards documents, as it has evolved over time, and the impact that’s had on the way affected email clients handle certificates and digital signatures.

    In a paper [PDF] titled “Mailto: Me Your Secrets. On Bugs and Features in Email End-to-End Encryption,”

    Reply

Leave a Reply to Tomi Engdahl Cancel reply

Your email address will not be published. Required fields are marked *

*

*