Cyber security news June 2024

This posting is here to collect cyber security news in June 2024.

I post links to security vulnerability news to comments of this article.

You are also free to post related links to comments.

187 Comments

  1. Tomi Engdahl says:

    How to turn off Recall on Copilot+ PCs: Stop Windows from recording everything
    The new Windows Recall function records everything that happens on your PC and takes a screenshot of your screen every five seconds. This allows you to switch off Recall permanently and protect your privacy.
    https://www.pcworld.com/article/2358956/switch-off-windows-recall-how-to-stop-windows-recording-everything.html

    Reply
  2. Tomi Engdahl says:

    Hacker Claims Theft of 30M User Records From Australia Ticketing Company TEG

    A hacker claims to have stolen the information of 30 million users from TEG subsidiary Ticketek.

    https://www.securityweek.com/hacker-claims-theft-of-30m-user-records-from-australia-ticketing-company-teg/

    Reply
  3. Tomi Engdahl says:

    Japan’s Space Agency Was Hit by Multiple Cyberattacks, but Officials Say No Sensitive Data Was Taken

    Japan’s space agency has suffered a series of cyberattacks, but sensitive information related to rockets and satellites was not affected.

    https://www.securityweek.com/japans-space-agency-was-hit-by-multiple-cyberattacks-but-officials-say-no-sensitive-data-was-taken/

    Reply
  4. Tomi Engdahl says:

    Investigation of Russian Hack on London Hospitals May Take Weeks Amid Worries Over Online Data Dump

    Hundreds of operations and appointments are still being canceled more than two weeks after the June 3 cyberattack on NHS provider Synnovis.

    https://www.securityweek.com/investigation-of-russian-hack-on-london-hospitals-may-take-weeks-amid-worries-over-online-data-dump/

    Reply
  5. Tomi Engdahl says:

    AMD Investigating Breach Claims After Hacker Offers to Sell Data

    AMD has launched an investigation after a notorious hacker announced selling sensitive data allegedly belonging to the company.

    https://www.securityweek.com/amd-investigating-breach-claims-after-hacker-offers-to-sell-data/

    Reply
  6. Tomi Engdahl says:

    Santander Employee Data Breach Linked to Snowflake Attack

    Santander US is notifying over 12,000 employees that their personal information was compromised in a data breach.

    https://www.securityweek.com/santander-employee-data-breach-linked-to-snowflake-attack/

    Reply
  7. Tomi Engdahl says:

    Disruptions at Many Car Dealerships Continue as CDK Hack Worsens

    Car dealership software provider CDK Global was in the process of restoring services impacted by a cyberattack when it discovered an additional hack.

    https://www.securityweek.com/disruptions-at-many-car-dealerships-continue-as-cdk-hack-worsens/

    Reply
  8. Tomi Engdahl says:

    Hundreds of PC, Server Models Possibly Affected by Serious Phoenix UEFI Vulnerability

    Hundreds of PC and server models may be affected by CVE-2024-0762, a privilege escalation and code execution flaw in Phoenix SecureCore UEFI firmware.

    https://www.securityweek.com/hundreds-of-pc-server-models-possibly-affected-by-serious-phoenix-uefi-vulnerability/

    Hundreds of PC and server models that use Intel processors could be affected by a high-severity vulnerability found recently in Phoenix Technologies’ SecureCore UEFI firmware solution.

    The vulnerability, tracked as CVE-2024-0762 and dubbed UEFIcanhazbufferoverflow, was discovered by an automated analysis system developed by enterprise firmware and hardware security firm Eclypsium.

    The security hole can be exploited by a local attacker to escalate privileges and execute arbitrary code within the UEFI firmware during runtime.

    Eclypsium warned that this is a type of vulnerability that may be leveraged by threats such as the Black Lotus UEFI rootkit.

    UEFIcanhazbufferoverflow: Widespread Impact from Vulnerability in Popular PC and Server Firmware
    https://eclypsium.com/blog/ueficanhazbufferoverflow-widespread-impact-from-vulnerability-in-popular-pc-and-server-firmware/

    Eclypsium Automata, our automated binary analysis system, has identified a high impact vulnerability (CVE-2024-0762 with a reported CVSS of 7.5) in the Phoenix SecureCore UEFI firmware that runs on multiple families of Intel Core desktop and mobile processors. The issue involves an unsafe variable in the Trusted Platform Module (TPM) configuration that could lead to a buffer overflow and potential malicious code execution. To be clear, this vulnerability lies in the UEFI code handling TPM configuration—in other words, it doesn’t matter if you have a security chip like a TPM if the underlying code is flawed.

    We originally identified the vulnerability on the Lenovo ThinkPad X1 Carbon 7th Gen and X1 Yoga 4th Gen, both using the latest Lenovo BIOS updates. However, Phoenix Technologies has subsequently acknowledged that the same issue applies to multiple versions of its SecureCore firmware that runs on Intel processor families including AlderLake, CoffeeLake, CometLake, IceLake, JasperLake, KabyLake, MeteorLake, RaptorLake, RocketLake, and TigerLake. These are Intel codenames for multiple generations of Intel Core mobile and desktop processors. Given that these Intel Core processors are used by a wide range of OEMs and ODMs, the same vulnerability could potentially affect a wide range of vendors and potentially hundreds of PC products that also use the Phoenix SecureCore UEFI firmware. The possibility of exploitation depends on the configuration and permission assigned to the TCG2_CONFIGURATION variable, which could be different for every platform.

    Reply
  9. Tomi Engdahl says:

    Government
    US Bans Kaspersky Software

    The US government announced a ban on the sale of Kaspersky software over fears that the company is controlled by the Russian government.

    https://www.securityweek.com/us-bans-kaspersky-software/

    The US government on Thursday announced a ban on the sale of Kaspersky software over fears that the cybersecurity company is controlled by Russia.

    The United States has been concerned about the Russian government’s potential control and influence over Kaspersky for several years. In 2017, the Trump administration banned the use of Kaspersky products and services in federal agencies due to the risk of spying.

    Several European countries followed suit while Kaspersky launched transparency initiatives and took other steps to clear its name.

    Russia’s war against Ukraine has only been making things worse for Kaspersky in the West, and the Biden administration has now prohibited Kaspersky — as well as its affiliates and subsidiaries — from directly or indirectly providing antimalware and other cybersecurity software products and services in the United States or to US persons.

    “Kaspersky will generally no longer be able to, among other activities, sell its software within the United States or provide updates to software already in use,” said the US Department of Commerce’s Bureau of Industry and Security (BIS).

    Reply
  10. Tomi Engdahl says:

    US Sanctions 12 Kaspersky Executives

    The US has imposed sanctions on 12 individuals who have leadership roles at Kaspersky in Russia and the UK.

    https://www.securityweek.com/us-sanctions-12-kaspersky-executives/

    Reply
  11. Tomi Engdahl says:

    Data Breaches
    Push Notification Fatigue Leads to LA County Health Department Data Breach

    The Los Angeles County Department of Health Services discloses a data breach caused by push notification spamming attack.

    https://www.securityweek.com/push-notification-fatigue-leads-to-la-county-health-department-data-breach/

    Reply
  12. Tomi Engdahl says:

    Artificial Intelligence
    AI Weights: Securing the Heart and Soft Underbelly of Artificial Intelligence

    AI model weights govern outputs from the system, but altered or ‘poisoned’, they can make the output erroneous and, in extremis, useless and dangerous.

    https://www.securityweek.com/ai-weights-securing-the-heart-and-soft-underbelly-of-artificial-intelligence/

    Reply
  13. Tomi Engdahl says:

    Privacy
    EFF Issues New Warning After Discovery of Automated License Plate Reader Vulnerabilities

    The EFF has issued a warning over the use of automated license plate readers following the discovery of serious vulnerabilities.

    https://www.securityweek.com/eff-issues-new-warning-after-discovery-of-automated-license-plate-reader-vulnerabilities/

    The Electronic Frontier Foundation (EFF) has issued a warning on the risks and threats associated with mass surveillance technologies following the disclosure of several potentially serious vulnerabilities discovered recently in automated license plate readers.

    Automated license plate readers (ALPRs) are high-speed camera systems that automatically capture all license plate numbers in their view. They are mounted on street poles, highway overpasses, and police cars. In addition to license plate numbers, they can capture data such as location, date and time, images of the vehicle, and sometimes even photographs of the driver and passengers.

    The EFF has been raising concerns about this system for several years, warning that it’s a mass surveillance system that captures and stores data beyond what is needed for public safety purposes.

    The organization’s latest warning comes shortly after the US cybersecurity agency CISA issued an advisory to inform organizations about several vulnerabilities found in Vigilant license plate readers made by Motorola Solutions.

    https://sls.eff.org/technologies/automated-license-plate-readers-alprs

    Reply
  14. Tomi Engdahl says:

    Vulnerabilities
    New SnailLoad Attack Relies on Network Latency Variations to Infer User Activity

    New attack named SnailLoad allows a remote attacker to infer websites and videos viewed by a user without direct access to network traffic.

    https://www.securityweek.com/new-snailload-attack-relies-on-network-latency-variations-to-infer-user-activity/

    A team of researchers from the Graz University of Technology in Austria has disclosed the details of a new attack method that allows a remote attacker to infer websites and other content viewed by a user without needing direct access to their network traffic.

    Other researchers previously showed that websites accessed by users and even the actions they perform within applications can be inferred by an attacker, but this often requires a person-in-the-middle (PitM) attack or hacking the target’s Wi-Fi connection from physical proximity.

    The new side-channel attack method discovered by the TU Graz researchers, named SnailLoad, is more efficient as it does not require a PitM position, JavaScript, or any other code execution on the victim’s system.

    The researchers demonstrated the attack by showing that they could deduce the YouTube videos and websites accessed by a user.

    In order to launch a SnailLoad attack, the attacker conducts a series of latency measurements for various YouTube videos and websites that the victim may be viewing. This data provides a latency trace that includes specific variations over time for each targeted video or website, basically creating a fingerprint for each of them.

    The attacker then needs to get the targeted user to load data from a malicious server. The attacker can convince the victim to download a file, but the attack also works with any other type of non-malicious content delivered by the attacker’s server, including style sheets, fonts, images or ads.

    “The main threat here is that any TCP server can stealthily obtain latency traces from any clients connecting to it,” Stefan Gast, one of the researchers involved in this project, told SecurityWeek.

    An important aspect is that the malicious server needs to load the content at a slow pace — this is where the SnailLoad name comes from — for the attacker to be able to monitor the connection latency over an extended period of time.

    The attack leverages the fact that servers typically have a fast internet connection, in contrast with the speed when the traffic reaches the ISP’s systems or the victim’s gateway, where packets are delayed. These bandwidth bottlenecks can be leveraged by the attacker for latency measurements.

    The data obtained by the attacker while content is being fetched by the victim’s system from the malicious server is compared to the previously created fingerprint, enabling the attacker to figure out which of the videos or websites in their list is viewed by the victim in a different window while the SnailLoad attack is being carried out.

    The researchers noted that an attacker can leverage a convolutional neural network (CNN) to learn the latency trace for each targeted asset and also to later infer the site or video.

    The attack is not easy to mitigate because it leverages the way the internet works. However, the researchers believe it’s unlikely that SnailLoad has been exploited in the wild.

    In the tests conducted by the TU Graz researchers, which covered 10 YouTube videos and 100 popular websites, they achieved an accuracy ranging between 37% and 98%, depending on the type of targeted resource and the type of internet connection.

    Reply
  15. Tomi Engdahl says:

    Tech Leaders Gather This Week for AI Risk Summit + CISO Forum at the Ritz-Carlton, Half Moon Bay

    SecurityWeek’s AI Risk Summit + CISO Forum brings together business and government stakeholders to provide meaningful guidance on risk management and cybersecurity in the age of artificial intelligence.

    https://www.securityweek.com/tech-leaders-gather-this-week-for-ai-risk-summit-ciso-forum-at-the-ritz-carlton-half-moon-bay/

    Reply
  16. Tomi Engdahl says:

    Nation-State
    Chinese Hackers Have Stepped Up Attacks on Taiwanese Organizations, Cybersecurity Firm Says

    A suspected Chinese state-sponsored hacking group has stepped up its targeting of Taiwanese organizations, particularly those in sectors such as government, education, technology and diplomacy.

    https://www.securityweek.com/chinese-hackers-have-stepped-up-attacks-on-taiwanese-organizations-cybersecurity-firm-says/

    A suspected Chinese state-sponsored hacking group has stepped up its targeting of Taiwanese organizations, particularly those in sectors such as government, education, technology and diplomacy, according to cybersecurity intelligence company Recorded Future.

    In recent years, relations between China and Taiwan, a self-governed island across the Taiwan Strait that Beijing claims as its territory, have deteriorated. The cyberattacks by the group known as RedJulliett were observed between November 2023 and April 2024, during the lead up to Taiwan’s presidential elections in January and the subsequent change in administration.

    RedJuliett has targeted Taiwanese organizations in the past, but this is the first time that activity was seen at such a scale, a Recorded Future analyst said, speaking on condition of anonymity out of safety concerns.

    The report said RedJuliett attacked 24 organizations, including government agencies in places like Laos, Kenya and Rwanda, as well as Taiwan.

    It also hacked into websites of religious organizations in Hong Kong and South Korea, a U.S university and a Djiboutian university. The report did not identify the organizations.

    Reply
  17. Tomi Engdahl says:

    WikiLeaks Founder Julian Assange Will Plead Guilty in Deal With US and Return to Australia

    Assange will plead guilty to an Espionage Act charge of conspiring to unlawfully obtain and disseminate classified national defense information, the Justice Department said.

    https://www.securityweek.com/wikileaks-founder-julian-assange-will-plead-guilty-in-deal-with-us-and-return-to-australia/

    Reply
  18. Tomi Engdahl says:

    Car Dealerships in North America Revert to Pens and Paper After Cyberattacks on Software Provider
    https://www.securityweek.com/car-dealerships-in-north-america-revert-to-pens-and-paper-after-cyberattacks-on-software-provider/

    Car dealerships in North America are still wrestling with major disruptions that started last week with cyberattacks on a company whose software is used widely in the auto retail sales sector.

    Car dealerships in North America are still wrestling with major disruptions that started last week with cyberattacks on a company whose software is used widely in the auto retail sales sector.

    CDK Global, a company that provides software for thousands of auto dealers in the U.S. and Canada, was hit by back-to-back cyberattacks Wednesday. That led to an outage that has continued to impact operations.

    For prospective car buyers, that’s meant delays at dealerships or vehicle orders written up by hand. There’s no immediate end in sight, but CDK says it expects the restoration process to take “several days” to complete.

    On Monday, Group 1 Automotive Inc., a $4 billion automotive retailer, said it is using “alternative processes” to sell cars to its customers. Lithia Motors and AutoNation, two other dealership chains, also disclosed that they implemented workarounds to keep their operations going.

    Reply
  19. Tomi Engdahl says:

    Vulnerabilities
    Chrome 126 Update Patches Memory Safety Bugs

    Google has released a Chrome security update to resolve four high-severity use-after-free vulnerabilities.

    https://www.securityweek.com/chrome-126-update-patches-memory-safety-bugs/

    Reply
  20. Tomi Engdahl says:

    Data Breaches
    Neiman Marcus Data Breach Disclosed as Hacker Offers to Sell Stolen Information

    Neiman Marcus has disclosed a data breach impacting 64,000 people just as a hacker announced the sale of customer data.

    https://www.securityweek.com/neiman-marcus-data-breach-disclosed-as-hacker-offers-to-sell-stolen-information/

    High-end department store Neiman Marcus on Monday disclosed a data breach, shortly before a hacker offered to sell information belonging to millions of the company’s customers.

    The Dallas-based luxury retailer has started informing customers that a database platform storing personal information was compromised between April and May 2024. The data breach was detected in May.

    An investigation showed that the hacker had gained access to information such as name, contact data, date of birth, and Neiman Marcus or Bergdorf Goodman gift card number. The retailer said gift card PINs were not exposed.

    “Promptly after learning of the issue, we took steps to contain it, including by disabling access to the relevant database platform. We also launched an investigation with the assistance of leading cybersecurity experts and notified law enforcement,” Neiman Marcus said in a letter sent to impacted individuals.

    The company told the Maine Attorney General’s Office that the breach has impacted more than 64,000 individuals.

    Reply
  21. Tomi Engdahl says:

    Phishing
    Malware Sandbox Any.Run Targeted in Phishing Attack

    Employees of the Any.Run malware analysis service were recently targeted in a phishing attack that was part of a BEC campaign.

    https://www.securityweek.com/malware-sandbox-any-run-targeted-in-phishing-attack/

    The malware analysis service Any.Run on Monday shared details on a recent phishing attack targeting its employees.

    The incident came to light on June 18, when all the employees of the malware sandbox service received a phishing email from another Any.Run employee. The attacker’s access was terminated within minutes, but an investigation showed that the hacker was present for several weeks.

    The attack started on May 23, 2024, when an employee in Any.Run’s sales team received an email from a client they had previously communicated with.

    The email contained a link and the employee did upload the message to a sandbox to check whether it posed a threat. However, since the link pointed to a trusted website that had been compromised and the sandbox environment was not properly configured, the threat was not detected.

    The employee clicked on the link and was led to a Microsoft phishing website that prompted them to enter their login credentials and multi-factor authentication (MFA) code. The information was entered on the phishing page and the attacker was provided with everything they needed to access the employee’s account.

    https://any.run/cybersecurity-blog/phishing-incident-report/

    Reply
  22. Tomi Engdahl says:

    Impressive engineering… #NOT
    There is at least a critical vulnerability in every turn. This indeed requires some skills! LOL
    https://www.cvedetails.com/cve/CVE-2024-27857/?fbclid=IwZXh0bgNhZW0CMTEAAR3RJ_IJ5gBScVoBUfXafgVo2ULvU5Sp9ugDzL940dWha-frrCX-OJiEsnc_aem_0LfMEcY9qZPyUJtpD7lFzw

    Vulnerability Details : CVE-2024-27857
    An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, tvOS 17.5, iOS 17.5 and iPadOS 17.5. A remote attacker may be able to cause unexpected app termination or arbitrary code execution.

    Reply
  23. Tomi Engdahl says:

    New IOActive Security Advisory: ‘MásMóvil Comtrend Router – Multiple Vulnerabilities.’ Check out the full advisory below or at the following link. https://ioactive.com/masmovil-comtrend-router-multiple-vulnerabilities/

    #2600net #irc #secnews #ioactive

    Reply
  24. Tomi Engdahl says:

    280 Million Google Chrome Users Installed Dangerous Extensions, Study Says
    https://www.forbes.com/sites/daveywinder/2024/06/24/280-million-google-chrome-users-installed-dangerous-extensions-study-says/

    Two new reports reveal distinctly different opinions about the safety of Chrome browser extensions. Google says that less than 1% of all installs include malware, while university researchers say 280 million users have installed extensions with malware over a three-year period. Neither number fills me with much confidence.

    According to Google more than 250,000 extensions are available on the Chrome web store. Google also says that “less than 1% of all installs from the Chrome Web Store were found to include malware,” so why don’t I find this as reassuring as I might?

    According to the study, over 346 million users installed these kind of extensions between July 2020 and February 2023. Even after subtracting 63 million policy violations and three million with vulnerable code, the researchers estimate that there were still 280 million installs of Chrome extensions containing malware.

    Unsurprisingly, the researchers found that dodgy extensions tend to ask for more permissions than benign ones. “Ultimately, the more permissions an extension has, the larger the attack surface is,” the study concluded.

    Also worrying was that the study found extensions containing malware were available from the Chrome web store for an average of 380 days.

    A June 20 posting to the Google Security Blog, just 48 hours after the researchers published their study, by Benjamin Ackerman, Anunoy Ghosh and David Warren from the Chrome security team, admits that “as with any software, extensions can also introduce risk.” However, it also sets out how a dedicated security team is dedicated to keeping Chrome users safe regarding extensions.

    https://security.googleblog.com/2024/06/staying-safe-with-chrome-extensions.html

    Reply
  25. Tomi Engdahl says:

    China-backed hackers stepping up attacks on Taiwan, cybersecurity firm says
    Hacking group RedJuliett compromised two dozen organisations in Taiwan and elsewhere, report says.
    https://www.aljazeera.com/economy/2024/6/24/china-backed-hackers-stepping-up-attacks-on-taiwan-cybersecurity-firm-says

    Reply
  26. Tomi Engdahl says:

    An AI-Generated Elon Musk Just Stole Bitcoin From Viewers Via YouTube Live
    A deepfaked Musk promised viewers he would instantly double their money.
    https://uk.pcmag.com/old-cryptocurrency/152945/an-ai-generated-elon-musk-just-stole-bitcoin-from-viewers-via-youtube-live

    Just a few days after rapper 50 Cent’s website and social accounts were used by hackers to promote a fake cryptocurrency, it looks like something similar is happening to Elon Musk.

    A YouTube Live video today displayed a video of Musk with an AI-generated version of his voice suggesting that users go to a website to deposit Ethereum, Dogecoin, or Bitcoin, Engadget reports. The video clip promised viewers that depositing their cryptocurrency on the site would “automatically send back double the amount of the cryptocurrency you deposited.”

    The stream ran for 5 hours, and at one point had over 30,000 concurrent viewers, bringing it to the top of YouTube’s Live Now recommendations. Both the video and the account associated with it have since been removed from YouTube.

    It’s not surprising that hackers chose Musk to deepfake to promote the site. Tweets from Musk have been known to have a significant impact on the crypto market, especially with meme coins such as Dogecoin, thanks to his dedicated following.

    Reply
  27. Tomi Engdahl says:

    Supply Chain Security
    Several Plugins Compromised in WordPress Supply Chain Attack
    https://www.securityweek.com/several-plugins-compromised-in-wordpress-supply-chain-attack/

    Five WordPress plugins were injected with malicious code that creates a new administrative account.

    Malicious code injected over the past week in five WordPress plugins creates a new administrative account, WordPress security firm Defiant reports.

    The code was discovered on Monday, after the WordPress.org Plugin Review Team learned that a threat actor had taken over the Social Warfare plugin and added the malicious code in recent versions.

    Starting June 22, several versions of the plugin were released with the injected code inside. Social Warfare versions 4.4.6.4 to 4.4.7.1 contain the malicious code and users are advised to update to version 4.4.7.3 as soon as possible.

    “If you have used versions 4.4.6.4 to 4.4.7.1 of the Social Warfare plugin, we strongly recommend you do an in-depth review of your site’s activity and user account details,” the WordPress team notes.

    While investigating the incident, Defiant discovered that four other plugins – namely Blaze Widget, Wrapper Link Element, Contact Form 7 Multi-Step Addon, and Simply Show Hooks – also contain the malicious code.

    Reply
  28. Tomi Engdahl says:

    Ransomware
    Indonesia Says a Cyberattack Has Compromised Its Data Center but It Won’t Pay the $8 Million Ransom

    Indonesia’s national data center has been compromised by a hacking group asking for a $8 million ransom that the government won’t pay.

    https://www.securityweek.com/indonesia-says-a-cyberattack-has-compromised-its-data-center-but-it-wont-pay-the-8-million-ransom/

    Reply
  29. Tomi Engdahl says:

    Malware & Threats
    Recent Zyxel NAS Vulnerability Exploited by Botnet

    A Mirai-like botnet has started exploiting a critical-severity vulnerability in discontinued Zyxel NAS products.

    https://www.securityweek.com/recent-zyxel-nas-vulnerability-exploited-by-botnet/

    Reply
  30. Tomi Engdahl says:

    Tracking & Law Enforcement
    EU Sanctions Six Russian Hackers

    The European Council has added six Russian hackers to the EU’s sanctions list for their cyberattacks against member states and Ukraine.

    https://www.securityweek.com/eu-sanctions-six-russian-hackers/

    Reply
  31. Tomi Engdahl says:

    Ransomware
    Meta’s Virtual Reality Headset Vulnerable to Ransomware Attacks: Researcher

    Researcher shows how hackers could use social engineering to deliver ransomware and other malware to Meta’s Quest 3 VR headset.

    https://www.securityweek.com/metas-virtual-reality-headset-vulnerable-to-ransomware-attacks-researcher/

    Reply
  32. Tomi Engdahl says:

    Rabbit R1 security issue allegedly leaves sensitive user data accessible to anybody https://engt.co/45F1hmy

    Reply
  33. Tomi Engdahl says:

    An ID verification service that works with TikTok and X left its credentials wide open for a year https://engt.co/4cA2jm8

    Reply
  34. Tomi Engdahl says:

    Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack
    Malicious updates available from WordPress.org create attacker-controlled admin account.
    https://arstechnica.com/security/2024/06/supply-chain-attack-on-wordpress-plugins-affects-as-many-as-36000-sites/

    Reply
  35. Tomi Engdahl says:

    Naisista salaa otetut takapuolikuvat leviävät Ylilaudalla – Asiantuntija: ”Vaikea reagoida laillisesti”
    Rikos- ja prosessioikeuden emeritusprofessori Matti Tolvanen pitää salakuvien jakamista Ylilaudalla rikosoikeudellisesti haastavana tapauksena.
    https://www.iltalehti.fi/kotimaa/a/35d4dcae-7509-40da-845a-db8b81dafa0e

    Ylilaudalla on toukokuun alusta lähtien jaettu salakuvia useista naisista. Kuvissa korostuvat naisten takapuolet.
    Emeritusprofessori Matti Tolvanen arvioi julkisella paikalla otettujen kuvien laillisuutta.
    Tolvasen mukaan pitää hyväksyä, että kaikki hyvän tavan vastainen menettely ei ole rikollista.

    Useista suomalaisnaisista otettuja salakuvia on jaettu suositulla keskustelupalstalla Ylilaudalla. Salakuvat ovat kohdistuneet erityisesti naisten takapuoliin.

    Kuvia on jaettu kahdessa viestiketjussa, joiden näkemiseen tarvitsee noin kymmenen euroa kuukaudessa maksavan kultatilin.

    Ketjuihin on jaettu myös esimerkiksi videoita bikineissä aurinkoa ottavista naisista. Kuvat ovat otettu pääsääntöisesti takaapäin, jolloin kuvattujen kasvoja ei näy.

    Kuvia on otettu julkisilla paikoilla, kuten lenkkipoluilla, myymälöissä ja parkkipaikoilla. Julkisella paikalla kuvaaminen on sallittua.

    – Kuvaaminen on sallittua, jos kuvan levittäminen ei loukkaa yksityisyyselämää tai kunniaa. Rikosta ei ole, jos kuvaa toista ihmistä torilla tai lenkillä, kommentoi rikos- ja prosessioikeuden emeritusprofessori Matti Tolvanen.

    Rikos tapahtuisi, jos henkilöä olisi kuvattu salaa esimerkiksi tämän kodin alueella. Tällöin puhuttaisiin salakatselusta, josta voidaan tuomita vankeutta enintään vuodeksi.

    – Salakatselu ei tähän sovellu, sillä ei olla kotirauhan suojaamalla alueella eikä kyseessä ole pukeutumistila tai käymälä, Tolvanen arvioi.

    Vaikka julkisella paikalla saa kuvata, kuvien levittäminen saattaa olla rikos.

    – Jos kuvia levitetään, niin silloin kyseessä saattaisi olla yksityiselämää loukkaavan tiedon levittäminen, jos intiimialueita on kuvattu. Myös kunnianloukkaus voisi olla kyseessä.

    – Kunnianloukkauksen raja voi täyttyä, jos ihmisistä aletaan nimillä puhua rumia, Tolvanen näkee.

    Tolvasen mukaan keskustelu ihmisten ulkomuodoista Ylilaudalla on rikosoikeuden näkökulmasta harmaalla alueella. Rikokseen ei syyllisty, jos toisesta ei käytä loukkaava kieltä.

    – Tällaiseen on varsin vaikea reagoida laillisesti. Somessa voi käyttäytyä sopimattomasti syyllistymättä rikokseen, sillä kaikki hyvän tavan vastainen menettely ei ole rikollista. Sekin on vain hyväksyttävä.

    Asianomistaja eli salakuvauksen kohde voi vaatia rikostutkintaa Ylilaudan keskusteluista.

    – Siinä tulisi sitten arvioitavaksi, onko kyseessä kunnianloukkaus vai yksityiselämää loukkaavan tiedon levittäminen. Se riippuu sitten levitystavasta ja siitä, mitä kuva esittää, Tolvanen arvioi.

    Reply

Leave a Reply to Tomi Engdahl Cancel reply

Your email address will not be published. Required fields are marked *

*

*