Security daily (07-09-2021)

ProtonMail said Swiss court order left no choice but to log activist's IP address

ProtonMail, the encrypted email service that’s built a reputation for safeguarding user data, said it had no choice but to provide details about an activist to French authorities, amid mounting questions about the privacy protections in the popular mail client. Swiss-based ProtonMail is an end-to-end encrypted service that markets itself as a tool that encrypts messages and other user data before the company accesses it. It’s a technique that, for more than 50 million users, aims to provide additional layers of protection than are available with more common email options, such as Gmail. A French police report published on Sept. 2 appears to show that police used ProtonMail to collect the IP address, a specific number that pertains to an individual computer, of an unnamed French activist who was demonstrating against real estate gentrification in Paris. The case appears to undercut ProtonMail’s assurance that it does not log the IP […] The post ProtonMail said Swiss court order left no choice but to log activist's IP address appeared first on CyberScoop. (CyberScoop)

Bitcoin Becomes Legal Tender In El Salvador

(News ≈ Packet Storm)

IoT Attacks Skyrocket, Doubling In Six Months

(News ≈ Packet Storm)

Report: This Is The Perfect Ransomware Victim

(News ≈ Packet Storm)

Outlook Shows Real Contact Info For Spoofed IDNs

(News ≈ Packet Storm)

New 0-Day Attack Targeting Windows Users With Microsoft Office Documents

Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that's being used to hijack vulnerable Windows systems by leveraging weaponized Office documents. Tracked as CVE-2021-40444 (CVSS score: 8.8), the remote code execution flaw is rooted in MSHTML (aka Trident), a proprietary browser engine for the now-discontinued Internet Explorer and which is used in (The Hacker News)

Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server

The maintainers of Jenkins—a popular open-source automation server software—have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a recently disclosed vulnerability in Atlassian Confluence service to install a cryptocurrency miner. The "successful attack," which is believed to have occurred last week, was mounted against its (The Hacker News)

ProtonMail Logs Activist's IP Address With Authorities After Swiss Court Order

End-to-end encrypted email service provider ProtonMail has drawn criticism after it ceded to a legal request and shared the IP address of anti-gentrification activists with law enforcement authorities, leading to their arrests in France. The Switzerland-based company said it received a "legally binding order from the Swiss Federal Department of Justice" related to a collective called Youth for (The Hacker News)

Ragnar Locker Gang Warns Victims Not to Call the FBI

Investigators/the FBI/ransomware negotiators just screw everything up, the ransomware gang said, threatening to publish files if victims look for help. (Threatpost)

Netgear Smart Switches Open to Complete Takeover

The Demon's Cries, Draconian Fear and Seventh Inferno security bugs are high-severity entryways to corporate networks. (Threatpost)

Jenkins Hit as Atlassian Confluence Cyberattacks Widen

Patch now: The popular biz-collaboration platform is seeing mass scanning and exploitation just two weeks after a critical RCE bug was disclosed. (Threatpost)

ProtonMail Forced to Log IP Address of French Activist

The privacy-touting, end-to-end encrypted email provider erased its site's “we don’t log your IP” boast after France sicced Swiss cops on it. (Threatpost)

Authorities Arrest Another TrickBot Gang Member in South Korea

A hacker known only as “Mr. A” was picked up by authorities at a South Korean airport after getting stuck in the country due to COVID-19 travel restrictions. (Threatpost)


/security-daily/ 08-09-2021 23:44:23