Security daily (27-05-2020)

040| Can Contact Tracing Apps Preserve Your Privacy?

Contact tracing is a key strategy for preventing the spread of COVID-19, and smartphone-assisted contract tracing automates a laborious process. But contact tracing technologies face criticism from privacy advocates concerned about the potential for abuse. F-Secure privacy expert and global technical director Tomi Tuominen argues that the issue is a process problem, not a technology problem. Janne speaks with Tomi about contact tracing, how apps should fit into a bigger healthcare picture, and how privacy-preserving contact tracing technology should work.   Links: Episode 40 transcript Tracking COVID tracing apps in different countries, MIT Technology Review Principles for Technology-Assisted Contact Tracing, ACLU   (Cyber Security Sauna)

Google finds Indian hack-for-hire firms exploiting coronavirus fears via spearphishing schemes

Hack-for-hire firms in India have been impersonating the World Health Organization in credential-stealing spearphishing email campaigns, Google’s Threat Analysis Group said Wednesday. The hack-for-hire campaign, which has targeted healthcare companies, consulting firms, and financial services entities primarily in the U.S., Slovenia, Canada, Iran, Bahrain, and Cyprus, uses Gmail accounts imitating the WHO to direct victims to lookalike WHO websites. From there, victims are urged to sign up for healthcare alerts related to the coronavirus pandemic, according to Google. When signing up, however, users are prompted to reveal their Google account credentials or other personal information such as their cell phone numbers. It’s just the latest example of criminals and nation-state actors seizing upon the uncertainty during the COVID-19 pandemic to send spam emails purporting to have information from health authorities about the coronavirus, but are actually seeking to steal credentials or are laced with malware. Other spearphishing email campaigns have imitated the U.S. Centers […] The post Google finds Indian hack-for-hire firms exploiting coronavirus fears via spearphishing schemes appeared first on CyberScoop. (CyberScoop)

Adjusting to the new security realities of a remote workforce

CIOs and CISOs have been under intense pressure to meet the needs of homebound workers, while simultaneously needing to take added steps to safeguard their enterprise networks. Steve Grobman, senior vice president and chief technology officer at McAfee, has a global view of that challenge. Grobman leads the company’s worldwide development of next-generation cyberdefense and data science technologies as well as threat and vulnerability research. In an interview for CyberScoop, Grobman shares his observations on what enterprise IT leaders are encountering — and measures that they might take to mitigate risks associated with home networks essentially becoming part of the enterprise IT infrastructure. This interview, underwritten by McAfee, was edited for brevity. CyberScoop: Organizations are sprinting to equip their employees to work remotely. How is that impacting the cyber risks enterprises face across their networks? Steve Grobman: Organizations must recognize that there are risks associated with new types of employees […] The post Adjusting to the new security realities of a remote workforce appeared first on CyberScoop. (CyberScoop)

Email scam aims to drop Dridex on machines by impersonating FedEx, UPS

As more Americans rely on package deliveries during the coronavirus pandemic, scammers are trying to capitalize on the tracking process by sending spoofed emails containing malicious software. Hackers are sending spoofed emails that appear to be from FedEx, UPS and DHL as part of a mass emailing campaign meant to infect victims’ computers, according to research initially published on May 5 by the security vendor Votiro. The messages appear to include package tracking updates, though at least some of them aim to infect recipients with a strain of malware known as Dridex, which is typically used to steal bank account data. The messages usually ask recipients to download an invoice, or view their tracking information. Code in the images, links and header of the email all appeared to be legitimate, providing the hackers with cover. They also disguised many of the messages to make them appear as if they arrived […] The post Email scam aims to drop Dridex on machines by impersonating FedEx, UPS appeared first on CyberScoop. (CyberScoop)

Canadian judge OKs extradition proceedings for Huawei CFO

A Canadian judge has ruled that extradition proceedings to the U.S. should continue for an executive of Chinese telecommunications giant Huawei. The ruling is a blow to Huawei’s efforts to shield its chief financial officer, Meng Wanzhou, from the U.S. justice system, and a further escalation in the long-running war between the U.S. government and one of the world’s biggest technology companies. U.S. prosecutors have for over a year sought the extradition of Meng, the daughter of Huawei’s founder, on charges that she participated in a bank fraud scheme that violated trade sanctions against Iran. After Canadian authorities arrested Meng in December 2018, she fought extradition, arguing that the allegations did not constitute a crime in Canada. But a British Columbia Supreme Court judge dismissed that argument Wednesday, saying that the offense she is accused of would be a crime if it occurred in Canada, potentially clearing the way for her extradition. […] The post Canadian judge OKs extradition proceedings for Huawei CFO appeared first on CyberScoop. (CyberScoop)

26 million LiveJournal users warned that their passwords have been breached

On underground criminal marketplaces the email addresses and plaintext passwords of over 26 million LiveJournal blogging accounts are being traded, despite LiveJournal’s owners refusing to acknowledge that any security breach has occurred. Read my article on the Hot for Security blog. (Graham Cluley)

Password security is critical in a remote work environment – see where businesses are putting themselves at risk

Graham Cluley Security News is sponsored this week by the folks at LastPass. Thanks to the great team there for their support! LastPass has analyzed over 47,000 businesses to bring you insights into security behavior worldwide. The takeaway is clear: Many businesses are making significant strides in some areas of password and access security – […] (Graham Cluley)

Apple sends out 11 security alerts – get your fixes now!

Apple's current round of updates have been officially anounced in the company's latest Security Advisory emails. (Naked Security)

Open source libraries a big source of application security flaws

How many vulnerabilities lurk inside the open source libraries that today’s developers happily borrow to build their applications? (Naked Security)

Google may soon add end-to-end encryption for RCS

The dogfood version of the recently updated app shows multiple references to encryption for RCS, the feature-rich successor to SMS messaging. (Naked Security)

OpenSSH To Deprecate SHA-1 Logins Due To Security Risk

(News ≈ Packet Storm)

Meet unCover, The New iPhone Jailbreak

(News ≈ Packet Storm)

Facebook Shareholders Try To Block Encryption Plan

(News ≈ Packet Storm)

Trump Accuses Twitter Of Election Interference Because He Lies

(News ≈ Packet Storm)

Chinese Researchers Disrupt Malware Attack That Infected Thousands of PCs

Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems.

The botnet was traced back to a group it calls ShuangQiang (also called Double Gun), which has been behind several attacks since 2017 aimed at compromising Windows computers with MBR and VBR bootkits, and installing malicious drivers for (The Hacker News)

DoubleGun Group Builds Massive Botnet Using Cloud Services

The latest campaign spread malware via pirate gaming portals. (Threatpost)

‘[F]Unicorn’ Ransomware Impersonates Legit COVID-19 Contact-Tracing App

The new malware family was seen pretending to be an official Italian app, called Immuni. (Threatpost)

Hackers Sell Data from 26 Million LiveJournal Users on Dark Web

Passwords and other credentials have been listed on Have I Been Pwned as attack rumors circulate. (Threatpost)


/security-daily/ 28-05-2020 23:44:26