Table of Contents
- Password managers
The Secretive Company That Might End Privacy as We Know It
This is one of the reasons why I don't do social media: Mr. Ton-That --- an Australian techie and onetime model --- did something momentous: He invented a tool that could end your ability to walk down the street anonymously, and provided it to hundreds of law enforcement agencies ranging from local cops in Florida to the F.B.I. and the Department of Homeland Security. His tiny company, Clearview AI, devised a groundbreaking facial recognition app. You take a picture of a person, upload it and get to see public photos of that person, along with links to where those photos appeared. The system --- whose backbone is a database of more than three billion images that Clearview claims to have scraped from Facebook, YouTube, Venmo and millions of other websites --- goes far beyond anything ever constructed by the United States government or Silicon Valley giants.
Bruce Schneier: Banning Facial Recognition Isn’t Enough
Communities across the United States are starting to ban facial recognition technologies. In May of last year, San Francisco banned facial recognition; the neighboring city of Oakland soon followed, as did Somerville and Brookline in Massachusetts (a statewide ban may follow). In December, San Diego suspended a facial recognition program in advance of a new statewide law, which declared it illegal, coming into effect. Forty major music festivals pledged not to use the technology, and activists are calling for a nationwide ban. Many Democratic presidential candidates support at least a partial ban on the technology. These efforts are well-intentioned, but facial recognition bans are the wrong way to fight against modern surveillance. Focusing on one particular identification method misconstrues the nature of the surveillance society we're in the process of building. Ubiquitous mass surveillance is increasingly the norm. In countries like China, a surveillance infrastructure is being built by the government for social control. In countries like the United States, it's being built by corporations in order to influence our buying behavior, and is incidentally used by the government.
EU calls for five year ban on facial recognition
A leaked draft of a white paper has revealed that the European Commission is considering a temporary ban on the use of facial recognition technologies in public areas for up to five years. A temporary ban would give regulators the time they need to figure out how to prevent facial recognition from being abused by both governments and businesses. The white paper proposes imposing obligations on both the developers and users of facial recognition while also calling on EU countries to create an authority to monitor the new rules surrounding this controversial technology. The white paper also features five regulatory options for AI across the EU which include voluntary labeling, sectorial requirements for public administration and facial recognition, mandatory risk-based requirements for high-risk applications, safety and liability and governance. Facial recognition has a high potential for misuse which is why the European Commission's plan to impose a temporary ban while it weighs all the options makes a great deal of sense.
Mitsubishi Electric discloses data breach, media blame China-linked APT
Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate information. They disclosed the security incident only after two local newspapers, the Asahi Shimbun and Nikkei, reported the security breach. "According to people involved, Chinese hackers Tick may have been involved. According to Mitsubishi Electric, "logs (to check for leaks) have been deleted and it is not possible to confirm whether they actually leaked." reported the Nikkei.
Citrix Patches CVE-2019-19781 Flaw in Citrix ADC 11.1 and 12.0
Citrix released permanent fixes for the actively exploited CVE-2019-19781 vulnerability impacting Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances and allowing unauthenticated attackers to perform arbitrary code execution. It is necessary to upgrade all Citrix ADC and Citrix Gateway 11.1 instances (MPX or VPX) to build 220.127.116.11 to install the security vulnerability fixes. It is necessary to upgrade all Citrix ADC and Citrix Gateway 12.0 instances (MPX or VPX) to build 18.104.22.168 to install the security vulnerability fixes."
The Bug That Exposed Your PayPal Password
This is the story of a high-severity bug affecting what is probably one of PayPal's most visited pages: the login form.
Netgear Signed TLS Cert Private Key Disclosure
Netgear publishes their own private keys inside the firmware image of the router completely unprotected.
Linux Rekoobe Operating with New, Undetected Malware Samples
Intezer team has identified new versions of an old Linux malware known as Rekoobe, a minimalistic Trojan with a complex CNC authentication protocol originally targeting SPARC and Intel x86, x86-64 systems back in 2015. The new malware samples have lower detection rates than their predecessors.
Emotet Malware Dabbles in Extortion With New Spam Template
The Emotet malware has started using a spam template that pretends to be an extortion demand from a "Hacker" who states that they hacked the recipient's computer and stole their data. Emotet is spread through spam emails that commonly use templates based around a particular theme such as shipping information, voice mails, scanned documents, reports, and invoices. Emotet will then use the infected computer to send further malicious spam and to download and install other malware onto the device. In a new template shared with BleepingComputer by security researcher ExecuteMalware, the Emotet operators have started to use a similar extortion template that states "YOUR COMPUTER HACKED!" Emotet malicious document template. Once the document is opened, a PowerShell command will be executed that downloads and installs the Emotet Trojan on the computer.
New NetWire RAT Campaigns Use IMG Attachments to Deliver Malware Targeting Enterprise Users
The NetWire RAT is a malicious tool that emerged in the wild in 2012. The actual file was an executable that installed the NetWire RAT as soon as the file was clicked. Researchers have tried to figure out what was the NetWire RAT campaign they detected was after this time. Recent campaigns in the wild show that the NetWire RAT is not the only malware being delivered via disk imaging file extensions. The RAT is hidden inside an IMG file, which is a file extension used by disk imaging software. Since many attachments can be automatically blocked by email security controls, spammers often carefully choose the type of file extensions they use in malspam messages.
FTCode Ransomware Now Steals Saved Login Credentials
FTCode ransomware victims now have one more thing to worry about with the malware having been upgraded to also steal saved user credentials from email clients and web browsers. The 'new and improved' FTCode ransomware added info stealer functionality allows FTCode to harvest and exfiltrate the stored credentials before encrypting its victims' files. An FTCode Decryptor for those who can capture the encryption keys while having their computers encrypted is available from Certego. Right before starting to encrypt the files, FTCode will check for the C:\Users\Public\OracleKit\w00log03.tmp file that acts as a killswitch. Next, FTCode starts encrypting files adding the .FTCODE extension to all locked files and READ~MENOW~.htm ransom notes to every folder.
Ransomware Gangs Target Fresh Victims: Patients
Ransomware Gangs Target Fresh Victims: Patients. Could the Attack on a Florida Clinic be the start of a disturbing trend? The hackers claimed to have 'the complete patient's data' for TCFFR that 'can be publicly exposed or traded to third parties," the statement notes. The FBI has instructed patients receiving ransom demands to file independent cybercrime complaints online with the bureau, the statement notes. Some experts note that more ransomware gangs are now exfiltrating data from victims before leaving systems crypto-locked (see Alarming Trend: More Ransomware Gangs Exfiltrating Data). Weiss suggests that patients should ask their healthcare providers what they are doing to keep personal healthcare data safe from cyberattacks.
DDoS Mitigation Firm Founder Admits to DDoS
A Georgia man who co-founded a service designed to protect companies from crippling distributed denial-of-service (DDoS) attacks has pleaded to paying a DDoS-for-hire service to launch attacks against others. Tucker Preston, 22, of Macon, Ga., pleaded guilty last week in a New Jersey court to one count of damaging protected computers by transmission of a program, code or command. DDoS attacks involve flooding a target website with so much junk Internet traffic that it can no longer accommodate legitimate visitors. Preston's guilty plea agreement (PDF) doesn't specify who he admitted attacking, and refers to the target only as "Victim 1." Preston declined to comment for this story.
US Retailer Hanna Andersson Hacked to Steal Credit Cards
LastPass stores passwords so securely, not even its users can access them
Social media is awash with customers unable to connect to the service either via the company's website or through its various apps. For some, the problem has been going on for days. This is exactly why I prefer to store my secrets locally and not use a cloud provider for this kind of stuff.