Table of Contents

  1. Privacy
    1. Google faces €600k privacy fine in Belgium
    2. The Microsoft Police State: Mass Surveillance, Facial Recognition, and the Azure Cloud
  2. Politics
    1. Huawei to be stripped of role in UK's 5G network by 2027, Dowden confirms
    2. Second Catalan politician says phone was targeted by spyware
  3. Vulnerabilities
    1. SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers
  4. Malware
    1. New GoldenHelper malware found in official Chinese tax software
    2. Android chat app uses public code to spy, exposes user data
    3. The Tetrade: Brazilian banking malware goes global
  5. Breaches
    1. Wattpad data breach exposes account info for millions of users
  6. Crime
    1. San Diego Resident Receives 46 Months after Pleading Guilty to Million-Dollar Scam Involving the Stolen Identities of Military Members
  7. Misc
    1. Confidential VMs

Privacy

Google faces €600k privacy fine in Belgium

Google Belgium was imposed a fine of €600,000 by the Data Protection Authority (DPA) because the search engine did not respect a citizen's right to be forgotten, the DPA announced on Tuesday. "The right to be forgotten must strike the correct balance between, on the one hand, the public's right of access to information and, on the other hand, the rights and interests of the data subject," said Hielke Hijmans, Director of the DPA's Litigation Chamber. Google had received a request from someone, "who by virtue of his function plays a role in public life in Belgium," to remove the search results linked to his name from the search engine.

The Microsoft Police State: Mass Surveillance, Facial Recognition, and the Azure Cloud

Microsoft's links to law enforcement agencies have been obscured by the company, whose public response to the outrage that followed the murder of George Floyd has focused on facial recognition software. This misdirects attention away from Microsoft's own mass surveillance platform for cops, the Domain Awareness System, built for the New York Police Department and later expanded to Atlanta, Brazil, and Singapore. It also obscures that Microsoft has partnered with scores of police surveillance vendors who run their products on a "Government Cloud" supplied by the company's Azure division and that it is pushing platforms to wire police field operations, including drones, robots, and other devices.

Politics

Huawei to be stripped of role in UK's 5G network by 2027, Dowden confirms

Huawei is to be stripped out of Britain's 5G phone networks by 2027, a date that puts Boris Johnson on collision course with a group of Conservative rebels who want the Chinese company eliminated quicker and more comprehensively. Oliver Dowden, the UK culture secretary, also announced that no new Huawei 5G kit can be bought after 31 December this year -- but disappointed the rebels by saying that older 2G, 3G and 4G kit can remain until it is no longer needed. It follows sanctions imposed by Washington, which claims the firm poses a national security threat - something Huawei denies.

Second Catalan politician says phone was targeted by spyware

A second prominent member of Catalan's pro-independence movement has revealed he was warned that his mobile phone was targeted using spyware. The development is likely to bolster calls for an investigation into the possible use of hacking technology by Spanish authorities. Ernest Maragall, an MP in the regional parliament and a former member of the European parliament who also served as Catalan foreign minister, told the Guardian and El País that he was alerted by researchers working with WhatsApp that his phone had been targeted last year. A joint investigation by the newspapers revealed on Monday that Roger Torrent, the speaker of the Catalan parliament, was also targeted in 2019, according to researchers at Citizen Lab at the University of Toronto, who have collaborated with WhatsApp.

Vulnerabilities

SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers

A critical vulnerability that's been sitting in Microsoft's Windows DNS Server for almost two decades could be exploited to gain Domain Administrator privileges and compromise the entire corporate infrastructure behind it. The vulnerability received the tracking identifier CVE-2020-1350 and the name SIGRed. It is a remote code execution that affects Windows Server versions 2003 through 2019 and received the maximum severity rating, 10 out of 10. It is wormable, meaning that an exploit can propagate automatically to vulnerable machines on the network with no user interaction. This characteristic puts it in the same risk category as EternalBlue in Server Message Block (SMB) and BlueKeep in the Remote Desktop Protocol (RDP).

Malware

New GoldenHelper malware found in official Chinese tax software

A new backdoor dubbed GoldenHelper was discovered by Trustwave embedded within Golden Tax Invoicing Software, part of the Chinese government' Golden Tax Project and required for issuing invoices and paying value-add tax (VAT) taxes. Last month, researchers at Trustwave SpiderLabs also found the GoldenSpy backdoor hidden within the Intelligent Tax software which companies were required to install to work with Chinese banks. The newly spotted GoldenHelper backdoor (named after its main command and control domain tax-helper.ltd) is completely different from GoldenSpy, but it uses a very similar delivery method and it's also used to gain access to the networks of international companies doing business in China. The campaign distributing the GoldenHelper malware was active between January 2018 and July 2019 (command and control domains expired in January 2020), right before the GoldenSpy campaign was launched in April 2020.

Android chat app uses public code to spy, exposes user data

A chat application for Android claiming to be a secure messaging platform comes with spying functionality and stores user data in an unsecured location that is publicly available. Welcome Chat targets users from a specific region of the world and relies on open source code for recording calls, stealing text messages, and tracking. The developers of Welcome Chat promoted it as a secure communication solution that is available from the Google Play store. Its intended audience are Arabic-speaking users. It's important to note that some countries in the Middle East ban this type of apps. Researchers at cybersecurity company ESET found that the app delivers more than the advertised chat functions and it was never part of the official Android store.

The Tetrade: Brazilian banking malware goes global

This article is a deep dive intended for a complete understanding of these four banking trojan families: Guildma, Javali, Melcoz and Grandoreiro, as they expand abroad, targeting users not just in Brazil, but in the wider Latin America and Europe.

Breaches

Wattpad data breach exposes account info for millions of users

An allegedly stolen Wattpad database containing 270 million records were being sold in private sales for over $100,000. Now it is being offered for free on hacker forums. Watthpad is a web site that allows members to publish user-generated stories on a variety of different topics. The site is immensely popular and is ranked as the the 150th most visited site worldwide. In an anonymous tip, BleepingComputer was told that this database was being sold by Shiny Hunters, a group known for selling company databases acquired in data breaches. At the time, Cyber intelligence firm Cyble told BleepingComputer that this database was being sold for ten bitcoins, or almost $100,000 at the time.

Crime

San Diego Resident Receives 46 Months after Pleading Guilty to Million-Dollar Scam Involving the Stolen Identities of Military Members

A 32-year old California man was sentenced to 46 months in federal prison after pleading guilty to a million-dollar scheme involving stolen identities of United States service members and veterans. During his trial, Trorice Crawford admitted that he and his co-conspirators stole money from military members' bank accounts from May 2017 to July 2020 after infiltrating a Department of Defense portal. According to a report, Crawford's co-defendant, Frederick Brown, a former medical records administrator for the U.S. Army, exfiltrated personal identifiable information of thousands of military members using his smartphone. Brown logged into the Armed Forces Health Longitudinal Technology Application and stole names, social security numbers, DOD ID numbers, dates of birth and contact information.

Misc

Confidential VMs

Google has announced Confidential VMs, now in beta, the first product in Google Cloud's Confidential Computing portfolio.