Adam Lange

Russian hackers have intensified attacks on the mobile devices of Ukrainian military personnel - State Special Communications Service research. Russian hackers have increased the number of cyberattacks on the mobile devices of Ukrainian military personnel. In the second half of 2023, hackers associated with the GRU of the Russian Federation actively used messengers and social engineering to spread malware. The analytical report "Russian Cyber Operations" H2 '2023 prepared in English by experts from the government's Computer Emergency Response Team of Ukraine (CERT-UA) is here: https://lnkd.in/d3YT-DNg Key points in attacks on mobile devices: ▪️ Use of legitimate products as camouflage: hackers disguised spyware as installers of legitimate programs, such as the "Kropyva" situational awareness system. ▪️ Spread of malware through Signal and Telegram: criminals used these messengers to distribute malicious files, disguising them as cybersecurity instructions from CERT-UA. ▪️ Swift reaction and adaptation: hackers quickly responded to new defense methods and developed new attack vectors. ▪️ Targeting Windows software: most messenger-based attacks aimed to spread malware for Windows, as many military personnel use computer versions of messengers. ▪️ Use of bait files: criminals distributed malware in the form of zip or rar archives, disguising them as certificate updates for the Delta situational awareness complex.

8

Europol and the European Police Chiefs jointly state that "end-to-end encryption (E2EE) undermines capabilities crucial to supporting online safety and prevents tech firms from complying with lawful access orders during police investigations, and the ability of technology companies to proactively identify illegal and harmful activity on their platforms.” Let that sink in. The top European law enforcement agencies call to break E2EE. I had to read it twice and then rub my eyes in disbelief. Europe has always been, and still is, home to the best cryptographers, and most innovative cryptography, and is typically way ahead of the US in implementing encryption. Yet here we are... A couple of comments to the esteemed European police folks: 1. It's a VERY bad idea to break E2EE. Given the porous nature of your organizations, in a matter of weeks, these backdoors will find their way to your adversaries -- be it states or "plain" hackers. 2. E2EE is the first line of defense (the last line of defense is encryption of the data at rest). There is no security substitute for such encryption. You break it -- you invite attackers in. Here's my advice to you: >> STOP BEING LAZY. >> Invest in new technologies that will allow enforcement of the law without breaking encryption or infringing privacy. Be innovative and visionary for once. Get out of your comfort zone and start working. No solution will ever be created without a good measure of blood, toil, tears, and sweat. Links: 1. Media coverage: https://lnkd.in/gtbNCn9N; https://lnkd.in/g8mFg3T5 2. The official statement: https://lnkd.in/gGDMV4fV #encryption #dataencryption #endtoendencryption #e2ee #privacy #compliance

10

End-to-End Encryption vs. Protecting Children: Can We Have Both? A recent proposal by the European Union has ignited a fierce debate: should tech companies be mandated to scan private messages for child sexual abuse material (CSAM)? Protecting children is imperative, but this proposal raises grave concerns about the integrity of end-to-end encryption. Encryption is the cornerstone of our online privacy. It ensures that only the sender and recipient can access a message's contents. Undermining encryption would have profound consequences, leaving our communications vulnerable to malicious actors. How can we trust the government to safeguard our privacy when vulnerabilities exist in platforms like Signal, a widely trusted encrypted messaging service? Consider the following CVEs: Signal Desktop: CVE-2023-36665, CVE-2022-37601, CVE-2021-23440, CVE-2019-10747 Signal Server: CVE-2022-1471, CVE-2022-42889, CVE-2022-0839 libsignal: CVE-2023-42282 These vulnerabilities highlight the ongoing challenges in maintaining secure communication channels, making it even more critical to question any measures that could further weaken encryption. Advocates of the EU's plan assert that it's necessary to combat the proliferation of CSAM. However, critics argue that scanning private messages sets a dangerous precedent, paving the way for mass surveillance and infringing on our right to privacy. Moreover, such measures might prove futile, as criminals could simply migrate to more secure platforms. The critical question is whether we can protect children without compromising our privacy. This issue demands careful deliberation. We must devise solutions that tackle CSAM effectively without dismantling encryption's security advantages. Consider these questions: 1. Are there alternative methods to detect and prevent CSAM that do not involve scanning private messages? 2. Can education and awareness programs be enhanced to empower people to identify and report CSAM? 3. What role can tech companies play in creating solutions that protect children while upholding privacy? I would like you to please engage in this conversation and share your perspectives on this vital issue. Together, we can find a solution that protects our children and our privacy. #Signal #cybersecurity #privacy #encryption #childsafety #EU #technology What do you think? Can we strike a balance between protecting children and safeguarding privacy? Websites reviewed https://lnkd.in/e_CHeGfU

15

1 komentarz

🤔 Will Andorran #domains be used for #advertisement or for #cybersquatting? 📢 The domain registry just announced the upcoming lift of all restrictions related to the registration of .ad domains, and the adoption of the classic registry-registrar model. ⚠ They are yet to announce if any out-of-court #dispute procedure will be available. None has been announced so far. 🌐 Many ccTLDs are used in their generic meaning, the most famous being .tv. The .ad will certainly not escape that trend. 💡 We recommend that companies secure their .ad domains before they are registered by malicious third parties.

7

1 komentarz

What a great post from Dries on DORA en NIS2 differences and overlap. Answers most, if not all, of the questions I get on the subject! Must read, especially if you're active in the financial sector!

14

Caution Warranted: More Evidence Needed on Trust Wallet's iMessage Vulnerability Claim The recent warning from Trust Wallet about a purported zero-day vulnerability in Apple's iMessage has raised concerns within the crypto community. While the startup claims to have "credible intel" about a high-risk attack vector targeting iPhone and iOS users, the available information raises more questions than answers. Trust Wallet's alert suggests that dark web hackers have discovered an exploit that can infiltrate iOS devices through the default iMessage app, without users needing to click on any links[1][2][3]. The company has advised iPhone and iPad owners to completely disable iMessage as a precautionary measure until Apple addresses the issue[1][2][3]. Trust Wallet has not provided specific details on the source of its "credible intel" or whether any actual crypto losses have been reported by users[1][2][3]. This lack of transparency makes it difficult to assess the severity and veracity of the claimed vulnerability. Furthermore, the broader security community has expressed skepticism about Trust Wallet's claims. Beau, a blockchain researcher, has criticized the company for "overestimating the confidence level" and noted that they only have a screenshot of someone claiming to have an exploit, rather than concrete proof[2][3]. This suggests the evidence may not be as robust as Trust Wallet has implied. It is also worth noting that Apple has not yet addressed or denied the claims made by Trust Wallet[1][2][3][4][5]. While the potential implications of a genuine iMessage vulnerability are concerning, the available information is insufficient to conclusively determine the legitimacy of Trust Wallet's alert. Users should exercise caution and wait for more concrete evidence or a response from Apple before taking any drastic measures, such as disabling iMessage entirely. It is important to note that Apple has not been without its share of zero-day iOS vulnerabilities in the past[1]. This underscores the need for a thorough investigation and verification of the claims made by Trust Wallet to ensure the safety and security of iOS users. Sources [1] Trust Wallet warns Apple iOS users of iMessage vulnerability https://lnkd.in/g_qFzZSg [2] Trust Wallet Warns Apple iOS Users of iMessage Vulnerability - CoinMarketCap https://lnkd.in/gJug2gu2 [3] Trust Wallet warns iOS users of zero-day exploit - Cybernews https://lnkd.in/gsqUUNsQ [4] A crypto wallet maker's warning about an iMessage bug sounds like a ... https://lnkd.in/gyr8Tyi9 [5] iPhone users warned about iMessage exploit, but it could be fake https://lnkd.in/gxFFCQVg

15

Michal Braverman-Blumenstyk, CTO Microsoft Security at BlueHat IL: “Cybercrime has an annual GDP of $8T. If it were a country, it would have the 3rd largest GDP in the world, and by far the fastest growing one”. It takes a village of very smart people to deter and counter these attackers. Blockchain security has a high impact on threat actors ability to operate freely. We need to improve prevention, shed more light on them, and block them more effectively. • If you’re building a blockchain project and not sure how to properly secure it, let’s talk. • If you’re protecting blockchain-based systems or enterprises and want to collaborate, let’s talk. • Also, if you’re not sure why blockchain can have a meaningful impact on this… let’s talk! Thanks Microsoft for sharing the insights, and for an amazing conference like always!

30

From October, UK banks will be 💯% liable for #scam losses - even when the payment is authorised by the customer. (It doesn’t mean you can all go and get scammed now! 😅) Authorised Push Payment fraud is where a victim is tricked into making a large bank transfer to an account posing as a legitimate organisation. But in a few months, people will be fully reimbursed and the costs will be equally divided between the bank managing the customer's account sending the funds and the bank operating the account receiving them. 🤔 Not only could this force banking costs to rise, I predict we could see an increase in attempts as fraudsters will know the money is available. I also think we may see an uptick in first-party fraud where the actual account holder uses their own credentials for fraudulent means.

326

86 komentarzy

Very interesting scenario. This case clearly underlines the growing impact of security regulation in product developement lifecycle and market dynamics. It also highlights a need for clearer and timely communication of such regulatory impacts by the governing body. Thanks for sharing Sarah Fluchs #securitybydesign

1

Are you aware of Tycoon 2FA phishing KIT? No :O? Maybe you should go on reading the article… https://lnkd.in/dmy7BKGF #software #programmer #cloud #phishing #cybersecuritytraining #networking #itsecurity #ransomware #hacked #internet #computer #data #iot #hackingtools #networksecurity #bhfyp #cloudcomputing #anonymous #databreach #ai #windows #cloudsecurity #java #developer #microsoft #cybersecuritynews #innovation #datascience #machinelearning #bugbounty

1

An interesting study on how human brainwaves can be used as a reliable method of authentication due to the fact that they are unique enough across individuals to be useful as biometrics. https://lnkd.in/gDzp_GpT #cybersecurity #authentication #biometrics #research

10

1 komentarz

We know that fraudsters are opening TONS of US bank accounts to link them for money laundering via Zelle/CashApp/Venmo etc. Ever wonder how much they charge for their services? This is an ad from a Chinese money laundering company (oops! High risk payment processor, I meant...). The name translates to "918 Bet Paradise" (918 博天堂) - though many of their dozens of websites render it 博天堂918(中国)有限公司 - 918 Bet Paradise (China) Technology Company. (918 is a Chinese "number pun" for "good luck." 9(jiu)1(yao)8(ba) sounds like the words for "good luck" 加油吧 .) According to the ad, as of June 10th they were charging 40% for Zelle transfers. The same as Money Gram or Western Union. (The number displayed is the amount that the person using their services KEEPS, not what they pay.) The fee on CashApp is only 30%. The fee on Venmo is 55%! What do my #AML friends think this tells us? Is it a statement of supply and demand? or does it have more to do with chance of success or burning the account being used? I'd love to hear your thoughts and opinions. On the right are some common Gift card exchange rates. Why is a Best Buy card only worth 40% of face value while a Target is 62% and a Steam is 70%?

102

10 komentarzy