This posting is here to collect cyber security news in May 2019.
I post links to security vulnerability news to comments of this article.
If you are interested in cyber security trends, read my Cyber security trends 2019 posting.
You are also free to post related links.
355 Comments
Tomi Engdahl says:
Catalin Cimpanu / ZDNet:
Dark web marketplace Wall Street Market, whose admins exit-scammed users of $14.2M+ in cryptocurrency, seized by German police and other international agencies
Law enforcement seizes dark web market after moderator leaks backend credentials
https://www.zdnet.com/article/law-enforcement-seizes-dark-web-market-after-moderator-leaks-backend-credentials/
Wall Street Market seized by law enforcement agencies from Germany, the US, the Netherlands, and France.
Tomi Engdahl says:
Firefox disabled all add-ons because a certificate expired (updated)
https://www.engadget.com/2019/05/03/firefox-extension-add-on-cert/
As of 7 AM ET on Saturday morning, a fix is now rolling out.
Tomi Engdahl says:
Catalin Cimpanu / ZDNet:
Vulnerability in Dell’s pre-installed SupportAssist utility exposes Dell computers to remote hijacks if attacker can get on the same network with unpatched PC
Dell laptops and computers vulnerable to remote hijacks
https://www.zdnet.com/article/dell-laptops-and-computers-vulnerable-to-remote-hijacks/
Another security flaw in a vendor’s bloatware apps puts users at risk.
A vulnerability in the Dell SupportAssist utility exposes Dell laptops and personal computers to a remote attack that can allow hackers to execute code with admin privileges on devices using an older version of this tool and take over users’ systems.
Tomi Engdahl says:
Faxsploit – Exploiting A Fax With A Picture
https://hackaday.com/2019/05/04/faxsploit-exploiting-a-fax-with-a-picture/
Security researchers have found a way to remotely execute code on a fax machine by sending a specially crafted document to it. So… who cares about fax? Well apparently a lot of persons are still using it in many institutions, governments and industries, including the healthcare industry, legal, banking and commercial. Bureaucracy and old procedures tend to die hard.
This is one of those exploits that deserve proper attention, for many reasons. It is well documented and is a great piece of proper old school hacking and reverse engineering.
Faxploit: Sending Fax Back to the Dark Ages
https://research.checkpoint.com/sending-fax-back-to-the-dark-ages/
Taking Over a Network Using Just a Fax Number
To provide some background, fax today is widely used in all-in-one printer devices by many industries worldwide. These all-in-one printers are then connected both to the internal home or corporate networks through their Ethernet, WiFi, Bluetooth, etc interfaces. However, in addition they are also connected to a PSTN phone line in order to support the fax functionality that they include.
Our research set out to ask what would happen if an attacker, with merely a phone line at his disposal and equipped with nothing more than his target`s fax number, was able to attack an all-in-one printer by sending a malicious fax to it. If the answer was ‘yes’, then he could potentially gain complete control over the printer and possibly infiltrate the rest of the network connected to this printer.
So, after a long and tedious research, we finally succeeded in this mission.
In fact, we found several critical vulnerabilities in all-in-one printers which allowed us to ‘faxploit’ the all-in-one printer and take complete control over it by sending a maliciously crafted fax.
Tomi Engdahl says:
Joseph Cox / Motherboard:
Verizon, T-Mobile, Sprint, and AT&T hit with class action lawsuits for selling customer location data
Verizon, T-Mobile, Sprint, and AT&T Hit With Class Action Lawsuit Over Selling Customers’ Location Data
https://motherboard.vice.com/en_us/article/3k3dv3/verizon-tmobile-sprint-att-class-action-lawsuit-selling-phone-location-data
The lawsuits come after a Motherboard investigation showed AT&T, Sprint, and T-Mobile sold phone location data that ended up with bounty hunters, and The New York Times covered an instance of Verizon selling data.
Tomi Engdahl says:
Cecilia Kang / New York Times:
Sources: FTC commissioners remain divided along the party lines on whether to hold Mark Zuckerberg personally liable for Facebook’s future privacy violations
Facebook Faces a Big Penalty, but Regulators Are Split Over How Big
https://www.nytimes.com/2019/05/04/technology/federal-trade-commission-facebook-mark-zuckerberg.html
The F.T.C. chairman seems to have the votes to approve a settlement. One of the biggest issues has been whether to hold Mark Zuckerberg liable for future violations.
Tomi Engdahl says:
Mozilla releases Firefox 66.0.4 with fix disabled add-ons issue
https://www.zdnet.com/article/mozilla-releases-firefox-66-0-4-with-fix-disabled-add-ons-issue/
Mozilla rolls out permanent fix for “disabled add-ons” issue after releasing a temporary patch a day before.
Tomi Engdahl says:
In a first, Israel responds to Hamas hackers with an air-strike
Israel military said it bombed building housing Hamas cyber forces.
https://www.zdnet.com/article/in-a-first-israel-responds-to-hamas-hackers-with-an-air-strike/
For the first time, Israel has used brute military force to respond to a Hamas cyber-attack, three years after NATO proclaimed “cyber” an official battlefield in modern warfare.
The “bomb-back” response took place on Saturday when Israel Defense Forces (IDF) launched an air-strike against a building in the Gaza Strip they claimed it housed Hamas cyber operatives, which had been engaging in a cyber-attack against Israel’s “cyberspace.”
Tomi Engdahl says:
Hackers steal card data from 201 online campus stores from Canada and the US
Magecart group breached PrismRBS and modified the PrismWeb e-commerce platform.
https://www.zdnet.com/article/hackers-steal-card-data-from-201-online-campus-stores-from-canada-and-the-us/
Tomi Engdahl says:
A spearphishing email may have compromised the election system in one Florida county during the 2016 presidential election, apparently enabling Russian hackers to rummage through the system.
Russian Hackers Were ‘In a Position’ to Alter Florida Voter Rolls, Rubio Confirms
https://www.nytimes.com/2019/04/26/us/florida-russia-hacking-election.html
A single line in the long-anticipated Mueller report about a breach in a Florida county’s elections system has state officials scrambling.
Tomi Engdahl says:
https://semiengineering.com/week-in-review-iot-security-auto-43/
AppRiver reports that in a survey of executives at small to medium-size businesses, 55% of the respondents said they would pay a ransom to hackers to retrieve their stolen data. Among professionals at larger SMBs, 74% said they “definitely would pay ransom at almost any price” to get their data back or prevent it from being stolen.
Most SMBs would pay a hacker a ransom to get their stolen data back
https://www.techrepublic.com/article/most-smbs-would-pay-a-hacker-a-ransom-to-get-their-stolen-data-back/
Social media apps and websites are the biggest potential threat vectors to businesses, according to an AppRiver report.
Tomi Engdahl says:
AT&T Cybersecurity has a survey report available, “Confidence: The perception and reality of cybersecurity threats.” More than 700 attendees at the recent RSA Conference were surveyed. Phishing was cited by 29% of respondents as a leading cyberthreat to all companies, while cloud security threats were noted by 27%.
https://alienvault.com/resource-center/analyst-reports/perception-reality-cybersecurity-threats
Tomi Engdahl says:
Critical Flaws Found in Eight Wireless Presentation Systems
https://threatpost.com/bugs-wireless-presentation-systems/144318/
Crestron, Barco wePresent, Extron ShareLink and more wireless presentation systems have an array of critical flaws.
Tomi Engdahl says:
Qakbot levels up with new obfuscation techniques
https://blog.talosintelligence.com/2019/05/qakbot-levels-up-with-new-obfuscation.html
Qakbot, also known as Qbot, is a well-documented banking trojan that has been around since 2008. Recent Qakbot campaigns, however, are utilizing an updated persistence mechanism that can make it harder for users to detect and remove the trojan. Qakbot is known to target businesses with the hope of stealing their login credentials and eventually draining their bank accounts.
Tomi Engdahl says:
“MegaCortex” ransomware wants to be The One
https://news.sophos.com/en-us/2019/05/03/megacortex-ransomware-wants-to-be-the-one/
The sudden appearance of a new ransomware on a large number of enterprise networks was not the May Day gift anyone wanted
A new ransomware that calls itself MegaCortex got a jolt of life on Wednesday as we detected a spike in the number of attacks against Sophos customers around the world, including in Italy, the United States, Canada, the Netherlands, Ireland, and France. The attackers delivering this new malware campaign employed sophisticated techiques in the attempt to infect victims.
The attack was triggered, in at least one victim’s environment, from a domain controller inside an enterprise network whose administrative credentials the attacker seems to have obtained, in what appears to be a hands-on break in.
Tomi Engdahl says:
New MegaCortex Ransomware Found Targeting Business Network
https://www.bleepingcomputer.com/news/security/new-megacortex-ransomware-found-targeting-business-networks/
Tomi Engdahl says:
Mirrorthief Group Uses Magecart Skimming Attack to Hit Hundreds of Campus Online Stores in US and Canada
https://blog.trendmicro.com/trendlabs-security-intelligence/mirrorthief-group-uses-magecart-skimming-attack-to-hit-hundreds-of-campus-online-stores-in-us-and-canada/
Tomi Engdahl says:
Feds Bust Up Dark Web Hub Wall Street Market
https://krebsonsecurity.com/2019/05/feds-bust-up-dark-web-hub-wall-street-market/
Federal investigators in the United States, Germany and the Netherlands announced today the arrest and charging of three German nationals and a Brazilian man as the alleged masterminds behind the Wall Street Market (WSM), one of the world’s largest dark web bazaars that allowed vendors to sell illegal drugs, counterfeit goods and malware.
Tomi Engdahl says:
What a pain in the Azzz-ure: Microsoft Azure, SharePoint, etc knocked offline by DNS blunder
Technical term for today’s three-hour outage is TITSUP: Total Inability To Support Users’ Packets
https://www.theregister.co.uk/2019/05/02/microsoft_azure_outage_dns/
Tomi Engdahl says:
A hacker is wiping Git repositories and asking for a ransom
Hacker threatens to release the code if victims don’t pay in 10 days.
https://www.zdnet.com/article/a-hacker-is-wiping-git-repositories-and-asking-for-a-ransom/
Tomi Engdahl says:
Multiple Sierra Wireless AirLink Routers Open to Remote Code Execution
https://threatpost.com/sierra-wireless-airlink-remote-code-execution/144332/
Critical flaws in the software of Sierra Wireless’ AirLink routers enable an array of malicious attacks.
Sierra Wireless is warning that additional AirLink router models, which are targeted toward IoT applications, are vulnerable to previously-disclosed critical flaws.
The vulnerabilities are part of the 11 critical bugs disclosed on Sierra Wireless’ AirLink ES450 LTE router last week – only now, Sierra Wireless has extended the impact of those flaws to 11 other router models that are using the ALEOS software.
Tomi Engdahl says:
Double blow to dark web marketplaces
https://www.europol.europa.eu/newsroom/news/double-blow-to-dark-web-marketplaces
Two prolific dark web marketplaces have been taken down in simultaneous global operations, supported by Europol: the Wall Street Market and the Silkkitie (known as the Valhalla Marketplace)
Those responsible for the world’s second largest illegal online market in the dark web, Wall Street Market, were also arrested in Germany, and two of the highest-selling suppliers of narcotics were arrested in US.
Finnish authorities shut down Silkkitie earlier this year. When the same traders moved their activities to another illegal trade site on Tor, German authorities brought their illegal activities to an end
Tomi Engdahl says:
Catalin Cimpanu / ZDNet:
Some Git source code repositories, including at least 392 from GitHub, have been wiped and replaced with a ransom demand in a possible coordinated attack
A hacker is wiping Git repositories and asking for a ransom
Hacker threatens to release the code if victims don’t pay in 10 days.
https://www.zdnet.com/article/a-hacker-is-wiping-git-repositories-and-asking-for-a-ransom/
Tomi Engdahl says:
Mozilla Bans Firefox Extensions Containing Obfuscated Code
https://www.securityweek.com/mozilla-bans-firefox-extensions-containing-obfuscated-code
Mozilla this week announced plans to update its Add-on Policy for Firefox, to ban extensions that contain obfuscated code.
The change, which will enter into effect on June 10, 2019, is expected to allow the Internet organization to respond faster to reports of malicious extensions.
Tomi Engdahl says:
CrowdStrike Endpoint Security Platform Now Detects Firmware Attacks
https://www.securityweek.com/crowdstrike-endpoint-security-platform-now-detects-firmware-attacks
CrowdStrike announced this week that its Falcon endpoint security platform now includes new capabilities for detecting firmware attacks and auditing security-related settings in the BIOS.
Tomi Engdahl says:
New Strain of Android Malware Found on Third-Party App Store
https://www.securityweek.com/new-strain-android-malware-found-third-party-app-store
Tomi Engdahl says:
Norsk Hydro counts cost of ransomware attack
https://www.itproportal.com/news/norsk-hydro-counts-cost-of-ransomware-attack/
It warns partners to be extra careful of any emails coming from Norsk in this time.
Tomi Engdahl says:
2019: The Return of Retefe
https://www.proofpoint.com/us/threat-insight/post/2019-return-retefe
Retefe is a banking Trojan that historically has routed online banking traffic intended for targeted banks through a proxy instead of the web injects more typical of other bankers. In the past, Retefe campaigns have targeted Austria, Sweden, and Switzerland, among other regions, such as users of UK online banking sites. Retefe is generally delivered via zipped JavaScript as well as Microsoft Word documents
Tomi Engdahl says:
John Herrman / New York Times:
UK will outsource porn site age verification to private industry, potentially handing porn streaming giant MindGeek a monopoly on the system and private data
How the U.K. Won’t Keep Porn Away From Teens
https://www.nytimes.com/2019/05/03/style/britain-age-porn-law.html
Complying with a new law, the largest online porn company has set itself up to be the youth gatekeeper of British smut. What could go wrong?
Come July 15, 2019, internet users in Britain attempting to visit major pornography sites will be confronted with a question: How old are you? Then, a follow-up: Can you prove it?
They’ll have a few options. Users can verify their age online, by submitting official government IDs or credit card information. Or they can walk into a store and establish their eligibility to access porn the old-fashioned way: by handing money and identification over to a human being, at a participating store, in exchange for a pass.
The British government has touted its mandatory age check as a “world-first” that will help make Britain the “safest place in the world to be online,” particularly for children.
How a Law Becomes a Product
The BBFC then did some outsourcing of its own. The organization, it turned out, would not be creating or endorsing a single age verification system. Instead, it would lay out guidelines for external age verification services run by private firms. Commercial porn sites would be required to install such a system under threat of being banned, at the direction of the BBFC, by major internet service providers.
But what can the BBFC can do to ensure private data is handled correctly? “They don’t have any experience regulating an industry for privacy concerns,”
“We have a Memorandum of Understanding with the ICO,” the site says, “but we don’t duplicate their work.”
The Consolidation of Pornography
MindGeek’s largest properties are “tube sites,” as in YouTube, which allow users to upload videos of their own, and which have come to dominate online porn consumption in the last decade.
“There’s a lot about MindGeek that the average person doesn’t know,” said Jiz Lee, an adult performer and film producer, including “having built their empire off of pirated content.”
“I know that MindGeek says, ‘don’t worry, your information is safe,’ but I think we all have reason to worry,”
MindGeek has said that it will not actually collect or store any such user data through AgeID; the company will further outsource the actual age verification to separate age verification sites
“AgeID does not verify users internally,”
Jumping Over the Porn Wall
There are plenty of anxious if probable what-ifs: What if the new porn age databases get hacked? What if one of them turns out to be a scam? Or what if the British government has inadvertently helped crown MindGeek the King of Porn for Life? At least one question, however, should be answered as soon as the rules go into effect: Will they even work?
“I have never known a parental control that couldn’t be bypassed by kids,”
Tomi Engdahl says:
Self-taught Belgian bloke cracks crypto conundrum that was supposed to be uncrackable until 2034
‘It was easy, for some definition of easy,’ solver tells El Reg
https://www.theregister.co.uk/2019/04/30/cryptography_conundrum_cracked/
A cryptographic puzzle proposed two decades ago that involves roughly 80 trillion squarings has been cracked much earlier than expected – in just three and a half years.
We say cryptographic because it involves a verifiable delay function [PDF], a moderately hard cryptographic function.
The conundrum was set by Ronald Rivest in 1999, the R in RSA
Tomi Engdahl says:
Top Cybersecurity Experts Unite to Counter Right-to-Repair FUD
https://yro.slashdot.org/story/19/05/05/0546236/top-cybersecurity-experts-unite-to-counter-right-to-repair-fud?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot%2Fto+%28%28Title%29Slashdot+%28rdf%29%29
Some of the world’s leading cybersecurity experts have come together to counter electronics and technology industry efforts to paint proposed right to repair laws in 20 states as a cyber security risk. The experts have launched securepairs.org, a group that is galvanizing information security industry support for right to repair laws that are being debated in state capitols.
Security professionals for a fixable future
https://securepairs.org/
Even before we were a country, the United States was a nation of tinkerers, innovators, and fixers.
The right of owners to repair, re-use, fix, modify, and improve the stuff they own is central to our identity as a nation. For three centuries, an implicit right to repair – grounded in Common Law – has been central to the United States’ growth and development as a nation. It was the foundation for American “thrift”: helping farmers, business owners and individuals endure lean times by eeking extra years and decades out of tools, equipment, automobiles, electronics and other possessions.
In the modern era, tinkering and “modding” have been core to the growth of the high- tech industry in Silicon Valley, Route 128, Research Triangle Park and elsewhere.
Tomi Engdahl says:
Vulnerabilities Found in Over 100 Jenkins Plugins
https://www.securityweek.com/vulnerabilities-found-over-100-jenkins-plugins
A researcher has discovered vulnerabilities in more than 100 plugins designed for the Jenkins open source software development automation server and many of them have yet to be patched.
Security flaws in 100+ Jenkins plugins put enterprise networks at risk
https://www.zdnet.com/article/security-flaws-in-100-jenkins-plugins-put-enterprise-networks-at-risk/
NCC Group researcher finds security flaws impacting more than 100 Jenkins plugins.
Tomi Engdahl says:
Kate Fazzini / CNBC:
Research: cybercriminal organizations often mimic legit businesses, hiring “CEOs” and project managers, setting quarterly goals, and competing for customers
Cybercrime organizations work just like any other business: Here’s what they do each day
https://www.cnbc.com/2019/05/05/heres-what-cybercriminals-do-during-the-workday.html
Tomi Engdahl says:
Israel Retaliates To A Cyber-Attack With Immediate Physical Action In A World First
https://www.forbes.com/sites/kateoflahertyuk/2019/05/06/israel-retaliates-to-a-cyber-attack-with-immediate-physical-action-in-a-world-first/amp/
The Israel Defense Forces (IDF) has launched a physical attack on Hamas in immediate response to an alleged cyber-assault. The IDF hit a building in the Gaza Strip with an airstrike after claiming the site had been used by Hamas cyber operatives to attack Israel’s cyber space.
Tomi Engdahl says:
In a first, Israel responds to Hamas hackers with an air strike
https://www.zdnet.com/article/in-a-first-israel-responds-to-hamas-hackers-with-an-air-strike/#ftag=RSSbaffb68
Israel military said it bombed building housing Hamas cyber forces.
Tomi Engdahl says:
Binance says more than $40 million in bitcoin stolen in ‘large scale’ hack
https://techcrunch.com/2019/05/07/binance-breach/?tpcc=ECFB2019
In a statement, the company said hackers stole API keys, two-factor codes and other information in the attack.
Binance traced the cryptocurrency theft — more than 7,000 bitcoins
“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time,”
Tomi Engdahl says:
Cars locking out drivers in Perth shopping centre car park
https://www.perthnow.com.au/technology/security/cars-locking-out-drivers-in-perth-shopping-centre-car-park-ng-b881129133z.amp?__twitter_impression=true
“I called Lakeside Joondalup and they said to me the matter has been given to the police as there is a hacking device in the car park somewhere,” he said.
Joondalup Police said they were aware of the issue but ‘no evidence of criminality’ had been identified.
The Australian Communications and Media Authority has told the centre’s management the cause of disruption could be as simple as an internet modem.
Or could it be a doorbell?
Tomi Engdahl says:
Researchers uncover Microsoft Exchange malware remotely controlled via steganographic PDF and JPG email attachments
Turla LightNeuron: An email too far
https://www.welivesecurity.com/2019/05/07/turla-lightneuron-email-too-far/
Tomi Engdahl says:
Facebook talked privacy, Google actually built it
F8 and I/O, night and day
https://techcrunch.com/2019/05/07/show-dont-tell/
Tomi Engdahl says:
Lily Hay Newman / Wired:
CIA announces its own Tor onion service for allowing people to browse its site anonymously, including submitting tips and instructions to contact the agency
https://www.wired.com/story/cia-sets-up-shop-on-tor/
Tomi Engdahl says:
Israel Bombs Hamas Cyber HQ in Response to Cyberattack
https://www.securityweek.com/israel-bombs-hamas-cyber-hq-response-cyberattack
Israel Neutralizes Cyber Attack by Blowing Up A Building With Hackers
https://thehackernews.com/2019/05/israel-hamas-hacker-airstrikes.html
The Israel Defense Force (IDF) claims to have neutralized an “attempted” cyber attack by launching airstrikes on a building in Gaza Strip from where it says the attack was originated.
As shown in a video tweeted by IDF, the building in the Gaza Strip, which Israeli fighter drones have now destroyed, was reportedly the headquarters for Palestinian Hamas military intelligence, from where a cyber unit of hackers was allegedly trying to penetrate Israel’s cyberspace.
Tomi Engdahl says:
Devin Coldewey / TechCrunch:
Microsoft announces ElectionGuard, an open source platform for securely handling voting data, available this summer with a pilot during the 2020 elections — When it comes to voting, we’ve come a long way from dropping pebbles into an amphora, but still not nearly far enough …
Microsoft aims to modernize and secure voting with ElectionGuard
https://techcrunch.com/2019/05/06/microsoft-aims-to-modernize-and-secure-voting-with-electionguard/
When it comes to voting, we’ve come a long way from dropping pebbles into an amphora — but still not nearly far enough if the lack of confidence in our election systems is any indication. Microsoft is the first major tech company to take on this problem with a new platform it calls ElectionGuard that promises to make elections more secure and transparent — and yes, it’s free and open source.
Set to be made available this summer and piloted during the 2020 elections, ElectionGuard is not a complete voting machine, but rather a platform for handling voting data that can either empower existing systems or have new ones built on top of it.
The basic idea is to let voters track their votes securely and privately, while also allowing authorities to tabulate, store and, if necessary, audit them.
Protecting democratic elections through secure, verifiable voting
https://blogs.microsoft.com/on-the-issues/2019/05/06/protecting-democratic-elections-through-secure-verifiable-voting/
Tomi Engdahl says:
In a first, Israel responds to Hamas hackers with an air strike
https://www.zdnet.com/article/in-a-first-israel-responds-to-hamas-hackers-with-an-air-strike/
Israel military said it bombed building housing Hamas cyber forces.
For the first time, Israel has used brute military force to respond to a Hamas cyberattack, three years after NATO proclaimed “cyber” an official battlefield in modern warfare.
The “bomb-back” response took place on Saturday when Israel Defense Forces (IDF) launched an air strike against a building in the Gaza Strip. They claimed it housed Hamas cyber operatives, which had been engaging in a cyberattack against Israel’s “cyberspace.”
We were ahead of them all the time,” said Brigadier General D., the head of the IDF’s cyber defense division. “The moment they tried to do something, they failed.”
Israeli officials did not disclose any details about the Hamas cyberattack; however, they said they first stopped the attack online, and only then responded with an air strike.
US did it first
Israel’s response to the Hamas’ attempted cyberattack is a turning point in modern warfare, where military action was chosen instead of a typical “hack-back” response.
In 2015, the US became the first country to respond with military force to cyberattacks, when it used a drone strike to kill Junaid Hussain, a British citizen who was in charge of ISIL’s hacker groups, and who was responsible for dumping personal details of US military forces online, via Twitter.
NATO Declares Cyber an Official Warfare Battleground, Next to Air, Sea and Land
A cyber-attack may now trigger a full military response
https://news.softpedia.com/news/nato-declares-cyber-as-official-battleground-next-to-air-sea-and-land-505388.shtml
Tomi Engdahl says:
Malvertiser behind 100+ million bad ads arrested and extradited to the US
https://www.zdnet.com/article/malvertiser-behind-100-million-bad-ads-arrested-and-extradited-to-the-us/
Ukrainian man behind slew of fake companies that delivered malicious ads on legitimate sites.
Tomi Engdahl says:
Mozilla releases Firefox 66.0.4 with fix disabled add-ons issue
https://www.zdnet.com/article/mozilla-releases-firefox-66-0-4-with-fix-disabled-add-ons-issue/#modal-absolute-59b54168-f02d-45bf-a2ce-d15dd114fb41
Mozilla rolls out permanent fix for “disabled add-ons” issue after releasing a temporary patch a day before.
Tomi Engdahl says:
https://www.theregister.co.uk/2019/05/07/security_roundup/
‘Hamas hackers’ bombed: Israeli Defence Forces claim they destroyed a building in the Gaza Strip on Saturday said to be used by Hamas hackers. The Palestinian militants were targeted in the air strike in response to cyber-attacks against Israel, the IDF said in a tweet: “We thwarted an attempted Hamas cyber offensive against Israeli targets. Following our successful cyber defensive operation, we targeted a building where the Hamas cyber operatives work. HamasCyberHQ.exe has been removed.”
IDF says it thwarted a Hamas cyber attack during weekend battle
https://www.timesofisrael.com/idf-says-it-thwarted-a-hamas-cyber-attack-during-weekend-battle/
In addition to fighting digital threat, Israeli Air Force also bombs headquarters of terror group’s technology division in Gaza
Tomi Engdahl says:
Matthieu Faou / WeLiveSecurity:
Researchers detail how LightNeuron, a backdoor used by espionage group Turla, has been specifically targeting Microsoft Exchange mail servers since 2014
Turla LightNeuron: An email too far
https://www.welivesecurity.com/2019/05/07/turla-lightneuron-email-too-far/
ESET research uncovers Microsoft Exchange malware remotely controlled via steganographic PDF and JPG email attachments
Tomi Engdahl says:
Zack Whittaker / TechCrunch:
Several people suspected of involvement in running Deep Dot Web, a site facilitating access to dark web sites, arrested by FBI and others in several countries — The FBI have arrested several people suspected of involvement in running Deep Dot Web, a website for facilitating access to dark web sites and marketplaces.
FBI has seized Deep Dot Web and arrested its administrators
https://techcrunch.com/2019/05/07/deep-dot-web-arrests/
The FBI have arrested several people suspected of involvement in running Deep Dot Web, a website for facilitating access to dark web sites and marketplaces.
Tomi Engdahl says:
Frederic Lardinois / TechCrunch:
To curb tracking, Google says anti-fingerprinting tech is coming in Chrome and devs must explicitly opt-in for cookies that are meant to be used across sites — Google today announced a major new initiative around its Chrome browser that will, in the long run, introduce significant changes …
Google strengthens Chrome’s privacy controls
https://techcrunch.com/2019/05/07/googles-chrome-will-soon-get-new-privacy-features-with-better-cookie-controls-and-anti-fingerprinting-tech/
Google today announced a major new initiative around its Chrome browser that will, in the long run, introduce significant changes to how Chrome handles cookies and enhance its users’ privacy across the web.
With this move, Google is making cookies more private and also adding new anti-fingerprinting technology to its browser. While some of the changes here are happening in the Chrome browser, developers, too, will have to prepare for this change and adapt their cookies to this new reality.
Tomi Engdahl says:
New York Times:
At Google I/O, Sundar Pichai pitched privacy for everyone, going against the company’s history of data collection, one week after a similar push from Facebook
Google Says It Has Found Religion on Privacy
https://www.nytimes.com/2019/05/07/technology/google-privacy-tools.html