Microsoft: Russian hackers are targeting sporting organizations ahead of Tokyo Olympics


Microsoft said today that a group of well-known Russian government hackers has targeted at least 16 national and international sporting and anti-doping organizations ahead of next year’s Tokyo Olympics.

The attacks have taken place in the last month after the World Anti-Doping Agency (WADA) announced a possible indiscriminate ban of all Russian athletes from all sporting events, including upcoming world championships and Olympics.

Microsoft said the attacks involved spear-phishing, password spraying, exploiting internet-connected devices, and the use of both open-source and custom malware.

Responsible for the attacks is a group of Russian state-sponsored hackers that Microsoft calls Strontium, but are more widely known as APT28 or Fancy Bear.

Full article

Naked Security

Adobe database exposes 7.5 million Creative Cloud users

Naked Security

Adobe has become the latest company to be caught leaving an Elasticsearch database full of customer data exposed on the internet.

Discovered on 19 October by data hunter Bob Diachenko and security company Comparitech, the unsecured database contained the email addresses of nearly 7.5 million customers of Adobe’s Creative Cloud, plus the following:

  • Account creation date
  • Adobe products used
  • Subscription status
  • Whether the user is an Adobe employee
  • Member IDs
  • Country
  • Time since last login
  • Payment status

That’s the email addresses of around half of Creative Cloud’s customer base although not, importantly, any of their passwords or payment information. Nevertheless, said Comparitech, spelling out the risk of phishing attacks:

Fraudsters could pose as Adobe or a related company and trick users into giving up further info, such as passwords, for example.

Judging from clues in the data, Diachenko believes it might have been exposed for around a week. It’s not possible to tell whether anyone else accessed the data during this time.

Full article


TikTok, Under Scrutiny, Distances Itself From China


TikTok, the app that revolves around sharing short video clips, is in a unique position. It’s arguably the first international social media platform to have built a massive audience in the United States, where it’s been downloaded more than 110 million times since its founding in 2017. TikTok has offices in California near competitors like Snapchat, Instagram, and YouTube, but it’s owned by ByteDance, a Chinese tech giant. As tensions between the US and China continue to escalate, that fact has become a headache for TikTok. Now the company is taking steps to distance itself publicly from its counterparts in Beijing.

This week, Senators Chuck Schumer (D-New York) and Tom Cotton (R-Arkansas) sent a letter to US intelligence officials asking them to investigate whether TikTok poses “national security risks.” In their letter, sent to Joseph Maguire, the acting director of national intelligence, the senators expressed concern about the data TikTok collects on US users and whether that information could potentially be shared with the Chinese Communist Party. They also questioned whether Tiktok censors content on its platform and said the app is a “potential counterintelligence threat we cannot ignore.”

It wasn’t the first time this month that lawmakers have questioned the security and content moderation practices of TikTok. Two weeks ago, Senator Marco Rubio (R-Florida) called for the Committee on Foreign Investment to investigate ByteDance’s 2017 acquisition of Musical.ly, a lip-syncing app popular in the US that was later merged with TikTok. On Twitter, Rubio said he was concerned TikTok is “censoring content in line with #China’s communist government directives.”

Full article


Flock Safety Says Its License Plate Readers Reduce Crime. It’s Not That Simple


On the surface, it appears as though a simple fix—installing relatively discrete license-plate readers—had an enormous positive impact. That’s the narrative Flock Safety has put forward. The company proudly touted the results of the Cobb County pilot in a press release it sent to WIRED this week, and advertises on its website that it solves “up to five crimes an hour.”

But experts say it’s not that simple, and that establishing a causal relationship between any given variable and fluctuating crime rates is no easy task. “I am not saying that the readers did not have an effect on crime—it is just that we cannot attribute any reduction in crime to the readers themselves,” says Alex Piquero, a professor of criminology at the University of Texas, Dallas.

Even police agree. “To make it very clear, we are not 100 percent positive that Flock cameras were the difference,” notes VanHoozer. “What we did see, though, is an incredible decrease in crime, starting when we put these cameras down there.”

Full article


DNS-over-HTTPS causes more problems than it solves, experts say


The DNS-over-HTTPS (DoH) protocol is not the privacy panacea that many have been advocating in recent months.

If we are to listen to networking and cybersecurity experts, the protocol is somewhat useless and causes more problems than it fixes, and criticism has been mounting against DoH and those promoting it as a viable privacy-preserving method.

The TL;DR is that most experts think DoH is not good, and people should be focusing their efforts on implementing better ways to encrypt DNS traffic — such as DNS-over-TLS — rather than DoH.

Full article


Mullvad app 2019.8

The Mullvad app version 2019.8 for Windows, macOS, and Linux has been released offering you more control over bridge connections and WireGuard key management.

None of use here at privacynow.eu use the bridge function per default, but if you do you’ve got a nice new feature in the 2019.8 release as you now in a very convenient way can choose both entry and exit node.

For Linux and macOS users, the WireGuard key management has been improved. The WireGuard performance over 4G networks has been improved.

Mullvad say a number of Windows users were suffering from DNS issues with the app. This issue has been resolved, and as a result, most Windows users should experience noticeably quicker connection times.

Other notables

  • Servers are now listed using natural sorting.
  • The list of countries and cities is now sorted alphabetically according to your app’s language setting.
  • Unavailable servers are now shown in the list rather than hidden from view.
  • (CLI users) The mullvad status command now returns only your current VPN status. If you also want your location, add –location to the command.
  • (macOS) Uninstallation is now much cleaner.

Read the full blog post about the 2019.8 release here.


Most Cyber Attacks Focus on Just Three TCP Ports


Small to mid-sized businesses can keep safe from most cyber attacks by protecting the ports that threat actors target the most. Three of them stand out in a crowd of more than 130,000 targeted in cyber incidents.

A report from threat intelligence and defense company Alert Logic enumerates the top weaknesses observed in attacks against over 4,000 of its customers.

Top TCP ports attacked

According to the report, the ports most frequently used to carry out an attack are 22, 80, and 443, which correspond to SSH (Secure Shell), the HTTP (Hypertext Transfer Protocol), and the HTTPS (Hypertext Transfer Protocol Secure).

Full article


Innocent Users Have the Most to Lose in the Rush to Address Extremist Speech Online

Elecgtronic Frontier Foundation

Internet Companies Must Adopt Consistent Rules and Transparent Moderation Practices

Big online platforms tend to brag about their ability to filter out violent and extremist content at scale, but those same platforms refuse to provide even basic information about the substance of those removals. How do these platforms define terrorist content? What safeguards do they put in place to ensure that they don’t over-censor innocent people in the process? Again and again, social media companies are unable or unwilling to answer the questions.

Full article


Yet another crap article from ZDNet

A few days ago we realised that ZDNet published an article mentioning a VPN provider, StrongVPN, in terms like “more respectful”, “great”, “simple” and “does well with its protocol options”.

The problem is that for each sold account when the user is coming from from ZDNet the magazine gets a kickback. Do you need to be a rock scientist or brain surgeon to understand that words can’t be trustworthy if a kickback is involved?

ZDNet claims to “support you need to make the right IT decisions for you”. What a joke!

Now they’ve done it again. In an article about The 10 best smartphones you can buy right now every link to Amazon ends with ?tag=zdnet-deals-20 or an equivalent. Then Amazon can track who is coming from this article and in case they buy a new cell phone Amazon can pay the kickback.

Behaviour like this is crap!


Android app released by Mullvad

The Swedish VPN provider Mullvad has released their first Android app in a beta version according a blog post published on September 20th, 2019.

Much can be said about VPN providers and their security and we recommend that you choose a supplier that meets the following requirements:

  • let you pay by cash as this probably is the most secure payment method
  • don’t log DNS requests
  • let you create an account without any information about you (name, e-mail address, phone number etc)
  • giving money back to privacy causes
  • offers WireGuard protocol

Maybe the most important thing off all – choose a VPN provider not offering an Affiliate Program as kickback is the easiest thing to offer to get higher ranking on obscure sites.