Naked Security

Hacked Bulgarian database reaches online forums

Naked Security

Data on millions of people stolen from the Bulgarian government has already popped up on hacker trading forums.

A hacker originally stole the data from the National Revenue Agency (NRA), which is part of Bulgaria’s Ministry of Finance, sending media outlets a link to the downloadable copy last Monday, 15 July 2019. The NRA confirmed this in a statement on its website.

Full article

Forbes

Russia’s Secret Intelligence Agency Hacked: ‘Largest Data Breach In Its History’

Forbes

Red faces in Moscow this weekend, with the news that hackers have successfully targeted FSB—Russia’s Federal Security Service. The hackers managed to steal 7.5 terabytes of data from a major contractor, exposing secret FSB projects to de-anonymize Tor browsing, scrape social media, and help the state split its internet off from the rest of the world. The data was passed to mainstream media outlets for publishing.

FSB is Russia’s primary security agency with parallels with the FBI and MI5, but its remit stretches beyond domestic intelligence to include electronic surveillance overseas and significant intelligence-gathering oversight. It is the primary successor agency to the infamous KGB, reporting directly to Russia’s president.

A week ago, on July 13, a hacking group under the name 0v1ru$ that had reportedly breached SyTech, a major FSB contractor working on a range of live and exploratory internet projects, left a smiling Yoba Face on SyTech’s homepage alongside pictures purporting to showcase the breach. 0v1ru$ had passed the data itself to the larger hacking group Digital Revolution, which shared the files with various media outlets and the headlines with Twitter—taunting FSB that the agency should maybe rename one of its breached activities “Project Collander”.

Full article

Ars Technica

My browser, the spy: How extensions slurped up browsing histories from 4M users

Ars Technica

When we use browsers to make medical appointments, share tax returns with accountants, or access corporate intranets, we usually trust that the pages we access will remain private. DataSpii, a newly documented privacy issue in which millions of people’s browsing histories have been collected and exposed, shows just how much about us is revealed when that assumption is turned on its head.

DataSpii begins with browser extensions—available mostly for Chrome but in more limited cases for Firefox as well—that, by Google’s account, had as many as 4.1 million users. These extensions collected the URLs, webpage titles, and in some cases the embedded hyperlinks of every page that the browser user visited. Most of these collected Web histories were then published by a fee-based service called Nacho Analytics, which markets itself as “God mode for the Internet” and uses the tag line “See Anyone’s Analytics Account.”

Full article

ctmagazin

Logitech keyboards and mice vulnerable to extensive cyber attacks

ctmagazin

Several Logitech keyboards, mice and wireless presenters suffer from security vulnerabilities, Not only can attackers eavesdrop on keystrokes, they can even infect the host system. c’t has established which products are affected and what you should do now.

A large range of Logitech wireless input devices is vulnerable to wireless attacks and can pose a security risk. That is the conclusion of security expert Marcus Mengs, with whom c’t has been in touch for quite some time. Mengs investigation of the wireless connections of several Logitech devices has uncovered numerous weaknesses. They affect keyboards and mice as well as remote controls known as wireless presenters.

The vulnerabilities allow an attacker to eavesdrop on keystrokes from wireless keyboards. Everything an affected user types, from e-mails to passwords, is readily available to the adversary. But it gets worse: An attacker can send any command to the victim’s computer if a vulnerable Logitech-device is installed. And that makes it easy to infect the computer with malicious code without the rightful owner taking notice.

Mengs demonstrates how to infect a system with a backdoor (remote shell) through which he can control the system remotely by radio. In a way, it’s an elegant hack, because he simply piggybacks on the wireless Logitech connection to infect the system and to communicate with the backdoor. That means even computers who are not online are ripe for the hack.

Full article

WIRED

How to Protect Our Kids’ Data and Privacy

WIRED

YouTube is currently under investigation by the Federal Trade Commission following complaints that the platform improperly collected data from young users. It’s unclear how much data this might be, but there’s reason to believe it could be a lot. For many kids, YouTube has replaced television; depending on how parents use online platforms, children could begin to amass data even before birth.

Full article

Miscellanious

More about keys.openpgp.org

After a fairly busy week the number of verified e-mail addresses on keys.openpgp.org has doubled. From approx. 2000 addresses to roughly 4000.

Have you uploaded your key to keys.openpgp.org and verified your e-mail address? Have you abandoned the vulnerable servers like sks-keyservers.net? If not – we recommend you to do so now!

ZDNet

Mozilla: No plans to enable DNS-over-HTTPS by default in the UK

ZDNet

After the UK’s leading industry group of internet service providers named Mozilla an “Internet Villain” because of its intentions to support a new DNS security protocol named DNS-over-HTTPS (DoH) inside Firefox, the browser maker told ZDNet that such plans don’t currently exist.

“We have no current plans to enable DoH by default in the UK,” a spokesperson ZDNet last night.

Full article

ZDNet

Reports say China is installing surveillance apps on some visitors’ phones

ZDNet

It has been reported that China’s border guards are installing surveillance apps on the phones of some visitors as part of the government’s ever-increasing mass surveillance regime in the Xinjiang province.

According to an investigation by the Guardian, The New York Times, and Germany’s Süddeutsche Zeitung, the “secret” app allows for personal information to be downloaded. The app was discovered to be installed on the phones of visitors entering the country from Kyrgyzstan.

The report says people using the remote Irkeshtam border crossing into the country have routinely had their phones screened by guards. The Irkeshtam crossing is China’s most westerly border and is used by traders and tourists, some following the historic Silk Road.

The publication said specifically that the app extracts emails, text messages, contact information, as well as handset information. Visitors have not been informed this is happening.

Full article

WIRED

Ransomware Hits Georgia Courts As Municipal Attacks Spread

WIRED

Ransomware has no shortage of cautionary tales and wakeup calls from the past decade. But for local governments, this past year has been a particularly brutal reminder of the threat. Following a 2018 attack that paralyzed the City of Atlanta for weeks, more than half a dozen cities and public services across the country have fallen to ransomware so far in 2019, on a near-monthly basis; the Administrative Office of the Georgia Courts became the latest victim on Saturday, when an attack knocked its systems offline.

Full article