Security summary – August 2019

Our short monthly review summarises important news and blog posts, which focus on IT security, cloud computing and privacy protection.

1. Google and Mozilla join forces to prevent Kazakhstani privacy invasion

In Kazakhstan, internet services providers have reportedly required people to install a government-issued certificate on all devices and in every browser. Now, Google and Mozilla have joined forces in an attempt to stop the Kazakhstan government from surveilling internet traffic.

Source: bbc.com

2. Serious privacy concerns pressure Apple to adapt Siri listening practices

As revealed by The Guardian, Apple has been hiring third-party contractors to listen to Apple users’ Siri commands in order to improve the product’s response. The users had no knowledge that their private recordings – some including very private information – were being shared with external parties and consequently no consent was given. In response, Apple has promised to obtain user consent before sharing Siri recordings.

Source: thehackernews.com

3. Malware in widespread Android app "CamScanner"

The popular app CamScanner is used to scan electronic documents, with more than 100M downloads. Now, researchers identified a malware in the otherwise legitimate app. It enables its creators to use infected devices to push false advertisement or even change a victim’s paid subscriptions for financial gain. The app’s developers now report to have removed the malware, yet researchers urge users to be cautious.

Source: heise.de

4. Kaspersky report reveals: DDOS attacks increase significantly

According to Kaspersky, DDoS (Distributed Denial of Service) attacks increased by 18 percent in the second quarter of 2019 compared to the same period last year. Application-level attacks also showed significant growth of 32 percent. An analysis of the commands received by Command and Control server bots revealed that the longest DDoS attack in the second quarter of 2019 lasted a full 509 hours - almost 21 days.

Source: it-business.de

5. Malware group Emotet is back from its “summer vacation”

Emotet, one of the most malicious cybercrime groups, is known for excellently executed phishing e-mails and ransomware. Since the beginning of June, the group went completely quiet: No new phishing or infection waves. The Emotet server infrastructure was even shut down. But the “summer holiday” is over now. On August 23, CERT reported that the server infrastructure had been reactivated, ready to deliver new malware modules.

Source: heise.de

6. Google initiates 'Privacy Sandbox' project to boost privacy protection in online ads

In an effort to keep a free, open and democratic internet accessible to all, Google starts a new initiative under the name of Privacy Sandbox. The goal is to develop standards that boost privacy while keeping the internet freely accessible through digital advertisements. Amongst the ideas: Google proposes to track users via category rather than individually.

Source: thehackernews.com

7. Mastercard bonus program leaked customer data

Mastercard's "Priceless Specials" bonus program has been compromised for its German users. More than 89.000 data entries were leaked. A temporarily available internet file listed names and e-mail addresses of users along with other personal data. Cyber criminals may try to use this information to create deceptive phishing mails.

Source: security-insider.de

8. Cyber-attack on German clinics by means of "old service account"

According to the authorities, a ten-year-old "service account" was the decisive weak point of the cyber-attack on eleven clinics in Rhineland-Palatinate. During the attack, the servers and databases of the clinics were encrypted and thus made inaccessible. The attack is the most comprehensive attack on the IT infrastructure in the healthcare sector in Germany to date, according to Health Minister Sabine Bätzing-Lichtenthäler (SPD).

Source: heise.de

9. Password theft on the rise

An analysis by security specialist Kaspersky reveals that 60 percent more users were affected by password theft in the first half of 2019 as compared to the same period in 2018. Users in Germany are among the most frequent targets. Over the past six months, Kaspersky has seen a high level of activity by attackers in Europe and Asia. The malware most frequently targets users in Russia (11.08 percent), India (8.33 percent), Brazil (4.90 percent), Germany (4.73 percent) and the USA (3.73 percent).

Source: it-business.de