The Golden Tax Department and the Emergence of GoldenSpy Malware

Found on Trustwave on Friday, 26 June 2020
Browse Software

We identified an executable file displaying highly unusual behavior and sending system information to a suspicious Chinese domain. Discussions with our client revealed that this was part of their bank’s required tax software.

Basically, it was a wide-open door into the network with SYSTEM level privileges and connected to a command and control server completely separate from the tax software’s network infrastructure.

We believe that every corporation operating in China or using the Aisino Intelligent Tax Software should consider this incident a potential threat and should engage in threat hunting, containment, and remediation countermeasures, as outlined in our technical report.

In communist China, computer owns you.

Comcast, Mozilla strike privacy deal to encrypt DNS lookups in Firefox

Found on Ars Technica on Thursday, 25 June 2020
Browse Internet

Comcast is partnering with Mozilla to deploy encrypted DNS lookups on the Firefox browser, the companies announced today. Comcast's version of DNS over HTTPS (DoH) will be turned on by default for Firefox users on Comcast's broadband network, but people will be able to switch to other options like Cloudflare and NextDNS.

Firefox CTO Eric Rescorla said that "bringing ISPs into the TRR program helps us protect user privacy online without disrupting existing user experiences," and that Mozilla hopes today's news "sets a precedent for further cooperation between browsers and ISPs."

So DoH is getting forced down the throat of everybody to protect their privacy, because traditional DNS offered by your ISP lets them snoop on you, and now Comcast joins TRR, but of course now it won't snoop on you anymore. Really now? DoH has proven it's failure.

Facebook accused of trying to bypass GDPR, slurp domain owners' personal Whois info

Found on The Register on Wednesday, 24 June 2020
Browse Internet

Earlier this month, the CEO of domain registrar Namecheap Richard Kirkendall warned “Facebook is fighting for the blanket right to access your information,” and detailed efforts behind the scenes at DNS overseer ICANN to force through Facebook’s interpretation of privacy laws to slurp data on domain holders.

Facebook has been particularly aggressive, filing tens of thousands of requests for data on domains that are often only tangentially related to its trademarks and insisting its rights are being infringed. When those requests have been rebuffed, Facebook has then sued the companies that people used to register the names, claiming trademark infringement and demanding $100,000 in compensation.

But so far at least, the antisocial network – whose entire business is built on grabbing, storing and monetizing this kind of data – is determined to keep pushing its claims, even if it delays the creation of a new system for everyone else.

Hopefully the big registrars won't give in. Facebook is collecting way too much data and anybody who believes the whois information will not be merged into the databases with (shadow) profiles also believes in unicorns.

German Payments Group Wirecard Says $2.1 Billion of Cash is Missing

Found on Slashdot on Tuesday, 23 June 2020
Browse Legal-Issues

The company was told by EY that there were indications a trustee of Wirecard bank accounts had attempted "to deceive the auditor" and that "spurious cash balances" might have been provided to EY by a third party.

Investors' enthusiasm for the company, whose aggressive expansion was masterminded by Markus Braun, its chief executive and largest shareholder, catapulted it into Germany's prestigious Dax 30 index two years ago with a market value of $27 billion. It slumped to less than $5.6 billion on Thursday as its shares plunged almost 70%

That's a little more than just an "accident".

Adobe Flash Is Actually Going to Die This Time, For Real

Found on Gizmodo on Monday, 22 June 2020
Browse Software

Three years ago, long after the rise (and fall) of Flash, Adobe announced that its once-ubiquitous multimedia platform was finally going away. But Adobe never provided a specific date for when Flash would reach its end-of-life. Now we know: Adobe Flash is going to officially die on December 31, 2020.

For a software platform that lasted more than two decades and played a huge part in the Dot-com bubble of the late 90s and early 2000s, Flash lasted a lot longer than most people probably ever expected.

Also, Flash was one of the worst pieces of software from a security point of view. It should have vanished a decade ago.

Businesswoman's computer hacking revenge 'ruined' firm

Found on The York Press on Sunday, 21 June 2020
Browse Legal-Issues

Outside court, police said the victim had told them her actions had led to the company collapsing and job losses.

Detective Constable Steven Harris, of North Yorkshire Police’s Cyber Crime Unit, said: “During our investigation, it became clear that Bulley had left the original company on a bad note, but the deletion of thousands of files containing vital information was catastrophic for the victim.

Not to sound rude, but that's exactly what backups are for. If your entire company relies on the uptime of a Dropbox account, you're out of business sooner or later.

Have we become too reliant on Big Tech firms?

Found on BBC News on Saturday, 20 June 2020
Browse Various

It's not just Amazon that has been used more during the pandemic. Apple and Android smartphones and tablets, Facebook's apps and Microsoft tools have provided crucial links with friends, family and colleagues.

Before the pandemic, there had been scrutiny on Big Tech. The US House Judiciary antitrust subcommittee sent requests for information to Amazon, Apple, Google owner Alphabet and Facebook in September 2019, with the government concerned that only a small number of companies hold such a big share of the digital market.

People are too reliant on them for years already. Worse, people know that they are basically abused in exchange for services that work like drugs.

To evade detection, hackers are requiring targets to complete CAPTCHAs

Found on Ars Technica on Friday, 19 June 2020
Browse Internet

Microsoft recently spotted an attack group distributing a malicious Excel document on a site requiring users to complete a CAPTCHA, most likely in an attempt to thwart automated detection by good guys.

Periodically changing up attack routines is one way attackers stay ahead of defenders, creating a never-ending back-and-forth process that requires constant vigilance for defenders to stay on top of. It’s likely the attack group will change course again in the coming months.

Captchas are bad enough already. If someone mails you anything that brings up a captcha, ignore it. Even if it is legit.

Hacker Bypasses GE's Ridiculous Refrigerator DRM

Found on Vice on Thursday, 18 June 2020
Browse Technology

Earlier this year, we brought you the sordid tale of the GE refrigerator that won’t dispense filtered water unless consumers pay extra for “official” filters from the company.

For reference, third-party filters cost as little as $13; GE filters cost $55. I’m gonna go ahead and call this a “hack,” because they’re bypassing an artificial software lock to circumvent DRM, which is, at least in spirit, a hack, and a cool one at that.

Why would you even buy a fridge that locks you down to overpriced replacement parts?

Coronavirus second waves emerge in several US states as they reopen

Found on New Scientist on Wednesday, 17 June 2020
Browse Various

More than a dozen US states have seen a surge in covid-19 cases in recent weeks. Many of them, including Arizona, North Carolina, Oregon and Florida, are experiencing spikes in confirmed cases as they lift stay-at-home orders – so is reopening to blame? Yes, among other factors, say experts.

What a surprise! Not.