Censorship, Surveillance and Profits: A Hard Bargain for Apple in China
www.nytimes.com/2021/05/17/technology/apple-china-censorship-data.html Internal Apple documents reviewed by The New York Times, interviews with 17 current and former Apple employees and four security experts, and new filings made in a court case in the United States last week provide rare insight into the compromises Mr. Cook has made to do business in China.. Chinese state employees physically manage the computers. Apple abandoned the encryption technology it used elsewhere after China would not allow it. And the digital keys that unlock information on those computers are stored in the data centers theyre meant to secure.. Also https://twitter.com/matthew_d_green/status/1394394630523871233
Crypto-mining gangs are running amok on free cloud computing platforms
therecord.media/crypto-mining-gangs-are-running-amok-on-free-cloud-computing-platforms/ Over the course of the last few months, some crypto-mining gangs have switched their modus operandi from attacking and hijacking unpatched servers to abusing the free tiers of cloud computing platforms.. The list of services that have been abused this way includes the likes of GitHub, GitLab, TravisCI, LayerCI, CircleCI, Render, CloudBees CodeShip, Sourcehut, and Okteto.
Ransomware: Patient data could be ‘abused’ after health service attack, warns Irish government
www.zdnet.com/article/ransomware-patient-data-could-be-abused-after-health-service-attack-warns-irish-government/ Condemning any public release by the attackers of stolen patient data as “utterly contemptible”, officials have urged anyone who is affected to contact the Health Service Executive (HSE) or the authorities. . Press release at
Microsoft, Adobe Exploits Top List of Crooks Wish List
threatpost.com/top-microsoft-adobe-exploits-list/166241/ The exploit market is accommodating cybercrooks hunger for puncturing Microsoft products, according to Trend Micro. A second data point (see chart below) shows that 61 percent of sold exploits targeted Microsoft products, including Office, Windows, Internet Explorer and Microsoft Remote Desktop Protocol (RDP).. Researchers found that the average price for exploits that threat actors were willing to pay was $2,000. The crooks are going after fresh, tender new vulnerabilities, with 52 percent of exploits on their wish list being less than 2 years old: an age bracket that also accounts for 54 percent of exploits being sold.. Also
Latest phones are great at thwarting Wi-Fi tracking. Other devices, not so much study
www.theregister.com/2021/05/18/wifi_tracking_failures/ “We think this per-connection randomization scheme is a significant step in the right direction and has become the standard across modern mobile devices as of iOS 14 and Android 10,” Ellis Fenske, assistant professor of cyber science at the US Naval Academy told The Register, in a personal rather than institutional capacity.
EU extends sanctions against Chinese, Russian, and N. Korean hackers for another year
therecord.media/eu-extends-sanctions-against-chinese-russian-and-n-korean-hackers-for-another-year/ The European Union has extended today the legal framework that allows it to sanction foreign hackers, effectively extending its existing sanctions on Chinese, Russian, and North Korean hackers for another year, until May 18, 2022.
Cloud Configuration Risks Exposed
f.hubspotusercontent40.net/hubfs/1665891/Threat%20reports/AquaSecurity_Cloud_security_report_H1-2021.pdf There are numerous security posture issues across infrastructure as a service (IaaS) and platform as a service (PaaS) accounts, which suggests a wide-ranging lack of understanding of proper infrastructure configuration. 82.4% of environments had open to the internet issues.. 8% percent of small and midsize business users fixed every detected issue, versus only 1% of enterprise users.. More than 50% of organizations get alerts about misconfigured services that have left ports open to the world. But only 68% of these issues were fixed and even then, the average time to do so was 24 days.
Ransomware victim shows why transparency in attacks matters
www.bleepingcomputer.com/news/security/ransomware-victim-shows-why-transparency-in-attacks-matters/ On May 5th, green energy tech provider Volue suffered a Ryuk ransomware attack that impacted some of their front-end customer platforms.. Since then, Volue has been transparent about the cyberattack by providing webcasts, daily updates, and the email addresses and phone numbers for their CEO and CFO for questions about the attack.. Volue’s transparency is in stark contrast to the disclosures typically seen in ransomware attacks and should be used as a model for future disclosures.