Huawei HKSP Introduces Trivially Exploitable Vulnerability

5/11/2020 Update: We were contacted this morning by Huawei PSIRT who referenced an email by the patch author to the KSPP list: https://www.openwall.com/lists/kernel-hardening/2020/05/10/3 and stated that "The patchset is not provided by Huawei official but an individual. And also not used in any Huawei devices." They asked if we would update the description of the article to correct this information.

Based on publicly-available information, we know the author of the patch is a Huawei employee, and despite attempts now to distance itself from the code after publication of this post, it still retains the Huawei naming. Further, on information from our sources, the employee is a Level 20 Principal Security staffer, the highest technical level within Huawei.

The Github repository mentioned in the article had a commit added to it this morning that inserted a notice to the top of the README file, distancing the code from Huawei. This commit was (intentionally or not) backdated to Friday when the repository was created, creating the impression that we somehow intentionally ignored pertinent information that was readily available. This is obviously untrue, and examining the contents of https://api.github.com/repos/cloudsec/hksp/events proves the commit was pushed to the repo this morning.

We replied to Huawei PSIRT's mail and mentioned that we'd be fine with mentioning the patches aren't shipping on any Huawei devices (I believed it already to be unlikely given the poor code quality), but regarding the other claim (particularly due to the surreptitious Github repo edit), we'd have to also include the additional information we discovered.

👉🏼 Read more:
https://grsecurity.net/huawei_hksp_introduces_trivially_exploitable_vulnerability

https://www.openwall.com/lists/kernel-hardening/2020/05/10/3

https://api.github.com/repos/cloudsec/hksp/events

#huawei #PSIRT #hksp #exploitable #kernel #hardening #vulnerability
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

The StartPage.com interview: please submit your questions!

Deadline for questions to StartPage.com runs until 1 June!
Last week, press spokesman Jörg Bauer called me because he wanted to complain about the content of Sunny's article more than five months after its publication. He would never act for a data octopus, he assured me. Our presentation was misleading or simply incorrect in some points. Since nobody can remember a catalogue of points of criticism presented by telephone, I asked for a transmission by e-mail. But before he could do that, we developed the idea for a community interview. It makes much more sense to ask open questions yourself instead of overloading an ancient contribution with additions. Mr. Bauer thinks the idea is good and immediately agreed to the action.

Lets get this done!
Everyone can now participate to their heart's content. There are many things that can be addressed. If the answers from Startpage.com are too evasive, we would then go back and ask questions. Several times if necessary. But hopefully this will not be necessary.

Please keep in mind: Ask your questions in a consistently constructive manner! With hostility or the like we will not get anywhere. Either way, the deadline will expire on 1.6.2020. Unfortunately we cannot accept any further questions after that date. As usual, we will sort the questions according to their content, work on them, add our own ideas and send them to you. We hope for a lively participation in this exciting topic.

👉🏼 Please ask your questions in one of the following TG-Groups:

@BlackBox▪️Security
or
@NoGoolag

❗️please mark your questions with #startpage

Read more 🇩🇪:
https://tarnkappe.info/die-suchmaschine-startpage-com-im-interview-bitte-fragen-einreichen/

#startpage #interview
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

butter_bot - Telegram Bot for managing groups

I manage your telegram groups. I use TLG_JoinCaptchaBot for captchas.
Features:

bot protection: verify new users with captchas, auto kick spamming bots

log protection: let me manage your invitation links; bots can not even join your group

notes: add notes for your user

connect: manage your group settings in private

auto-delete: I do not spam your group, messages are automatically deleted

Log Protection

You probably never saw a log protection like that before(I didnt).

Any usual bot-protection solution verifies "users" after they joined your group. Any bad bot can dump your whole group history before it fails the verification.

This solution verifies users before they can join your group!

Set your group to private

Activate Log Protection with /protection

Tell users to ask me for an invitation link in private chat

I will create an invitation link for the user if he passes the captcha

I revoke the invitation link after a timeout, or after the user joined your group

Only the verified user can join your group. If another user uses the generated link, I will kick him and revoke the link

ButterBot TG Channel:
https://t.me/butter_bot_info

ButterBott on GitHub:
https://github.com/v1nc/butter_bot

#butterbot #tg #group #bot #v1nc
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Angela Merkel says ‘hard evidence’ she was target of Russian hackers

Der Spiegel magazine reported last week that Russia's GRU military intelligence service appeared to have got hold of many emails from Merkel's constituency office in 2015

German Chancellor Angela Merkel has cited 'hard evidence' that she was the target of Russian hacking.

The Spiegel magazine reported last week that Russia's GRU military intelligence service appeared to have got hold of many emails from Merkel's constituency office in a 2015 hack attack on Germany's parliament.

Moscow has denied previous allegations of hacking abroad.

Ms Merkel said she "will keep trying to improve ties with Russia", but admitted the hacking attack did not make Germany's efforts any easier.

"I will strive for good relations with Russia because I think there is every reason to continue our diplomatic efforts but it doesn't make it easier," she told told the Bundestag lower house of parliament when asked about the hack.

👉🏼 Read more:
https://www.independent.co.uk/news/world/europe/angela-merkel-russia-hackers-emails-gru-latest-a9512026.html

#germany #merkel #russia #gru #hacked #hackers
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Congress plans to expand Patriot Act with DOJ access to your web browsing and search activity without a warrant

The infamous Patriot Act, which uses the threat of terrorism to expand surveillance over American citizens, is up for renewal under the USA FREEDOM Reauthorization Act – which is set to be voted on soon. Specifically, Section 215 of the Patriot Act allows the government to ask record keepers for records relating to ongoing investigations. As if the original phone metadata siphoning provisions of the Patriot Act aren’t enough, Senator Mitch McConnell (R-KY) has introduced an amendment which would allow the Department of Justice (DOJ) to have access to anybody’s web browsing and search history under Section 215.

The impetus of the reauthorization amendment is the ongoing investigation into President Trump and possible collusion with the Kremlin. Essentially, the amendment allows Attorney General Bill Barr to look at the web browsing history of any American without a warrant – citizen or not – if he simply claims that it is related to the ongoing investigation. Senator Rob Wyden (D-OR) explained to The Daily Beast:

“Under the McConnell amendment, Barr gets to look through the web browsing history of any American—including journalists, politicians, and political rivals—without a warrant, just by saying it is relevant to an investigation.”

👉🏼 Read more:
https://www.privateinternetaccess.com/blog/congress-plans-to-expand-patriot-act-with-doj-access-to-your-web-browsing-and-search-activity-without-a-warrant/

#USA #Congress #patriotact #DOJ #phone #metadata #surveillance #privacy #why #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

EU official calls for law against encryption

The European Union should finally bring forward legislation to break the trend of unregulated encryption. The anti-terrorism coordinator calls for this in a letter that we are publishing. Meanwhile, NGOs are forming a Global Coalition for Encryption.

Law enforcement and judicial aspects of encryption

Introduction
Some emerging trends in encryption have gained a lot of attention lately. Several recent changes to the encryption practices of service providers [online service providers (OSPs) and telecommunication providers], including many more planned to be implemented in the coming months, have been in the international news and prompted public responses from governments, particularly among partner countries such as the US.

This paper aims to present the state of play of the evolving issues in the field of encryption that are disrupting the ability of Member States and EU Agencies to carry out their vital law enforcement and judicial roles through limiting the possibility for lawful access to data (in transit – lawful interception – or at rest, including in clouds) that they currently have at their disposal. The technical addendum includes more detail on the various forms of encryption.

The note also intends to stimulate a discussion of the proposed recommendations in COSI, on steps the EU and its Member states can take to address the situation, notably legislative solutions, but also by proactively engaging at technical level with service providers. It thereby hopes to contribute to continue to develop effective responses towards the evolving trends of encryption at the European level, to position the EU and its Member States not only as the protectors of their citizens‘ personal data, but also of their security, including victim’gs rights and to ensure that law enforcement does not lose valuable tools because of technological developments. Impunity for serious crimes must be avoided.

👉🏼 Read more:
https://netzpolitik.org/2020/eu-beamter-fordert-gesetz-gegen-verschluesselung/#2020-05-08_EU-Counter-Terror_LEA-Encryption

👉🏼 Read more 🇩🇪:
https://netzpolitik.org/2020/eu-beamter-fordert-gesetz-gegen-verschluesselung/

#eu #law #encryption #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

India's Contact Tracing App Is All But Mandatory. So This Programmer Hacked It So That He Always Appears Safe.

A software engineer from Bangalore was worried about being forced to download Aarogya Setu. So he ripped its guts out.

For days, Jay, a software engineer in Bangalore, watched with mounting alarm as people in India were forced to install the government’s coronavirus contact tracing app. Then, he rolled up his sleeves and ripped its guts out.

“I didn’t like the fact that installing this app is slowly becoming mandatory in India,” said Jay, who requested a pseudonym to speak freely. “So I kept thinking of what I could personally do to avoid putting it on my phone.”

Jay started work at 9 a.m. on a Saturday. He chopped away at the app’s code to bypass the registration page that required people to sign up with their cellphone numbers. More pruning let him bypass a page that requested personal information like name, age, gender, travel history, and COVID-19 symptoms. Then, he carved away the permissions that he viewed as invasive: those requiring access to the phone’s Bluetooth and GPS at all times

By 1 p.m., the app had become a harmless shell, collecting no data but still flashing a green badge declaring that the user was at low risk of infection.

“That was my goal,” said Jay. “I succeeded. You can show the green badge to anyone if they ask to check your phone and they won’t be able to tell.”

👉🏼 Read more:
https://www.buzzfeednews.com/article/pranavdixit/india-aarogya-setu-hacked

#hacked #india #coronavirus #tracing #app
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

EU-funded COVID-19 app ‘listens to voices and coughs’

A recently launched EU-funded mobile application records users’ breathing and coughing to diagnose cases of COVID-19, scientists involved in the project have said.

The initiative, which has been developed by researchers at Cambridge University and partially funded by the European Research Council through Project EAR, aims to build up a large, crowdsourced dataset in order to develop machine learning algorithms to be used in automatic disease detection.

It will collect demographic and medical information from users, in addition to “spoken voice samples, breathing and coughing samples through the phone’s microphone.”

In an attempt to allay privacy fears, researchers say that the app will collect ‘one coarse grain location sample’ but that it would not track users, only recording location data once when are actively using the software.

“The data will be stored on University servers and be used solely for research purposes,” the university added.

“There are very few large datasets of respiratory sounds, so to make better algorithms that could be used for early detection, we need as many samples from as many participants as we can get,” said Professor Cecilia Mascolo from Cambridge’s Department of Computer Science and Technology, the lead team on the app.

“Even if we don’t get many positive cases of coronavirus, we could find links with other health conditions.”

👉🏼 Read more:
https://www.euractiv.com/section/digital/news/eu-funded-covid-19-app-listens-to-voices-and-coughs/

#coronavirus #eu #tracing #tracking #app #privacy #surveillance
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Man who called Duterte ‘buang’ on Facebook arrested for cyberlibel

MANILA, Philippines — A 41-year-old man was arrested in Agusan del Norte for his Facebook post criticizing President Rodrigo Duterte and Senator Christopher “Bong” Go on Wednesday afternoon.

Caraga police director Brig. Gen. Joselito Esquivel arrested Reynaldo Orcullo, who is a salesman living in Barangay Triangulo, Nasipit town, for alleged libelous statements posted on Facebook, which supposedly called the President “foolish.”

👉🏼 Read more:
https://newsinfo.inquirer.net/1275073/man-from-agusan-del-norte-nabbed-for-controversial-post-vs-bong-go-duterte

#DeleteFacebook #philippines #freespeak #duterte #buang #arrested #cyberlibel
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

The US Senate just voted to let the FBI access your browser history without a warrant

In a major blow to citizens’ privacy, the US Senate voted today to give law enforcement agencies such as the FBI and CIA the power to look into your browser history without a warrant. Thanks, Mitch McConnell.

Senators Ron Wyden from Oregan and Senator Steve Daines of Montana led the charge to insert privacy protections into the Patriot Act, which gives law enforcement agencies power for surveillance in order to maintain national security. However, the privacy protection amendment fell short by just one vote, as many senators who may have voted in favor of it didn’t show up.

[Read: Using ‘personalized AI’ to end coronavirus lockdown is a stupid, cruel idea]

This vote is a setback to the privacy of citizens at multiple levels. There’s already a growing level of concern among privacy advocates as governments around the world are using the coronavirus pandemic as a shield to insert new surveillance measures without any guardrails.

Evan Greer, the deputy director of Fight For The Future, a non-profit digital advocacy group, told Motherboard that the Patriot Act should be repealed in its entirety:

"The Patriot Act should be repealed in its entirety, set on fire, and buried in the ground. It’s one of the worst laws passed in the last century, and there is zero evidence that the mass surveillance programs it enables have ever saved a single human life."

👉🏼 Read more:
https://thenextweb.com/security/2020/05/14/the-us-senate-just-voted-to-let-the-fbi-access-your-browser-history-without-a-warrant/

#USA #Congress #patriotact #DOJ #phone #metadata #surveillance #privacy #why #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Why You Should Remove DOOM Eternal from your PC Immediately

CLARIFICATION: Denuvo Anti-Tamper is NOT the same as Denuvo Anti-Cheat.

Denuvo Anti-Tamper (henceforth DAT) is software used to obfuscate code during the compiling process. This makes it harder for pirates/crackers to crack the software through reverse engineering. This software has no bearing on the operating system but is built into the executable. It may cause game performance issues at times but that is the extent of it. DAT is what people generally are talking about when they say a game has "Denuvo".

Denuvo Anti-Cheat (henceforth DAC) is the new anti-cheat introduced with update 1. It is an EXTREMELY invasive anti-cheat software that runs at ring-0 (kernel level) of your operating system. Read the thread for more information

Please do not make the error of thinking these two things are the same.

❗️ NOTE: To make it extra clear. The fact that we were NOT INFORMED that such an intrusive piece of software would be added to the game before purchase is unacceptable. Worse yet, it's required to be running to so much as run the game, multiplayer or not. People are bringing to my attention that some other games use similar anti-cheats. That does not make them any less dangerous and the lack of knowing such software would be employed before purchase makes this doubly unacceptable.

👉🏼 Read more:
https://bethesda.net/community/topic/407885/why-you-should-remove-doom-eternal-from-your-pc-immediately

https://www.reddit.com/r/Doom/comments/gjzi01/why_you_should_remove_doom_eternal_denuvo/

#doom #antitamper #dat #denuvo #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

HTTP Status Codes Command This Malware How to Control Hacked Systems

A new version of COMpfun remote access trojan (RAT) has been discovered in the wild that uses HTTP status codes to control compromised systems targeted in a recent campaign against diplomatic entities in Europe.

The cyberespionage malware—traced to Turla APT with "medium-to-low level of confidence" based on the history of compromised victims—spread via an initial dropper that masks itself as a visa application, the Global Research and Analysis Team at Kaspersky discovered.

The Turla APT, a Russian-based threat group, has a long history of carrying out espionage and watering hole attacks spanning various sectors, including governments, embassies, military, education, research, and pharmaceutical companies.

First documented by G-Data in 2014, COMpfun received a significant upgrade last year (called "Reductor") after Kaspersky found that the malware was used to spy on a victim's browser activity by staging man-in-the-middle (MitM) attacks on encrypted web traffic via a tweak in the browser's random numbers generator (PRNG).

👉🏼 Read more:
https://thehackernews.com/2020/05/malware-http-codes.html

https://securelist.com/compfun-http-status-based-trojan/96874/

#cyberespionage #malware #http #hacked
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Microsoft warns on COVID-19 cyber-scams

Microsoft is warning about new phishing scams that use COVID-19 as a lure to steal personal information.

The phishing campaigns attempt to deliver malware called Lokibot, “one of the first malware families to use COVID-19 lures,” Microsoft Security Intelligence said in a tweet this week.

Phishing, a widely-used tactic by scammers, uses an email that appears to be from a reputable source and attempts to trick recipients into handing over sensitive personal information like usernames, passwords, and credit card information.

👉🏼 Read more:
https://www.bleepingcomputer.com/news/security/microsoft-warns-of-covid-19-phishing-spreading-info-stealing-malware/

https://www.foxnews.com/tech/microsoft-warns-on-covid-19-cyber-scams

#microsoft #warning #coronavirus #malware #phishing #scammers #lokibot
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

These are the 37 Senators that voted to let the FBI seize your internet history without a warrant

A key amendment to the USA Freedom Reauthorization Act of 2020 that would have required authorities to obtain a warrant before gaining access to American internet browsing and search history just failed on the Senate floor by a single vote. For those that are unaware, key parts of the Patriot Act – namely the mass surveillance section – is currently unauthorized and needs to be reauthorized by Congress to stay in effect.

The current bill under consideration to do that is called the US FREEDOM Reauthorization Act of 2020 and Senate Majority Leader Mitch McConnell has snuck in an amendment that would allow the Federal Bureau of Investigation (FBI) and Department of Justice (DOJ) to seize internet search and browsing history if they claim it is tied to an active investigation. To try and stop this, Senators Wyden and Daines introduced their own amendment that would stop the FBI from being able to get that information without a warrant – as makes sense. That amendment needed 60 votes to pass, and only received 59 Wednesday afternoon.

37 Senators voted against an amendment that would have stopped the FBI from being able to seize your internet search and browsing history

All in all, 27 Republicans and 10 Democrats voted against the amendment and 4 senators were no-shows. One of the senators that didn’t vote is under self quarantine due to a staff member testing positive for COVID-19. But where were the other 3 senators? Here’s who voted against the Wyden-Daines Amendment to the USA Freedom Reauthorization Act of 2020 that would have blocked McConnell’s plan to let FBI collect web browsing history without a warrant:

👉🏼 Read more:
https://www.privateinternetaccess.com/blog/these-are-the-37-senators-that-voted-to-let-the-fbi-seize-your-internet-history-without-a-warrant/

#USA #Congress #patriotact #DOJ #phone #metadata #surveillance #privacy #why #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Linux not Windows: Why Munich is shifting back from Microsoft to open source – again

Munich's flip-flop back to open source is the latest sign of Germany's political sea change over proprietary software.

In a notable U-turn for the city, newly elected politicians in Munich have decided that its administration needs to use open-source software, instead of proprietary products like Microsoft Office.

"Where it is technologically and financially possible, the city will put emphasis on open standards and free open-source licensed software," a new coalition agreement negotiated between the recently elected Green party and the Social Democrats says.

The agreement was finalized Sunday and the parties will be in power until 2026. "We will adhere to the principle of 'public money, public code'. That means that as long as there is no confidential or personal data involved, the source code of the city's software will also be made public," the agreement states.

👉🏼 Read more:
https://www.zdnet.com/article/linux-not-windows-why-munich-is-shifting-back-from-microsoft-to-open-source-again/

#OpenSource #linux #munich
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Hackers target the air-gapped networks of the Taiwanese and Philippine military

Third state-sponsored malware strain disclosed this week that can jump the air gap and reach isolated networks.

Hackers believed to be operating in the interests of the Chinese government have targeted the air-gapped networks of the Taiwanese and the Philippine military.

Trend Micro says the attacks have been carried out by a group known as Tropic Trooper, also known as KeyBoy.

Attacks involved the use of USBferry, a malware strain that contains a feature allowing it to self-replicate to removable USB devices, such as thumb drives and portable storage systems.

Trend Micro says the point of these attacks was to allow hackers to reach inside air-gapped (isolated, internet-disconnected) networks operated by the Taiwanese and the Philippine militaries, and other targets.

The malware would infect a system with fewer security protections, then wait for a USB device to be connected, infect the device, and wait to be ferried to other parts of a victim's internal network.

On the new device, USBferry would collect sensitive documents inside the USB device's internal storage, and wait until it was ferried back to another internet-connected device, where it would send the data back to Tropic Trooper's command and control servers.

Attacks have been going on for six years
Trend Micro says it's been tracking attacks with the USBferry malware since 2018, but that older incidents have been traced back to 2014 when Tropic Trooper appears to have deployed the malware for the first time.

Historically, the hacker group has been interested in stealing defense and marine-related intelligence from Taiwan and the Philippines.

👉🏼 Read more:
https://www.zdnet.com/article/hackers-target-the-air-gapped-networks-of-the-taiwanese-and-philippine-military/

#china #hackers #hacked #USBferry #taiwanese #philippine #military
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Attack against supercomputers

More than 10 high-performance data centers were hacked, including the one in the city of Garching (Germany). They are used for research on Covid-19 therapies, but those affected suspect other motives behind the attacks.

Dieter Kranzlmüller cannot explain what the hacker wanted. "Someone broke in and manipulated the system. But we don't know exactly what he did," says the head of the Leibniz computer centre in Garching near Munich. The high-performance computer SuperMUC-NG is located there. Kranzlmüller's team had to take it off the Internet this week after a hacker had gained access to the system. The Cybercrime Department of the Bavarian State Office of Criminal Investigation is investigating.

The case has shaken the research community, which depends on the expensive machines for its investigations. They are scattered internationally, but can no longer access the computers online. According to Kranzlmüller, in addition to Garching, more than ten high-performance computer centres in different countries are affected, including those in Freiburg, Stuttgart and Jülich. A "serious problem right across the academic community", is what those responsible for the super computer Archer in Edinburgh call it.

Read more 🇩🇪:
https://www.computerbase.de/2020-05/sicherheitsprobleme-europaeische-rechenzentren-supercomputer/

https://www.sueddeutsche.de/digital/supercomputer-hacker-garching-corona-1.4909397

#attack #hacker #hacked #supercumputers #datacenter #research
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Hackers who stole files from a law firm to stars like Lady Gaga and Drake doubled their ransom to $42 million and threatened to release 'dirty laundry' on Trump

Grubman, Shire, Meiselas and Sacks was recently the target of a hack by a group called REvil, which is attempting to random the information.

One of the top entertainment law firms in the US — Grubman, Shire, Meiselas and Sacks — was recently the target of a ransomware attack.

REvil, the group behind the attack, on Thursday doubled their ransom to $42 million, Page Six reported.
They also threatened to release "dirty laundry" on President Donald Trump if the amount wasn't paid.
They did not elaborate on what the material might be. Sources told Page Six that Trump had never been a client of the firm.

A hacker group that stole 756 gigabytes of data from one of top US entertainment law firms has doubled their ransom to $42 million, and threatened to release "dirty laundry" on President Donald Trump if the money is not paid.

👉🏼 Weiter auf:
https://www.businessinsider.fr/us/revil-hackers-threaten-trump-dirty-laundry-taken-from-law-firm-2020-5

#hacker #hacked #ransom #LadyGaga #drake #trump
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

🚨🚨The US Government is Seizing Massive New Surveillance Powers

We tried to warn you. The Patriot Act will soon be much stronger and more invasive.

https://news4achange.com/the-us-government-is-seizing-massive-new-surveillance-powers/

Huge, mysterious list appears online of where people met, personal information and more of tens of millions

'There's nothing you nor I can do about it,' notes security expert

A huge data dump includes the personal information of tens of millions of people and where they have met – and its origin is a mystery.

The breach includes almost 90GB of people's personal data, including details of where they have been and met people.

But there is no clue where the information has actually come from in the first place.

Though the information has been hosted publicly, and available to anyone, there is no hint about where it was first collected from.

The dump includes listings of individual people, including information on their social media sites, phone numbers and addresses. Unusually, however, it also includes details about where people have met, and information about where the people listed within the dump may know each other from.

As such, it appears that the data was probably collected from CRM, or customer relationship management, software. Users presumably took down a contact's personal information as well as a note about where they had met them to remember in future, and recorded it in a piece of software, which has since been breached.

But Troy Hunt, who tracks such data breaches and runs the website HaveIBeenPwned.com to allow users to check if they have been caught up in them, said that he had been unable to find any clue about what that software might be or how it had become public.

"Nowhere – absolutely nowhere – was there any indication of where the data had originated from," he wrote in a blog post announcing the find.

👉🏼 Read more:
https://www.independent.co.uk/life-style/gadgets-and-tech/news/data-dump-personal-information-breach-crm-a9515931.html

https://www.troyhunt.com/the-unattributable-db8151dd-data-breach/

#leak #breach #CRM
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Facebook Welcomes GIPHY as Part of Instagram Team

GIPHY, a leader in visual expression and creation, is joining the Facebook company today as part of the Instagram team. GIPHY makes everyday conversations more entertaining, and so we plan to further integrate their GIF library into Instagram and our other apps so that people can find just the right way to express themselves.

A lot of people in our community already know and love GIPHY. In fact, 50% of GIPHY’s traffic comes from the Facebook family of apps, half of that from Instagram alone. By bringing Instagram and GIPHY together, we can make it easier for people to find the perfect GIFs and stickers in Stories and Direct. Both our services are big supporters of the creator and artist community, and that will continue. Together, we can make it easier for anyone to create and share their work with the world.

👉🏼 Read more:
https://about.fb.com/news/2020/05/welcome-giphy/

#DeleteFacebook #fb #giphy #instagram
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN