29 March 2018
Facebook will investigate apps' data access following 'breach of trust'
Facebook boss Mark Zuckerberg has said in a post on the social network that the mass harvesting of user data that political marketing firm Cambridge Analytica was allowed to carry out represented "a breach of trust between Facebook and the people who share their data with us and expect us to protect it". Speaking to WIRED, Zuckerberg detailed plans to audit apps that request extensive user data and restrict the default access apps have to users' information. However, the Facebook founder has said little to indicate that the social network would take responsibility for its role in encouraging its users to share so much information in the first place.
Crooks infiltrate Google Play with malware in QR reading utilities
Sophos Labs just alerted us to a malware family that had infiltrated Google Play by presenting itself as a bunch of handy utilities. Sophos detects this malware as Andr/HiddnAd-AJ, and the name gives you an inkling of what the rogue apps do: blast you with ads, but only after lying low for a while to lull you into a false sense of security. We reported the offending apps to Google, and they've now been pulled from the Play Store, but not before some of them attracted more than 500,000 downloads. The subterfuge used by the developers to keep Google's 'Play Protect' app-vetting process sweet seems surprisingly simple. Despite Google's failure to spot the roguery of these particular 'utilities' before blessing them into the Play Store, we nevertheless recommend sticking to Google Play if you can. Google's app vetting process is far from perfect, but the company does at least carry out some pre-acceptance checks. Many off-market Android app repositories have no checks at all – they're open to anyone, which can be handy if you're looking for unusual or highly specialised apps that wouldn't make it onto Google Play (or trying to publish unconventional content). But unregulated app repositories are also risky, for all the same reasons.
Cobalt/Carbanak bank malware gang's alleged leader arrested
Police have arrested the alleged mastermind behind the Carbanak gang: a group of cybercrooks that's targeted banks since late 2013, phishing their way into networks, infecting servers and gaining control of automated teller machines (ATMs) that they've caused to spew cash to waiting money mules. According to Europol, the alleged crime boss, whom it didn't name, was arrested in Alicante, Spain, following a joint investigation by the Spanish National Police, with the support of Europol, the US FBI, the Romanian, Belarussian and Taiwanese authorities and private cybersecurity companies. Since 2013, the gang has gone after banks, e-payment systems and financial institutions using their malware, which is known as Carbanak and Cobalt. They've hit banks in more than 40 countries: attacks that have resulted in cumulative losses of over €1 billion (USD $1.24 billion). Europol said in an announcement on Monday that just the Cobalt malware alone allowed the crooks to steal up to €10 million per heist. A spokesman for the European Banking Federation (EBF) noted in a conversation with Fortune that the gang's sophisticated Cobalt malware campaign only began in 2016, making it 'fair to say' that the total amount stolen must be significantly above €1 billion at this point. The gang's malware evolution started with the launch of the Anunak malware campaign.
ICO raids addresses in Manchester investigating 11 million nuisance text messages
The Information Commissioner's Office (ICO) has searched two addresses in Manchester as part of an investigation into companies suspected of sending millions of unsolicited text messages. ICO enforcement officers executed search warrants at offices in Stockport and a house in Sale. The operation is part of an ICO investigation into companies believed to be responsible for sending over 11 million unsolicited text messages to UK mobile numbers between January 2017 and January 2018. Thus, the ICO received 3,297 separate complaints. The text messages mainly promoted financial management services such as pensions and loans and claims management for issues such as PPI and flight cancellations. The recipients were unable to identify who the calls were from or opt out of them which is also against the law. Computer equipment and documents were seized for analysis and the ICO's enquiries into alleged breaches of the laws surrounding unsolicited telephone marketing continue.
Teenager hacks crypto-currency wallet
A hardware wallet designed to store crypto-currencies, and touted by its manufacturer as tamper-proof, has been hacked by a British 15-year-old. Hardware wallets store these private keys and can be connected to a PC via a USB port. The attack targets the device's micro-controllers, one of which stores the private key, while the other acts as its proxy to support display functions and the USB interface. The latter is less secure and is not able to differentiate between genuine firmware - software programmed into a device - and code written by an outsider. One big caveat for the method discovered by the teenager is that the attacker would need physical access to a wallet before it got into the hands of the victim - so, for instance, by buying one, altering it and then selling it on eBay or a similar online site.
Cyber Security training from QA
QA have uniquely positioned themselves to help solve the Cyber skills gap from our CyberFirst and Cyber Apprenticeship programmes and Cyber Academies to Cyber Challenges, Training and Certifications and Consultancy for Cyber Security.
They offer end-to-end Cyber training and certifications from Cyber Awareness to deep dive Cyber Programmes and solutions; from Cyber Investigations, Cyber Crisis Management, Proactive Security to Offensive Defence. QA only employ world leading Cyber trainers who have the expertise to deliver bespoke Cyber solutions, GCHQ accredited courses and proudly the CyberFirst programme. This is all to support in tackling the UK's National Cyber Security skills shortage.
QA also have state-of-the-art CyberLabs, where companies can simulate real-life Cyber-attacks on their infrastructure, helping them to prevent & combat breaches without risking their own network.
Visit cyber.qa.com for more information on how they can help solve the Cyber Security skills gap.