I Know, Let’s Hack the Guy Who We Claimed Hacked Us…

Musk’s treatment of Tripp threatens to complicate this legal and regulatory mess. The security manager at the Gigafactory, an ex-military guy with a high-and-tight haircut named Sean Gouthro, has filed a whistleblower report with the SEC. Gouthro says Tesla’s security operation behaved unethically in its zeal to nail the leaker. Investigators, he claims, hacked into Tripp’s phone, had him followed, and misled police about the surveillance. Gouthro says that Tripp didn’t sabotage Tesla or hack anything and that Musk knew this and sought to damage his reputation by spreading misinformation.

Matt Robinson and Zeke Faux in Businessweek on how Elon Musk, and Tesla, sought to discredit and harass Gigafactory employee Martin Tripp.

1 week ago

IMPORTANT PUBLISHING NOTICE – METACURITY POSTS WILL RESUME MARCH 30

Metacurity will not be posting new items starting March 15 as we take an exciting break and recharge our batteries and muse on how we can deliver value to our readers and visitors. But we’ll be back on March 30, so mark your calendars. Wishing everyone a safe, happy, healthy and comfortable two weeks as spring arrives and the world becomes new again.
1 week ago

Senators Ask for Details About Cyber Attacks Against Senate, Request Annual Statistics

Senator Ron Wyden (D-OR) and Senator Tom Cotton (R-AR), members of the Senate Intelligence Committee, have requested the US Senate Sergeant at Arms disclose details about cyber attacks against the Senate and its members. Although they say they understand that some data about cyber-attacks might need to remain confidential as part of ongoing investigations, or because of its sensitive nature, they say they need more data to have informed debates and allocate funds to improve the Senate and senators’ cyber-security protections. The Senators are requesting that the Sergeant’s office provide annual statistics about cyber-attacks and also commit to disclosing breaches impacting the US Senate within five days of their discovery. (ZDNet)
1 week ago

Google Adds Privacy-Oriented DuckDuckGo, Other Browsers, As Default Search Engines in Chrome

In an update to its Chromium engine, search giant Google has quietly updated the lists of default search engines it offers per market for its Chrome browser, including pro-privacy Google rival, DuckDuckGo, which is now being offered as an option in more than 60 markets. Although Google says the search engine references per country is being “completely replaced based on new usage statistics” from “recently collected data,” some observers note that Google added its rivals at a time when it is facing rising privacy and antitrust scrutiny and accusations of market power. (TechCrunch)
1 week ago

Facebook Faces Criminal Investigation Into Data Deals It Struck With Top Technology Companies, Report

Prosecutors with the United States attorney’s office for the Eastern District of New York are conducting a criminal investigation into data deals Facebook struck with some of the world’s largest technology companies. A grand jury in New York has subpoenaed records from at least two prominent makers of smartphones and other devices, according to two people who were familiar with the requests. Both companies, more than 150, including Amazon, Apple, Microsoft and Sony, had entered into agreements with Facebook to gain broad access to the social media giant’s user data. (New York Times)
1 week ago

Nearly Half of UK Organizations Have Fallen Victim to Phishing Attacks Over Past Two Years

Despite the intensive training at organizations regarding the danger of clicking on links that may very well lead to malware infections, 45 percent of UK organizations were compromised by phishing attacks between 2016 and 2018 and 54 percent had identified instances of employees replying to unsolicited emails or clicking the links in them, according to research undertaken by Sapio Research for security company Sophos. Larger organizations are more likely to fall victim to phishing attacks, with 54 percent of organizations that have between 500 and 1,000 employees fallen victim to phishing in the past two years, compared to 39 percent for firms with 250 to 500 staff. (ZDNet)
2 weeks ago

New Android Malware, SimBad, Hidden in More Than 200 Apps, Was Downloaded More Than 150 Million Times

A new kind of mobile adware dubbed SimBad, hidden in over two hundred Android apps was downloaded more than 150 million times from Google’s Play Store, according to researchers at Checkpoint. The malware masquerades as an ad-serving platform, although it has the potential to evolve into a larger threat. Unbeknownst to the app developers, the malware would open a backdoor to install additional malware as a way to dodge Google’s app store scanning. The top ten infected games amounted to 55 million downloads alone. Google has pulled all the affected apps from the Play Store. (TechCrunch)
2 weeks ago

Australian Man Arrested and Charged With Stealing, Selling One Million Netflix, Spotify and Hulu Account Credentials

A 21-year-old unidentified Sydney man was arrested and charged with stealing one million Netflix and Spotify accounts from Australians and selling them for profit. The FBI tipped off Australian Federal Police about a local link to an “account generator” website named WickedGen.com which sold stolen account details for entertainment streaming services like Netflix, Spotify, and Hulu. Before it was shut down, WickedGen.com boasted it had more than 120,000 users. Australian police say that WickedGen.com made AU$300,000 (around $213,000 in U.S. dollars) through the sale of the stolen credentials. The arrested man will face five charges relating to unauthorized data access, providing technology circumvention, dealing with proceeds of crime, false or misleading information and dealing in identification information, with the most serious charge carrying a maximum of 20 years in prison. (Yahoo Finance)
2 weeks ago

Indonesia Is Battling Wave of Cyber Attacks From Both Russia and China Chief Election Official Says

As Indonesia heads for simultaneous presidential and legislative elections on April 17, the country is facing a wave of attacks on its voter database from both Russia and China, according to Arief Budiman, the head of Indonesia’s General Elections Commission. Some of the attacks include efforts to “manipulate or modify” content as well as to create so-called ghost voters, or fake voter identities, almost on an hourly basis, according to Budiman. The country is also battling disinformation campaigns and claims of widespread voter fraud. (Bloomberg)
2 weeks ago

Navy Is ‘Under Cyber Siege’ From Chinese, Other Hackers Who Have Exploited Critical Weaknesses to Steal National Security Secrets Internal Navy Review Says

The Navy and its various industry partners are “under cyber siege” from Chinese and other hackers who have stolen tranches of national security secrets in recent years, exploiting critical weaknesses that threaten the U.S.’s standing as the world’s top military, an internal Navy review has concluded. Secretary of the Navy Richard Spencer launched the recently concluded review in October. Reports last week indicate that Chinese hackers have targeted more than two dozen universities in the US and elsewhere in an attempt to steal military secrets, particularly those related to maritime technology. (Wall Street Journal)
2 weeks ago

Microsoft Issues Security Patches for 64 Vulnerabilities, While Adobe Issues Fixes for ColdFusion, Photoshop and Digital Editions

Microsoft released security patches for 64 CVEs along with four advisories. The patches cover Internet Explorer (IE), Edge, Exchange Server, ChakraCore, Microsoft Windows, Office and Microsoft Office Services and Web Apps, NuGet package manager, Team Foundation Services and the .NET Framework. Of these 64 CVEs, 17 are rated Critical, 45 are rated Important, one is rated Moderate, and one is rated Low in severity. Adobe also issued its security updates, with a fix for a ColdFusion flaw that was being exploited in the wild and patches for bugs in Photoshop and Adobe Digital Editions. (Zero Day Initiative)
2 weeks ago

Mozilla’s Firefox Launches Send, A Free Web-Based Service for Sharing Encrypted Files

Mozilla’s Firefox has launched Send, a free, intuitive, web-based service that lets you share large encrypted files, at no cost. The end-to-end encrypted Send works in any browser and offers security controls that allow users to file when their file ink expires, the number of downloads, and whether to add an optional password for an extra layer of security. Send also allows users to send very large files, up to 1GB quickly.and  up to 2.5GB if the users sign up for a free Firefox account. (Wired)
2 weeks ago

App for Trump-Supporting Conservatives, ’63red Safe,’ Leaked User Records and Business Reviews, Company Says Researcher’s Discovery of Leak Was ‘Politically Motivated Attack’

A new mobile app called “63red Safe,” described as the “Yelp for conservatives,” designed to guide Trump supporters to places where they feel safe expressing their conservative views and lifestyles, is leaking user records and business reviews, according to French security researcher Baptiste Robert, also known by his handle Elliott Anderson. The app’s source code contains the credentials of its author, but also a list of API endpoints to which it connects to store or retrieve data, which can be extracted because the backend AP doesn’t use any form of authentication. Robert was able to determine that 4,466 users had registered and created profiles since the app’s launch over the weekend and was able to retrieve information such as username, email, avatar, follower count, following count, profile creation/update dates, a ban status, and something called a “hotscore.” In a statement, the app said it had fixed the problem but suggested that Robert’s research reflects “conservatives particularly have come under attack for their political beliefs” and is a politically motivated attack. 63red Safe said it has contacted the FBI about bringing Robert to justice. (ZDNet)
2 weeks ago

Researchers Find Cryptographic Backdoor in Internet Voting System Switzerland Plans to Launch

An international group of researchers found a cryptographic backdoor in the code for an Internet voting system that Switzerland plans to roll out later this year that would allow someone to alter votes without detection. The flaw could allow someone to swap out all of the legitimate ballots and replace them with fraudulent ones, all without detection. The researchers, led by Sarah Jamie Lewis, a former computer scientist for England’s GCHQ intelligence agency, presented their findings to Swiss Post, the country’s national postal service, which developed the system with the Barcelona-based company Scytl. Swiss Post said it asked Scytl to fix the flaw but expressed skepticism over the degree to which the flaw could be exploited because an attacker would need control over Swiss Post’s secured IT infrastructure “as well as help from several insiders with specialist knowledge of Swiss Post or the cantons.” (Motherboard)
2 weeks ago

Sir Tim Berners-Lee Calls for Governments to Translate Laws for Digital Age to Fight Hacking, Disinformation, Harassment and Polarization

On the 30th anniversary of the world wide web, Sir Tim Berners-Lee, the inventor of the web, said that governments must “translate” laws for the digital age to prevent malicious behavior online, including state-sponsored hacking, viral spread of misinformation, online harassment and the “polarised tone of online discourse.” Sir Berners-Lee has grown increasingly vocal over the ways in which the web has become increasingly abused and last year launched a  “Contract for the Web” that laid out a set of principles to keep the internet free and open. (The Telegraph)
2 weeks ago

Russia Blocks Encrypted Email Provider ProtonMail Amid Growing Protests Over Country’s Proposed Internet Controls

In the midst of mass protests against a proposed Russian law that would segment Russia from the rest of the world’s Internet, Russia’s Federal Security Service, formerly the KGB, has ordered Internet providers to enforce a block against encrypted email provider ProtonMail after accusing the company and several other email providers of facilitating bomb threats. Twenty-six Internet addresses were blocked by the order, including several servers used to scramble the final connection for users of privacy-oriented browser Tor. ProtonMail chief executive Andy Yen called the block “particularly sneaky” because the Internet providers are blocking access to the email servers but ProtonMail users can still open their inboxes. They just receive no new emails. (TechCrunch)