Privacy Roundup #0126 • January 2017
January 2017 opened the Trump era with an order stripping privacy protections from non-citizens, while ransom crews wiped exposed databases and surveillance vendors learned they could be hacked too.
1. Trump order strips Privacy Act protections from non-citizens
President Trump signed an executive order on 25 January directing agencies to exclude people who are not citizens or lawful permanent residents from Privacy Act protections. Lawyers warned the move could undermine the EU-US Privacy Shield and the data flows that depend on it.
2. Phone-cracking firm Cellebrite loses 900GB to a hacker
A hacker took 900GB of data from Cellebrite, the Israeli company whose tools let police pull data off seized phones. The cache held customer records, databases and technical detail about the firm's extraction products.
3. The Guardian's WhatsApp 'backdoor' claim draws fierce pushback
The Guardian reported that a key-change behaviour in WhatsApp amounted to a backdoor that could let messages be intercepted. WhatsApp and a long line of cryptographers rejected the framing, calling the feature a normal design choice rather than a deliberate flaw.
4. Ransom crews wipe thousands of exposed MongoDB databases
Attackers raced to empty unsecured MongoDB instances left open on the internet, deleting the data and leaving notes that demanded bitcoin for its return. Roughly a quarter of all reachable MongoDB servers, some 10,000 of them, were hit within days.
5. FTC sues D-Link over insecure routers and cameras
The Federal Trade Commission filed a complaint accusing D-Link of leaving its routers and internet cameras open to hackers while marketing them as secure. Regulators pointed to hard-coded credentials and command-injection flaws that could expose live video and audio feeds.
6. FDA confirms St. Jude cardiac devices can be hacked
The Food and Drug Administration warned that vulnerabilities in St. Jude Medical's radio-enabled pacemakers and the Merlin@home transmitter could let an attacker change a device's programming. A software patch began rolling out the same day to reduce the risk of battery drain or improper shocks.
7. Lavabit, Snowden's old email host, relaunches
Ladar Levison brought back Lavabit, the encrypted mail service he shut in 2013 rather than hand over keys to the FBI. The relaunch, timed to Trump's inauguration, was built around a new end-to-end protocol called DIME.
8. Border agents demand social media data from Americans
Civil rights complaints described US border officers pressing citizens to hand over social media handles and phone passcodes on their way back into the country. The EFF argued the practice intruded on both First and Fourth Amendment rights.
9. ESEA gaming network breach leaks 1.5 million profiles
Data on roughly 1.5 million members of the e-sports league ESEA surfaced online after the group refused a 100,000 dollar extortion demand. The exposed records included usernames, emails, phone numbers, private messages and hashed passwords.
10. Netgear flaw exposes router admin passwords
A bug in dozens of Netgear router models let an attacker pull the administrator password in plain text through a password-recovery page. Trustwave found thousands of vulnerable devices reachable from the internet and warned the true count ran far higher.
11. Europe proposes a tougher ePrivacy Regulation
The European Commission published its draft ePrivacy Regulation on 10 January, extending confidentiality rules to services such as WhatsApp, Messenger and Skype. The text covered both the content and the metadata of communications and aimed to sit alongside the incoming GDPR.
→ www.dataprotectionreport.com
12. EU lawmakers warn Trump order could shatter Privacy Shield
Members of the European Parliament reacted angrily to the Trump order, with some calling for the immediate suspension of the EU-US Privacy Shield. Analysts noted that a separate Judicial Redress Act designation might preserve protections for Europeans despite the order's wording.
13. Shadow Brokers announce retirement and dump Windows hacking tools
On 12 January the group calling itself the Shadow Brokers said it was quitting after failing to sell the cache of cyber-weapons it claimed to have taken from the NSA. As a parting gift it released dozens of tools for hacking Windows machines, several of which antivirus engines already flagged as malicious.
14. Charger ransomware sneaks onto the Google Play Store
Check Point found Android ransomware named Charger hidden inside an app called EnergyRescue on the official Play Store. The app posed as a battery saver while stealing contacts and text messages, then locked the phone and demanded bitcoin.
15. Breach lookup site LeakedSource goes dark after raid
LeakedSource, which let anyone search billions of records from past breaches, vanished offline amid reports of a law enforcement raid. The site had drawn criticism for serving stolen credentials to the public rather than quietly warning victims.
16. Database ransom attacks spread to CouchDB and Hadoop
After the MongoDB wave, the same kind of attackers moved on to CouchDB and Hadoop servers left open online. Some demanded ransoms in the style of the earlier campaign, while one group wiped Hadoop stores outright and left only a taunting marker.
17. Spora ransomware arrives with offline encryption and a slick payment site
A new strain called Spora encrypted files without needing to contact a server, making it harder to disrupt. It paired strong cryptography with an unusually professional payment portal that offered tiered prices for decryption and immunity.
18. DDoS attack knocks Lloyds online banking offline
Lloyds Banking Group's online services were disrupted for parts of three days in mid-January by a distributed denial-of-service attack. The attackers reportedly demanded around 94,000 dollars in bitcoin, and the bank said no customer money was lost.
19. Trump's cyber adviser runs an outdated, vulnerable website
Security researchers found that Rudy Giuliani, named as Trump's cybersecurity adviser, ran a company website on a five-year-old build of Joomla riddled with known flaws. The site exposed dozens of public vulnerabilities and several ready-made exploits.
20. Old gaming forum breach exposes 2.5 million accounts
Records from the XBOX360 ISO and PSP ISO forums, taken in a 2015 hack, were added to breach trackers and made public. The data covered roughly 2.5 million accounts, including email addresses, IP addresses and hashed passwords.
Enjoyed this post?
Well, you could share the post with others, follow me with RSS Feeds and/or send me a comment via email.
Tags
Category:
Year: