Security News > 2020 > December

Australia's consumer watchdog launched legal action against Facebook on Wednesday, alleging the social media giant "Misled" thousands of Australians by collecting user data from a free VPN service advertised as private. The Australian Competition and Consumer Commission has accused Facebook and two of its subsidiaries - Facebook Israel and Onavo Inc - of misleading people who downloaded its virtual private network app Onavo Protect, by collecting and using their "Very detailed and valuable personal activity data".

In 2010, in a different world where no one has heard about lockdowns and social distancing, I wrote an article on SecurityWeek - The Optimist's Cybercrime Predictions for 2011. Not only to look at my predictions in the view of a single year, but of an entire decade.

A group of cybercriminals used mobile emulators to spoof thousands of mobile devices , which enabled them to steal millions of dollars within days. Targeting financial institutions in Europe and the United States, the mobile banking fraud operation relied on over 20 emulators to spoof more than 16,000 mobile devices and access compromised accounts.

SolarWinds has released a second hotfix for its Orion platform in response to the recent breach, and the company has decided to remove from its website a page listing some of its important customers. Shortly after news of the breach broke, the company informed customers about the availability of a hotfix, but promised to release a second hotfix that replaces the compromised component and provides additional security enhancements.

As the list of known organizations compromised by way of the SolarWinds supply chain attack is slowly growing - according to Reuters, the attackers also breached U.S. Department of Homeland Security's systems, the State Department, and the National Institutes of Health - Microsoft has decided that its Defender Antivirus will start blocking/quarantining the known malicious SolarWinds binaries today - even if the process is running. As security researcher Vinoth Kumar pointed out, the attackers might have easily compromised the company's update server by using a password that was published on their public Github repository for over a year or, as several Reuters sources noted, they might have bought access to SolarWinds' computers through underground forums.

The SF Chronicle is reporting, and the FBI is confirming, that a Melbourne mathematician and team has decrypted the 1969 message sent by the Zodiac Killer to the newspaper. There's no paper yet, but there are a bunch of details in the news articles.

Britain's Telecommunications Security Bill will allow anyone to sue their telco if they suffer "Loss or damage" as a result of a system breach - but only if they get Ofcom's permission. Buried in the details away from the China-bashing stuff is a potentially heavy stick to be wielded by telco regulator Ofcom, pitting baying crowds against telecoms operators.

Some of America's most deeply held secrets may have been stolen in a disciplined, monthslong operation being blamed on elite Russian government hackers. Thomas Rid, a Johns Hopkins cyberconflict expert, said the campaign's likely efficacy can be compared to Russia's three-year 1990s "Moonlight Maze" hacking of U.S. government targets, including NASA and the Pentagon.

Threat actors behind an ongoing worldwide mobile banking fraud campaign were able to steal millions from multiple US and EU banks, needing just a few days for each attack. While emulators are not malicious tools, the group behind this campaign used them for malicious purposes emulating compromised devices or setting up what looked like new devices picked up by the compromised accounts' owners.

Fraud detection methods that don't look at this step are overlooking a gold mine of data. Login: Looking at login is another great way to detect fraud.