Security News

Whether you're a small business operating out of a single office or a global enterprise with a huge and distributed corporate network, not inspecting the encrypted traffic entering and leaving can be a costly mistake, as cybercriminals are increasingly using TLS in their attacks. "A large portion of the growth in overall TLS use by malware can be linked in part to the increased use of legitimate web and cloud services protected by TLS-such as Discord, Pastebin, Github and Google's cloud services-as repositories for malware components, as destinations for stolen data, and even to send commands to botnets and other malware," noted Sean Gallagher, Senior Threat Researcher at Sophos.

Following a wave of ransomware attacks, network-attached storage appliance manufacturer QNAP Systems says it is urgently working on finding a solution to remove malware from infected NAS devices. The Taiwanese company, which makes both NAS and professional network video recorder solutions, has long been urging users to improve the security of their devices.

British infosec biz Sophos reckons just under half of malware traffic it saw in the wild during the opening three months of 2021 alone was using Transport Layer Security to encrypt both its command-and-control traffic and data exfiltration. He was open about this only being traffic observed by Sophos, meaning the true worldwide figure for TLS-encrypted malware traffic could differ.

Q4 2020 also brought a 41% increase in encrypted malware detections over the previous quarter and network attacks hit their highest levels since 2018. "The attacks are coming on all fronts, as cybercriminals increasingly leverage fileless malware, cryptominers, encrypted attacks and more, and target users both at remote locations as well as corporate assets behind the traditional network perimeter. Effective security today means prioritising endpoint detection and response, network defences and foundational precautions such as security awareness training and strict patch management."

As part of urgent efforts to fight COVID-19, a science is rapidly developing for measuring the number of encounters and the different levels of interaction in a group. At the National Institute of Standards and Technology, researchers are applying that science to a concept they have created called "Encounter metrics." They have developed an encrypted method that can be applied to a device such as your phone to help with the ultimate goal of slowing down or preventing future pandemics.

Encrypted phone network Sky Global has seemingly shut down after European police swooped on users and distributors, and its chief exec was indicted by American prosecutors. News of the company shutdown was broken by Vice News after raids in Belgium and the Netherlands on Sky ECC users and resellers.

The U.S. Department of Justice on Friday announced an indictment against Jean-Francois Eap, the CEO of encrypted messaging company Sky Global, and an associate for wilfully participating in a criminal enterprise to help international drug traffickers avoid law enforcement. Sky ECC is said to have surged in popularity following a similar takedown of Encrochat last July by French and Dutch investigators, with many criminal gangs shifting to the service to carry out criminal acts.

The US Department of Justice has indicted the CEO of encrypted messaging company Sky Global, and an associate for allegedly aiding criminal enterprises avoid detection by law enforcement. Sky Global is the developer of an encrypted chat app known as Sky ECC that claims to be the "Most secure messaging app available anywhere in the world today."

Image: Sky ECC. European law enforcement authorities have made a large number of arrests after a joint operation involving the monitoring of organized crime communication channels after "Unlocking" Sky ECC chat's encryption. The investigation started after Belgium police seized mobile phones from criminals who used Sky ECC. After "Unlocking" the chat platform's encryption, investigators have been able to monitor communications between roughly 70,000 Sky ECC users.

A series of police raids in Belgium have resulted in the apparent shutdown of the Sky ECC encrypted mobile phone network. As the second major encrypted phone network to be shut down by police in Europe, Sky ECC's seeming downfall has parallels with the Encrochat story, where French and Dutch police man-in-the-middle'd the encrypted phone network on suspicion it was being used mainly by organised criminals.