Security News
European commissioner Thierry Breton wants Huawei and ZTE barred throughout the EU, and revealed plans to remove kit made by the Chinese telecom vendors from the Commission's internal networks. There are concerns that backdoors in Huawei equipment could allow China to spy on foreign nations, given Chinese law requires local businesses to share info with Beijing.
The Irish Data Protection Commission has announced a $1.3 billion fine on Facebook after claiming that the company violated Article 46(1) of the GDPR. More specifically, it was found that Facebook transferred data of EU-based users of the platform to the United States, where data protection regulations vary per state and have been deemed inadequate to protect the rights of EU data subjects. As a result of the infringement, the DPC imposed a record €1.2 billion fine on Facebook's parent company, Meta Ireland, and requested that all data transfers that violate the GDPR be suspended within five months of the decision.
The backdoor malware is deployed in a custom and malicious firmware designed specifically for TP-Link routers so that the hackers can launch attacks appearing to originate from residential networks. While Check Point has not determined how the attackers infect TP-Link routers with the malicious firmware image, they said it could be by exploiting a vulnerability or brute-forcing the administrator's credentials.
Cloud services providers that aren't based in Europe - like the Big Three - may have to team up with a cloud that is operated and maintained from the EU if they want ENISA's stamp of approval for handling sensitive data. ENISA, the European Union's cybersecurity agency, is currently developing a cybersecurity certification scheme that aims to better protect member-state governments' and businesses' data.
EU MEPs want to start the public body - along with a host of other recommendations contained in a report that landed last night - after the so-called PEGA committee spent over a year looking into the use of Pegasus and equivalent spyware. In April, Citizen Lab and Microsoft both reported that a zero-click exploit allegedly developed by Israeli spyware company QuaDream - called "Reign" - was used to deliver spyware on devices running Apple's iOS 14 on victims' phones.
The Commission adopted the first designation decisions under the Digital Services Act, designating 17 Very Large Online Platforms and 2 Very Large Online Search Engines that reach at least 45 million monthly active users. Following their designation, the companies will now have to comply, within four months, with the full set of new obligations under the DSA. These aim at empowering and protecting users online, including minors, by requiring the designated services to assess and mitigate their systemic risks and to provide robust content moderation tools.
Poland's Military Counterintelligence Service and its Computer Emergency Response Team have linked APT29 state-sponsored hackers, part of the Russian government's Foreign Intelligence Service, to widespread attacks targeting NATO and European Union countries. The attackers have targeted diplomatic personnel using spear phishing emails impersonating European countries' embassies with links to malicious websites or attachments designed to deploy malware via ISO, IMG, and ZIP files.
In a preprint paper, "One Protocol to Rule Them All? On Securing Interoperable Messaging," University of Cambridge doctoral candidate Jenny Blessing and security engineering professor Ross Anderson observe that the DMA is now law in Europe and messaging gatekeepers will need to comply, though it won't be easy. "Designing a system capable of securely encrypting and decrypting messages and associated data across different service providers raises many thorny questions and practical implementation compromises," they say in their paper.
Between January 2021 and October 2022, the EU Agency for Cybersecurity analyzed and mapped the cyber threats faced by the transport sector, identifying prime threats, analyzing incidents, assessing threat actors, analyzing their motivations, and introducing major trends for each sub-sector, thereby providing new insights. EU Agency for Cybersecurity Executive Director, Juhan Lepassaar, stated that "Transport is a key sector of our economy that we depend on in both our personal and professional lives. Understanding the distribution of cyber threats, motivations, trends and patterns as well as their potential impact, is crucial if we want to improve the cybersecurity of the critical infrastructures involved."
A new threat actor named 'YoroTrooper' has been running cyber-espionage campaigns since at least June 2022, targeting government and energy organizations in Commonwealth of Independent States countries. Cisco Talos reports having evidence of YoroTrooper exfiltrating large volumes of data from infected endpoints, including account credentials, cookies, and browsing histories.