In an open letter this month, the Chaos Computer Club - along with Google, Facebook, and others - said they are against proposals to dramatically expand the use of so-called state trojans, aka government-made spyware, in Germany. Once you have root access on a person's computer or handheld, the the device can be an open book, encryption or not.
The order issued today by the HmbBfDI, one of Germany's data protection commissioners, comes after WhatsApp said that it will slowly restrict account features for users who refuse to give up control of their data and have it shared with Facebook companies starting May 15th, 2021. The announcement comes after the data watchdog started urgent proceedings last month with the goal of issuing an order under GDPR guidance to stop Facebook from collecting and processing any data from WhatsApp users for their own purposes.
Emotet, one of the most dangerous email spam botnets in recent history, is being uninstalled today from all infected devices with the help of a malware module delivered in January by law enforcement. Emotet was used by the TA542 threat group to deploy second-stage malware payloads, including QBot and Trickbot, onto its victims' compromised computers.
The paper itself has a neutrally worded title that simply states the algorithm that it introduces, namely: PrivateDrop: Practical Privacy-Preserving Authentication for Apple AirDrop. For those who don't have iPhones or Macs, AirDrop is a surprisingly handy but proprietary Apple protocol that lets you share files directly but wirelessly with other Apple users nearby.
In what appears to be a fresh twist in Android malware, users of Gigaset mobile devices are encountering unwanted apps that are being downloaded and installed through a pre-installed system update app. "The culprit installing these malware apps is the Update app, package name com.redstone.ota.ui, which is a pre-installed system app," Malwarebytes researcher Nathan Collier said.
Several German lawmakers have once again fallen victim to a cyber attack, local media said Friday, with security experts pointing the finger at Russian hackers. Hackers used phishing emails to gain access to the computers of at least seven federal MPs and 31 lawmakers in regional parliaments, according to Der Spiegel weekly.
Email accounts of multiple German Parliament members were targeted in a spearphishing attack. It is believed that the attackers were able to gain access to the email accounts of seven members of the German federal parliament and 31 members of German regional parliaments.
Germany security officials are proposing that Internet companies should link a user's real-world identity to all of their instant messages, emails and other online communication, prompting criticism from digital rights activists. Like in many other countries, mobile phone firms in Germany are required to verify a customer's identity before selling them a SIM card.
A German-led police operation has taken down the "World's largest" darknet marketplace, whose Australian alleged operator used it to facilitate the sale of drugs, stolen credit card data and malware, prosecutors said Tuesday. Police in the northern city of Oldenburg "Were able to arrest the alleged operator of the suspected world's largest illegal marketplace on the darknet, the DarkMarket, at the weekend," prosecutors said in a statement.
German Chancellor Angela Merkel's Cabinet approved a bill Wednesday that would require companies involved in setting up critical infrastructure such as high-speed 5G networks to guarantee that their equipment can't be used for sabotage, espionage or terrorism. The bill, which now goes to parliament, seeks to address concerns that vendors such as Chinese tech company Huawei might pose a security risk if they have access to core parts of the German telecoms network.