Security News

Secret Backdoors Found in German-made Auerswald VoIP System
2021-12-21 20:19

Multiple backdoors have been discovered during a penetration test in the firmware of a widely used voice over Internet Protocol appliance from Auerswald, a German telecommunications hardware manufacturer, that could be abused to gain full administrative access to the devices. "Two backdoor passwords were found in the firmware of the COMpact 5500R PBX," researchers from RedTeam Pentesting said in a technical analysis published Monday.

New German Government is Pro-Encryption and Anti-Backdoors
2021-12-08 19:19

According to Jens Zimmermann, the German coalition negotiations had made it "Quite clear" that the incoming government of the Social Democrats, the Greens and the business-friendly liberal FDP would reject "The weakening of encryption, which is being attempted under the guise of the fight against child abuse" by the coalition partners. Which are already enshrined in the interim solution of the ePrivacy Regulation, for example, "Diametrically contradict the character of the coalition agreement" because secure end-to-end encryption is guaranteed there, Zimmermann said.

German law enforces bill discounts for slow Internet speeds
2021-11-24 19:08

According to the draft, users will be able to test their internet speeds and, if there's a too large deviation between their real-world results and what their ISPs promised, they will be eligible for a bill discount. The discount amount will be comparable to the deviation between the contractually agreed Internet speeds and the actual ones.

REvil gang member identified living luxury lifestyle in Russia, says German media
2021-10-28 17:41

German news outlets claim to have identified a member of the infamous REvil ransomware gang - who reportedly lives the life of Riley off his ill-gotten gains. The gang member, nicknamed Nikolay K by Die Zeit newspaper and the Bayerische Rundfunk radio station, reportedly owns a €70,000 watch with a Bitcoin address engraved on its face and rents yachts for €1,300 a day whenever he goes on holiday.

German investigators identify REvil ransomware gang core member
2021-10-28 11:26

German investigators have reportedly identified a Russian man named Nikolay K. whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years. As reported by German media, the investigators were able to link Bitcoin payments with ransoms paid to the GandCrab ransomware group, following attacks against a software developer and the State Theater in Stuttgart.

Sensitive data of 400,000 German students exposed by API flaw
2021-10-28 07:03

Approximately 400,000 users of Scoolio, a student community app widely used in Germany, had sensitive information exposed due to an API flaw in the platform. Scoolio is a German student community app that aims to build better time management skills, tutoring, homework planning, and group chats to network with peers.

Google, Facebook, Chaos Computer Club join forces to oppose German state spyware
2021-06-07 22:49

In an open letter this month, the Chaos Computer Club - along with Google, Facebook, and others - said they are against proposals to dramatically expand the use of so-called state trojans, aka government-made spyware, in Germany. Once you have root access on a person's computer or handheld, the the device can be an open book, encryption or not.

German watchdog bans Facebook from using WhatsApp users' data
2021-05-11 20:41

The order issued today by the HmbBfDI, one of Germany's data protection commissioners, comes after WhatsApp said that it will slowly restrict account features for users who refuse to give up control of their data and have it shared with Facebook companies starting May 15th, 2021. The announcement comes after the data watchdog started urgent proceedings last month with the goal of issuing an order under GDPR guidance to stop Facebook from collecting and processing any data from WhatsApp users for their own purposes.

Emotet malware forcibly removed today by German police update
2021-04-25 07:16

Emotet, one of the most dangerous email spam botnets in recent history, is being uninstalled today from all infected devices with the help of a malware module delivered in January by law enforcement. Emotet was used by the TA542 threat group to deploy second-stage malware payloads, including QBot and Trickbot, onto its victims' compromised computers.

Apple AirDrop has “significant privacy leak”, say German researchers
2021-04-23 18:59

The paper itself has a neutrally worded title that simply states the algorithm that it introduces, namely: PrivateDrop: Practical Privacy-Preserving Authentication for Apple AirDrop. For those who don't have iPhones or Macs, AirDrop is a surprisingly handy but proprietary Apple protocol that lets you share files directly but wirelessly with other Apple users nearby.