Security News
According to Jens Zimmermann, the German coalition negotiations had made it "Quite clear" that the incoming government of the Social Democrats, the Greens and the business-friendly liberal FDP would reject "The weakening of encryption, which is being attempted under the guise of the fight against child abuse" by the coalition partners. Which are already enshrined in the interim solution of the ePrivacy Regulation, for example, "Diametrically contradict the character of the coalition agreement" because secure end-to-end encryption is guaranteed there, Zimmermann said.
According to the draft, users will be able to test their internet speeds and, if there's a too large deviation between their real-world results and what their ISPs promised, they will be eligible for a bill discount. The discount amount will be comparable to the deviation between the contractually agreed Internet speeds and the actual ones.
German news outlets claim to have identified a member of the infamous REvil ransomware gang - who reportedly lives the life of Riley off his ill-gotten gains. The gang member, nicknamed Nikolay K by Die Zeit newspaper and the Bayerische Rundfunk radio station, reportedly owns a €70,000 watch with a Bitcoin address engraved on its face and rents yachts for €1,300 a day whenever he goes on holiday.
German investigators have reportedly identified a Russian man named Nikolay K. whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years. As reported by German media, the investigators were able to link Bitcoin payments with ransoms paid to the GandCrab ransomware group, following attacks against a software developer and the State Theater in Stuttgart.
Approximately 400,000 users of Scoolio, a student community app widely used in Germany, had sensitive information exposed due to an API flaw in the platform. Scoolio is a German student community app that aims to build better time management skills, tutoring, homework planning, and group chats to network with peers.
In an open letter this month, the Chaos Computer Club - along with Google, Facebook, and others - said they are against proposals to dramatically expand the use of so-called state trojans, aka government-made spyware, in Germany. Once you have root access on a person's computer or handheld, the the device can be an open book, encryption or not.
The order issued today by the HmbBfDI, one of Germany's data protection commissioners, comes after WhatsApp said that it will slowly restrict account features for users who refuse to give up control of their data and have it shared with Facebook companies starting May 15th, 2021. The announcement comes after the data watchdog started urgent proceedings last month with the goal of issuing an order under GDPR guidance to stop Facebook from collecting and processing any data from WhatsApp users for their own purposes.
Emotet, one of the most dangerous email spam botnets in recent history, is being uninstalled today from all infected devices with the help of a malware module delivered in January by law enforcement. Emotet was used by the TA542 threat group to deploy second-stage malware payloads, including QBot and Trickbot, onto its victims' compromised computers.
The paper itself has a neutrally worded title that simply states the algorithm that it introduces, namely: PrivateDrop: Practical Privacy-Preserving Authentication for Apple AirDrop. For those who don't have iPhones or Macs, AirDrop is a surprisingly handy but proprietary Apple protocol that lets you share files directly but wirelessly with other Apple users nearby.
In what appears to be a fresh twist in Android malware, users of Gigaset mobile devices are encountering unwanted apps that are being downloaded and installed through a pre-installed system update app. "The culprit installing these malware apps is the Update app, package name com.redstone.ota.ui, which is a pre-installed system app," Malwarebytes researcher Nathan Collier said.