Security News
In brief Russian hackers have proved yet again how quickly cyber attacks can be used to respond to global events with a series of DDoS attacks on German infrastructure and government websites in response to the country's plan to send tanks to Ukraine. Germany announced the transfer of 14 Leopard 2 A6 tanks to Ukraine on Wednesday, jointly with the US saying it would send 31 M1 Abrams tanks to the besieged nation.
World Cup apps from the Qatari government collect more personal information than they need to, according to Germany's data protection agency, which this week warned football fans to only install the two apps "If it is absolutely necessary." Also: consider using a burner phone. The two apps are Ehteraz, a Covid-19 tracker from the Qatari Ministry of Public Health, and Hayya from the government's Supreme Committee for Delivery & Legacy overseeing the Cup locally, which allows ticket holders entry into the stadiums and access to free metro and bus transportation services.
Germany's Federal Criminal Police Office has arrested a 22-year-old student in Bavaria, who is suspected of being the administrator of 'Deutschland im Deep Web', one of the largest darknet markets in the country. The platform had already gone offline in March 2022, with 16,000 registered users, 28,000 posts, and 72 high-volume sellers of prohibited goods, including weapons and drugs.
Germany's government has stood down the president of its Federal Office for Information Security, Arne Schönbohm, over his links to Russia. Among the matters raised in the thread were Schönbohm's founding of a lobby group called Cyber Security Council Germany.
Recently, Eileen Walther, Northwave's Country Manager for Germany and specialized in information security, was elected the new Vice President of the Cyber Security Council Germany. In this interview with Help Net Security, Walther talks about Germany's cybersecurity future, working on information security strategy, and more.
Germany's Bundeskriminalamt, the country's federal criminal police, carried out raids on the homes of three individuals yesterday suspected of orchestrating large-scale phishing campaigns that defrauded internet users of €4,000,000. The three men obtained money from their victims by sending them phishing emails that were clones of messages from real German banks.
On Tuesday, the European Court of Justice issued rulings that limit indiscriminate data retention in France and Germany. The ECJ determined [PDF] that EU law disallows national legislation that requires indiscriminate retention of telecom traffic and location data to fight crime and protect public safety.
The guide categorizes the protection requirements of various satellite missions from "Normal" to "Very High" with the goal of covering as many missions as possible. "High" is high-consequence damage that "Can significantly limit the operation of the satellite system." As for "Very High," the attack could result in shutdown and "Reach an existentially threatening, catastrophic extent for the operator or the manufacturer."
An unknown threat actor is targeting German users interested in the Ukraine crisis, infecting them with a custom PowerShell RAT and stealing their data. These sites offer malicious documents that install a custom RAT that supports remote command execution and file operations.
Germany's Federal Criminal Police Office, the Bundeskriminalamt, on Tuesday announced the official takedown of Hydra, the world's largest illegal dark web marketplace. " Bitcoins amounting to currently the equivalent of approximately €23 million were seized, which are attributed to the marketplace," the BKA said in a press release.