Security News

As insurance companies struggle to stay afloat amid rising cyber claims, Swiss Re has recommended a public-private partnership insurance scheme with one option being a government-backed fund to help fill the coverage gap. Global cyber insurance premiums hit $10 billion in 2021, according to Swiss Re's estimates.

Andrew Appel has a long analysis of the Swiss online voting system. It’s a really good analysis of both the system and the official analyses.

The Swiss army has banned foreign instant-messaging apps such as Signal, Telegram, and WhatsApp and requires army members to use the locally-developed Threema messaging app instead. As Threema is a paid subscription communications service, the Swiss army promised to cover the annual subscription cost for all soldiers, which is roughly $4.40 per user. The Swiss army has also posted recommendations on Facebook, characterizing Threema as a secure ad-free communication tool that features end-to-end encryption and leaves no digital trace.

Encrypted email provider Protonmail has hailed a recent Swiss legal ruling as a "Victory for privacy," after winning a lawsuit that sees it exempted from data retention laws in the mountainous realm. Referring to a previous ruling that exempted instant messaging services from data capture and storage laws, the Protonmail team said this week: "Together, these two rulings are a victory for privacy in Switzerland as many Swiss companies are now exempted from handing over certain user information in response to Swiss legal orders."

End-to-end encrypted email service provider ProtonMail has drawn criticism after it ceded to a legal request and shared the IP address of anti-gentrification activists with law enforcement authorities, leading to their arrests in France. The Switzerland-based company said it received a "Legally binding order from the Swiss Federal Department of Justice" related to a collective called Youth for Climate, which it was "Obligated to comply with," compelling it to handover the IP address and information related to the type of device used by the group to access the ProtonMail account.

Security specialist Armis has discovered vulnerabilities, collectively dubbed PwnedPiper, in pneumatic tube control systems used in thousands of hospitals worldwide - including 80 per cent of the major hospitals found in the US. The researcher spotted the PwnedPiper vulnerabilities in Swisslog's Nexus stations for its Translogic Pneumatic Tube System product - a connected control system for the delivery tubes which send medicines, samples, blood products, and paperwork whizzing around a hospital. "The PTS system supports variable speed transactions which, on the one hand allow for express shipment of urgent items," the researchers said, "While on the other, enable the slow transfer of sensitive items, such as blood products, that may be harmed if jolted too quickly within the tubes. If an attacker were to compromise the PTS system, he may alter the system's speed restrictions, which can in turn damage such sensitive items."

While maintaining its current management, brand and service, Tresorit will remain an independent company within Swiss Post Group and will continue to serve its global target regions of EU countries, the UK and the US. Joint vision of Tresorit and Swiss Post: privacy is key to digitalizing information exchange. "From the very beginning, our mission has been to empower everyone to stay in control of their digital valuables. We are proud to have found a partner in Swiss Post who shares our values on security and privacy and makes us even stronger. We are convinced that this collaboration strengthens both companies and opens up new opportunities for us and our customers", says Istvan Lam, Co-founder and CEO of Tresorit.

Data-breach risk should be tackled with a toolset for monitoring data in motion and data at rest, analysis of user behavior, and the detection of fraud and weak spots. Once I even "Caught" a leak with the help of the firewall logs: I noticed an atypically large data upload and found out that the user was uploading confidential information as virtual-machine images.

The U.S. Department of Justice yesterday announced updates on two separate cases involving cyberattacks-a Swiss hacktivist and a Russian hacker who planned to plant malware in the Tesla company. A Swiss hacker who was involved in the intrusion of cloud-based surveillance firm Verkada and exposed camera footage from its customers was charged by the U.S. Department of Justice on Thursday with conspiracy, wire fraud, and identity theft.

Swiss national Till Kottmann, 21, has been charged for conspiracy, wire fraud and aggravated identity theft, the U.S. Department of Justice announced. Kottmann has been at the forefront of numerous leaks involving source code, some of it proprietary or confidential, from dozens of large companies.