Security News

Readers may remember Kottman pointed out holes in a security skills assessment website run by Deloitte, dropped 20GB of Intel secrets onto the web and shamed the security of DevOps tool SonarQube by releasing third-party code created with the project. Illegally accessing computers belonging to a security device manufacturer located in the Western District of Washington and stealing proprietary data.

The Justice Department has charged a Swiss hacker with computer intrusion and identity theft, just over a week after the hacker took credit for helping to break into the online systems of a U.S. security-camera startup. Swiss authorities said they had raided Kottmann's home in Lucerne late last week at the request of U.S. authorities.

Swiss authorities on Monday confirmed a police raid at the home of a Swiss software engineer who took credit for helping to break into a U.S. security-camera company's online networks, part of what the activist hacker cited as an effort to raise awareness about the dangers of mass surveillance. The Federal Office of Justice said regional police in central Lucerne, acting on a legal assistance request from U.S. authorities, on Friday carried out a house search involving hacker Tillie Kottmann.

The 25+ year gap between IT and Operational Technology security means that OT networks have few, if any, modern security controls in place, as many of these Industrial Control Systems are legacy assets that were not designed with security in mind and were previously isolated, until digital transformation came along. With asset visibility to identify vulnerabilities and suspicious behavior, continuous threat monitoring to detect and track threats that cross the IT/OT boundary, and secure remote access solutions with strict controls over sessions, we can jumpstart the process of closing the IT/OT security gap.

Swiss politicians have voiced outrage and demanded an investigation after revelations that a second Swiss encryption company was allegedly used by the CIA and its German counterpart to spy on governments worldwide. He called for a parliamentary inquiry after an SRF investigation broadcast on Wednesday found that a second Swiss encryption firm had been part of a spectacular espionage scheme orchestrated by US and German intelligence services.

Switzerland benefitted from a spectacular espionage scheme orchestrated by the CIA and its German counterpart who used a Swiss encryption company to spy on governments worldwide, a parliamentary probe showed Tuesday. A large media investigation revealed back in February an elaborate, decades-long set-up, in which US and German intelligence services creamed off the top-secret communications of governments through their hidden control of the Crypto encryption company in Switzerland.

Swiss politicians only found out last year that cipher machine company Crypto AG was owned by the US and Germany during the Cold War, a striking report from its parliament has revealed. Although Swiss spies themselves knew that Crypto AG's products were being intentionally weakened so the West could read messages passing over them, they didn't tell governmental overseers until last year - barely one year after the operation ended.

Previously I have written about the Swedish-owned Swiss-based cryptographic hardware company: Crypto AG. It was a CIA-owned Cold War operation for decades. Today it is called Crypto International, still based in Switzerland but owned by a Swedish company.

As yet unidentifed hackers have managed to steal employee salary payments at several Swiss universities, officials said Sunday. "According to our information, several top schools in Switzerland have been affected," Martina Weiss, director general of the rectors group of Switzerland's public universities, told AFP. The hackers used information obtained by phishing - tricking a person into passing on their personal details - for their attacks on at least three universities, including the University of Basel.

A Swiss federal commissioner announced Tuesday that a U.S.-Swiss program aimed to protect personal information exchanged between the two countries doesn't go far enough, and has downgraded the United States to rank it as a country deemed to have inadequate data protection. Federal Data Protection and Information Commissioner Adrian Lobsiger, in a new policy paper, recommends that Swiss companies or government should disclose personal data to the U.S. only if safeguards are put in place to protect people from prying U.S. authorities.