after

now browsing by tag

 
 

#infosec | Apple Dropped iCloud Encryption Plans After FBI Complaint: Report

Source: National Cyber Security – Produced By Gregory Evans

Apple dropped plans to offer end-to-end encrypted cloud back-ups to its global customer base after the FBI complained, a new report has claimed.

Citing six sources “familiar with the matter,” Reuters claimed that Apple changed its mind over the plans for iCloud two years ago after the Feds argued in private it would seriously hinder investigations.

The revelations put a new spin on the often combative relationship between the law enforcement agency and one of the world’s biggest tech companies.

The two famously clashed in 2016 when Apple refused to engineer backdoors in its products that would enable officers to unlock the phone of a gunman responsible for a mass shooting in San Bernardino.

Since then, both FBI boss Christopher Wray, attorney general William Barr and most recently Donald Trump have taken Apple and the wider tech community to task for failing to budge on end-to-end encryption.

Silicon Valley argues that it’s impossible to provide law enforcers with access to encrypted data in a way which wouldn’t undermine security for hundreds of millions of law-abiding customers around the world.

They are backed by world-leading encryption experts, while on the other side, lawmakers and enforcers have offered no solutions of their own to the problem.

Apple’s decision not to encrypt iCloud back-ups means it can provide officers with access to target’s accounts. According to the report, full device backups and other iCloud content was handed over to the US authorities in 1568 cases in the first half of 2019, covering around 6000 accounts.

Apple is also said to have handed the Feds the iCloud backups of the Pensacola shooter, whose case sparked another round of calls for encryption backdoors from Trump and others.

It’s not 100% clear if Apple dropped its encryption plan because of the FBI complaint, or if it was down to more mundane usability issues. Android users are said to be able to back-up to the cloud without Google accessing their accounts.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | Apple Dropped iCloud Encryption Plans After FBI Complaint: Report appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | International police arrest two after WeLeakInfo takedown

Source: National Cyber Security – Produced By Gregory Evans

Search engine for leaked passwords shut down

Police have seized WeLeakInfo.com, an online service that turned selling access to data exposed by breaches into a business.

The site offered subscription-based access to billions of compromised user login credentials, essentially offering a search engine for breached personal data including names, email addresses, phone numbers, IP address, and passwords.

A joint law enforcement action led by the UK’s National Crime Agency (NCA), in collaboration with international law enforcement partners including the FBI and the East Netherland Cyber Crime Unit (Politie), has led to the seizure of the domain and the arrest of two suspects.

A 22-year-old male was arrested in Fintona, Northern Ireland by the country’s police service on suspicion of fraud and serious crime offences before being released on bail, pending further inquiries.

Another man, also 22, was arrested in Vriendin, The Netherlands, by Dutch authorities.

Neither suspect has been named but police allege the duo made £200,000 ($261,000) through the dodgy site they ran together.

The pair became suspects after police traced online payments for hosting and other services linked to the site back to IP addresses used by the two men.

Police also established “links between the purchase of cybercrime tools, such as remote access Trojans (RATs) and cryptors, and weleakinfo.com.”

Robert Ramsden-Board, VP EMEA at Securonix, commented in a press release: “Weleakinfo.com was a useful resource for threat actors.

“Hackers could perform unlimited searches for exposed data for as little as $2 a day.

“Hence, providing them with all the information they would need, such as exposed usernames and passwords, to be able to perform credential stuffing attacks and phishing attacks.”

The FBI took ownership of the WeLeakInfo.com domain name and added a notice stating it was seized.

Prior to the takedown, police allege that the site hosted credentials taken from around 10,000 data breaches. The details were used in subsequent cyber-attacks in an unspecified number of cases.

Although WeLeakInfo.com has been taken out of commission, other similar services exist and may well expand to fill the gap in the market occasioned by a rival’s takedown.

In a blog post, security industry veteran Graham Cluley explains the difference between WeLeakInfo and legitimate services like Troy Hunt’s HaveIBeenPwned. The latter only offers warnings – free of charge – that a person’s email address and associated info has been part of a breach without ever storing or offering access to passwords.

YOU MIGHT ALSO LIKE Massive stolen credit card sale features 1.3 mostly Indian records

Source link

The post #hacking | International police arrest two after WeLeakInfo takedown appeared first on National Cyber Security.

View full post on National Cyber Security

Malicious npm package taken down after Microsoft warning – Naked Security

Source: National Cyber Security – Produced By Gregory Evans

Criminals have been caught trying to sneak a malicious package on to the popular Node.js platform npm (Node Package Manager).

The problem package, 1337qq-js, was uploaded to npm on 31 December, after which it was downloaded at least 32 times according to figures from npm-stat.

According to a security advisory announcing its removal, the package’s suspicious behaviour was first noticed by Microsoft’s Vulnerability Research team, which reported it to npm on 13 January 2020:

The package exfiltrates sensitive information through install scripts. It targets UNIX systems.

The data it steals includes:

  • Environment variables
  • Running processes
  • /etc/hosts
  • uname -a
  • npmrc file

Any of these could lead to trouble, especially the theft of environment variables which can include API tokens and, in some cases, hardcoded passwords.

Anyone unlucky enough to have downloaded this will need to rotate those as a matter of urgency in addition to de-installing 1337qq-js itself.