Transcript
A (0:04)
Germany seeks more hacking and surveillance powers for its intelligence service. Finland intends to criminalise the spreading of false information Patriotic French social media goes quiet during Iran's Internet outage and hackers are extorting GrubHub. This is the risky bulletin prepared by Katalin Campanu and read by me, Amberly Jack Today is January 19th and this podcast episode is brought to you by Spectrops, the experts in attack path management. In today's top story, Germany is considering increased hacking and surveillance powers for its intelligence service, the bnd. If approved, a new law would allow the storage of full Internet communications rather than just selected metadata. The BND would also be allowed to hack foreign service providers and as well as surveil foreigners and some journalists. The Finnish Ministry of Justice may criminalise the dissemination of false information on behalf of a foreign government. The proposed law is aimed to counter disinformation operations aided by local operatives. It's unclear whether the punishment would include prison sentences. U.S. government cyber officials may not attend this year's RSA Cybersecurity conference. According to NexGov, Trump administration officials are considering skipping the event after Jen Easterly was appointed CEO of the conference. Easterly served as sister Director during the Biden administration. The EU is preparing to ban Chinese equipment in telecommunications and solar energy. The provision is part of the draft EU Cybersecurity act set to be unveiled this week. The ban would apply to Chinese companies such as Huawei and zte. Reports from Iran suggest the country will permanently disconnect its populace from the global Internet. The Internet has been down for more than a week during protests. Digital rights organisation Filter Watch says a plan is underway for long term restrictions. Access to the global Internet would be limited to vetted individuals. A cluster of so called French patriotic accounts went silent on X after Iran removed itself from the Internet. The accounts posed as French people and stoked anti government protests. A similar cluster promoting the Scottish independence movement also went quiet. A lawsuit by CrowdStrike shareholders over the company's 2024 outage has been dismissed. The incident crashed more than 8 million Windows computers impacting flights and hospitals globally. Shareholders argued the company lied about its software testing practices. The judge said shareholders failed to prove that CrowdStrike's statements were motivated by an intent to defraud. Hackers are extorting food delivery platform grubhub. The Shiny Hunters group is threatening to release files that were stolen from the company's Salesforce and Zendesk accounts last year. The company has not said if it intends to pay. A hacker has stolen personal information about EU rail customers. The European rail company began notifying affected individuals last week. Stolen data includes names, contact information and passport details. A hacker has stolen $282 million in crypto from a single hardware wallet. The funds were stolen through social engineering on January 10 and and immediately laundered into Monero. The move caused the price of monero to spike 70% in the days following. A Jordanian man has pleaded guilty to selling access to more than 50 hacked networks in the US Firas Khali Ahmad Abashiti worked as an individual access broker under the name Riz. He was arrested in the country of Georgia and extradited to the US last year. He he faces up to 10 years in prison. A Tennessee man who hacked the US Supreme Court also breached the Department of Veterans Affairs. Nicholas Moore published data from both networks on his Instagram account. Hackthegovernment. He pleaded guilty last week. Moore faces a maximum sentence of one year in prison and a fine of up to $100,000. Five Venezuelan nationals have pleaded guilty to hacking ATMs in the US state of Georgia. The group accessed the ATM supervisor mode and deployed malware to force the devices to dispense cash. Members of the group were caught on camera and were identified through fingerprints left behind. They face up to 30 years in prison. A cluster of five malicious Chrome extensions is targeting HR and ERP platforms. The extensions contain code to steal cookies, hijack sessions, and block access to security and admin pages. Targeted services include Workday, NetSuite and SuccessFactors. According to Socket Security, roughly 2,300 users were affected. Academics have discovered a vulnerability that allows malicious code to run inside the AMD Secure encrypted virtualization platform. The Stack Warp attack can be used to expose secrets from virtual machines in AMD powered clouds. All Xen family processes are affected when hyperthreading is enabled. The company released firmware updates last week. Threat actors are exploiting a recently patched vulnerability in Fortinet FortiSeam devices. The attacks began after security firm Horizon 3 published a write up and proof of concept code. The vulnerability allows attackers to remotely run OS commands on the device without authentication. Cisco has released a security update for a zero day disclosed by the company in December. The flaw affected Cisco Email Security products such as the Secure Email Gateway and the Cisco Secure Email and Web Manager. It allows the attackers to run commands as root on the devices if the quarantine service was enabled. Cisco linked the attacks to a Chinese espionage group. Google Project Zero has released a zero click exploit for the Dolby Audio decoder on Android phones. No user interaction is required, as many Android communication apps automatically process audio. The exploit was tested on a Pixel 9, but Google researchers say the attack should work against most Android devices. And finally, an unpatched security flaw has been disclosed in Livewire, a file manager for the popular Laravel web framework. The vulnerability can allow threat actors to upload malicious PHP files and execute them. Neither Livewire nor Laravel have responded to researchers. That's all for this podcast edition. Today's show was brought to you by our sponsor, Spectrops. Find them@Spectropsio. Thanks for your company.