CyberSecurity Pulse 2016-01-28
What Happens When Anything Goes to Unmask Users in Tor?
However, the prosecution of some criminal activities related to child pornography or terrorism have put on the table the ethics of certain actions conducted by some agencies. This week, unnamed sources from the FBI announced the tracking of the users of a site linked to the distribution of child pornography. Rather than just preventing people from accessing to the resource once seized, the technique used have included exploiting vulnerabilities in the visitors' browsers with the aim of deanonimyzing the traffic.
In countries where these issues have not been discussed enough, the effects of these actions have two immediate consequences. On the one hand, the criminalization of all the users of certain platforms or services even when there exists no concrete evidence of a crime and, on the other, the justification for maintaining active platforms up to let them play the role of a honeypot instead of blocking the commission of the alleged crimes that lead to its seizure. As expected, another battlefield in the struggle between privacy and security.
Israeli Electrical Power Grid Suffers Massive Cyberattack
The Israel’s Minister of Infrastructure, Energy and Water, Yuval Steinitz, told that the Israeli Public Utility Authority suffered a severe cyberattack. The threat actors hit the Public Utility Authority with a malware leading to problems in the internal systems, some of which have remained inoperative for a few days. As usually happens in these cases, it is very difficult to attribute the attack to a specific threat actor and probably we will have to wait for further analysis on the malware used by attackers. The attack has taken place just a few weeks after Ukraine’s power outage based on the BlackEnergy malware.
Europol Opens This Month a New Counterterrorism Centre Focused on Internet
The terrorism is perceived as the principal threat for the Western countries, for this reason the European State members announced the creation of a new European counter-terrorism centre. The centre, which is opening this month, aims to improve information-sharing among national law enforcement agencies involved in the investigation on terrorism activities. One of their main challenges is the fight against the sheer volume of Internet content promoting terrorism and extremism.
Rest of the Week´s News
FortiGuard SSH Backdoor Found in More Fortinet Security Appliances
Network security vendor Fortinet has identified an authentication issue that could give remote attackers administrative control over some of its products such as FortiSwitch, FortiAnalyzer y FortiCache. The company is likely trying to differentiate this problem from an SSH backdoor found recently in network firewalls from Juniper Networks, one of its competitors.
Apple Can Still Read Your End-to-End Encrypted iMessages
In government fight against encryption, Apple has positioned itself as a staunch defender of its users' privacy by refusing the federal officials to provide encryption backdoors into its products. However, there are still hundreds of millions of Apple users whose data is stored on Apple's servers in plain text even after end-to-end encryption practice.
Customer Support Team, The Weak Link at Amazon
Eric Springer, an Amazon user, has exposed at Medium how he was a victim of a social engineering attack. With just a rough idea of Springer's location and his email address, the attacker tricked an employee of the Amazon customer service to provide almost all of his personal information. The attacker was subsequently able to use this data to trick Springer's bank into sending out a copy of his credit card.