Security News for the Week Ending March 19, 2021

Google Posts Exploit to Use Spectre to Leak Data

The Spectre family of side channel attacks against Intel based CPUs has been downplayed over the last year by some experts because they said there is no practical attack to steal data. Now Google has posted a proof of concept attack that could steal data at the rate of around 1,000 bytes a second using Chrome. It works both with both Intel CPUs and Apple M1 CPUs also. Follow the link to read the details. Credit: The Register

Police Shut Down Illegal Video Streaming App with 100 Million Users

Spanish National Police and Europol shut down the servers behind the mobile app Mobdro, which distributes illegal video streams. The investigation started in 2018 after compaints for several groups such as sports leagues. The crooks had 100 million “subscribers”. Profits from the sites are estimated to be around $5 million. While there have been arrests, confiscating of servers and bank accounts, after more than two years, authorities in Czechia are still investigating – the challenge of bringing down multinational cyber fraud groups. Credit: HackRead

Cheerleading Mom Takes Deep Fakes to New Low

A Pennsylvania woman is accused of spending months harassing other members of her daughter’s cheerleading squad by creating fake images of the other girls on the squad in an effort to get them thrown off the squad. The faked images appeared to show the girls with no clothes on, smoking and/or doing drugs. These images were texted to the other girls’ families and also to the owner of the cheerleading squad. Credit: Vice

Chinese Spies go After Telcos to Steal 5G Information

A group of Chinese spies has changed tactics to steal 5G information. The group, known as Mustang Panda or RedDelta, lures telco employees to a Huawei “jobs” page and once there, tells the visitors that they need to install a new Flash update, which will install a backdoor, thereby giving the hackers access to the employee’s network and the company’s data. Given that Flash is dead, I assume this tactic will morph, but the concept still works – lure the employee to a watering hole website, get the employee to download and install some malware in the guise of an update and thereby compromise the network. Credit: The Record

Bitcoin Entrepreneur Announces Free Speech Phone for Trump Fans

The Freedom Phone, brainchild of Erik Finman, who claims to be the youngest Bitcoin millionaire, comes preloaded with Parler and bills itself as “the first mass-marketable mobile phone based on free speech”. The main feature, the press release says, is that it allows you to download software which has been banned from Apple and Google stores such as Gab and Parler. It is based on the “freedom OS” which, it appears, is just their own build of Android. In addition to calling himself a millionaire, he also calls himself a billionaire, which does not appear to be true. The phone has not launched yet, but my guess is that it will not be free as in free. Credit: Vice

Leave a Reply

Your email address will not be published.