Facebook Took Down Chinese Group Accounts Used to Hack, Spy on Uyghurs

Cisco releases critical Jabber updates, FBI warns of Mamba ransomware gang, Forex may have spilled 16 billion customer records, Vaccine phishing campaigns soaring, Feedzai raises $150 million, more

Please consider signing up for a premium subscription to Metacurity. You’ll gain access to the archives and our subscriber-only content!

Facebook said its security teams discovered and took down a network of accounts used by Chinese hacking groups known as Earth Empusa and Evil Eye to hack and compromise members of the ethnic minority Uyghur, both within China and abroad.

However, the hackers primarily targeted activists, journalists, and dissidents among Uyghurs from Xinjiang in China living abroad in Turkey, Kazakhstan, the United States, Syria, Australia, Canada, and other countries, Facebook said. (Lily Hay Newman / Wired)

Related: TechNaduintelNews.orgNews: NPREFFAppleInsiderAl Jazeera EnglishUPI.comBleeping ComputerThe Hacker NewsTimes of IsraelBusiness StandardSiliconANGLETech InsiderChinanews.netBig News NetworkCNBCNDTV Gadgets360.com, Facebook, The Record, TechCrunch, Bloomberg, Yahoo Tech, Washington Post, Associated Press

Cisco released software updates to address multiple vulnerabilities affecting its Jabber messaging clients across Windows, macOS, Android, and iOS, which allow an attacker to execute arbitrary programs on the underlying operating systems.

The flaws are not dependent on one another, and exploitation of any one of the vulnerabilities doesn't hinge on the exploitation of another. (Ravie Lakshmanan / The Hacker News)

Related: Govcert.gov.ukCisco

The FBI issued a warning to US organizations warning about attacks carried out by the Mamba ransomware gang, along with instructions on how to best deal with an attack by the ransomware.

In its private industry alert, FBI officials said the ransomware “has been deployed against local governments, public transportation agencies, legal services, technology services, industrial, commercial, manufacturing, and construction businesses.” (Catalin Cimpanu / The Record)

Related: School Transportation News

UK fashion retail company FatFace asked its customers to keep “confidential” the fact that the company suffered a data breach that saw customers’ names, email addresses, and postal addresses stolen. Also stolen were partial payment card information, such as the last four digits of the customer’s credit card number and the card expiry date.

The company’s request to customers to keep the breach confidential sparked an outcry, with many taking to social media to complain about the desired hush-up. (Barry Collins / Forbes)

Related: Security News | Tech TimesInfosecurity Magazine

Indian antitrust body Competition Commission of India ordered an investigation into WhatsApp’s privacy policy changes, saying that the Facebook-owned service breached local antitrust laws in the guise of a policy update.

The regulatory body said that WhatsApp’s “take-it-or-leave-it” nature of privacy policy and terms of service “merit a detailed investigation in view of the market position and market power enjoyed by WhatsApp.” (Manish Singh / TechCrunch)

Related: Silicon UKChannel News AsiaSlashdotDAILYSABAHBusiness InsiderThe Next Web

Researchers at independent review site WizCase discovered that the online trading broker Forex had accidentally leaked over 20TB of sensitive customer data due to an Elasticsearch server left without any encryption or password protection.

The exposed database contained over 16 billion records, exposing millions of customers’ personally identifiable information (PII), including full names, email and billing addresses, phone numbers, IP addresses, passport numbers, social media IDs, and ID verification scans, including national ID cards, driver’s licenses, bank account statements, utility bills, and credit cards. (Phil Muncaster / Infosecurity Magazine)

Related: Infosecurity MagazineSecurity AffairsHackRead, TechRadar, WizCase

Florida company Smart Communications offers a product called MailGuard that includes a suite of products that would make it possible for prison officials to monitor and search all inmate communications with the outside world via a searchable database of everything each prisoner said and received along with who said it. 

The system works by having senders address their mail not to the prison but to a PO box rented by Smart Communications, from where the communications are opened, scanned, and uploaded. (Aaron Gordon / Motherboard)

Google has removed the popular browser extension ClearURLs, which removes tracking elements from URLs from the Chrome Web Store.

The developer appealed to Google against the blocking of the extension and heard from Google. Google claims that the extension's description is "too detailed" and in violation of Chrome Web Store rules. (Ax Sharma / Bleeping Computer)

Related: xda-developersThe Register, BetaNews

A suspected ransomware attack on the University of Northampton in the UK has brought the university “to its knees.”

The attack spurred, in part, the warning by the UK’s National Cyber Security Centre to all educational institutions to watch out for ransomware infections. (Logan MacLeod / Northampton Chronicle and Echo)

Related: Data Breaches DigestIT Pro

Researchers from Palo Alto Networks Unit 42 say that vaccine-related phishing campaigns aimed at stealing victims’ credentials increased by 530% in the first two months after the first COVID-19 vaccines became available in the U.S.

In some of the attacks, the malicious hackers attempted to steal credentials from employees at Walgreens, Canada-based Pharmascience, India-based Glenmark Pharmaceuticals, and China-based Junshi Biosciences. (Shannon Vavra / Cyberscoop)

Related: HealthITSecurityPalo Alto Networks

Threat intelligence and online payment fraud-fighting start-up Feedzai raised $150 million in a Series D funding round.

The round was led by KKR, with Sapphire Ventures and strategic backer Citi Ventures, both past investors, also participating. (Ingrid Lunden / TechCrunch)

Related: Bizjournals, Reuters, Pymnts.com, Silicon Angle

Senators Ed Markey (D-MA) and Representative Ted Lieu (D-CA) reintroduced the Cyber Shield Act, which would create a voluntary cybersecurity certification program for internet-connected devices or Internet of Things (IoT) devices. 

Markey and Lieu previously introduced the legislation in both the House and Senate in 2019, but it never got a vote in either chamber. (Maggie Miller / The Hill)

In honor of noted mathematician and code breaker Alan Turing, the UK’s top spy agency GCHQ released a set of 12 riddles linked to design elements of the new £50 note featuring Turing.

The GCHQ says it believes setting puzzles gives the public an insight into its surveillance work. The agency also took the opportunity to apologize to Turing posthumously for the tremendous injustice he faced for his homosexuality, including criminal prosectuion and forced castration, which ultimately led to his suicide. (Dan Sabbagh / The Guardian)

Related: The SuniNews

Photo by Brett Jordan on Unsplash