The Federal Trade Commission (FTC) announced that it had banned stalkerware vendor SpyFone and its CEO, Scott Zuckerman, from working in the surveillance business. The ban was issued “over allegations that the stalkerware app company secretly harvested and shared data on people’s physical movements, phone use, and online activities through a hidden device hack.”

The FTC said that the “stalkerware was hidden from device owners, but was fully exposed to hackers who exploited the company’s slipshod security. This case is an important reminder that surveillance-based businesses pose a significant threat to our safety and security. We will be aggressive about seeking surveillance bans when companies and their executives egregiously invade our privacy." (Joseph Cox / Motherboard)

Related: Gizmodo, EFF, Associated Press Technology, The Hill: Cybersecurity, Bleeping Computer, The Independent, Mashable, Malwarebytes Labs, Reuters, Cyberscoop, CNBC, FTC, Malwarebytes Labs, CNBC, Blog | Avast EN, PogoWasRight.org

As part of a broad stepped-up focus on privacy enforcement, European Union regulators fined Facebook-owned WhatsApp 225 million euros, or around $266 million, for failing to tell the bloc’s residents enough about what it does with their data.

This second significant EU privacy fine against a U.S. tech company in two months was issued by Ireland’s Data Protection Commission on behalf of a board representing all its EU counterparts. The regulators gave WhatsApp three months to bring its communication with users into compliance with several provisions of Europe’s privacy law, the General Data Protection Regulation (GDPR). WhatsApp said it would appeal the decision. (Sam Schechner / Wall Street Journal)

Related: CNBC Technology, Pocketnow, Associated Press Technology, BBC News, CNBC Technology, Cybersecurity| Reuters.com, Fortune, Security Week, Irish Times, Natasha Lomas – TechCrunch, Financial Times, POLITICO EU, Ad Week, The Drum, Business Insider, Technology | International Business Times, Reuters: World News, Silicon Republic

In its efforts to add more digitized content to iOS users’ wallets, Apple said that it so far secured two states, Arizona and Georgia, to bring digital driver’s licenses and state IDs into iOS wallets. Connecticut, Iowa, Kentucky, Maryland, Oklahoma, and Utah are expected to follow suit.

Apple said that when residents add their IDs to wallets, they’ll have to send a picture of their card and a photo of their faces, and they’ll also have to “complete a series of facial and head movements during the setup process.” It’s then up to the states to verify the ID before people can use them. (Rebecca Heilweil / Vox)

Related: Lifehacker, Protocol, Slashdot, CNBC Technology, The Next Web, Newsweek, SlashGear » security, Philip Elmer DeWitt's Apple 3.0, WCCFtech, Daring Fireball, Input, SlashGear » security, Vox, Business Insider, AiThority, Vox, NCC Group Research, Apple, The Next Web

Jake Williams @MalwareJake

Oh good. A company with a history of never abusing your data will now have more of it. Sanctioned by the state, no less.

The Hill @thehill

Apple to introduce digital drivers licenses in eight states https://t.co/5b3PaMrunE https://t.co/UnwJXduR5z

September 2nd 2021

11 Retweets53 Likes

Two weeks ago, the online storefront for cybercrime service VIP72, which allowed criminals to mask their actual locations online by routing their traffic through millions of malware-infected systems, vanished.

VIP72 routed its customers’ traffic through computers that have been hacked and seeded with malicious software. Vip72[.]org was initially registered in 2006 to “Corpse,” the handle adopted by a Russian-speaking hacker who became infamous several years prior for creating and selling an extremely sophisticated online banking trojan called A311 Death, a.k.a. “Haxdoor,” and “Nuclear Grabber.” Until mid-August, VIP72’s main home page and supporting infrastructure had remained at the same U.S.-based Internet address for more than a decade. (Brian Krebs / Krebs on Security) 

Shodan @therealshodan

I’ve been tracking this group for 3 years now. A short thread VIP72 often gets on your box via brute forcing of weak RDP creds. Microsoft’s RDP sensor network, which I run, helps counter these types of threats and gives great visibility into how this group operates.

briankrebs @briankrebs

Two weeks ago, VIP72 -- an anonymity/proxy service that for the past 15 years sold access to millions of hacked PCs -- suddenly vanished. Ironically, VIP72 and its associated services have remained at the same US-based IP for more than a decade. https://t.co/jrhHEGRebv

September 1st 2021

7 Likes

Hewlett Packard Enterprise (HPE) has landed a $2 billion contract with the National Security Agency (NSA) to provide the intel agency with a high-performance-computing-as-a-service via its GreenLake platform.

HPE said it would fully host and manage the service over ten years. The HPC service is intended to allow the NSA to “harness” AI and data to create insights. (Paul Kunert / The Register)

Related: Meritalk, Silicon UK, Gadgets Now, Invezz, Hewlett Packard Enterprise

Microsoft released the optional KB5005101 Preview cumulative update for Windows 10 2004, Windows 10 20H2, and Windows 10 21H1 with fixes for thirty-four issues.

The preview update is optional and only contains bug fixes, performance enhancements, and improvements. It does not include any security updates. (Lawrence Abrams / Bleeping Computer)

Related: WCCFtech, TechStory, ExtremeTech, Windows Central , xda-developers

Representative Yvette Clarke (D-NY), chairwoman of the House Homeland Security cybersecurity subcommittee, and Rep. John Katko (R-NY), ranking member of the full committee, introduced a draft data breach notification bill.

The draft bill would ban the Cybersecurity and Infrastructure Security Agency (CISA) from requiring that critical organizations report cybersecurity breaches earlier than 72 hours after such incidents occur. Breach notification legislation introduced in the Senate would give certain critical groups only 24 hours to report a cybersecurity incident to CISA. (Maggie Miller / The Hill)

Related: Claroty, InsideCyberSecurity.com, Defense Daily Network, FCW, DataBreaches.net, Cyberscoop, DataBreachToday.com

A significant vulnerability in Confluence’s team collaboration server software (CVE-2021-26084) is currently on the cusp of widespread abuse after security experts spotted mass scanning and initial exploitation this week. Threat actors could exploit the vulnerability to bypass authentication and inject malicious OGNL commands that allow them to take over unpatched systems.

The vulnerability impacts Confluence Server and Confluence Data Center software usually installed on Confluence self-hosted project management, wiki, and team collaboration platforms. Patches for the flaw were released last week by Atlassian, the company that owns the Confluence software family. (Catalin Cimpanu / The Record)

Related: IT News, TechTarget

Researchers at Check Point say that threat actors could abuse a now-patched high-severity security vulnerability in WhatApp's image filter feature to send a malicious image over the messaging app to read sensitive information from the app's memory.

The Check Point researchers, who initially disclosed the flaw to WhatsApp, said it could crash WhatsApp by switching between various filters on the malicious GIF files. WhatsApp said it has "no reason to believe this bug would have impacted users." (Ravie Lakshmanan / The Hacker News)

Related: ZDNet Security, 9to5Mac, CheckPoint

According to Cisco Talos, adversaries find new ways to monetize their attacks by abusing internet-sharing or "proxyware" platforms like Honeygain, Nanowire, and others to launch untraceable malware attacks.

The criminals accomplish these attacks by siphoning bandwidth from users’ connections. Once inside the network, criminals bundle legitimate proxyware software with digital currency miners and information stealers. In most cases, the victims won’t even know the malware is on their machine. (Charlie Fripp / Komando.com)

Related: The Hacker News, Cisco Talos

Follow Us on Twitter

Twitter is rolling out among a small group of users Safety Mode, a new feature that aims to block online harassment attempts and reduce disruptive interactions.

Twitter designed Safety Mode to automatically and temporarily block users for seven days when using harmful language in replies, quote tweets, and mentions in conversations. (Sergiu Gatlan / Bleeping Computer)

Related: ZDNet Security, iPhone Hacks, Silicon Republic, Cybersecurity| Reuters.com, Twitter

Plaintiffs filed a class-action lawsuit against Sturdy Memorial Hospital in Attleboro, Vermont alleging it failed to adequately protect personal patient information that malicious actors stole in a ransomware attack.

An estimated 35,272 individuals were affected by the hack attack, which took place on February 9, 2021. Sturdy paid an undisclosed ransom to the hacker to get its information back and offered all those affected two years of free credit monitoring. Plaintiffs contend that Sturdy should have protected the patient information in the first place. (George W. Rhodes / The Sun Chronicle)

Related: Beckers Hospital Review

Israel’s Foreign Minister Yair Lapid downplayed criticism of the country’s regulation of notorious spyware purveyor NSO Group but vowed to step up efforts to ensure the company’s controversial spyware doesn’t fall into the wrong hands.

Israel’s Defense Ministry regulates all arms exports, including cyber products.  (Josef Federman / Associated Press)

Related: The New Arab, Newsweek, ynet - News

Photo by Ian Hutchinson on Unsplash