At a glance.
- Google will ban advertising for stalkerware.
- Backdoors found in C-Data devices.
- Conti ransomware beginning to eclipse Ryuk.
- Germany's BfV warns that sharing data with Chinese firms involves privacy risk.
- Difficulties in opting out of sharing data with third parties.
Google announces an impending ban on stalkerware advertising.
Stalkerware applications are typically marketed as either parental or spousal monitoring apps. Starting next month, Google says it will no longer run ads for stalkerware. It's effectively spyware, and too easily abused. But Mountain View has two exceptions: advertising for parental monitoring products will still be accepted, as will advertising for private investigation services.
Backdoors in C-Data devices.
Security researchers Pierre Kim and Alexandre Torres report finding vulnerabilities in widely used Fiber-To-The-Home (FTTH) and Optical Line Termination (OLT) devices sold by Shenzhen-based C-Data. ZDNet observes that, of the seven vulnerabilities found, the most serious is the hardcoding of Telnet accounts in the firmware. These grant intruders full administrative access to the devices. Security Affairs points out that the backdoors appear to be intentional, which is why the researchers published their findings without first disclosing them to C-Data.
Ryuk ransomware evolves into Conti, manually controlled and wilier.
BleepingComputer reports that Ryuk ransomware is fading while its malware sibling, Conti, with which Ryuk shares code, is rising. Carbon Black researchers share some details of Conti's workings. This represents a shift in the criminal markets, and not really either an increase or decrease in the overall threat of ransomware. The same precautions you should take to protect yourself against this kind of extortion remain as important as ever.
But Conti does represent an evolutionary upgrade over Ryuk. It is, for example, manually controllable by its operators. That might seem a step back, since we’re accustomed to thinking of automation as, well, newer, better, and shinier in every respect. But that’s not true in this case. It enables subtler operation. “The notable effect of this capability is that it can cause targeted damage in an environment in a method that could frustrate incident response activities,” Carbon Black said. The researchers added, “A successful attack may have destruction that’s limited to the shares of a server that has no Internet capability, but where there is no evidence of similar destruction elsewhere in the environment.”
Since ransomware now represents a threat to the privacy of data, network defenders should apprise themselves of Conti's modes of operation.
Germany's BfV warns consumers of privacy risks involved in sharing data with Chinese companies.
The AP says that yesterday's annual report of Germany's BfV, the domestic security agency, warned that consumers providing information to Chinese companies may also be providing it to the Chinese government. Thomas Haldenwang, the agency’s director, told reporters that “Any customer here in Germany who uses such a system shouldn’t be surprised if this data is abused in Beijing. We can only warn against this.” By “such a system” Herr Haldenwang meant not only the obvious, big Chinese companies whose business necessarily gives them a large appetite for information, that is, companies like Tencent and Alibaba, but even smaller, easily overlooked outfits like bike sharing apps. The grounds for the BfV’s suspicions are the legal obligations Chinese companies have to provide data to the Chinese government.
Opting out of sharing with data brokers may be harder than one thinks.
Data brokers continue to collect information for the benefit of advertisers, and TechCrunch concludes that existing laws seeking to inhibit them are unlikely to do so, at least as those laws and their attendant regulations now stand. Duo Security ran its own test of the California Consumer Privacy Act and decided that even finding out what data were collected is just about prohibitively difficult. Preventing their sharing with third parties seems even harder.