FFT news digest Oct 1 2021

Facebook

Facebook appeared before a congressional hearing for another grilling this week, following reports that revealed its own research showed it was aware of potentially harmful effects on teen mental health. The defence advanced by its Head of Safety was that we shouldn't take the research too seriously. “This is not bombshell research,” Antigone Davis repeated multiple times during the hearing. Senators were not convinced. “This research is a bombshell,” Senator Richard Blumenthal said. “It is powerful, gripping, riveting evidence that Facebook knows the harmful effects of its site on children, and that it has concealed those facts and findings.”

Facebook had spent the week before the hearing doing its best to defuse the impact of the reporting by The Wall Street Journal. "It is simply not accurate that this research demonstrates Instagram is 'toxic' for teen girls," it said. But, in fact, there are concerns about the research. Writing on UnHerd, a developmental psychiatrist questioned its value, describing the quality of the studies into mental health as "abysmal" and "lamentably shallow." Stuart Ritchie added that much of the reporting had failed to reflect that. As he says, there's no question about the need for better research, but it's a need that so far remains to be met.

Threats

COVID-19: The pandemic continues to provide fertile ground for scumbags. Latest examples include SMS messages with COVID-19 notifications that target Android users and try to persuade them to install malicious software that can collect call data and control the microphone and cameras.

NitroPDF: Highly capable malicious software that focuses on popular browsers has been updated. Its latest vehicle is a fake copy of Nitro Pro 13. Morphisec

Active Directory: Microsoft has published details of a sophisticated attack on Active Directory Federation Services which enable simplified ('single sign on') access to systems and applications. It's blamed on the Russian intelligence services. Advice on protection is here.

RDP: ESET warns of a sharp rise in efforts to break into Remote Desktop Protocol services by exploiting weak passwords.

Zix: An ongoing campaign uses a fake Zix-encrypted email to try to steal the target's login credentials. Armorblox says it shows that phishing emails are becoming increasingly credible - and difficult to spot.

Spyware: Kaspersky warns that the FinSpy surveillance tool has developed capabilities to target the most basic levels of computer operations - and hide itself from security experts. Victims are targeted with fake installers for applications like TeamViewer and VLC. Meanwhile, criminals are exploiting fears about spyware with promises of fake protection. Masquerading as a tool from Amnesty International, it promises protection against Pegasus spyware.

Android: More than 10 million Android devices have been infected with malicious apps downloaded from the official Play Store. Criminals are earning millions of dollars from the apps that bombard users with special offers and prize notifications. Zimperium

Ransomware

Ransomware continues to be a significant threat to organisations and individuals, with a warning this week about its impact on healthcare. A survey of healthcare organisations found that ransomware attacks had led to an increase in patient deaths, as well as longer hospital stays and delays in tests and procedures. Meanwhile, Microsoft warns that a tool commonly used to deliver ransomware is now spreading via malicious Google advertisements. And, in further proof of the lack of honour amongst thieves, Flashpoint says customers of the REvil ransomware-as-a-service outfit are complaining they're being scammed by the operator of the ransomware they've paid to use. More positively, the US National Insitute of Standards and Technology has published guidance on how to protect against attacks and what to do if the worst happens.

Global review

The US National Security Agency has warned about the scale of China's offensive cyber capabilities, describing their scope and scale as "off the charts." Rob Joyce, who leads the NSA's cybersecurity directorate, told the Aspen Cyber Summit that defence was important, but that it was also essential to disrupt Chinese operations. Other key adversaries include Russia, which Joyce said was focused on "disruption" and had put in place the means to attack critical US infrastructure. According to Joyce, Iran is concentrating on regional issues, while North Korea's cyber activities are mainly designed to earn (steal) foreign currency. The NSA's guidance on mitigating the threat of Chinese attacks applies more broadly. In essence, it amounts to; update, monitor, protect. 

Authorised fraud

Last week, we reported on the sharp rise in authorised push payment fraud in which a victim is tricked into transferring funds to a third party. This week brings a horror story from the UK in which an elderly man was persuaded to install an app on his phone and lost £30,000 as a result. The criminals pretended to be calling from British Telecom and told him there had been suspicious activity on his account. Police appealed to people speak to "elderly family members, friends, customers and neighbours to make sure everyone is aware of this scam and to hang up the phone, wait ten minutes which will clear the telephone line and then call 101.” As we never tire of saying, the more everyone is aware of these scams, the less effective they will be.

Amazon

You have to admire Amazon's chutzpah. Among the new products it unveiled this week is a device that it calls a robot, but which is basically a glorified camera on wheels. For just $999, Astro can learn the layout of a home, follow you around and, according to Amazon's (frankly extraordinary) video scare off marauding raccoons. Quite apart from privacy concerns, there are reports that the marketing may not match the device's capabilities. Motherboard talked to some of its developers. "Astro is terrible and will almost certainly throw itself down a flight of stairs if presented the opportunity," one said. "Simply inaccurate," Amazon responded, referring to "tens of thousands of hours of testing". For the moment, you'll need an invitation to buy Astro. Let's see how many journalists receive one.

In brief

Retrospective facial: London's Metropolitan Police is to expand its facial recognition capability with new tools that will process old images from sources such as CCTV feeds and social media. Wired

VPN advice: US security agencies have released some basic advice for making Virtual Private Network solutions more secure. Key is to choose reputable vendors, run only necessary features...and monitor them.

Risky: Americans are increasingly concerned about cybersecurity risks, but apparently not sufficiently to do much about it. Aura

Mac vs PCs: Forrester says the latest MacBook models can save organisations more than $800 over three years compared to the competitors. NB; Apple commissioned the research.

Apple shipments: Shipments of new model MacBooks will be cut in the first half of next year due to component shortages and a decline in working from home. MacRumors

India cut-off: The Indian state of Rajasthan cut off internet access to millions of citizens. Not to stop protests, but to prevent cheating in an exam. The Register

Brain: Samsung and Harvard University have proposed a mechanism to produce a memory chip based on the structure of the human brain. ZDNet

Updates

Zero-days: The number of previously-unknown vulnerabilities spotted this year is already double that of 2020, according to MIT Technology Review. That's not necessarily bad news because part of the reason for the increase is that we're getting better at finding them. What it does mean is that installing updates is more important than ever.

iOS 15: With horrible inevitability, Apple's latest iPhone operating system version is turning out to be...problematic. The iPhone 13 is particularly badly affected, with battery drain, camera bugs, failure to wake, unresponsive screens and problems with core apps, but users say they're also finding problems with older devices. As we said last week, this is not an essential update because Apple is continuing to release security fixes for previous iOS versions. MacRumors Forbes

iPhone 14: Apple watchers believe the next iPhone model will represent a "complete redesign" with (another) camera upgrade and a host of other changes. Forbes

iPhone 13: Apple really doesn't like unauthorised third-party repairs, and replacing the screen of the latest iPhone will stop FaceID working - unless it's an official repair. Phone Repair Guru via 9to5Mac

Chrome: Another week, yet another update for Google's browser. This time, it fixes two previously unknown ('zero-day') vulnerabilities. In case you've lost track, this one is 94.0.4606.71.

VMware: An exploit has been developed to take advantage of a vulnerability in vCenter Server. The US Cybersecurity & Infrastructure Security Agency has urged users to apply the recent update.

QNAP: Updates to address critical vulnerabilities in QVR video management solution.

Zimbra: 9.0.0 “Kepler” Patch 19 and 8.8.15 “James Prescott Joule” Patch 26 are available.

1Password: The password manager has been a leader in creating new features and its latest allows users to generate secure email aliases. This makes it possible to hide your real address from services when you sign up.

Subscribe to receive the digest by email

Full Frame Technology

What we do 
Who we are 
Need to know
Privacy Notice
Website terms

Address

152-160 City Road
London, EC1V 2NX

Contacts
Email: info@fullframetech.com
Phone: +44 (0) 20 3290 2205
Support: +44 (0) 20 3290 2207

Company registration no. 10243217

© Copyright 2021 Full Frame Technology - All Rights Reserved