Security News for the Week Ending February 28, 2020
Russia Behind Cyberattacks on Country of Georgia Last Year
The State Department and the UK say that Russia was behind the attack on over ten thousand websites in the Country of Georgia last year.
They also formally attributed Sandworm (AKA Voodoo Bear, Telebots and BlackEnergy) to Russia’s GRU Unit 74455. Sandworm is the group responsible for the attacks against Ukraine’s power grid in 2015 and 2016 as well as NotPetya and other attacks. Not a nice bunch, but highly skilled. Andy Greenberg’s book, Sandworm, tells a scary story about these guys.
This is an interesting announcement from the State Department given the general position of the White House regarding Russian hacking. Here is the State Department’s press release.
Google to Restrict Android App Access to Location Tracking
Google is changing the Google Play Store policy for apps accessing your location when they are running in the background in response to user concerns.
The “user” is likely the folks running GDPR and the concern is the potential fine of 4% of Google’s revenue (AKA $6.4 billion).
They are reviewing all apps in the Play Store to see if the really need background access to your location or whether the user experience is just fine without them collecting and selling your location.
New apps will have to comply with this new policy by August 3 and existing apps will have until November 3 to comply.
In Android 11 you will be able to give an app ONE TIME permission to access your location data. When the app moves to the background, it will lose permission and will have to re-request it if it wants your location again.
This is actually pretty cool, but GDPR went into effect almost two years ago and they are just doing this now? Could it have something to do with a EU investigation of their use of location data? Probably just a coincidence. Source: PC Magazine
Accused CIA Vault 7 Leaker Goes To Trial
Accused CIA Vault 7 leaker Joshua Schulte’s trial for leaking top secret documents to Wikileaks started earlier this month. Schulte is accused of leaking top secret programs that the CIA used to hack opponents, causing serious embarrassment for their horrible security, allowing those tools to get into the hands of hackers and allowing our enemies to know how we hack them. It also cost the CIA a ton of money because they had to create a whole bunch of new programs that exploited different bugs that that had not disclosed to vendors to fix. Apparently Joshua is a bit of a challenge to work with and manage. Not only was he “a pain in the ass” but he also was into kiddie porn. He will be tried on those charges separately. Schulte’s lawyers say the government failed to turn over evidence that there might have been another leaker and wants the court to declare a mistrial. WOW! Read the details here.
Microsoft Trying to Do Away With Windows “Local” Accounts
For those of you who have been long time Windows users, you know that you had a userid to log on to the computer and then, possibly, if you want, another userid and password to logon to cloud services.
Like Google, Microsoft wants as much information about you as it can possibly collect. They also want you to use all of Microsoft’s online services, all of which are tied to your Microsoft login and not your local Windows login.
Microsoft’s answer? Make it very difficult for a user to logon to his or her computer with a local login. In fact, as of the most recent update to Windows 10, the only way to create a local, non-Microsoft, login is to disconnect your computer from the Internet when you first install it.
After all, they know that you DO want them to snoop on everything that you do. Source: Bleeping Computer