Security News Update for the Week Ending March 3, 2023
Hackers Claim They Breached T-Mobile More Than 100 Times in 2022
Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device. This doesn’t sound like a company that cares much about securing your data or your devices. Credit: Brian Krebs
Google Accused of Destroying Evidence After Promising to Stop
The DoJ claims that Google continued to destroy evidence after saying that it had stopped. If the judge believes them, he could sanction Google and issue instructions to a jury to assume that Google destroyed evidence because they knew they were guilty. There are two issues here. Google obviously knew what they were doing and used Google Hangouts to communicate, knowing that it deleted chats after 24 hours by default. They also TOLD employees to discuss their illegal activities “off the record”. Probably smart advice, but don’t do that in writing-that part is not so smart. A word to the wise, if you are ever looking at the possibility of a lawsuit, preserving evidence today is much harder than it used to be and includes personally owned devices. Need help – contact us. Credit: Computing
Ford Seeks Patent on Tech to Disable Your Car if you Miss a Payment
The concept is not new, so I am not sure if the patent will be granted, but this is, on a larger scale, what vendors want to do – to control the tech that you think that you own. John Deere has been at the forefront of this, but now Ford is applying for patents on it. Ultimately, they want to control the cars that they sell to you so that you can only use it in a way that they want you to. This is really just the start. With a high speed Internet connection to your device, they can look, touch, take your data, control – whatever they want. Credit: Motherboard by Vice
Russia Bans Telegram and Other Chat Apps
Russia’s Internet regulator, Roskomnadzor, has added a bunch of western social media sites including Snapchat, WhatsApp, Discord, Skype and Teams. Interestingly, they also banned China’s WeChat and Russia’s Telegram. They banned two European apps, Viber and Threema, in addition. The common thread is that they all support encrypted messaging. Trying to keep their people in the dark. Given technology, that is not likely work, but that won’t stop them from trying. Credit Hackread
Wiper Malware Goes Global, So Does its Destruction
Wiper malware does exactly what it sounds like and trend data says that it is exploding. Initially, it increased with the start of the Russia-Ukraine war, but later in the year, it expanded to other countries. Between Q3 and Q4 alone, the activity increased by 53%. While this started as a nation-state activity, the cyber crooks picked up on the concept and ran with it. Fortinet says that attackers are using more sophisticated attack techniques like wipers and that means that organizations need to up their game. Credit: Helpnet Security