Another Data breach, another day. Twitter has announced it “inadvertently” used Safety & Security contact details such as phone numbers & email addresses only supplied to allow 2 factor authentication or password resetting for advertising purposes. They are sorry for the mistake of course. They say they didn’t pass the details onto the advertisers.
Their announcement of the issue:
https://help.twitter.com/en/information-and-ads
A BBC article on the breach:
In other words they want those particular speeches covered in detail by the press. You don’t ‘ban’ media from a semi-public event without expecting that every word you say will be printed in tomorrow’s papers (and using all the modern, online methods of sharing/live-streaming etc.).
A worrying breach not yet seen here but it may be present as it hides so well is being called " Reductor" by Kaspersky. It is they say the successor to COMpfun. It is downloaded by it’s infection of popular legitimate software eg WinRAR (so far from Warez sites but who knows where it might end up “Interestingly, the configuration data of some samples contained very popular legitimate websites. We really don’t think they were compromised to serve as control servers.”) or by using COMpfun’s ability to download files to already infected machines. It then adds digital certificates to a host and uses Firefox and Chrome to listen in on TLS connections and can download and upload files from an infected host. Currently the infection seems to target Russia and Belarus but if others adopt it expect it to spread.
This particular security problem raises two major issues:
A large proportion of secure websites that allow download of files also now publish the ‘hash’ of those files on the web page. You can check that the hash of the file you downloaded is the same as that published on the website - if not, do not execute the file!
I have been searching for years for a decent certificate manager that allows me to identify the certificates that I use and distrust the rest. If anyone knows of something that does this, I would love to hear about it.
The entire Internet ‘trust’ industry needs a thorough review and cull.
All your data are belong to us because - paedophiles.
Because our government is only concerned about the data of paedophiles and terrorists. I also just read that the moon is made of green cheese! Imagine!!!
Australia is leading a race to become the next police state, and this government’s laws - along with its persecution of journalists - is helping us get there faster than any of our international ‘friends’.
I may be missing something but if your computer is pwned then adding digital certificates is a complex way of listening in on your TLS connections. If the bad guy controls the endpoint (the client endpoint - your computer) then he can listen in on or even alter the TLS connection content without going anywhere near a certificate.
However the article explains some of the innovation and subtlety involved in this exploit.
Are we blaming the US here? 
As you say though, there are two ways in which it is fine to download software insecurely.
OR
The process adds what the system sees as legit Certs, thus anything running using these Certs can run almost undetected by any AV/Antimalware program you have installed or run to try and remove infections. How many of us can tell we have unwanted Certs on our machines? This can allow them to see such things as your Financial services logins, other logins and passwords, to remove or disable malware prevention or add or remove or upload files they want to see. That they don’t want to be seen/found by a user or have the user suspect they may be pwned is the issue here.
That’s strange. I thought that it was made of yellow cheese.
An article regarding a breach that the Government did to themselves.
“Ah McCain. You’ve done it again”.
That probably fails to meet the definition of “data breach” for several reasons (e.g. no PII), but mildly amusing nevertheless.
Don’t ignore the possibility that it was “accidentally on purpose”. Their “talking points” are very likely getting to a lot more ears and eyes than if it were just some government talking head droning on, parroting the party line.
Some interesting (if extremely detailed) research has been done by several Australian universities and the CSIRO on how Internet ‘malicious activity’ has changed in the period 2007 to 2017.
If you’re nerdy enough, you can even download and interrogate the raw data they used.
and have the time.
What’s the summary of how malicious activity has changed?
Sorry, I don’t have the time 
.
Okay, a few take-outs.
Phishing sources tend to hang around for a while before being blacklisted.
The following table indicates that malware is by far the most reported bad activity.
Most activities are sourced to a few countries and autonomous systems (hosts/data centres/software providers). Akamai and Amazon are sources of some malicious activities, but as a proportion of their total services these are small. Next table:
The next table shows a reduction early in the reviewed period of Potentially Unwanted Programs (PUPs) as a proportion of all malicious activity. This may be because users are more careful about what they install, and may be because certain large companies got into big trouble for their PUPs (I seem to recall Yahoo getting in trouble for this).
The table shows an increase in phishing activity, presumably as monetisation (through Bitcoin etc.) became easier.
I thought our first national cyber crisis was the NBN, followed more recently by some crazy laws passed by our Parliament just before Christmas 2018.
Yes, crises do often spring from idiocy.
And I forgot to mention the ABS and our census. Apart from the immediate fails, and the retention of personally identifiable information, I read an article that may have been linked from these fora a few days ago saying census data was inadequately de-identified. Just in case it wasn’t from here, though:
Another one for the list.
