This week in InfoSec (11:52)

With content liberated from the “today in infosec” twitter account and further afield

31st January 1995: AT&T and VLSI Protect Against Eavesdropping

AT&T Bell Laboratories and VLSI Technology announce plans to develop strategies for protecting communications devices from eavesdroppers. The goal would be to prevent problems such as insecure cellular phone lines and Internet transmissions by including security chips in devices.

30th January 1982: First Computer Virus Written

Richard Skrenta writes the first PC virus code, which is 400 lines long and disguised as an Apple II boot program called “Elk Cloner“.

Rant of the Week  (18:22)

Anker finally comes clean about its Eufy security cameras

First, Anker told us it was impossible. Then, it covered its tracks. It repeatedly deflected while utterly ignoring our emails. So shortly before Christmas, we gave the company an ultimatum: if Anker wouldn’t answer why its supposedly always-encrypted Eufy cameras were producing unencrypted streams — among other questions — we would publish a story about the company’s lack of answers.

It worked.

In a series of emails to The Verge, Anker has finally admitted its Eufy security cameras are not natively end-to-end encrypted — they can and did produce unencrypted video streams for Eufy’s web portal, like the ones we accessed from across the United States using an ordinary media player.

But Anker says that’s now largely fixed. Every video stream request originating from Eufy’s web portal will now be end-to-end encrypted — like they are with Eufy’s app — and the company says it’s updating every single Eufy camera to use WebRTC, which is encrypted by default. Reading between the lines, though, it seems that these cameras could still produce unencrypted footage upon request.

That’s not all Anker is disclosing today. The company has apologized for the lack of communication and promised to do better, confirming it’s bringing in outside security and penetration testing companies to audit Eufy’s practices, is in talks with a “leading and well-known security expert” to produce an independent report, is promising to create an official bug bounty program, and will launch a microsite in February to explain how its security works in more detail.

Those independent audits and reports may be critical for Eufy to regain trust because of how the company has handled the findings of security researchers and journalists. It’s a little hard to take the company at its word!

Billy Big Balls of the Week (31:34)

FBI says it ‘hacked the hackers’ of a ransomware service, saving victims $130 million

The Department of Justice announced this week that FBI agents successfully disrupted Hive, a notorious ransomware group, and prevented $130 million worth of ransom campaigns that targets no longer need to consider paying. While claiming the Hive group has been responsible for targeting over 1,500 victims in over 80 countries worldwide, the department now reveals it had infiltrated the group’s network for months before working with German and Netherlands officials to shut down Hive servers and websites this week.

“Simply put, using lawful means, we hacked the hackers,” Deputy Attorney General Lisa Monaco remarked during a press conference.

The FBI claims that by covertly hacking into Hive servers, it was able to quietly snatch up over 300 decryption keys and pass them back to victims whose data was locked up by the group. US Attorney General Merrick Garland said in his statement that in the last few months, the FBI used those decryption keys to unlock a Texas school district facing a $5 million ransom, a Louisiana hospital that had been asked for $3 million, and an unnamed food services company that faced a $10 million ransom.

Industry News (37:32)

Thriving Dark Web Trade in Fake Security Certifications

Almost all Organizations are Working with Recently Breached Vendors

Google Fi Confirms Data Breach, Hints At Link to T-Mobile Hack

City of London on High Alert After Ransomware Attack

Researchers Warn of Crypto Scam Apps on Apple App Store

Lazarus Group Attack Identified After Operational Security Fail

Women in CyberSecurity Calls for Participants for New Measuring Inclusion Workshops

Arnold Clark Confirms Customer Data Compromised in Breach

Threat Actors Use ClickFunnels to Bypass Security Services

Tweet of the Week (45:41) 

https://twitter.com/StateOfLinkedIn/status/1621258534062006276

Come on! Like and bloody well subscribe!