Germany is taking the first steps towards becoming cyber self-sufficient and shifting away from relying on the United States and other countries for cyber goods and research. Germany is seeking to become a player in cyberspace that can stand on its own through pursuing cyber weapons and tactics; this move has not been greeted with unilateral acceptance however as some feel that Germany should focus on hardening its systems and defending itself instead of developing its offensive or proactive resources. There are objections that Germany is too far behind or too small to reach the same level that China, Russia, and North Korea stand on; the objections hold that trying to catch up to and surpass them is a resource-intensive effort that Germany cannot pursue with the dedication necessary. The move away from the United States is in part driven by Edward Snowden’s leaks that revealed just how far the United State’s cyber apparatus had moved into its allies networks.
Source: Germany, seeking independence from U.S., pushes cyber security research
Cryptocurrencies have seen better days as their prices continue to fluctuate daily and generally trend downwards, however, this hasn’t stopped crypto mining malware from being popular. Monero, a crypt currency renowned for its untraceability, continues to be the cryptocurrency of choice for malicious actors. A group (or “threat actor”) known as “Rocke” has been using malware attacks from Git repositories to infect devices with malware that mines Monero; this illicit cryptocurrency is transferred to a wallet and due to the way Monero’s blockchain structure it cannot be followed. Rocke uses traditional methods to get into devices such as taking advantage of exploits, known vulnerabilities, or unpatched operating systems. Rocke also infects devices with a straightforward approach: they sell their crypto mining software for $14 under a legitimate sounding name as a program that mines cryptocurrency for the user when their device is idle. Buying the software infects your computer and Rocke is moving to leverage the growing network of infected devices. Social engineering attacks (spear phishing) may be used to add new devices to their collection along with going after devices on the same network. Always check that emails you receive are from trusted sources and if you’re unsure if an email can be trusted then contact the sender.
Source: Rocke threat actor on Monero cryptominer infection campaign
Cybersecurity researchers from Nightwatch Cybersecurity have detected a vulnerability for Android devices where users data is exposed over WiFi. The MAC addresses associated with devices are static and they can be tracked to identify and track specific devices against databases; this allows for targeted and tailored attacks against not just the user but their device as well. Malicious applications on a device can see the data sent by and to other applications, and while this vulnerability was patched in the most recent version of Android, it remains unpatched on older models.
Source: Android vulnerability exposes users data via WiFi
