PM signals he is preparing to shut Chinese firm out after lobbying from Donald Trump
Boris Johnson has cast doubt on whether the UK will allow Huawei to invest in its 5G network, suggesting it might prejudice the Five Eyes intelligence relationship, after Donald Trump applied pressure for other countries to adopt the US ban.
In his strongest signal so far that he is preparing to shut Huawei out of the network, Johnson said that security concerns were paramount in the decision about the Chinese company.
Asked about his decision, Johnson said: I dont want this country to be hostile to investment from overseas. On the other hand, we cannot prejudice our vital national security interests nor can we prejudice our ability to cooperate with other Five Eyes security partners. That will be the key criterion that informs our decision about Huawei.
Johnson made the comments at the Nato leaders meeting in Watford where he deliberately avoided mentioning Trumps name despite eight questions about the US president, amid fears among his advisers about their close relationship going down badly with voters.
However, the substance of his statement appeared to contain an acknowledgment that Trumps lobbying over Huawei was paying off. The US has been pressing the UK to block the Chinese company from accessing UK telecoms equipment, fearing it could then be used to spy on the west.
And Johnson gave his most explicit acknowledgment so far that involving Huawei in the network could compromise cooperation with Five Eyes, the intelligence-sharing alliance between the UK, US, Canada, New Zealand and Australia.
Huawei has always denied the allegations against it, saying it abides by the laws of each country in which its equipment is present.
Trump pressed the prime minister on the issue again on Tuesday night during a meeting in Downing Street, with a White House spokesman saying the leaders discussed the importance of both nations working together to ensure the security of our telecommunication networks and guard against untrusted providers.
At the Nato meeting, Trump then stressed that Huawei was a security risk, a security danger and claimed no other country he had spoken to would be going ahead with it.
I spoke to Italy, they look like they are not going to go forward with that. We spoke to other countries and they are not going to go forward, he said.
Everybody I have spoken to is not going forward, but how many countries can I speak to? Am I going to call up and speak to the whole world? We are building it, we have started, but we are not using Huawei.
Jens Stoltenberg, the Nato secretary general, said leaders at the meeting had committed to ensuring the security of their telecommunications infrastructure, including 5G, and would use only secure and resilient systems.
Following Johnsons intervention, a Huawei spokesperson said: Were confident the UK government will continue to take an objective, evidence-based approach to cyber security. Our customers trust us because we supply the kind of secure, resilient systems called for by the Nato Declaration and will continue working with them to build innovative new networks.
Johnson was due to have made an announcement on the issue in the autumn, after Theresa May deferred the decision to her successor. It had been reported that the UK government was on the brink of giving Huawei access to non-contentious areas of the 5G network, a decision that would have infuriated the White House. Several Sunday newspapers said in October that the national security council was about to sign-off on a decision to allow Huawei to supply non-core technology.
But no verdict on Huawei emerged before the election was announced, continuing the UKs long procrastination since the national security council said in April it would be acceptable to let Huawei build limited parts of the network.
Johnson was pressed again on the timing of the Huawei decision later in the press conference, insisting the delay had nothing to do with the election.
Were going to make a decision and were going to make it based on, as I say, on the paramount importance of protecting our critical national infrastructure and also protecting our Five Eyes relationships – and I dont think its anything to do with the timing of the election, he said.
During the 20-minute question-and-answer session with journalists, Johnson also suggested he was against bringing back British extremists who have been fighting with Islamic State to stand trial in the UK.
As you know, one of the difficulties we have in taking these people back is that our legal systems make it very difficult for us to secure convictions, he said.
And I go back to what I said earlier, people go out to break the law, to sort of fight in terrorist organisations, then they really have to take the consequences.
The Sneaky Simple Malware That Hits Millions of Macs
The popular misconception that Macs don’t get viruses has become a lot less popular in recent years, as Apple devices have weathered their fair share of bugs. But it’s still surprising that the most prolific malware on macOS—by one count, affecting one in 10 devices—is so relatively crude.
This week, antivirus company Kaspersky detailed the 10 most common threats its macOS users encountered in 2019. At the top of the list: the Shlayer Trojan, which hit 10 percent of all of the Macs Kaspersky monitors, and accounted for nearly a third of detections overall. It’s led the pack since it first arrived in February 2018.
You’d think that such prevalence could only be achieved by comparable sophistication. Not so! “From a technical viewpoint Shlayer is a rather ordinary piece of malware,” Kaspersky wrote in its analysis. In fact, it relies on some of the oldest tricks in the books: convincing people to click on a bad link, then pushing a fake Adobe Flash update. Even the trojan’s payload turns out to be ho-hum: garden variety adware.
Shlayer’s brilliance, it turns out, lies less in its code than its method of distribution. The operators behind the trojan reportedly offer website owners, YouTubers, and Wikipedia editors a cut if they push visitors toward a malicious download. A complicit domain might prompt a phony Flash download, while a shortened or masked link in a YouTube video’s description or Wikipedia footnote might initiate the same. Kaspersky says it counted more than 1,000 partner sites distributing Shlayer. One individual, Kaspersky says, currently owns 700 domains that redirect to Shlayer download landing pages.
“Distribution is a vital part of any malware campaign, and Shlayer shows that affiliate networks are pretty effective in this sense,” says Vladimir Kuskov, head of advanced threat research and software classification at Kaspersky.
While Shlayer is simple, the adware it installs—a wide variety, since Shlayer itself is just a delivery mechanism—can deploy at least a modestly clever trick or two. In an instance of Cimpli adware that Kaspersky observed, the malware first poses as another program, in this case Any Search. In the background, Cimpli attempts to install a malicious Safari extension, and generates a fake “Installation Complete” notification window to cover up the macOS security notification that warns you against doing so. It tricks you, in other words, into granting permission to let it run amok on your device.
Once you do, the attacker can both intercept your search queries and seed the results with their own ads. It’s an annoyance, more than anything. But given that over 100 million people use macOS, and it hits at least 10 percent of those with Kaspersky installed, it’s reasonable to assume that millions of Mac users deal with it every year. Even if only a small percentage of those attempts prove successful, it’s apparently enough to keep the operation going.
“Apple does a great job making their OS more and more secure with every new release,” says Kuskov. “But it is hard to prevent such attacks on the OS level, since it's the user who clicks on a link and downloads Shlayer and runs it, like any other software.”
While Flash might seem like an outdated lure, given the numerous public warnings about its fallibility and the fact that it’s dying off completely this year anyway, it’s actually perversely effective.
“I think the reason why fake Flash Players are so successful, in spite of these facts, is twofold,” says Joshua Long, chief security analyst at Intego, which first discovered Shlayer nearly two years ago. “Force of habit, and lack of awareness of the current state of Flash.”
To the first point, people have been so accustomed to serious Flash vulnerabilities that they’re conditioned to update ASAP to avoid calamity. As for the second, Long says, “the average consumer has no idea that Flash is rarely used by modern sites, that Flash installers are no longer necessary, or that Flash is being terminated this year.”
None of which means Mac owners are especially susceptible. “The techniques used to deceive users to install Shlayer also work fine with users of any other platform and OS,” Kaspersky’s Kuskov says.
The best ways to protect yourself from Shlayer and other malware are similarly universal. Don’t click suspicious links, especially not surprise pop-up windows. Don’t install Flash in the year of our lord 2020, especially not from a site that’s promising a pirated livestream.
Interpol Arrests 3 Indonesian Credit Card Hackers for Magecart Attacks
The Indonesian National Police in a joint press conference with Interpol earlier today announced the arrest of three Magecart-style Indonesian hackers who had compromised hundreds of international e-commerce websites and stolen payment card details of their online shoppers.
Dubbed ‘Operation Night Fury,’ the investigation was led by Interpol’s ASEAN Cyber Capability Desk, a joint initiative by law enforcement agencies of Southeast Asian countries to combat cybercrime.
According to the press conference, all three accused (23, 26, and 35 years old) were arrested last year in December from Jakarta and Yogyakarta and charged with criminal laws related to the data theft, fraud, and unauthorized access.
Just like most of the other widespread Magecart attacks, the modus operandi behind this series of attacks also involved exploiting unpatched vulnerabilities in e-commerce websites powered by Magento and WordPress content management platforms.
Hackers then secretly implanted digital credit card skimming code—also known as web skimming or JS sniffers—on those compromised websites to intercept users’ inputs in real-time and steal their payment card numbers, names, addresses and login details as well.
Though Indonesian police claim these hackers had compromised 12 e-commerce websites, experts at cybersecurity firm Sanguine Security believe the same group is behind the credit card theft at more than 571 online stores.
“These hacks could be attributed because of an odd message that was left in all of the skimming code,” Sanguine Security said.
“‘Success gan’ translates to ‘Success bro’ in Indonesian and has been present for years on all of their skimming infrastructures.’
The police revealed that the suspects used stolen credit cards to buy electronic goods and other luxury items, and then also attempted to resell some of them at a relatively low price through local e-commerce websites in Indonesia.
On an Indonesian news channel, one of the accused even admitted to hacking e-commerce websites and injecting web skimmers since 2017.
Moreover, experts also observed similar cyberattacks linked to the same online infrastructure even after the arrest of three people, and thus believes that there are more members of this hacking group who are still at large.
Critical vulnerabilities found in GE medical gear
The DHS Cybersecurity and Infrastructure Security Agency has issued a warning of six critical-rated vulnerabilities in several GE medical monitoring devices.
Advisory ICSMA-20-023-01 covers the GE CARESCAPE Telemetry Server, ApexPro Telemetry Server, CARESCAPE Central Station (CSCS) and Clinical Information Center (CIC) systems, CARESCAPE B450, B650, B850 monitors. The vulnerabilities include unprotected storage of credentials, improper input validation, use of hard-coded credentials, missing authentication for critical function, unrestricted upload of file with dangerous type and inadequate encryption strength.
As of now GE said it was not aware of any reported incidences of a cyberattack in a clinical use or any reported injuries associated with any of these vulnerabilities.
- CVE-2020-6961, critical, a
vulnerability that exists in the affected products that could allow an attacker
to obtain access to the SSH private key in configuration files.;
- CVE-2020-6962, critical, is an input
validation vulnerability in the web-based system configuration utility that
could allow an attacker to obtain arbitrary remote code execution;
- CVE-2020-6963, critical, where the
affected products utilize hard-coded SMB credentials, which may allow an
attacker to remotely execute arbitrary code if exploited;
- CVE-2020-6964, critical, where the
integrated service for keyboard switching of the affected devices could allow attackers
to obtain remote keyboard input access without authentication over the network;
- CVE-2020-6965, critical, is a a
vulnerability in the software update mechanism allows an authenticated attacker
to upload arbitrary files on the system through a crafted update package;
- CVE-2020-6966, critical, the affected
products utilize a weak encryption scheme for remote desktop control, which may
allow an attacker to obtain remote code execution of devices on the network.
GE is in the
process of developing and releasing patches for these issues. In the meantime,
the company recommends:
- The MC and IX Networks are isolated
and if connectivity is needed outside the MC and/or IX Networks, a router/firewall
- MC and IX Router/Firewall should be
set up to block all incoming traffic initiated from outside the network, with
exceptions for needed clinical data flows.
- Restricted physical access to central
stations, telemetry servers, and the MC and IX networks. Default passwords for
Webmin should be changed as recommended.
- Password management best practices
- The best way to stamp out
vulnerabilities is to find them as soon as possible by using a secure
development life cycle (SDLC). At every stage of product development,
vulnerabilities are identified and eradicated.
there are upcoming patches and temporary workarounds Jonathan Knudsen, senior
security strategist with Synopsys, noted such vulnerabilities should be
discovered during the development phase and not after they have been released.
design phase, this takes the form of using threat modeling and other techniques
to identify design vulnerabilities and the security controls that are necessary
to reduce the risk of the system,” he said.
Feds Are Content to Let Cars Drive, and Regulate, Themselves
Forget Bitcoin! Analysts think you should watch this ASX share in 2020
User Retention: The Holy Grail for DApps Moving Beyond Buzzword Status
14 Must-Read Blockchain Books for 2020, as Picked by Industry Pros | Built In
Blockchain Programmer Runs Full Bitcoin Node on a Tesla | CryptoGlobe
A Stronger Foundation for Bitcoin ETF Applications
The Sneaky Simple Malware That Hits Millions of Macs
Two Sigma Ventures raises $288M, complementing its $60B hedge fund parent
Crypto Tidbits: Elon Musk Talks Bitcoin, Ripple IPO Coming, Facebook’s Blockchain Loses Another Member
The 20 Trending VC Sessions at 2020 SaaStr Annual!!
Elon Musk on road to $50bn payout as Tesla’s value passes $100bn
Five Ways Blockchain Is Changing Media and Entertainment | CoinCodex
Daily funding roundup – January 22nd, 2020
NeurIPS competition tackles climate data challenges
Daily funding roundup – January 20th, 2020
Optimizing Quantum Error Correction Codes with Reinforcement Learning
4 Myths Selling SaaS Into Enterprise
Cannabis marketing company Fyllo acquires CannaRegs for $10M
Car Wash Complexities and AI Autonomous Cars
China Roundup: Tencents new US gaming studio and WeChats new paywall
Why Centralized Exchanges Are Decentralizing
Shyft raises $15M to simplify employee relocation
Raiz to Offer Bitcoin Fund to Australian Retail Investors in 2020
Six Major Central Banks to Collaborate on Digital Currency Research
Blockchain News3 days ago
Karuschain to Present First Operational Blockchain Use Case for The Precious Metals Supply Chain in Singapore
Blockchain News3 days ago
Crypto Custody Provider Ledger Extends Reach in Asia With New Institutional Client
Quantum3 days ago
Fish-eye lens may entangle pairs of atoms
Quantum3 days ago
Quantum physics student leaving MIT on a high note
Quantum3 days ago
Physicists discover new quantum electronic material
VC3 days ago
Tech:NYC at the NYSE
Quantum3 days ago
Decomposable coherence and quantum fluctuation relations
Quantum3 days ago
Honing quantum sensing