Apple and Google team up to create COVID-19 contact-tracing apps
In an effort to help governments and health agencies reduce the spread of the coronavirus, Google and Apple have announced an uncommon joint project to create a Bluetooth-based contact-tracing apps that can work across both iOS and Android phones. With the tool, victims of the coronavirus would notify a public health app that they have it, which would then alert phones that had recently come into proximity with that person’s device. The companies would need to get public-health authorities to agree to link their app to the tool. There are already similar tools in use in countries such as South Korea, Germany and Singapore but the tech giants have obliged to collaborate with them to make them more reliable.
But the tool also raises privacy concerns mainly because of the business model of the companies involved. However, Google and Apple say People would opt in to use the tool and voluntarily report if they became infected; and the system won’t involve tracking user locations or even collecting any identifying data that would be stored on a server. They hope to release the tool within some months globally.
Ransomware now leaking stolen data
Ransomware is now increasingly involving both encryption and exfiltration. Previously, ransomware did not steal or leak data. It would rather encrypt the data on your computer, and demand a ransom for the encryption key.
Recently, Internal confidential documents belonging to some of the largest aerospace companies in the world have been stolen and leaked online. The criminals leaked documents and data belonging to Visser Precision, Lockheed Martin, Boeing, SpaceX, the US Navy, and others. The leaked data was dumped on the internet by the criminals behind the DoppedPaymer ransomeware in retaliation for an unpaid extortion demand, and to scare others infected with the ransomeware into complying with the group’s demands.
Zoom Passwords for Sale on the Dark Web
Security researchers have discovered more than 500,000 Zoom accounts and passwords for sale on the Dark Web and hacker forums, according to a report from Bleeping Computer. It contains a variety of accounts from major corporations and includes e-mail address, password, personal meeting link, and the host key users can employ to host a meeting on the service.
According to Bleeping Computer report, “these credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches. The successful logins are then compiled into lists that are sold to other hackers”. With these attacks utilizing accounts leaked in past data breaches and then being sold online, using a unique password at every site will prevent a data breach from one site affecting you at another site. Users are therefore advised to use unique passwords for each site they register on.
Enugu State Governor’s Mobile Phone Hacked
The Enugu State Government in Nigeria said on during the week under review that the mobile phone (MTN line) of Governor Ifeanyi Ugwuanyi was hacked, and has been used to call members of the public as well as Government officials. This was made public by the Commissioner of Information, Chidi Aroh. The Security Agencies and the Telecom Service Providers were notified and culprits shall be apprehended. The Government however apologized for the embarrassment/inconvenience that the fraudsters may have caused to the unsuspecting public.