Following news that Switzerland’s federal prosecutor has filed charges against Credit Suisse for allegedly facilitating money laundering “on a grand scale” by former Bulgarian clients, specialist financial crime lawyer commented below. Swiss investigators said the bank had processed more than SFr140m of transactions for the group, earned from smuggling tonnes of cocaine into Europe and other illegal activities.
ISBuzz Team
Following news that People’s Energy has suffered a data breach affecting all 270,000 customers, Information security experts provide an insight below.
Threat actors behind an ongoing worldwide mobile banking fraud campaign were able to steal millions from multiple US and EU banks, needing just a few days for each attack. To do that, the attackers used huge emulator farms that helped them access thousands of hacked accounts (compromised after phishing or malware attacks) using spoofed mobile devices. While emulators are not malicious tools, the group behind this campaign used them for malicious purposes emulating compromised devices or setting up what looked like new devices picked up by the compromised accounts’ owners.
Vulnerabilities in standalone 5G networks could allow attackers to steal credentials and falsify subscriber authentication Attackers can exploit vulnerabilities in new 5G networks to steal subscriber data and impersonate users London, 16.12.2020: Positive Technologies has published its “5G standalone core security assessment”. The report discusses vulnerabilities and threats for subscribers and mobile network operators, which stem from the use of new standalone 5G network cores. The vulnerabilities in protocols HTTP/2 and PFCP, used by standalone 5G networks, include the theft of subscriber profile data, impersonation attacks and faking subscriber authentication. Mobile operators are currently running non-standalone 5G networks, which are…
The Digital Services Act and Digital Markets Act were offered by the EU this week to “encompass a single set of new rules applicable across the whole EU. They will create a safer and more open digital space, with European values at its center… The European Commission proposed two legislative initiatives: the Digital Services Act (DSA) and the Digital Markets Act (DMA). The DSA and DMA have two main goals: to create a safer digital space in which the fundamental rights of all users of digital services are protectedto establish a level playing field to foster innovation, growth, and competitiveness, both in the European Single Market…
It has been reported that Singapore has added face verification as a two-factor authentication (2FA) option to log into SingPass, an account residents use to access e-government services. They also can choose to send their SMS one-time password (OTP) to another SingPass user’s mobile number, which is offered to help less digitally savvy users navigate the platform with external assistance. The two additional 2FA options were introduced as part of the government’s efforts to support a digitally inclusive society, said Government Technology Agency of Singapore (GovTech) in a statement Wednesday. The full story can be found here: https://www.zdnet.com/article/singapore-adds-face-verification-multi-user-sms-to-singpass-2fa/
Researchers have identified malware hidden in at least 28 third party Google Chrome and Microsoft Edge extensions with over 3 million installs and associated with Instagram, Facebook, Vimeo and other popular platforms. The malware redirects user’s traffic to ads or phishing sites to steal consumers personal data, such as birth dates, email addresses, and active devices.
Twitter has been fined 450,000 euros in Ireland for failure to notify authorities of a data breach within 72hrs – blaming the holiday season for its delay.
Today the US-CERT Vulnerability Database recorded 17,447 vulnerabilities, which is a new high and makes 2020 the fourth year in a row that a record number of vulnerabilities has been published. There were 17,306 vulnerabilities recorded in 2019.
The Guardian broke the news earlier today that China appears to have used mobile phone networks in the Caribbean to surveil US mobile phone subscribers as part of its espionage campaign against Americans, according to a mobile network security expert who has analysed sensitive signals data.