FUJIFILM shuts down network after suspected ransomware attack

FujiFilm is investigating a ransomware attack and has shut down portions of its network to prevent the attack's spread.

FujiFilm, also known as just Fuji, is a Japanese multinational conglomerate headquartered in Tokyo, Japan, which initially started in optical film and cameras. It has grown to include pharmaceuticals, storage devices, photocopiers and printers (XEROX), and digital cameras.

FUJIFILM earned $20.1 billion in 2020 and has 37,151 employees worldwide.

Today, FUJIFILM announced that their Tokyo headquarters suffered a cyberattack Tuesday night that they indicate is a ransomware attack.

"FUJIFILM Corporation is currently carrying out an investigation into possible unauthorized access to its server from outside of the company. As part of this investigation, the network is partially shut down and disconnected from external correspondence," FUJIFILM said in a statement.

"We want to state what we understand as of now and the measures that the company has taken. In the late evening of June 1, 2021, we became aware of the possibility of a ransomware attack. As a result, we have taken measures to suspend all affected systems in coordination with our various global entities."

"We are currently working to determine the extent and the scale of the issue. We sincerely apologize to our customers and business partners for the inconvenience this has caused."

Due to the partial network outage, FUJIFILM USA has added an alert to the top of their website stating that they are experiencing network problems that are impacting their email and phone systems.

https://www.bleepingcomputer.com/news/security/fujifilm-shuts-down-network-after-suspected-ransomware-attack/

#fujifilm #ransomware #attack
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

NortonLifeLock Unveils Norton Crypto

New Feature Enables a Safe and Easy Way to Mine Cryptocurrency

TEMPE, Ariz.--(BUSINESS WIRE)-- NortonLifeLock (NASDAQ: NLOK), a global leader in consumer Cyber Safety, today announced the launch of Norton™ Crypto, a new feature designed to enable consumers to safely and easily mine cryptocurrency through its trusted Norton™ 360 platform. Starting tomorrow, select Norton 360 customers in Norton’s early adopter program will be invited to mine for Ethereum.

“As the crypto economy continues to become a more important part of our customers’ lives, we want to empower them to mine cryptocurrency with Norton, a brand they trust,” said Vincent Pilette, CEO of NortonLifeLock. “Norton Crypto is yet another innovative example of how we are expanding our Cyber Safety platform to protect our customers’ ever-evolving digital lives.”

For years, many coinminers have had to take risks in their quest for cryptocurrency, disabling their security in order to run coinmining and allowing unvetted code on their machines that could be skimming from their earnings or even planting ransomware. Earnings are commonly stored directly on miners’ hard drives, where their digital wallet could be lost should it fail.

Norton Crypto delivers a secure, reliable way for consumers to mine for Ethereum without opening themselves and their devices up to these pitfalls. Once cryptocurrency has been earned, customers can track and transfer earnings into their Norton Crypto Wallet, which is stored in the cloud so it cannot be lost due to hard drive failure.

“We are proud to be the first consumer Cyber Safety company to offer coinminers the ability to safely and easily turn the idle time on their PCs into an opportunity to earn digital currency,” said Gagan Singh, chief product officer at NortonLifeLock. “With Norton Crypto, our customers can mine for cryptocurrency with just a few clicks, avoiding many barriers to entry in the cryptocurrency ecosystem.”

https://investor.nortonlifelock.com/About/Investors/press-releases/press-release-details/2021/NortonLifeLock-Unveils-Norton-Crypto/default.aspx

#norton #crypto #mining
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

German IT company that serves banks experiences DDoS hack attack

A German company that operates technology for the nation's cooperative banks said on Friday that it was experiencing continued distributed denial-of-service (DDoS) attacks throughout the night.

In such attacks, hackers attempt to flood a network with unusually high volumes of data traffic in order to paralyse it.

The company, Fiducia & GAD IT AG, said the attacks began on Thursday morning, shutting down or hindering the websites of some cooperative banks in parts of the country.

The issue stabilized by the afternoon, but picked up again in the evening with "further major attacks into the night".

"Fiducia & GAD's crisis team continues to monitor the systems closely in order to be able to react quickly to any new attacks," the company said in a statement.

The company noted that such attacks weren't uncommon in the industry.

A spokeswoman for Fiducia & GAD IT AG couldn't immediately say how many banks were affected.

The banking blog Finanz-Szene earlier reported about the attack.

https://www.reuters.com/technology/german-it-company-that-serves-banks-experiences-ddos-hack-attack-2021-06-04/

#germany #it #company #ddos #attack
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Brit retailer Furniture Village confirms 'cyber-attack' as systems outage rolls into Day 7

Sofa, not-so-good: Angry customers still can't access systems, phones, and deliveries delayed

Furniture Village – the UK's largest independent furniture retailer with 54 stores nationwide – has been hit by a "cyber-attack", the company confirmed to The Register.

Details are still sketchy, but it emerged late last week that some of the retailer’s internal systems had been taken offline.

Although its website remains up and running, this is not the case for the back end. The problems emerged last weekend on 29 May when Furniture Village admitted it was experiencing "technical issues" and it was unable to answer calls. This is still the case at the time of publication, 6 days later.

By Wednesday, Furniture Village revealed it was “still experiencing technical issues with [its] internal systems” and that the team was working to resolve them as quickly as possible. These included delivery systems, phone systems, and according to customers, payment mechanisms.

https://www.theregister.com/2021/06/04/furniture_village_confirms_cyberattack/

#cyberattack #uk #FurnitureVillage
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

The 4th largest mobile browser exfiltrates users’ data even in Incognito mode

Executive summary

UCWeb, a Chineses mobile internet company owned by Alibaba Group is exfiltrating user browsing and search history from its products distributed on mobile devices around the world even when the browser is used in incognito mode. This behavior is consistent on both Android and iOS devices.

UCWeb advertises the product incognito mode to be a private & secure way of browsing the internet. However, they are exfiltrating the users activity to UCWeb’s servers.

https://hookgab.medium.com/ucbrowser-privacy-study-ecff96fbcee4

#UCWeb #ucbrowser #privacy #study
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

TikTok just gave itself permission to collect biometric data on US users, including ‘faceprints and voiceprints’

A change to TikTok’s U.S. privacy policy on Wednesday introduced a new section that says the social video app “may collect biometric identifiers and biometric information” from its users’ content. This includes things like “faceprints and voiceprints,” the policy explained. Reached for comment, TikTok could not confirm what product developments necessitated the addition of biometric data to its list of disclosures about the information it automatically collects from users, but said it would ask for consent in the case such data collection practices began.

The biometric data collection details were introduced in the newly added section, “Image and Audio Information,” found under the heading of “Information we collect automatically” in the policy.

This is the part of TikTok’s Privacy Policy that lists the types of data the app gathers from users, which was already fairly extensive.

The first part of the new section explains that TikTok may collect information about the images and audio that are in users’ content, “such as identifying the objects and scenery that appear, the existence and location within an image of face and body features and attributes, the nature of the audio, and the text of the words spoken in your User Content.”

While that may sound creepy, other social networks do object recognition on images you upload to power accessibility features (like describing what’s in an Instagram photo, for example), as well as for ad targeting purposes. Identifying where a person and the scenery is can help with AR effects, while converting spoken words to text helps with features like TikTok’s automatic captions.

https://techcrunch.com/2021/06/03/tiktok-just-gave-itself-permission-to-collect-biometric-data-on-u-s-users-including-faceprints-and-voiceprints

#tiktok #DeleteTikTok #privacy #usa #biometric #data #faceprints #voiceprints
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

A Death in Cryptoland

When the young CEO of Canada’s largest cryptocurrency exchange is reported to have died while honeymooning in India, it sets off a cataclysmic chain of events that would leave about 76,000 people out of a quarter of a billion dollars and a trail of conspiracy theories around whether Gerald Cotten is dead or alive. A Death in Cryptoland is an original podcast series about a crypto-tycoon, his secret past, his sudden demise, and an online sleuth’s obsession to unravel the truth behind QuadrigaCX.

#truecrime #HuntingWarhead #podcast
🎙@cRyPtHoN_INFOSEC_DE
🎙@cRyPtHoN_INFOSEC_EN
🎙@cRyPtHoN_INFOSEC_FR
🎙@BlackBox_Archiv

Nigeria to suspend Twitter 'indefinitely'

Nigeria's government is suspending Twitter operations in the country "indefinitely", the country's information minister has announced.

The ban is due to "the persistent use of the platform for activities... capable of undermining Nigeria's corporate existence", a statement said.

Twitter said the announcement on Friday was "deeply concerning".

It comes just days after a tweet by President Muhammadu Buhari was removed for breaching the site's rules.

The statement from the Nigerian government did not mention the row over the removed tweet.

But Information Minister Lai Mohammed previously criticised the US social media giant's decision to take it down, calling it "double standards".

https://www.bbc.com/news/world-africa-57363779

#twitter #nigeria
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_FR
📡@BlackBox_Archiv

Valid Signal privacy issues shrugged off while patches quietly rolled out - vulnerability still active on macOS

Intro
Signal provides a free, cross-platform private messenger app. Folks in all kinds of unsafe situations rely on Signal, as a highly visible and popular app which the security and privacy professional communities endorse. Journalists rely on Signal to ensure confidential communication with their sources.

What privacy guarantees does one really have though if you can't prove the identity of who you're communicating with?

The problem
Mid-May, I got a new phone. At the time I understood that with *any change* to the device or installation of either party in a chat with message history, the Signal chat "safety number" changes. This used to be but (following an involved email back-and-forth with the Signal team over the course of a month) is no longer reflected in the Signal support documentation.

When a safety number changes, Signal shows a message to both parties in the conversation. The most recent alert I recall seeing prior to this adventure (which I believe was initially received April 14, about a month before I changed phones) looks like this:

https://403forbiddenblog.blogspot.com/2021/06/signal-safety-numbers.html

#signal #messenger #privacy #issue
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_FR
📡@BlackBox_Archiv

FBI sought info on who read USA Today news article for case

The FBI sought information about readers of an online article as part of an investigation, it has emerged.

The agency demanded the newspaper USA Today hand over records on who had read an article about the killing of two FBI agents.

The newspaper's owner is resisting the request and asked a judge to quash the demand.

It says the FBI's demand is a "clear violation" of protections to press freedom.

The FBI issued a subpoena - an order to submit evidence - to USA Today's owner Gannett, asking it for information about anyone who clicked on an article published in February about the fatal shooting of two of the bureau's agents in Florida.

The subpoena sought the IP addresses and phone numbers for readers of the piece during a 35-minute window. IP addresses can be used to find a computer's location and owner.

https://www.bbc.co.uk/news/world-us-canada-57367093

#usa #fbi #subpoena #investigation #usatoday #pressfreedom
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_FR
📡@BlackBox_Archiv

Mail-in-a-Box (v0.53a / May 8, 2021)

Take back control of your email with this easy-to-deploy mail server in a box.

What is it?

Mail-in-a-Box lets you become your own mail service provider in a few easy steps. It’s sort of like making your own gmail, but one you control from top to bottom.

Technically, Mail-in-a-Box turns a fresh cloud computer into a working mail server. But you don’t need to be a technology expert to set it up.

💡 Here’s how you can get a Mail-in-a-Box running:
https://www.youtube.com/watch?v=9WOmkoEYMIg

Current Version: v0.53a / May 8, 2021

– install

– release notes

– upgrade instructions

💡 Need Help?
- Check the maintenance guide.
- Ask on the forum. Other users may be able to help.
- Found a bug? Open an issue on github.
- Or try our Slack chatroom.

https://mailinabox.email/

#mailinabox #email #server #guide #tool #download
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_FR
📡@BlackBox_Archiv

Bypassing an Outlook Dark Pattern

Tldr: Outlook on Android tries to force you into linking Outlook to your Google Account, giving itself access to more data than you might want. I found out that can be bypassed by quickly toggling the internet connection off at the right time.

https://palone.blog/bypassing-an-outlook-dark-pattern/

#palone #outlook #dark #pattern #bypass
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_FR
📡@BlackBox_Archiv

EFF 30 Fireside Chat Surveillance, With Edward Snowden

Democracy, social movements, our relationships, and your own well being all require private space to thrive. But state actors and law enforcement reach for persistent mass surveillance tech with disturbing frequency. Privacy activists and ordinary people around the world stand before a growing arsenal of invasive tools in the hands of criminals and state actors alike. How has mass surveillance changed us and what are our odds in fighting back?

In this livestream conversation, NSA whistleblower Edward Snowden joins EFF Executive Director Cindy Cohn, EFF Director of Engineering for Certbot Alexis Hancock, and EFF Policy Analyst Matthew Guariglia as they weigh in on surveillance in modern culture, activism, and the future of privacy.

https://archive.org/details/eff-30-fireside-chat-surveillance-with-edward-snowden

#surveillance #digital #rights #nsa #EFF #police #spy #technology #privacy #PRISM #snowden
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_FR
📡@BlackBox_Archiv

ODO - the “swiss army knife” for the development of distributed communication apps

What is ODO?

ODO wants to become the “swiss army knife” for the development of distributed communication apps. It will allow developing such apps for various platforms: mobile, desktop, server, maybe even IoT devices. A layered API will allow quick development of simple apps in a low-code-manner, or complex apps using all the features of modern software development environments.

Get rid of Backend Servers

One of the key ideas is to get rid of central servers, meaning the app is really just the app on the device it is running on, no backends, no serers. All data is encrypted and distributed over all devices having ODO installed (using IPFS). This means that an app with ODO can be run with minimal resources on the operator side, as you don’t need AWS, Firebase, Azure or whatever.

Make Privacy and Security easy

One of the main goals of the layered API is to make it easy to develop secure apps with good privacy by design. Of course it is not possible, to have an API which technically prevents all possible security vulnerabilities and privacy problems. But an API can focus on privacy and security, and make these things easy. And while categories of privacy problems arising from a single entity controlling a central server, these kinds of problems simply does not exist with ODO.

💡 Have a closer look at the top level design document for more info about the technical ideas.

👉🏼 I want to contribute! 👈🏼

If you would like to contribute, start with this document, and the go on with onboarding. Also have a look at your code of conduct.

https://straightway.codeberg.page/odo/

#odo
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_FR
📡@BlackBox_Archiv

iTrapped: All the things Apple won’t let you do with your iPhone

Have you ever tried to swap Siri for a better voice assistant on your iPhone? Don’t bother, you can’t.

Tried to buy e-books from the Kindle app? Can’t do that, either.

Send iMessages to someone with an Android phone? Nope. Backup your iPhone to Google Drive? Nope. Get your own iPhone repair parts from Apple? Nope. Transfer your digital life to a different kind of smartphone? Good luck, my friend. When you buy an iPhone, it isn’t really yours.

It’s time to reclaim our iPhones. The debate that’s happening in courts and Congress about Big Tech’s power is also playing out in the palm of our hands.

I’ve used an iPhone for the last 12 years, and like most of you I am not looking to change. But we’ve become so accustomed to restrictions Apple built into the iPhone, we don’t even realize how we’re contorting ourselves to comply — or what we’re missing out on. One sign we’re being manipulated by a monopoly is when it’s hard to even consider an alternative. Apple says it’s protecting our security and privacy, but it has become clear that locking down our iPhones is also about controlling us so Apple can make more money.

https://www.seattletimes.com/business/technology/itrapped-all-the-things-apple-wont-let-you-do-with-your-iphone/

#apple #iphone #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_FR
📡@BlackBox_Archiv

Anti-Forensics: Reverse Engineering a Leading Phone Forensic Tool

How can vulnerabilities in forensic software affect cases brought to the courts? That question was the impetus of what kicked off my research on the Cellebrite UFED - a widely-used phone forensic tool. This talk will cover what my reverse engineering process was, what I found, how I went about reporting my findings, and the concerns, hopes, and fears I had along the way.

https://i.blackhat.com/asia-21/Friday-Handouts/AS-21-Bergin-Anti-Forensics-Reverse-Engineering-A-Leading-Phone-Forensic-Tool.pdf

#cellebrite #ufed #phone #forensic #tool #reverse #engineering #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_FR
📡@BlackBox_Archiv

Anonymous Message To Elon Musk

https://www.youtube.com/watch?v=tvPYidBtkz8

#anonymous #musk #video
📽@cRyPtHoN_INFOSEC_DE
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_FR
📽@BlackBox_Archiv

Global strike against drug traffickers

The FBI is said to have cracked the encrypted communications of suspected drug traffickers. On Monday, there were searches around the world, including in Germany.

It is probably one of the biggest blows against organized crime ever. In a coordinated effort, police units in 16 countries moved in Monday morning, storming homes, warehouses, garages and offices.

This happened among others in #Australia, #Canada, #Estonia, #Lithuania, the #Netherlands, #Sweden, #UK, the #USA and also in #Germany. In Hesse alone, around 60 properties were affected, and there were also raids in numerous other states such as North Rhine-Westphalia. German investigators speak of an unprecedented operation, with a large number of special police forces deployed.

Drugs, weapons, money laundering

According to research by NDR and WDR, the U.S. Federal Bureau of Investigation (FBI) recently gained access to the data of a provider of encrypted communications through which numerous criminal networks and gangs are said to have conducted drug transactions worldwide. Today's raids in Germany were planned under the strictest secrecy. Among other things, they are to be directed against suspected drug laboratories, cannabis plantations and cocaine storage sites.

However, the data related to Germany is also said to be about trafficking in weapons of war, weapons with silencers, money laundering and numerous other offenses. According to sources, the data set is supposed to be highly topical information.

https://www.tagesschau.de/inland/organierte-kriminalitaet-durchsuchungen-101.html

#EncroChat #police #fbi #germany #international #bust
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Special Operation Ironside

Operation IRONSIDE is a long-term, covert investigation into transnational and serious organised crime allegedly responsible for large drug imports, drug manufacturing and attempts to kill.

- https://intelnews.org/2021/06/08/01-3016/

- https://www.abc.net.au/news/2021-06-08/fbi-afp-underworld-crime-bust-an0m-cash-drugs-murder/100197246

- https://www.youtube.com/watch?v=qq9wnMXvgOc

#ironside #ANØN #trojanshield #bust #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv

Security researcher says attacks on Russian government have Chinese fingerprints – and typos, too

Malware was too loose to have come from a Western nation, according to Sentinel Labs

An advanced persistent threat that Russia found inside government systems was too crude to have been the work of a Western nation, says security researcher Juan Andrés Guerrero-Saade of Sentinel Labs, before suggesting the malware came from a Chinese entity.

Russian telco and IT services provider Rostelecom and the nation's National Coordination Center for Computer Incidents, an arm of the Russian Federal Security Service (FSB), in May published a joint report that detailed their assessment of attacks on several Russian government entities detected in 2020.

The report said the attacks were made using malware named "Mail-O" and asserted that attackers used cloud storage services provided by Russian companies Yandex and Mail.ru Group. The malware mimicked legitimate cloud storage management apps Disk-O and Yandex Disk.

Guerrero-Saade wrote that he feels the security industry has quickly defaulted to a view that Western actors were behind the attacks.

"I think we'll be relieved to find out that was most likely not the case – if solely because we've come to expect a higher standard for Western malware development," he wrote.

Guerrero-Saade reached that opinion after assessing samples of Mail-O and suggesting it is "a variant of a relatively well-known malware called PhantomNet or SManager used by a threat actor 'TA428'."

The researched makes that assertion because Mail-O, PhantomNet and SManager all share a function called "Entery" that he supposes is a misspelling of "Entry".

"Misspellings are a true gift for malware researchers," Guerrero-Saade wrote.

https://www.theregister.com/2021/06/09/mail_o_malware_maybe_chinese/

#russia #malware #china
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Trump: The solution to cyberattacks is to stop using computers

https://www.youtube.com/watch?v=0iCElbVyGSw

#trump #ToddlerTrump #cyberattacks #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv