Thai phone data hacked | US COVID dosier from background State Department document | Tory MPs urging to restrict foreign investment in the UK

Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.

  • Thailand’s largest cell network AIS has pulled a database offline that was spilling billions of real-time internet records on millions of Thai internet users. The database, containing DNS queries and Netflow data, on the internet without a password. With access to this database, Paine said that anyone could “quickly paint a picture” about what an internet user (or their household) does in real-time. Tech Crunch

  • The American embassy has held private meetings with Canberra to clarify a US State Department document that was used by a Sydney newspaper to link the COVID-19 pandemic to a Chinese government laboratory despite a lack of direct evidence. ABC News

  • Tory MPs have urged Boris Johnson to accelerate new legislation designed to make it harder for state-owned companies from overseas countries such as China to take over struggling UK firms. Financial Times

ASPI ICPC

Anonymous no more? Make it a crime to re-identify personal data
ASPI Strategist
@ja_clarence
The concerns raised by the COVIDSafe app suggest that Australians care a lot about privacy, at least when information to be held by the government is involved. Let’s turn that passion into action, starting with bolstering the privacy protections on large datasets.

Will China’s calls for more ‘Wolf Warriors’ leave country’s diplomats feeling sheepish?
South China Morning Post
@kristinaberdeen @fryan
Beijing will continue its pugnacious tone if the approach helps to achieve its diplomatic objectives. But it’s more likely that these displays of aggressive nationalism will only serve to drive the world further away from China.

World

Bill Gates Conspiracy Theories Have Circulated For Years. It Took The Coronavirus Pandemic To Turn Him Into A Fake Villain.
Buzzfeed News
@broderick
After months of conspiracy-mongering, people around the world are demanding Gates be arrested for crimes against humanity. Here’s how things got so bad.

Australia

US State Department (not spies) penned 'non-paper' timeline of China's alleged COVID cover-up
ABC News
@dylanwelch
The American embassy has held private meetings with Canberra to clarify a US State Department document that was used by a Sydney newspaper to link the COVID-19 pandemic to a Chinese government laboratory despite a lack of direct evidence.

Victoria University accused of censorship after removing Serbian war crimes material
SBS News
@JarniBlakkarly
Victoria University has bowed to pressure from a pro-Serbian blogger and removed material referring to crimes against Bosnian Muslims from a course on human rights. YouTuber Charles Cather, an American blogger based in Novi Sad, Serbia, led the campaign to remove a section of a lecturer's presentation that described the murder of Bosnian Muslims by a Serbian guard.

Australian researchers record world’s fastest internet speed from a single optical chip
Swinburne University
Researchers from Monash, Swinburne and RMIT universities have successfully tested and recorded Australia’s fastest internet data speed, and that of the world, from a single optical chip – capable of downloading 1000 high definition movies in a split second.

Unis warned to stop hoarding academics' IP for revenue
Australian Financial Review
@DLLabs
Australian universities must stop treating academics as ATM machines if Australia is to have any chance of maintaining its lead in quantum computing, one of Australia's leading quantum physicists has warned.

CSIRO says quantum industry to be worth $4 billion
Australian Defence Magazine
Australia’s emerging quantum technology sector could support 16,000 jobs and create over $4 billion annual revenue by 2040, according to a report by CSIRO.

BCG consultants’ massive visa fail win
Innovation Aus
@denhamsadler
More than $90 million was spent by government on its failed plan to privatise the visa processing system, but the Boston Consulting Group still came up trumps, landing nearly half of the cash through the process. Earlier this year the federal government quietly announced it had shelved plans to bring in a private sector company to develop a new visa processing system.

China

City’s Plan for Permanent ‘Health Codes’ Sparks Online Backlash
Sixth Tone
Netizens are concerned that a proposal to evaluate Hangzhou residents based on their medical records and lifestyle choices could jeopardize personal privacy and pave the way for discrimination.

Personal Data Collected During COVID-19 Belongs to the People, Baidu CEO Says
Sixth Tone
Robin Li, the CEO and founder of Baidu, specifically requested that people in China be given the chance to opt out of having their personal information stored in a central database.

USA

Huawei’s Nightmare Week Is About To Get Much Worse
Forbes
Huawei is now reeling. The brutal reality of the latest U.S. crackdown is making daily headlines as the tech giant scrabbles to find a way to replace the key silicon in most of its flagship products. And it’s about to get worse, as the implications of those restrictions start to pay a heavy toll in the market. That impact looks like it will hit rapidly, along with an unexpected security issue that could be worse.

South-East Asia

A massive database of 8 billion Thai internet records leaks
Tech Crunch
@zackwhittaker
Thailand’s largest cell network AIS has pulled a database offline that was spilling billions of real-time internet records on millions of Thai internet users. Security researcher Justin Paine said in a blog post that he found the database, containing DNS queries and Netflow data, on the internet without a password. With access to this database, Paine said that anyone could “quickly paint a picture” about what an internet user (or their household) does in real-time.

South Asia

Data of 29 million Indian job seekers leaked to the dark web
Tech Radar
Data of more than 29 million job seekers from India has been leaked on the dark web and the source of this data is not yet clear. US-based Cyber intelligence firm Cyble believes that it could be from one of the several resume aggregators in the country.

UK

UK draws up plans to restrict Chinese inward investment
Financial Times
“There is a growing consensus over China, to want trade but to have no illusions,” said Bob Seely, a Tory MP. “We can want trade but we want fair trade, not intellectual property theft and espionage.”

UK reviews Huawei decision in the wake of coronavirus pandemic
Sydney Morning Herald
@latikambourke
Britain has launched a new review into using Huawei in the country's 5G networks, ahead of a Tory revolt over Prime Minister Boris Johnson's green light for the China-based vendor. A spokesperson for the British government said: "The security and resilience of our networks is of paramount importance.

Europe

Top Ten: Things Learned from Two Years of GDPR
Info Security
@DanRaywood
It has been two years since the deadline for compliance with GDPR (General Data Protection Regulation) landed. Now with two years of compliance culture behind us, what have we learned so far?

Two years into new EU privacy regime, questions hang over enforcement
Politico
@vmanancourt @markscott82
As Europe's flagship privacy law celebrates its second birthday, a question still dogs regulators: Where is the big-ticket enforcement?

Gender and Women in Cyber

The female hackers keeping your work from home systems safe
The Times of India
@PhadnisShilpa
Vandana is a security architect, who, like women in most industries, are challenging stereotypes. “When I started out, cybersecurity was not seen as a career option, especially for women. When I told my mother I work as an information security professional, for a moment, she thought I was a security guard.”

Misc

Discord client turned into a password stealer by updated malware
Bleeping Computer
@LawrenceAbrams
A threat actor updated the AnarchyGrabber trojan into a new version that steals passwords and user tokens, disables 2FA, and spreads malware to a victim's friends. Threat actors then distribute the trojan on Discord, where they pretend it's a game cheat, hacking tool, or copyrighted software.

Thousands of enterprise systems infected by new Blue Mockingbird malware gang
ZDNet
@campuscodi
Thousands of enterprise systems are believed to have been infected with a cryptocurrency-mining malware operated by a group tracked under the codename of Blue Mockingbird.

Coronavirus Monitoring Bracelets Flood the Market, Ready to Snitch on people who don’t Distance
The Intercept
@samfbiddle
Surveilance firms around the world are licking their lips at a once-in-a-lifetime opportunity to cash in on the coronavirus by repositioning one of their most invasive products: the tracking bracelet.

The quest for cyber sovereignty is dark and full of terrors
Observer Research Foundation
@whoknowstrish
While “cyber sovereignty” and “digital colonialism” are useful for condensing complex phenomena into catchy phrases, the way they are used often takes away much-needed nuance in the discussion around norms and regulations for cyberspace and the broader digital realm.

A feel-good ad from Facebook boasts a coronavirus group. But it's not quite what it seems.
NBC News
@BrandyZadrozny
A commercial for Facebook that ran on national TV promoting its group feature in the time of the coronavirus pulls at the heartstrings. But the Facebook ad seems to be misleading. None of the posts in the television ad appear in the actual Facebook group.

A Fact-Based Fantasy With Drones, Robots, and Rioting on the Washington Mall
The Daily Beast
Blending fiction with deep research on artificial intelligence, this excerpt from "Burn-In," a futuristic techno-thriller set in Washington, D.C., is both creepy and exciting.

Share

Loading more posts…