Hackers use VPN zero-day to breach Chinese govt agencies | Australia on the cyber offence to bring down COVID-19 scammers | Thousands of Zoom video calls left exposed
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Foreign state-sponsored hackers have launched a massive hacking operation aimed at Chinese government agencies and their employees. Attacks began last month, in March, and are believed to be related to the current coronavirus (COVID-19) outbreak. ZD Net
Australia has launched a cyber offence against offshore criminals, targeting those responsible for scams related to the COVID-19 outbreak. ZD Net
Thousands of personal Zoom videos have been left viewable on the open Web, highlighting the privacy risks to millions of Americans as they shift many of their personal interactions to video calls in an age of social distancing. Washington Post
World
DarkHotel hackers use VPN zero-day to breach Chinese government agencies
ZD Net
@campuscodi
Foreign state-sponsored hackers have launched a massive hacking operation aimed at Chinese government agencies and their employees. Attacks began last month, in March, and are believed to be related to the current coronavirus (COVID-19) outbreak.. The Chinese security firm said it tracked the attacks to a hacker group known as DarkHotel. The group is believed to operate out of the Korean peninsula, although it is yet unknown if they are based in North or South Korea.. The attacks on Chinese government entities appear to fit a pattern. Two weeks ago, Reuters reported a DarkHotel attack against the World Health Organization, the international body coordinating the global response to the current COVID-19 pandemic.
Australia
Myriota raises $19.3 million to expand its IoT satellite constellation
Tech Crunch
@etherington
Internet of things satellite connectivity startup Myriota has raises a $19.3 million Series B funding round, led by Hostplus and Main Sequence Ventures, with additional funding from Boeing, former Australian PM Malcolm Turnbull, Singtel Innov8 and others. The company has now raised $37 million in Funding, and has four satellites on orbit already, with a plan to expand that to 25 by 2022 with the help of this new funding.
USA
Thousands of Zoom video calls left exposed on open Web
Washington Post
@drewharwell
Thousands of personal Zoom videos have been left viewable on the open Web, highlighting the privacy risks to millions of Americans as they shift many of their personal interactions to video calls in an age of social distancing. Videos viewed by The Washington Post included one-on-one therapy sessions; a training orientation for workers doing telehealth calls that included people’s names and phone numbers; small-business meetings that included private company financial statements; and elementary school classes, in which children’s faces, voices and personal details were exposed.
As School Moves Online, Many Students Stay Logged Out
The New York Times
Chronic absenteeism is a problem in American education during the best of times, but now, with the vast majority of the nation’s school buildings closed and lessons being conducted remotely, more students than ever are missing class — not logging on, not checking in or not completing assignments.
India
TikTok is the most downloaded social media app during lockdown in India
Tech Radar
The 21-day lockdown period currently underway in India has proved to be a boon for social media app TikTok, as per a report by App Annie. The mobile and data analytics company reported that the short video app was the most downloaded ones in the social media category, followed by WhatsApp and Facebook during the 21 days.
Coronavirus has become the booster shot that telemedicine was waiting for in India
Quartz
@SreenidhiVS
India formally recognised the practice of telemedicine recently. With Covid-19 cases spreading across the country, face-to-face consultations can be risky for both patients and doctors. Under the circumstances, remote consultations over the phone or video calls can help patients access health care while also limiting their and doctors’ exposure to the disease.
UK
The world’s experts must stand together in the fight against coronavirus
UK Parliament
As the country of origin, China initially allowed disinformation to spread as quickly as the virus. Rather than helping other countries prepare a swift and strong response, it is increasingly apparent that they manipulated vital information about the virus in order to protect the regime's image. The Government needs to tackle these lies with a clear and quick response, working with our allies to show a united front in the face of false facts and deadly disinformation.
UK carriers would appreciate you not setting cell towers on fire
Engadget
@jonfingas
The arson attacks against 5G masts in the UK have become serious enough that carriers are joining together to put a stop to the incidents. EE, O2, Three and Vodafone have issued a joint statement both urging people not to set fire to cellular masts, threaten engineers or spread conspiracy theories falsely linking 5G to COVID-19. The networks also encouraged people to report abuse of engineers and call out people spreading misinformation.
Europe
Law to fight coronavirus creates 'uncertainty' for journalists
DW.com
A law that holds a prison sentence of up to five years for spreading "false information" is part of new measures against COVID-19. As Fanny Fascar reports, journalists fear it could make it even harder to report news.
Africa
WHO Africa hosts hackathons, offers seed funds to fight COVID-19
Tech Crunch
@JakeRBright
The World Health Organization in Africa is holding virtual hackathons and offering up to $20,000 in seed-funds to finalists with digital solutions to stem COVID-19.
Misc
Safari flaw let intruders hijack cameras on iPhones and Macs
Engadget
@jonfingas
If you're working on a Mac at home or reconnecting with friends on an iPhone, you'll want to be sure you have the latest security updates. Security researcher Ryan Pickren has detailed recently patched Safari vulnerabilities that allowed intruders to hijack the cameras and microphones on iOS and macOS devices.
PayPal and Venmo Are Letting SIM Swappers Hijack Accounts
Vice
@lorenzofb
Several major apps and websites, such as Paypal and Venmo have a flaw that lets hackers easily take over users’ accounts once they have taken control of the victim’s phone number.
Google can help locate food and night shelters during lockdown
Tech Radar
Google is integrating the location information about local food and night shelters on Google Maps. The initiative comes amid the ongoing COVID-19 crisis where a set of the unprivileged populace is relying on private and government organisations for basic survival.
Rights groups appeal to governments over COVID-19 surveillance
Naked Security
Digital and human rights groups have joined in a rare worldwide appeal to governments to respect privacy when handling the COVID-19 crisis. As the number of known COVID-19 cases around the world exceeds 1.2m and the number of deaths reaches 70,000, more than 100 groups signed a letter to governments urging them to be measured in their response to the virus.
Joint Civil Society Statement: States use of digital surveillance technologies to fight pandemic must respect human rights Human Rights Watch
Research
How Coronavirus Disinformation Gets Past Social Media Moderators
Bellingcat
@IwriteOK
The COVID-19 pandemic has forced social media companies to take a more active stance against disinformation. The most striking recent example came on March 31, when Facebook, Twitter and YouTube all banned videos from Brazil’s President Jair Bolsonaro. These videos featured Bolsonaro advising the use of an antimalarial, chloroquine, to treat the novel coronavirus. Charlie Kirk, the founder of Turning Point USA, had a post on the same subject removed a few days earlier.
Why is Ad Tech Funding These Ads on Coronavirus Conspiracy Sites?
Global Disinformation Index
@DisinfoIndex
New research by the GDI shows that ad tech players, including Google, are serving up ads and providing ad revenue streams to known disinformation sites peddling coronavirus conspiracies.