Friday 3rd of May.

The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.

Australia

Church stabbing, Bondi Junction highlight X’s failure to moderate

The Sydney Morning Herald

Tim Biggs

Extreme conservative influencer Andrew Tate is among those using footage of the Wakeley stabbing to push hateful rants and conspiracies on X, days after an attack at Bondi Junction was followed by a swell of misinformation leading to the vicious harassment of an innocent 20-year-old student, prompting calls for the social media network to do more to moderate harmful posts. The stabbing attacks have each been seized upon by certain communities on X to promote racist and antisemitic conspiracies and rants. In the Bondi Junction case, an infamous troll misidentified the suspect and made claims about his Jewish identity in a post viewed more than 400,000 times. In the Wakeley case, footage of a bishop being stabbed has been repurposed, republished, remixed and circulated endlessly.

TikTok local profits surge as potential ban looms

The Sydney Morning Herald

David Swan

The Australian arm of controversial social media platform TikTok has posted a surge in revenue and profits over the past year, despite a looming ban in the US and questions over whether Australia should follow suit. In its annual financial report filed with corporate regulator ASIC this week, TikTok Australia reported profit for the 2023 calendar year of $11.4 million – nearly double its $5.4 million profit a year earlier – on revenue of $375 million, which was more than twice as much as the previous year.

Get tough on phone scams, TPG to urge government at Commsday Summit

The Australian

Glenda Korporaal

TPG Telecom wants more government intervention to crack down on phone scams, including a mandatory SMS sender ID register and stricter controls on the ability to use Australian phone numbers. In a speech to be delivered to the Commsday Summit on Wednesday morning in Sydney, TPG Telecom chief executive Inaki Berroeta will say major network operators in Australia were now facing a “deluge” of scam voice and SMS traffic being sent to their customers. Mr Berroeta says current regulations in Australia have made it “too easy and cheap to steal from and trick Australians”, allowing scammers to win the battle despite actions being taken by telcos to counter their effectiveness.

Qantas says issue that exposed customer data to others has been resolved

The Sydney Morning Herald

Tim Biggs

Qantas says it has resolved an issue with its app that gave customers access to the personal information and accounts of other people, prompting concerns over data privacy. The company said an internal investigation suggested the issue might have been caused by recent system changes, and that it did not suspect a cybersecurity incident was involved.

China

China trying to develop world ‘built on censorship and surveillance’

Al Jazeera

China is exporting its model of digital authoritarianism abroad with the help of its far-reaching tech industry and massive infrastructure projects, offering a blueprint of “best practices” to neighbours including Cambodia, Malaysia and Vietnam, a human rights watchdog has warned. In 2015, two years after kicking off its massive Belt and Road initiative, China launched its “Digital Silk Road” project to expand access to digital infrastructure such as submarine cables, satellites, 5G connectivity and more.

Teacher Li: the full transnational repression story

Safeguard Defenders

'“Every morning I wake up and my tweets are filled with hundreds of replies by bot accounts. At first, they used words to insult and spread rumors about my parents. Now, they have started drawing pornographic pictures about my parents. Interestingly, when I used Xi Jinping's picture and name to add to my tweets as a test, the attacks disappeared and instead, the bot accounts started to praise me.”

Huawei secretly backs US research, awarding millions in prizes

Bloomberg

Kate O'Keeffe

Huawei Technologies Co., the Chinese telecommunications giant blacklisted by the US, is secretly funding cutting-edge research at American universities including Harvard through an independent Washington-based foundation. Huawei is the sole funder of a research competition that has awarded millions of dollars since its inception in 2022 and attracted hundreds of proposals from scientists around the world, including those at top US universities that have banned their researchers from working with the company, according to documents and people familiar with the matter.

China’s electric cars keep improving, a worry for rivals elsewhere

The New York Times

Keith Bradsher

Automakers in China are building a new generation of bigger, more technologically advanced and competitive electric cars, threatening to leap further ahead of their global rivals as they step up exports around the world. The dozens of car companies operating in China plan to put 71 new battery electric models on sale this year. Many new models have taller hoods for a bolder appearance and more storage space. The cars have bigger tires that improve braking. The seats are thicker and more comfortable. The batteries are ever smaller, more powerful and quicker to recharge.

USA

Judge grills U.S. and Google on antitrust claims

The New York Times

David McCabe and Cecilia Kang

The judge overseeing a landmark U.S. antitrust challenge to Google tried to poke holes in both sides’ cases during closing arguments Thursday as he weighed a ruling that could reshape the technology industry. Judge Amit P. Mehta was presiding over the first day of closing arguments in the most consequential tech antitrust case since the U.S. government sued Microsoft in the late 1990s. The Justice Department has sued Google, accusing it of illegally shoring up a monopoly in online search. Google has denied the claims.

Extremist militias are coordinating in more than 100 Facebook groups

WIRED

Tess Owen

“JOIN YOUR LOCAL Militia or III% Patriot Group,” a post urged the more than 650 members of a Facebook group called the Free American Army. Accompanied by the logo for the Three Percenters militia network and an image of a man in tactical gear holding a long rifle, the post continues: “Now more than ever. Support the American militia page.” Other content and messaging in the group is similar. And despite the fact that Facebook bans paramilitary organizing and deemed the Three Percenters an “armed militia group" on its 2021 Dangerous Individuals and Organizations List, the post and group remained up until WIRED contacted Meta for comment about its existence.

More funds needed for US telecoms to remove Chinese equipment, says FCC

Reuters

David Shepardson

The Federal Communications Commission (FCC) said on Thursday nearly 40% of U.S. telecom companies getting federal support need additional government funding to remove equipment made by Chinese telecoms firms Huawei and ZTE (000063.SZ), opens new tab from American wireless networks to address security risks. The FCC said removing the equipment is estimated to cost $4.98 billion but Congress has only approved $1.9 billion for the "rip and replace" program.

Tech CEO jokes about drone-striking rivals in MAGA-tinged Hill summit

POLITICO

Brendon Bordelon

An exclusive Capitol Hill forum meant to connect the tech industry with Congress took a bewildering political turn on Wednesday when a key CEO condemned “pagan” anti-Israel protests, suggested the protesters be sent to North Korea and mused about launching drone strikes on his business enemies. The comments came from Alex Karp of Palantir Technologies, the Peter Thiel-linked firm increasingly at the center of Washington’s defense-tech plans.

Russia - Ukraine

Member of ransomware gang sentenced to more than 13 years in prison over 2021 attack

CNN

Hannah Rabinowitz

A Ukrainian national was sentenced on Wednesday to more than 13 years in prison and ordered to pay $16 million in restitution for helping to conduct a 2021 ransomware attack that infected hundreds of businesses in the US and abroad. Yaroslav Vasinskyi, 24, who is associated with the ransomware gang REvil, played a role in conducting over 2,500 ransomware attacks and demanding over $700 million in ransom payments, according to a Justice Department news release.

Russian state media ramping up English, Spanish presence on TikTok, study finds

The Washington Post

Joseph Menn

While fears that China would push propaganda on TikTok fueled an unprecedented law to force its sale, it is not the only country to invest in getting messages across on the popular platform. New research shows that Russian state media are posting English and Spanish videos to TikTok and have doubled last year’s engagement on their posts, which include attacks on President Biden’s Israel policy and his age as well as promotion of far-right commentator Tucker Carlson’s Russia coverage.

Southeast Asia

Investigation uncovers substantial spyware exports to Indonesia

The Record by Recorded Future

Suzanne Smalley

Powerful and invasive foreign commercial spyware and surveillance products are being procured by or deployed in Indonesia, with the country’s national police and cyber agency among the top recipients or users of the technology. The findings, released Thursday by Amnesty International’s Security Lab, uncover a sprawling international ecosystem of vendors, brokers and resellers supporting spyware exports to Indonesia. That ecosystem is populated in part by notorious commercial surveillance companies Intellexa, Candiru and Q Cyber Technologies, which is tied to the NSO Group, the company behind the highly invasive Pegasus spyware.

A web of surveillance

Amnesty International

Highly invasive spyware and other rights-threatening surveillance technologies have been used to target human rights defenders, journalists and other members of civil society worldwide, as documented by an ever-growing body of research. Unfortunately, technical obstacles inherent in forensic investigations and a culture of secrecy surrounding the sale and transfer of surveillance tools keeps civil society and human rights defenders in the dark about the full extent of their deployment or use. This research provides a case study on how one country, Indonesia, is relying on a murky ecosystem of surveillance suppliers, brokers and resellers that obscures the sale and transfer of surveillance technology. The investigation also showcases the continued failure of multiple countries to regulate and provide transparency on the exports of dual-use technologies, such as spyware, and the non dual-use hardware that hosts the spyware or surveillance technology which pose serious human rights risks.

South & Central Asia

WhatsApp gives India an ultimatum on encryption

Rest of World

Russell Brandom

For nearly 10 years, WhatsApp’s chat messages have been end-to-end encrypted, meaning they can’t be read by anyone except the sender and the receiver. Drawing on an open-source encryption system developed by Signal, WhatsApp began the move shortly after it was acquired by Facebook in 2014. For the most part, its encryption has been running quietly in the background ever since. There have been legal challenges, but for the world’s largest source of end-to-end encrypted communications, the past decade has been remarkably drama-free. But WhatsApp is currently in the middle of its biggest legal challenge yet — and it’s a serious one. IT rules passed by India in 2021 require services like WhatsApp to maintain “traceability” for all messages, allowing authorities to follow forwarded messages to the “first originator” of the text.

Europe

TikTok ban in EU is ‘not excluded,’ von der Leyen says

POLITICO

Pieter Haeck

Commission President Ursula von der Leyen hinted that banning TikTok in the European Union is an option, during a debate this evening in Maastricht, featuring parties' lead candidates for the bloc's 2024 election. "It is not excluded," von der Leyen said, after the moderator referred to the United States, where TikTok faces a national ban unless it is sold by its owner, ByteDance. She immediately added that the Commission was "the very first institution worldwide to ban TikTok on our corporate phones. "

Croatian president hits out at prospect of EU TikTok ban

POLITICO

Seb Starcevic

Croatia’s president pushed back on a suggestion by European Commission President Ursula von der Leyen that the EU could ban TikTok, saying Wednesday that member countries should be able to decide for themselves whether they want to restrict use of the app. "TikTok means nothing to me, but it means freedom for my children to use it if they want," President Zoran Milanović said, according to Index.hr.

Big Tech

Over 400 million Google accounts have used passkeys, but our passwordless future remains elusive

The Verge

Jess Weatherbed

Google is kicking off World Password Day by updating us on its efforts to replace the often hacked, guessed, and stolen form of authentication with passkeys. Their passwordless approach relies on device-based authentication instead, making logging in faster and more secure. In a blog post on Thursday, the company announced that over 400 million Google accounts (of the at least 1.5 billion reported since 2018) have used passkeys since rolling them out, logging over a billion authentications between them. The majority of users find them easier to use than passwords, according to Google, adding that “since launching, passkeys have proven to be faster than passwords, since they only require users to simply unlock their device using a fingerprint, face scan or pin to log in.”

Google rejected 2.28 million risky Android apps from Play store in 2023

Bleeping Computer

Bill Toulas

Google blocked 2.28 million Android apps from being published on Google Play after finding various policy violations that could threaten user's security. Additionally, the tech giant reports that it identified and blocked 333,000 Google Play accounts that uploaded malware, fraudulent apps, or engaged in repeated grave policy violations. For comparison, in 2022, Google blocked 1.5 million "bad" apps and suspended 173,000 developer accounts for severe violations of the store's policies.

Android flaw affected apps with 4 billion installs

Infosecurity Magazine

Alessandro Mascellino

Microsoft’s research team has unearthed a concerning vulnerability pattern in numerous popular Android applications, posing significant security risks to billions of users worldwide. The identified vulnerability pattern, linked to path traversal, enables a malicious application to manipulate files within the vulnerable app’s home directory. The impact of this vulnerability reportedly extended to several widely used applications found on the Google Play Store, with over four billion installations collectively.

Artificial Intelligence

Microsoft bans US police departments from using enterprise AI tool for facial recognition

TechCrunch

Kyle Wiggers

Microsoft has changed its policy to ban U.S. police departments from using generative AI for facial recognition through the Azure OpenAI Service, the company’s fully managed, enterprise-focused wrapper around OpenAI technologies. Language added Wednesday to the terms of service for Azure OpenAI Service prohibits integrations with Azure OpenAI Service from being used “by or for” police departments for facial recognition in the U.S., including integrations with OpenAI’s text- and speech-analyzing models.

Unauthorized AI voice clones of Taylor Swift face removal from TikTok

Bloomberg

Daniel Zuidijk, Mark Bergen, and Sarah Jacob

TikTok’s new agreement with Universal Music Group NV comes with a key provision: the video app has agreed to remove unauthorized music created by artificial intelligence. The deal between the ByteDance Ltd.-owned app and the world’s biggest record label, which holds the rights to such megastars as Taylor Swift and Billie Eilish, finally ends a months-long feud over compensation and the proliferation of AI-generated music on the platform.

Misc

Dropbox says hackers breached digital-signature product

Bloomberg

Brody Ford

Dropbox Inc. said its digital-signature product, Dropbox Sign, was breached by hackers, who accessed user information including emails, user names and phone numbers. The software company said it became aware of the cyberattack on April 24, sought to limit the incident and reported it to law enforcement and regulatory authorities.

Maximum-severity GitLab flaw allowing account hijacking under active exploitation

ArsTechnica

Dan Goodin

A maximum severity vulnerability that allows hackers to hijack GitLab accounts with no user interaction required is now under active exploitation, federal government officials warned as data showed that thousands of users had yet to install a patch released in January. A change GitLab implemented in May 2023 made it possible for users to initiate password changes through links sent to secondary email addresses. The move was designed to permit resets when users didn’t have access to the email address used to establish the account. In January, GitLab disclosed that the feature allowed attackers to send reset emails to accounts they controlled and from there click on the embedded link and take over the account.

