Privacy watchdog probes Facebook security breach

MANILA - The National Privacy Commission said Sunday it has begun probing the security breach reported by Facebook, which logged out millions of users last Friday. 

Facebook had already posted a "security update" statement, explaining how a "security issue" affected around 50 million Facebook accounts. 

But lawyer Kiko Acero from the commission's Complaints and Investigation Division said they still need a clearer explanation on what really happened. 

"Kung ginamit siya ng isang taong may malicious intent, hinahanap namin sino yung naging pabaya sa problemang 'to… Lahat 'yan tinitignan namin," he said. 

(If it was used by a person with malicious intent, we want to know who is liable for this problem. We are looking into all of this.)

In a statement, Facebook said they took immediate measures upon learning the security issue, which caused around 90 million Facebook users worldwide to be logged out of their accounts. 

"Our investigation is still in its early stages. But it’s clear that attackers exploited a vulnerability in Facebook’s code that impacted 'View As' a feature," Facebook said. 

"This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in," it added.

Manila Bulletin technology news editor Art Samaniego said the Facebook users who were logged out of their accounts could be potential targets of hackers.

Samaniego said this may put all other social media sites and service applications connected to an account at risk because "token sessions" are involved. 

"Ito yung digital signature natin na pag nag-log in sa Facebook, malalaman ng apps and services na ikaw 'yun. Pag nag-log in ka via Facebook makukuha 'yung mga details mo," he said. 

(This is our digital signature when we log into Facebook, which lets apps and services know that it is you. When you log in via Facebook, your details will be known.)

"Ibig-sabihin pag nanakaw to (token sessions) ng mga hacker. Puwede niya ma-log in 'yun sa mga services na ginagamit mo halimbawa Instagram, WhatsApp, Tindr," he added.

(This means that if these tokens are stolen by hackers, they can log into the services you use like Instagram, WhatsApp, Tindr.)

Samaniego urged users to use two-factor authentication for their accounts. He also discouraged netizens from using the same passwords for different accounts.

source: news.abs-cbn.com

British ministers' phone numbers leaked in app flaw

LONDON - Phone numbers and other personal details of senior ministers from Britain's Conservative party were made public by an app security flaw on Saturday, including those of top Brexiteers Michael Gove and Boris Johnson.

Several top MPs reportedly received nuisance calls after their profiles were accessed on the official mobile application for the annual party conference, which kicks off this weekend.

The security breach saw members of the public able to enter the profiles using just the politicians' email addresses -- easily available online -- to view and edit the data stored within.

Former foreign secretary Johnson had his profile picture briefly swapped for pornography and his job title changed to an profane insult, according to several Twitter users.

Meanwhile Environment Secretary Gove's picture was changed to one of media tycoon Rupert Murdoch, his former employer when he was a journalist.

Among the first to report the flaw was Dawn Foster, a columnist for daily The Guardian.

"The Tory conference app allows you to log in as other people and view their contact details just with their email address, no emailed security links, and post comments as them," she wrote on Twitter, using a colloquial name for the party.

"They've essentially made every journalist, politician and attendee's mobile number public. Fantastic."

A Conservative party spokesperson apologized for the breach, saying the technical issue had "been resolved and the app is now functioning securely".

Britain's data watchdog, the Information Commissioner's Office (ICO), said it was investigating the data breach related to the app, which was developed by an Australian firm called Crown Comms.

The opposition Labor Party said the blunder showed the ruling party could not be trusted in matters of security.

"They can't even build a conference app that keeps the data of their members, MPs and others attending safe and secure," said shadow cabinet office minister Jon Trickett.

The breach is the latest embarrassment for Prime Minister Theresa May's embattled party, whose yearly gathering begins on Sunday in the city of Birmingham in central England.

Last year's conference was peppered with mishaps, with May's attempt to move past Brexit splits marred by a protest, a collapsing set and a coughing fit.

During the 2017 event, a prankster interrupted the leader's address by handing her a P45 -- a form given to those leaving a job.

No sooner had she resumed, May began coughing uncontrollably and continued to struggle on and off throughout the rest of the speech, as 2 letters fell off the slogan on the wall behind her.

source: news.abs-cbn.com

Apple likely to invoke free-speech rights in encryption fight

NEW YORK/SAN FRANCISCO - Apple Inc. will likely seek to invoke the United States' protections of free speech as one of its key legal arguments in trying to block an order to help unlock the encrypted iPhone of one of the San Bernardino shooters, lawyers with expertise in the subject said this week.

The tech giant and the Obama administration are on track for a major collision over computer security and encryption after a federal magistrate judge in Los Angeles handed down an order on Tuesday requiring Apple to provide specific software and technical assistance to investigators.

Apple Chief Executive Officer Tim Cook called the request from the Federal Bureau of Investigation unprecedented. Other tech giants such as Facebook Inc., Twitter Inc. and Alphabet Inc.'s Google have rallied to support Apple.

Apple has retained two prominent, free-speech lawyers to do battle with the government, according to court papers: Theodore Olson, who won the political-speech case Citizens United v. Federal Election Commission in 2010, and Theodore Boutrous, who frequently represents media organizations.

Government lawyers from the U.S. Justice Department have defended their request in court papers by citing various authorities, such as a 1977 U.S. Supreme Court ruling that upheld an order compelling a telephone company to provide assistance with setting up a device to record telephone numbers.

The high court said then that the All Writs Act, a law from 1789, authorized the order, and the scope of that ruling is expected to be a main target of Apple when it files a response in court by early next week.

But Apple will likely also broaden its challenge to include the First Amendment's guarantee of speech rights, according to lawyers who are not involved in the dispute but who are following it.

Compared with other countries, the United States has a strong guarantee of speech rights even for corporations, and at least one court has ruled that computer code is a form of speech, although that ruling was later voided.

Apple could argue that being required to create and provide specific computer code amounts to unlawful compelled speech, said Riana Pfefferkorn, a cryptography fellow at Stanford University's Center for Internet and Society.

The order against Apple is novel because it compels the company to create a new forensic tool to use, not just turn over information in Apple's possession, Pfefferkorn said. "I think there is a significant First Amendment concern," she said.

A spokesman for the U.S. Attorney's Office in Los Angeles declined to comment on the possible free-speech questions on Thursday.

A speech-rights argument from Apple, though, could be met with skepticism by the courts because computer code has become ubiquitous and underpins much of the U.S. economy.

"That is an argument of enormous breadth," said Stuart Benjamin, a Duke University law professor who writes about the First Amendment. He said Apple would need to show that the computer code conveyed a "substantive message."

In a case brought by a mathematician against U.S. export controls, a three-judge panel of the 9th U.S. Circuit Court of Appeals, which covers California, found in 1999 that the source code behind encryption software is protected speech. The opinion was later withdrawn so the full court could rehear the case, but that rehearing was canceled and the appeal declared moot after the government revised its export controls.

The FBI and prosecutors are seeking Apple's assistance to read the data on an iPhone 5C that had been used by Rizwan Farook, who along with his wife, Tashfeen Malik, carried out the San Bernardino shootings that killed 14 people and wounded 22 others at a holiday party.

U.S. prosecutors were smart to pick the mass shooting as a test case for an encryption fight with tech companies, said Michael Froomkin, a University of Miami law professor. That is because the shooting had a large emotional impact while also demonstrating the danger posed by armed militants, he said.

In addition, the iPhone in dispute was owned not by Farook but by his employer, a local government, which has consented to the search of the iPhone. The federal magistrate who issued the order, Sheri Pym, is also a former federal prosecutor.

"This is one of the worst set of facts possible for Apple. That's why the government picked this case," Froomkin said.

Froomkin added, though, that the fight was enormously important for the company because of the possibility that a new forensic tool could be easily used on other phones and the damage that could be done to Apple's global brand if it cannot withstand government demands on privacy. "All these demands make their phones less attractive to users," he said.

source: www.abs-cbnnews.com

CIA condemns 'malicious' hack of director's personal email

WASHINGTON - The CIA on Wednesday condemned the hacking of director John Brennan's personal email account, describing it as a crime and saying so far there was "no indication" that any classified information was released.

"The hacking of the Brennan family account is a crime and the Brennan family is the victim," the Central Intelligence Agency said after anti-secrecy campaign group WikiLeaks published documents it said had come from the account.

"The private electronic holdings of the Brennan family were plundered with malicious intent and are now being distributed across the web," it said.

"This attack is something that could happen to anyone and should be condemned, not promoted. There is no indication that any of the documents released thus far are classified."

source: www.abs-cbnnews.com

Why you should be careful about the sites you visit

MANILA - Filipinos are becoming careless about the sites they visit or the links they click, according to data from a US-based global security software company released Tuesday.

Trend Micro, citing its researchers based in the Philippines, revealed that there has been a more than 30 percent spike in the number of malicious URLs clicked in the country during the year's third quarter (July to September).


This, according to the company, leaves Filipinos more vulnerable to malware --a type of software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems.

It also helped Philippines rank 7th in the list of countries that fell prey to ransomware --a type of malware that prevents or limits users from accessing their computers.

Victims of this particular malicious software are forced to pay a ransom via certain online payment methods to make their devices usable again.

Myla Pilao, Marketing Director at Trend Labs --the local arm of Trend Micro-- explained that the reason companies and enterprises in the country are vulnerable to malwares is simply because of outdated security software.

"Updating software in a timely manner remains a challenging process. However, enterprises have to stay protected against these threats. Given how easily malware can affect critical business operations, it is best for these organizations to invest in technologies that will help them secure their endpoints and systems," she said in a statement.

Trend Micro also warned that malware in the country, mostly, is still passed on through traditional methods such as infected USBs.

As a preventive measure, the company encourages businesses to invest more in computer security, and that users should be extra mindful of their browsing habits.

source: www.abs-cbnnews.com

Kaspersky finds 'Red October' virus targeting Europe

PARIS, France - Kaspersky Lab said Monday it had identified a new computer virus it dubbed "Red October" targeting eastern European countries that appeared to be collecting classified files using NATO and EU encryption.

"The primary focus of this campaign targets countries in Eastern Europe, former USSR Republics, and countries in Central Asia, although victims can be found everywhere, including Western Europe and North America," said the maker of anti-virus software in a statement.

Kaspersky Lab said "there is strong technical evidence to indicate the attackers have Russian-speaking origins."

Red October, which has been active since at least 2007, appears to collect files encrypted with software used by several entities from the European Union to NATO, it added.

Kaspersky said Red October also infected smartphones and collected login information to test on other systems.

Red October has what Kaspersky Lab called a unique "resurrection" module that hid in Adobe Reader and Microsoft Office programs that allowed the attackers to regain access if the virus was discovered and removed.

In addition to diplomatic and governmental agencies of various countries across the world, Red October also targeted research institutions, energy and nuclear groups, and trade and aerospace targets, added Kaspersky Lab.

Founded in 1997, Kaspersky Lab employs more than 2,300 specialists and is a leading IT security and anti-virus software company.

source: abs-cbnnews.com

Budget office website defaced by suspected Chinese hackers

MANILA, Philippines — The government’s Department of Budget and Management (DBM) website fell victim to what appears to be hackers from China on Wednesday in the latest in a spate of defacement activities between Philippine and Chinese hackers.

The homepage of the DBM website prominently displayed the Chinese flag with the words “Don’t trouble the Chinese, Don’t play with Fire” displayed below it.

“How come a small b**** border country are overconfident? And challenged to our Chinese super hacker?” the hackers’ message read.

It added: “Remeber: Don’t Trouble Chinese, Don’t Play with Fire. All Members from Silic Group Hacker Army F*ck your mother and all your F8cking families” (sic)

The DBM website is the latest Philippine web property defaced by alleged Chinese hackers in response to the ongoing tensions between the two countries in their respective claims of islands West of the Philippines.

On Monday, Malacañang revealed that several gov.ph websites have come under attack from computer systems whose IP addresses were traced to China. On Friday, the UP System website was also defaced by hackers claiming to be from China.

The government has strongly condemned the cyber attacks, but reiterated that the administration does not condone such actions by local hackers as they do very little in easing the heightening tension between the two countries.

The DBM website was restored minutes later.

source: interaksyon.com

CIA website down, Anonymous hackers suspected

For a few hours Friday night (US time), the website of the US Central Intelligence Agency (CIA) went offline in what appeared to be a distributed denial-of-service (DDoS) attack, a computer security firm said.

Sophos said a group claiming to have ties with hacktivist group Anonymous posted a tweet about the hack Friday afternoon (early Saturday in Manila).

"CIA TANGO DOWN," said the group, bearing the Twitter handle "YourAnonNews".

The CIA website appeared normalas of 6:30 p.m. Saturday (Manila time).

But Sophos also pointed out it remains unclear whether Anonymous was indeed behind the outage.

"Anonymous doesn't have members, isn't a group in a conventional sense, and has arguably no official channels of communication. Without a defined hierarchy, anyone can claim to represent Anonymous if they wish, which means that even Anonymous itself can't actually claim that they did or did not launch an attack," it said.

Anonymous had been active in opposing recent legislation that had been criticized for their potential to muffle freedom of expression on the Internet.

On the other hand, Sophos noted there was no immediate suggestion that the CIA's own systems have been compromised.

For now, it said it merely appeared the CIA's servers have been so bombarded with traffic that their site is no longer accessible from the outside world. — TJD, GMA News

source:gmanetwork.com

Warning out vs Facebook 'Christmas theme' malware

Facebook users, watch out: a website offering a Christmas theme for your Facebook profile may lead to malware.

Computer security firm Trend Micro on Sunday said the latest attack uses social engineering to lure people into installing a malicious browser plugin.

"Once users click the Like button, the page redirects them to a URL which allows victims to download and install a malicious plugin named Free Cheesecake Factory Coupons," Trend Micro said in a blog post.

The plugin, once activated, floods affected users’ walls with the catchy status, "Get Christmas Theme for FB on – – >>0< < – – free Christmas Theme for all FB users!!"

It is detected in Trend Micro antivirus software as TROJ_REDIR.CU.

"Users need to be extra vigilant this holiday season, since cybercriminals are surely to continue launching attacks that use the holiday season as a lure," Trend Micro said. — RSJ, GMA News

source:gmanetwork.com