SWITCH Security-Blog

SWITCH-CERT IT-Security Blog


The Jan/Feb 2020 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our bi-monthly SWITCH Security Report is available!

The topics covered in this report are:

  • When backdoors become trapdoors: ‘Crypto Leaks’ hits Switzerland, Crypto Valley – and the entire ecosystem
  • I, Robot, ZigBee and IoT
  • Sure, it’s secure! Are you sure?
  • A different kind of virus: China launches its Close Contact Detector app for smartphones

The Security Report is available in both English and German.

»»  Download the English report.     »»  Download the German report.


Attacks on DNS continue, targets are also in Switzerland

Attacks on the domain name system continue

Talos, the intelligence group of CISCO reported in their blog that their monitoring shows that attacks on the domain name system (DNS) by “Sea Turtle” continue.  The attack technique used is similar than before, the actors compromise name server records to take ownership of the domain. They then provide false information to selected parties (e.g certificate authorities, mail users) which leads to the disclosure of email credentials of the targeted organisations. These credentials give initial access to the victims E-mails accounts and other resources and are a starting point for further attacks.

Victims in Switzerland

For the first time, Talos also reported victims in Switzerland.

Geographic Location of Sea Turtle Victims by Talos

While Talos didn’t disclose the targeted organizations they identified these groups as primary targets:

  • Government organizations
  • Energy companies
  • Think tanks
  • International non-governmental organizations
  • At least one airport

Continue reading


The May/June 2019 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our bi-monthly SWITCH Security Report is available!

The topics covered in this report are:

  • Brought to light: Federal Crime Office closes down the world’s second largest illegal dark web marketplace
  • WhatsApp, state trojans? Or, why the city of San Francisco protects privacy better than Mark Zuckerberg’s messenger app
  • Privacy at Facebook, part two: when the lawyer contradicts the boss
  • Symmetry as a fundamental principle: now that we have software as a service, it is only a matter of time before we have cybercrime as a service

The Security Report is available in both English and German.

»»  Download the English report.     »»  Download the German report.

 


The March/April 2019 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our bi-monthly SWITCH Security Report is available!

The topics covered in this report are:

  • Lenin and the detectives: Mobiispy stalkerware can make highly personal data collected while monitoring children and partners publicly accessible
  • Ransomware trojan LockerGoga brings companies to their knees
  • Straight talk at Facebook: when tech giants fail to meet even minimal security requirements
  • Malware straight from the factory: when Shadow Hammer strikes the supply chain

The Security Report is available in both English and German.

»»  Download the English report.     »»  Download the German report.

Did you miss our previous Security Report? Click here to go to the archive.


The Sep/Oct 2018 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our SWITCH Security Report has just been released.

The topics covered in this report are:

  • Turning Good instead of Breaking Bad? Hacking to fend off other hackers
  • What do a firefighter and Google Chrome 69 have in common?
  • 15 months later: new attacks, same old vulnerability
  • Peekaboo exploits vulnerability in surveillance cameras in a major way

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.

 


A new issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our bi-monthly SWITCH Security Report is available!

The topics covered in this report are:

  • An own goal and serious foul: Spanish football league’s app turns 10 million users into involuntarily spies
  • Amazon Rekognition – useful security and convenience tool or total surveillance for pennies?
  • An underestimated risk: the number of malware attacks on smartphones and tablets is exploding
  • Phishing with the stars: scammers take advantage of our celebrity obsession and the crypto craze to cause harm to users

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.


The May/June 2018 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our bi-monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • Microsoft will never contact you by phone: support scam continues to gain momentum
  • «Efail» between hype and disaster: the security world needs to learn how to communicate
  • Sonic waves on the attack, recent incidents are reason to prick up your ears
  • Waterholing attacks: infrastructure is and remains a target

The Security Report is available in both English and German.

»»  Download the English report.      »»  Download the German report.

Did you miss our previous Security Report? Click here to go to the archive.

 


The March/April 2018 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our bi-monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • The dark side of the Data Force: Facebook, Cambridge Analytica, and the pressing question of who is using whose data for what
  • News from the world of state trojans: Microsoft’s analysis of FinFisher
  • Russian APT28 hackers’ month-long infiltration of the computer network of Germany’s federal government
  • Bitcoin bounty or close encounter: bizarre side-effects of cryptomining

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.

 


A new issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our bi-monthly SWITCH Security Report is available!

The topics covered in this report are:

  • Dresscode for apps in the Google Play Store: malicious
  • Quad9 – does it offer a data protection-friendly alternative to Google DNS?
  • Uber’s customer and driver data on a highway to the Dark Net
  • An earful of espionage: when headphones become listening devices

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.


A new issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our bi-monthly SWITCH Security Report is available!

The topics covered in this report are:

  • Attack of the digital dolphins: hacking Alexa, Siri and their friends via ultrasound
  • The anti-antivirus programme: US government bans agencies from installing Kaspersky software on their computers
  • A hack of ‘epic proportions’ at Equifax
  • Science fiction 4.0 – how to hack a computer with a drop of saliva

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.


A new issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our bi-monthly SWITCH Security Report is available!

The topics covered in this report are:

  • Family business: Petya and its derivatives sweep over half the world as a new wave of ransomware
  • Pay a ransom for your privacy: new «extortionware» exposes its victims
  • Positive use of metadata – Cisco can detect malware activity even in encrypted network traffic
  • Successful strike against the darknet drug and weapons trade – security services bust AlphaBay and Hansa

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.


1 Comment

A new issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our bi-monthly SWITCH Security Report is available!

The topics covered in this report are:

  • Plenty of tears as WannaCry encrypts unpatched systems
  • WannaCry’s siblings from the NSA toolbox
  • Keyloggers fitted as standard – HP notebooks snooping on users
  • Hakuna Metadata – the browsing goldmine
  • Unboxed and hacked – new Samsung Galaxy S8 iris scanner

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.


1 Comment

DNSSEC Signing for .ch and .li on the Rise

The share of DNSSEC signed domain names in .ch and .li reached 1% for the first time in June 2017. While this is still a very low number compared to other ccTLDs, the number of DNSSEC signed domain names is increasing at a high rate for the last two quarters.

DNSSEC

The Domain Name System Security Extensions (DNSSEC) is a set of technologies that secures the origin authentication and data integrity of the Domain Name System. It allows to detect DNS records that have been modified on the way from the authoritative name server to the client using a domain name. This helps to protect Internet users from going to bogus websites.

In addition from protecting Internet users from cybercriminals and state sponsored actors, DNSSEC is the base for important standards such as DNS-based Authentication of Named Entities (DANE).

DNSSEC in .ch and .li

DNSSEC was enabled for the .ch and .li zones in 2010 but unfortunately received a slow adaptation by domain holders. From 2013 there was a slow but steady growth of domain names signed with DNSSEC. In November 2016 we noticed a increased rate of DNSSEC signed domain names that accelerated in April 2017.

From now on SWITCH will publish statistics about the number of signed domain names for both ccTLDs .ch and .li on the nic.ch and nic.li website.

DNSSEC Signed Domain Names in .ch   DNSSEC Signed Domain Names in .li
Continue reading


A new issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report is available!

The topics covered in this report are:

  • Cybercriminals increasingly targeting Mac users
  • Malware fitted as standard for Android
  • Switzerland breaks taboo of Net neutrality for sake of CHF 320 million
  • Internet of Things toys spying on children of all ages

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.

 


The Jan/Feb 2017 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • The Guardian going post-truth with WhatsApp story?
  • Fruitfly spyware lives long on Macs
  • Good malware – FBI in absurdity trap
  • Star Wars on Twitter – sleeping Twitter botnet with over 350,000 bots discovered

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.