Cyber Security News Update 02-01-19

Cyber Security News

Cyber Security News Update

Facebook Data Privacy

Facebook topped cyber security news all week. It was brought to light that Facebook has been paying teenagers about $20 a month to use its VPN, Facebook Research, which invasively monitors phones activity. Facebook Research is on Apple and Android devices. To circumvent Apple’s App Store policies, Facebook offered downloads through third-party sites. The company advertised to teenagers through Instagram and Snapchat ads.

Facebook research VPN gave Facebook access to phone messages in social media apps, non-e2e chats from instant messaging apps, emails, web searches, web browser activity, and location data. Facebook Research claims to work toward “helping Facebook understand how people use their mobile devices.” Apple has revoked the access Facebook Research needs to run on iPhones.

Previously, Facebook was caught collecting data from phones in through another Virtual Private Network (VPN) service, Onavo Protect, that it acquired in 2013. Apple pulled Onavo from its App Store after Facebook was caught using Onavo to track user activity and data across multiple apps. This is a violation of Apple App Store guidelines and the app was removed in August 2018.

Airbus Hack

European airplane manufacturer Airbus announced that hackers have breached its Commercial Aircraft business information systems. The hacked data includes professional contacts and information on employees in Europe. The company states that its aircraft production is not compromised or affected.

Airbus has reported the incident to officials and the data protection authorities in compliance with General Data Protection Regulation (GDPR) requirements.

National Cybersecurity and Communications Integration Center
National Cybersecurity and Communications Integration Center

DNS Infrastructure Hijacking Campaign

The US National Cybersecurity and Communications Integration Center (NCCIC) announced it was tracking a global Domain Name System (DNS) infrastructure hijacking campaign. Hackers launch the cyber attack by compromising user login credentials that have the authority to edit DNS records.

RELATED:  Saturday Sitrep

The hackers then edit DNS records, like Address (A), Mail Exchanger (MX), or Name Server (NS) records, replacing the proper address of a service with a false address. The new records are for services that the cyber criminal controls and uses to send the web traffic to their own infrastructure where it is decrypted.