ICT Security-Sécurité PC et Internet

Roughly two-thirds of test digital vaccination applications commonly used today as safe passes and travel passports exhibit behavior that may put users' privacy at risk.

The risks are substantial as these apps are required for large populations worldwide, allowing hackers an extensive target base.

Digital passports
Digital passport apps store proof of a person's COVID-19 vaccination status, full name, ID number, date of birth, and other personally identifiable information (PII) encoded in a QR code or displayed directly in the app.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Privacy

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Coronavirus

 

 

Dr. Reddy’s, the contractor for Russia’s “Sputinik V” COVID-19 vaccine and a major generics producer, has had to close plants and isolate its data centers.

COVID-19 vaccine manufacturer Dr. Reddy’s Laboratories has shut down its plants in Brazil, India, Russia, the U.K. and the U.S. following a cyberattack, according to reports.

The Indian company is the contractor for Russia’s “Sputinik V” COVID-19 vaccine, which is about to enter Phase 2 human trials. The Drug Control General of India (DCGI) gave the company the go-ahead on Oct. 19.

In the U.S., it’s a major producer of generics, including therapeutics for gastrointestinal, cardiovascular, pain management, oncology, anti-infectives, pediatrics and dermatology.

In addition to shutting down plants, the drug-maker has isolated all data center services in order to apply remediations, The Economic Times reported. Citing sources, ET said that the company was victimized by a data breach.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Coronavirus

 

According to Acronis' co-founder and technology president Stas Protassov, Bluetooth has had several vulnerabilities in the past, including as recently as February when BlueFrag, a critical vulnerability that affected multiple Android and Apple iOS devices which then required patching. 

Left unpatched, devices could be breached by hackers within the vicinity and the user's personal data stolen, Protassov warned. He also stressed the need for users to update their devices' firmware to ensure vulnerabilities are promptly fixed. And as with any app, they also should check the permissions that all contact tracing apps requested. 

Most of these apps, including Singapore's TraceTogether, use Bluetooth signals to detect others in close proximity, and security observers say it could leave the smartphone susceptible to threats, especially if there are undiscovered or unfixed vulnerabilities. 

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Bluetooth

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=SweynTooth

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Contact+tracing

 

Der Cyberangriff auf die europäische Arzneimittelbehörde wurde wohl durch chinesische Spione sowie den russischen Geheimdienst verübt. Dabei wurde auch auf COVID-19-Impfstoff-Daten zugegriffen.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Coronavirus

 

This is a classic identification problem, and efficacy depends on two things: false positives and false negatives.

False positives: Any app will have a precise definition of a contact: let's say it's less than six feet for more than ten minutes. The false positive rate is the percentage of contacts that don't result in transmissions. This will be because of several reasons. One, the app's location and proximity systems -- based on GPS and Bluetooth -- just aren't accurate enough to capture every contact. Two, the app won't be aware of any extenuating circumstances, like walls or partitions. And three, not every contact results in transmission; the disease has some transmission rate that's less than 100% (and I don't know what that is).

False negatives: This is the rate the app fails to register a contact when an infection occurs. This also will be because of several reasons. One, errors in the app's location and proximity systems. Two, transmissions that occur from people who don't have the app (even Singapore didn't get above a 20% adoption rate for the app). And three, not every transmission is a result of that precisely defined contact -- the virus sometimes travels further.

Assume you take the app out grocery shopping with you and it subsequently alerts you of a contact. What should you do? It's not accurate enough for you to quarantine yourself for two weeks. And without ubiquitous, cheap, fast, and accurate testing, you can't confirm the app's diagnosis. So the alert is useless.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Bluetooth

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=SweynTooth

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Contact+tracing

 

Cybercriminals are trying every trick up their sleeve to benefit from the Coronavirus pandemic and the subsequent chaos that it has generated. The latest trap that they have laid to trick users is by releasing malicious spying apps disguised as COVID-19 updates and information applications.

Trend Micro’s cybersecurity researchers discovered an ongoing cyberespionage campaign at the end of March, 2020, which they named Project Spy. According to their assessment, through Project Spy, the attackers are infecting Android and iOS devices with spyware distributed through apps titled Coronavirus Updates, Wabi Music, Concipit 1248 and Concipit Shop.

See: Over half a million Zoom accounts being sold on hacker forum

These apps can perform a variety of functions including transferring data from Telegram, WhatsApp, Threema, and Facebook messages.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Apps