Law enforcement officials from Europe and the US have struck a major blow against cybercriminals. Around 50 servers in Germany, the Netherlands, Switzerland, France and the USA were taken out of service on Monday by several criminal investigators. On Monday, investigators managed to put the "Safe-Inet" service out of operation. According to "Heise", a VPN service was running over it to disguise IP addresses. The cybercriminals' "favorite VPN," as Europol calls it, included up to five layers of anonymization. The world's biggest cybercriminals used the service to carry out various extortion attempts via ransomware or to access payment information via web skimming, for example.

As part of the Multidisciplinary Platform Against Criminal Threats (Empact) operation, investigators also seized users' data and accounts. The evaluation so far revealed some indications of cyberattacks that had already been going on for some time. A total of 250 of the companies that would have been targeted by the perpetrators could already be identified and warned. According to the "Aargauer Zeitung", in addition to the FBI and Europol, the Aargau cantonal police were also involved. The evaluation and identification will still take time.

Source: Heise

Alcohol is an unsuitable companion in road traffic. Every year, 34 people die in Switzerland after alcohol-related accidents - and another 430 are seriously injured. Even consumed in small quantities, alcohol doubles the risk of a fatal accident. Nevertheless, one in four people in the current BFU population survey state that they still get behind the wheel at least occasionally after consuming two or more glasses of alcohol.

Significantly more men than women report such behavior. As the survey further shows, men also answer more frequently that they are still able to drive safely after three glasses or more. Overall, this percentage is down from the 2018 survey. Twenty-five percent of respondents feel they are no longer able to drive safely after just one glass; in 2018, the figure was 20 percent. The fact is, even one glass of alcohol affects driving ability. Reaction becomes slower, the stopping distance thus longer. Vision and concentration decrease, while fatigue and risk-taking increase.

However, the principle of the BFU campaign and the police also applies to the small circle of friends and family celebrations: If you drink, you don't drive.

How to get home safely

- For new drivers, there is a legal zero tolerance for alcohol. Even with more driving experience, the principle proves true: If you drink, don't drive.
- Use public transportation or cabs as an alternative to your own car.
- Do not drink alcohol when taking medications.
- To hosts: Always have non-alcoholic beverages available. Let alcoholized persons stay overnight at your place or organize a cab.

Source: AAIB

The EU Commission discussed a new global cyber strategy on December 16. The focus is on defending against cyber threats in the areas of the internal market, law enforcement, diplomacy and defense. The strategy will primarily aim to protect fundamental rights and ensure a global and open internet.

The EU plans to invest a total of around 4.5 billion euros in this global initiative over the next seven years. First and foremost, the Commission wants to redesign the guidelines to better secure the defensibility of critical areas such as hospitals. An AI-based cybersecurity shield will be used to better detect the threat of cyberattacks and enable preventive measures to be taken before systems are attacked.

At the same time, the EU wants to establish a global cyber unit to strengthen cooperation with the authorities and EU states. Furthermore, as part of the initiative, the EU Commission also wants to work more closely with partners from the United Nations to establish a global cyber security network.

Source: ec.europa.eu

The increased online activity during Corona also calls more cybercriminals to the scene, who try to access users' data or bank details by various means. Malwarebytes security researchers identify several threats that users may encounter on social media platforms over the holidays.

Virtual Christmas concert scam

Pretty much every form of contact with the outside world has been and is being moved to the digital - including going to concerts. In the process, Malwarebytes security researchers analyzed several types of scams: among others, cybercriminals have set up several Facebook pages with a list of fake live streaming events. This is a front for a phishing campaign, as those who want to participate in these streams have to register with their personal data.

Fake donation links

A popular variant among cybercriminals are fake donation links - especially at the end of the year, many people want to donate once again for a good cause or even to artists who hardly had a chance to perform this year. Cybercriminals have bombarded the official pages of musicians or artists with fraudulent links, hoping to direct stream participants to a website asking for "donations".

PayPal money transfer fraud

Fraudsters also like to gain access to other people's accounts in messenger services. Once they have taken over an account, they contact the account holder's contacts and ask them to accept payment from a third party for a Christmas gift they sold to them online - they themselves do not have a PayPal account and therefore cannot receive the payment. The recipients are then asked to pass on the money sent via PayPal by bank transfer - once this is done, the payment made via PayPal is reversed.

Source: malwarebytes.com

Fortinet announces the acquisition of Panopta. The SaaS platform provider Panopta based in Chicago, already offers a cloud-based solution that provides monitoring of services, applications and devices on a network. Combined with the scalable network monitoring and diagnostics platform, Fortinet aims to provide what it calls "the most comprehensive network and security operations management solution" for B2B and service providers. According to Fortinet, Panopta's cloud-based solution provides "end-to-end visibility of every service" or network device and application, regardless of whether it is a container, cloud, on-prem or hybrid deployment.

Source: Fortinet

Weltbild Verlag GmbH, in cooperation with the Swiss Federal Inspectorate for Heavy Current Installations (ESTI), is recalling the UV-C disinfection lamp "Maxxmee". There is a risk of damage to eyes and skin. Affected customers will be refunded the purchase price.

What is the danger posed by the affected products?

The affected UV-C disinfection lamps do not meet the electrical and photobiological safety requirements according to applicable standards.

Which products are affected?

Affected by the recall are the UV-C disinfection lamps "Maxxmee" (see attached picture of the affected product).

What should affected consumers do?

Customers who have purchased the product are urged to stop using the product and return it to a Weltbild store or send it back to Weltbild. They will receive a credit note or a refund of the retail price. They will also receive a gift card in the amount of ten francs.

Source: Federal Consumer Affairs Bureau

During the pandemic wave, more cybercriminals are also on the move. Due to increased data volumes, online retailers in particular must expect drastically increased risks from hacker attacks during Christmas.

Already during the first lockdown, data traffic in online stores increased by up to 28 percent compared to the normal weekly average. This is the conclusion reached by cybersecurity specialists Imperva in a recent e-commerce threat intelligence report. This trend is now accelerating rapidly - and e-commerce access numbers are also expected to far exceed those of 2019. As a result, they say, security risks are expected to increase sharply throughout the 2020 holiday season and the New Year.

Some notes from the thread report:

Operators and customers should therefore keep a special eye on "Bad bot attacks" when asking for prices, prepare yourself accordingly before Account Takeover (ATO) Attacks and protect access data and, in particular, payment data. API attacks hedge. A sharp increase in 2020 makes DDoS attacks insidious, especially in view of the increased purchases of private computers in individual households. Lastly, the supply chain is also at risk from Third-party plugins like JavaScript and CMS framework: Formjacking, data skimming and magecart attacks Can increase greatly in lockdown Christmas shopping.

To the whitepaper from Imperva 

Source: Imperva

Pixabay

Eleven of the thirteen new projects supported by Health Promotion Switzerland are designed to prevent mental illness. Of these, five projects focus specifically on improving support for people who are at risk of suicide or have already survived a suicide attempt. Four of the projects are the result of a specific call for proposals on suicide prevention launched by the Federal Office of Public Health (FOPH) and Health Promotion Switzerland. The focus here was on the continuity of care and treatment when patients leave hospital or clinic, as there is a gap in support services and a great need here.

Health Promotion Switzerland supports various projects in the field of health care that address the topics of non-communicable diseases, addiction and mental health. These aim, for example, to improve interfaces in healthcare or to support cooperation, interprofessionality and multiprofessionality.

"Effective preventive measures must be integrated into the care system and, for example, into networks for coordinated care. Our goal is to drive the development of corresponding projects," says Jvo Schneider, Head of Prevention in Health Care and member of the Executive Board of Health Promotion Switzerland.

More information:
www.gesundheitsfoerderung.ch/projekte-pgv-runde-3

Source: gesundheitsforderung.ch

The diagnosis and treatment of breast diseases are complex and require an extensive infrastructure as well as a wide range of techniques and equipment. The Breast Center Zurich is the first medical center to be operated jointly by a private clinic and a private hospital with a public service mandate. It was established in 2018 by merging the Breast Center Zurich-Bethanien and the Senology Department of the Zollikerberg Hospital.

The medical center has already undergone an audit at the end of 2019 and has now received the official certification document. The certification was carried out by the Swiss Cancer League and the Swiss Society of Senology.

In the future, Privatklinik Bethanien and Spital Zollikerberg are envisaged as a competent point of contact that aims to provide all-round care for breast diseases 365 days a year. Patients will benefit from the interdisciplinary collaboration of medical specialists from a wide range of fields such as operative gynecology, oncology, radiology, plastic and reconstructive surgery, radiotherapy and pathology.

Quele: Swiss Medical Network

Fake website screenshot

In a press release, SECO warns against deception when ordering criminal records extracts on the Internet. On the suspicious websites, only an "online guide" is offered instead of the desired criminal record extract.

The persons concerned complained that after a web search they had inadvertently landed on a website on which they had merely purchased an "online guide" instead of the Swiss criminal record extract. The guide explains how criminal records can be ordered. The cost of 20 francs was charged directly to their credit card.

SECO points out that the Swiss criminal record extract can be ordered on the website of the Federal Office of Justice or at the post office counter.

The correct link for this is: www.strafregister.admin.ch.

Source: SECO 

Both in working life (home office) and in education (homeschooling), videoconferencing has become an elementary communication channel that is now indispensable. Virtual Network Consult AG, based in Zug, Switzerland, believes that end-to-end encryption of video streams is the right way to achieve greater security. In this context, VNC names three important criteria in particular:

1. encryption via WebRTC: WebRTC is a proven industry standard for securing video streams. Similar to the Https protocol and like a VPN connection, the data is secured by a hermetic tunnel. WebRTC should be standard in modern video applications as secure encryption for video conferencing. WebRTC peer-to-peer is often sufficient for small numbers of participants and low bandwidth requirements.

2. the use of video bridges: However, with higher numbers of participants, the performance of WebRTC goes to its knees. This is why WebRTC-compatible video bridges are needed, as they require less bandwidth on the client side and are therefore more suitable for multiple video communication. Encryption of the transport connections is still based on WebRTC. The video bridge itself is operated on dedicated servers, which should be under the control of the respective organization. If video conferences are recorded, these often very large files should of course also be stored in encrypted form. The same also applies to whiteboards, for example.

3. end-to-end encryption: Videoconferencing is usually one of many communication channels, such as messenger, chat or e-mail, that are used in collaboration. Often, one or more formats are used in parallel. Therefore, from a security perspective, it is important to avoid application proliferation. Integrated communication suites with a common code base for all functional modules facilitate end-to-end encryption. This also generally applies to auditability of security standards. Partially functional video solutions on a closed-source basis, in contrast to open-source solutions, use proprietary, non-standardized software modules and thus make security audits more difficult. OMEMO-based encryption is therefore recommended for chat applications.

Source: VNC 

Pixabay 

U.S. cybersecurity company Fireeye admitted late Sunday to being the victim of a cyber attack. The company, which is usually contacted by US authorities, has itself become the target of hackers. The attack involved a vulnerability in its Solarwinds networking software. According to the cybersecurity firm, the attack on Orion IT management software may have begun as early as spring. The software nests in the target's system for up to two weeks and is capable of transferring a system's files and booting up or shutting down systems, among other things. Government, consulting, technology, telecommunications and global commodities companies have been targeted since then, he said. According to a report from Solarwinds, 18,000 customers have already downloaded the updates containing the backdoors. It is not yet known whether only email traffic was spied on.

Fireye has notified all companies that may have been affected, he said. Last week, Fireye already stated that its own systems were attacked by allegedly sophisticated, state-sponsored hackers.

Fireye Blog