Some reading to start the week!


Abused Cloudflare Workers Service Used to Inject Korean SEO Spam

... After further investigation, it was found that the website was actually loading SEO spam content through Cloudflare’s Workers service. This service allows someone to load external third-party JavaScript that’s not on their website’s hosting server. Instead, these resources exist within Cloudflare’s own service — therefore requiring a website to be using the Cloudflare DNS to use this Workers service.

When we took a look at the Cloudflare Workers management area on this infected website, there was a suspicious Worker listed with the name hang. It had been set to run on any URL route requests to the website — unless the hosting IP is known and you are able to bypass the Cloudflare service

Sucuri Blog

Israeli Army: Hamas Hackers Tried to ‘Seduce’ Soldiers

The Israeli military on Sunday said it has thwarted an attempt by the Hamas militant group to hack soldiers’ phones by posing as young, attractive women on social media, striking up friendships and persuading them into downloading malware.

Security Week

Three Italian universities hacked by LulzSec_ITA collective

The popular Italian hacktivist collective LulzSec ITA has announced via Twitter the hack of three Italian universities, highlighting the importance of the cybersecurity for our society.

Security Affairs

Emotet Evolves With new Wi-Fi Spreader

Emotet is a highly sophisticated trojan that typically also serves as a loader for other malware. A key functionality of Emotet is its ability to deliver custom modules or plugins that are suited for specific tasks, including stealing Outlook contacts, or spreading over a LAN. Recently, Binary Defense has identified a new loader type that takes advantage of the wlanAPI interface to enumerate all Wi-Fi networks in the area, and then attempts to spread to these networks, infecting all devices that it can access in the process.

Binary Defense


Mozilla lost the browser wars. It still thinks it can save the internet.

In 2016, Mitchell Baker, the chairwoman and interim CEO of Mozilla, sat down to update her manifesto. Well, technically, it's Mozilla's manifesto, but it's Baker's handiwork. Think of it as a sort of Bill of Rights for the internet, or maybe a Ten Commandments: 10 principles about what the internet should be, with ideas about promoting privacy and openness and community. It repeatedly uses words like "individual" and "public" and starts with the premise that the internet is for human beings and needs to be treated as such.

Baker's original opus was published in 2007, adapted from principles Mozilla had held since it was founded in 1998. Over the years, the manifesto has become a foundational document for Mozilla and for the internet as a whole. Employees casually quote it, frequently invoking their favorite principles in explanations and arguments. Baker said her only regret is that there's no way to boil the principles down to a single sentence, like "Don't be evil" or "Think different." Turns out it takes a bit longer to explain how the internet ought to be.


Challenger bank N26 to shut all UK accounts

Challenger bank N26 is closing accounts for UK customers on 15 April, blaming difficulties created by the Brexit process.
The bank, which had a significant marketing push after launch, only started offering current accounts in the UK after the EU referendum.
However, it said that the "timing and framework" of the Withdrawal Agreement made it impossible to continue.
With about 200,000 customers, it was one of the smaller operators in the UK.

Thomas Grosse, chief banking officer at N26, which has a European banking licence, said: "While we respect the political decision that has been taken, it means that N26 will be unable to serve our customers in the UK and will have to leave the market."

BBC News


Mythical man month : 10 lines per developer day

The mythical book, Mythical man month quotes that no matter the programming language chosen, a professional developer will write on average 10 lines of code (LoC) day.

After 14 years of full-time development on the tool NDepend I’d like to elaborate a bit here.

Let’s start with the definition of logical Line of Code. Basically, a logical LoC is a PDB sequence point except sequence points corresponding to opening and closing method brace.



400 Million Social Media Users Are Set to Lose Their Anonymity in India

Facebook, YouTube, Twitter and TikTok will have to reveal
users’ identities if Indian government agencies ask them to, according
to the country’s controversial new rules for social media companies and
messaging apps expected to be published later this month.

The requirement comes as governments around the world are trying to
hold social media companies more accountable for the content that
circulates on their platforms, whether it’s fake news, child porn,
racist invective or terrorism-related content. India’s new guidelines go
further than most other countries’ by requiring blanket cooperation
with government inquiries, no warrant or judicial order required.

Pogo Was Right

U.S. Officials Say Huawei Can Covertly Access Telecom Networks

U.S. officials say Huawei Technologies Co. can covertly access mobile-phone networks around the world through “back doors” designed for use by law enforcement, as Washington tries to persuade allies to exclude the Chinese company from their networks.

Intelligence shows Huawei has had this secret capability for more than a decade, U.S. officials said. Huawei rejected the allegations.

The Eall Streat Journal

How the CIA used Crypto AG encryption devices to spy on countries for decades

For more than half a century, governments all over the world trusted a single company to keep the communications of their spies, soldiers and diplomats secret.
The company, Crypto AG, got its first break with a contract to build code-making machines for U.S. troops during World War II. Flush with cash, it became a dominant maker of encryption devices for decades, navigating waves of technology from mechanical gears to electronic circuits and, finally, silicon chips and software.
The Swiss firm made millions of dollars selling equipment to more than 120 countries well into the 21st century. Its clients included Iran, military juntas in Latin America, nuclear rivals India and Pakistan, and even the Vatican.

Washington Post

AT&T is blocking Tutanota

In some regions of the USA, AT&T internet users are unable to access Tutanota mailboxes on mobile connections since the end of January. Even though we reached out to AT&T, the issue is still not fixed. This shows why net neutrality is so important for internet users and online services alike.

Tutanota Blog