ICYMI: €50 m cyber-fraud; Codoso back; MS/US gov clash; Adultery extortionists; Apple's encryption key

News by SC Staff

The latest In Case You Missed It (ICYMI) looks at €50 m aeroplane cyber-fraud; Chinese cyber-espionage returns; MS resists US claim on data; Extortion of Ashley Maddison members; Apple iCloud Backup insecure.

Aeroplane part maker claims cyber-fraud cost it €50 million

Facc AG, an Austrian manufacturer of aeroplane parts, has admitted in its third quarter financial report that cyber-criminals targeted the firm's accounting department and managed to defraud it of €50 million (£38 million). It is suspected that senior staff may have been victims of 'whale-phishing'.  More

Chinese cyber-espionage group Codoso 'back in action'

Palo Alto Networks reporting Chinese cyber-espionage group Codoso - which carried out the attack on Forbes.com - is back in action after going silent for three months. Test results looking into unknown malware and attack campaigns indicate Codoso's sophisticated tactics and tools: the group has been linked to leveraging zero-day exploits in combination with watering hole and spear-phishing attacks. More

Microsoft and US government clash over Ireland-held cloud data

Following Microsoft's December 2013 refusal to hand over emails held on a server in Ireland, demanded by the US Federal government, repeated in April 2014, when a federal judge ordered Microsoft to provide the  records,  Microsoft was found in contempt of court. The case now sits in a US appeals court, awaiting a decision by a more senior judge. Microsoft says  that the US has no power to ask for that data, as it is held in another country and well outside of its jurisdiction. More

Ashley Madison users threatened with extortion in letters

Since the Ashley Madison breach, some US users of the infidelity service have received blackmail letters via the US postal system from extortionists threatening to reveal their secret to family, friends and colleagues.  In an extortion letter forwarded to security writer Graham Cluley, the unknown extortionist asked for US$ 2,000 (£1,400) worth of Bitcoin, giving 10 days to pay. More

Apple can read your iMessages despite them being encrypted

If an Apple device user enables iCloud Backup on their Apple device, copies of all messages, photographs and data including iMessages are encrypted on iCloud using a key controlled by Apple and not the user. This allows Apple - and anyone who breaks into their account - to see all personal and confidential data. Apple allows users to switch off iCloud Backup whenever they want, but it doesn't offer a way to locally encrypt iCloud backups. More 

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews