ICYMI: Coup messages, Pokemon threat, gaming breach, SAP HANA bug, ransomware fight
ICYMI: Coup messages, Pokemon threat, gaming breach, SAP HANA bug, ransomware fight

Turkey publishes WhatsApp messages of coup officers

WhatsApp messages of military officers involved in Turkey's attempted coup were published by the country's state-run media outlets. This disclosure has prompted questions within Turkey about how the government may have accessed the WhatsApp messages. A Reddit user in Turkey started a thread asking other users on the discussion website “to describe how it can be happened” that WhatsApp messages were obtained by the government despite its implementation of end-to-end-encryption technology this year. More

Pokemon Go 'a western cyber-espionage tool'?

Cyber-security experts in Russia are concerned about the data collecting abilities of apps such as Pokemon Go, even speculating whether they were specifically created by western security services as cyber-espionage tools

Speaking to SCMagazineUK.com, Alexander Gorokhov, a former Major-General of the Russian Federal Security Service, commented that modern mobile applications may become a highly-effective tool of industrial and cyber-espionage, posing a threat to the national security of both Russia and also Western states.  Gorokhov says that the ever growing popularity of Pokemon Go and other similar applications have sparked serious concerns within Russia's special services as well as their Western colleagues, due to the ability of such devices to gain unauthorised access to classified data and other types of espionage. (See yesterday's comment from Ken Munro on Pokemon capabilities). More

2.3 million 'Warframe,' 'Clash of Kings' accounts compromised

More than 2.3 million user records have been compromised as two separate gaming companies announced they suffered data breaches. Digital Extremes, the company behind Warframe, announced that a list of 775,749 email addresses was compromised after an attacker exploited a Drupal SQL exploit that was patched by Drupal two weeks after the breach occurred, according to a July 20 post in the company forum.

Separately, a hacker told ZDNet, that he made off with 1.6 million accounts from the official forum of the game "Clash of Kings," by exploiting a known weakness in the forum's outdated vBulletin software found through dorking, according to a July 22 report. More

Bugs in SAP HANA allowed remote code execution

Security researchers have detailed 15 security vulnerabilities that could enable hackers to escalate privileges, execute remote code and modify database information in SAP HANA and SAP Trex.

The bugs were discovered by Onapsis, which released security advisories about the flaws. Included in the advisories is a “critical risk” vulnerability that could be used to gain high privileges allowing unrestricted access to business information, and to modify arbitrary database information. The researchers said collectively, the flaws poses a risk to over 10,000 SAP customers. More

Police and private sector jointly fight ransomware

The Dutch National Police, Europol, Intel Security and Kaspersky Lab have joined forces to launch an initiative called No More Ransom, to spread the word about the threat of ransomware. No More Ransom is a new online portal designed to inform the public about the dangers of ransomware and help victims recover their data without having to pay money to cyber-criminals.  More