Dark web, Telegram, Computer security, Cybercrime, Data breach Apple ADMITS Bad Security, DarkSide Gang Returns!
The pipeline hacking group darkseid is back and they’ve been taken to hakka court and the ransomware gang responsible for crippling ireland’s health service has given them the decryption key for free but there’s a catch that’s. In today’s episode of the week web, where we break down and dissect cybersecurity related tech news, Music, apple’s senior vice president of software engineering won craig federighi has admitted that the level of malware on macs is unacceptable. If this sounds odd that’s, because it is apple isn’t, one to downplay any aspect of their own products besides, if we’re going to talk about apple’s security and privacy, the level of malware on mac os isn’t, the first thing i’d bring up. In my previous video, i discussed the scary level of compromises. Apple has made on security to certain countries the reason for apple scoring this own goal comes from apple’s lawsuit against epic games. Epic games is suing apple because they allege apple has built an illegal monopoly in the form of their app store apple forces apps to use their payment system to buy the apps, as well as for in app purchases, for which apple skims offer 30. Commission epic wants the ability to create their own app store on ios apple isn’t, too thrilled with the idea, craig federighi, who you may recognize from a couple of interviews with marcus brownlee, said under oath in court, that the level of malware on macs is unacceptable and That to allow purchases from a third party store would be a pretty devastating setback for ios security.
He’S, saying all of this in an effort to make the insecurity of mac os. Look like the result of apple, not locking down the os as much as it has done in their ios products. Does craig really mean all of this when he says it? Well, it’s, not something you’d hear out in apple keynotes that’s. For sure this is a tactic. If they can convince the judge that disallowing third party app stores on ios is in the interests of user security, then they might just clinch the w in the lawsuit or so they hope, interestingly, craig here compared mac os to a car that it requires a certain Level of responsibility to use properly, whereas an iphone is something you let a child use, and thus the bar for security on an iphone is set a lot higher and apple argues that something that shouldn’t change. This lawsuit is a big deal because app store purchases. Last year, raked in 72 billion dollars, apple’s cut of 30 leaves them with roughly 22 billion dollars. This revenue stream will have crazy, high profit margins for apple, because there aren’t too many costs associated with downloading an app to a device. Epic estimates it to be about 80, which is double apple’s overall profit margin of 40 apple refutes this number saying they don’t even calculate app store margins, probably because the number’s so high they don’t even have to. But in any case there are ridiculous amounts of money.
At stake here, if apple needs to throw the security of mac os under the bus in order to hold on to control of the ios app ecosystem, then so be it. Ios accounts for 90 of apple’s user base, so the stakes in this lawsuit couldn’t be higher. When i was researching this story, i came across a pretty good defense of apple in the comments section of an art technica article, this user, who switched to mac os and ios development, explains just how incredible the breadth and depth of framework apis and developer tools are, And just how good the documentation is that it’s, true to say that apple has developed a large part of nearly every app on their store, that, without these resources, apple provides app makers themselves will be on the hook for a stupidly massive undertaking to get anywhere near The functionality they have, in addition, apple did recently announce that they were halving their commission of 30 for developers earning less than a million dollars a year, bringing their cuts for those guys down to 15. I do think this issue really has two sides. On the one hand, sure you want developers to profit as much as possible from their hard work, though apple has halved the commission, they charge smaller developers, paying 15 for access to the ecosystem, and all the tools apple provides sounds like a pretty good deal to me. However, that being said, 30 bit much and apple does have a monopoly on ios that’s, quite easy to see imo having a single company which decides whether your product is able to enter the market at all, is more so a problem for me than the commission itself For example, in china, apple is forced to remove apps that criticize the government and help in organizing protests, so for those chinese users, they’re kind of screwed as there’s.
No third party app store on ios. So if they can’t get those apps from the app store, then they can’t get them at all. I would like to see some kind of third party app store if that means epic winning the suit, then i’m, all for it. Let me know your thoughts in the comments. The pipeline hacking, ransomware bandits darkseid are back just a couple weeks ago. They claimed their servers had been seized by some still unknown law enforcement agency and that they had decided to close down darkseid and move on, and that was that, but not for long as it turns out. They may have never had any intention of going anywhere at all because, just a few days ago, an insurance company in the uk was hit with a ransomware attack. All the company computers locked up and displayed the group’s trademark message. Welcome to the dark side, 15 million pounds has been demanded from them or according to an anonymous employee darkseid will leak all data stolen, including passwords and bank details. Presumably, when the employee says passwords they’re, referring to the hashed equivalents, though one call insurance wouldn’t be the first company to store passwords in plain text. According to a local paper, the company has been accused by staff of covering up the attack and deleting comments on their facebook page from concerned. Customers, police are, of course, investigating the incident, though this isn’t, the only dark side related shenanigans, that’s, come to light in the last day or two darkseid’s business partners are taking them to hakka court as threat posters put it.
This stems from darkseid’s refusal to pay its affiliates darkside claims, along with their servers being seized by law enforcement that their bitcoin, which was stored on those servers, was also seized and transferred away from them. I questioned this in a previous video. A criminal gang keeping their private keys on a server doesn’t make sense, they’re too smart for that their claims are fishy at best imo, just an excuse not to pay affiliates darkside, like many other ransomware gangs, operated an affiliate program. Affiliates are tasked with spreading the malware and earn an 80 commission on ransoms paid by their victims. Meanwhile, darkseid handles the technical side of things such as maintaining the malware, etc. Xss a forum darkside operated on is seeing a number of cases open against them by their unpaid affiliates. You see in order to exist on these forums, darkside had to pay a deposit of 20 bitcoin, roughly three quarters of a million dollars. This is what the affiliates are, after the claims involve affiliates, providing proof to forum admins that darkseid owes the money and hasn’t paid if they can prove this, then they’ll get bitcoin paid out from that deposit, it’s, really quite professional in this hacker court. The terms plaintiff and defendant used just like in the real thing from threat post screenshots, one of the plaintiffs is requesting 150 000 in compensation, so not insignificant sums of money. It all feels rather strange reading these disputes. The factor hacking forum takes a deposit from a cybercrime group in order to settle disputes like this is almost impressive.
A couple videos back, i discussed how the irish healthcare system had been hit with a crippling ransomware attack. Numerous hospitals had to result to pen and paper because they were completely locked out of their systems. However, despite the irish government’s refusal to pay the 20 million ransom, the contin ransomware gang responsible for this mess have just released the decryption software free of charge. Why well there’s no concrete answer, but many ransomware gangs have a quasi code of ethics. They often pledge not to attack hospitals, schools or government agencies, so it’s possible conti were pressured by their peers in the cybercrime community to end this madness, or they may have suddenly grown some level of conscience. Another explanation is that they’re, just not a fan of all of this public attention, they’re suddenly receiving and would prefer to stay out of the spotlight. The irish government is carrying out a detailed analysis on the decryption software to make sure it won’t somehow cause more havoc that there’s no sneaky surprise hidden in the code. However, there is a catch to all of this. Conti is still demanding the 20 million ransom is paid by monday, or else the 700 gigabytes of patient records and payroll information will be made public. However i’m, not convinced they will release the info, they might forego releasing it. For the same reason, they’re decrypting the data for free, but i suppose we won’t have long to find out. In addition, dublin’s high court has issued an injunction that’s, a legal ruling preventing sharing and publishing of this stolen data, a legal ruling against criminals, intent on breaking the law that doesn’t sound, like it’ll, be very effective.
However, the irish healthcare provider has said this was done in order to make it illegal for sites like google and twitter to share the data. But as for things which are worth sharing, we all have some server running something somewhere, whether that’s in the form of a website or a dinky minecraft server, here’s, why you might want to switch them for free to the day sponsor lenode. The node is a totally customizable cloud hosting platform that grows with you from hosting small personal projects to enterprise scale, neural networks. If it runs on linux, it’ll run on the node. The node launched way back in 2003. that’s three years before aws was even a thing. Leno doesn’t spend a second on side, hustles, like grocery chains or reading bedtime stories. Cloud computing is what they do best and is their only focus. Lenode is offering all of you guys a hundred dollars in free credit. Just for signing up claiming your hundred dollars is the easiest decision you’re going to make today use it to spin up a minecraft server set up a pen, testing lab instantiate your own vpn. The possibilities are endless: they have 24 7 phone support, which is a godsend in the world of servers, so you will never be left out in the cold, go to lynnode.comtonic or click the link in the description to claim your free 100. If you want to see more of this kind of video, make sure to, let me know in those comments, leave a like and turn on sub notifications, so you don’t miss any new hacky news for behind the scenes.
Footage do make sure to follow me on the instagrams.