Security News

Fitness trackers get more personalized

Plus, Trickbot gets trickier and DazzleSpy makes its debut

Wearable fitness trackers have widened their scope of health readings and seem to be heading in a direction where they can offer more personalized, substantial health data to users. Along with measuring steps and heart rate, fitness trackers today can measure blood oxygen saturation, sleep patterns, and even mental wellness (one Fitbit product measures changes in sweat to gauge how the body responds to stress). Apple is reportedly in the early stages developing Apple Watch tech that monitors blood sugar levels. According to CNET, the medical and tech communities seem to share a common goal in progressing wearables to help people take better care of themselves between doctor visits. 

But as wearables continue to store an increasing amount of our vital data, should users be worried about how much their fitness devices know about them? Avast Security Evangelist Luis Corrons commented that the security on the trackers themselves is pretty solid. “In terms of security, these devices are safe in general, at least when we talk about the main vendors,” he said. “They usually connect through Bluetooth, so it requires physical proximity to access them. We do, however, need to pay special attention to the devices we pair them with, like smartphones, as all our information will eventually be sent to those.”

Google replacing cookies with “Topics”

Later this quarter, Google plans to test “Topics,” a new technology developed to replace third-party cookies and give the user more digital anonymity. The new protocol is aimed at making it difficult for bad actors to identify users across multiple sites by simply using the API. At the same time, the new API is meant to be understandable to users and transparent in its intention. Google’s goal was to create an API that records “less personally sensitive” data than what is being recorded today. Google will test the new system with external parties before going wide. For more, see ZDNet

Trickbot gets harder to detect

The powerful malware known as Trickbot has become even more powerful, according to researchers from IBM Trusteer who have analyzed its most recent code injections. The malware’s updates include a new server-side injection mechanism, encrypted communications with the command-and-control (C2) server, an anti-debugging feature, and new ways to obfuscate and hide the injected code. Trickbot persisted despite an attempted takedown by authorities in 2020. Some experts believe the latest improvements to the malware prime it for conducting online banking fraud, the original purpose of the malware when it was first created. For more, see Dark Reading

Flaws found in My2022 Olympics app

The Citizen Lab has analyzed the My2022 Olympics app, a required device download for anyone attending the Winter Games in Beijing, and found “a simple but devastating flaw” that can compromise privacy and put sensitive user data at risk. The app provides a wide range of functionality from weather updates and chat features to government portals where one can submit health customs information and passport details. Citizen Lab believes the app’s security deficits violate both Google’s Unwanted Software Policy and Apple’s App Store guidelines. For more on this, see Citizen Lab’s full report

DazzleSpy targets Mac users in Hong Kong

Researchers recently followed a malware campaign targeting Mac users in Hong Kong. The malware at play included a new bug nicknamed DazzleSpy, which could collect information about the compromised system, enumerate files in certain folders, search for specific files, execute shell commands, exfiltrate files, write files to the disk, start a remote screen session, and more. While the attack on individuals has not been attributed to any known threat actor, Google researchers who studied the attack claimed it must have been run by a well-funded state sponsored group. For more on this story, see SecurityWeek

This week’s ‘must-read’ on The Avast Blog

A new report from the UK’s National Crime Agency has found the average age for DDoS hackers has dropped to 15, with some students being as young as nine years old. The issue is that DDoS attacks are easy enough for even kids to carry out.