Our monthly Security Reports

 

SWITCH Security Report 2017-01/02

  • The Guardian going post-truth with WhatsApp story?
  • Fruitfly spyware lives long on Macs
  • Good malware – FBI in absurdity trap
  • Star Wars on Twitter – sleeping Twitter botnet with over 350,000 bots discovered

Read the English report.  Read the German report.

 

SWITCH Security Report 2016-12

  • Power and cybercrime – massive quantities of user data stolen in two recent hacks
  • When supposed security add-ons actually spy on your browsing habits
  • Mirai part II – botnet knocks out 900,000 Telekom routers
  • It’s not all bad news – Avalanche botnet taken down

Read the English report.  Read the German report.

 

SWITCH Security Report 2016-11

  • IT security researchers reveal vulnerabilities in photoTAN procedure for mobile banking
  • DDoS attack via IoT botnet shuts down parts of Internet
  • Triple record: Yahoo loses half a billion customers’ details, more trust than ever and USD 1 billion from its acquisition price

Read the English report.  Read the German report.

 

SWITCH Security Report 2016-10

  • Swiss electorate votes in favour of Intelligence Service Act – making everyone a suspect?
  • Your money or your device – mobile banking Trojan Gugi tricks Android users 
  • SWIFT, and it’s gone – banks lose money to hackers again following SWIFT data theft
  • It was just a question of time – botnet discovered on Internet of Things

Read the English report.  Read the German report.

 

 

SWITCH Security Report 2016-09

  • Bug bounties and the Cyber Grand Challenge
  • Pegasus spies on Apple devices, QuadRooter threatens Android
  • A USD 22 billion investment pays off – WhatsApp shares phone numbers with Facebook
  • Now you see them, now you don’t – another multi-million-dollar Bitcoin theft
  • DiskFiltration and Fansmitter attempt to bridge the air gap

Read the English report.  Read the German report.

 

SWITCH Security Report 2016-08

  • Sheer tracking pleasure – debate on information sovereignty and transparency in relation to vehicle data shifts up a gear 
  • Improving security on the Internet of Things – latest news from the Guardian Project and Riffle, a joint venture between MIT and EPFL
  • Summer 2013 revisited – could SFG/FURTIM make the nightmare scenario of a blackout reality?
  • Cruel summer 2016 – cybercriminals jumping on the Pokémon GO bandwagon
  • Not everyone is chasing Pokémon – Google Sheep View and the Faroe Islands

Read the English report.  Read the German report.

 

SWITCH Security Report 2016-07

  • DAO-ism on the ethereal plane – hacker bags cryptocurrency worth USD 50 million
  • Ransomware – smart, greedy and unkillable
  • CANVAS ready to launch – bridging cybersecurity and ethics
  • US border guards want to be your Facebook friend – and other news on anti-terror measures

Read the English report.  Read the German report.

 

SWITCH Security Report 2016-06

  • A RUeful tale – unknown cyberattackers steal 20 gigabytes of data from RUAG
  • Twitter shuts the door on US intelligence services
  • iPhone stays locked – Touch ID demands a password after 48 hours
  • Passwords for e-banking and suchlike? You can soon forget them!

Read the English report.  Read the German report.

 

SWITCH Security Report 2016-05

  • Faster than Odysseus – e-banking Trojan Gozi attacks Switzerland via news website
  • Heartbreak remote – chip implants and the security of implanted, software-driven medical devices
  • One point three million dollar phone – FBI spends big in iPhone hacking dispute with Apple
  • It looks horrible, and it is – Jigsaw causing terror once again, this time in digital form

Read the English report.  Read the German report.

 

SWITCH Security Report 2016-04

  • Probably the most expensive typo ever foils probably the biggest attempted bank robbery ever
  • Switzerland targeted by various hacker groups? Series of DDoS attacks on Swiss websites
  • Connected cars "one of this generation’s biggest security risks"
  • Done and dusted – the new Federal Act on the Surveillance of Post and Telecommunications

Read the English report.  Read the German report.

 

SWITCH Security Report 2016-03

  • Torpedoed for a fistful of dollars – university helps authorities spy on Tor users
  • Crypto Wars 3.0 – will the FBI be given a licence to snoop, or can Apple successfully lock down the unlocking?
  • Deadly bugs in hospital – ransomware Trojan Locky shuts down entire clinics and more
  • Mission: Possible – Big Data and automated law enforcement

Read the English report.  Read the German report.

 

SWITCH Security Report 2016-02

  • ICSI’s Haystack looking for Android needles – and beta testers for its field study
  • Staging a comeback with a blackout – macro-Trojans return and apparently cause Christmas power cut in western Ukraine
  • Is it really smart? Many smart home solutions have security holes as big as a garage door
  • From Mad Men to Bad Boys – malware becoming harder to monitor due to malvertising  

Read the English report.  Read the German report.

 

SWITCH Security Report 2016-01

  • Does PrivaTegrity spell the end of crypto wars? David Chaum’s new encryption system bridges gap between completely anonymous communication and crime prevention
  • The boss is listening, and it’s OK – controlled surveillance of private communications at work does not violate human rights
  • Yesterday’s science fiction, today’s reality – forecasting software and systems to spot crimes before they are committed
  • A patchy start to the year – reports of security issues read like a who’s who of network equipment suppliers  
  • The Clipboard: interesting presentations, articles and videos

Read the English report.  Read the German report.

 

SWITCH Security Report 2015-12

  • Pavlov in Paris – how the conditioned response to terrorist attacks links the real and online worlds
  • «Added value» as standard – new devices delivered complete with malware and extra vulnerabilities
  • Silent profilers – audio beacons allow advertisers to operate extensive tracking
  • Ads, adblockers, anti-adblockers, anti-adblock killers – the arms race continues
  • The Clipboard: interesting presentations, articles and videos

Read the English report.  Read the German report.

 

SWITCH Security Report 2015-11

  • No safe harbour in the Land of the Free – EU Court of Justice restricts data transfer to US
  • A different kind of virus – medical equipment hackable online on a grand scale
  • Viruses, scanned – free anti-virus programs almost as good as those you pay for
  • Let’s hear it, buddy! ETH Zurich research team simplifies two-factor authentication with sound recognition
  • Situation critical – researchers find vulnerabilities in 87% of all Android devices

Read the english report.  Read the german report.

 

SWITCH Security Report 2015-10

  • XcodeGhost and Stagefright hit industry heavyweights Apple and Google and pose questions
  • BÜPF, NDG and government Trojans – debate on sense, senselessness, costs and risks of state surveillance enters next round
  • Privacy B2B – growing number of attacks on SMEs and critical infrastructure
  • Fingerprints of at least 5.6 million US federal employees stolen – who cares?
  • DIY 007 – Deep Sweep project spies on satellite communications

Read the english report.  Read the german report.

 

SWITCH Security Report 2015-09

  • Ferengi in Redmond? Microsoft enters new dimension of data acquisition with Windows 10
  • Digital revolution hacks its makers – ICANN hit by third attack, ISP 1blu hacked and blackmailed
  • Car hacks, autonomous vehicles and telematics-based insurance premiums – threats to safety and privacy
  • Home, smart home – betrayed by your fridge, exposed by your mobile

Read the english report.  Read the german report.

 

SWITCH Security Report 2015-08

  • What a hack – government Trojan Galileo, costing almost half a million francs, rendered useless after attack on Hacking Team
  • Data stacked up sky-high – unprecedented dimensions of cyberattack on US Office of Personnel Management
  • Forget about doping tests – Team Sky data theft brings Tour de France into digital age
  • IMSI catchers – don’t let them catch you...if you can!
  • Do androids dream of electric horses? New variant of mTan Trojan ZeuS targets Android users
  • VPNs – how IPv6, DNS and co. can still turn virtual private networks into very problematic nuisances

Read the english report.  Read the german report.

 

SWITCH Security Report 2015-07

  • Taking cybercrime to the next level – Duqu 2.0 attack on Kaspersky has implications for Switzerland
  • Taking friendship to the next level – scope of NSA spying on German and French governments continues to widen
  • A whole lot of problems – cyberattack grounds Polish airline LOT’s aircraft
  • Detoxing – the last resort when Darknet dealings come to light?
  • Pass the password – attacks on LastPass and Apple Keychain

Read the english report.  Read the german report.

 

 

SWITCH Security Report 2015-06

  • What do tax authorities and contact sites have in common?Neither can protect customer data
  • Good friends listen, and so does the BND – the scandal continues
  • A new kind of government Trojan – cyberattack on German parliament’s secure network
  • Reset, then reload – Android smartphones keep data even after factory reset
  • The Clipboard: Interesting Presentations, Articles and Videos

Read the english report.  Read the german report.

 

 

SWITCH Security Report 2015-05

  • «Massive snooping attack» or successfully treading the fine line between security and freedom? On the reform of Switzerland’s intelligence services legislation
  • Barbie turns Bond girl – toy manufacturers spying on children’s bedrooms
  • Only those who get involved get hurt – latest e-banking Trojans harness social engineering
  • E-health made in Switzerland – electronic patient records
  • Fear of flying 2.0 – US authorities warn of in-flight hacking
  • The Clipboard: Interesting Presentations, Articles and Videos

Read the english report.  Read the german report.

 

SWITCH Security Report 2015-04

  • Shades of grey, made in Germany – SAP and the NSA
  • David, Goliath and the search for a truly safe haven
  • Apple with its head in the sand? Entire anti-virus and anti-malware category of apps removed from iOS App Store
  • Bankrupts have no respect for privacy – RadioShack to auction customer data
  • Look before you leap – hackers fake profiles on dating app
  • The Clipboard: Interesting Presentations, Articles and Videos

Read the english report.  Read the german report.

 

SWITCH Security Report 2015-03

  • Fish bites angler – Lenovo, Komodia and Superfish
  • Gemalto-gate – secret service hack goes right to the roots of mobile security
  • Carbanak – digital bank robbery on a grand scale
  • It’s not all bad news – Europol takes down Ramnit botnet
  • The Clipboard: Interesting Presentations, Articles and Videos

Read the english report.  Read the german report.

 

SWITCH Security Report 2015-02

  • Attacks in the wake of the attack – privacy after the horror of Paris
  • A brave new world of e-banking
  • Gone in less than 60 seconds – from car theft to automotive data hacking
  • Microsoft versus Google and vice versa – biblical short-sightedness?
  • The Clipboard: Interesting Presentations, Articles and Videos

Read the english report.  Read the german report.

 

SWITCH Security Report 2015-01

  • iBeacons: the next big thing for 2015?
  • «Locate. Track. Manipulate.»: a new level of mobile snooping
  • How to steal fingerprints with a 200-mm zoom lens
  • Drones – buzzing business, more stringent rules and fewer benefits than expected
  • The Golden Globes in the wake of the Sony hack
  • The Clipboard: Interesting Presentations, Articles and Videos

Read the english report.  Read the german report.

 

SWITCH Security Report 2014-12

  • No «Land of the Free» in sight: NSA allowed to continue gathering data, BND puts forward EUR 300 million wish list
  • Censorship culture in the UK
  • The new PR: how parties, companies and organisations manipulate web chat to propagate opinions
  • Regin and the Detekt-ives: new software finds known government Trojans – Symantec discovers a new one
  • Generali cheaper: lower premiums in exchange for personal information
  • The Clipboard: Interesting Presentations, Articles and Videos

Read the english report.  Read the german report.

 

SWITCH Security Report 2014-11

  • The «long tail» effect of Shellshock, Heartbleed & co.
  • Malvertising: hackers learning from advertising professionals
  • Legitimate defence of the right to protection versus opening Pandora’s box
  • Taxing the Net: a Hungarian posse gets serious
  • The Clipboard: Interesting Presentations, Articles and Videos

Read the english report.  Read the german report.

 

SWITCH Security Report 2014-10

  • Same again? Fingerprint sensor on new iPhone 6 hacked using same method as for previous model
  • Up in the air: drones, balloons and unresolved security issues
  • Google’s Transparency Report shows Swiss authorities becoming more data-hungry
  • Hacked through your fridge: how secure is the Internet of Things?
  • The Clipboard: Interesting presentations, articles and videos

Read the english report. Read the german report.

 

SWITCH Security Report 2014-09

  • Hacked, tweeted and exposed: Inside information on government Trojans used internationally published on Twitter
  • Page not found: Network blocking in Switzerland and neighbouring countries
  • Breaking bad – malvertising ransomware: ZeroLocker / CryptoLocker / CryptoWall / SynoLocker
  • Canvas or cookies – choosing between Scylla and Charybdis
  • The Clipboard: Interesting Presentations, Articles and Videos

Read the english report.  Read the german report.

 

Earlier Security Reports can be found in our archive.