DIRS.INFO The most relevant business & tech news

☆ US, partners target North Korea with sanctions following satellite launch
▼ + stars: | 2023-11-30 | by ( ) www.reuters.com time to read: +4 min

The list includes senior officials from the National Aerospace Technology Administration, which oversaw the satellite launch, and the munitions industry department. Since the launch of the satellite, North Korea said that its leader, Kim Jong Un, has reviewed spy satellite photos of the White House, Pentagon and U.S. aircraft carriers at the naval base of Norfolk. Kimsuky's hacking operation has been historically focused on South Korea, Japan and the United States. The RGB is a North Korean intelligence agency that is involved in cyber warfare activities, according to analysts, and is under U.S. sanctions. Two Russia-based representatives of North Korean banks and one China-based representative were also hit with sanctions, among others.

Persons: Kim Jong, Brian Nelson, Nelson, Kimsuky, Daphne Psaledakis, David Brunnstrom, Christopher Bing, Hyonhee Shin, Sandra Maler, Gerry Doyle Organizations: Korean Central News Agency, KCNA, REUTERS, U.S . Treasury Department, North, Terrorism, Financial Intelligence, Democratic People's, National Aerospace Technology Administration, United Nations, White House, Pentagon, U.S, North Korea sparred, Security Council, Treasury, Cybersecurity, Infrastructure Agency, Security, U.S . National Security Agency, Korea's, Bureau, UN, Thomson Locations: WASHINGTON, SEOUL, United States, Korea, U.S, Australia, Japan, North Korea, Korean, Republic of Korea, Democratic People's Republic of Korea, South, New York, Norfolk, South Korea, Guam, Italy, Washington, Europe, Russia, North Korean, Iran, China, North, Seoul

☆ How an Indian startup hacked the world
▼ + stars: | 2023-11-16 | by ( ) www.reuters.com time to read: +41 min

The Indian company hacked on an industrial scale, stealing data from political leaders, international executives, prominent attorneys and more. Run by a pair of brothers, Rajat and Anuj Khare, the company began as a small Indian educational startup. The Indian company hacked on an industrial scale, stealing data from political leaders, international executives, sports figures and more. Back in 2012, Kristi Rogers was an executive at Aegis, a London-based security company. Canadian security company GardaWorld, which acquired Aegis in 2015, said it had no information on the incident.

Persons: Chuck Randall, Randall, “, ” Randall, ”, Randall’s inbox, Appin, Rajat, Anuj Khare, Rajat Khare’s, Clare Locke, Khare “, Khare, ” Clare Locke, Ted Kaczynski, Anuj, who’ve, SentinelOne, Tom Hegel, Appin “, Hegel, Mandiant, ” Hegel, Shane Huntley, ” Huntley, Google’s Huntley, ‘, Jochi Gómez, Gómez, Halevi, Tamir Mor, Russian oligarch Boris Berezovsky, Mohamed Azmin Ali, ” Mor, Berezovsky, Azmin, Mor, Roman Abramovich, Mark Hastings, Hastings, didn’t, Jim H, ” Jim H, Jim H’s, Kristi Rogers, Mike Rogers, he’s, Global’s, sully, Rogers, Damian Perl, – “, Steven Santarpia, ” Santarpia, Santarpia, Leonel Fernández, ” Fernández, Rajat Khare, “ Let’s, Ministry of Home Affairs didn’t, Peter Hargitay, Stevie, Billing, ” Stevie, ’, ” Peter Hargitay, Mookhey, Norman Shark, Jonathan Camp, Shark, Camp, Norman, Dominican Republic –, Dan Brady, Sandra Schweingruber, ” Schweingruber, Schweingruber, Brady, ” Gómez, –, ” –, Anna Carter, Mark Califano, ” Rajat Khare’s, India’s, Educomp, Karen Hunter, Hunter, Bryan, Rajat’s, Vijay Kumar, Deepak Kumar, Kumar, ACSG, Jay Solomon, Solomon, ” Rebsec’s, Vishavdeep Singh, Rebsec, CyberRoot, Sumit Gupta, Gupta, Raphael Satter, Zeba Siddiqui, Christopher Bing, Ryan McNeill, Corinne Perkins, John Emerson, Marla Dickerson Organizations: Reuters, Google, Harvard University, U.S, Symantec, Appin, Caribbean, El, Israeli Defense Forces, Commando, Quillon Law, U.S . House Intelligence, The Michigan Republican, U.S . Senate, Aegis, Global Security, Security, Rogers, Army Corps of Engineers, Rotary, Aegis ’, Global, ” Reuters, Britain’s, Appin Software Security, Ltd, Appin Security, –, Research, Analysis, Intelligence Bureau, Indian, India’s Ministry of Home Affairs, India’s Ministry of Defense, of Home Affairs, Central Bureau of Investigation, CBI, Federal Bureau of Investigation, Ministry of Home Affairs, Telenor, Broadcom, FBI, Dominican, Criminal Investigation Service, Appin Security Group, CERT, country’s, Bureau of Investigation, Educomp, State Bank of India, State Bank, The National Security Agency, NSA, U.S ., Swiss, Appin Technology, India’s Ministry, Corporate Affairs, Control Security Global, Technology, Kumar, Facebook, Meta, BellTroX, Services, Street, New, Rebsec, BellTroX’s, Hire Locations: Long, New Delhi, India, Yorker, Paris, Swiss, cybersecurity, Appin, Dominican, California, “, Dominican Republic, El Siglo, United States, Britain, Switzerland, New York, French, New Jersey, Israel, Russian, Malaysian, London, Rwandan, Virginia, Canadian, Chuck@shinnecock.org, Texas, Indian, India’s Punjab, Pakistan, Zurich, Australia, Norway, Oslo, Brady, Former, ”, U.S, Islip, Shinnecock, Washington, cyberespionage

Caesars paid around $15 million in ransom to regain access to its systems from the hackers, according to reporting by the Wall Street Journal. Some have been collecting evidence leading to the hackers' identities and are assisting law enforcement, according to the five insiders. The sources say that, following the September casino hacks, the FBI's investigation took on new urgency. Mandia didn't respond directly when asked whether Scattered Spider's identities were known to law enforcement. But he did say that there was no excuse for not arresting hackers who operated from the West.

Persons: Bridget Bennett, Michael Sentonas, Sentonas, Alphabet's, James Foster, Foster, cybercriminals, gona, Kevin Mandia, Mandiant, you've, Zeba Siddiqui, Raphael Satter, Christopher Bing, Chris Sanders, Claudia Parsons Organizations: MGM, MGM Resorts, REUTERS, FRANCISCO, U.S . Federal Bureau of Investigation, FBI, MGM Resorts International, Caesars Entertainment, Industry, Reuters, Department of Justice, Caesars, Wall Street, Palo Alto Networks, Microsoft, ex, Telegram, Thomson Locations: Las Vegas , Nevada, U.S, WASHINGTON, America, Palo, American, Baltimore , Maryland, United States, Newark , New Jersey, sextortion, San Francisco, Washington

☆ Russian Spies Behind Cyberattack on Ukrainian Power Grid in 2022 - Researchers
▼ + stars: | 2023-11-09 | by ( Nov. | At A.M. | ) www.usnews.com time to read: +2 min

By James PearsonLONDON (Reuters) - Russian cyber spies were behind a hack which disrupted part of Ukraine's power grid in late 2022, U.S. cybersecurity firm Mandiant, part of Google, said in a report on Thursday, in a rare and advanced form of cyberwarfare. Last October, a massive wave of Russian missile strikes on Ukraine's power network caused blackouts in many parts of the country, prompting Kyiv to halt electricity exports and leaving four regions temporarily without electricity. Sandworm hackers rose to prominence in 2015 after a separate cyberattack against Ukraine’s power grid which cut off power for around 255,000 people. The disruptive, digital, intrusion was widely considered to be one of the first, known, successful cyberattacks against a power network. “There have only been a handful of incidents similar to this, with the majority carried out by Sandworm,” Mandiant analyst Nathan Brubaker said.

Persons: James Pearson, ”, Sandworm, Nathan Brubaker, Christopher Bing, Sharon Singleton Organizations: James Pearson LONDON, Google Locations: Russian, Russia, Ukraine, Kyiv, London, Washington

An Israeli Armoured Personnel Carrier (APC) is obscured as it whips up dust near Israel's border with the Gaza Strip, in southern Israel October 15, 2023. Gaza authorities say more than 2,200 people have been killed there, a quarter of them children. Iran has spoken of "far reaching consequences" if Israel's "war crimes and genocide" are not stopped. The message came late on Saturday after Axios reported that Tehran had told Israel - in a message sent via the U.N. - that it would have to respond if Israel carries out its expected ground offensive. He also said he wanted to make sure the civilian population that remained in Gaza had access to food, water and safe shelter, telling CNN that Israeli officials recently restored access to water in parts of Gaza.

Persons: Ronen, Axios, Jake Sullivan, John Kirby, Sullivan, Joe Biden, Biden, Lindsey Graham, Abdel Fattah El, State Anthony Blinken, Nandita Bose, Katharine Jackson, Christopher Bing, Raphael Satter, Lisa Shumaker, Heather Timmons, Bill Berkrot Organizations: Carrier, REUTERS, Rights, U.S, White House, CBS, White House National Security, Fox News, White, Republican, State, Department, NBC, CNN, Thomson Locations: Gaza, Israel, Lebanese, Iran, Tehran, Ukraine, Saudi Arabia, U.S, Washington

WASHINGTON, Oct 12 (Reuters) - U.S. prosecutors say an Israeli private investigator used hackers to steal emails from climate activists who were campaigning against American energy giant Exxon Mobil Corp (XOM.N). Prosecutors stopped short of stating a connection between the Israeli private eye – former policeman Aviram Azari – and Exxon, and the memo did not identify any of his clients. Victims say that leaves a key question unanswered. Exxon pushed back, filing lawsuits that cited press articles, which suggested the activists were using underhanded tactics. “Azari facilitated the hacking scheme by directing groups of hackers, including a particular group of individuals based in India, to target specific victims,’” prosecutors wrote.

Persons: Damian Williams, parry, Prosecutors, Aviram Azari, Kert Davies, Paul Weiss, Bradley Campbell, Williams, Azari, Barry, “ Azari, ’, Raphael Satter, Christopher Bing, Leslie Adler, Richard Chang Organizations: U.S, Exxon Mobil Corp, Southern, of, Exxon, Climate Integrity, Natural Resources, Conservation Law Foundation, Exxon Mobil, Reuters, Thomson Locations: of New York, New York, Massachusetts, India, United States

In another case, a video showed a billboard in the central Israeli city of Holon displaying images of rockets and a burning Israeli flag. Israeli information security professionals are banding together to provide free cybersecurity services to Israeli companies amid a spike in hacktivist activity sparked by the war in Gaza, volunteers said. Ohad Zaidenberg, an Israeli IT specialist, is leading a group of volunteers to help Israeli companies that are being actively targeted. The organizers of the volunteers are drawing the line on members taking vigilante action against Hamas, said Omri Segev Moyal, the chief executive of the Israeli cybersecurity firm Profero. Moyal, who runs a popular Facebook group for Israeli cybersecurity professionals, said he had already removed a couple of posts calling for digital action against the Palestinian group.

Persons: Brendan McDermid, fatigues, Yossi Appleboum, Appleboum, Zoom didn’t, Ohad, ”, Omri Segev Moyal, Moyal, Profero, “, Raphael Satter, Christopher Bing, James Pearson, Lisa Shumaker Organizations: Palestinian, Hamas, REUTERS, Reuters, Telegram, Thomson Locations: Israel, New York City, U.S, LONDON, Holon, Gaza, Israel's, Israeli, Washington, London

A hooded man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration/File Photo Acquire Licensing RightsOct 10 (Reuters) - Hacktivist groups say they are hitting Israeli targets online amid the war in Israel and Gaza, disrupting and defacing websites like the Jerusalem Post. The conflict between Israel and its Arab neighbors routinely attracts both intense global interest and politically minded hackers - dubbed hacktivists - who piggyback on the fighting, either to support their favored side or simply get attention. "There are dozens of victims per day, claimed by both pre-established and new (hacktivist) groups," cyber intelligence firm Recorded Future said. Examples of serious or long-term damage are still thin, but the activism shows how a subset of supporters use digital tools to bring the war online.

Persons: Kacper, Avi Mayer, hacktivists, Omri Segev Moyal, Israel, Profero, Christopher Bing, Raphael Satter, Zeba Siddiqui, Chris Sanders, Sonali Paul Organizations: REUTERS, CERT, Microsoft, Thomson Locations: Israel, Gaza, Jerusalem, Ukraine, Iranian, Washington, San Francisco

CEO Sam Altman has made the acquisition of more AI chips a top priority for the company. Meta's (META.O) custom chip effort has been beset with issues, leading the company to scrap some of its AI chips, according to a Reuters report. OpenAI's main backer, Microsoft (MSFT.O), is also developing a custom AI chip that OpenAI is testing, The Information has reported. Demand for specialized AI chips has soared since the launch of ChatGPT last year. Nvidia is one of the few chipmakers that produces useful AI chips and dominates the market.

Persons: Dado Ruvic, OpenAI, Sam Altman, Altman, Bernstein, Stacy Rasgon, Anna Tong, Stephen Nellis, Max A, Kenneth Li, Stephen Coates 私 Organizations: REUTERS, FRANCISCO, Reuters, Nvidia, Microsoft, Google, Amazon.com, Annapurna Labs, Devices Locations: WASHINGTON, San Francisco

"I think the potential for unintended harm from the use of AI exists in any federal agency and in any use of AI," said DHS Chief Information Officer Eric Hysen. And when we interact with people, it can be during some of the most critical times of their lives." Historically, academics have flagged the dangers of AI regarding racial profiling and because it can still make errors while identifying relationships in complex data. The guidelines will also require that facial recognition matches discovered using AI technology be manually reviewed by human analysts to ensure their accuracy, according to a new directive that the agency plans to release alongside the AI memo later on Thursday. Another area where DHS has already uses AI technology extensively is on the southern border, where the agency has deployed more than 200 surveillance cameras, said Hysen.

Persons: Marco Bello, Alejandro Mayorkas, Eric Hysen, Hysen, Alexandra Alper, Christopher Bing, Chizu Organizations: U.S . Department of Homeland Security, REUTERS, Rights, Department of Homeland Security, Customs, Border Patrol, DHS, Thomson Locations: Mexico, U.S, Del Rio , Texas, California's San Isidro Port

REUTERS/Mike Segar/File Photo Acquire Licensing RightsSept 7 - Researchers at digital watchdog group Citizen Lab said on Thursday they found spyware they linked to Israeli firm NSO that exploited a newly discovered flaw in Apple (AAPL.O) devices. Citizen Lab did not provide further details on the affected individual or the organization. Apple issued new updates on its devices after investigating the flaws reported by Citizen Lab. An Apple spokesperson said it had no further comment, while Citizen Lab urged consumers to update their devices. A NSO spokesperson said it did not have any immediate comment on the Citizen Lab research.

Persons: Mike Segar, Citizen Lab, John Scott, Railton, Apple, Zeba Siddiqui, Christopher Bing, Jamie Freed Organizations: Apple Inc, Apple, REUTERS, Citizen, NSO, Citizen Lab, University of Toronto's Munk School of Global Affairs, U.S, Thomson Locations: Manhattan , New York, U.S, Washington

☆ China suspected of using AI on social media to sway US voters, Microsoft says
▼ + stars: | 2023-09-07 | by ( ) www.reuters.com time to read: +3 min

REUTERS/Paul Ratje/File photo Acquire Licensing RightsSept 7 (Reuters) - Microsoft researchers said on Thursday they found what they believe is a network of fake, Chinese-controlled social media accounts seeking to influence U.S. voters by using artificial intelligence. A Chinese embassy spokesperson in Washington said that accusations of China using AI to create fake social media accounts were "full of prejudice and malicious speculation" and that China advocates for the safe use of AI. In a new research report, Microsoft said the social media accounts were part of a suspected Chinese information operation. The U.S. government has accused Russia of meddling in the 2016 election with a covert social media campaign and has warned of subsequent efforts by China, Russia and Iran to influence voters. A Microsoft spokesperson told Reuters that the company's researcher used a "multifaceted attribution model," which relies on "technical evidence, behavioral evidence and contextual evidence."

Persons: Paul Ratje, Christopher Bing, Cynthia Osterman, Edmund Klamann Organizations: Center, REUTERS, Microsoft, U.S . Department of Justice, Ministry of Public Security, Facebook, Twitter, Reuters, Liberty, Thomson Locations: Dona Ana, Las Cruces , New Mexico, U.S, Washington, China, Russia, Iran, United States

☆ US says it has disrupted notorious 'Qakbot' hacking network
▼ + stars: | 2023-08-29 | by ( ) www.reuters.com time to read: +1 min

A computer keyboard lit by a displayed cyber code is seen in this illustration picture taken on March 1, 2017. REUTERS/Kacper Pempel/Illustration/File Photo Acquire Licensing RightsAug 29 (Reuters) - U.S. authorities on Tuesday announced an international law enforcement operation to disrupt the notorious "Qakbot" malware platform used extensively used by cybercriminals involved in financial crime. The operation also involved France, Germany, the Netherlands, and Britain, it said. First discovered more than a decade ago, Qakbot is commonly spread through malicious, boobytrapped emails sent to unsuspecting victims. Security researchers say they believe the hacking network originates in Russia and has attacked organizations around the world from Germany to Argentina.

Persons: Kacper, cybercriminals, Christopher Bing, David Ljunggren Organizations: REUTERS, U.S . Department of Justice, Thomson Locations: France, Germany, Netherlands, Britain, Russia, Argentina

/U.S House of Representatives/Handout via REUTERS /File PhotoWASHINGTON, Aug 15 (Reuters) - Nebraska Republican Congressman Don Bacon said late on Monday the FBI had warned him that his emails were hacked by Chinese spies, with both personal and campaign messages compromised. Bacon was told that the Chinese Communist Party had access to his accounts for about a month ending on June 16, he said on social media platform X, formerly known as Twitter. CNN previously reported that email accounts in the House of Representatives were targeted as part of the same campaign. The Chinese Embassy in Washington did not immediately respond to a message seeking comment. Reporting by Christopher Bing and Raphael Satter; Editing by Devika SyamnathOur Standards: The Thomson Reuters Trust Principles.

Persons: Don Bacon of Nebraska, Don Bacon, Bacon, Gina Raimondo, China Nicholas Burns, Christopher Bing, Raphael Satter, Devika Organizations: Republican U.S . Rep, U.S . House, REUTERS, Nebraska Republican, FBI, Chinese Communist Party, Twitter, Microsoft, U.S, U.S . Commerce, CNN, Communist, Embassy, Air Force, House Armed Services Committee, Thomson Locations: Nebraska, China, Washington

North Korean leader Kim Jong Un and Russia's Defense Minister Sergei Shoigu visit an exhibition of armed equipment on the occasion of the 70th anniversary of the Korean War armistice in this image released by North Korea's Korean Central News Agency on July 27, 2023. The fact North Korean hackers may have obtained information about the Zircon does not mean they would immediately have that same capability, said Markus Schiller, a Europe-based missile expert who has researched foreign aid to North Korea's missile programme. Last month, North Korea test-launched the Hwasong-18, the first of its ICBMs to use solid propellants. "North Korea announced that it was doing the same thing in late 2021. If NPO Mash had one useful thing for them, that would be top of my list," he added.

Persons: Kim Jong, Sergei Shoigu, ScarCruft, Lazarus, Tom Hegel, SentinelOne, Hegel, Obama, Nicholas Weaver, Matt Tait, Weaver, Vladimir Putin, Markus Schiller, Schiller, Jeffrey Lewis, James Martin, James Pearson, Christopher Bing, Chris Sanders, Alistair Bell Organizations: Russia's, North, Korean Central News Agency, KCNA, REUTERS, NPO Mashinostroyeniya, Pyongyang LONDON, Reuters, North Korean, United Nations, Soviet Union, NPO, Intercontinental Ballistic Missile, Mash, James, James Martin Center, Nonproliferation Studies, Korea, Thomson Locations: Pyongyang, WASHINGTON, Russian, Reutov, Moscow, Russia, Washington, New York, North Korea, Soviet, United States, Crimea, Korean, Europe, London

Aug 1 (Reuters) - An obscure cloud service company has been providing state-sponsored hackers with internet services to spy on and extort their victims, a cybersecurity firm said in a report to be published on Tuesday. Researchers at Texas-based Halcyon said a company called Cloudzy had been leasing server space and reselling it to no fewer than 17 different state-sponsored hacking groups from China, Russia, Iran, North Korea, India, Pakistan and Vietnam. Halcyon estimated that roughly half of Cloudzy’s business was malicious, including renting services to two ransomware groups. The cybersecurity firm CrowdStrike, which wasn’t involved in the research, said that it hadn’t seen state-sponsored hackers using Cloudzy. He said the company needed U.S. domicile to be able to register internet protocol addresses in America.

Persons: Halcyon, Cloudzy, Hannan Nozari, couldn’t, Nozari, ”, Ryan Golden, wasn’t, It’s, – CloudPeak, Sheridan –, Adam Meyers, “, Christopher Bing, Cynthia Osterman Organizations: LinkedIn, Reuters, ”, Nozari, CrowdStrike, Thomson Locations: Texas, China, Russia, Iran, North Korea, India, Pakistan, Vietnam, Tehran, Nozari, Cyprus, U.S ., Wyoming, America, Sheridan

[1/2] Miniatures of people with computers are seen in front of North Korea flag in this illustration taken July 19, 2023. North Korea has previously denied organizing digital currency heists, despite voluminous evidence - including U.N. reports - to the contrary. “North Korea in my opinion is really stepping up their game,” said Hegel, who works for U.S. firm SentinelOne. The cybersecurity-focused podcast Risky Business earlier this week cited two sources as saying that North Korea was a suspect in the intrusion. "I don't think this is the last we'll see of North Korean supply chain attacks this year," he said.

Persons: Dado Ruvic, ”, JumpCloud, CrowdStrike, Adam Meyers, Tom Hegel, wasn't, Hegel, cryptocurrency, Chainalysis, CrowdStrike's Meyers, Christopher Bing, Raphael Satter, James Pearson, Michelle Nichols, Anna Driver, Bernadette Baum Organizations: REUTERS, WASHINGTON, American IT, Reuters, CrowdStrike Holdings, North, United Nations, U.S, FBI, Thomson Locations: North Korea, Korean, American, Louisville , Colorado, North Korean, New York, Korea, “ North Korea, The U.S, Washington, London

WASHINGTON, July 18 (Reuters) - The U.S. Commerce Department on Tuesday added two European-based surveillance firms to its economic trade blacklist as part of the Biden administration's efforts to counter the misuse of commercial spyware. The department added Cytrox, a Hungary-based surveillance company and Greek firm Intellexa, another cyber-surveillance firm and two related entities in Ireland and Macedonia. Attempts to reach representatives from Cytrox and Intellexa were not immediately successful. The journalist's allegation came as the European Union (EU) was beginning to follow the United States in taking a harder look at spyware merchants and the use of powerful surveillance software. Reuters reported in 2020 that Intellexa was working with intelligence agencies in Southeast Asia and Europe.

Persons: Biden, Intellexa, Tal Dilian, Cytrox, Jarrett Renshaw, David Shepardson, Karen Freifeld, Raphael Satter, Christopher Bing, Doina Chiacu, Alexandra Hudson Organizations: U.S . Commerce Department, Reuters, Intellexa, The Commerce Department, European Union, Alexandra Hudson Our, Thomson Locations: Hungary, Ireland, Macedonia, Cytrox, Greece, United States, Southeast Asia, Europe

Since the news broke, several victims in addition to the Commerce Department have acknowledged they were affected, including personnel at the State Department and U.S. House of Representatives. The Chinese Ministry of Foreign Affairs called the accusations "disinformation" in a statement to Reuters earlier this week. Raimondo's department has implemented a series of export control policies against China, curbing the transfer of semiconductors and other sensitive technologies. A Commerce Department spokesperson said on Wednesday that Microsoft had notified the agency of "a compromise to Microsoft’s Office 365 system, and the Department took immediate action to respond." Reporting by David Shepardson, Christopher Bing and Simon Lewis in Washington Editing by Matthew LewisOur Standards: The Thomson Reuters Trust Principles.

Persons: Gina Raimondo, Antony Blinken, Wang Yi, Raimondo, David Shepardson, Christopher Bing, Simon Lewis, Matthew Lewis Organizations: . Commerce, Microsoft, ., State Department, Commerce Department, House, Representatives, Chinese Ministry of Foreign Affairs, Commerce, Department, FBI, Thomson Locations: China, Jakarta, U.S, Washington

WASHINGTON/LONDON, July 12 (Reuters) - Chinese state-linked hackers since May have secretly accessed email accounts at around 25 organizations, including U.S. government accounts, in a stealthy cyberespionage campaign, Microsoft (MSFT.O) and U.S. officials said on Wednesday. Microsoft did not say which organizations or governments had been affected, but added that the hacking group involved primarily targets entities in Western Europe. White House National Security Council spokesman Adam Hodge said an intrusion in Microsoft's cloud security "affected unclassified systems," without elaborating. The State Department "detected anomalous activity" and "took immediate steps to secure our systems," a department spokesperson said in a statement. Private sector cybersecurity experts have said newly discovered hacking activity shows how Chinese groups are improving their cyber capabilities.

Persons: Jake Sullivan, ABC's, Adam Hodge, Hodge, John Hultquist, Will Dunham Organizations: WASHINGTON, Microsoft, White House, U.S . State Department, ., White, National Security, The State Department, U.S, Thomson Locations: LONDON, U.S, United States, Western Europe, China's, London, China

The total number of recent victims from the online extortion ring has reached 121 organizations, according to Brett Callow, whose cybersecurity company Emsisoft helps companies respond to digital shakedown attempts. In 2021, Ukrainian authorities announced the arrests of six people tied to cl0p, but it's not clear that they were core members of the group, which continued to hack victims. Plundering file transfer protocols has become increasingly popular as hackers shift from encrypting data to simply stealing files and threatening to release them unless a ransom is paid. Many of the organizations stress that the target of the hack is the file transfer service, not their systems. The FBI said it was "aware of and investigating the recent exploitation of a MOVEit vulnerability by malicious ransomware actors."

Persons: Brett Callow, encrypting, TrendMicro, didn't, Cl0p, Emsisoft, Charles Carmakal, Raphael Satter, Christopher Bing, James Pearson, Cynthia Osterman Organizations: University of California, Siemens Energy, Abbvie Inc, Schneider, Publicly, Sony, Shell PLC, Government, U.S . Energy Department, Alphabet Inc, FBI, Thomson Locations: Los Angeles, Russia, Washington, London

☆ FBI misused intelligence database in 278,000 searches, court says
▼ + stars: | 2023-05-19 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +2 min

SAN FRANCISCO, May 19 (Reuters) - A U.S. court found that the FBI improperly searched for information in a U.S. database of foreign intelligence 278,000 times over several years, including on Americans suspected of crimes, according to a ruling released on Friday. The decision by the Foreign Intelligence Surveillance Court was released by the Office of the Director of National Intelligence (ODNI). The intelligence database stores digital and other information on individuals. The Foreign Intelligence Surveillance Act allows the FBI to search without a warrant communications of foreigners abroad including their conversations with Americans. The court ruling found the FBI violated rules around the use of the database, created under Section 702 of the FISA Act with its searches.

WASHINGTON, May 9 (Reuters) - The FBI has sabotaged a suite of malicious software used by elite Russian spies, U.S. authorities said on Tuesday, providing a glimpse of the digital tug-of-war between two cyber superpowers. "We assess this as being their premier espionage tool," one of the U.S. officials told journalists ahead of the release. He said Washington hoped the operation would "eradicate it from the virtual battlefield." The official identified the FSB hackers behind the malware with a notorious hacking group known as "Turla," which has been active for two decades against a variety of NATO-aligned targets. Moscow routinely denies carrying out cyberespionage operationsReporting by Raphael Satter; Editing by Chizu NomiyamaOur Standards: The Thomson Reuters Trust Principles.

SAN FRANCISCO/WASHINGTON, May 4 (Reuters) - A Miami-based digital marketing firm was behind a series of covert political influence operations in Latin America over the last year, Facebook-owner Meta (META.O) said this week, a rare exposé of an apparent U.S.-based misinformation-for-hire outfit. "It's a classic pattern that you tend to see with for-hire influence operations," said Ben Nimmo, Meta's Global Threat Intelligence Lead. Meta says it regularly takes down disinformation and misinformation operations in order to maintain the integrity of its platform. Twitter said in a September 2022 blog that it had shared datasets about influence operations with Cazadores. Former Twitter employees told Reuters in January that most of the staff involved in the TMRC had since left and Reuters could not determine if it was still operational.

In its report published at the same time, Microsoft said it believed with "high confidence" that the spyware was "strongly linked to QuaDream." Israeli lawyer Vibeke Dank, whose email was listed on QuaDream's corporate registration form, did not return a message seeking comment. NSO did not immediately return a message seeking comment. Neither Citizen Lab nor Microsoft identified the targets of QuaDream's software, but the allegation could still be damaging for the firm. The White House did not immediately respond to a message seeking comment.

Search resuls for: "Christopher Bing"

25 mentions found