DIRS.INFO The most relevant business & tech news

☆ How an Indian startup hacked the world
▼ + stars: | 2023-11-16 | by ( ) www.reuters.com time to read: +41 min

The Indian company hacked on an industrial scale, stealing data from political leaders, international executives, prominent attorneys and more. Run by a pair of brothers, Rajat and Anuj Khare, the company began as a small Indian educational startup. The Indian company hacked on an industrial scale, stealing data from political leaders, international executives, sports figures and more. Back in 2012, Kristi Rogers was an executive at Aegis, a London-based security company. Canadian security company GardaWorld, which acquired Aegis in 2015, said it had no information on the incident.

Persons: Chuck Randall, Randall, “, ” Randall, ”, Randall’s inbox, Appin, Rajat, Anuj Khare, Rajat Khare’s, Clare Locke, Khare “, Khare, ” Clare Locke, Ted Kaczynski, Anuj, who’ve, SentinelOne, Tom Hegel, Appin “, Hegel, Mandiant, ” Hegel, Shane Huntley, ” Huntley, Google’s Huntley, ‘, Jochi Gómez, Gómez, Halevi, Tamir Mor, Russian oligarch Boris Berezovsky, Mohamed Azmin Ali, ” Mor, Berezovsky, Azmin, Mor, Roman Abramovich, Mark Hastings, Hastings, didn’t, Jim H, ” Jim H, Jim H’s, Kristi Rogers, Mike Rogers, he’s, Global’s, sully, Rogers, Damian Perl, – “, Steven Santarpia, ” Santarpia, Santarpia, Leonel Fernández, ” Fernández, Rajat Khare, “ Let’s, Ministry of Home Affairs didn’t, Peter Hargitay, Stevie, Billing, ” Stevie, ’, ” Peter Hargitay, Mookhey, Norman Shark, Jonathan Camp, Shark, Camp, Norman, Dominican Republic –, Dan Brady, Sandra Schweingruber, ” Schweingruber, Schweingruber, Brady, ” Gómez, –, ” –, Anna Carter, Mark Califano, ” Rajat Khare’s, India’s, Educomp, Karen Hunter, Hunter, Bryan, Rajat’s, Vijay Kumar, Deepak Kumar, Kumar, ACSG, Jay Solomon, Solomon, ” Rebsec’s, Vishavdeep Singh, Rebsec, CyberRoot, Sumit Gupta, Gupta, Raphael Satter, Zeba Siddiqui, Christopher Bing, Ryan McNeill, Corinne Perkins, John Emerson, Marla Dickerson Organizations: Reuters, Google, Harvard University, U.S, Symantec, Appin, Caribbean, El, Israeli Defense Forces, Commando, Quillon Law, U.S . House Intelligence, The Michigan Republican, U.S . Senate, Aegis, Global Security, Security, Rogers, Army Corps of Engineers, Rotary, Aegis ’, Global, ” Reuters, Britain’s, Appin Software Security, Ltd, Appin Security, –, Research, Analysis, Intelligence Bureau, Indian, India’s Ministry of Home Affairs, India’s Ministry of Defense, of Home Affairs, Central Bureau of Investigation, CBI, Federal Bureau of Investigation, Ministry of Home Affairs, Telenor, Broadcom, FBI, Dominican, Criminal Investigation Service, Appin Security Group, CERT, country’s, Bureau of Investigation, Educomp, State Bank of India, State Bank, The National Security Agency, NSA, U.S ., Swiss, Appin Technology, India’s Ministry, Corporate Affairs, Control Security Global, Technology, Kumar, Facebook, Meta, BellTroX, Services, Street, New, Rebsec, BellTroX’s, Hire Locations: Long, New Delhi, India, Yorker, Paris, Swiss, cybersecurity, Appin, Dominican, California, “, Dominican Republic, El Siglo, United States, Britain, Switzerland, New York, French, New Jersey, Israel, Russian, Malaysian, London, Rwandan, Virginia, Canadian, Chuck@shinnecock.org, Texas, Indian, India’s Punjab, Pakistan, Zurich, Australia, Norway, Oslo, Brady, Former, ”, U.S, Islip, Shinnecock, Washington, cyberespionage

☆ FBI warns on Scattered Spider hackers, urges victims to come forward
▼ + stars: | 2023-11-16 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +2 min

REUTERS/Bridget Bennett/File Photo Acquire Licensing RightsSAN FRANCISCO, Nov 16 (Reuters) - The FBI warned organizations to guard against the Scattered Spider hacking group, which has breached dozens of American organizations over the past year, stealing their sensitive data for extortion. The statement, issued jointly with the U.S. Cybersecurity and Infrastructure Security Agency, sheds new light into how these hackers operate. The FBI and CISA urged critical infrastructure organisations to implement a series of security measures they recommended and urged victim organisations to share information about the hacks with the agencies. Everything from a sample ransom note, communications with the hackers, their cryptocurrency wallet information, or samples of malicious files could be useful, they said. "FBI and CISA do not encourage paying ransom as payment does not guarantee victim files will be recovered," they said, adding that ransom payments may embolden the hackers into going after more targets.

Persons: Bridget Bennett, they've, Slack, CISA, Zeba Siddiqui, Nick Zieminski Organizations: MGM, MGM Resorts, REUTERS, FRANCISCO, FBI, MGM Resorts International, Caesars Entertainment, U.S, Cybersecurity, Infrastructure Security Agency, Microsoft, Microsoft Exchange, Thomson Locations: Las Vegas , Nevada, U.S, San Francisco

Caesars paid around $15 million in ransom to regain access to its systems from the hackers, according to reporting by the Wall Street Journal. Some have been collecting evidence leading to the hackers' identities and are assisting law enforcement, according to the five insiders. The sources say that, following the September casino hacks, the FBI's investigation took on new urgency. Mandia didn't respond directly when asked whether Scattered Spider's identities were known to law enforcement. But he did say that there was no excuse for not arresting hackers who operated from the West.

Persons: Bridget Bennett, Michael Sentonas, Sentonas, Alphabet's, James Foster, Foster, cybercriminals, gona, Kevin Mandia, Mandiant, you've, Zeba Siddiqui, Raphael Satter, Christopher Bing, Chris Sanders, Claudia Parsons Organizations: MGM, MGM Resorts, REUTERS, FRANCISCO, U.S . Federal Bureau of Investigation, FBI, MGM Resorts International, Caesars Entertainment, Industry, Reuters, Department of Justice, Caesars, Wall Street, Palo Alto Networks, Microsoft, ex, Telegram, Thomson Locations: Las Vegas , Nevada, U.S, WASHINGTON, America, Palo, American, Baltimore , Maryland, United States, Newark , New Jersey, sextortion, San Francisco, Washington

Lockbit was discovered in 2020 when its eponymous malicious software was found on Russian-language cybercrime forums, leading some security analysts to believe the gang is based in Russia. The gang has not professed support for any government, however, nor has any government formally attributed it to a nation-state. "We are located in the Netherlands, completely apolitical and only interested in money," the gang says on its dark web blog. The cybercrime gang infects a victim organisation's system with ransomware - malicious software that encrypts data - and then coerces targets into paying ransom to decrypt or unlock it. On the dark web, Lockbit's blog displays an ever-growing gallery of victim organisations that is updated nearly daily.

Persons: Lockbit, cybercriminals, Zeba Siddiqui, James Pearson, Rod Nickel Organizations: FRANCISCO, LONDON, Commercial Bank of China, Boeing, ION, Thomson Locations: Russia, Netherlands, United States, ICBC's U.S, San Francisco, London

☆ Lockbit cybercrime gang claims hack on China's biggest lender ICBC
▼ + stars: | 2023-11-10 | by ( ) www.reuters.com time to read: 1 min

Companies Industrial and Commercial Bank of China Ltd FollowNov 10 - The cybercrime gang Lockbit confirmed on Friday that it had hacked into the Industrial and Commercial Bank of China - the biggest Chinese lender by assets. "Yes we confirm," a representative for Lockbit said when reached on their contact address via the messaging platform Tox. Reporting by Zeba Siddiqui in San Francisco; Editing by Chizu NomiyamaOur Standards: The Thomson Reuters Trust Principles.

Persons: Lockbit, Zeba Siddiqui, Chizu Organizations: Industrial, Commercial Bank of China, Thomson Locations: San Francisco

China's foreign ministry said on Friday the lender is striving to minimise risk impact and losses after the attack. "We don't often see a bank this large get hit with this disruptive of a ransomware attack," said Allan Liska, a ransomware expert at the cybersecurity firm Recorded Future. TRADES CLEAREDICBC said it had successfully cleared Treasury trades executed on Wednesday and repurchase agreements (repo) financing trades done on Thursday. Some market participants said trades going through ICBC were not settled due to the attack and affected market liquidity. The Treasury market appeared to be functioning normally on Thursday, according to LSEG data.

Persons: Kim Kyung, ICBC, Wang Wenbin, Wang, Lockbit, Allan Liska, Scott Skrym, Michael Gladchun, Loomis Sayles, SIFMA, Urvi, Pete Schroder, Gertrude Chavez, Davide Barbuscia, Carolina Mandl, Paritosh Bansal, Joe Cash, Stephen Coates, Tomasz Janowski Organizations: Commercial Bank of China Ltd, REUTERS, Industrial, Commercial Bank of China, Commercial Bank of China's, U.S . Treasury, ICBC Financial Services, Cybersecurity, Infrastructure Security Agency, Boeing, U.S . Treasury Department, Treasury, Securities, Financial Times, U.S . Securities Industry, Financial Markets Association, Thomson Locations: Beijing, China, U.S, Bengaluru, Washington, Carolina

Industrial and Commercial Bank of China Ltd (ICBC)'s logo is seen at its branch in Beijing, China, March 30, 2016. REUTERS/Kim Kyung-Hoon/File Photo Acquire Licensing RightsCompanies Industrial and Commercial Bank of China Ltd FollowNov 9 (Reuters) - A ransomware attack on Industrial and Commercial Bank of China (ICBC) disrupted some trades in the U.S. Treasury market on Thursday, the Treasury Department said. In ransomware attacks, hackers encrypt an organization's systems and demand ransom payments in exchange for unlocking them. The Financial Times reported earlier on Thursday that the U.S. Securities Industry and Financial Markets Association (SIFMA) told members that ICBC (601398.SS) had been hit by ransomware that disrupted the U.S. Treasury market by preventing it from settling trades on behalf of other market players. We continue to monitor the situation," a Treasury spokesperson said in a response to a question about the FT report.

Persons: Kim Kyung, Urvi, Pete Schroder, Zeba Siddiqui, Alexander Smith, Michelle Price, Lisa Shumaker Organizations: Commercial Bank of China Ltd, REUTERS, Industrial, Commercial Bank of China, U.S . Treasury, Treasury Department, Financial Times, U.S . Securities Industry, Financial Markets Association, Treasury, Thomson Locations: Beijing, China, U.S, Bengaluru, Washington

A padlock is seen in front of the word 'spyware' and binary code in this illustration taken May 4, 2022. Analysis of the journalist's phone showed an infiltration attempt on Aug. 23, OCCRP's co-founder Drew Sullivan told Reuters. Sullivan said an internal forensic investigation tied the intrusion effort against Mangnale's phone to Israeli firm NSO's Pegasus hacking tool. The spyware allows hackers sweeping access to the targets' smartphones, allowing them to record calls, intercept messages and transform the phones into portable listening devices. The Indian government has denied such allegations and last week Information Technology Minister Ashwini Vaishnaw said that the government was investigating the complaints of phone hacking.

Persons: Dado Ruvic, OCCRP's, Drew Sullivan, Anand Mangnale, Sullivan, wasn't, Rocky Cole, Ashwini Vaishnaw, New Delhi didn't, Zeba Siddiqui, Raphael Satter, Munsif, Rod Nickel Organizations: REUTERS, FRANCISCO, NSO Group, Reuters, Apple, Pegasus, NSO, Technology, Indian Embassy, Thomson Locations: WASHINGTON, Indian, India, Delhi, Washington, New Delhi, BENGALURU

☆ Elon Musk's X restructuring curtails disinformation research, spurs legal fears
▼ + stars: | 2023-11-06 | by ( Sheila Dang | ) www.reuters.com time to read: +9 min

It also shows a majority of survey respondents fear being sued by X over their findings or use of data. European Union regulators are also currently investigating X's handling of disinformation, which was the focus of multiple stalled or canceled independent research studies, the survey found. She helped conduct the research survey for the coalition, a global group with more than 300 members, that works to advance the study of technology's impact on society. 'X' logo is seen on the top of the headquarters of the messaging platform X, formerly known as Twitter, in downtown San Francisco, California, U.S., July 30, 2023. Short-form video app TikTok announced an academic research API earlier this year, but its onerous terms and conditions limit its usefulness for researchers, said Megan A.

Persons: Elon, Musk's, Josephine Lukito, Musk, Carlos Barria, Lukito, Tim Weninger, Megan A, Brown, X, CCDH, Imran Ahmed, Bond Benton, Linda Yaccarino, Sheila Dang, Zeba Siddiqui, Martin Coulter, Supantha Mukherjee, Kenneth Li, Anna Driver Organizations: Social, Reuters, Twitter, Coalition for Independent Technology Research, Center, Union, University of Texas, San, EU, Reuters Graphics, REUTERS, University of Notre Dame, New York University, Tech Policy Press, Facebook, Montclair State University, Sprinklr, Thomson Locations: Israel, Gaza, quantifies, U.S, Australian, Austin, San Francisco, San Francisco , California, China, Sprinklr, London, Stockholm

A Boeing logo is seen at the 54th International Paris Airshow at Le Bourget Airport near Paris, France, June 18, 2023. The Lockbit threat was no longer on the gang's website as of Wednesday, and it didn't immediately respond to a request for comment. Boeing declined to comment on whether Lockbit was behind the cyber incident it disclosed. It's unclear what data Lockbit may have stolen from the company. "Paying the ransom would simply elicit a pinky promise from LockBit that they will destroy whatever data they obtained," Callow said.

Persons: Benoit Tessier, didn't, Lockbit, Brett Callow, Emsisoft, Callow, Valerie Insinna, Chris Reese, Lisa Shumaker, Jamie Freed Organizations: Boeing, Paris, REUTERS, Rights, Cybersecurity, Infrastructure Security Agency, Global Services, Services, Thomson Locations: Le Bourget, Paris, France

☆ Alliance of 40 countries to vow not to pay ransom to cybercriminals, US says
▼ + stars: | 2023-10-31 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +2 min

White House Deputy National Security Advisor for Cyber and Emerging Technology, Anne Neuberger, addresses cyber security during the daily press briefing at the White House in Washington, U.S. September 2, 2021. REUTERS/Jonathan Ernst/File Photo Acquire Licensing RightsSAN FRANCISCO, Oct 31 (Reuters) - Forty countries in a U.S.-led alliance plan to sign a pledge never to pay ransom to cybercriminals and to work toward eliminating the hackers' funding mechanism, a senior White House official said on Tuesday. The International Counter Ransomware Initiative comes as the number of ransomware attacks grows worldwide. In ransomware attacks, hackers encrypt an organization's systems and demand ransom payments in exchange for unlocking them. Partner countries will share a "black list" through the U.S. Department of Treasury that will include information on digital wallets being used to move ransomware payments, Neuberger said.

Persons: Anne Neuberger, Jonathan Ernst, Biden, Neuberger, Chainalysis, Zeba Siddiqui, Cynthia Osterman Organizations: White, Technology, REUTERS, FRANCISCO, White House, MGM Resorts International, Reuters, U.S . Department of Treasury, Thomson Locations: Washington , U.S, U.S, United States, Lithuania, Israel, UAE, San Francisco

The White House is pictured from the West Wing Driveway in Washington, U.S., February 10, 2022. Analysts say ransomware attackers also increasingly steal sensitive data to extort victims. The White House has long advised against paying ransoms and has been pushing other countries to make the same commitment. During the third International Counter Ransomware Initiative, the administration will announce “significant” outcomes, including initiatives for sharing information on the ransomware attackers between counties. Figuring out the scale of ransomware attacks can be tricky because many companies don’t report them.

Persons: Tom Brenner, Ransomware, “ We're, Costa, South Korea –, ”, Trevor Hunnicutt, Zeba Siddiqui, David Gregorio Our Organizations: REUTERS, Rights, Analysts, Initiative, Interpol, European Union, Thomson Locations: Washington , U.S, U.S, Nigeria, Costa Rice, Singapore, South Korea

☆ Boeing assessing Lockbit hacking gang threat of sensitive data leak
▼ + stars: | 2023-10-27 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +2 min

The hacking group posted a countdown clock on its data leak website with a message saying, "Sensitive data was exfiltrated and ready to be published if Boeing do not contact within the deadline!" "For now we will not send lists or samples to protect the company BUT we will not keep it like that until the deadline," the hacking group said. The hacking group typically deploys ransomware on a victim organization's system to lock it up and also steals sensitive data for extortion. Lockbit was the most active global ransomware group last year based on the number of victims it claimed on its data leak blog, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). The hacking gang also did not immediately respond to a request for comment sent on an address it mentioned on its data leak site.

Persons: Lindsey Wasson, Lockbit, CISA, Zeba Siddiqui, Leslie Adler Organizations: Boeing KC, Pegasus, U.S . Air Force, REUTERS, Rights, Boeing, Boeing Co, Cybersecurity, Infrastructure Security Agency, Thomson Locations: Everett , Washington , U.S, ”, San Francisco

☆ 23andMe notifies customers of data breach into its 'DNA Relatives' feature
▼ + stars: | 2023-10-24 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +2 min

SAN FRANCISCO, Oct 24 (Reuters) - Genetics testing company 23andMe (ME.O) on Tuesday sent emails to several customers to inform them of a breach into the "DNA Relatives" feature that allowed them to compare ancestry information with users worldwide. In the new emails, a copy of which was seen by Reuters, 23andMe told customers there was a breach of one or more accounts connected to theirs through the "DNA Relatives" feature. "There was unauthorized access to one or more 23andMe accounts that were connected to you through DNA Relatives," the company told customers in the email on Tuesday. "As a result, the DNA Relatives profile information you provided in this feature was exposed to the threat actor." loadingEarlier, the company had said hackers may have used credentials leaked from other websites to breach 23andMe accounts - a technique known as 'credential stuffing'.

Persons: 23andMe, Katie Watson, Alexandra Ulmer, David Gregorio Our Organizations: FRANCISCO, Reuters, Thomson Locations: U.S, San Francisco

☆ Five Eyes intelligence chiefs warn on China's 'theft' of intellectual property
▼ + stars: | 2023-10-18 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +4 min

The officials from the United States, Britain, Canada, Australia and New Zealand - known as the Five Eyes intelligence sharing network - made the comments following meetings with private companies in the U.S. innovation hub Silicon Valley. From quantum technology and robotics to biotechnology and artificial intelligence, China was stealing secrets in various sectors, the officials said. In response, Chinese government spokesman Liu Pengyu said the country was committed to intellectual property protection. The U.S. has long accused China of intellectual property theft and the issue has been a key sore point in U.S.-China relations. "The Chinese government is engaged in the most sustained scaled and sophisticated theft of intellectual property and expertise in human history," said Mike Burgess, the Australian Security Intelligence Organisation's director-general.

Persons: Christopher Wray, Jim Bourg, Wray, Liu Pengyu, Mike Burgess, Burgess, we've, Zeba Siddiqui, Jamie Freed Organizations: Committee, Federal Bureau of Investigation, REUTERS, Rights STANFORD, FBI, Reuters, The, Australian Security Intelligence, Thomson Locations: Washington , U.S, California, China, United States, Britain, Canada, Australia, New Zealand, U.S, Valley . U.S, Washington, The U.S, Australian, Stanford , California

☆ U.S. lawmaker seeks answers from Meta, X, Google, TikTok over Israel-Hamas false content
▼ + stars: | 2023-10-17 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +3 min

Senator Michael Bennet on Tuesday sought information on how tech giants Meta (META.O), X, TikTok and Google (GOOGL.O) were trying to stop the spread of false and misleading content about the Israel-Hamas conflict on their platforms. Visuals from older conflicts, video game footage, and altered documents are among misleading content that has flooded social media platforms since Hamas militants attacked Israeli civilians on Oct. 7. "In many cases, your platforms’ algorithms have amplified this content, contributing to a dangerous cycle of outrage, engagement, and redistribution,” Bennet said. The short video app TikTok said it had hired more Arabic and Hebrew-speaking content moderators. "The mountain of false content clearly demonstrates that your current policies and protocols are inadequate," he said in the letter.

Persons: Michael Bennet, Biden, Bonnie Cash, Bennet, ” Bennet, Thierry Breton, Elon Musk, Zeba Siddiqui, Stephen Coates Organizations: Capitol, REUTERS, FRANCISCO, Google, European Union, YouTube, Twitter, Elon, Thomson Locations: Washington , U.S, Israel, San Francisco

☆ Hackers hit aid groups responding to Israel and Gaza crisis
▼ + stars: | 2023-10-13 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +2 min

A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. Jerusalem-based nonprofit United Hatzalah, which provides emergency medical services, said its website was struck by distributed denial of service (DDoS) attacks that temporarily slowed its ability to receive donations. DDoS is a low-level and typically unsophisticated attack designed to overwhelm a website with artificial traffic, often causing it to crash. The disruptions to the United Hatzalah website did not lead to loss of data or donations, said Jeremy Cole, a spokesperson for the group. Another website impersonating United Hatzalah that had sprung up in the last few days seeking donations had been taken down, Cole said.

Persons: Kacper, Rohan Talbot, Jeremy Cole, United Hatzalah, Cole, Gil Messing, Messing, Zeba Siddiqui, Bill Berkrot Organizations: REUTERS, FRANCISCO, Medical Aid, Security, Hamas, Thomson Locations: Israel, Gaza, Jerusalem, British, San Francisco

A hooded man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration/File Photo Acquire Licensing RightsOct 10 (Reuters) - Hacktivist groups say they are hitting Israeli targets online amid the war in Israel and Gaza, disrupting and defacing websites like the Jerusalem Post. The conflict between Israel and its Arab neighbors routinely attracts both intense global interest and politically minded hackers - dubbed hacktivists - who piggyback on the fighting, either to support their favored side or simply get attention. "There are dozens of victims per day, claimed by both pre-established and new (hacktivist) groups," cyber intelligence firm Recorded Future said. Examples of serious or long-term damage are still thin, but the activism shows how a subset of supporters use digital tools to bring the war online.

Persons: Kacper, Avi Mayer, hacktivists, Omri Segev Moyal, Israel, Profero, Christopher Bing, Raphael Satter, Zeba Siddiqui, Chris Sanders, Sonali Paul Organizations: REUTERS, CERT, Microsoft, Thomson Locations: Israel, Gaza, Jerusalem, Ukraine, Iranian, Washington, San Francisco

☆ Clorox, reeling from cyberattack, expects quarterly loss
▼ + stars: | 2023-10-04 | by ( ) www.reuters.com time to read: +2 min

Bottles of Clorox bleach are displayed for sale on the shelves of a Wal-Mart store in Rogers, Arkansas, June 4, 2009. "The company expects to experience ongoing, but lessening, operational impacts in the second quarter as it makes progress in returning to normalized operations," it said in a statement. A Clorox spokesperson said the company had informed law enforcement about the attack but had no further comment. The company expects a loss per share of between 35 cents and 75 cents in the quarter ended on Sept. 30, and for net sales to fall by 23% to 28% from a year earlier. "The impact from the cybersecurity attack more than offset the benefits of pricing, cost savings and supply chain optimization," Clorox said.

Persons: Jessica Rinaldi, Clorox, Savyata Mishra, Zeba Siddiqui, Shilpi Majumdar, Tom Hogue Organizations: REUTERS, cyberattacks, MGM Resorts International, Caesars Entertainment, Reuters, MGM, Caesars, Bloomberg, FBI, Thomson Locations: Rogers , Arkansas, U.S, Oakland , California, Bengaluru, San Francisco

REUTERS/Kacper Pempel/Illustration/File photo Acquire Licensing RightsCompanies Microsoft Corp FollowWASHINGTON, Sept 27 (Reuters) - Chinese hackers who breached Microsoft's (MSFT.O) email platform this year managed to steal tens of thousands of emails from U.S. State Department accounts, a Senate staffer told Reuters on Wednesday. The staffer, who attended a briefing by State Department IT officials, said the officials told lawmakers that 60,000 emails were stolen from 10 State Department accounts. U.S. officials and Microsoft said in July that Chinese state-linked hackers since May had accessed email accounts at around 25 organizations, including the U.S. Commerce and State Departments. The hackers compromised a Microsoft engineer's device, which allowed them to breach the State Department's email accounts, according to the briefing. The State Department did not immediately return a message seeking comment on Wednesday, and Schmitt wasn't available for an interview.

Persons: Kacper, Eric Schmitt, Microsoft's, Schmitt, Raphael Satter, Zeba Siddiqui, Leslie Adler Organizations: REUTERS, Microsoft Corp, WASHINGTON, U.S . State Department, State Department IT, Department, East, Microsoft, U.S . Commerce, State, State Department, ., The State Department, U.S . State, Commerce, Reuters, Thomson Locations: East Asia, Europe, China, Beijing

The FBI is investigating the MGM and Caesars breaches, and the companies did not comment on who may be behind them. In some cases - Mandia did not say which ones - hackers tied to Scattered Spider placed bogus emergency calls to summon heavily armed police units to the homes of executives of targeted companies. ALPHV, which according to Mandiant is a "ransomware-as-a-service", would provide services such as a helpdesk, webpage and branding, and in turn get a cut of whatever Scattered Spider would make from the hack. While many ransomware attacks go unpublicised, the MGM hack was a vivid example of the real-world impact of such incidents. Ransomware gangs often function like large organizations, and continue to evolve their methods to adapt to the latest security measures organizations use.

Persons: Bridget Bennett, helpdesk, they’d, Wendi Whitmore, Adam Meyers, it's, Kevin Mandia, Mandiant, Reuters couldn't, CrowdStrike's Meyers, helpdesks, David Bradbury, they've, Bradbury, ALPHV, Okta's Bradbury, Whitmore, Zeba Siddiqui, Raphael Satter, Chris Sanders, Claudia Parsons Organizations: MGM, MGM Resorts, REUTERS, FRANCISCO, Alto Networks, Caesars Entertainment, FBI, Caesars, Google, Reuters, Microsoft, British, Thomson Locations: Las Vegas , Nevada, U.S, WASHINGTON, Canada, Japan, United States, reassign, Las Vegas, San Francisco, New York

☆ Hackers who breached casino giants MGM, Caesars also hit 3 other firms, Okta says
▼ + stars: | 2023-09-19 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +3 min

David Bradbury, chief security officer of the identity management company Okta, said five of the company's clients, including MGM and Caesars, had fallen victim to hacking groups known as ALPHV and Scattered Spider since August. In an interview with Reuters, Bradbury didn't name the other companies, but said Okta was cooperating with official investigations into the breaches. "We've seen consistently over the past six to 12 months, a ramp up in these types of attacks," Bradbury said. Bradbury said the group had breached into MGM and obtained access to its Okta client, which allowed it further access to more credentials in the identity management firm's system. Bradbury said Mandiant's description of the group's tactics aligned with what Okta had observed in the recent hacks.

Persons: Bridget Bennett, David Bradbury, Bradbury didn't, Okta, Bradbury, We've, ALPHV, Google's, Zeba Siddiqui, Michael Perry Organizations: MGM, MGM Resorts, REUTERS, FRANCISCO, MGM Resorts International, Caesars Entertainment, Caesars, Reuters, Google's Mandiant Intelligence, Thomson Locations: Las Vegas , Nevada, U.S, Las Vegas, Macau, San Francisco, United States

REUTERS/Mike Segar/File Photo Acquire Licensing RightsSept 7 - Researchers at digital watchdog group Citizen Lab said on Thursday they found spyware they linked to Israeli firm NSO that exploited a newly discovered flaw in Apple (AAPL.O) devices. Citizen Lab did not provide further details on the affected individual or the organization. Apple issued new updates on its devices after investigating the flaws reported by Citizen Lab. An Apple spokesperson said it had no further comment, while Citizen Lab urged consumers to update their devices. A NSO spokesperson said it did not have any immediate comment on the Citizen Lab research.

Persons: Mike Segar, Citizen Lab, John Scott, Railton, Apple, Zeba Siddiqui, Christopher Bing, Jamie Freed Organizations: Apple Inc, Apple, REUTERS, Citizen, NSO, Citizen Lab, University of Toronto's Munk School of Global Affairs, U.S, Thomson Locations: Manhattan , New York, U.S, Washington

☆ A.I. use rising in influence campaigns online, but impact limited - US cyber firm
▼ + stars: | 2023-08-17 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +2 min

An AI (Artificial Intelligence) sign is seen at the World Artificial Intelligence Conference (WAIC) in Shanghai, China July 6, 2023. Researchers at the Virginia-based company found "numerous instances" since 2019 in which AI-generated content, such as fabricated profile pictures, had been used in politically-motivated online influence campaigns. Generative AI would enable groups with limited resources to produce higher quality content at scale, Mandiant researchers said. Yet, the impact of such campaigns was limited. "Thus far, we haven't seen a single incident response where AI played a role," said Joyce.

Persons: Aly, Mandiant, Sandra Joyce, Joyce, Zeba Siddiqui, Alexandra Hudson Organizations: Artificial Intelligence, REUTERS, FRANCISCO, Google, Security, targetting, Mandiant Intelligence, Alexandra Hudson Our, Thomson Locations: Shanghai, China, Virginia, Russia, Iran, Ethiopia, Indonesia, Cuba, Argentina, Mexico, Ecuador, El Salvador, Hong Kong, North Korea, San Francisco

☆ White House launches AI-based contest to secure government systems from hacks
▼ + stars: | 2023-08-09 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +3 min

"Cybersecurity is a race between offense and defense," said Anne Neuberger, the U.S. government's deputy national security advisor for cyber and emerging technology. "We know malicious actors are already using AI to accelerate identifying vulnerabilities or build malicious software," she added in a statement to Reuters. He said his agency had seen AI being used for everything from creating phishing emails and writing malicious computer code to spreading disinformation. The contest signals official attempts to tackle an emerging threat that experts are still trying to fully grasp. The Open Source Security Foundation (OpenSSF), a U.S. group of experts trying to improve open source software security, will be in charge of ensuring the "winning software code is put to use right away," the U.S. government said.

Persons: Dado Ruvic, Anne Neuberger, cybersecurity, Samy Khoury, Neuberger, Zeba Siddiqui, Raphael Satter, Jonathan Oatis Organizations: REUTERS, Defense, Research Projects Agency, DARPA, White, Google, Microsoft, Security, Thomson Locations: U.S, San Francisco, Washington

Search resuls for: "Zeba Siddiqui"

25 mentions found