DIRS.INFO The most relevant business & tech news

WASHINGTON, July 19 (Reuters) - Microsoft Corp (MSFT.O) is expanding its suite of free security tools for customers, the software company said on Wednesday, following criticism that it was charging clients to protect themselves against Microsoft's mistakes. Microsoft's previous practice of charging for advanced versions of those tools has come under widespread criticism, especially following the recently disclosed hack at the U.S. State and Commerce Departments. That hack - which Microsoft later acknowledged was down to a breach and coding flaws - was only discovered because one of the victims spotted an anomaly while reviewing their digital logs. In a statement released alongside Microsoft's blog post, Cybersecurity and Infrastructure Security Agency official Eric Goldstein said that "everyone wins" when security tools are provided free of charge. Charging for those tools "is a recipe for inadequate visibility into investigating cybersecurity incidents," Goldstein said.

Persons: Eric Goldstein, Goldstein, Raphael Satter, Josie Kao Organizations: Microsoft Corp, U.S, Microsoft, U.S . State, Commerce, Infrastructure Security Agency, Thomson

WASHINGTON, July 18 (Reuters) - The U.S. Commerce Department on Tuesday added two European-based surveillance firms to its economic trade blacklist as part of the Biden administration's efforts to counter the misuse of commercial spyware. The department added Cytrox, a Hungary-based surveillance company and Greek firm Intellexa, another cyber-surveillance firm and two related entities in Ireland and Macedonia. Attempts to reach representatives from Cytrox and Intellexa were not immediately successful. The journalist's allegation came as the European Union (EU) was beginning to follow the United States in taking a harder look at spyware merchants and the use of powerful surveillance software. Reuters reported in 2020 that Intellexa was working with intelligence agencies in Southeast Asia and Europe.

Persons: Biden, Intellexa, Tal Dilian, Cytrox, Jarrett Renshaw, David Shepardson, Karen Freifeld, Raphael Satter, Christopher Bing, Doina Chiacu, Alexandra Hudson Organizations: U.S . Commerce Department, Reuters, Intellexa, The Commerce Department, European Union, Alexandra Hudson Our, Thomson Locations: Hungary, Ireland, Macedonia, Cytrox, Greece, United States, Southeast Asia, Europe

WASHINGTON, July 14 (Reuters) - Microsoft (MSFT.O) said on Friday that Chinese hackers misappropriated one of its digital keys and used a flaw in the company's code to steal emails from U.S. government agencies and other clients. The company said in a blog post that the hackers were able to use the key - which they acquired under undisclosed circumstances - and take advantage of "a validation error in Microsoft code" to carry out their cyberespionage campaign. The blog provided the most fulsome explanation yet for a hack that rattled both the cybersecurity industry and China-U.S. relations. Microsoft and U.S. officials said on Wednesday night that Chinese state-linked hackers had been secretly since May accessing email accounts at around 25 organizations. Microsoft's blog post did not explain how the hackers got their hands on one of the company's digital keys, leading some experts to speculate that Microsoft itself had been hacked ahead of the thefts.

Persons: Antony Blinken, China's, Wang Yi, Raphael Satter, Sandra Maler Organizations: Microsoft, State and Commerce, ., State Department, Thomson Locations: China, U.S, Beijing, Jakarta, Redmond, Washington

It can boost security, especially for small organizations that lack the resources to run their own IT or security departments. But competitors squeezed by Microsoft's security offering are sounding the alarm over how wide swaths of industry and government were effectively putting all their eggs in one basket. Adair said he understood that Microsoft wanted to make money from its premium security product. He noted that the hackers - which Microsoft nicknames Storm-0558 - were caught only because someone at the State Department with access to Microsoft's top-of-the-line logging noticed an anomaly in their forensic data. "Having Microsoft further empower customers and security companies so they can work together is probably the best way," Adair said.

Persons: Steven, Adair, Gina Raimondo, Microsoft, Ron Wyden, Redmond, Adam Meyers, CrowdStrike, Raphael Satter, Matthew Lewis Organizations: Microsoft, NASA, Reuters, U.S, State Department, Storm, Thomson Locations: cyberdefense, U.S, Washington

☆ Are fruit-picking drones the future of harvesting?
▼ + stars: | 2023-07-06 | by ( Raphael Sanis | ) www.businessinsider.com time to read: 1 min

Tech companies in Israel have designed fruit-picking drones and tree-pollinating "paddles" to make farms more efficient at a time of worker shortages and climate change. In Chile, flying robots use artificial intelligence and machine learning to detect ripe apples before pulling the fruit from the tree.

Locations: Israel, Chile

☆ See the first supermoon of 2023 light up the sky
▼ + stars: | 2023-07-04 | by ( Raphael Sanis | ) www.businessinsider.com time to read: 1 min

The first supermoon of 2023 has captivated sky gazers across the world. This occurrence is also known as a buck moon, a Native American name for the time of year when the antlers of male deer are in full growth, according to the Farmer's Almanac. A supermoon occurs when the moon reaches its closest point to the Earth. NASA said the moon would appear 5.8% bigger and 12.8% brighter than other full moons. Three more supermoons are expected this year.

Organizations: NASA Locations: American

July 4 (Reuters) - Mass shootings in Philadelphia, Baltimore and Fort Worth claimed the lives of 10 people ahead of the Fourth of July holiday, officials said, a grim illustration of the United States' decades-long failure to curb gun-fueled violence. In Fort Worth, Texas, three people were killed and eight wounded in a mass shooting following a local festival, police said on Tuesday. Police in Fort Worth said no arrests have been made. Police have said they are seeking multiple suspects in the Baltimore shooting. The United States has been struggling with a large number of mass shootings and incidents of gun violence.

Persons: Fort Worth, weren't, Danielle Outlaw, Shawn Murray, Kanishka Singh, Raphael Satter, Mark Porter Organizations: Fort, Philadelphia Police, Police, United, Thomson Locations: Philadelphia, Baltimore, United States, Fort Worth , Texas, Baltimore , Maryland, Fort Worth, Chicago

These themes have become a common thread in his sermons and interviews, especially since Uganda’s Anti-Homosexuality Act was signed into law last month. Nowhere is safe for any queer person living in Uganda,” Joan Amek, co-founder of Rella Women’s Foundation, told CNN. At least 300 human rights violations against suspected homosexuals have been reported in Uganda arising from the Anti-Homosexuality Act of 2023, the SRT told CNN. ‘My life is hell’Nash Wash Raphael, a 30-year-old transgender man, says he was attacked on the night Museveni signed the Anti-Homosexuality Act. The Church of Uganda openly defied the Archbishop of Canterbury, Justin Welby, and supported the Anti-Homosexuality Act, accusing the global head of the Anglican Church of misinterpreting the Bible.

Persons: Canon John Awodi, ”, Yoweri Museveni, ” Joan Amek, didn’t, ’, “, ” Amek, Joan Amekis, Asuman Basalirwa, ‘, Nash, Raphael, Museveni, Nash Wash Raphael, Fabien Muhire, ” Raphael, couldn’t, We’ve, they’ll, Anglican Church Amek, Amek, of Canterbury, Justin Welby, Welby, Bill Organizations: Uganda CNN, Saints ’ Cathedral, CNN, Rella, Foundation, Bethlehem Feleke, SRT, Anglican Church, Anglican, of Locations: Kampala, Uganda, Rev, Bethlehem, Dubai, Saudi Arabia, Africa, Ugandan

WASHINGTON, June 28 (Reuters) - The U.S. Department of Health and Human Services (HHS) was among those affected by a wide-ranging hack centered on a piece of software called MOVEit Transfer, Bloomberg News reported on Wednesday. The report comes as the hackers behind the massive breach claimed credit for stealing data from two major law firms, Kirkland & Ellis LLP and K&L Gates LLP. Kirkland and K&L did not immediately return messages left after hours. The group has previously insisted it doesn't deliberately steal data from government organizations, but that doesn't mean that data hasn't been compromised. Bloomberg cited a person familiar with the incident at HHS as saying that tens of thousands of records could have been exposed.

Persons: Ellis, cl0p, Gates, Kirkland, doesn't, Cl0p didn't, Jon Clay, TrendMicro, Raphael Satter, Lincoln Organizations: U.S . Department of Health, Human Services, Bloomberg, Kirkland, Gates, HHS, Progress Software, Thomson Locations: Russian

REUTERS/Dado Ruvic/Illustration/File PhotoJune 28 (Reuters) - Mercenary hackers increasingly are targeting law firms in a bid to steal data that could tip the balance in legal cases, French and British authorities say, echoing a Reuters investigation that uncovered the phenomenon last year. In a pair of reports published over the past week, the cyber watchdog agencies of France and the United Kingdom cataloged an array of digital challenges faced by law firms, including threats posed by ransomware and malicious insiders. Both also highlighted the dangers posed by mercenary hackers hired by litigants to filch sensitive information from courtroom opponents. France’s cyber watchdog, known as ANSSI, said in its report released Tuesday that “mercenaries with offensive cyber capacities” were increasingly targeting the legal sector. ANSSI cited Reuters reporting last year on how mercenary hackers based out of India were being drafted to help sway high-profile cases in the United States, Europe and elsewhere.

Persons: Dado Ruvic, ANSSI, Britain's, ANSSI didn't, Raphael Satter Organizations: REUTERS, Mercenary, Cyber Security, Reuters, Google, Facebook, Meta, Inc, Thomson Locations: France, United Kingdom, London, India, United States, Europe, U.S

[1/2] A worker arrives at the Department of Health and Human Services in Washington, October 1, 2013. REUTERS/James Lawler Duggan/File PhotoWASHINGTON, June 28 (Reuters) - The U.S. Department of Health and Human Services (HHS) was among those affected by a wide-ranging hack centered on a piece of software called MOVEit Transfer, a source at HHS said on Wednesday. "While no HHS systems or networks were compromised, attackers gained access to data by exploiting the vulnerability in the MOVEit Transfer software of third-party vendors," a health department official familiar with the matter said. Hackers behind the massive breach also claimed credit for stealing data from two major law firms, Kirkland & Ellis LLP and K&L Gates LLP. Kirkland and K&L did not immediately return messages left after hours.

Persons: James Lawler Duggan, Ellis, cl0p, Gates, Kirkland, doesn't, Cl0p didn't, Jon Clay, TrendMicro, Raphael Satter, Lincoln Organizations: Department of Health, Human Services, REUTERS, WASHINGTON, U.S . Department of Health, HHS, Kirkland, Gates, Bloomberg, Progress Software, Thomson Locations: Washington, Russian

☆ Siemens and UCLA say data compromised in MOVEit data breach
▼ + stars: | 2023-06-27 | by ( ) www.reuters.com time to read: +1 min

The hackers behind the wide-ranging breach, Cl0p, had earlier boasted about stealing data from UCLA and Siemens on their website. Cl0p also claimed to have stolen data from biopharmaceutical company Abbvie Inc (ABBV.N) and French industrial group Schneider Electric (SCHN.PA). Siemens and UCLA provided few additional details about the scope or consequences of the breach. Siemens said none of its critical data had been compromised and its operations remained unaffected. UCLA said its campus systems were unaffected and that "all of those who have been impacted have been notified".

Persons: Cl0p, Christoph Steitz, Raphael Satter, Matthias Williams, Mark Potter Organizations: Siemens Energy, University of California, UCLA, Siemens, Abbvie Inc, Schneider, FBI, Genworth, Thomson Locations: FRANKFURT, Los Angeles, UCLA

The total number of recent victims from the online extortion ring has reached 121 organizations, according to Brett Callow, whose cybersecurity company Emsisoft helps companies respond to digital shakedown attempts. In 2021, Ukrainian authorities announced the arrests of six people tied to cl0p, but it's not clear that they were core members of the group, which continued to hack victims. Plundering file transfer protocols has become increasingly popular as hackers shift from encrypting data to simply stealing files and threatening to release them unless a ransom is paid. Many of the organizations stress that the target of the hack is the file transfer service, not their systems. The FBI said it was "aware of and investigating the recent exploitation of a MOVEit vulnerability by malicious ransomware actors."

Persons: Brett Callow, encrypting, TrendMicro, didn't, Cl0p, Emsisoft, Charles Carmakal, Raphael Satter, Christopher Bing, James Pearson, Cynthia Osterman Organizations: University of California, Siemens Energy, Abbvie Inc, Schneider, Publicly, Sony, Shell PLC, Government, U.S . Energy Department, Alphabet Inc, FBI, Thomson Locations: Los Angeles, Russia, Washington, London

☆ Suncor Energy says it experienced a cybersecurity incident
▼ + stars: | 2023-06-26 | by ( ) www.reuters.com time to read: +1 min

Companies Suncor Energy Inc FollowJune 25 (Reuters) - Canadian energy firm Suncor (SU.TO) on Sunday said it experienced a cybersecurity incident, adding that some transactions with customers and suppliers could be impacted while they investigate and resolve the situation. "At this time, we are not aware of any evidence that customer, supplier or employee data has been compromised or misused as a result of this situation," the company said in a statement. Suncor's operations include oil sands development, production, offshore oil and gas, petroleum refining in Canada and the U.S, including the company's Petro Canada retail and wholesale distribution networks. The Canadian Centre for Cyber Security had earlier said it was aware of reports of an incident affecting Petro Canada but said it did not generally comment on "specific cybersecurity incidents." Reporting by Seher Dareen and Swati Verma in Bengaluru and Raphael Satter Editing by Christopher Cushing and Louise HeavensOur Standards: The Thomson Reuters Trust Principles.

Persons: Seher Dareen, Swati Verma, Raphael Satter, Christopher Cushing, Louise Heavens Organizations: Suncor Energy, company's Petro Canada, Canadian Centre for Cyber Security, Petro Canada, Thomson Locations: Canada, Petro, Bengaluru

☆ The true cost of Ukraine's dam disaster
▼ + stars: | 2023-06-16 | by ( Raphael Sanis | Robert Leslie | ) www.businessinsider.com time to read: 1 min

The destruction of the Nova Kakhovka dam emptied a reservoir that supplied water to much of southern Ukraine. Thousands were forced to flee as water flooded parts of Kherson, damaging wildlife, washing away property, and contaminating drinking water — a catastrophe that could be felt for years. But the biggest effect may be transforming southern Ukraine's fertile farmland into a desert.

Locations: Nova, Ukraine, Kherson

June 16 (Reuters) - The widow of murdered Saudi journalist Jamal Khashoggi says in a lawsuit that surveillance software built by the Israeli surveillance company NSO Group was used to spy on her messages in the months leading up to her husband's death. The company - which markets surveillance technology to intelligence agencies and law enforcement around the world - has previously denied that its technology was used to hack Khashoggi. He was a Washington Post columnist who was murdered on the grounds of Saudi Arabia's consulate in Istanbul in 2018. U.S. intelligence concluded in 2021 that Saudi Crown Prince Mohammed bin Salman approved an operation to capture or kill Khashoggi. The Saudi government has denied any involvement by the crown prince and has maintained that Khashoggi's killing was a heinous crime by a rogue group.

Persons: Jamal Khashoggi, Hanan Elatr Khashoggi, Saudi Crown Prince Mohammed bin Salman, Loujain, Raphael Satter, Frances Kerry Organizations: NSO Group, Northern District of Virginia, NSO, Washington Post, Saudi Crown, Saudi, Pegasus, Reuters, Apple Inc, Meta, Inc, Thomson Locations: Saudi, Northern District, Washington, Saudi Arabia's, Istanbul, U.S

WASHINGTON, June 16 (Reuters) - The U.S. Department of Energy got ransom requests from the Russia-linked extortion group Cl0p at both its nuclear waste facility and the scientific education facilities that were recently hit in a global hacking campaign, a spokesperson said on Friday. Data was "compromised" at two entities within the DOE when hackers gained access through a security flaw in MOVEit Transfer. The requests came in emails to each facility, said the spokesperson, who did not say how much money was requested. "The two entities that received them did not engage," with Cl0p and there was no indication that the ransom requests were withdrawn, the spokesperson said. Cl0p has said it would not exploit any data taken from government agencies, and that it had erased all such data.

Persons: CISA, Cl0p, Allan Liska, cl0p, Liska, Timothy Gardner, Raphael Satter, Leslie Adler, Daniel Wallis Organizations: U.S . Department of Energy, DOE, Associated Universities, U.S, Cybsecurity, Infrastructure Security Agency, Thomson Locations: Russia, New Mexico, Washington

CORPORATE DROPBOXESFTA, GoAnywhere MFT, and MOVEit Transfer are corporate versions of file sharing programs consumers use all the time, like Dropbox or WeTransfer. MFT software often promises the ability to automate the movement of data, transfer documents at scale and provide fine-grained control over who can access what. MFT PROGRAMS CAN BE TEMPTING TARGETSRunning an extortion operation against a well-defended corporation is reasonably difficult, said Recorded Future analyst Allan Liska. "If you can get to one of these file transfer points, all the data is right there. HACKER TACTICS ARE SHIFTINGScooping up data that way is becoming an increasingly important part of the way hackers operate.

Persons: Ransom, GoAnywhere MFT, James Lewis, WeTransfer, Allan Liska, Bam, Liska, Joe Slowik, Huntress, Raphael Satter, Grant McCool Organizations: Software, GoAnywhere, Thomson

☆ US government agencies hit in global hacking spree
▼ + stars: | 2023-06-15 | by ( ) www.reuters.com time to read: +2 min

June 15 (Reuters) - The U.S. government has been hit in a global hacking campaign that exploited a vulnerability in widely used software but does not expect it to have significant impact, the nation's cyber watchdog agency said on Thursday. CISA did not identify the agencies that were hit or say exactly how they had been affected. The FBI and National Security Agency also did not immediately respond to emails seeking details on the breaches. MOVEit, made by Progress Software Corp (PRGS.O), is typically used by organizations to transfer files between their partners or customers. Neither Cl0p nor Progress immediately responded to requests for comment.

Persons: Eric Goldstein, cybersecurity, CISA, Jen, MOVEit, John Hammond, Huntress, Raphael Satter, Kanishka Singh, Zeba Siddiqui, Tanna, Chandi Shah, Jonathan Oatis, Angus MacSwan, Bill Berkrot Organizations: U.S, Cybersecurity, Infrastructure Security Agency, CNN, FBI, National Security Agency, MSNBC, Progress Software Corp, Progress, CITY, Thomson Locations: U.S, United States

WASHINGTON, June 14 (Reuters) - Estonian authorities are investigating the theft of cryptocurrency from users of the country's Atomic Wallet service, a police spokesperson said Wednesday. More than $100 million in digital assets were stolen from thousands of users of cryptocurrency service Atomic Wallet by a gang of allegedly North Korean hackers known as "Lazarus," cryptocurrency analytics firm Elliptic said Tuesday. A spokesperson for Estonia's National Criminal Police said in an email that authorities had been investigating the theft since last week but would not be drawn on the details. Kaarel Kallas said the investigation was still in its early stages "and at the moment we cannot comment on the origins of the attacks." The FBI, which has in the past investigated Lazarus-linked hacks, declined comment.

Persons: Lazarus, Kaarel Kallas, Raphael Satter, Mark Potter Organizations: National Criminal Police, FBI, Thomson Locations: Tallinn

WASHINGTON, June 12 (Reuters) - Chinese hackers are all but certain to disrupt American critical infrastructure, such as pipelines and railways, in the event of a conflict with the United States, a senior U.S. cybersecurity official said Monday. In comments made during an appearance at the Aspen Institute in Washington, Cybersecurity and Infrastructure Security Agency Director Jen Easterly said Beijing was making major investments in the capability to sabotage U.S. infrastructure. She cautioned that Americans needed to be prepared for the likelihood that Beijing's hackers would dodge their defenses and cause damage in the physical world. The Chinese Embassy in Washington did not immediately respond to a request seeking a reaction to the warning. Reporting by Raphael Satter; Editing by Bill BerkrotOur Standards: The Thomson Reuters Trust Principles.

Persons: Jen, Raphael Satter, Bill Berkrot Organizations: Aspen Institute, Infrastructure Security, Embassy, U.S, Thomson Locations: United States, U.S, Washington, Cybersecurity, Beijing

☆ Watch the moment Hawaii's Kilauea volcano erupted after a 3-month pause
▼ + stars: | 2023-06-08 | by ( Raphael Sanis | ) www.businessinsider.com time to read: 1 min

Kilauea, the most active volcano on Hawaii's Big Island, erupted and began spewing lava on Wednesday after a three-month pause. The US Geological Survey's Hawaiian Volcano Observatory noticed a glow in a webcam at Kilauea's summit early in the morning before fissures opened up. The observatory said the lava was confined to the crater floor. The Hawaii Volcanoes National Park, where Kilauea is located, said it was expecting large numbers of people to view the eruption. Scientists at the observatory said that they were monitoring the eruption but that no communities on the island were currently at risk.

Locations: Hawaii, Kilauea

☆ Major dam destroyed in Ukraine causing heavy floods in nearby towns
▼ + stars: | 2023-06-06 | by ( Raphael Sanis | ) www.businessinsider.com time to read: 1 min

Residents of southern Ukraine are evacuating after the destruction of the Kakhovka dam caused heavy flooding. Both Ukraine and Russia are blaming each other.

Locations: Ukraine, Russia

☆ India hunts for answers after deadly train crash
▼ + stars: | 2023-06-05 | by ( Raphael Sanis | ) www.businessinsider.com time to read: 1 min

Two hundred seventy-five people are known to have died in India's deadliest train crash in decades. Investigators suspect a signal failure for the three-way collision, and Prime Minister Narendra Modi has vowed to punish those responsible.

Persons: Narendra Modi Locations: India's

☆ BA, BBC and Boots caught up in file transfer hack
▼ + stars: | 2023-06-05 | by ( ) www.reuters.com time to read: +2 min

BA, the BBC and Boots said the breach occurred at their payroll provider, Zellis. The provincial government of Nova Scotia, in Canada, was also hit by the breach. The data from Zellis and the Nova Scotia government was exposed through their use of the MOVEit file transfer software, both organizations said in separate statements. The Nova Scotia government did not immediate return a request for comment. Boots, part of Walgreens Boots Alliance (WBA.O), said the attack had included some of its employees' personal details.

Persons: Boots, Zellis, Nova, Colton LeBlanc, MOVEit, extortionists, Raphael Satter, Sarah Young, Muvija, Eva Mathews, Paul Sandle, Bill Berkrot Organizations: British Airways, BBC, Nova, Security, Digital Solutions, IAG, Walgreens Boots Alliance, Progress Software, Microsoft, Reuters, Britain . British Airways, Thomson Locations: Nova Scotia, Canada, Zellis, Britain, Washington, London, Bengaluru

Search resuls for: "Raphael S"

25 mentions found