Plus: Uncle Sam is cross with this one Chinese biz over Salt Typhoon mega-snooping Decades-old legislation requiring American telcos to lock down their systems to prevent foreign snoops from intercepting communications isn't mere decoration on the pages of law books – it actually means carriers need to secure their networks …
Ransomware, AI, secure software, digital IDs – there's something for everyone in the presidential directive Analysis Joe Biden, in the final days of his US presidency, issued another cybersecurity order that is nearly as vast in scope as it is late in the game.... [...]
FSB cyberspies venture into a new app for espionage, Microsoft says Star Blizzard, a prolific phishing crew backed by the Russian Federal Security Service (FSB), conducted a new campaign aiming to compromise WhatsApp accounts and gain access to their messages and data, according to Microsoft.... [...]
Watchdog alleged it had no SIEM or MFA, orders rapid adoption of basic infosec tools GoDaddy has failed to protect its web-hosting platform with even basic infosec tools and practices since 2018, according to the FTC, but the internet giant won’t face any immediate consequences for its many …
We are only seeing 'the tip of the iceberg,' Easterly warns Beijing's Salt Typhoon cyberspies had been seen in US government networks before telcos discovered the same foreign intruders in their own systems, according to CISA boss Jen Easterly.... [...]
Hey, Xi: Zài jiàn! The FBI, working with French cops, obtained nine warrants to remotely wipe PlugX malware from thousands of Windows-based computers that had been infected by Chinese government-backed criminals, according to newly unsealed court documents.... [...]
Ransomware 'not off the table,' Arctic Wolf threat hunter tells El Reg Updated Miscreants running a "mass exploitation campaign" against Fortinet firewalls, which peaked in December, may be using an unpatched zero-day vulnerability to compromise the equipment, according to security researchers who say they've observed the intrusions.... [...]
Scumbags stole API keys, then started a hacking-as-a-service biz, it is claimed Microsoft has sued a group of unnamed cybercriminals who developed tools to bypass safety guardrails in its generative AI tools. The tools were used to create harmful content, and access to the tools were sold as a …
'Codefinger' crims on the hunt for compromised keys A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant's own server-side encryption with customer provided keys (SSE-C) to lock up victims' data before demanding a ransom payment for the symmetric AES-256 keys required to decrypt …
Gee, wonder why Beijing is so keen on the – checks notes – Committee on Foreign Investment in the US Chinese cyber-spies who broke into the US Treasury Department also stole documents from officials investigating real-estate sales near American military bases, it's reported.... [...]
3 CVEs added to CISA's catalog Cybercriminals are actively exploiting two vulnerabilities in Mitel MiCollab, including a zero-day flaw – and a critical remote code execution vulnerability in Oracle WebLogic Server that has been abused for at least five years.... [...]
Here's what $20 gets you these days More than 4,000 unique backdoors are using expired domains and/or abandoned infrastructure, and many of these expose government and academia-owned hosts – thus setting these hosts up for hijacking by criminals who likely have less altruistic intentions than the security researchers …
Telcos would effectively fund grants paid to protect national security The outgoing boss of the FCC, Jessica Rosenworcel, has called on her colleagues to "quickly" adopt rules allowing the US regulator to stage a radio spectrum auction, the proceeds of which would fund the removal from American networks of …
Slow drip of compromised telecom networks continues The list of telecommunications victims in the Salt Typhoon cyberattack continues to grow as a new report names Charter Communications, Consolidated Communications, and Windstream among those breached by Chinese government snoops.... [...]
Once installed, it helps itself to your data like it's a free buffet Android malware dubbed FireScam tricks people into thinking they are downloading a Telegram Premium application that stealthily monitors victims' notifications, text messages, and app activity, while stealing sensitive information via Firebase services.... [...]
When the FBI urges E2EE, you know it's serious business interview In the wake of the Salt Typhoon hacks, which lawmakers and privacy advocates alike have called the worst telecoms breach in America's history, the US government agencies have reversed course on encryption.... [...]
Points finger at third-party infrastructure being breached French tech giant Atos today denied that Space Bears criminals breached its systems - but noted that third-party infrastructure was compromised by the ransomware crew, and that files accessed by the crooks included "data mentioning the Atos company name."... [...]
OFAC, Office of the Treasury Secretary feared hit in data-snarfing swoop Chinese spies who compromised the US Treasury Department's workstations reportedly stole data belonging to a government office responsible for sanctions against organizations and individuals.... [...]
Brings the arrest count related to the Snowflake hacks to 3 A US Army soldier has been arrested in Texas after being indicted on two counts of unlawful transfer of confidential phone records information.... [...]
From targeted espionage to pre-positioning - not that they are mutually exclusive The Chinese government's intrusions into America's telecommunications and other critical infrastructure networks this year appears to signal a shift from cyberspying as usual to prepping for destructive attacks.... [...]
Intrusions allowed Beijing to 'geolocate millions of individuals, record phone calls at will' AT&T, Verizon, and Lumen Technologies confirmed that Chinese government-backed snoops accessed portions of their systems earlier this year, while the White House added another, yet-unnamed telecommunications company to the list of those breached by Salt …
The intrusions allowed Beijing to 'geolocate millions of individuals' AT&T, Verizon, and Lumen Technologies confirmed that Chinese government-backed snoops accessed portions of their systems earlier this year, while the White House added another, yet-unnamed telecommunications company to the list of those breached by Salt Typhoon.... [...]
'The greatest concern is with spear phishing and social engineering' Interview Now that criminals have realized there's no need to train their own LLMs for any nefarious purposes - it's much cheaper and easier to steal credentials and then jailbreak existing ones - the threat of a large-scale supply chain attack …
Cut off one head, two more grow back in its place RansomHub, the ransomware collective that emerged earlier this year, quickly gained momentum, outpacing its criminal colleagues and hitting its victims especially hard. The group named and shamed hundreds of organizations on its leak site, while demanding exorbitant payments …
Botnet's operators 'driven by similar interests as that of the Chinese state' After the Mozi botnet mysteriously disappeared last year, a new and seemingly more powerful botnet, Androxgh0st, rose from its ashes and has quickly become a major threat to critical infrastructure.... [...]