This will be law soon: Companies critical to U.S. national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress. [...] The reporting requirement legislation was approved by the House and the Senate on Thursday and is expected …
Amy Zegart has a new book: Spies, Lies, and Algorithms: The History and Future of American Intelligence. Wired has an excerpt : In short, data volume and accessibility are revolutionizing sensemaking. The intelligence playing field is leveling — and not in a good way. Intelligence collectors are everywhere, and government spy …
Remember when the US and Australian police surreptitiously owned and operated the encrypted cell phone app ANOM? They arrested 800 people in 2021 based on that operation. New documents received by Motherboard show that over 100 of those phones were shipped to users in the US, far more than …
Group of 10 MPs and peers say Boris Johnson’s government has prioritised trade over national security Boris Johnson’s government has been accused by MPs of prioritising trade agreements over national security in its handling of surveillance abuses on British soil by governments using spyware made by the …
Analysis: while identity of hackers is not known in this case, Palestinians have long been spied on by Israeli military The disclosure that Palestinian human rights defenders were reportedly hacked using NSO’s Pegasus spyware will come as little surprise to two groups of people: Palestinians themselves and the …
Someone has been hacking telecommunications networks around the world: LightBasin (aka UNC1945) is an activity cluster that has been consistently targeting the telecommunications sector at a global scale since at least 2016, leveraging custom tools and an in-depth knowledge of telecommunications network architectures. Recent findings highlight this cluster’s …
LightBasin hackers were able to obtain subscriber information and call metadata, says CrowdStrike At least 13 phone companies around the world have been compromised since 2019 by sophisticated hackers who are believed to come from China, a cybersecurity expert group has said. The roaming hackers – known as LightBasin – were …
Court judgments reveal how Sheikh Mohammed’s use of Pegasus spyware against his ex-wife was uncovered Dubai ruler hacked ex-wife using NSO Pegasus spyware, high court judge finds Eleven court judgments, covering 181 pages, plus hundreds of other pages of legal documents have revealed an extraordinary spying scandal: state-sponsored …
I’m starting to see writings about a Chinese espionage tool that exploits website vulnerabilities to try and identify Chinese dissidents. [...]
The Pegasus project has raised new concerns about the Israeli firm, which is a world leader in the niche surveillance market In 2019, when NSO Group was facing intense scrutiny, new investors in the Israeli surveillance company were on a PR offensive to reassure human rights groups. In an …
Analysis: UK prides itself on GCHQ’s cyber capability – so availability of Raab’s number will have been embarrassing for him Dominic Raab’s mobile number freely available online for last decade Finding Dominic Raab’s mobile phone online is more than just embarrassing for the foreign secretary: it …
On April 15, the Biden administration both formally attributed the SolarWinds espionage campaign to the Russian Foreign Intelligence Service (SVR), and imposed a series of sanctions designed to punish the country for the attack and deter future attacks. I will leave it to those with experience in foreign relations …
In January, we learned about a Chinese espionage campaign that exploited four zero-days in Microsoft Exchange. One of the characteristics of the campaign, in the later days when the Chinese probably realized that the vulnerabilities would soon be fixed, was to install a web shell in compromised networks that …
Kaspersky investigators uncover evidence that may support US claims Moscow was behind attack A Moscow-based cybersecurity company has reported that some of the malicious code employed against the US government in a cyber-attack last month overlaps with code previously used by suspected Russian hackers. The findings by Kaspersky investigators …
The widespread compromise affecting key government agencies is ongoing, according to the U.S. government. [...]