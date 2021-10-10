CreatorsPublishersAdvertisers
Amnesty International links cybersecurity firm to spyware operation

By Bill Toulas
bleepingcomputer.com
 7 days ago

Cover picture for the articleA report by Amnesty International links an Indian cybersecurity company to an Android spyware program used to target prominent activists. The investigation comes from Amnesty International's team, who confirmed a case of espionage against a Togolese activist and also observed signs of spyware deployment across several key Asian regions. A...

www.bleepingcomputer.com

The Jewish Press

Israeli Firm NSO Ended UAE Contract Over Dubai Leader’s Misuse of Spyware

Israeli-based spyware company NSO Group pulled the plug on its contract with the United Arab Emirates after Dubai’s ruler misused the firm’s Pegasus software to spy on his ex-wife and those around her, Reuters reported. Sheikh Mohammed bin Rashid Al Maktoum, the UAE’s vice president and prime minister, ordered the...
WORLD
AFP

Scandal-hit NSO backs international spyware rules

The Israeli company at the heart of the Pegasus surveillance scandal on Tuesday said it would support international regulation to prevent repressive governments from abusing powerful spyware like its own. In a letter to the United Nations, seen by AFP, the NSO Group expressed "strong support for the creation of an international legal framework" to govern technology that allows for highly invasive snooping on people's mobile phones. NSO was engulfed in controversy in July over reports that tens of thousands of human rights activists, journalists, politicians and business executives worldwide were listed as potential targets of its Pegasus software. Smartphones infected with Pegasus are essentially turned into pocket spying devices, allowing the user to read the target's messages, look through their photos, track their location and even turn on their camera without them knowing.
CELL PHONES
bleepingcomputer.com

Ukrainian police arrest DDoS operator controlling 100,000 bots

Ukrainian police have arrested a hacker who controlled a 100,000 device botnet used to perform DDoS attacks on behalf of paid customers. The threat actor was arrested at his home in Prykarpattia where he was allegedly using the botnet to perform DDoS attacks or to support other malicious activity for his clients.
PUBLIC SAFETY
bleepingcomputer.com

Microsoft: Iran-linked hackers target US defense tech companies

Iran-linked threat actors are targeting the Office 365 tenants of US and Israeli defense technology companies in extensive password spraying attacks. In password spray attacks, threat actors attempt to brute-force accounts by using the same passwords across multiple accounts simultaneously, which allows them to hide failed attempts using different IP addresses.
PUBLIC SAFETY
bleepingcomputer.com

New Yanluowang ransomware used in targeted enterprise attacks

A new and still under development ransomware strain is being used in highly targeted attacks against enterprise entities as Broadcom's Symantec Threat Hunter Team discovered. The malware, dubbed Yanluowang ransomware (after a Chinese deity Yanluo Wang, one of the ten kings of hell) based on the extension it adds to encrypted files on compromised systems.
TECHNOLOGY
bleepingcomputer.com

The Week in Ransomware - October 15th 2021 - Disrupting ransoms

This week, senior officials from over thirty countries held virtual conferences on disrupting ransomware operations and attacks. Russia and China were left out of these talks, even though there are signs that Russia has begun to crack down on cybercriminal activity in its country. Through these talks, senior officials announced...
PUBLIC SAFETY
bleepingcomputer.com

Russian cybercrime gang targets finance firms with stealthy macros

A new phishing campaign dubbed MirrorBlast is deploying weaponized Excel documents that are extremely difficult to detect to compromise financial service organizations. The most notable feature of MirrorBlast is the low detection rates of the campaign's malicious Excel documents by security software, putting firms that rely solely upon detection tools at high risk.
PUBLIC SAFETY
Technology
Reason.com

Amnesty International brief against right to bear arms

As the U.S. Supreme Court considers whether to enforce the Second Amendment right to "bear arms" in New York State Rifle & Pistol Association v. Bruen, an amicus brief from Amnesty International argues that doing so would violate international law. In this post, I'll examine the arguments in the AI brief.
CONGRESS & COURTS
bleepingcomputer.com

SnapMC hackers skip file encryption and just steal your files

A new actor tracked as SnapMC has emerged in the cybercrime space, performing the typical data-stealing extortion that underpins ransomware operations, but without doing the file encryption part. File encryption is considered a core component of ransomware attacks, as it's the very element that brings operational disruption to the victim.
TECHNOLOGY
freightwaves.com

TSA to require air, rail operators to report cybersecurity incidents

U.S. rail and air operators will be required to report cybersecurity incidents under new Transportation Security Administration rules, Homeland Security Secretary Alejandro Mayorkas said on Wednesday. TSA will issue directives later this year that will apply to “higher-risk railroad entities,” passenger and all-cargo airlines, and airport operators. The directives will...
ECONOMY
bleepingcomputer.com

Microsoft: Azure customer hit by record DDoS attack in August

Microsoft has mitigated a record 2.4 Tbps (terabits per second) Distributed Denial-of-Service (DDoS) attack targeting a European Azure customer during the last week of August. "This is 140 percent higher than 2020's 1 Tbps attack and higher than any network volumetric event previously detected on Azure," said Amir Dahan, a Senior Program Manager for Azure Networking, also describing it as a User Datagram Protocol (UDP) reflection attack.
TECHNOLOGY
bleepingcomputer.com

Acer confirms breach of after-sales service systems in India

Taiwanese computer giant Acer has confirmed that its after-sales service systems in India were recently breached in what the company called "an isolated attack." "Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India," an Acer Corporate Communications spokesperson told BleepingComputer.
TECHNOLOGY
bleepingcomputer.com

US government discloses more ransomware attacks on water plants

U.S. Water and Wastewater Systems (WWS) Sector facilities have been breached multiple times in ransomware attacks during the last two years, U.S. government agencies said in a joint advisory on Thursday. The advisory also mentions ongoing malicious activity targeting WWS facilities that could lead to ransomware attacks affecting their ability...
PUBLIC SAFETY
bleepingcomputer.com

Accenture confirms data breach after August ransomware attack

Global IT consultancy giant Accenture confirmed that LockBit ransomware operators stole data from its systems during an attack that hit the company's systems in August 2021. This was revealed in the company's financial report for the fourth quarter and full fiscal year, which ended on August 31, 2021. "In the...
TECHNOLOGY
techstartups.com

The US is preparing for a war with China as new bombshell report confirms US Marine Special Ops forces have been in Taiwan for over a year

On Monday, Taiwan said that China sent a record-smashing 52 PLA jets to breach its southwest defense zone. For two consecutive days, China has violated Taiwan’s airspace by flying military jets into Taiwan’s air defense zone unannounced. Last Friday, China also flew two separate sorties flew into Taiwan’s airspace. Then...
FOREIGN POLICY

