Security News

For almost a decade, the US Central Intelligence Agency communicated with informants abroad using a network of websites with hidden communications capabilities. So poorly were these 885 front websites designed according to security research group Citizen Lab and Reuters, that they betrayed those using them to spy for the CIA. Citing a year-long investigation into the CIA's handling of its informants, Reuters on Thursday reported that Iranian engineer Gholamreza Hosseini had been identified as a spy by Iranian intelligence, thanks to CIA negligence.

The CIA illegally spied on US citizens while they visited WikiLeaks publisher Julian Assange inside the Ecuadorian embassy in London, a lawsuit filed today has claimed. A legal complaint [PDF], filed in New York City on behalf of four attorneys and journalists, accuses the spy agency of spying on the American citizens without their knowledge or consent in violation of their Fourth Amendment rights while they met Assange at the embassy.

Still, Rubrik's new Chief Information Security Officer Michael Mestrovich, who was previously the CISO of the CIA, knows a thing or two about cyber spies and ransomware gangs, and in an interview with The Register, he weighed in on both hot topics. Last month, during a House Intelligence Committee hearing, security researchers and internet rights groups called on Congress to sanction and step up enforcement against surveillanceware makers like NSO Group's Pegasus spyware.

Joshua Schulte, a former programmer with the U.S. Central Intelligence Agency, has been found guilty of leaking a trove of classified hacking tools and exploits dubbed Vault 7 to WikiLeaks. U.S. Attorney Damian Williams said in a statement that Schulte was convicted for "One of the most brazen and damaging acts of espionage in American history," adding his actions had a "Devastating effect on our intelligence community by providing critical intelligence to those who wish to do us harm."

Long article about Joshua Schulte, the accused leaker of the WikiLeaks Vault 7 and Vault 8 CIA data. Well worth reading.

Two US Senators claim that the CIA has been running an unregulated — and almost certainly illegal — mass surveillance program on Americans. The senator’s statement. Some declassified information...

Democratic Senators Ron Wyden and Martin Heinrich, of Oregon and New Mexico respectively, on Thursday announced that in April 2021 they sent a co-signed letter [PDF] to director of national intelligence Avril Haines and CIA director William Burns, seeking expedited declassification of the Privacy and Civil Liberties Oversight Board's review of two CIA counterterrorism programs - named "Deep Dive I" and "Deep Dive II". The Deep Dives were made possible by Executive Order 12333 - a Reagan-era order that allows widespread data collection, and data-sharing with the CIA, in the name of national security. The senators wanted a review of the documents' status because they felt the CIA had conducted a bulk information collection effort that harvested data on US citizens - probably illegally.

Democratic Senators Ron Wyden and Martin Heinrich, of Oregon and New Mexico respectively, on Thursday announced that in April 2021 they sent a co-signed letter [PDF] to director of national intelligence Avril Haines and CIA director William Burns, seeking expedited declassification of the Privacy and Civil Liberties Oversight Board's review of two CIA counterterrorism programs - named "Deep Dive I" and "Deep Dive II". The Deep Dives were made possible by Executive Order 12333 - a Reagan-era order that allows widespread data collection, and data-sharing with the CIA, in the name of national security. The Senators wanted a review of the documents' status because they felt the CIA had conducted a bulk information collection effort that harvested data on US citizens - probably illegally.

A former CIA software engineer can represent himself at his upcoming retrial on espionage charges, a judge said Monday. Schulte, 32, faces an October trial on charges that he leaked CIA secrets to WikiLeaks, which published materials in 2017 that revealed how the CIA hacked Apple and Android smartphones in overseas spying operations and efforts to turn internet-connected televisions into listening devices.

GreyNoise, which describes itself as an "Anti-threat intelligence" company, helps analysts distinguish between malicious and benign internet traffic and the alerts triggered by security defenses, allowing SOCs to differentiate between those events stemming from harmless internet 'noise' and those that have a malicious intent. "Security analysts are overwhelmed with alerts," comments GreyNoise founder and CEO Andrew Morris.