Security News

The ongoing, growing campaign is "Effectively an attack on the United States and its government and other critical institutions," Microsoft warned. There are six known federal entities that have been impacted by the attack: The Pentagon, the Department of Energy, the Department of Homeland Security, the National Institute of Health, the Department of Treasury and the Department of Commerce.

Police forces were found by IPCO to be treating applications to use spying powers as a tickbox exercise, perhaps unsurprisingly given that these are self-authorisations rubberstamped by police managers themselves. "To provide oversight that satisfies this judgment, IPCO reviewed the use of bulk data at GCHQ and has now incorporated the sharing of bulk data with foreign partners into its regular oversight and inspection arrangements," said IPCO in a statement.

"We identified a server used to deliver a malicious.lnk file and host multiple credential-phishing pages," wrote researchers, in a Wednesday posting. On the email front, researchers found that many malicious initial files are being used in the campaign, including a.lnk file that in turn downloads an.

A wave of targeted cyberattack campaigns bent on espionage is cresting around the globe, using a strain of a 13-year old backdoor trojan named Bandook. According to Check Point Research, Bandook was last spotted being used in 2015 and 2017/2018, in the "Operation Manul" and "Dark Caracal" campaigns, respectively.

Facebook fixed a critical flaw in the Facebook Messenger for Android messaging app that allowed callers to listen to other users' surroundings without permission before the person on the other end picked up the call. Facebook Messenger for Android has been installed on more than 1 billion Android devices according to the app's official Play Store page.

Israeli spyware maker NSO Group has taken a leaf out of Hollywood in an attempt to avoid any legal repercussions from making and selling tools that hack WhatsApp users' phones. When NSO failed to turn up in court in the US state, Facebook claimed victory; and NSO accused it of lying and having failed to serve the legal documents.

The North Korean advanced persistent threat group known as Kimsuky is actively attacking commercial-sector businesses, often by posing as South Korean reporters, according to an alert from the U.S. Cybersecurity and Infrastructure Security Agency. Kimsuky has been operating as a cyberespionage group since 2012 under the auspices of the regime in Pyongyang.

The European Union has imposed sanctions on a Russian military malware developer and the commander of Russia's MI6 equivalent, a mere five years after the two targeted Germany's parliament with a cyberattack. The pair, an admiral commanding the GRU spy agency and a malware dev already on international sanctions lists for targeting the MH17 mass murder investigation, are now subject to yet another travel ban.

The EU's top court on Tuesday put limits on how European spy and security agencies could harvest troves of personal data, but said this could be done under a serious threat to national security. At the request of the courts in France, Belgium and Britain, the European Court of Justice confirmed that "EU law precludes national legislation" that requires telcos and tech companies to carry out the "Indiscriminate retention" of data, a statement said.

Infosec outfit Check Point says it has uncovered a six-year Iranian cyber-spying campaign directed at expats and dissidents worldwide. "The handpicked targets included supporters of Mujahedin-e Khalq and the Azerbaijan National Resistance Organization, two prominent resistance movements that advocate the liberation of Iranian people and minorities within Iran," said Check Point in its research report on RampantKitten.