Security News

An alert issued on Tuesday by the FBI warns about an increase in PYSA ransomware attacks on education institutions in the United States and the United Kingdom. According to the FBI, PYSA attacks have been launched by "Unidentified cyber actors" against higher education, K-12 schools and seminaries in a dozen U.S. states, as well as the U.K. The threat actors behind PYSA attacks are known to encrypt data on compromised systems, but they also steal information from victims and threaten to leak it in an effort to increase their chances of getting paid.

The USA's Office of National Intelligence today released its previously classified assessment of "Foreign Threats to the 2020 US Federal Elections" and found "Some successful compromises of state and local government networks prior to Election Day-as well as a higher volume of unsuccessful attempts". It's described as the intelligence community's collective assessment of attempts to disrupt the 2020 election and to contain "Analytic judgments identical to those in the classified version" but without "Full supporting information" or information on "Specific intelligence reports, sources , or methods."

Roid, the most popular mobile operating system in the world, runs on plenty of devices used by U.S. government workers, but only 0.08% of those devices are running the latest version of Android, a report finds. Mobile security firm Lookout is behind the report, which looked at over 200 million mobile devices being used by U.S. federal and state government workers between January 2019 and December 2020.

The CEO of Sky Global - which sold encryption chat software with customized smartphones - has come out fighting after Uncle Sam charged him with knowingly assisting the international drug smuggling trade. "There is no question that I have been targeted, as Sky Global has been targeted, only because we build tools to protect the fundamental right to privacy. The unfounded allegations of involvement in criminal activity by me and our company are entirely false."

The indictments were presented Friday against Jean-Francois Eap, the head of Sky Global, and Thomas Herdman, a former high-level distributor of Sky Global devices, the department said Friday. "The indictment alleges that Sky Global generated hundreds of millions of dollars providing a service that allowed criminal networks around the world to hide their international drug trafficking activity from law enforcement," said Acting US Attorney Randy Grossman.

The US Department of Justice has indicted the CEO of encrypted messaging company Sky Global, and an associate for allegedly aiding criminal enterprises avoid detection by law enforcement. Sky Global is the developer of an encrypted chat app known as Sky ECC that claims to be the "Most secure messaging app available anywhere in the world today."

The Biden administration is not planning to step up government surveillance of the U.S. internet even as state-backed foreign hackers and cybercriminals increasingly use it to evade detection, a senior administration official said Friday. The official said the administration, mindful of the privacy and civil liberties implications that could arise, is not currently seeking additional authority to monitor U.S.-based networks.

US regulators on Friday listed Huawei among Chinese telecom gear firms deemed a threat to national security, signaling that a hoped for softening of relations is not in the cards. A roster of communications companies thought to pose "An unacceptable risk" to national security included Huawei Technologies; ZTE; Hytera Communications; Hangzhou Hikvision Digital Technology, and Dahua Technology.

A senior US official said Friday the Biden administration is close to a decision on retaliation for state-sponsored hacking as fears grew over the fallout from the latest of two major cyberattacks. The official said the White House was working closely with the private sector to ramp up cyber defenses following the attacks which targeted Microsoft Exchange servers and SolarWinds security software, potentially compromising thousands of government and private computer networks.

The US Department of Justice has seized a fifth domain name used to impersonate the official site of a biotechnology company involved in COVID-19 vaccine development. Since December 2020, the US Department of Justice seized four other domains used by fraudsters for various nefarious purposes, including fraud, phishing attacks, and/or infecting targets' computers with malware.