Security News
US and Japanese law enforcement and cybersecurity agencies warn of the Chinese 'BlackTech' hackers breaching network devices to install custom backdoors for access to corporate networks. The FBI notice warns that the BlackTech hackers use custom, regularly updated malware to backdoor network devices, which are used for persistence, initial access to networks, and to steal data by redirecting traffic to attacker-controlled servers.
Infosec in brief T-Mobile has had another bad week on the infosec front - this time stemming from a system glitch that exposed customer account data, followed by allegations of another breach the carrier denied. According to customers who complained of the issue on Reddit and X, the T-Mobile app was displaying other customers' data instead of their own - including the strangers' purchase history, credit card information, and address.
Abraham Lemma, 50, a Silver Springs, Maryland resident and a naturalized United States citizen who was born in Ethiopia, was detained on August 24 after allegedly sending classified US national defense information to an Ethiopian intelligence agent. Crucially, Lemma was an IT help desk technician assigned to the Bureau of Intelligence and Research with the US Department of State since at least 2021.
Two Indian nationals each received 41-month prison sentences for their involvement in $1.2 million worth of robocall scams targeting the elderly, according to the district of New Jersey's attorney's office on Tuesday. Plantiffs Arushobike Mitra and Garbita Mitra both previously pleaded guilty to one count of conspiracy to commit wire fraud before receiving their sentences in Newark federal court.
A Russian national helped smuggle, via shell companies in Hong Kong, more than $1.6 million in microelectronics to Moscow potentially to support its war against Ukraine, it is claimed. "Probably more than obvious at this time, but the company and board have decided it is no longer right for us to sell or ship to Russian customers and risk that our displays will be used in devices that could put US or NATO forces in harm's way, or support Russia's unlawful invasion of Ukraine and its human rights abuse," a company exec said in an email to employees, which was quoted in the prosecution's court filings.
The International Joint Commission, a body that manages water rights along the US-Canada border, has confirmed its IT security was targeted, after a ransomware gang claimed it stole 80GB of data from the organization. "The International Joint Commission has experienced a cybersecurity incident, and we are working with relevant organizations to investigate and resolve the situation," a spokesperson for the org told The Register.
Homeland Security told to mind costs, fix up privacy controls Twice delayed and over budget, the US Department of Homeland Security (DHS) has been told by the Government Accountability Office...
Silicon Valley is just one of a number of key US startup ecosystems fueling startups, all of which drive investment and job creation: check where new opportunities are in the US right now. Despite stiff competition from the Chinese ecosystems of Beijing, Shenzhen and Shanghai, as well as the rapidly growing Indian hubs of Mumbai, Bengaluru-Karnataka and Delhi, it remains on top, according to Startup Genome's 2023 State of the Global Startup Ecosystem report.
Akamai says it thwarted a major distributed denial-of-service attack aimed at a US bank that peaked at 55.1 million packets per second earlier this month. The network traffic flood hit on September 5 against the unnamed finance giant Akamai describes as "One of the biggest and most influential US financial institutions."
Top admin, HR managers, devs go on transatlantic deny-list The US and UK governments named and sanctioned 11 Russians said to be connected to the notorious Trickbot cybercrime crew this week.…