Security News
The X account for the U.S. Securities and Exchange Commission was hacked today to issue a fake announcement on the approval of Bitcoin ETFs on security exchanges. "Today the SEC grants approval to Bitcoin ETFs for listing on registered national security exchanges," read the fake X post.
A US Naval sailor will face more than two years behind bars after pleading guilty to taking bribes from Chinese spies in exchange for sensitive military information. Larissa L Knapp, executive assistant director of the FBI's national security branch, said China's efforts to undermine the national security of the US and its allies have been "Aggressive" and at times illegal.
Leading U.S. mortgage lender loanDepot confirmed today that a cyber incident disclosed over the weekend was a ransomware attack that led to data encryption. LoanDepot is a major nonbank mortgage lender in the United States, with over $140 billion in serviced loans and roughly 6,000 employees.
A campaign delivering the AsyncRAT malware to select targets has been active for at least the past 11 months, using hundreds of unique loader samples and more than 100 domains. Microsoft security researcher Igal Lytzki spotted the attacks delivered over hijacked email threads last summer but couldn't retrieve the final payload. In September, AT&T's Alien Labs team of researchers noticed "a spike in phishing emails, targeting specific individuals in certain companies" and started to investigate.
The U.S. Department of Justice announced the end of a transnational investigation into the dark web xDedic cybercrime marketplace, charging 19 suspects for their involvement in running and using the market's services. Law enforcement estimated at the time of its takedown that fraudulent activities facilitated through the xDedic cybercrime market totaled more than $68 million.
A helpful summary of which US retail stores are using facial recognition, thinking about using it, or currently not planning on using it. Three years ago, I wrote that campaigns to ban facial recognition are too narrow.
Iranian cyberspies are targeting defense industrial base organizations with a new backdoor called FalseFont, according to Microsoft. "We identified APT33 malware tied to an Iranian persona who may have been employed by the Iranian government to conduct cyber threat activity against its adversaries," the threat hunters said in an alert updated in October.
The U.S. Department of Justice charged four suspects for their alleged involvement in a pig butchering fraud scheme that resulted in more than $80 million in victim losses. Criminals behind pig butchering scams approach victims via various messaging apps, dating platforms, or social media platforms, build trust, and introduce them to investment schemes that eventually allow them to drain the targets' cryptocurrency wallets.
This is not about mass surveillance of mail, this is about sorts of targeted surveillance the US Postal Inspection Service uses to catch mail thieves: To track down an alleged mail thief, a US...
Many US businesses may be required to assist in government-directed surveillance - depending upon which of two reform bills before Congress is approved. Under rules being considered, any telecom service provider or business with custodial access to telecom equipment - a hotel IT technician, an employee at a cafe with Wi-Fi, or a contractor responsible for installing home broadband router - could be compelled to enable electronic surveillance.