Security News

A Chinese hacking group has breached the email accounts of more than two dozen organizations worldwide, including U.S. and Western European government agencies, according to Microsoft. "Microsoft investigations determined that Storm-0558 gained access to customer email accounts using Outlook Web Access in Exchange Online and Outlook.com by forging authentication tokens to access user email," Microsoft said in a blog post published late Tuesday evening.

An overwhelming number of respondents familiar with ChatGPT were concerned about the risks it poses to security and safety, according to Malwarebytes. Machine learning models like ChatGPT are "Black boxes" with emergent properties that appear suddenly and unexpectedly as the amount of computing power used to create them increases.

On June 30 it issued a new one [PDF] titled "US Business Risk: People's Republic of China Laws Expand Beijing's Oversight of Foreign and Domestic Companies." The first item discussed is China's recently revised Counter-Espionage Law, on grounds it "Expands the definition of espionage from covering state secrets and intelligence to any documents, data, materials, or items related to national security interests, without defining terms." In May, China Law Translate - a crowdsourced translation and analysis service for Chinese laws - in May rated the updated law "Probably less consequential than some imagine."

Following claims by ransomware gang LockBit that it has stolen data belonging to TSMC, the chip-making giant has said it was in fact one of its equipment suppliers, Kinmax, that was compromised by the crew, and not TSMC itself. The crooks said TSMC has an August 6 deadline to cough up.

The U.S. Cybersecurity and Infrastructure Security Agency warned today of ongoing distributed denial-of-service attacks after U.S. organizations across multiple industry sectors were hit. "CISA is aware of open-source reporting of targeted denial-of-service and distributed denial-of-service attacks against multiple organizations in multiple sectors," the cybersecurity agency said.

The Washington Post is reporting that the US is spying on the UN Secretary General. The reports on Guterres appear to contain the secretary general's personal conversations with aides regarding diplomatic encounters.

What is new is the extent to which the balloon was driven by US hardware, which unnamed sources told the Wall Street Journal was "Crammed" with off-the-shelf components that could have easily been purchased online. In February, US officials added six Chinese companies to its trade-restricting Entity List over their work with the Chinese government to develop high-altitude balloons like the one in question.

A Russian network security specialist and former editor of Hacker magazine who is wanted by the US and Russia on cybercrime charges has been detained in Kazakhstan as the two governments seek his extradition. Maybe the second part wasn't such a good idea after all - an update to the statement notes that Kislitsin is also wanted by Russia.

A new Android malware campaign has been observed pushing the Anatsa banking trojan to target banking customers in the U.S., U.K., Germany, Austria, and Switzerland since the start of March 2023. "The actors behind Anatsa aim to steal credentials used to authorize customers in mobile banking applications and perform Device-Takeover Fraud to initiate fraudulent transactions," ThreatFabric said in an analysis published Monday.

ThreatFabric discovered a previous Anatsa campaign on Google Play in November 2021, when the trojan was installed over 300,000 times by impersonating PDF scanners, QR code scanners, Adobe Illustrator apps, and fitness tracker apps. In March 2023, after a six-month hiatus in malware distribution, the threat actors launched a new malvertizing campaign that leads prospective victims to download Anatsa dropper apps from Google Play.