Security News
A campaign delivering the AsyncRAT malware to select targets has been active for at least the past 11 months, using hundreds of unique loader samples and more than 100 domains. Microsoft security researcher Igal Lytzki spotted the attacks delivered over hijacked email threads last summer but couldn't retrieve the final payload. In September, AT&T's Alien Labs team of researchers noticed "a spike in phishing emails, targeting specific individuals in certain companies" and started to investigate.
The U.S. Department of Justice announced the end of a transnational investigation into the dark web xDedic cybercrime marketplace, charging 19 suspects for their involvement in running and using the market's services. Law enforcement estimated at the time of its takedown that fraudulent activities facilitated through the xDedic cybercrime market totaled more than $68 million.
A helpful summary of which US retail stores are using facial recognition, thinking about using it, or currently not planning on using it. Three years ago, I wrote that campaigns to ban facial recognition are too narrow.
Iranian cyberspies are targeting defense industrial base organizations with a new backdoor called FalseFont, according to Microsoft. "We identified APT33 malware tied to an Iranian persona who may have been employed by the Iranian government to conduct cyber threat activity against its adversaries," the threat hunters said in an alert updated in October.
The U.S. Department of Justice charged four suspects for their alleged involvement in a pig butchering fraud scheme that resulted in more than $80 million in victim losses. Criminals behind pig butchering scams approach victims via various messaging apps, dating platforms, or social media platforms, build trust, and introduce them to investment schemes that eventually allow them to drain the targets' cryptocurrency wallets.
This is not about mass surveillance of mail, this is about sorts of targeted surveillance the US Postal Inspection Service uses to catch mail thieves: To track down an alleged mail thief, a US...
Many US businesses may be required to assist in government-directed surveillance - depending upon which of two reform bills before Congress is approved. Under rules being considered, any telecom service provider or business with custodial access to telecom equipment - a hotel IT technician, an employee at a cafe with Wi-Fi, or a contractor responsible for installing home broadband router - could be compelled to enable electronic surveillance.
Two competing bills to reauthorize America's FISA Section 702 spying powers advanced in the House of Representatives committees this week, setting up Congress for a battle over warrantless surveillance before the law lapses in the New Year. The bipartisan bill reauthorizes Section 702 of the Foreign Intelligence Surveillance Act for three years with reforms including requiring all US intelligence agencies to obtain a warrant before conducting a US person query.
As Cyber Solidarity Act edges closer to full adoption in Europe The US Cybersecurity and Infrastructure Security Agency (CISA) has signed a working arrangement with its EU counterparts to increase...
Australia is building a top-secret cloud to host intelligence data and share it with the US and UK, which have their own clouds built for the same purpose. The three clouds were discussed on Monday by Andrew Shearer, Australia's director-general of national intelligence, at an event hosted by the Center for Strategic & International Studies in Washington, DC. "We are working very hard on a top-secret cloud initiative," Shearer told the event, adding that it will interoperate with similar infrastructure already operated by the US and UK, and mean sensitive data can be shared "Near instantaneously."