Security News

Criminals posing as law enforcement agents of the Chinese government are shaking down Chinese nationals living the United States by accusing them of financial crimes and threatening to arrest or hurt them if they don't pay, according to the FBI. The miscreants involved in this financial fraud contact victims by spoofed phone or email messages, the bureau said in an advisory this week. Popular fake identities for the crooks include agents at the People's Republic of China Ministry of Public Security or US-based Chinese consulates.

Bots like ChatGPT may not be able to pull off the next big Microsoft server worm or Colonial Pipeline ransomware super-infection but they may help criminal gangs and nation-state hackers develop some attacks against IT, according to Rob Joyce, director of the NSA's Cybersecurity Directorate. Joyce, speaking at CrowdStrike's Government Summit Tuesday, said he doesn't expect to see - at least not "In the near term" - AI used "For automated attacks that will rip through systems at speeds that are unfathomable today."

A new Proofpoint report indicates that in late 2022, threat actor TA473 targeted elected officials and staffers in the U.S., as well as experts in European politics and economics. TA473 is a threat actor, known since 2021, that has targeted several countries aligned against the interests of Belarus and Russia; the group is also known as Winter Vivern for some security companies and governmental entities.

According to Mandiant, who has tracked APT43 since 2018, the threat actor aligns with the mission of the Reconnaissance General Bureau, the main foreign intelligence service from North Korea. In particular, malware and tools have been shared between APT43 and the infamous Lazarus threat actor.

Today, the U.S. Department of Justice seized six virtual currency accounts containing over $112 million in funds stolen in cryptocurrency investment schemes. The criminals behind these cryptocurrency fraud scams approach their victims via various dating platforms, messaging apps, or social media platforms, build trust, and introduce them to investment schemes which eventually allow them to empty the targets' crypto wallets.

A cyber spy gang supporting Russia is targeting US elected officials and their staffers, in addition to European lawmakers, using unpatched Zimbra Collaboration software in two campaigns spotted by Proofpoint. At the time, the criminals were targeting government agencies in Azerbaijan, Cyprus, India, Italy, Lithuania, Ukraine, and the Vatican.

Mandiant analysts who disclosed the activities of APT43 for the first time assess with high confidence that the threat actors are state-sponsored, aligning their operational goals with the North Korean government's geopolitical aims. The researchers have been tracking APT43 since late 2018 but have disclosed more specific details about the threat group only now.

As one of the leading experts in product security with over 15 years of experience in security engineering and 120 cybersecurity patents under his belt, Adam Boulton is one of the most experienced software security professionals in the industry. Currently the SVP of Security Technology and Innovation at Cybellum, the Left to Our Own Devices podcast invited Adam Boulton to share his experience and his tips on building a product security strategy.

US president Joe Biden on Monday issued an Executive Order on Prohibition on Use by the United States Government of Commercial Spyware that Poses Risks to National Security - a title that is not quite as simple it seems. The Order and explanatory statement point out that commercial spyware has been used by authoritarian regimes to target activists and journalists, has been deployed without proper authority in democracies, and poses a security risk to the US and other nations.

The New York Times is reporting that a US citizen's phone was hacked by the Predator spyware. A U.S. and Greek national who worked on Meta's security and trust team while based in Greece was placed under a yearlong wiretap by the Greek national intelligence service and hacked with a powerful cyberespionage tool, according to documents obtained by The New York Times and officials with knowledge of the case.