Security News

During an open House Intelligence Committee hearing on Wednesday, US lawmakers heard testimony from Citizen Lab senior researcher John Scott-Railton; Shane Huntley, who leads Google's Threat Analysis Group; and Carine Kanimba, whose father was the inspiration for Hotel Rwanda and who was, herself, targeted by Pegasus spyware. Earlier this year, European lawmakers opened an inquiry into spyware in general, and Pegasus more specifically, after the malware was reportedly found on cellphones associated with the UK and Spanish prime ministers, Spain's defense minister, and dozens of Catalan politicians and members of civil society groups.

The US is offering up to $10 million for information on members of state-sponsored North Korean threat groups, double the amount that the State Department announced in April. The agency's Rewards for Justice program this week said it will cough up the cash for intelligence related to "Government-linked cyber activities" in North Korea, including leads on people involved with such state-sponsored groups like Andariel, APT38, BlueNoroff, Guardians of Peace, Kimsuky, and Lazarus Group who are targeting critical infrastructure in the US. The latest notice is part of a larger ongoing campaign by the State Department and other US government agencies of offering bounties for information regarding cyberattacks from North Korea or other countries against the United States, particularly involving such sectors as critical infrastructure - such as power grids and water and food supplies - as well as federal elections.

The investigation relies on information mainly gathered by the US central bank regarding an internal probe of 13 persons of interest known as the P-network. Those individuals were allegedly part of a network engaged in a "Sustained malign influence and information theft campaign" targeting the Federal Reserve.

The U.S. State Department has increased rewards paid to anyone providing information on any North Korean-sponsored threat groups' members to $10 million. These increased bounties add to rewards of up to $5 million announced by the State Department in March for info on DPRK-backed threat actors targeting crypto exchanges and financial institutions worldwide to support the North Korean regime's illicit activities.

T-Mobile US has agreed to pay about $550 million to end legal action against it and improve its security after crooks infiltrated the self-described Un-carrier last summer and harvested personal data belonging to almost 77 million customers. The cellular network operator agreed to pay $350 million plus legal fees to settle a class-action lawsuit brought by customers whose data was compromised in an August 2021 privacy breach, according to documents filed with the US Securities and Exchange Commission on Friday.

US Cyber Command has disclosed 20 new strains of malware among the numerous software nasties and cyberattacks being used against Ukrainian targets over the last few months. In an alert this week, the Pentagon's cyberspace wing made public indicators of compromise associated with various malware strains that were found in Ukrainian networks by the country's security service.

A man suspected of providing the IT infrastructure behind the Gozi banking trojan has been extradited to the US to face a string of computer fraud charges. According to court documents [PDF], Paunescu allegedly ran a "Bulletproof hosting" service using computers in Romania, America, and other locations to help cybercriminals distribute Gozi and other malware including the Zeus Trojan and SpyEye Trojan.

That's certainly the case for a troika of cybercriminals alleged to have been behind the infamous Gozi "Banking Trojan" malware, which first appeared in the late 2000s. Kuzmin, as we explained at the time, was effectively the COO of the group, hiring coders to create malware for the gang, and managing a bunch of cybercrime affiliates to deploy the malware and fleece victims - an operating model known as crimeware-as-a-service that is now used almost universally by ransomware gangs.

Unless you had read the manual really carefully, and taken additional precautions yourself by adding a layer of your own security on top of Log4j, your software could come unstuck. INPUT OUTCOME ----------------- ---------------------- CURRENT=$ /$ -> CURRENT=Java version 17.0.1/Windows 10 10.0 Server account is: $ -> Server account is: root $ -> SECRETDATAINTENDEDTOBEINMEMORYONLY. Clearly, if you're accepting logging text from a trusted source, where it's reasonable to allow the loggee to control the logger by telling it to substitute plain text with chosen internal data, this sort of text rewriting is useful.

The US Federal Communications Commission notified Congress on Friday that the cost to rip and replace equipment kit from Huawei and ZTE installed at US telcos is more than $3 billion higher than funding allocated for the program. FCC chair Jessica Rosenworcel wrote to explain the situation, which arose from the USA's desire to remove Chinese comms kit at local carriers in the name of national security.