Security News

Democratic Senators Ron Wyden and Martin Heinrich, of Oregon and New Mexico respectively, on Thursday announced that in April 2021 they sent a co-signed letter [PDF] to director of national intelligence Avril Haines and CIA director William Burns, seeking expedited declassification of the Privacy and Civil Liberties Oversight Board's review of two CIA counterterrorism programs - named "Deep Dive I" and "Deep Dive II". The Deep Dives were made possible by Executive Order 12333 - a Reagan-era order that allows widespread data collection, and data-sharing with the CIA, in the name of national security. The senators wanted a review of the documents' status because they felt the CIA had conducted a bulk information collection effort that harvested data on US citizens - probably illegally.

Democratic Senators Ron Wyden and Martin Heinrich, of Oregon and New Mexico respectively, on Thursday announced that in April 2021 they sent a co-signed letter [PDF] to director of national intelligence Avril Haines and CIA director William Burns, seeking expedited declassification of the Privacy and Civil Liberties Oversight Board's review of two CIA counterterrorism programs - named "Deep Dive I" and "Deep Dive II". The Deep Dives were made possible by Executive Order 12333 - a Reagan-era order that allows widespread data collection, and data-sharing with the CIA, in the name of national security. The Senators wanted a review of the documents' status because they felt the CIA had conducted a bulk information collection effort that harvested data on US citizens - probably illegally.

Ransomware attacks are proliferating as criminals turn to gangs providing turnkey post-compromise services, Britain's National Cyber Security Centre has warned. The warning comes hot on the heels of several high-profile attacks against oil distribution companies and also businesses that operate ports in the West - though today's note insists there was a move by criminals away from "Big game hunting" against US targets.

The US Department of Justice announced that law enforcement seized billions worth of cryptocurrency linked to the 2016 Bitfinex cryptocurrency exchange hack. In 2016, the 119,756 bitcoins stolen during the attack were worth almost $78 million and are now valued at roughly $4.5 billion.

The United States Federal Communications Commission has revealed that carriers have applied for $5.6 billion in funding to rip and replace China-made communications kit. The applications were made under the Secure And Trusted Communications Reimbursement Program, which offers to reimburse carriers with under ten million subscribers to ditch kit from Chinese manufacturers Huawei and ZTE. The FCC and Congress want them to do so because the USA fears made-in-China comms kit contains backdoors that Beijing could exploit to either eavesdrop on communications or cut them off entirely.

The U.S. Department of Justice has announced the indictment of several India-based call centers and their directors for targeting Americans with Social Security, IRS, and loan phone call scams. The call centers allegedly placed scam robocalls that were rerouted through an already-indicted VoIP service provider to make it appear as if the calls were coming from U.S.-based entities.

Officials from the EU and US are nearing a solution in long-running negotiations over transatlantic data sharing. Previous legal arrangements for sharing data between the two jurisdictions, the so-called Privacy Shield, were struck down by the EU Court of Justice in what became known as the Schrems II ruling in 2020.

Around half of businesses surveyed are spending more on "Cyber attacks" than they used to, it said, while a similar number reckon their C-suites don't know what "Cyber risk management" means - possibly something about ensuring monitors are firmly bolted to desks. "Low C-suite engagement combined with increased investment suggests a tendency to 'throw money' at the problem rather than develop an understanding of the cybersecurity challenges and invest appropriately," intoned Trend Micro.

The Federal Communications Commission has revoked China Unicom Americas' license, one of the world's largest mobile service providers, over "Serious national security concerns." China Unicom Americas is the largest foreign subsidiary of China Unicom, a Chinese state-owned telecom company.

A US Department of Defense staffer with top-secret clearance stole the identities of dozens of people from a work IT system to fraudulently apply for loans totaling nearly a quarter of a million dollars. Lee, who worked for Uncle Sam's Defense Contract Management Agency as an analyst, raided the organization's Microsoft SharePoint system for people's private data to pull off his greedy scheme.