Author Archives: Joe Warminsky

Facebook bans Trump indefinitely; risks ‘simply too great,’ Zuckerberg says

Posted on by

Facebook’s lockdown of President Donald Trump’s account will now last at least two weeks and possibly longer, CEO Mark Zuckerberg said Thursday morning. “We believe the risks of allowing the President to continue to use our service during this period are simply too great,” Zuckerberg said in a post announcing that a 24-hour ban instituted Wednesday evening would be extended “indefinitely.” The lockdown also applies to Trump’s Instagram account. Zuckerberg’s decision comes as social media platforms continue to reckon with Trump’s incitement of a mob that entered the U.S. Capitol on Wednesday with the intent of disrupting the count of Electoral College ballots that would certify Joe Biden as the winner of the 2020 election. Trump’s repetition Wednesday of baseless claims about election fraud capped weeks of buildup among supporters who planned to descend on Congress. Many of the conversations encouraging Americans to descend on the Capitol occurred on social […]

The post Facebook bans Trump indefinitely; risks ‘simply too great,’ Zuckerberg says appeared first on CyberScoop.

Continue reading Facebook bans Trump indefinitely; risks ‘simply too great,’ Zuckerberg says

Facebook, Twitter act on Trump’s false messaging after violence at Capitol

Posted on by

Facebook and Twitter temporarily froze accounts belonging to President Donald Trump on Wednesday, hours after he continued to amplify false narratives that helped incite a violent mob at the Capitol Building. At 7:02 p.m. Eastern time on Wednesday, Twitter announced it was locking Trump out of his account for 12 hours after “repeated and severe violations of our Civic Integrity policy.” About 90 minutes later, Facebook announced that Trump’s account would be locked for 24 hours because of “two policy violations.” The bans came hours after Trump tweeted criticisms against Vice President Mike Pence for signaling that he would allow certification of the Electoral College count cementing Joe Biden’s election. The ballots had been legally cast, but some Trump loyalists in Congress questioned the results in a handful of states. Facebook and Twitter responded only after the White House posted a video in which Trump told the intruders in the […]

The post Facebook, Twitter act on Trump’s false messaging after violence at Capitol appeared first on CyberScoop.

Continue reading Facebook, Twitter act on Trump’s false messaging after violence at Capitol

More Chinese apps attract a ban from a presidential administration on the way out

Posted on by

President Donald Trump’s latest executive order against Chinese tech companies might not ever take effect, but at a minimum it will force some decisions by the incoming presidential administration. The order bans U.S. transactions with several mobile apps, including Alipay and WeChat Pay, in the interest of protecting the security of U.S. users. The Trump administration made similar moves against TikTok last year, and those efforts are still tied up in court. “The United States has assessed that a number of Chinese connected software applications automatically capture vast swaths of information from millions of users in the United States, including sensitive personally identifiable information and private information,” according to the executive order, which Trump issued Tuesday night. As with TikTok, the assumption is that such data could be readily available to the Chinese government. The catch is that the order takes effect in 45 days — well after the inauguration of President-elect […]

The post More Chinese apps attract a ban from a presidential administration on the way out appeared first on CyberScoop.

Continue reading More Chinese apps attract a ban from a presidential administration on the way out

T-Mobile: Breach exposed call information for some customers

Posted on by

T-Mobile says that it “recently identified and quickly shut down” a data breach that included call-related information about some accounts. The wireless telecommunication firm said in a notice mailed to some customers in late December that the incident “may have included phone number, number of lines subscribed to on your account and, in some cases, call-related information collected as part of the normal operation of your wireless service.” It’s the fourth data breach that the company has acknowledged within the last three years. T-Mobile, which completed a merger with Sprint in April 2020, also disclosed incidents that occurred in March 2020, November 2019 and August 2018. The company called the intrusion “malicious, unauthorized access,” but did not release details about the suspected intruders or their methods. Personally identifiable information was not affected in this latest breach, T-Mobile said. “The data accessed did not include names on the account, physical or […]

The post T-Mobile: Breach exposed call information for some customers appeared first on CyberScoop.

Continue reading T-Mobile: Breach exposed call information for some customers

Tickemaster pays $10M fine to settle charges of using stolen passwords to spy on rival company

Posted on by

One of the biggest brands in the music and events business, Ticketmaster, has agreed to pay a $10 million fine for “computer intrusion and fraud offenses” after employees used stolen credentials to spy on a competitor, according to the Department of Justice. The rival company didn’t know that one of its former employees had leaked logins to Ticketmaster, which used them to gather information in the mid-2010s about the competitor’s technology and other aspects of its business. “Ticketmaster employees repeatedly – and illegally – accessed a competitor’s computers without authorization using stolen passwords to unlawfully collect business intelligence,” said acting U.S. Attorney Seth D. DuCharme.  “Further, Ticketmaster’s employees brazenly held a division-wide ‘summit’ at which the stolen passwords were used to access the victim company’s computers, as if that were an appropriate business tactic.”  The feds don’t name the victim company, but it’s widely known to be Songkick. The investigation […]

The post Tickemaster pays $10M fine to settle charges of using stolen passwords to spy on rival company appeared first on CyberScoop.

Continue reading Tickemaster pays $10M fine to settle charges of using stolen passwords to spy on rival company

UK arrests suspects tied to WeLeakInfo, a site shuttered for selling breached personal data

Posted on by

It’s been almost a year since an international sting took down WeLeakInfo, a site that marketed stolen personal data, but its alleged customers are still drawing the attention of law enforcement. The U.K.’s National Crime Agency says that 21 people have been arrested across the country recently for using data purchased on WeLeakInfo for criminal activity, including hacking and fraud. “Of those 21 arrested — all men aged between 18-38 — nine were detained on suspicion of Computer Misuse Act offences, nine for Fraud offences and three are under investigation for both,” the agency said in a Dec. 25 release. The operation began Nov. 16 and will continue into next year, the agency said. Some WeLeakInfo users are being threatened with legal action rather than arrested outright. “A further 69 individuals in England, Wales and Northern Ireland aged between 16-40 were visited by Cyber Prevent officers, warning them of their potentially […]

The post UK arrests suspects tied to WeLeakInfo, a site shuttered for selling breached personal data appeared first on CyberScoop.

Continue reading UK arrests suspects tied to WeLeakInfo, a site shuttered for selling breached personal data

Travel-booking company Sabre Corp. settles with 27 states over breach of credit card data

Posted on by

Sabre Corp. will make a $2.4 million payout and shore up its cybersecurity policies under an agreement with 27 state attorneys general who investigated a breach of its hotel-booking technology. The settlement, announced Wednesday, involves a 2016 intrusion into the SynXis Central Reservation, run by the Texas-based corporation’s Sabre Hospitality Solutions subsidiary. The breach exposed the details of about 1.3 million credit cards. The attorneys general held that Sabre responded poorly to the incident, particularly in notifying people that their information might be compromised. “Sabre first failed its customers with a susceptible security system, then failed them when it came to provide proper notifications,” said New York Attorney General Letitia James. “Today’s agreement not only imposes a hefty fine on Sabre but will ensure that the company has the appropriate security and incident response plan in place so that its failure does not take place again.” In announcing the breach […]

The post Travel-booking company Sabre Corp. settles with 27 states over breach of credit card data appeared first on CyberScoop.

Continue reading Travel-booking company Sabre Corp. settles with 27 states over breach of credit card data

ACLU sues FBI for information about its encryption-cracking skills

Posted on by

The FBI must be more transparent about its ability to break into people’s mobile devices, the American Civil Liberties Union says, and the group is suing for information about what the feds have in their toolkit. The ACLU says the bureau should come clean about what its Electronic Device Analysis Unit (EDAU) is using “to unlock and decrypt information that is otherwise securely stored on cell phones.” The group filed a Freedom of Information Act lawsuit Monday in a San Francisco federal court. “We’re demanding the government release records concerning any policies applicable to the EDAU, its technological capabilities to unlock or access electronic devices, and its requests for, purchases of, or uses of software that could enable it to bypass encryption,” the ACLU says in a news release. The suit is the latest offensive in what some call the Crypto Wars — an ongoing legal and policy struggle over […]

The post ACLU sues FBI for information about its encryption-cracking skills appeared first on CyberScoop.

Continue reading ACLU sues FBI for information about its encryption-cracking skills

International sting shuts down ‘favorite’ VPN of cybercriminals

Posted on by

The latest international action against cybercrime infrastructure involves the takedown of a virtual private network (VPN) used to hide the activities of ransomware gangs and other illegal operations. The FBI and European police announced the sting against the Safe-Inet service Tuesday morning. The VPN company was billed as “cybercriminals’ favorite” by Europol. The FBI said three Web domains associated with the service — safe-inet.com, safe-inet.net and insorg.org — had been seized and then plastered with notices from police. Officials said that taking down Safe-Inet was disruptive to major active cybercriminal campaigns, but they did not specify what those were. “Active for over a decade, Safe-Inet was being used by some of the world’s biggest cybercriminals, such as the ransomware operators responsible for ransomware, E-skimming breaches and other forms of serious cybercrime,” according to a news release from Europol, the top police agency for the European Union. “This VPN service was […]

The post International sting shuts down ‘favorite’ VPN of cybercriminals appeared first on CyberScoop.

Continue reading International sting shuts down ‘favorite’ VPN of cybercriminals

FireEye’s Mandia on SolarWinds hack: ‘This was a sniper round’

Posted on by

The foreign espionage operation that breached several U.S. government agencies through SolarWinds software updates was unique in its methods and stealth, according to FireEye CEO Kevin Mandia, whose company discovered the activity. “This was not a drive-by shooting on the information highway. This was a sniper round from somebody a mile away from your house,” Mandia said Sunday morning on CBS’s “Face the Nation.” “This was special operations. And it was going to take special operations to detect this breach.” Mandia estimated that about “only about 50 companies or organizations” were the true targets of the operation, which is suspected to be the work of the Russian intelligence agency known as the SVR. Texas-based SolarWinds reportedly has about 300,000 customers overall in government and industry, and the malware in the spy campaign was pushed out to about 18,000 of those, including U.S. government agencies and major corporations. In the CBS […]

The post FireEye’s Mandia on SolarWinds hack: ‘This was a sniper round’ appeared first on CyberScoop.

Continue reading FireEye’s Mandia on SolarWinds hack: ‘This was a sniper round’