Author Archives: Shannon Vavra

Researchers find financial ties between notorious ransomware gangs

Posted on by

The number of ransomware strains that lock up systems throughout the global internet might suggest an immeasureable number of independent hackers are plundering victims’ data. In fact, new research suggests that digital extortion specialists are more closely connected than they may appear. Researchers at Chainalysis, a software firm that works with law enfocement agencies, on Thursday said they have found connections that suggest collaboration between hackers who have used the Maze, Egregor, SunCrypt and DoppelPaymer hacking tools. Each of these groups operate as ransomware-as-a-service, meaning they lease access to their malware to affiliates who then run ransomware attacks, which can make attribution trickier. When tracking some recent ransom payments to the Maze gang through a series of intermediaries, researchers determined that Maze was sharing some of the payout with a suspected SunCrypt cutout, according to a blog on the research, which was published Thursday. Maze has been tied to attacks […]

The post Researchers find financial ties between notorious ransomware gangs appeared first on CyberScoop.

Continue reading Researchers find financial ties between notorious ransomware gangs

Geeni smart doorbells, cameras riddled with flaws, research finds

Posted on by

Walmart and Amazon are continuing to sell faulty smart doorbells and cameras filled with vulnerabilities that could expose customers’ sensitive information, according to research published Thursday. The vulnerabilities, found in Geeni- and Merkury-branded security cameras and smart doorbells, would allow attackers to take full control of devices and remotely disable cameras through a denial of service attack in some cases, according to the research. In others, the flaws could allow for the the disclosure of sensitive information and unauthenticated access. Some other exploits would allow attackers to gain remote access to a stream of one of the affected doorbell cameras. The flaws variously affect Merkury/Geeni doorbell models GNC-CW013, GNC-CW025 and MI-CW024 and camera models GNC-CW003, GNC-CW010, GNC-CW028 and MI-CW017, according to the research. Merkury is Geeni’s parent company. Security cameras and doorbells that connect to the internet have been plagued by flaws for years. Just last month a TechCrunch investigation […]

The post Geeni smart doorbells, cameras riddled with flaws, research finds appeared first on CyberScoop.

Continue reading Geeni smart doorbells, cameras riddled with flaws, research finds

Pro-China influence campaign claiming ‘hypocrisy’ of American democracy gains traction

Posted on by

A clumsy social media influence operation that aligns itself with Chinese government interests has started gaining traction online, according to Graphika research published Thursday. Social media activity associated with the campaign, known as Spamouflage Dragon, has typically failed to attract many eyeballs. Some recent tweets, though, have attracted attention from Chinese diplomats, prominent politicians in Venezuela and Pakistan, a senior figure at Huawei Europe and a commentator in the U.K. The campaign’s YouTube following has grown as well in recent months, according to the social media analysis firm Graphika. Spamouflage Dragon, a cross-platform social media influence campaign, has been working for years to spread pro-Chinese government propaganda online, is one of many influence operations that seizes on news of the day to peddle its narratives. While it appears to have significant resourcing, it has largely failed to gain amplification due to its overtly spammy behavior and rudimentary execution. Many of […]

The post Pro-China influence campaign claiming ‘hypocrisy’ of American democracy gains traction appeared first on CyberScoop.

Continue reading Pro-China influence campaign claiming ‘hypocrisy’ of American democracy gains traction

South Sudan worked with Israeli surveillance company to monitor citizens, Amnesty finds

Posted on by

The South Sudanese government obtained surveillance capabilities from an Israeli company between at least 2015 and 2017 in order to wiretap citizens’ phones, according to an Amnesty International investigation published Tuesday. The company, Verint Systems Ltd., a subsidiary of U.S.-based Verint Systems Inc., worked with the government of South Sudan to provide “communications interception equipment and annual support services,” according to documents reviewed by Amnesty International. As part of the arrangement, South Sudan required Vivacell, a telecommunications company, to pay Verint at least $762,236 in order to intercept citizens’ communications, according to Amnesty’s assessment. The reports of South Sudan’s National Security Service’s (NSS) intrusive surveillance meld into a pattern of dangerous human rights abuses in South Sudan, including prolonged detention, extrajudicial killings and the silencing of government critics, human rights activists and journalists, according to Amnesty. A United Nations Panel of Experts found in 2016 that NSS’ “ability to identify […]

The post South Sudan worked with Israeli surveillance company to monitor citizens, Amnesty finds appeared first on CyberScoop.

Continue reading South Sudan worked with Israeli surveillance company to monitor citizens, Amnesty finds

Bipartisan bill would help domestic abuse survivors bypass mobile surveillance

Posted on by

A bipartisan group of senators introduced legislation on Friday aimed at helping domestic violence and stalking victims safely extricate themselves from shared phone plans that could enable their partners to spy on them. The bill, called the Safe Connections Act, would set up protections for victims of domestic violence by allowing them to leave shared phone plans without being required to pay any penalties or meet burdensome requirements. The bill, if passed, would also require the Federal Communications Commission (FCC) to work on connecting domestic violence victims with federal government resources to help survivors establish alternative methods of communications inaccessible to abusers’ prying eyes. Domestic violence and digital rights advocates have long been calling for Congress to step in and craft legislation that would help survivors safely leave phone plans that could enable an abuser to continue to control and monitor their every move, such as family phone plans. For […]

The post Bipartisan bill would help domestic abuse survivors bypass mobile surveillance appeared first on CyberScoop.

Continue reading Bipartisan bill would help domestic abuse survivors bypass mobile surveillance

Pro-Huawei influence campaign exploits AI, fake content to prop up firm

Posted on by

A pro-Huawei network of inauthentic Twitter accounts began a campaign last month railing against Belgium’s recent decision to limit 5G technology vendors it deems “high-risk,” according to Graphika research published Friday. Belgium’s plan on 5G vendors, which seeks to limit vendors that are “subject to interference from a non-EU country,” is widely believed to act as a curb on Chinese companies such as Huawei and ZTE. Governments around the world, including the U.S., have suggested that Beijing could force Huawei to comply with the Chinese government’s requests. The network of 14 accounts has been online since 2017, but only kicked into gear last year when they began tweeting about how Belgium’s plan is bad and how Huawei is a good business partner, according to the Graphika research. The campaign didn’t gain a lot of attention, according to the research. But for Graphika researcher Ben Nimmo, the campaign represents a new […]

The post Pro-Huawei influence campaign exploits AI, fake content to prop up firm appeared first on CyberScoop.

Continue reading Pro-Huawei influence campaign exploits AI, fake content to prop up firm

The NSA has a new interim cybersecurity director

Posted on by

Dave Luber is serving as the National Security Agency’s cybersecurity director in an interim manner as the agency transitions in new leadership in the Biden administration, CyberScoop has learned. The Biden administration this month tapped the most recent director, Anne Neuberger, to join the White House National Security Council. And while the NSA Cybersecurity Directorate recently selected Rob Joyce, the NSA’s top intelligence liaison in the U.K., to take on the role as NSA cybersecurity director, he has not yet taken up the reins. Luber, a longtime NSA and Cyber Command employee, previously served as the executive director of Cyber Command, the Department of Defense’s offensive and defensive cyber-operations arm. In that role, as the third-in-command and highest-ranking civilian post at Cyber Command, Luber led approximately 12,000 personnel, including those who work to defend Pentagon networks from intruders and those who run military cyber-operations in support of the U.S. military’s […]

The post The NSA has a new interim cybersecurity director appeared first on CyberScoop.

Continue reading The NSA has a new interim cybersecurity director

ProtonMail, Tutanota among authors of letter urging EU to reconsider encryption rules

Posted on by

Encrypted service providers are urging lawmakers to back away from a controversial plan that critics say would undercut effective data protection measures. ProtonMail, Threema, Tresorit and Tutanota — all European companies that offer some form of encrypted services — issued a joint statement this week declaring that a resolution the European Council adopted on Dec. 14 is ill-advised. That measure calls for “security through encryption and security despite encryption,” which technologists have interpreted as a threat to end-to-end encryption. In recent months governments around the world, including the U.S., U.K., Australia, New Zealand, Canada, India and Japan, have been reigniting conversations about law enforcement officials’ interest in bypassing encryption, as they have sporadically done for years. In a letter that will be sent to council members on Thursday, the authors write that the council’s stated goal of endorsing encryption, and the council’s argument that law enforcement authorities must rely on […]

The post ProtonMail, Tutanota among authors of letter urging EU to reconsider encryption rules appeared first on CyberScoop.

Continue reading ProtonMail, Tutanota among authors of letter urging EU to reconsider encryption rules

Cyber Command, NSA warn to patch decade-old sudo vulnerability

Posted on by

U.S. intelligence officials are urging Amrican companies and security workers to fix a software flaw that, if exploited, would give attackers deep access to a victim machine. The vulnerability, which now has a patch, would have allowed unauthorized users to gain what’s known as root privileges on vulnerable hosts as early as 2011 when the flaw was introduced, researchers at the security firm Qualys found. Root access would enable at hacker to obtain administrative privileges over a machine, and quietly collect sensitive information. The vulnerability has existed for 10 years in sudo, a common tool found on nearly all Unix and Linux-based operating systems that generally allows system administrators to give some approved users root privileges. The flaw affects legacy versions from 1.8.2 to 1.8.31p2 and all default versions from 1.9.0 to 1.9.5p1, according to Qualys. The National Security Agency warned this week of how prevalent and damaging this issue […]

The post Cyber Command, NSA warn to patch decade-old sudo vulnerability appeared first on CyberScoop.

Continue reading Cyber Command, NSA warn to patch decade-old sudo vulnerability

Biden administration prepares for a different kind of Iranian cyber threat

Posted on by

As President Joe Biden wraps up his first week in the Oval Office, his national security team is still gearing up to face a myriad of looming digital security threats from Iran. Just over a year after the Trump administration used a drone strike to kill Qassem Soleimani, a top Iranian general, Iran is still weighing retaliatory action against the U.S., according to a recent Department of Defense assessment. That’s not the only threat the Biden administration may have to contend with — Iran carried out a number of online efforts meant to intimidate potential American voters prior to the presidential election, allegedly launched a hit list that identified U.S. election officials by name and was behind a reported effort to probe U.S. election websites. “From a geopolitical perspective — with the maximum pressure campaign, the assassination of Soleimani … they are a caged animal and I think they are very […]

The post Biden administration prepares for a different kind of Iranian cyber threat appeared first on CyberScoop.

Continue reading Biden administration prepares for a different kind of Iranian cyber threat