Tim Starks – Page 56 – WindowsTechs.com

US charges alleged North Korean hackers with trying to steal $1.3 billion in cybercrime spree

Posted on February 17, 2021 by Tim Starks

Prosecutors unsealed an indictment on Wednesday charging three North Korean computer programmers with a criminal conspiracy to steal and extort $1.3 billion from financial institutions and companies in both cryptocurrency and cash. The charges expand on the first case brought in 2018 against a North Korean regime-affiliated hacker tied to some of the nation’s most prominent alleged hacking campaigns, including the 2014 Sony attack, the 2016 Bangladesh bank heist and the 2017 WannaCry outbreak. In a second unsealed case on Wednesday, a Canadian-American citizen pleaded guilty to serving as a money launderer for numerous schemes, including a cyber bank heist that North Korean hackers orchestrated. “As laid out in today’s indictment, North Korea’s operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world’s leading bank robbers,” said Assistant Attorney General John Demers of the Justice Department’s National Security Division. The indictment […]

The post US charges alleged North Korean hackers with trying to steal $1.3 billion in cybercrime spree appeared first on CyberScoop.

Continue reading US charges alleged North Korean hackers with trying to steal $1.3 billion in cybercrime spree→

Tim Maurer takes front office DHS cybersecurity job advising Mayorkas

Posted on February 16, 2021 by Tim Starks

Tim Maurer, director of the Cyber Policy Initiative at the Carnegie Endowment for International Peace, is joining the Department of Homeland Security as a senior political appointee in the role of senior counselor for cybersecurity to Secretary Alejandro Mayorkas, two sources familiar with the move told CyberScoop. It’s a job title that a number of cybersecurity luminaries to pass through the department have held over the years, including the current acting director of DHS’s Cybersecurity and Infrastructure Agency, Brandon Wales, former CISA Director Chris Krebs and CISA’s former assistant secretary for cybersecurity, Jeanette Manfra. According to his Carnegie bio, Maurer “works on the geopolitical implications of the Internet and cybersecurity, with a focus on the global financial system, influence operations, and other areas of importance as actors exploit the gray space between war and peace.” He also was a senior fellow at Carnegie’s Technology and International Affairs program. He recently […]

The post Tim Maurer takes front office DHS cybersecurity job advising Mayorkas appeared first on CyberScoop.

Continue reading Tim Maurer takes front office DHS cybersecurity job advising Mayorkas→

Investigators suggest hackers exploited weak password security to breach Florida water facility

Posted on February 12, 2021 by Tim Starks

A clearer picture of poor security practices in Oldsmar, Florida prior to the dangerous hack of its water treatment plant is beginning to emerge, even as an investigation into the matter continues one week after the incident. Three federal agencies teamed up with an organization that shares threat information between states to issue an alert late Thursday explaining how the breach, in which a hacker allegedly tried to raise sodium hydroxide levels to amounts that are harmful to humans, might have unfolded. Initial clues suggest the incident, which was detected before it amounted to a threat to public drinking water, was made possible by lax data protection strategies and exploitation of a software tool. “The cyber actors likely accessed the system by exploiting cybersecurity weaknesses, including poor password security, and an outdated operating system,” reads the alert from the FBI, Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, Environmental […]

The post Investigators suggest hackers exploited weak password security to breach Florida water facility appeared first on CyberScoop.

Continue reading Investigators suggest hackers exploited weak password security to breach Florida water facility→

Biden administration pauses Trump’s plans to ban WeChat, TikTok

Posted on February 11, 2021 by Tim Starks

President Joe Biden is giving a reprieve to Chinese apps that his predecessor’s administration had put on the defensive. On Thursday, the Commerce Department said in a court filing that it was reviewing the Trump administration’s bid to ban WeChat. It comes one day after a similar court filing where Commerce said it was reviewing the proposed ban on TikTok, and after the Biden administration has reportedly “indefinitely” placed on hold the plans to force the sale of TikTok’s American division to Oracle and Walmart. In Thursdays’ filing, the department asked the Ninth Circuit Court of Appeals to pause a court case challenging the WeChat ban, which the Trump administration sought to implement in response to what it deemed the national security threat the app posed. “As the Biden Administration has taken office, the Department of Commerce has begun a review of certain recently issued agency actions, including the Secretary’s […]

The post Biden administration pauses Trump’s plans to ban WeChat, TikTok appeared first on CyberScoop.

Continue reading Biden administration pauses Trump’s plans to ban WeChat, TikTok→

Food-delivery fraudsters deploy hacked accounts, stolen credit card info to skim from orders

Posted on February 11, 2021 by Tim Starks

Food delivery apps have taken off during the pandemic, and it looks like fraudsters have taken notice. Fraud detection company Sift said Thursday it has seen a rash of scams within the chat app Telegram that target restaurants and delivery apps for theft. It’s a low-level grift that goes like this: The fraudsters advertise in Telegram forums that they can illicitly buy food orders at steep discounts, around 60%-75% off. Diners send a direct message with a screen shot of their food app shopping cart and delivery address. The diner then pays the fraudster for the discounted meal in cryptocurrency, and the fraudster in turn covers the full cost through a new account, stolen credit card information or a hacked account. Diners get their food at a discount, restaurants are stuck with bogus payments, and the crooks get away with a profit. And all of it happens in a chat […]

The post Food-delivery fraudsters deploy hacked accounts, stolen credit card info to skim from orders appeared first on CyberScoop.

Continue reading Food-delivery fraudsters deploy hacked accounts, stolen credit card info to skim from orders→

Federal election agency adopts updated voting security standards. Not everyone is happy.

Posted on February 10, 2021 by Tim Starks

The Election Assistance Commission on Wednesday voted to adopt the first comprehensive update to its voting system security guidelines in more than 15 years, concluding a lengthy process that ended with a mixed reception from some election security experts. The security community largely greeted the update as a security upgrade to standards that most states rely upon at least partially for their own equipment testing and certification. A significant number of academics, activists and even some in Congress, though, voiced displeasure in particular for how the so-called Voluntary Voting System Guidelines 2.0 would handle wireless connections on voting systems. The update stands to shape the next generation of voting systems that election vendors produce for use around the country during a period of sinking trust in the electoral process. Regardless, the more than five-year drafting process and resulting EAC vote won’t immediately transform election security because states, equipment manufacturers and […]

The post Federal election agency adopts updated voting security standards. Not everyone is happy. appeared first on CyberScoop.

Continue reading Federal election agency adopts updated voting security standards. Not everyone is happy.→

42% of Gmail scams targeted American users, Google finds

Posted on February 9, 2021 by Tim Starks

Who you are, where you are and how you experience online life are all major factors in whether you’re targeted for phishing and malware campaigns on Gmail, a joint Stanford University-Google study concluded. The examination of 1.2 billion email-based phishing and malware attacks against Gmail users found that the risk of getting hit correlated at least in some significant measure to age, country, frequency of Gmail usage and past breach exposure. Users in the U.S. were most likely to be targeted, attracting 42% of the attacks that researchers tracked. U.K. users were the subject of 10% of attacks, while people in Japan came in third, with 5%. Higher age groups also encountered higher odds of being targeted. For instance, the 55 to 64 age group was 1.64 times more likely to experience an attack compared to 18- to 24-year-olds. Google publicized the study Tuesday, saying it teamed with Stanford researchers […]

The post 42% of Gmail scams targeted American users, Google finds appeared first on CyberScoop.

Continue reading 42% of Gmail scams targeted American users, Google finds→

Two Iranian hacking groups appear to be actively snooping on critics around the globe

Posted on February 8, 2021 by Tim Starks

Two suspected Iranian government-connected hacking groups are actively spying on dissidents around the world in renewed eavesdropping campaigns, researchers said in reports out Monday morning. One of the groups, known as Domestic Kitten or APT-C-50, notched victims in seven countries, Check Point Research found: Iran, the U.S., the U.K., Pakistan, Afghanistan, Turkey,and Uzbekistan. The other, known as Infy or Prince of Persia, snooped on dissidents in 12 countries, Check Point found in joint research with SafeBreach. Both companies were founded in Israel, which counts Iran as one of its chief nemeses. The U.S. also counts Iran among the handful of its biggest adversaries in cyberspace. Check Point has reported on both groups in the past, but the the company said its research uncovered new activity and fresh techniques. “The operators of these Iranian cyber espionage campaigns seem to be completely unaffected by any counter-activities done by others, even though they […]

The post Two Iranian hacking groups appear to be actively snooping on critics around the globe appeared first on CyberScoop.

Continue reading Two Iranian hacking groups appear to be actively snooping on critics around the globe→

Serbian man extradited to US over cryptocurrency mining fraud scheme

Posted on February 5, 2021 by Tim Starks

Serbia extradited a man to the U.S. to face charges that he and his partners defrauded investors out of more than $70 million, in part by touting phony cryptocurrency mining companies, authorities announced Friday. The Serbian man, Antonije Stojilkovic, stands accused of conspiracy to commit fraud and money laundering, charges for which he could face 20 years in prison. “This $70 million scam spanned several continents, targeting American citizens and foreigners alike,” said Prerak Shah, acting U.S. Attorney for the Northern District of Texas. “The U.S. Department of Justice will not relent in our fight against cybercrime.” Stojilkovic and his co-conspirators advertised that their cryptocurrency mining platforms would allow investors to “purchase bitcoin at half market price!!” because of a “24-7 mining” operation at “facilities ‘worldwide,’” according to a Justice Department press release. In propping up those companies and others devoted to binary options — more than 20 in all […]

The post Serbian man extradited to US over cryptocurrency mining fraud scheme appeared first on CyberScoop.

Continue reading Serbian man extradited to US over cryptocurrency mining fraud scheme→

Facebook, TikTok, Twitter go after ‘OGUsers’ members who traffic hacked accounts

Posted on February 4, 2021 by Tim Starks

Facebook, TikTok and Twitter coordinated to banish hundreds of accounts on Thursday allegedly linked to OGUsers, a marketplace for hacked usernames that can fetch tens of thousands of dollars. Buyers use the simple, short usernames — such as @food — to obtain clout or make money. Facebook said it has cracked down on accounts affiliated with OGUsers before, but it is making its enforcement public in a bid to deter those who would harass or hack legitimate users to obtain those valuable accounts. “They harass, extort and cause harm to the Instagram community, and we will continue to do all we can to make it difficult for them to profit from Instagram usernames,” said a spokesperson for Facebook, which owns Instagram. In all, Facebook suspended around 400 accounts. Twitter said it suspended “a number” of them but didn’t elaborate upon request. TikTok did not immediately respond to a request for […]

The post Facebook, TikTok, Twitter go after ‘OGUsers’ members who traffic hacked accounts appeared first on CyberScoop.

Continue reading Facebook, TikTok, Twitter go after ‘OGUsers’ members who traffic hacked accounts→