Tonya Riley – Page 33 – WindowsTechs.com

Two members of QQAAZZ, which laundered funds from cybercrime, plead guilty

Posted on August 9, 2021 by Tonya Riley

Two individuals involved with laundering funds from U.S. victims of cybercrime pleaded guilty to their role in a transnational organization that relied in part on hacking to defraud victims out of millions of dollars, the Justice Department announced Friday. The defendants, Arturs Zaharevics and Aleksejs Trofimovics, are just two of 20 indiviuals charged by the U.S. government with involvement with QQAAZZ, a European-based crime group that provided cash and cryptocurrency laundering for cybercriminals. U.S. and European authorities launched a major crackdown on the group last fall, resulting in indictments against 14 members of the criminal organization. QQAAZZ allegedly laundered or attempted to launder tens of millions of dollars’ worth of funds stolen from cybercrime victims across 16 countries. Trofimovics opened thirteen corporate bank accounts in Portugal under a shell company to help move money for cybercriminals. Zaharevics, who was extradited from the United Kingdom in April, also set up foreign […]

The post Two members of QQAAZZ, which laundered funds from cybercrime, plead guilty appeared first on CyberScoop.

Continue reading Two members of QQAAZZ, which laundered funds from cybercrime, plead guilty→

Apple’s new solution to combat child abuse imagery could radically shift encryption debate

Posted on August 6, 2021 by Tonya Riley

Apple announced Thursday it will introduce a feature to detect child sexual abuse images being uploaded to iCloud Photos from iPhone devices in the United States. The company has framed the feature as a privacy-preserving way to combat the scourge of images of sexually explicit content involving children shared online. It’s a radical shift in approach to device privacy by Apple, which has often found itself at the forefront of the clash between tech companies and law enforcement over encrypted technologies. Security researchers and privacy experts say that the company’s decision could lead to a slippery slope of government abuse and has radically shifted the debate over encrypted technologies. “They’ve really changed the rules around what the debate around encryption is,” said Christopher Parsons, a senior research associate for Citizen Lab at the Munk School of Global Affairs and Public Policy at the University of Toronto. Most major cloud services including […]

The post Apple’s new solution to combat child abuse imagery could radically shift encryption debate appeared first on CyberScoop.

Continue reading Apple’s new solution to combat child abuse imagery could radically shift encryption debate→

DHS boss Mayorkas encourages hackers to join government during Black Hat speech

Posted on August 5, 2021 by Tonya Riley

Department of Homeland Security Secretary Alejandro Mayorkas encouraged attendees at the Black Hat cybersecurity conference to collaborate with the agency on defining the future of cybersecurity policy. “We need your creativity, your ideas, your boldness, and your willingness to push limits. We need you to help us navigate a path that has not yet been mapped,” Mayorkas said. “What’s at stake here is nothing less than the future of the internet, the future of our economic and national security, and the future of our country.” Mayorkas announced the impending launch of the Cyber Talent Management System, which will redefine hiring requirements for cybersecurity roles in the federal government and adjust pay rates to better fit the current workforce. He urged attendees to “lead the charge on the inside,” by joining the Cybersecurity and Infrastructure Security Agency and DHS. “This initiative…will give us more flexibility to hire the very best cyber […]

The post DHS boss Mayorkas encourages hackers to join government during Black Hat speech appeared first on CyberScoop.

Continue reading DHS boss Mayorkas encourages hackers to join government during Black Hat speech→

Facebook stops NYU researchers from examining misinformation, is criticized for ‘silencing’ transparency efforts

Posted on August 5, 2021 by Tonya Riley

Facebook shut down the accounts of researchers at New York University’s Ad Observatory who were studying misinformation, saying the team of experts had violated the company’s policies on automated collection of user data. The researchers argue that the social media giant shut down their access because their research, which has focused on misleading political advertisements and vaccine misinformation, has drawn negative attention to the company. The shutdown builds on years of tension between researchers and the platform. Researchers argue that they deserve special exemptions from Facebook’s policies banning the automatic collection of data from the platform because it holds valuable insights into how the company influences democracy and social issues in the U.S. “Facebook is silencing us because our work often calls attention to problems on its platform. Worst of all, Facebook is using user privacy, a core belief that we have always put first in our work, as a […]

The post Facebook stops NYU researchers from examining misinformation, is criticized for ‘silencing’ transparency efforts appeared first on CyberScoop.

Continue reading Facebook stops NYU researchers from examining misinformation, is criticized for ‘silencing’ transparency efforts→

Cryptocurrency reporting requirement in infrastructure bill sees potential changes

Posted on August 4, 2021 by Tonya Riley

U.S. lawmakers are moving forward with a revised version of an idea that aims to gather data about cryptocurrency transactions in a way meant to curb tax cheats. Senate Finance Committee Chair Ron Wyden (D-Ore.) joined by colleagues Sens. Cynthia Lummis (R-Wyo.) and Pat Toomey (R-Pa.) have filed an amendment seeking to put to rest some of the cryptocurrency industry’s concerns about a sweeping new $1 trillion infrastructure package Congress is set to vote on this week. The amendment alters current language in the infrastructure bill that enforces requirements for “brokers” to report cryptocurrency that is bought, sold, and traded. The idea comes as U.S. officials are exploring regulations that might shed light on ransomware payments made through the technology. U.S. Securities and Exchange Commission chairman Gary Gensler on Tuesday also called on Congress for additional authorities to undertake regulatory efforts. “Our amendment makes clear that reporting does not apply […]

The post Cryptocurrency reporting requirement in infrastructure bill sees potential changes appeared first on CyberScoop.

Continue reading Cryptocurrency reporting requirement in infrastructure bill sees potential changes→

A US official explains why the White House decided not to ban ransomware payments

Posted on August 4, 2021 by Tonya Riley

The Biden administration backed away from the idea of banning ransomware payments after meetings with the private sector and cybersecurity experts, a top cybersecurity official said Wednesday. “Initially, I thought that was a good approach,” Anne Neuberger, deputy national security advisor for cyber and emerging technology, said at an Aspen Security Forum event. “We know that ransom payments are driving this ecosystem.” Experts, including former government officials serving on a non-profit ransomware task force, helped shift that view, following high-profile hacks against Colonial Pipeline, the food production company JBS and Kaseya, a Florida-based IT firm. Payments from the Colonial Pipeline and JBS attacks totaled more than $15 million, a number that likely represents a fraction of the funds sent to extortionists. “We heard loud and clear from many that the state of resilience is inadequate, and as such, if we banned ransom payments we would essentially drive even more of […]

The post A US official explains why the White House decided not to ban ransomware payments appeared first on CyberScoop.

Continue reading A US official explains why the White House decided not to ban ransomware payments→

Hackers are using CAPTCHA techniques to scam email users

Posted on August 4, 2021 by Tonya Riley

More email users fell for scams using CAPTCHA technology in 2020, a new report from security firm Proofpoint shows. The technique, which uses a visual puzzle to help authenticate human behavior, received 50 times as many clicks in 2020 compared to 2019. That’s still only a 5% overall response rate, researchers note. Comparatively, one in five users clicked attachment-based emails with malware disguised as Microsoft PowerPoints or Excel spreadsheets. Campaigns using attachments to hide malware made up one in four of the attacks researchers at Proofpoint monitored. “Attackers don’t hack in, they log in, and people continue to be the most critical factor in today’s cyber attacks,” Ryan Kalember, executive vice president of cybersecurity strategy at Proofpoint said in a statement. Researchers found that quantity continues to beat quality in email attacks. Proofpoint found that the highest number of clicks came from a threat actor linked to the Emotet botnet. […]

The post Hackers are using CAPTCHA techniques to scam email users appeared first on CyberScoop.

Continue reading Hackers are using CAPTCHA techniques to scam email users→

Federal agencies are failing to protect sensitive data, Senate report finds

Posted on August 3, 2021 by Tonya Riley

Of eight federal agencies audited for their cybersecurity programs, only the Department of Homeland Security showed improvements in 2020, according to a report from the Senate Homeland Security and Governmental Affairs Committee. Released by the panel on Tuesday, the report expresses concerns about the state of federal agencies’ cyber posture during an overall 8% rise in security incidents across agencies. The report underscores the increased scrutiny of federal cybersecurity by lawmakers in the aftermath of a months-long alleged Russian cyber-espionage campaign the private sector first uncovered uncovered in December 2020. Russian hackers used a flaw in network management software SolarWinds to infiltrate nine government agencies. The report found that seven of the eight agencies reviewed still use legacy systems that no longer have security updates supported by their vendor. The practice can leave agencies vulnerable to foreign hacking, the report notes. “It is clear that the data entrusted to these […]

The post Federal agencies are failing to protect sensitive data, Senate report finds appeared first on CyberScoop.

Continue reading Federal agencies are failing to protect sensitive data, Senate report finds→

Suspected Chinese hackers took advantage of Microsoft Exchange vulnerability to steal call records

Posted on August 3, 2021 by Tonya Riley

Hackers with ties to China took advantage of vulnerabilities in Microsoft Exchange for several months starting in late 2020 to steal call logs from a Southeast Asia telecommunication company, researchers at Cybereason report. The White House last month formally blamed Chinese government-affiliated hacking group HALFNIUM for a massive hacking campaign exploiting vulnerabilities in Microsoft Exchange servers, a kind of mail technology. Cybereason found that the groups targeting the unnamed Southeast Asian telecom had access to the same vulnerability for months prior to Microsoft’s disclosure. The new findings build on a 2019 report from Cybereason, in which investigators identified a long-running hacking campaign that breached about 10 cellular providers in Africa, Europe, the Middle East, and Asia. Now researchers can say that not only has that group not let up, but that they are now also joined by two more groups tied to Chinese intelligence conducting the same kinds of operations. The […]

The post Suspected Chinese hackers took advantage of Microsoft Exchange vulnerability to steal call records appeared first on CyberScoop.

Continue reading Suspected Chinese hackers took advantage of Microsoft Exchange vulnerability to steal call records→

National cyber director endorses plan for a bureau to collect, analyze threat data

Posted on August 2, 2021 by Tonya Riley

National Cyber Director Chris Inglis called for the creation of a bureau of cyber statistics while outlining his priorities for the office in a speech Tuesday. The idea, initially proposed by Congress’s bipartisan Cyberspace Solarium Commission, would require the Department of Homeland Security to collect, process, and analyze statistics relevant to cyber threats and cybercrimes. It would require organizations that provide incident response services or cyber insurance to report information every 180 days. Inglis was a member of the same commission prior to his current role. “I would observe that to properly address risk we have to first understand it. We have to understand where it’s concentrated, where it cascades, what causes it, and more importantly to then discover how to address it,” Inglis said at an Atlantic Council event. “I think all would agree that in the absence of this information, we are going to be episodic, we’re going […]

The post National cyber director endorses plan for a bureau to collect, analyze threat data appeared first on CyberScoop.

Continue reading National cyber director endorses plan for a bureau to collect, analyze threat data→