Collaborate Disseminate
The British statement cites joint U.K./U.S. intelligence, representing the most formal U.S. attribution to date.
The post UK, EU, US formally blame Russia for Viasat satellite hack before Ukraine invasion appeared first on CyberScoop.
Continue reading UK, EU, US formally blame Russia for Viasat satellite hack before Ukraine invasion
Even after the arrests, the group has released more stolen data.
The post Two alleged Lapsus$ teens appear in London court appeared first on CyberScoop.
Continue reading Two alleged Lapsus$ teens appear in London court
The pledges follow the Biden administration saying that Russia’s calculus on digital assaults had changed.
The post NATO, G-7 leaders promise bulwark against retaliatory Russian cyberattacks appeared first on CyberScoop.
Continue reading NATO, G-7 leaders promise bulwark against retaliatory Russian cyberattacks
U.S. and U.K. government agencies called out Iranian government-affiliated hackers Thursday, accusing them of being behind cyber-espionage targeting the defense, local government, oil and natural gas and telecommunications sectors across the globe. The joint alert points a finger at MuddyWater, which the U.S. government for the first time last month attributed directly to Tehran. In the latest warning, the government agencies said that they have observed MuddyWater on the move in Africa, Asia, Europe and North America since 2018. “MuddyWater actors are positioned both to provide stolen data and accesses to the Iranian government and to share these with other malicious cyber actors,” reads the alert. The bulletin is the joint work of the the FBI, Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the U.S. Cyber Command Cyber National Mission Force and the U.K.’s National Cyber Security Centre. MuddyWater has a long history of allegedly spying on primarily […]
The post FBI, CISA, Cyber Command take aim at cyber-espionage by Iran’s MuddyWater group appeared first on CyberScoop.
Continue reading FBI, CISA, Cyber Command take aim at cyber-espionage by Iran’s MuddyWater group
A series of Ukrainian government websites were inaccessible Wednesday after what a government official described as a “mass DDoS attack,” marking the second apparent distributed denial-of-service disruption to hit government sites there in the last eight days. The websites for the country’s Ministry of Foreign Affairs, Ministry of Defense, Ministry of Internal Affairs, the Security Service of Ukraine and the Cabinet of Ministers suffered network disruptions in an incident that “appears consistent with recent DDOS attacks,” according to NetBlocks, a London-based organization that tracks internet access. DDoS attacks knock sites offline by flooding them with phony traffic. Mykhailo Fedorov, Ukraine’s Minister of Digital Transformation, said the country was experiencing another DDoS attack that also targeted Ukrainian banks, the Kyiv Independent reported shortly after observers around the world began noticing the disruptions. In a subsequent message posted to Telegram Fedorov said a “mass DDoS attack” began at about 4 p.m. local […]
The post As Russia invades, Ukrainian government networks suffer high-profile DDoS disruption appeared first on CyberScoop.
A British court ruled Monday that WikiLeaks founder Julian Assange can ask the country’s Supreme Court to block his extradition to the United States, where he’s accused of violating the Espionage Act and collaborating in criminal hacking activity. The High Court said there is a single “point of law” allowing Assange’s case to proceed. The U.K.’s Supreme Court has not decided whether it will take the case, and there is no guarantee that it will, but Monday’s ruling essentially buys Assange more time. The point of law has to do with the timing of when U.K. judges received and considered assurances from the U.S. about how Assange would be treated once on U.S. soil, according to the BBC. U.S. officials had said Assange would not be sent to a supermax prison or be held in long solitary confinement, but the question is whether those assurances came at the right time […]
The post Assange permitted to file U.K. Supreme Court appeal in extradition case appeared first on CyberScoop.
Continue reading Assange permitted to file U.K. Supreme Court appeal in extradition case
Police in Ukraine on Thursday said they broke up a ransomware gang allegedly responsible for extorting more than 50 companies across Europe and the U.S. for more than $1 million. The Ukrainian Cyberpolice, a division of the country’s national police, announced the arrest of an unnamed 36-year-old man who they say partnered with his wife and three others to carry out ransomware attacks. The group is also accused of providing virtual private network (VPN) services to other criminals for a fee. VPNs are widely and legally used around the world to shield portions of internet traffic and obscure the end-user’s IP address. But police in Ukraine say this VPN service also allowed customers to download computer viruses, spyware and other malware. “It was a purely ‘gangster’ service created by criminals for criminals and not under the control of any government or law enforcement agencies,” the Security Service of Ukraine said in […]
The post Ukrainian authorities arrest suspected ransomware ringleader appeared first on CyberScoop.
Continue reading Ukrainian authorities arrest suspected ransomware ringleader
Cybersecurity and Infrastructure Security Agency Director Jen Easterly told industry leaders in a phone briefing Monday that a vulnerability in a widely-used logging library “is one of the most serious I’ve seen in my entire career, if not the most serious.” “We expect the vulnerability to be widely exploited by sophisticated actors and we have limited time to take necessary steps in order to reduce the likelihood of damage,” she said of the Apache Log4j flaw. The issue is an unauthenticated remote execution vulnerability that could allow an intruder to take over an affected device. Hundreds of millions of devices are likely to be affected, said Jay Gazlay of CISA’s vulnerability management office in the call with critical infrastructure owners and operators. CISA, a component of the Department of Homeland Security, is setting up a dedicated website as soon as Tuesday to provide information and counter “active disinformation,” said Eric […]
The post CISA warns ‘most serious’ Log4j vulnerability likely to affect hundreds of millions of devices appeared first on CyberScoop.
Microsoft obtained a court order to seize websites from a Chinese government-linked espionage group that was using the sites to attack government agencies, think tanks and human rights organizations in 29 countries, the company said Monday. The legal move is aimed at a hacking outfit that Microsoft calls Nickel, which is also known as APT15, Ke3chang or Vixen Panda. It’s been around since at least 2010, and frequently spies on foreign affairs of interest to China. “Obtaining control of the malicious websites and redirecting traffic from those sites to Microsoft’s secure servers will help us protect existing and future victims while learning more about Nickel’s activities,” wrote Tom Burt, Microsoft’s corporate vice president for customer security and trust. “Our disruption will not prevent Nickel from continuing other hacking activities, but we do believe we have removed a key piece of the infrastructure the group has been relying on for this […]
The post Court hands Microsoft control of websites linked to spying by Chinese hackers appeared first on CyberScoop.
Continue reading Court hands Microsoft control of websites linked to spying by Chinese hackers
British regulators say they intend to fine Clearview AI, a facial recognition company that bills itself as the world’s largest, nearly $23 million for “alleged serious breaches” of the nation’s data protection laws. The fines stem from a joint investigation by the U.K. Information Commissioner’s Office (ICO) and its Australian counterpart. The ICO now awaits a response from Clearview AI before possibly levying the fine in mid-2022. “I have significant concerns that personal data was processed in a way that nobody in the UK will have expected,” U.K. Information Commissioner Elizabeth Denham said on Monday. “Clearview AI Inc’s services are no longer being offered in the UK. However, the evidence we’ve gathered and analysed suggests Clearview AI Inc were and may be continuing to process significant volumes of UK people’s information without their knowledge.” The increased scrutiny from U.K. regulators has something of a parallel in the U.S., where in […]
The post UK threatens Clearview AI with nearly $23M fine over its facial recognition tech appeared first on CyberScoop.
Continue reading UK threatens Clearview AI with nearly $23M fine over its facial recognition tech