DOJ: Former NSA Operatives Worked as Cyber-Mercenaries, Helping Hack U.S. Systems

Posted on September 17, 2021 by esimantiras

DOJ: Former NSA Operatives Worked as Cyber-Mercenaries, Helping Hack U.S. Systems

source: gizmodo.com

Members of the U.S. intelligence community and military have reached a deferred prosecution agreement over their role in an overseas cyber-mercenary business.

Former U.S. intelligence operatives are facing federal charges after allegedly having worked as cyber-mercenaries for the United Arab Emirates. The men, all of whom are ex-employees of the National Security Agency, are accused of helping the UAE government to break into computer systems all over the world, including some in the U.S., newly unsealed court documents claim.

Marc Baier, 49, Ryan Adams, 34, and Daniel Gericke, 40, are all charged with having broken federal laws related to computer fraud and export regulations, the Department of Justice announced Tuesday.

Between 2016 and 2019, the trio worked as senior managers at Dark Matter, an Emirati cybersecurity company. Working out of a converted mansion in Abu Dhabi, the team was part of an operation dubbed “Project Raven,” the likes of which was staffed almost wholly by former U.S. intelligence officials. Their services helped the Middle Eastern monarchy to carry out hacking operations against its perceived enemies, including activists, political rivals and journalists, Reuters previously reported.

Continue reading “DOJ: Former NSA Operatives Worked as Cyber-Mercenaries, Helping Hack U.S. Systems” →

Identity Matching: What You Need to Know About It

Posted on August 21, 2021August 21, 2021 by esimantiras

Identity Matching:

What You Need to Know About It

source: cyberdefensemagazine.com

image: pexels.com

When asked how they can improve a bank’s security from financial crime, many bankers are at a loss for words. Granted, the question is a broad one and difficult to answer right away—financial crime has always been multifaceted, and its nature has only evolved further over time. Still, if banking institutions truly want to steer clear of connections to money launderers or terrorist financiers, they must identify which aspect of their operations is worth strengthening.

Industry experts for anti-money laundering (AML) have recently reached a consensus: there’s a lot of potential in using the customer screening stage to prevent suspicious transactions. The most sensible paradigm to adopt is one that’s called identity matching, which involves assessing customer risk based on the full context of their account enrollment data. This, along with upgrading the bank’s customer due diligence (CDD) technologies, will prove much more effective than the default rules-based name matching approach.

Continue reading “Identity Matching: What You Need to Know About It” →

US taps tech giants to help fight ransomware, cyberattacks

Posted on August 7, 2021 by esimantiras

source: cnet.com

The Department of Homeland Security enlists Amazon, Microsoft, Google and others to help combat cyberthreats.

US taps tech giants to help fight ransomware, cyberattacks

The US government is turning to tech giants including Amazon, Microsoft and Google to help bolster cybersecurity, after a string of high-profile attacks involving critical infrastructure.

The initiative, called the Joint Cyber Defense Collaborative, was unveiled Thursday by Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, which falls under the Department of Homeland Security. The effort, reported earlier by The Wall Street Journal, will initially focus on combating ransomware and developing a framework to deal with cyberattacks that affect providers of cloud services. It also aims to improve information sharing between the government and the private sector, with the goal of reducing the risk of attacks and ensuring a coordinated response.

“The JCDC presents an exciting and important opportunity for this agency and our partners — the creation of a unique planning capability to be proactive vice reactive in our collective approach to dealing with the most serious cyber threats to our nation,” said Easterly. “The industry partners that have agreed to work side-by-side with CISA and our interagency teammates share the same commitment to defending our country’s national critical functions from cyber intrusions, and the imagination to spark new solutions.”

The team-up follows several high-profile ransomware and cyberattack episodes in the US. So far this year, ransomware attacks have shut down a gas pipeline and a major meat producer, spurring fears of shortages and concerns that other critical infrastructure is at risk. A number of federal agencies also fell victim to the SolarWinds hack that was uncovered last year, including high-level officials at the DHS.

Earlier this year, the Biden administration unveiled several efforts to shore up cybersecurity practices across federal agencies, including a $20 billion plan to secure the country’s infrastructure against cyberattacks.

Other companies participating with multiple government agencies in the JCDC include AT&T, CrowdStrike, FireEye, Lumen, Palo Alto Networks and Verizon.

“In order to bolster our nation’s cyber defenses, it’s essential that the public and private sectors work together to defend against evolving threats and shore up modern IT capabilities that will protect our federal, state and local governments,” said Phil Venables, chief information security officer at Google Cloud, in an emailed statement. “We look forward to working with CISA under the Joint Cyber Defense Collaborative and offering our security resources to build a stronger and more resilient cyber defense posture.”

Amazon and Microsoft didn’t respond to requests for comment.

An Explosive Spyware Report Shows the Limits of iOS Security

Posted on July 24, 2021 by esimantiras

source: wired.com

THE SHADOWY WORLD of private spyware has long caused alarm in cybersecurity circles, as authoritarian governments have repeatedly been caught targeting the smartphones of activists, journalists, and political rivals with malware purchased from unscrupulous brokers. The surveillance tools these companies provide frequently target iOS and Android, which have seemingly been unable to keep up with the threat. But a new report suggests the scale of the problem is far greater than feared—and has placed added pressure on mobile tech makers, particularly Apple, from security researchers seeking remedies.

Continue reading “An Explosive Spyware Report Shows the Limits of iOS Security” →

FBI: Cybercriminals Eyeing Broadcast Disruption at Tokyo Olympics

Posted on July 24, 2021 by esimantiras

FBI: Cybercriminals Eyeing Broadcast Disruption at Tokyo Olympics

source: threatpost.com

Expected cyberattacks on Tokyo Olympics likely include attempts to hijack video feeds, the Feds warn.

The Tokyo Olympics, set to open Friday night, are already being targeted by threat actors — however, the Federal Bureau of Investigation’s Cyber Division has issued a chilling warning the Games’ TV broadcast is likely to be plagued by attacks, since it will be the only way to view events now that spectators have been barred due to COVID-19 concerns.

“Adversaries could use social-engineering and phishing campaigns in the leadup to the event to obtain access or use previously obtained access to implant malware to disrupt affected networks during the event,” the FBI notification said. “Social-engineering and phishing campaigns continue to provide adversaries with the access needed to carry out such attacks.”

Continue reading “FBI: Cybercriminals Eyeing Broadcast Disruption at Tokyo Olympics” →

NSA And FBI Blame Russia For Massive ‘Brute Force’ Attacks On Microsoft 365

Posted on July 7, 2021July 8, 2021 by esimantiras

NSA And FBI Blame Russia For Massive ‘Brute Force’ Attacks On Microsoft 365

source: forbes.com

American intelligence and law enforcement agencies have pointed the finger at a Kremlin-backed hacking crew for a two-year campaign to break into Microsoft Office 365 accounts.

The NSA, FBI and DHS, in a joint report with U.K. intelligence, placed the blame for the widespread “brute force” attacks on Fancy Bear, a group best known for its breach of the Democratic National Committee in the lead up to the 2016 Presidential Elections. Brute force attacks see repeated attempts to guess the usernames and passwords for email and cloud accounts.

Continue reading “NSA And FBI Blame Russia For Massive ‘Brute Force’ Attacks On Microsoft 365” →

Largest Password Compilation Of All Time…

Posted on June 25, 2021June 25, 2021 by esimantiras

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

source: cybernews.com

What seems to be the largest password collection of all time has been leaked on a popular hacker forum. A forum user posted a massive 100GB TXT file that contains 8.4 billion entries of passwords, which have presumably been combined from previous data leaks and breaches.

According to the post author, all passwords included in the leak are 6-20 characters long, with non-ASCII characters and white spaces removed. The same user also claims that the compilation contains 82 billion passwords. However, after running our own tests, the actual number turned out to be nearly ten times lower – at 8,459,060,239 unique entries.

Continue reading “Largest Password Compilation Of All Time…” →

Secretive NSA Opens Doors to New “Collaboration Center”

Posted on June 25, 2021June 25, 2021 by esimantiras

Secretive NSA opens doors to new “collaboration center” as cyberthreats mount

source: cbsnews.com

Fort Meade, Maryland — One of the most notoriously secretive U.S. intelligence agencies has opened a new facility that it hopes, uncharacteristically, will welcome plenty of outside visitors.

While most of the National Security Agency’s (NSA) outposts are closed-off, highly restricted spaces, the agency’s newly launched Cybersecurity Collaboration Center, located a few miles outside its main campus in Fort Meade, Maryland, is meant to serve as a gathering point for government and private sector cybersecurity experts to exchange information about hacking threats from adversaries in real time.

Continue reading “Secretive NSA Opens Doors to New “Collaboration Center”” →

Department of Justice Seizes Ransomware $2.3M

Posted on June 11, 2021June 12, 2021 by esimantiras

Department of Justice Seizes $2.3 Million in Cryptocurrency Paid to the Ransomware Extortionists Darkside

source: justice.gov

WASHINGTON – The Department of Justice today announced that it has seized 63.7 bitcoins currently valued at approximately $2.3 million. These funds allegedly represent the proceeds of a May 8, ransom payment to individuals in a group known as DarkSide, which had targeted Colonial Pipeline, resulting in critical infrastructure being taken out of operation. The seizure warrant was authorized earlier today by the Honorable Laurel Beeler, U.S. Magistrate Judge for the Northern District of California.

Continue reading “Department of Justice Seizes Ransomware $2.3M” →

Ransomware: A National Security Threat

Posted on June 11, 2021June 10, 2021 by esimantiras

U.S. Suffers Over 7 Ransomware Attacks An Hour. It’s Now A National Security Risk

source: npr.org

The United States suffered 65,000 ransomware attacks last year – or over seven an hour. And it will likely get worse.

What was previously seen as a nuisance is fast becoming a national security problem as cybercriminals target key parts of the country’s infrastructure. A recent attack on Colonial Pipeline sparked panic buying that emptied many gas stations across the Southeast, while another attack on JBS raised fears about the domestic beef supply.

Continue reading “Ransomware: A National Security Threat” →