FreshRSS

πŸ”’
β–³ πŸ”ƒ
☐ β˜† βœ‡ WIRED

School Employee Allegedly Framed a Principal With Racist Deepfake Rant

By Matt Burgess β€” April 27th 2024 at 10:30
Plus: Google holds off on killing cookies, Samourai Wallet founders get arrested, and GM stops driver surveillance program.
☐ β˜† βœ‡ WIRED

Russia Vetoed a UN Resolution to Ban Space Nukes

By Stephen Clark, Ars Technica β€” April 27th 2024 at 10:00
A ban on weapons of mass destruction in orbit has stood since 1967. Russia apparently has other ideas.
☐ β˜† βœ‡ WIRED

'ArcaneDoor' Cyberspies Hacked Cisco Firewalls to Access Government Networks

By Andy Greenberg β€” April 24th 2024 at 16:00
Sources suspect China is behind the targeted exploitation of two zero-day vulnerabilities in Cisco’s security appliances.
☐ β˜† βœ‡ WIRED

5 Best VPN Services (2024): For Routers, PC, iPhone, Android, and More

By Scott Gilbertson β€” April 24th 2024 at 13:30
It won’t solve all of your privacy problems, but a virtual private network can make you a less tempting target for hackers.
☐ β˜† βœ‡ WIRED

ShotSpotter Keeps Listening for Gunfire After Contracts Expire

By Max Blaisdell, Jim Daley β€” April 24th 2024 at 10:00
Internal emails suggest that the company continued to provide gunshot data to police in cities where its contracts had been canceled.
☐ β˜† βœ‡ WIRED

Change Healthcare Finally Admits It Paid Ransomware Hackersβ€”and Still Faces a Patient Data Leak

By Andy Greenberg β€” April 23rd 2024 at 03:55
The company belatedly conceded both that it had paid the cybercriminals extorting it and that patient data nonetheless ended up on the dark web.
☐ β˜† βœ‡ Krebs on Security

Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme

By BrianKrebs β€” April 22nd 2024 at 20:07

The head of counterintelligence for a division of the Russian Federal Security Service (FSB) was sentenced last week to nine years in a penal colony for accepting a USD $1.7 million bribe to ignore the activities of a prolific Russian cybercrime group that hacked thousands of e-commerce websites. The protection scheme was exposed in 2022 when Russian authorities arrested six members of the group, which sold millions of stolen payment cards at flashy online shops like Trump’s Dumps.

A now-defunct carding shop that sold stolen credit cards and invoked 45’s likeness and name.

As reported by The Record, a Russian court last week sentenced former FSB officer Grigory Tsaregorodtsev for taking a $1.7 million bribe from a cybercriminal group that was seeking a β€œroof,” a well-placed, corrupt law enforcement official who could be counted on to both disregard their illegal hacking activities and run interference with authorities in the event of their arrest.

Tsaregorodtsev was head of the counterintelligence department for a division of the FSB based in Perm, Russia. In February 2022, Russian authorities arrested six men in the Perm region accused of selling stolen payment card data. They also seized multiple carding shops run by the gang, including Ferum Shop, Sky-Fraud, and Trump’s Dumps, a popular fraud store that invoked the 45th president’s likeness and promised to β€œmake credit card fraud great again.”

All of the domains seized in that raid were registered by an IT consulting company in Perm called Get-net LLC, which was owned in part by Artem Zaitsev β€” one of the six men arrested. Zaitsev reportedly was a well-known programmer whose company supplied services and leasing to the local FSB field office.

The message for Trump’s Dumps users left behind by Russian authorities that seized the domain in 2022.

Russian news sites report that Internal Affairs officials with the FSB grew suspicious when Tsaregorodtsev became a little too interested in the case following the hacking group’s arrests. The former FSB agent had reportedly assured the hackers he could have their case transferred and that they would soon be free.

But when that promised freedom didn’t materialize, four the of the defendants pulled the walls down on the scheme and brought down their own roof. The FSB arrested Tsaregorodtsev, and seized $154,000 in cash, 100 gold bars, real estate and expensive cars.

At Tsaregorodtsev’s trial, his lawyers argued that their client wasn’t guilty of bribery per se, but that he did admit to fraud because he was ultimately unable to fully perform the services for which he’d been hired.

The Russian news outlet Kommersant reports that all four of those who cooperated were released with probation or correctional labor. Zaitsev received a sentence of 3.5 years in prison, and defendant Alexander Kovalev got four years.

In 2017, KrebsOnSecurity profiled Trump’s Dumps, and found the contact address listed on the site was tied to an email address used to register more than a dozen domains that were made to look like legitimate Javascript calls many e-commerce sites routinely make to process transactions β€” such as β€œjs-link[dot]su,” β€œjs-stat[dot]su,” and β€œjs-mod[dot]su.”

Searching on those malicious domains revealed a 2016 report from RiskIQ, which shows the domains featured prominently in a series of hacking campaigns against e-commerce websites. According to RiskIQ, the attacks targeted online stores running outdated and unpatched versions of shopping cart software from Magento, Powerfront and OpenCart.

Those shopping cart flaws allowed the crooks to install β€œweb skimmers,” malicious Javascript used to steal credit card details and other information from payment forms on the checkout pages of vulnerable e-commerce sites. The stolen customer payment card details were then sold on sites like Trump’s Dumps and Sky-Fraud.

☐ β˜† βœ‡ WIRED

The Next US President Will Have Troubling New Surveillance Powers

By Dell Cameron β€” April 22nd 2024 at 16:59
Over the weekend, President Joe Biden signed legislation not only reauthorizing a major FISA spy program but expanding it in ways that could have major implications for privacy rights in the US.
☐ β˜† βœ‡ WIRED

North Koreans Secretly Animated Amazon and Max Shows, Researchers Say

By Matt Burgess β€” April 22nd 2024 at 07:00
Thousands of exposed files on a misconfigured North Korean server hint at one way the reclusive country may evade international sanctions.
☐ β˜† βœ‡ WIRED

AI-Controlled Fighter Jets Are Dogfighting With Human Pilots Now

By Dell Cameron, Andrew Couts β€” April 20th 2024 at 10:00
Plus: New York’s legislature suffers a cyberattack, police disrupt a global phishing operation, and Apple removes encrypted messaging apps in China.
☐ β˜† βœ‡ WIRED

The Biggest Deepfake Porn Website Is Now Blocked in the UK

By Matt Burgess β€” April 19th 2024 at 16:54
The world's most-visited deepfake website and another large competing site are stopping people in the UK from accessing them, days after the UK government announced a crackdown.
☐ β˜† βœ‡ WIRED

The Trump Jury Has a Doxing Problem

By Andrew Couts β€” April 18th 2024 at 19:25
One juror in former US president Donald Trump’s criminal case in New York has been excused over fears she could be identified. It could get even messier.
☐ β˜† βœ‡ WIRED

The Real-Time Deepfake Romance Scams Have Arrived

By Matt Burgess β€” April 18th 2024 at 11:00
Watch how smooth-talking scammers known as β€œYahoo Boys” use widely available face-swapping tech to carry out elaborate romance scams.
☐ β˜† βœ‡ Security – Cisco Blog

Cisco Hypershield: A New Era of Distributed, AI-Native Security

By Tom Gillis β€” April 18th 2024 at 06:55

AI is transformative, driving huge productivity gains. The engine of AI β€” the data center β€” will grow substantially, maybe an order of magnitude or more over the coming years.

The industry went thr… Read more on Cisco Blogs

☐ β˜† βœ‡ Security – Cisco Blog

Cisco Hypershield: Reimagining Security

By Craig Connors β€” April 18th 2024 at 06:55
Cisco Hypershield is a new security infrastructure β€” a fabric β€” that can autonomously create defenses and produce measured responses to detected attacks, making security defenders' jobs easier.
☐ β˜† βœ‡ WIRED

Big Tech Says Spy Bill Turns Its Workers Into Informants

By Dell Cameron β€” April 17th 2024 at 18:11
One of Silicon Valley’s most influential lobbying arms joins privacy reformers in a fight against the Biden administration–backed expansion of a major US surveillance program.
☐ β˜† βœ‡ WIRED

Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities

By Andy Greenberg β€” April 17th 2024 at 10:00
Cyber Army of Russia Reborn, a group with ties to the Kremlin’s Sandworm unit, is crossing lines even that notorious cyberwarfare unit wouldn’t dare to.
☐ β˜† βœ‡ Security – Cisco Blog

Supercharging Cisco XDR with AI and Identity Intelligence at RSAC 2024

By Teresa Brunner β€” April 17th 2024 at 12:00

Cisco XDR is a leader in providing comprehensive threat detection and response across the entire attack surface. We’ll be showcasing new capabilities that will give security teams even more insight, a… Read more on Cisco Blogs

☐ β˜† βœ‡ WIRED

Change Healthcare’s New Ransomware Nightmare Goes From Bad to Worse

By Eric Geller β€” April 16th 2024 at 19:09
A cybercriminal gang called RansomHub claims to be selling highly sensitive patient information stolen from Change Healthcare following a ransomware attack by another group in February.
☐ β˜† βœ‡ WIRED

US Senate to Vote on a Wiretap Bill That Critics Call β€˜Stasi-Like’

By Dell Cameron β€” April 16th 2024 at 17:02
A controversial bill reauthorizing the Section 702 spy program may force whole new categories of businesses to eavesdrop on the US government’s behalf, including on fellow Americans.
☐ β˜† βœ‡ Security – Cisco Blog

Synergizing Advanced Identity Threat Detection & Response Solutions

By Jeff Yeo β€” April 16th 2024 at 12:00

In an ever-evolving digital landscape, cybersecurity has become the cornerstone of organizational success. With the proliferation of sophisticated cyber threats, businesses must adopt a multi-layered… Read more on Cisco Blogs

❌