Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 138

Military-grade spyware licensed by an Israeli firm to governments for tracking terrorists and criminals was used in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists, business executives and two women close to murdered Saudi journalist Jamal Khashoggi, according to an investigation by The Washington Post and 16 media partners.

The phones appeared on a list of more than 50000 numbers that are concentrated in countries known to engage in surveillance of their citizens and also known to have been clients of the Israeli firm, NSO Group, a worldwide leader in the growing and largely unregulated private spyware industry, the investigation found.

The list does not identify who put the numbers on it, or why, and it is unknown how many of the phones were targeted or surveilled. But forensic analysis of the 37 smartphones shows that many display a tight correlation between time stamps associated with a number on the list and the initiation of surveillance, in some cases as brief as a few seconds.

Read more | >

Facepalm: Microsoft is once again advising its customers to disable Windows print spooler, after a new vulnerability that allows hackers to execute malicious code on machines has emerged. While a patch fixing the flaw will be released in due course, the most effective workaround currently on the table is to stop and disable the print spooler service entirely.

This is the third print spooler vulnerability to emerge in just five weeks. While a critical flaw was originally identified and patched in June, a similar flaw – dubbed PrintNightmare – came to light shortly after and was subsequently patched (with mixed success).

The emergence of this new vulnerability is frustrating news for Microsoft and its users.

Read more | >

Pretty soon, people won’t have to provide a fingerprint or a driver license to prove their identity — if VU has its way.

The Argentina-based fraud and identity protection company announced $12 million in Series B funding Monday from backers including software developer Globant, as well as Agrega Partners, NXTP Ventures, Bridge One, the IDB Lab and Telefónica. The new funding gives the company total venture-backed investments of $20 million, CEO Sebastián Stranieri told TechCrunch.

Stranieri, who has worked in the cybersecurity industry for the past 20 years, got the idea for VU in 2007 after spending hours helping his grandmother verify her identity with the Argentinian government in what turned out to be a two-minute process.

Read more | >

Mint Mobile is an American telecommunications company which sells mobile phone services and operates as an MVNO on T-Mobile’s cellular network in the United States.

BleepingComputer reported that Mint Mobile has disclosed a data breach that exposed subscribers’ account information and ported phone numbers to another carrier.

The data breach notification sent to the impacted subscribers reveals that an unauthorized person gained access to their data between June 8th and June 10th. The company did not reveal how hackers had access to the subscribers’ data.

Read more | >

World Economic Forum Founder Klaus Schwab opens Cyber Polygon 2021 with a warning: “A lack of cybersecurity has become a clear and immediate danger to our society worldwide.”

Giving the welcoming remarks at Cyber Polygon for the second year in a row, Schwab spoke at length about the World Economic Forum’s (WEF) desire to tackle cybersecurity by bringing together a closer merger of corporations, small businesses, and governments.

Last year, Schwab warned, “We all know, but still pay insufficient attention to, the frightening scenario of a comprehensive cyber attack, which would bring a complete halt to the power supply, transportation, hospital services, our society as a whole.”

Read more | >

These attacks — along with news of several high-profile data breaches linked to the Russian government-backed hack of American software company SolarWinds, including at tech titans like Microsoft — have prompted questions about how these attacks have occured, and how to better guard against them.

State and local leaders testified June 17 before the Senate about how cyber threats they face have grown. And along with the increased penalties for cybercriminials included in a bipartisan Senate infrastructure package, a second bipartisan Senate bill would require public and private entities to report cybersecurity breaches to the government within 24 hours, as well as add liability protections to help encourage businesses to come forward.

Here’s what you should know as debate over cybersecurity and how to fight ransomware continues.

Read more | >

Cyber incidents are an ongoing and substantial threat. Find out how The National Guard is working to deter, disrupt and defeat malicious cyber activity.

ARLINGTON, Va. – The National Guard plays a critical role in defending computer networks and mitigating cyber-attacks that occur almost daily, said Guard senior leaders during a roundtable discussion Tuesday.

“Cyber incidents are an ongoing and substantial threat,” said Army Gen. Daniel Hokanson, chief of the National Guard Bureau. “In 2021 alone, America’s power plants, food supply, water supply, health care, law enforcement, and defense sectors have all come under attack.”

That’s why upcoming exercises like Cyber Shield 2021 – which helps prepare “Guard cyber warriors to deter, disrupt and defeat malicious cyber activity” – are important, he said. Adding the Guard plays a key role in the Department of Defense’s cyber enterprise while partnering with outside agencies.

Read more | >