Latest news with #Wiretap
Forbes
29-04-2025
- Forbes
The Wiretap: The Worrying Rise Of ‘Violence-As-A-Service'
The Wiretap is your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here. getty As if there wasn't enough to worry about concerning children and teenagers being targeted online, this week Europol warned that youngsters are being recruited by organized criminal groups to carry out 'violence-as-a-service' According to the agency, this involves ' outsourcing of violent acts to criminal service providers' by 'vulnerable young people being groomed or coerced into doing so.' Cybersecurity company Trend Micro also put out research on this front. It found that there are detailed online forums in Russia where criminals were offering to carry out physical attacks for the highest bidder. In one post, a user offered to commit 'grievous bodily harm' for $5,000. 'Torture with extortion of information' was on offer for $6,000 a day. Arson of a target's apartment was offered at $10,000. The problem has become bad enough that on Tuesday, Europol announced a taskforce to deal with the crime and published advice for parents on how to keep an eye out for signs a child is being targeted by a criminal network. Among the signs to look out for? The use of encrypted messaging apps and a surprisingly healthy cash flow. There may be benign explanations for these but if you don't know how your teen is making money, it's probably a good idea to talk to them about it. Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964. getty Researchers at Israeli cybersecurity startup Oligo revealed vulnerabilities in Apple's AirPlay could be used to install malware on connected devices, Wired reports. Dubbing their attacks AirBorne, the researchers showed how they could target the software development kit (SDK) used by third-party devices to work with AirPlay so they could hijack devices like speakers or smart TVs. Apple has patched weaknesses that would've allowed attacks on its own AirPlay-enabled devices, though the company told Wired those bugs could have only been exploited if users had changed default settings. Hacks of connected devices could still be possible, however, meaning tens of millions of products may remain vulnerable. Worried about your own phone? You can disable Airplay by going to settings on your iPhone and searching for it, then turn Automatically AirPlay to 'Never.' Researchers at the University of Toronto's Citizen Lab found malware masquerading as an open source word processing and spell check app for the Uyghur language. Senior members of the World Uyghur Congress living in exile were among the targets. British retail giant Marks & Spencer has been hit by a cyberattack that's downed its online payments for five days, with a ransomware group known as Scattered Spider reportedly linked to the hack. Google put out a report on Tuesday showing how zero-day attacks (which hit previously-unknown and unpatched vulnerabilities) targeting mobile devices had gone down. Zero-day exploitation of mobile devices fell by about 50% compared to this time last year, though Google did warn that it expected to see overall zero-day attacks rise steadily over the next 12 months. That's because 'the average trendline indicates that the rate of zero-day exploitation continues to grow at a slow but steady pace,' Google's researchers wrote. TechCrunch reports on two breaches in the healthcare industry this week. One was at the largest healthcare system Yale New Haven Health, which appeared to have been hit by ransomware, potentially affecting more than 5.5 million people. The other was at insurance giant Blue Health said it had been sharing patients' private health information with Google for years because of a misconfiguration.
Forbes
22-04-2025
- Business
- Forbes
The Wiretap: Trump's Cybersecurity Agency Avoided A Near Disaster
The Wiretap is your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here. getty An essential, constantly-updated database of cybersecurity vulnerabilities almost went offline last week. Run by Mitre, the Common Vulnerabilities and Exposures (CVE) database has become vital to all manner of digital defenders, from those on enterprise IT teams to those keeping tabs on national security threats. It's proven particularly helpful in understanding the severity of a software or hardware flaw, determining whether it's actively being exploited by hackers, and assessing whether a fix is urgently needed. Mitre had warned users that funding for the CVE project, which came via the DHS Cybersecurity and Infrastructure Security Agency (CISA), was going to run out on Wednesday April 16. In a last minute reprieve, though, CISA confirmed it would continue to provide financial backing for it. Inside CISA, staff told Forbes it was a whirligig week where, within 24 hours, the agency had gone from causing a disaster to averting one. 'It would have been devastating for defenders,' said one CISA employee. 'What a mess,' said another. Beyond saying that 'the CVE Program is invaluable to the cyber community and a priority of CISA,' the agency is yet to offer any kind of explanation for the brinksmanship. CISA is currently without a permanent director, with Sean Plankey, Trump's nominee, yet to be approved by Congress. The sooner the agency has some stability, the less likely such snafus come close to causing catastrophic damage to American cybersecurity. Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964. Getty Images Palantir, the $20 billion surveillance company, is upping its work with Immigration Customs Enforcement (ICE) via contracts asking it to build a 'complete target analysis of known populations,' reports 404 Media. A subsequent leak of internal Palantir communications revealed that it's going to be helping locate people in the country illegally, while planning for a backlash externally and internally. Staff have been given guidance on the ethics of working on such large-scale work with an agency like ICE, showing how Palantir is worried about the optics of the contracts. Read the whole story here. Cops across America are starting to utilize AI agents to help spy on social media, according to a Wired and 404 Media report. Among the agents advertised to cops by providers were a fake college protester and a potential child sex trafficking victim. Pedestrian crosswalks were hacked in Seattle last week to have a fake Jeff Bezos start spouting tongue-in-cheek pro-billionaire spiel. 'Please, please don't tax the rich. Otherwise, all the other billionaires will move to Florida too,' it said, referencing the Amazon founder's residency change that saved him an estimated $1 billion. A draft bill currently in the Florida legislature would, if it passed, require social media companies to build backdoors that would allow law enforcement to decrypt messages. Secretary of Defense Pete Hegseth has all but confirmed new reports suggesting he shared sensitive information about U.S. attack plans in Yemen in a second Signal group chat. Forbes 30 Under 30 Europe list was launched last week. One lister was a Ukrainian cybersecurity startup, LetsData. Launched in 2022, it's an AI-driven company that claims it can spot and tackle disinformation campaigns. Michael McMahon, a retired NYPD sergeant turned private detective, has been sentenced to 18 months in prison for his part in harassing and stalking a Chinese expatriate named Xu Jin, who is wanted by his homeland's government. It's alleged McMahon helped his client even though he knew it appeared to be part of a Chinese government plot to get Jin to return to China.
Forbes
15-04-2025
- Forbes
The Wiretap: How Law Enforcement Took Control Of The Dark Web's ‘Gmail'
The Wiretap is your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here. For people seeking to keep their communications away from the prying eyes of government and law enforcement, the dark web has provided a haven for years. One option was the Darknet Mail Exchange, or DNMX, which advertised itself as just like Gmail, but with one additional benefit: 'We don't care who you are and will never ask for your information or reveal your identity; this is the dark net after all.' But in October 2023, all those promises of anonymity came undone as the Dutch police seized DNMX servers and began rummaging through users' emails. At the time, cops believed DNMX was being used for the trade of child sex abuse material, terrorist communications and narcotics trafficking. The Dutch national police declined to comment further on the seizure, other than to tell Forbes there was an investigation. 'We will do no further notices about the investigation,' said Netherlands Police spokesperson Thérèse Ariaans. She declined to comment on whether or not the police let the service continue running to ensnare more criminals. Although the service is now down, according to the Wayback Machine, the main clearweb (i.e. non darknet) site for DNMX was still active last year. There have also been reports on social media of criminals continuing to message over the platform as recently as late summer 2024. In recent years, investigators have run communications channels used by criminals, the most notable case being that of Anom, an encrypted app that was controlled by police. More recently, the FBI took over the online profile of a money launderer who went by the name ElonMuskWHM to track his clients, according to 404 Media. Court documents show some darknet users had fretted that DNMX had been hit by a law enforcement raid in 2023, though no further information was forthcoming. On Reddit, an apparent note from the DNMX administrator from 2023 warned that DNMX email accounts were 'no longer in our control.' Since the previously unreported seizure, Dutch investigators have been sharing their findings with all manner of other agencies, from Europol to American federal departments. In one case, they found a child sexual exploitation enterprise using DNMX that offered to pay people to produce illegal footage. In some cases, the DNMX user, whose illicit business was known as Newstarz, would offer to pay as much as $500,000 for a year's contract, or up to $50,000 for a series of images around a given narrative. It also offered an 'Elite Membership Level' that would provide 'sexual access to all models and families at meets,' according to court documents filed by the DOJ. The DOJ is now prosecuting a former U.S. Marine Corps officer, Jonathan Laroche, for allegedly creating CSAM and selling it to the DNMX user behind Newsta, who remains unknown, according to a search warrant and a criminal complaint. Laroche, a former Navy detective who had been sentenced in a separate case for choking a detained sailor at Naval Base San Diego earlier this year, has not yet filed a plea for a new charge of producing CSAM. Neither his lawyer nor the DOJ had responded to requests for comment at the time of publication. The owner of DNMX may have seen his service get taken down, but he promised in 2023 to offer a new one. 'The darknet needs a good email provider and I will bring a new one online soon,' according to the Reddit notice. It's unclear if that project ever bore fruit. Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964. Chris Krebs, former CISA director. (Photo by Jim Lo Scalzo-Pool/Getty Images) Getty Images The White House has revoked clearance approval for Chris Krebs, former head of the Cybersecurity and Infrastructure Security Agency (CISA), and his employer SentinelOne. Trump infamously fired Krebs in 2020 after he lost the election, blaming the ex-CISA director after the latter assessed there was no evidence of votes being compromised in any way. At the time, Trump had been on the warpath trying to undermine the election result. The White House release doesn't mention that public fracas, but claimed Krebs was 'a significant bad-faith actor who weaponized and abused his Government authority.' Alongside claiming he was involved in hiding information on the Hunter Biden laptop saga, the Trump administration also alleged Krebs 'suppressed conservative viewpoints under the guise of combatting supposed disinformation, and recruited and coerced major social media platforms to further its partisan mission.' Controversial forum 4Chan was inaccessible for many users on Tuesday amid claims it had been hacked and its user data released, including moderators' identities and email addresses. Senator Ron Wyden said he will block Trump's nomination for the next CISA director, Sean Plankey, until the agency releases a report on what he alleged was a 'multi-year cover up' of security flaws at U.S. telecommunication companies, TechCrunch reports. Chinese officials quietly acknowledged to U.S. counterparts in December that the country was behind attacks on American infrastructure, like ports, water utilities and airports, the Wall Street Journal reports. The admission came in December in a Geneva summit with the outgoing Biden administration. Someone has blown the whistle on how DOGE is handling data at the National Labor Relations Board, the federal agency tasked with investigating complaints about unfair labor practices, NPR reports. Silicon Valley residents may've gotten a shock over the weekend after hackers made audio-enabled traffic control buttons imitate the voices of Mark Zuckerberg and Elon Musk. According to a TechCrunch report, one Musk voice told passersby, 'I guess they say money can't buy happiness… I guess that's true. God knows I've tried. But it can buy a Cybertruck and that's pretty sick, right?' 'F—k, I'm so alone,' the Musk voice concluded. Tailscale, which protects network traffic with a peer-to-peer mesh virtual private network, announced a $160 million Series C round, led by Accel with participation from CRV, Insight Partners, Heavybit, and Uncork Capital. Existing angel George Kurtz, CEO of cybersecurity giant Crowdstrike, put in again, alongside new investor Anthony Casalena, the CEO of Squarespace. The company, founded in 2019, claims some major AI customers, including Perplexity, Hugging Face and Groq. A breach at the U.S. Office of the Comptroller of the Currency allowed hackers to spy on over 100 bank regulators' emails for over a year, Bloomberg reports. As a result, some banks, including JPMorgan and BNY, have paused sharing information with the agency.
Forbes
01-04-2025
- Forbes
The Wiretap: Cops Tracked A Tesla Arsonist Using His Own Car's Wi-Fi
The Wiretap is your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here. (Photo by) When an unknown individual shot and threw molotov cocktails at a number of Teslas at one of the electric car maker's centers in Las Vegas this March, investigators used a number of surveillance techniques to locate and eventually charge a suspect with domestic terrorism. While establishing the suspect getaway vehicle's direction of travel using surveillance cameras and license plate readers, law enforcement acquired records from telecom companies running cell towers along the vehicle's route to and from the Tesla garage. Typically used to get information on all mobile phones connecting to towers in the vicinity of a crime, these 'tower dumps' have long been controversial. In this case, cops used the tower dumps to track not only the suspect's phone but also the vehicle. Detectives asked Verizon, T-Mobile, and AT&T to send information on all connecting devices to six relevant towers. They saw a Verizon BlueLink onboard Wi-Fi system had pinged two of the towers. According to a complaint against the eventual suspect - 36-year-old Paul Hyon Kim - investigators believe the BlueLink was inside his Hyundai. It's a rare case of a vehicle being tracked via a tower dump, just a matter of weeks after one judge in Mississippi declared that the surveillance technique was unconstitutional. That ruling has since been appealed by the Justice Department, according to Court Watch, an independent publication focused on finding stories in federal court records. The investigation into Kim shows how the Trump administration's Justice Department is continuing to use such surveillance to track down those venting their fury at Tesla and its CEO Elon Musk. Since Musk undertook a massive restructuring of America's civil service via the Department of Government Efficiency (DOGE), activists and vandals launched a wave of attacks against his electric car company. 'The Department of Justice has been clear: anyone who participates in the wave of domestic terrorism targeting Tesla properties will suffer severe legal consequences,' said Attorney General Pam Bondi, announcing the charges against Kim last week. 'We will continue to find, arrest, and prosecute these attackers until the lesson is learned.' Anti-Musk sentiment is causing not only damage to physical cars but also Tesla's business as a whole. As Forbes' Alan Ohnsman reported last week, Tesla rivals are making significant gains in the marketplace, especially China's BYD. Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964. (Photo by) Members of Musk's DOGE gained access over the weekend to a payroll system housed in the Interior Department that processes salaries for about 276,000 federal employees across various agencies, according to the New York Times. The DOGE move overruled IT officials who had raised concerns about access to such sensitive information. The officials were later put on administrative leave and under investigation. After Defense Department chief Pete Hegseth shared information about strikes on Houthis in Yemen over encrypted messaging app Signal, downloads of the app have soared across the world. That includes a big jump in installs in Yemen. Staff over at the Cybersecurity and Infrastructure Security Agency told Forbes they were flabbergasted at the leaks, with one echoing some calls from Democratic lawmakers that there should be a criminal inquiry into the sharing of classified information outside of official government channels. The Justice Department announced the seizure of approximately $201,400 in cryptocurrency accounts linked to Hamas. The DOJ said it had identified crypto addresses that were used to launder more than $1.5 million in virtual currency since October 2024 for the benefit of Hamas. Microsoft is rolling out 11 cybersecurity-focused AI agents for Copilot. Each will focus on a different task. For instance, one will identify potential phishing emails. Another can craft messages to authorities in the event of a breach. Oracle has reportedly suffered two breaches in quick succession: one in its healthcare division, the other in its cloud unit. Larry Ellison's tech giant has denied the latter, though further reports alleged the information leaked online belongs to Oracle customers. The healthcare-related breach, which Oracle had flagged to customers in March, is now being investigated by the FBI, according to Bloomberg.
