Cybersecurity & Espionage Articles
Original article at Wired.com
Sifting through more than a dozen of the major cases that have targeted Westerners, though, provides an illuminating window into how China recruits its spies. The recruitment follows a well-known five-step espionage road map: Spotting, assessing, developing, recruiting, and, finally, what professionals call “handling.”
0 Comments
Original article at NYTimes.com
Twitter executives first became aware of a possible plot to infiltrate user accounts at the end of 2015, when Western intelligence officials told them that the Saudis were grooming an employee, Ali Alzabarah, to spy on the accounts of dissidents and others, according to five people briefed on the matter. They requested anonymity because they were not authorized to speak publicly. Mr. Alzabarah had joined Twitter in 2013 and had risen through the ranks to an engineering position that gave him access to the personal information and account activity of Twitter’s users, including phone numbers and I.P. addresses, unique identifiers for devices connected to the internet. The intelligence officials told the Twitter executives that Mr. Alzabarah had grown closer to Saudi intelligence operatives, who eventually persuaded him to peer into several user accounts, according to three of the people briefed on the matter. Original Article at The Wall Street Journal
Public companies that are easy targets of cyber scams could be in violation of accounting rules that call for firms to safeguard assets, the Securities and Exchange Commission said Tuesday. The SEC said in an investigative report that nine public companies wired nearly $100 million to hackers who impersonated corporate executives or vendors using emails. One company made 14 wire payments to a hacker, resulting in more than $45 million in losses, the SEC said. The agency declined to punish the companies, which weren’t identified. Original article at Bloomberg.com
Even after high-profile security breaches at Target Corp., Facebook Inc., and Google, a majority of board members are still using personal email accounts to share corporate information -- and a third of them have misplaced a company-owned mobile device or computer in the past year. All told, 56 percent of directors and 51 percent of C-suite executives are using personal email, rather than a corporate account, to send sensitive company information. That’s one of the findings from a survey of 411 board members and governance officials from 11 countries conducted earlier this year by Forrester Consulting for Diligent Corp., which sells software for securing boardroom documents. Original Article at www.Cyware.com (BTW, I love the name!!!)
Phishing attacks continue to be the biggest challenge in a majority of organizations. Over the past few years, cybercriminals have developed various new phishing attack methods, which use email and social-engineering techniques to gain access to confidential data. A common format of duping users is by luring them into clicking on a link or opening an attachment. This malicious link or attachment eventually ends up with users either divulging confidential information or wiring money to an attacker-controlled account. Original Article at APNews.com
The Pentagon on Friday said there has been a cyber breach of Defense Department travel records that compromised the personal information and credit card data of U.S. military and civilian personnel. According to a U.S. official familiar with the matter, the breach could have affected as many as 30,000 workers, but that number may grow as the investigation continues. The breach could have happened some months ago but was only recently discovered. The official, who spoke on condition of anonymity because the breach is under investigation, said that no classified information was compromised. Original article at DW.com
The US Justice Department said on Wednesday it had detained a Chinese spy on charges of state-sponsored economic espionage, after he allegedly attempted to steal trade secrets from several American aviation and aerospace companies. Yanjun Xu, an intelligence officer for China's Ministry of State Security, is accused of running a five-year operation in which he would woo employees from major US aerospace firms and persuade them to travel to China under the guise that they would give a presentation at a university. Court papers documented how Xu and other intelligence operatives would then plan to illicitly obtain "highly sensitive information" from their expert guests. Beijing dismissed the claims on Thursday, saying American authorities were "making something out of thin air." Original article at www.DarkReading.com
Cybercriminals seeking to avoid detection by anti-malware defenses have increasingly begun using legitimate hacking tools and tactics — in addition to their own malware — to break into enterprise networks and literally hide in plain sight. Now a new and likely state-sponsored threat group has emerged that isn't using any custom malware at all. Instead, the group is exclusively relying on publicly available hacking tools and living-off-the-land tactics to conduct an especially stealthy and hard-to-detect cyber espionage campaign. Original article at Wired.com
For years, the Kremlin's increasingly aggressive hackers have reached across the globe to hit targets with everything from simple phishing schemes to worms built from leaked NSA zero day vulnerabilities. Now, law enforcement agencies in the US and Europe have detailed another, far more hands-on tactic: Snooping on Wi-Fi from a vehicle parked a few feet away from a target office—or even from a laptop inside their hotel. Original article at Wired.com
The blockbuster legal battle between Uber and Google’s self-driving spinoff company, Waymo, hinges on two questions.
Now a hotly contested due diligence report, commissioned by Uber, makes it clear that the ride-hailing company knew Levandowski had ill-gotten Google files before it bought his startup and put him in charge of its own self-driving efforts. Question one seems to have its answer, and question two just got a lot more interesting. Additional Articles: |
Cyber-CyI find interesting articles on the web that are simple, down-to-earth, easy to understand, and (hopefully) informative for non-technical readers. Archives
November 2022
Categories |