Spyware from controversial Israeli software firm NSO Group was reportedly used by the nation’s civilian police force, according to a new report from an Israeli business publication, Calcalist. The new findings allege that the Israeli police conducted warrantless phone taps on Israeli politicians and activists, among others. According to the report, NSO Group, which was sanctioned by the U.S. Department of Commerce in November 2021, provided its flagship spyware product, Pegasus, to the police force, which in turn allegedly monitored local mayors and protesters who criticized former Prime Minister Benjamin Netanyahu.
Interpol said today that Nigerian authorities have detained 11 internet scammers, including members of the SilverTerrier cybercrime group. Authorities said the suspects engaged in Business Email Compromise (BEC), a type of internet crime where hackers use phishing emails or email account hacks to trick companies or government entities into making payments to the wrong bank accounts. The arrests took place last year, between December 13 and December 22, as part of Operation Falcon II. Interpol said that following a forensic analysis of the data extracted from phones and computers seized during house searches, they said the 11 suspects were linked to attacks on more than 50,000 targets. “One of the arrested suspects was in possession of more than 800,000 potential victim domain credentials on his laptop,” Interpol officials said today.
The European Union is interested in building its own recursive DNS service that will be made available to EU institutions and the general public for free. The proposed service, named DNS4EU, is currently in a project planning phase, and the EU is looking for partners to help build a sprawling infrastructure to serve all its current 27 member states. EU officials said they started looking into an EU-based centrally-managed DNS service after observing consolidation in the DNS market around a small handful of non-EU operators. “The deployment of DNS4EU aims to address such consolidation of DNS resolution in the hands of few companies, which renders the resolution process itself vulnerable in case of significant events affecting one major provider,” officials said in the DNS4EU infrastructure project revealed last week. But EU officials said that other factors also played a role in their decision to build DNS4EU, including cybersecurity and data privacy.
The International Committee of the Red Cross, which is best known for helping war victims, says hackers broke into servers hosting its data and gained access to personal, confidential information on more than a half-million vulnerable people. The Geneva-based agency said Wednesday the breach by unknown intruders this week affected data about some 515,000 people “including those separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention.” It said the information originated in at least 60 Red Cross and Red Crescent chapters around the world.
Cryto.com CEO Kris Marszalek told Bloomberg on Wednesday that the attack earlier this week hit 400 users. For what Marszalek said was a period of 13 to 14 hours, Crypto.com paused its users’ ability to withdraw funds and subsequently asked its users to reset two-factor authentication. The company informed its users they would need to sign back into their accounts and reset their two-factor authentication. Marszalek said Crypto.com’s 200 security professionals had created a “very robust” infrastructure and stated it had defence-in-depth. “There are multiple layers, and in this particular incident, some of these layers were breached,” he said. “Which resulted in about 400 accounts having unauthorised transactions.” Marszalek added the impacted users had their funds fully reimbursed on the same day, and while he would not be drawn to put a figure on the amount of funds taken, he said the company was working on a postmortem that would appear on its blog in the next few days.
A White House national security memorandum signed today makes similar recommendations to those found in a Cybersecurity and Infrastructure Security Agency (CISA) memo published yesterday in which the agency stated that recent malware attacks in Ukraine highlight the potential for “widespread damage to critical infrastructure” here in the United States. The CISA memo offers a series of recommended measures that could help detect cyberattacks and reduce possible damage and lists two specific malware threats that have been used previously, NotPetya and the WannaCry ransomware, as examples of just how damaging these attacks can be.