The theft and sale of large swaths of valuable African Internet resources was an inside job, Internet investigator Ron Guilmette has concluded after five months of detective work. Documents obtained from industry sources and public records in Uganda show that at least one insider at AFRINIC is also a shareholder of a company that received money for selling IP addresses. That insider is Ernest M. Byaruhanga, Guilmette said. Byaruhanga was the second employee to be hired at AFRINIC in 2014, after former CEO Adiel Akplogan.
The U.S. Justice and Treasury departments took action Thursday against a Russian hacking group known as “Evil Corp.,” which stole “at least” $100 million from banks using malicious software that swiped banking credentials, according to a joint press release. “Evil Corp.” is a name reminiscent of the nickname for the key malevolent corporation in the popular television drama “Mr. Robot.” In all, the action targets 17 individuals associated with the organization, including Evil Corp.’s leader, Maksim Yakubets. The State Department has offered a $5 million reward for information on Yakubets.
Security researchers at Check Point say the company has uncovered evidence that Chinese hackers managed to hijack $1 million in seed money during a wire transfer between a Chinese venture capital firm and an Israeli startup—without either side realizing anything was wrong. The VC firm and the startup, whose names Check Point hasn’t released, reached out to the security firm after the funds failed to arrive. Once Check Point dug into the details, it discovered a man in the middle attack that took a lot of planning and plenty of patience.
When it comes to the extensive and invasive use of biometric data, the USA is one of the worst offenders in the world, faring only slightly better than China. According to research conducted by Comparitech, which rated 50 countries according to how, where and why biometrics were taken and how they are stored, the US ranked as the fourth worst country. Topping the list is China, followed by Malaysia and Pakistan. While Comparitech did not look at every country in the world, its study did compare 50 of them. To give a country a rating out of 25, each was rated out of five in four categories (storage, CCTV, workplace, and visas) according to how invasive and pervasive and the collection and use of biometrics is.
A systems update by SAP for the cloud platform used by the New Zealand police as part of its government-mandated gun buyback of semi-automatic rifles caused a privacy breach, leading to the entire online system being shut down. Deputy commissioner Mike Clement said the problem was reported to NZ police by an arms dealer with legitimate access to the firearm buyback site, who was able to view details of gun owners.
A new remote access trojan whose name reminds one of a fairytale and not the potential nightmare it could bring to its victim has been disclosed by Cylance. PyXie Python RAT has been flitting about since 2018 helping deliver ransomware and other malware to the healthcare and education industries. The RAT has been tracked being delivered through malicious TETRIS apps to load and execute the pen testing tool Cobalt Strike and a custom shellcode loader. “The loader is a Trojanized open source Tetris game. It has been modified to load an encrypted shellcode payload named ‘settings.dat’ from an internal network share and inject it into a new process,” Cylance said.
A contractor working for cell giant Sprint stored on an unprotected cloud server hundreds of thousands of cell phone bills of AT&T, Verizon and T-Mobile subscribers. The storage bucket had more than 261,300 documents, the vast majority of which were phone bills belonging to cell subscribers dating as far back as 2015. But the bucket, hosted on Amazon Web Services (AWS), was not protected with a password, allowing anyone to access the data inside. It’s not known how long the bucket was exposed.
In 2016, the U.S. Census Bureau faced a pivotal choice in its plan to digitize the nation’s once-a-decade population count: build a system for collecting and processing data in-house, or buy one from an outside contractor. The bureau chose Pegasystems Inc, reasoning that outsourcing would be cheaper and more effective. Three years later, the project faces serious reliability and security problems, according to Reuters interviews with six technology professionals currently or formerly involved in the census digitization effort. And its projected cost has doubled to $167 million — about $40 million more than the bureau’s 2016 cost projection for building the site in-house.
Twitter security celeb SwiftOnSecurity on Tuesday inadvertently disclosed a zero-day vulnerability affecting enterprise software biz Atlassian, a flaw that may be echoed in IBM’s Aspera software. The SwiftOnSecurity Twitter account revealed that Atlassian provided a domain that resolved to a local server with a common SSL certificate for its Confluence cloud service, to enable the Atlassian Companion app to edit files in a preferred local application and save the files back to Confluence.