AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 4/25/2024

Feds charge Iranian nationals for cyberattacks against US government

The US government has charged and sanctioned four Iranian nationals over claims they carried out a yearslong hacking campaign against US government agencies and companies. It also accuses the group of waging these attacks on behalf of the Iranian government. An indictment unsealed on Tuesday alleges that from around 2016 through at least April 2021, the four individuals waged cyberattacks against “more than a dozen” US-based companies, along with the US departments of the Treasury and State. The companies targeted by the attacks were “primarily” contractors for the US Department of Defense that had access to sensitive information.

 

Australia’s spies and cops want ‘accountable encryption’ – aka access to backdoors

The director general of Australia’s lead intelligence agency and the commissioner of its Federal Police yesterday both called for social networks to offer more assistance to help their investigators work on cases involving terrorism, child exploitation, and racist nationalism. The two bosses yesterday appeared together at Australia’s National Press Club. First to the lectern was Mike Burgess, director general of the Australian Security and Intelligence Organisation, who opened by saying “The internet is a transformative information source… and the world’s most potent incubator of extremism.”

 

DOJ Arrests Founders of Crypto Mixer Samourai for $2 Billion in Illegal Transactions

The U.S. Department of Justice (DoJ) on Wednesday announced the arrest of two co-founders of a cryptocurrency mixer called Samourai and seized the service for allegedly facilitating over $2 billion in illegal transactions and for laundering more than $100 million in criminal proceeds. To that end, Keonne Rodriguez, 35, and William Lonergan Hill, 65, have been charged with conspiracy to commit money laundering and conspiracy to operate an unlicensed money transmitting business from 2015 through February 2024. Rodriguez and Hill face a maximum sentence of 25 years in prison each. Rodriguez, the CEO of the company, and CTO Hill intentionally designed Samourai to help “criminals to engage in large-scale money laundering and sanctions evasion,” while ostensibly marketing as a privacy-oriented service, the DoJ said.

 

56% of cyber insurance claims originate in the email inbox

56% of all 2023 claims were a result of funds transfer fraud (FTF) or business email compromise (BEC), highlighting the importance of email security as a critical aspect of cyber risk management, according to Coalition. The 2024 Cyber Claims Report is based on reported claims data from January 1 to December 31, 2023. “Threat actors want to get paid, and the email inbox has proven to be an easy place for an attacker to uncover payment information and potentially intervene in payment processes to steal funds,” said Robert Jones, Coalition’s Head of Global Claims.

 

School athletic director arrested for framing principal using AI voice synthesis

On Thursday, Baltimore County Police arrested Pikesville High School’s former athletic director, Dazhon Darien, and charged him with using AI to impersonate Principal Eric Eiswert, according to a report by The Baltimore Banner. Police say Darien used AI voice synthesis software to simulate Eiswert’s voice, leading the public to believe the principal made racist and antisemitic comments. The audio clip, posted on a popular Instagram account, contained offensive remarks about “ungrateful Black kids” and their academic performance, as well as a threat to “join the other side” if the speaker received one more complaint from “one more Jew in this community.” The recording also mentioned names of staff members, including Darien’s nickname “DJ,” suggesting they should not have been hired or should be removed “one way or another.”

 

Related Posts