This week, wired Started our rogue problem, including ourselves being a little rough. Cable senior correspondent Andy Greenberg flew to Louisiana to see how easy it is to reproduce the 3D printed gun authorities, they found on Luigi Mangione when they arrested him for murdering the CEO of UnitedHealthCare. result? This is both easy and legal.
On Wednesday, U.S., European and Japanese authorities announced that they had undermined one of the world’s most extensive InfoStealer malware. Authorities say the malware, known as Lumma, is used to steal sensitive information, including passwords, bank information and details of cryptocurrency wallets, from victims around the world. Microsoft’s digital crime division helps with operations, occupying about 2,300 URLs that are used as Lumma infrastructure.
A mysterious database of more than 184 million records was deleted this week after security researcher Jeremiah Fowler discovered. The database contains 47 GB of data, including information about Amazon, Apple, Discord, Facebook, Google, Instagram, Microsoft, Netflix, Netflix, Nintendo, PayPal, Snapchat, Snapchat, Spotify, Twitter, WordPress, WordPress, Yahoo and more.
In other news, the United States accused 16 Russian nationals of allegedly operating the Danabot malware, which authorities say is used in various attacks, ranging from ransomware to espionage. A recent webinar revealed how a major venture capitalist helped activate Israel’s Starlink satellite internet after a Hamas attack on October 7, 2023.
But that’s not all. Every week, we fill in security and privacy news that we don’t cover in depth. Click on the headlines to read the full story. And stay safe.
The Intercept report said the U.S. intelligence community is seeking to create a market where private information collected by data brokers under the guise of marketing can be purchased by U.S. spies. Contract data shows that U.S. spy agencies intend to create a “intelligence community data alliance” that uses AI tools to screen people’s personal data; the Office of the National Intelligence Director has previously acknowledged that “can promote ransomware, stalking, harassment and public humiliation” information. In addition to insight into American behavior and religious and political beliefs, business data often includes precise location information, allowing the U.S. government to monitor people’s movements without obtaining warrants and explore widely recognized vulnerabilities in U.S. privacy laws.
Federal lawmakers tried to ban the U.S. government from buying so-called “business access information” last year, while Republican-controlled homes passed a version of the law called the “The Fourth Amendment Not a Sale Act.” However, the U.S. Senate, which was controlled by the Democrats at the time, rejected the legislation.
Wired’s reports repeatedly demonstrate how this data provides our adversaries with movements to monitor U.S. military and intelligence personnel, including sensitive facilities that house nuclear weapons and surrounding movements.
Back in 2014, Russian security company Kaspersky announced that it had discovered a delicate hacker team called Careto, Spanish in “ugly faces” or “masks” targeting victims in Europe and Cuba. Now, more than a decade later, the company’s former employees finally confirmed what Kaspersky would not say at the time: They thought Careto rarely saw hackers working on behalf of the Spanish government. Careto’s targets include energy companies, research institutions and activists, but it focuses on Cuba in particular, which may be due to the shelter of the island’s nations that have taken refuge in Spanish separatist groups, which were designated as terrorists by several European countries. Kaspersky researchers found a Spanish phrase in the hacker’s malware code that translates to “I’m shit in the sea,” a picky phrase commonly used by Spanish people, but no other Spanish. Given the sophistication of Careto’s hack, the public’s game of Kaspersky’s belonging to Spain has added another known player.
Microsoft’s recall feature continues to take screenshots of Windows user activity, and still represents a serious privacy concern, even as Microsoft significantly reviews its launch in response to criticism. Therefore, encrypted messaging application signals are even intended to take advantage of the digital rights management features of Windows that are often used to protect copyrighted materials to prevent screenshots of the application from being used on Windows Machines. After all, the recall feature may be something some company or government users may need, essentially this will essentially remove any privacy promises from the signal disappearing message feature and anyone who communicates with them. Screenshot prevention can be turned off in the settings of the signal, but will be turned on in Windows by default. “Microsoft just has no other choice,” the signal reads in a blog post.
The hacking group in the Russian GRU military intelligence agency known as APT28 or Fancy Bear is first notorious for its targeting the 2016 U.S. election, but it is no surprise that the group has been focused on Ukraine recently. According to new assessments from intelligence agencies in no less than 11 national countries, hacker groups have been targeting a wide range of technology and logistics companies to participate in providing assistance to Ukraine. “Doctors of entities, including government organizations and private/commercial entities in almost all modes of transportation: air, ocean and rail,” the consulting firm wrote. Perhaps most notably the agency’s allegations are targeting 10,000 security cameras in countries bordering Ukraine, including at border crossings, military facilities and railway stations. According to these agencies, GRU Hackers also reconnaissed at least one of the industrial control system components of the railway system, which may have been an intention to attempt to sabotage the destruction, but did not actually succeed in violating the company.
The Justice Department accused a Russian national Rustam Gallyamov on Thursday of accusing the software he designed was widely used by ransomware gangs and was known to have infected hundreds of thousands of computers, thus making the gang profits of about $8.6 million, according to the Justice Department. Prosecutors said that during the investigation, Gallyamov, 48, seized more than $24 million. Federal charges claimed this week that Galimat himself could access the victim’s computers and provide them to a range of cybercrime groups including Dopplepaymer, Revil, Black Basta and Cactus.
In August 2023, U.S. Attorney General Merrick Garland announced an investigation into now-crippled malware called Qakbot, who announced a transnational operation that includes Europol, prosecutors and law enforcement agencies in France, Germany, the Netherlands, Romania, Latvia and the United Nations Kingdom. Canadian and Denmark agencies are also considered to be investigating Galimat.
