Cybersecurity

"After the United Kingdom demanded that Apple create a backdoor that would allow government officials globally to spy on encrypted data, Apple decided to simply turn off encryption services in the UK rather than risk exposing its customers to snooping.

Apple had previously allowed end-to-end encryption of data on UK devices through its Advanced Data Protection (ADP) tool, but that ended Friday, a spokesperson said in a lengthy statement.

"Apple can no longer offer Advanced Data Protection (ADP) in the United Kingdom to new users and current UK users will eventually need to disable this security feature," Apple said."

https://arstechnica.com/tech-policy/2025/02/apple-pulls-data-protection-tool-instead-of-caving-to-uk-demand-for-a-backdoor/

#UK #CyberSecurity #Apple #Encryption #Backdoors #DataProtection #Surveillance

?!?!

"Among the cadre of DOGE engineers now rooting through the guts of the administrative state, few have attracted more curiosity than Edward “Big Balls” Coristine, a 19-year-old coder who interned for three months for Neuralink, Elon Musk’s brain implant company. Coristine has a brief but colorful history that includes being fired from Path Networks, a cybersecurity company, for giving company documents to a competitor. He apparently palled around with a criminal hacking group called The Com and, according to a Telegram account associated with him, had solicited hacking services online. In 2021, he founded a company called Tesla.Sexy LLC that, according to Wired, “controls dozens of web domains, including at least two Russian-registered domains. One of those domains, which is still active, offers a service called Helfie, which is an AI bot for Discord servers targeting the Russian market.”

A lot about DOGE remains unknown – like who’s officially in charge – but Coristine has email addresses at USAID and the Department of Homeland Security and was recently seen inside the Cybersecurity and Infrastructure Security Agency and the State Department. Across the federal government, he seems to have the run of the place.

There’s one aspect of Coristine’s background that has escaped public notice: his grandfather, Valery Martynov, was a KGB spy who played an intriguing role in a sprawling 1980s espionage drama."

https://www.jacobsilverman.com/p/prominent-doge-staffer-is-grandson

#USA #Musk #DOGE #Russia #CyberSecurity #DataProtection

"Italy’s national union for journalists has submitted a criminal complaint to prosecutors in Rome after Giorgia Meloni’s government shut down questions in parliament over suspicions it had illegally used spyware technology to hack the phones of critics instead of criminals.

The legal action on Wednesday was triggered by the absence of clarity from the government since revelations emerged in late January that a migrant activist and Francesco Cancellato, an investigative journalist, were among at least seven people in Italy whose mobile phones had been targeted by an entity using Graphite, a military-grade spyware produced by the Israel-based Paragon, which is intended for use on criminals."

https://www.theguardian.com/world/2025/feb/19/journalists-launch-legal-action-against-italian-government-over-spyware-claims

#Italy #CyberSecurity #Spyware #Paragon #Meloni

"Edward Coristine, a 19-year-old engineer with Elon Musk’s so-called Department of Government Efficiency (DOGE) known as “Big Balls,” is now on staff at the Cybersecurity and Infrastructure Security Agency, WIRED has confirmed. He is joined by another member of the DOGE team, 38-year-old software engineer Kyle Schutt, who is now also on the CISA staff, according to a government source.

CISA referred WIRED to the Department of Homeland Security (DHS), of which it’s a component agency, when reached for comment. DHS did not immediately reply to a request for comment.

Coristine—briefly an intern for Musk’s brain-computer interface company Neuralink, as WIRED has reported—has been working his way through numerous federal agencies and departments as a DOGE operative since January. He has been tracked at the General Services Administration (GSA), the Office of Personnel Management, the State Department, and the Federal Emergency Management Agency. At State’s Bureau of Diplomatic Technology, he potentially had access to systems containing sensitive information about diplomats and many sources around the world who provide the US government with intelligence and expertise."

https://www.wired.com/story/doge-cisa-coristine-cybersecurity/

#USA #CyberSecurity #DOGE #CISA #DHS #Privacy #DataProtection

Happy Friday everyone!

The Cybersecurity and Infrastructure Security Agency and Federal Bureau of Investigation (FBI) have released a #cybersecurity advisory focusing on the #Ghost ransomware threat. They provide us with some updates to the TTPs and Behaviors on the groups activity and what we can hunt for!

Behaviors (MITRE ATT&CK):
Initial Access - TA0001
Exploit Public-Facing Application - T1190 - the group exploited many CVEs to gain their initial foothold. They exploited Fortinet FortiOS appliances (CVE-2018-13379), servers running Adobe ColdFusion (CVE2010-2861 and CVE-2009-3960), Microsoft SharePoint (CVE-2019-0604), and Microsoft Exchange (CVE2021-34473, CVE-2021-34523, and CVE-2021-31207.

Defense Evasion - TA0005
Impair Defenses: Disable or Modify Tools - T1562.001 - Ghost
frequently runs a command to disable Windows Defender on network connected devices.

There are plenty of other technical and behavior artifacts in the report, so go check it out yourself! Enjoy and Happy Hunting!

#StopRansomware: Ghost (Cring) Ransomware
https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-050a

Intel 471 Cyborg Security, Now Part of Intel 471 #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

As expected #Apple has nuked Advanced Data Protection (ADP) for UK users. What does this mean in practice? UK govt will be able to decrypt all UK user's #iCloud data at will.

Existing users' access will be disabled at a later date - this will likely mean that unless if you accept the new policy Apple will delete your existing iCloud data. Which I would recommend you do right now anyway - never trust someone else's computer with sensitive data.

https://www.bbc.com/news/articles/cgj54eq4vejo

#cybersecurity #privacy #enshittification

Black Basta, a notorious ransomware gang, has imploded, leaking its internal messages.

#ransomware #cybersecurity #cybercrime #datasecurity #dataprivacy

https://cnews.link/black-basta-ransomware-dissected-1/

New phishing tools let bad actors launch attacks with little to no technical skill, experts warn.

#phishing #cyberattack #cybersecurity #malware

https://cnews.link/dracula-diy-malware-simplifies-phishing-1/

This is it. I have to close up shop providing mentorship for #cybersecurity careers. My final available sessions are posted. I will not be able to provide the service in Australia due to visa and time. https://calendly.com/lesleycarhart/
My apologies, and love to all the students I’ve seen over ten years.

Cybercriminals from North Korea are disguising themselves as recruiters and targeting freelancer developers with infostealing malware.

#cybercrime #northkorea #cybersecurity #malware #freelance

https://cnews.link/north-korean-hackers-stealing-crypto-2/

A US Coast Guard data breach took personnel and payment systems offline, delaying paychecks for 1,100+ service members.

#US #databreach #cybersecurity #paycheck #offline

https://cnews.link/us-coast-guard-data-breach-personnel-offline-paycheck-delays-1/

Cyber pros argue that the new Elon Musk-led department might have breached federal cybersecurity laws.

#cybersecurity #DOGE #ElonMusk #cyberattack

https://cnews.link/three-days-later-doge-site-remains-defaced-3/

▪ @cybernews@infosec.exchange research ▪ The digital loan provider made everything from passports to utility bills available online.

#cybersecurity #DataPrivacy #DataSecurity #passport #infosec

https://cnews.link/vivifi-data-leak-3/

According to Italy’s national cybersecurity agency ACN, approximately twenty Italian websites have been targeted by pro-Russian hackers.

#CyberSecurity #cybercrime #Russia #Hacking #Italy #Website

https://cnews.link/italian-websites-targeted-by-russian-hackers-1/

#OpenSSH client is vulnerable to MitM attacks if VerifyHostKeyDNS is enabled - https://www.openwall.com/lists/oss-security/2025/02/18/1

#CVE_2025_26465 #coordinateddisclosure #infosec #cybersecurity

"Over many years, EFF has been pushing for users to switch to platforms that understand the value of encrypting data. We have also been pushing platforms to make end-to-end encryption for online communications and for your stored sensitive data the norm. This type of encryption helps ensure that a conversation is private between you and the recipient, and not accessible to the platform that runs it or any other third-parties. Thanks to the combined efforts of our organization and dozens of other concerned groups, tech users, and public officials, we now have a lot of options for applications and platforms that take our privacy more seriously than in previous generations. But, in light of recent political developments it’s time for a refresher course: which platforms and applications have encrypted DMs, and which have access to your sensitive personal communications.

The existence of what a platform calls “end-to-end encryption” is not foolproof. It may be poorly implemented, lack widespread adoption to attract the attention of security researchers, lack the funding to pay for security audits, or use a less well-established encryption protocol that doesn’t have much public scrutiny."

https://www.eff.org/deeplinks/2025/02/when-platforms-and-government-unite-remember-whats-private-and-what-isnt

#SocialMedia #SocialNetworks #CyberSecurity #Encryption #Privacy

Attackers exploit large language models (LLMs) in hijacking schemes, shifting cloud costs to victims.

#cybercrime #Cybersecurity #LLMs #AI

https://cnews.link/llm-hijacking-exploit-deepseek-3/

Hudson Rock claims infostealers infect hundreds of US military and defense contractor computers.

#US #cybersecurity #military #cybercrime #infosec

https://cnews.link/infostealers-detected-within-us-military-and-defense-companies-1/

Websites belonging to UAB Vičiūnų grupė, one of the largest food producers in Lithuania, contain a malicious loader capable of infecting user devices.

#CyberAttack #hackers #cybersecurity #cybercrime #Lithuania

https://cnews.link/hackers-infect-websites-of-viciunai-group-1/

Two critical vulnerabilities have affected OpenSSH, the popular remote connection tool, for ten years.

#cybersecurity #tool #cyberattack #cybercrime #OpenSSH

https://cnews.link/openssh-vulnerable-to-man-in-the-middle-attacks-1/

Catch Symposium & Summit 2025 Panel sessions about #AI, #OpenScience, #cybersecurity & more - now on YouTube. #SWH2025 https://www.youtube.com/@softwareheritage4978

BlackLock ransomware is quietly accelerating its activities, becoming a name to watch in the cyber threat landscape.

#CyberSecurity #ransomware #cybercrime #cyberattack

https://cnews.link/blacklock-ransom-gang-1/

A new information stealer for MacOS distributes malware depending on the browser and uses social engineering.

#MACOS #malware #cybersecurity #DataPrivacy #DataSecurity

https://cnews.link/macos-malware-frigidstealer-fake-updates-1/

A China-linked espionage actor may be moonlighting as a ransomware attacker, raising questions about their motives.

#ransomware #cyberattack #cybersecurity #Hacking #cybercrime

https://cnews.link/china-spy-espionage-ransomware-1/

Lee Enterprises expects that a recent cyberattack will most likely have a material impact on its operations.

#US #newspaper #cyberattack #cybersecurity

https://cnews.link/lee-enterprises-cyberattack-impact-1/