Category: Cyber-Crime

The U.S. government has been hit in a global hacking campaign that exploited a vulnerability in widely used software, the nation’s cyber watchdog agency said on Thursday. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said several federal bodies had experienced intrusions following the discovery of a weakness in the file transfer software MOVEit, Eric Goldstein, the agency’s executive assistant director for cybersecurity, said in a statement. “We are working urgently to understand impacts and ensure timely remediation,” he said….

Reddit CEO Steve Huffman, desperate to show Wall St. that his company can make money, decided to lock away the information on Reddit behind a paywall by turning Reddit’s free API to paid, creating quite a mess. In response, thousands of subreddits went dark on Monday, with a plan for most (though not all) to come back today. But, on Tuesday, Huffman’s internal email to Reddit staff leaked to the Verge, in which Huffman continued with the same dismissive attitude…

  The European Commission has signalled it could be preparing to break up Google’s adtech business. Speaking during a press conference this afternoon, EU EVP Margrethe Vestager, the bloc’s competition chief and head of digital strategy, announced it has sent a formal statement of objections to Google for suspected anti-competitive conduct in its adtech business. If the Commission confirms its suspicions she said it is looking at breaking up Google’s adtech as the only viable solution to resolve what she…

The top US securities regulator sued cryptocurrency platform Coinbase on Tuesday, the second lawsuit in two days against a major crypto exchange, in a dramatic escalation of a crackdown on the industry and one that could dramatically transform a market that has largely operated outside regulation. The US Securities and Exchange Commission (SEC) on Monday took aim at Binance, the world’s largest cryptocurrency exchange. The SEC accuses Binance and its CEO Changpeng Zhao of operating a “web of deception”. If…

Meta has been dragged kicking and screaming into another notable privacy concession in Europe: The German Federal Cartel Office (FCO) has announced a new account center incoming which will see the tech giant provide users of its social networking services with a greater degree of choice over whether they allow it to combine data on their activity across its services or not. It will be the first time Meta has provided such a degree of choice over its cross-site tracking…

A Florida man has pleaded guilty to importing and selling counterfeit Cisco networking equipment to various organizations, including education, government agencies, healthcare, and the military. The 39-year-old resident of Florida, Onur Aksoy, conducted the scheme through 19 companies formed in New Jersey and Florida and in several online storefronts, collectively known as ‘Pro Network Entities,’  Aksoy had a criminal complaint filed against him approximately a year ago, with the Department of Justice accusing him of running the counterfeit scheme between 2014…

We’ve written a lot about AB 2273, California’s Age Appropriate Design Code (AADC) that requires websites with users in California to try to determine the ages of all their visitors, write up dozens of reports on potential harms, and then seek to mitigate those harms. I’ve written about why it’s literally impossible to comply with the law. We’ve had posts on how it conflicts with privacy laws and how it’s a radical experimentation on children (ironically, the drafters of the…

CISA warned of a recently patched zero-day vulnerability exploited last week to hack into Barracuda Email Security Gateway (ESG) appliances. Barracuda says its security solutions are used by more than 200,000 organizations worldwide, including high-profile companies like Samsung, Mitsubishi, Kraft Heinz, and Delta Airlines. The U.S. cybersecurity agency also added the bug (CVE-2023-2868) to its catalog of security flaws exploited in the wild based on this evidence of active exploitation. Federal Civilian Executive Branch Agencies (FCEB) agencies must patch or…

U.S. authorities have seized 13 more domains linked to some of the world’s most popular DDoS-for-hire websites. These websites, also described as “booter” or “stressor” services, are marketed as legitimate security testing tools that allow admins to stress-test websites. In reality, the services are used for launching denial-of-service (DDoS) attacks designed to overwhelm websites and networks and force them offline. The DOJ announced on Monday that the FBI had seized 13 more domains linked to some of the most prolific…

Microsoft says a Chinese cyberespionage group it tracks as Volt Typhoon has been targeting critical infrastructure organizations across the United States, including Guam, since at least mid-2021. Their victims span a wide range of critical sectors, including government, maritime, communications, manufacturing, information technology, utilities, transportation, construction, and education. “Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises,” the…

Last year’s techwide reckoning continues. In 2023, layoffs have yet again cost tens of thousands of tech workers their jobs; this time, the workforce reductions have been driven by the biggest names in tech like Google, Amazon, Microsoft, Yahoo, Meta and Zoom. Startups, too, have announced cuts across all sectors, from crypto to enterprise SaaS.  The reasoning behind these workforce reductions follows a common script, citing the macroeconomic environment and a need to find discipline on a tumultuous path to…

(Bloomberg) — US lawmakers are urging Washington to strike back against China for its decision to bar Micron Technology Inc.’s memory chips, threatening to further inflame tensions between the two countries. Representative Mike Gallagher, a Wisconsin Republican who leads a China-focused congressional committee, wants Changxin Memory Technologies Inc. placed on a blacklist that effectively bars dealings with American firms. That’s in response to Beijing this week blocking Micron from supplying Chinese critical infrastructure on national security grounds, an unusual move…

Google’s Sundar Pichai has agreed to work with lawmakers in Europe on what’s being referred to as an “AI Pact” — seemingly a stop-gap set of voluntary rules or standards while formal regulations for applying AI are still being worked on. Pichai was meeting with Thierry Breton, the European Union’s internal market commissioner, who put out a statement after today’s confab — saying: “There is no time to lose in the AI race to build a safe online environment.” A…

Under the multi-year agreement, the two US companies will develop components for 5G devices that will be designed and manufactured in America. Apple says the deal is part of a plan it announced in 2021 to invest $430bn (£346bn) in the US economy. The move comes as a trade row centred on the technology industry intensifies between Washington and Beijing. The long-running dispute has seen the US impose a series of measures against China’s chip making industry and invest billions…

Most of us wouldn’t argue that private companies can’t run their businesses the way they prefer. The gold standard has been the right to refuse service to anyone — something that covers everything from refusing paper checks from certain customers to booting people off social media services for refusing to stop behaving like inveterate assholes. When private companies do things, they rarely mess with constitutional protections. There are guardrails in place to prevent discrimination against minorities and other historically oppressed…

Adam Kovacevich is the CEO and founder of a center-left tech industry coalition called Chamber of Progress and has worked at the intersection of tech and politics for 20 years, leading public policy at Google and Lime and serving as a Democratic Hill aide. When the Biden administration proposed new protections earlier this month to prevent law enforcement from demanding reproductive healthcare data from companies, they took a critical first step in protecting our personal data. But there remains a…