Category: Tech
Two founders behind Russian crypto mixer Tornado Cash charged by U.S. federal courts
The two founders behind Tornado Cash, a Russian cryptocurrency mixing service, have been charged by the U.S. Attorney’s Office for the Southern District of New York, according to a statement on Wednesday. Roman Storm and Roman Semenov were officially charged with conspiracy to commit money laundering, conspiracy to commit sanctions violations and conspiracy to operate an unlicensed money transmitting business, according to a newly unsealed indictment. Storm was arrested in Washington on Wednesday but Semenov still remains at large, the…
Scraped data of 2.6 million Duolingo users released on hacking forum
The scraped data of 2.6 million DuoLingo users was leaked on a hacking forum, allowing threat actors to conduct targeted phishing attacks using the exposed information. Duolingo is one of the largest language learning sites in the world, with over 74 million monthly users worldwide. In January 2023, someone was selling the scraped data of 2.6 million DuoLingo users on the now-shutdown Breached hacking forum for $1,500. This data includes a mixture of public login and real names, and non-public…
Canadian Media Orgs Said That Meta Linking To News Was Anticompetitive; Now They Say NOT Linking To News Is Anticompetitive
from the pick-a-lane,-guys dept This is just so painfully obnoxious. The legacy news media, spurred on by a welfare system that pretend free market supporter Rupert Murdoch dreamed up and convinced governments to implement, whereby the government would force internet companies, which had innovated and created new business models that worked, to suddenly be required to pay for sending traffic to legacy news media organizations which failed to innovate. It’s extreme corporate welfare, egged on by a guy who pretends…
Interpol takes down 16shop phishing-as-a-service platform
A joint operation between Interpol and cybersecurity firms has led to an arrest and shutdown of the notorious 16shop phishing-as-a-service (PhaaS) platform. Phishing-as-a-service platforms offer cybercriminals a one-stop-shop to conduct phishing attacks. These platforms typically include everything you need, including email distribution, ready-made phishing kits for well-known brands, hosting, data proxying, victim overview dashboards, and other tools that help increase the success of their operations. These platforms are a significant risk as they lower the bar of entry for inexperienced…
Canadian publishers want Meta investigated for blocking news, following the impending Canadian law that demands tech firms pay for news
Canadian news industry groups have asked the country’s antitrust regulator to investigate Meta Platforms’ decision to block news on its platforms in the country, accusing the Facebook parent of abusing its dominant position. Meta started blocking news on its Facebook and Instagram platforms for all users in Canada last week in response to a law requiring internet giants to pay for news articles. Canada’s Online News Act, part of a global trend to make tech firms pay for news, became…
Tennessee teen sues school for suspending him after he posted memes mocking principal
Students rights are limited on school grounds. But they don’t cease to exist. And what they do off-campus is subject to even fewer limitations. These are long-held facts backed by years of court precedent, the most famous of which is the Supreme Court’s 1969 Tinker decision. This is the baseline for school-student interactions when it comes to constitutional rights, as written by Justice Abe Fortas: It can hardly be argued that either students or teachers shed their constitutional rights to…
New Inception attack leaks sensitive data from all AMD Zen CPUs
Researchers have discovered a new and powerful transient execution attack called ‘Inception’ that can leak privileged secrets and data using unprivileged processes on all AMD Zen CPUs, including the latest models. Transient execution attacks exploit a feature present on all modern processors named speculative execution, which dramatically increases the performance of CPUs by guessing what will be executed next before a slower operation if completed. If the guess is correct, the CPU has increased performance by not waiting for an…
Europe confirms in-depth probe for Adobe’s $20B Figma acquisition
The European Commission (EC) has confirmed that it’s opening an in-depth investigation into Adobe’s proposed $20 billion bid for digital design software rival Figma. The Commission said that the acquisition “may reduce competition in the global markets for the supply of interactive product design software and for digital asset creation tools.” First announced last September, Adobe’s megabucks bid for one of its biggest competitors was always likely to attract scrutiny from regulators around the globe. The U.S. Department of Justice…
China’s draft measures demand ‘individual consent’ for facial recognition use
The pervasive use of facial recognition technology across all facets of life in China has elicited both praise for its convenience and backlash around privacy concerns. The widespread adoption has also fueled the exponential growth of valuations in companies specializing in the field, such as AI giants SenseTime and Megvii. Now the industry is facing some potentially significant changes as Beijing steps up efforts to establish more defined boundaries for the technology’s usage. The move is building upon the implementation…
Colorado Department of Higher Education warns of massive data breach
The Colorado Department of Higher Education (CDHE) discloses a massive data breach impacting students, past students, and teachers after suffering a ransomware attack in June. In a ‘Notice of Data Incident’ published on the CDHE website, the Department says they suffered a ransomware attack on June 19th, 2023. “On June 19, 2023, CDHE became aware it was the victim of a cybersecurity ransomware incident that impacted its network systems,” explains the data breach notification. “CDHE took steps to secure the…
FBI Investigation Into Mysterious NSO Spyware Purchase Reveals It Was The FBI Doing The Mysterious Purchasing
As information started to leak out from the… everywhere about NSO Group’s secondhand contribution to surveillance abuses all over the world, the world (except for the worst of NSO’s customers) began taking action. Even the government that facilitated many of NSO’s sales to human rights violators decided it might be time to toss a few restrictions on the Israel-based malware merchant founded by former Israeli intelligence officers. The same thing happened in the United States. NSO was joined by lesser…
U.S. Blacklists Israeli-owned Cyber Arms Firms: Intellexa and Cytrox
Intellexa (AKA Intellexa Anonymi Etaireia), an alliance of digital intelligence firms in Greece run by an ex-Israeli intel officer, and Cytrox AD (AKA Sytrox), which produces their Predator spyware, added to U.S. ‘entity list’ which already includes Israel’s NSO and Candiru. Late last year, Citizen Lab uncovered the hacking of an Egyptian dissident’s phone. The affected device was host to two forms of malware, one created by NSO Group and the other by Cytrox. According to the Citizen Lab investigation, these infections were…
Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws
Two Linux vulnerabilities introduced recently into the Ubuntu kernel create the potential for unprivileged local users to gain elevated privileges on a massive number of devices. Ubuntu is one of the most widely used Linux distributions, especially popular in the U.S., having an approximate user base of over 40 million. Two recent flaws tracked as CVE-2023-32629 and CVE-2023-2640 discovered by Wiz’s researchers S. Tzadik and S. Tamari were recently introduced into the operating system, impacting roughly 40% of Ubuntu’s userbase. CVE-2023-2640 is a…
NATO hacked by SiegedSec hackers
NATO has confirmed that its IT team is investigating claims about an alleged data-theft hack on the Communities of Interest (COI) Cooperation Portal by a hacking group known as SiegedSec. The COI Cooperation Portal (dnbl.ncia.nato.int) is the military alliance’s unclassified information-sharing and collaboration environment, dedicated to supporting NATO organizations and member nations. Yesterday, the hacking group ‘SiegedSec’ posted on Telegram what they claimed to be hundreds of documents stolen from the COI Cooperation Portal. SiegedSec post on Telegram Cybersecurity company CloudSEK analyzed…
Russian cybersecurity chief Ilya Sachkov jailed for 14 years for treason
Ilya Sachkov who helped found one of Russia’s most prominent cybersecurity firms was accused of passing information to foreign spies. A Russian court has jailed for 14 years a top cybersecurity executive for treason in a case which centred on allegations he had passed classified information to foreign spies. Following a closed-door trial, the AFP news agency quoted Judge Alexander Rybak as saying on Wednesday, “The court found Ilya Sachkov guilty under Article 275 of Russia’s Criminal Code and sentenced…
U.S. prosecutors accuse FTX founder Sam Bankman-Fried of witness tampering
U.S. prosecutors have accused FTX founder Sam Bankman-Fried of witness tampering and asked a federal judge to issue an order that would bar the former billionaire and other parties from making public statements likely to interfere with a fair trial. The prosecutors wrote to U.S. District Judge Lewis Kaplan on Thursday referencing a New York Times article titled “Inside the Private Writings of Caroline Ellison, Star Witness in the FTX Case.” The article reported excerpts from Ellison’s personal Google documents…