Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
US He issued a forfeiture warrant to Starlink This week it’s about satellite internet infrastructure used in a scam complex in Myanmar. The action is part of a larger interagency U.S. law enforcement initiative announced this week called the District of Columbia Fraud Center Strike Force.
Meanwhile, Google moved this week to sue 25 people Which claims to be behind an “astonishing” and “relentless” text scam that uses a notorious phishing platform called Lighthouse.
WIRED reported this week that the U.S. Department of Homeland Security collected data on Chicago residents accused of gang ties to test whether police files could feed an FBI watch list — and then, crucially, He kept records for months in violation of local spying rules.
And there’s more. Every week we round up security and privacy news that we haven’t covered in depth ourselves. Click on the titles to read the full stories. And stay safe out there.
China’s vast intelligence apparatus has never been so efficient Edward Snowden moment. So any peak in surveillance and hacking capabilities represents a rare find. One such glimpse has now arrived in the form of some 12,000 leaked documents from Chinese hacking contractor KnownSec, which were first revealed on a Chinese-language blog. mxrn.net Then it was picked up by Western media this week. The leak includes hacking tools such as remote access Trojans, as well as data mining and analysis software. Perhaps most interesting is the target list of more than 80 organizations that the hackers claim to have stolen information from. The stolen data listed, according to Mrxn, includes 95GB of Indian immigration data, three terabytes of call logs from South Korean telecom carrier LG U Plus, and 459GB of route planning data obtained from Taiwan, as an example. If there were any doubts about who KnownSec carried out this hack, the leak also reportedly includes details of its contracts with the Chinese government.
The cybersecurity community has been warning for years that state-sponsored hackers will soon begin using artificial intelligence tools to enhance their intrusion campaigns. The first known AI-run hacking campaign has now emerged, according to Anthropic, which says it has discovered a group of Chinese-backed hackers extensively using its Claude tool at every step of the hacking. According to Anthropic, hackers used Cloud to write malware and extract and analyze the stolen data using “minimal human interaction.” Although the hackers bypassed Cloud’s guardrails by promoting malicious use of his tools in terms of defensive hacking and whitewashing, Anthropic says it detected and stopped them. But by then, the espionage campaign had successfully infiltrated four organizations.
However, he points out that fully AI-based hacking is still not necessarily ready for prime time Ars Technica. The hackers had a relatively low penetration rate, given that they targeted 30 organizations, according to Anthropic. The AI startup also notes that the tools led to hallucinations of some stolen data that did not exist. For now, state-sponsored spies still enjoy some job security.
North Koreans raise money for Kim Jong Un’s regime by taking jobs as remote IT workers with fake identities do not work alone. Four Americans pleaded guilty this week to allowing North Koreans to pay to use their identities, as well as receiving and setting up company laptops that North Korean workers could control remotely. Another man, Ukrainian national Oleksandr Didenko, pleaded guilty to stealing the identities of 40 Americans to sell to North Koreans for use in creating profiles of IT workers.
A report by 404 Media explains that the Customs and Border Protection app that uses facial recognition to identify immigrants is hosted by Google. The application may be used by local law enforcement to determine if a person is a potential subject of interest to Immigration and Customs Enforcement. While the CBP app is running, Google has It was recently taken down Some apps in the Google Play Store are used for community discussion about ICE activity and ICE agent visibility. Google has justified these app removals as necessary under its terms of service, because the company says ICE customers are a “vulnerable group.”