The Record by Recorded Future News (2024)

02/08/2024

Justice Department sues TikTok for alleged violations of children’s privacy. Key takeaways:

1. The DOJ and FTC's lawsuit against TikTok alleges blatant violations of children's data privacy laws, a significant issue given the app's popularity among U.S. teenagers. It underscores the growing concern over tech companies' data collection practices, especially regarding minors.

2. If the allegations are proven, TikTok's actions counter the COPPA law, which aims to protect children under 12 from unauthorized data collection. The case points to the urgent need for tech companies to implement effective mechanisms for user age verification and parental consent.

3. This lawsuit, coupled with previous regulatory actions and legislation attempting to ban TikTok, indicates increasing scrutiny and pressure on foreign-owned social media platforms, highlighting potential national security threats their data practices might pose.

To learn more visit The Record from Recorded Future News:

The lawsuit brought by the DOJ and Federal Trade Commission alleges TikTok has broken the Children’s Online Privacy Protection Act (COPPA) law in a range of significant ways.

02/08/2024

Cryptonator founder indicted after platform found handling $235 million in illicit funds. Key takeaways:

1. The indictment of Roman Pikulev, the founder of Cryptonator, underlines the U.S. government's ongoing crackdown on illicit cryptocurrency activities. Cryptonator's operation, which processed over $235 million in illegal funds, highlights the scale of criminal enterprises using digital currencies for money laundering and fraud.

2. Pikulev's case underscores the importance of robust anti-money laundering (AML) mechanisms in cryptocurrency platforms. Cryptonator's lack of AML processes and registration with the Financial Crimes Enforcement Network facilitated widespread cybercrime, including hacking, ransomware, and identity theft.

3. The use of blockchain research tools by investigators to track payments made through Cryptonator signifies the increasing sophistication of forensic tools in tracing illicit crypto transactions. This investigation reveals that blockchain technology, while enabling anonymity, still leaves traceable digital footprints.

To learn more visit The Record from Recorded Future News:

Russian national Roman Pikulev is accused of allowing the cryptocurrency exchange Cryptonator to handle proceeds from cybercrimes while flouting U.S. anti-money laundering laws.

02/08/2024

China-based Evasive Panda hackers compromised an ISP to spread malware, report says. Key takeaways:

1. The recent ISP compromise by Chinese cyber-espionage group "Evasive Panda" underscores the sophisticated nature of cyber threats and their evolving tactics, such as the "adversary in the middle" attacks which allow attackers to intercept and manipulate data between a device and a server.

2. The operation further highlights the vulnerabilities in commonly used systems, specifically Mac and Windows. Exploiting insecure update mechanisms, the threat actors were able to replace software updates with malware, demonstrating the utmost importance of secure network practices and mechanisms.

3. The attacks' focus on information-stealing malware such as MgBot and Macma reveals the persistent threat to user data and privacy, emphasizing the need for robust cyber-defenses and threat detection capacities, especially for ISPs that serve as gateways to the internet.

To learn more visit The Record from Recorded Future News:

Analysts said the China-linked hacking operation — known as Evasive Panda, Bronze Highland, Daggerfly and StormBamboo — was undertaking “adversary in the middle” attacks in 2023 as it infected Mac and Windows systems.

02/08/2024

Five Chinese nationals arrested by feds for 'massive' elder fraud scheme. Key takeaways:

1. The case underscores the vulnerability of the elderly to cybercrime, with a massive fraud scheme reportedly bilking them of $27 million through email, phone, and pop-up ad scams. The victims were targeted by a multinational ring reportedly based in China and India — an indication of how tech-enabled crime knows no borders.

2. The operation is a glaring example of money laundering, with the defendants allegedly receiving money through both wire transfers and packages filled with cash. Text messages suggest they were laundering over a million dollars per week for Indian scam syndicates.

3. The US authorities' active response is notable, making significant seizures connected to elder cyber fraud. It demonstrates the need and ongoing efforts for law enforcement to stay ahead of complex, global cybercrime networks, particularly those targeting vulnerable demographics.

To learn more visit The Record from Recorded Future News:

The Department of Justice said five arrested suspects were part of a multinational ring that bilked elderly Americans out of more than $27 million, in part by prompting them to contact scam call centers in India.

02/08/2024

Judge says maker of Pegasus spyware does not need to provide sought-after Israeli witnesses in WhatsApp case. Key takeaways:

1. The court ruling may limit WhatsApp's ability to fully understand the extent of NSO Group's alleged hacking activities. The judge rejected WhatsApp's request to depose additional NSO Group witnesses, potentially limiting the evidence WhatsApp can gather about NSO Group's practices and the deployment of its Pegasus spyware.

2. This decision comes amidst allegations that the Israeli government sought to influence the ongoing lawsuit, including reportedly seizing NSO Group documents, which may further complicate the case.

3. The ruling also underlines the significance of independent digital forensic researchers like The Citizen Lab, who have helped identify victims of alleged Pegasus infections. The judge denied NSO Group's attempts to depose a Citizen Lab researcher and access communications between WhatsApp and Citizen Lab, reinforcing the importance of their independent investigatory role.

To learn more visit The Record from Recorded Future News:

The federal judge presiding over a long-running court battle between the Israel-based spyware manufacturer NSO Group and the Meta-owned WhatsApp messaging platform on Thursday denied a WhatsApp appeal to allow it to depose additional witnesses in Israel and subject them to turn over documents in dis...

02/08/2024

Hackers directly email customers of immigration firm after damaging cyberattack. Key takeaways:

1. The cyberattack on Sable International, an immigration and legal services firm, highlights how businesses handling sensitive client data are becoming prime targets for hackers, exposing international businesses and individuals to potential risks.
2. Hackers are now using increasingly sophisticated tactics such as communicating directly with the affected customers, likely to exert pressure on the victimized company to pay a ransom, raising the stakes in cybersecurity breaches.
3. Despite regulatory efforts, cybercriminals continue to operate with relative impunity, as demonstrated by the BianLian ransomware gang, known for previous high-profile attacks, claiming responsibility for this breach, suggesting a need for enhanced cross-border cybersecurity cooperation.

To learn more visit The Record from Recorded Future News:

A prominent U.K.-based company offering immigration services and legal resources for those with international businesses warned officials in multiple countries that a recent cyberattack may have exposed sensitive customer information.

02/08/2024

White House officials meet with allies, industry on connected car risks. Key takeaways:

1. The cybersecurity of connected cars is a global concern. Officials from across the world and industry leaders discussed the potential national security risks inherent in these vehicles, emphasising their role as a critical infrastructure node. A consensus was reached on the need for improved cybersecurity standards and possible policy measures for risk mitigation.

2. The U.S. has heightened concern over foreign-made connected cars, especially those from China, due to potential data collection and remote access vulnerabilities. This follows a White House directive and a Commerce Department proposal to regulate such vehicles.

3. U.S. lawmakers are scrutinizing the data privacy practices of connected car manufacturers. They claim automakers are selling owners' private data and using deceptive tactics to gain consent for data sharing, prompting calls for regulatory intervention.

To learn more visit The Record from Recorded Future News:

Leaders from the White House and State Department met with representatives from several major allied countries, the European Union and industry leaders Wednesday for what has been billed as the “first multinational meeting” to address the national security risks posed by connected cars.

01/08/2024

Senate confirms first DOD cyber policy chief. Key takeaways:

1. Michael Sulmeyer's confirmation as the Pentagon's first cyber policy chief underscores the increasing significance of cybersecurity in defense strategy, following years of concerns that the DOD lacked a senior civilian leader to oversee its digital operations.
2. Sulmeyer, with a strong background in both government and academia, is well-positioned to tackle the "cyber threats and challenges" the U.S. is expected to face, as noted by Sen. Mike Rounds.
3. As policy chief, Sulmeyer's primary goal is to enhance "combat power" and "sustained readiness" within the country's digital forces, a key step in addressing readiness shortfalls that have plagued Cyber Command and bolstering defense against cyberattacks from foreign adversaries.

To learn more visit The Record from Recorded Future News:

The U.S. Senate on Thursday confirmed Michael Sulmeyer as the Defense Department’s first cyber policy chief.

01/08/2024

NFL to roll out facial authentication software league-wide. Key takeaways:

1. The NFL's adoption of facial recognition technology could revolutionize event security by quickly verifying the identities of staff, media, and guests, thereby ensuring secure and efficient access to restricted areas. This aligns with efforts made by other sports leagues globally to enhance security and accountability.

2. However, the use of this technology raises significant concerns among privacy advocates. The ability of technology to track individuals and the inaccuracies associated with identifying people of color, women and non-binary individuals fuel these worries.

3. If proven successful, this widespread application of facial recognition could influence other large venues and organizations to embrace similar technology, making it a standard for entry. However, the extent of its success hinges on its accuracy and its ability to address privacy concerns.

To learn more visit The Record from Recorded Future News:

The National Football League is the latest organization to turn to facial authentication to bolster event security, according to an announcement this week.

01/08/2024

Columbus investigating potential data leak after ransomware attack. Key takeaways:

1. The city of Columbus, Ohio, is dealing with an extensive ransomware attack by the Rhysida group - an ongoing threat that underscores the escalating risks posed by cyber criminals. Cities are attractive targets due to their vast amounts of sensitive information and often outdated security systems.

2. Despite attempts to downplay the situation, the city's inability to completely thwart the attack and the potential sale of stolen data illustrates that even partial security measures can still lead to significant data breaches. This raises concerns about the effectiveness of current cybersecurity measures.

3. The involvement of the FBI and Homeland Security reflects the increasing seriousness of these ransomware attacks, and the necessity of federal intervention. The continued attacks by Rhysida on vulnerable targets like hospitals, governments, and schools highlights the urgent need for improved cyber defenses.

To learn more visit The Record from Recorded Future News:

The government of Columbus, Ohio said it is aware of claims made by a ransomware gang that troves of sensitive city information are available for sale.

01/08/2024

Columbus investigating potential data leak after ransomware attack. Key takeaways:

1. The Rhysida ransomware group's threat to leak 6.5 terabytes of exfiltrated data from Columbus, Ohio’s systems underscores the vulnerability of city systems nationwide, potentially impacting emergency services and exposing sensitive information.
2. While the city has managed to restore key services, the ongoing investigation and uncertainty about the extent of the data breach highlight not only the sophistication of the threat actors but also the complexity of cybersecurity investigations.
3. Rhysida's demand for a $1.9 million ransom in Bitcoin within a week indicates a continued trend in ransomware attacks: targeting public institutions and demanding cryptocurrency, which complicates tracking illicit activities.

To learn more visit The Record from Recorded Future News:

The government of Columbus, Ohio said it is aware of claims made by a ransomware gang that troves of sensitive city information are available for sale.

01/08/2024

Ford wants patent for tech allowing cars to surveil and report speeding drivers. Key takeaways:

The news story was not provided, but here is an example of how Axios' "Smart Brevity" writing style:

1. The missing context limits our ability to fully understand the situation.
2. The absence of news story details hinders actionable insights.
3. The lack of information prevents us from evaluating potential impacts.

To learn more visit The Record from Recorded Future News:

A patent application filed in July by Ford describes how photographs of speeding cars would be packaged in a report for police that includes the time, location and speed of the offending vehicle.

01/08/2024

Taiwan government-backed research organization targeted by APT41 hackers. Key takeaways:

1. This breach by APT41, a notorious Chinese hacking group, threatens Taiwan's global leadership in sensitive technologies like semiconductors, given the nature of research conducted by the targeted institute.

2. The attack underscores APT41's consistent approach of exploiting governmental organizations for intelligence and enterprises for financial gain, raising global security concerns.

3. The use of specific malware and tactics, such as ShadowPad and backdoors, highlights the advanced methods employed by the hackers, demonstrating the growing sophistication and difficulty in combating such cyber threats.

To learn more visit The Record from Recorded Future News:

Researchers at Cisco Talos say China-based hackers exfiltrated large amounts of data from an organization that “specializes in computing and associated technologies.”

01/08/2024

China dismisses Germany’s accusations over cyberattack as ‘targeted defamation’. Key takeaways:

1. The alleged 2021 Chinese cyberattack on Germany's Federal Agency for Cartography and Geodesy, seen as an act of espionage, underscores the growing concerns over China's potential cybersecurity threats to Western countries.
2. If true, the accusations could strain Sino-German relations, particularly given the unusual move of Germany summoning the Chinese ambassador, indicating a more confrontational stance by Berlin over cybersecurity matters.
3. China's repeated denials and accusations of "targeted defamation" highlight the geopolitical complexities involved in countering international cyber threats, with Beijing claiming such accusations undermine collective global cybersecurity efforts.

To learn more visit The Record from Recorded Future News:

Chinese officials on Thursday responded to accusations from Germany that it was behind an attack on the country’s state cartography agency, calling them “unfounded.”

01/08/2024

Suspects in 'Russian Coms' spoofing service arrested in London, as NCA announces takedown. Key takeaways:

1. The arrest of the suspected developers of the "Russian Coms" caller ID spoofing service underscores the international threat of cyber fraud. With victims in 107 countries, this type of crime transcends geographical boundaries.
2. The sophisticated tactics used by these fraudsters, including caller ID spoofing and VPNs to mask IP addresses, demonstrate the evolving nature of cybercrime. This necessitates advanced cybersecurity measures and international cooperation to combat these threats.
3. The case offers a stark reminder of the significant financial damage that cyber scams can inflict. With an estimated tens of millions of pounds lost and 170,000 victims in the UK alone, this is a major concern for individuals and financial institutions alike.

To learn more visit The Record from Recorded Future News:

UK officials say they made arrests and seized technology associated with Russian Coms, a caller ID spoofing service used for scams in more than 100 countries.

01/08/2024

US reportedly preparing to release Russian hackers as part of prisoner swap. Key takeaways:

1. This historic prisoner exchange, reportedly involving Russia, the U.S., Germany, Slovenia, and Belarus, signals a potential shift in how countries handle international cybercriminals, potentially setting a precedent for future cases.

2. The individuals Russia reportedly seeks to repatriate were convicted of severe cybercrimes, including money laundering, stock market fraud, and malware development targeting U.S. infrastructure. Their release could revive concerns about cyber threats and the enforcement of cybercrime punishment.

3. Despite the significant impact of these crimes on U.S. citizens and businesses, neither the U.S. nor other countries involved have officially confirmed the swap. The lack of transparency might raise questions about national security and the government's commitment to protecting against cyber threats.

To learn more visit The Record from Recorded Future News:

Russia is reportedly seeking the return of several alleged hackers, spies and assassins as part of a historic prisoner exchange with several Western countries.

31/07/2024

Pharma giant Cencora says personal health data leaked during February cyber incident. Key takeaways:

1. Cencora, a pharmaceutical giant, confirmed personal health data was stolen during a February cyberattack. The incident's scale and its potential victims are unknown, highlighting the threat posed by cyberattacks to sensitive data.

2. Although operations and fiscal outlook weren't impacted, the company is yet to determine the cyberattack's full extent, indicating a growing complexity in assessing cyberattack consequences.

3. Cencora, one of the few Fortune 50 companies reporting a cyber incident this year, hasn't had any ransomware claims unlike other companies. With the recent $75M payout to a ransomware group, this raises concerns over whether ransom demands are becoming normalized in data breaches.

To learn more visit The Record from Recorded Future News:

Cencora told regulators that an investigation into an incident earlier this year revealed a patient support services subsidiary was attacked, causing the exposure of personal information and protected health information.

31/07/2024

CISA, FBI warn of potential DDoS attacks on 2024 elections. Key takeaways:

1. Both the FBI and CISA have warned about potential DDoS attacks on the 2024 election infrastructure, which could affect voters’ access to websites for information, registration, and unofficial results. Such attacks, while causing minor disruptions, do not compromise the integrity of the election.

2. While the agencies insist DDoS attacks cannot prevent eligible voters from casting their ballots or disrupt vote tabulation, they can be used by cybercriminals and foreign adversaries to instigate doubt about election systems and processes.

3. The sophistication and scale of modern DDoS attacks are increasing, with hackers using large botnets of compromised IoT devices to target multiple infrastructure simultaneously, signaling a growing cybersecurity threat to critical infrastructure.

To learn more visit The Record from Recorded Future News:

The public can expect distributed denial-of-service (DDoS) attacks to be aimed at government websites, but the incidents "will NOT affect the security or integrity of the actual election," a CISA official writes in new guidance.

31/07/2024

Russia legalizes cryptocurrency mining as global sanctions rattle traditional finances. Key takeaways:

1. Russia's new laws legitimizing cryptocurrency mining and enabling its central bank to experiment with crypto for international payments signal a strategic shift as the country grapples with global sanctions. This suggests Russia sees crypto as a potential tool for evading these financial restrictions.

2. The new rules allow for regulated crypto mining but establish strict reporting requirements. Individuals can mine within certain energy limits without registration, but businesses must report their activities, including wallet addresses, to financial monitoring and security services.

3. Despite progress, significant restrictions remain in place hindering the growth of Russia's crypto industry. The existing ban on cryptocurrency payments domestically and advertising related to crypto services continues, reflecting the country's cautious approach to a volatile and unregulated market.

To learn more visit The Record from Recorded Future News:

Russia’s government passed two laws on Tuesday that legalize virtual currency mining and pave the way for its central bank to use crypto for international payments.

31/07/2024

Greek prosecutor says government played no role in civil society spyware infections. Key takeaways:

1. Greek investigation into a massive spyware scandal named the 'Predator' that infected devices of public figures found no state entities were involved, raising questions about its origins and the perpetrators.
2. The country's National Intelligence Service's use of spyware was deemed legal by the Supreme Court, leading to opposition politicians labeling the findings as a coverup and an assault on the credibility of the Greek judicial system.
3. The European Parliament underscored the need for Greece to fortify its legal safeguards to prevent future spyware abuses, highlighting the broader implications of such cybercrimes on democracy and human rights, especially when used against journalists and politicians.

To learn more visit The Record from Recorded Future News:

Supreme Court Prosecutor Georgia Adeilini said an investigation found that none of the country’s state services — including its National Intelligence Service (EYP) — were involved in acquiring or deploying Predator spyware.

31/07/2024

Ransomware attack on major US blood center prompts hundreds of hospitals to implement shortage protocols. Key takeaways:

1. The ransomware attack on OneBlood, one of the U.S.'s largest blood centers, underscores the critical threat cyberattacks pose to the healthcare sector. Its operations, providing essential services to hundreds of hospitals, are significantly impacted, highlighting the potential risk to patient care and public health.

2. The incident further underlines the growing trend of cybercriminals targeting healthcare infrastructure. Coming on the heels of recent attacks on healthcare providers in the UK and South Africa, it illustrates the global and indiscriminate nature of these threats.

3. OneBlood's swift response, activating manual processes and state-level critical blood shortage protocols, demonstrates the need for robust contingency planning. However, it also emphasizes how manual processes can slow operations and impact inventory, reinforcing the urgency for strong cybersecurity measures in healthcare.

To learn more visit The Record from Recorded Future News:

One of the largest blood centers in the U.S. is operating at reduced capacity after ransomware hackers shut down parts of its system.

31/07/2024

Germany summons Chinese ambassador over cyberattack on cartography agency. Key takeaways:

1. The accusation against Chinese actors for a cyberattack on Germany's state cartography agency demonstrates growing global tensions over cybersecurity. This is the first time since the Tiananmen Square crackdown that Germany has summoned China's ambassador, indicating the severity of the situation.

2. The attack underscores the increasing risk to critical infrastructure from state-backed cyber threats. The German Federal Agency for Cartography and Geodesy provides crucial geodata, highlighting how these attacks can jeopardize both government and private sector operations.

3. Germany's strong condemnation and calls for China to cease such actions reflect a mounting concern over digital sovereignty. This is a critical issue for Germany and Europe as Chinese state actors are suspected of targeting domestic companies, authorities, and political institutions for espionage.

To learn more visit The Record from Recorded Future News:

German authorities on Wednesday said that a Beijing-backed threat actor was behind a cyberattack three years ago on the country’s state cartography agency, and summoned the Chinese ambassador to Berlin for further discussions.

30/07/2024

Senate passes landmark bill protecting children’s online safety and privacy. Key takeaways:

1. The U.S. Senate's passage of the Kids Online Safety and Privacy Act (KOPSA) significantly tightens online privacy and safety protections for minors. It bans targeted advertising to those under 17, requires consent for data collection, and seeks to limit exposure to harmful content.

2. The Act combines two bills: The Children and Teens’ Online Privacy Protection Act (COPPA 2.0), which updates 20-year-old legislation and includes strong privacy provisions, and the Kids’ Online Safety Act (KOSA), which outlines a "duty of care" for websites to protect children from harmful content.

3. Despite the Senate's approval, KOPSA's passage in the House is uncertain due to limited time left in the Congressional term and concerns from key members. The bill has also sparked debate among civil liberties and child safety advocates, particularly over KOSA's potential implications for First Amendment rights.

To learn more visit The Record from Recorded Future News:

The legislation broadens online privacy and safety protections for children under age 17 by banning companies from targeting advertising to them, requiring consent for the collection of their data and limiting teens’ exposure to harmful online content.

30/07/2024

Security flaws at UK elections agency left door open for Chinese hackers, watchdog finds. Key takeaways:

1. The UK's Electoral Commission's failure to implement basic security measures resulted in a significant data breach, affecting 40 million people, indicating the importance of cybersecurity for organizations holding sensitive information.
2. Despite early warning signs and patches for known vulnerabilities, the absence of a robust security system and proper password policies allowed a state-backed Chinese hacker group to access private data, underlining the need for timely system updates.
3. Post-breach, the commission took steps to bolster its security, signaling a shift towards better preventive measures. However, this incident underscores the grave consequences of neglecting cybersecurity, with potential outcomes including enforcement actions and fines.

To learn more visit The Record from Recorded Future News:

According to the Information Commissioner’s Office (ICO), the Electoral Commission failed to ensure its systems were kept up to date with the latest security updates and did not have sufficient password policies.

30/07/2024

Critical ServiceNow vulnerabilities being targeted by hackers, cyber agency warns. Key takeaways:

1. The exploitation of two serious vulnerabilities in ServiceNow's popular cloud-based tools allows cybercriminals to gain full access to an organization's database and steal sensitive data. This puts anywhere from 13,000 to 42,000 ServiceNow systems at risk, especially in the U.S., the U.K., India, and the European Union.

2. Despite ServiceNow releasing patches for the bugs in May and June, hackers have quickly adapted, targeting the vulnerabilities immediately after the AssetNote report was made public. The Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to apply patches by August 19.

3. The vulnerabilities are being used by hackers to scan the internet for susceptible ServiceNow instances, with initial access brokers selling system access on the dark web. Industries such as financial services are particularly targeted, emphasizing the level of potential damage the exploitation could cause.

To learn more visit The Record from Recorded Future News:

The Cybersecurity and Infrastructure Security Agency (CISA) said hackers are trying to exploit the bugs, giving federal civilian agencies until August 19 to patch them.

The Record by Recorded Future News

02/08/2024

02/08/2024

02/08/2024

02/08/2024

02/08/2024

02/08/2024

02/08/2024

01/08/2024

01/08/2024

01/08/2024

01/08/2024

01/08/2024

01/08/2024

01/08/2024

01/08/2024

01/08/2024

31/07/2024

31/07/2024

31/07/2024

31/07/2024

31/07/2024

31/07/2024

30/07/2024

30/07/2024

30/07/2024

Address

Website

Alerts

Shortcuts

Share