|
|
|
|
|
|
|
|
|
|
Cyber Daily: Microsoft Says Russia Has Increased Cyberattacks on Ukraine-Supporting Nations
|
|
|
|
|
|
|
|
Good day. Russia has increased the tempo of its cyberattacks against nations that support Ukraine, particularly the U.S., according to Microsoft Corp., my colleague Dustin Volz reports.
About 12% of global attacks that the software company attributed to Russia were targeted at the U.S., while around 63% were targeted at North Atlantic Treaty Organization members. Moscow has routinely denied planning or launching cyberattacks.
Also today: Authorities raid a phishing gang in the Netherlands; a data breach at Flagstar Bank; and a security researcher hacks hot tubs.
|
|
|
|
|
CONTENT FROM OUR SPONSOR: Netscout
|
|
What to Expect When You’re Protected.
Attackers are getting smarter and more daring. Learn what IT professionals from more than a dozen industries had to say about smart hybrid DDoS protection and edge defense.
Read More
|
|
|
|
|
|
|
|
|
|
|
|
|
Microsoft says much of the malicious cyber activity linked to the Kremlin targeted NATO countries.
PHOTO: ANDREY RUDAKOV/BLOOMBERG NEWS
|
|
|
|
|
|
Russian intelligence agencies have increased the pace of cyberattacks against nations that have provided aid to Ukraine, according to new research published Wednesday by Microsoft Corp., which said it had observed Moscow-backed hacking attempts in over 40 countries.
Much of the malicious cyber activity linked to the Kremlin took aim at governments that are part of the North Atlantic Treaty Organization for espionage, and targets also included nongovernmental organizations, think tanks and humanitarian groups providing support to Ukrainian refugees, as well as information-technology and energy companies, Microsoft said.
The U.S. had the most of any country outside Ukraine, accounting for 12% of the global total since the war in Ukraine began, the tech company said.
“As a coalition of countries has come together to defend Ukraine, Russian intelligence agencies have stepped up their network penetration and espionage activities targeting governments outside Ukraine,” the report said. “This increase appears to be most focused on obtaining information from inside the governments that are playing critical roles in the West’s response to the war.”
Read the full story.
|
|
|
|
|
|
|
|
Europol worked on a phishing case with Dutch and Belgian authorities. PHOTO: YURIKO NAKAO/BLOOMBERG NEWS
|
|
|
|
|
|
Dutch police arrest nine suspects in phishing scam case. European police agency Europol, the Dutch police and the Belgian police worked together on a phishing case that resulted in the apprehension of nine suspects. The authorities searched 24 houses in the Netherlands and seized cryptocurrency, cash, firearms, electronic devices and jewelry, Europol said. The crime group contacted victims by email, text message and through mobile messaging applications, and sent them a phishing link to a fake banking website. Victims provided their banking details on that website and the suspects funneled money from the accounts. (The Record)
|
|
|
|
|
PHOTO: KACPER PEMPEL/REUTERS
|
|
|
|
|
Security researcher hacks into Jacuzzi smart hot tubs. Researcher EatonWorks bypassed admin restrictions for Jacuzzi Inc.’s internet-connected SmartTub and was able to view information about Jacuzzi owners from around the world including spas and their owners. The researcher said personal data was exposed, and the hack enabled them to control tub settings remotely, but not chemicals. (Vice)
|
|
|
|
Former Mandiant executive leads government cyber threat center. Laura Galante, a former director of global intelligence at Mandiant Inc., became director of the Cyber Threat Intelligence Integration Center last month. The center is part of the U.S. federal government’s Office of the Director of National Intelligence, and produces analysis of foreign cyber threats using intelligence from several agencies. Just before joining the government, Ms. Galante ran her own cyber threat intelligence company and traveled to Ukraine last year for cybersecurity work organized by the U.S. Agency for International Development. (CyberScoop)
|
|
|
|
|
“Response plans and mitigation strategies are foundational to any organization’s cyber posture, but those plans are meaningless if critical infrastructure owners and operators have never executed them in real time under real circumstances.”
|
|
— Ron Green, chief security officer of Mastercard Inc., in opening remarks submitted to a House Homeland Security Committee hearing Wednesday on security and emerging technologies
|
|
|
|
|
|
|
|
|
|
|
|
|
PHOTO: JENNY KANE/ASSOCIATED PRESS
|
|
|
|
|
Flagstar Bank suffers second data breach in two years. The Michigan-based financial firm notified more than 1.5 million customers of a data breach in which Social Security numbers were stolen. Hackers accessed corporate networks in December and a Flagstar investigation discovered the unauthorized activity this month. In 2021, hackers accessed Flagstar customer information through third-party vendor Accellion USA LLC. (TechCrunch)
|
|
|
-
More on Accellion: The Hack of a Small Tech Vendor Casts a Wide Net (WSJ)
-
Microsoft to limit facial-recognition tech sales and halt emotion-recognition tech sales. The tech giant said it would stop selling technology that guesses users’ emotions based on their facial expressions and limit sales of facial-recognition technology. Microsoft will phase out customers’ emotion-recognition tools over the next year and will require businesses to be approved to use facial-recognition tools, which have been criticized for fueling surveillance and misidentifying nonwhite people at disproportionate rates. Other companies, including Meta Platforms Inc., have similarly curtailed their use of facial-recognition tools. (Reuters)
|
|
|
|
|
|
|
|
|
|
|
|
