News Feed Search

Results for search query: 'espionage and intelligence'

Page 1

DOJ Seizes Domains, Claiming They Pushed Iranian Disinformation; Should Raise 1st Amendment Concerns

The latest such case is the Justice Department announcing that it had seized a bunch of domains pushing disinformation on behalf of Iran's Islamic Revolutionary Guard Corps.

The United States has seized 92 domain names that were unlawfully used by Iran’s Islamic Revolutionary Guard Corps (IRGC) to engage in a global disinformation campaign, announced the Department of Justice.

According to the seizure documents, four of the domains purported to be genuine news outlets but were actually controlled by the IRGC and targeted the United States for the spread of Iranian propaganda to influence United States domestic and foreign policy in violation of the Foreign Agents Registration Act (FARA), and the remainder spread Iranian propaganda to other parts of the world.

In addition, the seizure documents describe how all 92 domains were being used in violation of U.S. sanctions targeting both the Government of Iran and the IRGC.

Even so, and even if we're concerned about foreign disinformation campaigns targeting the US, it still makes me nervous when the US government feels that it can just go in and seize entire domains.

Image of article 'US govt wins right to snaffle Edward Snowden's $5m+ book royalties, speech fees       –       and all future related earnings'

US govt wins right to snaffle Edward Snowden's $5m+ book royalties, speech fees – and all future related earnings

"Edward Snowden violated his legal obligations to the United States, and therefore, his unlawful financial gains must be relinquished to the government," said Deputy Attorney General Jeffrey Rosen.

Ed Snowden has raked in $1m+ from speeches – and Uncle Sam wants its cut, specifically, absolutely all of it READ MORE "Rather, under well-established Supreme Court precedent, Snepp v. United States, the government sought to recover all proceeds earned by Snowden because of his failure to submit his publication for pre-publication review in violation of his alleged contractual and fiduciary obligations."

It noted the super-leaker did not offer up his book for a review by official censors nor did he clear speeches on intelligence matters with the US government as required by his employment contract from the time he worked for Uncle Sam.

A federal district court in eastern Virginia this week ruled that Uncle Sam was entitled to the proceeds of Snowden's bestseller, an estimated $5.2m, and "any further monies, royalties, or other financial advantages derived by Snowden from Permanent Record."

The US government's Department of Justice has won its multi-million-dollar claim to Edward Snowden's Permanent Record book royalties as well as any future related earnings.

Image of article 'Julian Assange court case to resume after coronavirus false alarm'

Julian Assange court case to resume after coronavirus false alarm

US prosecutors have indicted the 49-year-old Australian on 18 espionage and computer misuse charges over WikiLeaks' publication of secret US military documents a decade ago.

The extradition hearing at London's Old Bailey criminal court is scheduled to last until early October.

Assange is fighting American prosecutors' attempt to get the British government to send him to the U.S. to stand trial on spying charges.

The London court hearing on WikiLeaks founder Julian Assange's extradition from to the United States is set to resume after a COVID-19 test on one of the participating lawyers came back negative, WikiLeaks said Friday, District Judge Vanessa Baraitser ordered the proceedings adjourned Thursday while a lawyer representing the US government was tested for the WikiLeaks said the case is now set to continue on Monday.

Assange's lawyers say the prosecution is a politically motivated abuse of power that will stifle press freedom and put journalists around the world at risk.

published espionage and intelligence business
Image of article 'China's foreign ministry: China to take reciprocal measures in response to US actions'

China's foreign ministry: China to take reciprocal measures in response to US actions

China's foreign ministry said on Friday that it has adopted reciprocal restrictions on staff from the US embassy and consulates in the mainland and Hong Kong.

"China's actions are just, a necessary response to the US wrongdoings," the ministry added.

China urges the US to withdraw restrictions on China's embassy and consulates in the US.

China will take reciprocal measures in response to US actions."

published espionage and intelligence finance
Image of article 'Amazon added the ex-NSA spy chief who presided over the Edward Snowden scandal to its board'

Amazon added the ex-NSA spy chief who presided over the Edward Snowden scandal to its board

Although Amazon has not suffered massive privacy scandals similar to those of social media companies such as Facebook, it has been the subject of some unflattering news stories about its privacy practices.

Alexander was in the spotlight in 2013 when Edward Snowden, a former CIA sub-contractor, leaked thousands of NSA documents and blew the whistle on the agency's mass surveillance programmes, triggering global outrage.

Amazon has appointed the NSA chief who oversaw the Edward Snowden mass-surveillance scandal to its board.

Snowden reacted to the news of Alexander's hiring to Amazon, saying: "It turns out 'Hey Alexa' is short for 'Hey Keith Alexander.'"

Amazon announced Thursday it has elected former National Security Agency (NSA) chief Keith Alexander to its board.

Image of article 'MoIT to verify information related to probe on imported H-beams'

MoIT to verify information related to probe on imported H-beams

Organisations and individuals involved with products under investigation are urged to register as relevant parties and to send the necessary information to the ministry in order to ensure their rights and benefits.

The MoIT decided to launch an anti-dumping investigation on August 24 into a number of H-beams originating from Malaysia.

It was initiated based on documents submitted by Vietnamese steel manufacturers in November 2019, which stated that H-beams from Malaysia were being dumped in Vietnam and causing major losses in the domestic industry.

Over 17,000 tonnes of H-beams were imported during the investigation period and close to 65,000 tonnes in the year prior.

If necessary, the ministry may impose temporary anti-dumping duties based on initial investigations, to prevent further losses in the local steel sector.

published espionage and intelligence economy

Coronavirus hotel quarantine inquiry: Was ADF called in to help or not

Mr Pakula told the inquiry today his department was not involved in organising or co-ordinating security or matters of infection control at hotels.

Mr Pakula said his department’s advice to the state government was that police officers, not just private security guards, should provide 24/7 security at the hotels.

Jobs, Precincts and Regions Minister Martin Pakula, whose department’s role in the hotel quarantine program was revealed in a video leaked to media yesterday, and department secretary Simon Phemister faced questions at the inquiry today.

When grilled about the use of private security in the bungled hotel quarantine scheme yesterday, Mr Andrews told the inquiry he did not believe “ADF support was on offer”.

The question of who gave the green light to use private security for Victoria’s bungled quarantine hotel program has continued to elude an inquiry into the state’s virus response.

Image of article 'Reporter's Role In Exposing Hiroshima Cover-Up Explored In 'Fallout'

Reporter's Role In Exposing Hiroshima Cover-Up Explored In 'Fallout

NPR's Mary Louise Kelly talks with Lesley Blume about her new book, Fallout, which explores how reporter John Hersey uncovered the effects of the atomic bomb after the U.S. dropped it on Hiroshima.

KELLY: Lesley Blume - she's the author of "Fallout: The Hiroshima Cover-up And The Reporter Who Revealed It To The World."

BLUME: Well, John Hersey was a young World War II correspondent who had covered action in different theaters throughout the war for Time magazine.

Author and journalist Lesley Blume chronicles Hersey's work and the reaction to it in her new book "Fallout."

MARY LOUISE KELLY, HOST: At exactly 15 minutes past 8 in the morning on Aug. 6, 1945, Japanese time, at the moment when the atomic bomb flashed above Hiroshima, Miss Toshiko Sasaki, a clerk in the personnel department of the East Asia Tin Works, had just sat down at her place in the plant office and was turning her head to speak to the girl at the next desk.

Aged-care company hacked, personal data leaked

Personal data at a Melbourne aged-care facility grappling with a coronavirus outbreak has been released publicly in a shocking cyber attack.

Regis Healthcare managing director Dr Linda Mellors confirmed to NCA NewsWire the company had been attacked by an “overseas third party”.

She said there was an attempt to disrupt the company’s operations, with the hacker copying some data from the Regis’s IT system and releasing “certain personal data” publicly.

She said Regis was contacting parties whose personal data had been exposed and the incident had not affected delivery of resident care or services.

“Our priority is maintaining safe and reliable operations while ensuring the security of personal information of our residents, clients, and employees,” Dr Mellors said.

published espionage and intelligence lifestyle

Israel: Lebanon Border Clash Follows JCS Chairman Visit

Following recent strikes near Damascus, Middle Eastern sources claimed that the US is “participating” in the ongoing Israeli campaign to stop Iran from supplying precision-guided missiles to Hezbollah.

Since his November visit, a US airstrike killed Maj. Gen. Qassem Soleimani, the Iranian Quds Force chief, relying on intelligence from an undisclosed friendly agency; mysterious explosions have ravaged Iranian nuclear sites, which Tehran has blamed on Israel; and Israeli has escalated strikes against Iranian advisors and Hezbollah proxies in Syria, where Iran may deploy its powerful Khordad anti-aircraft missile system against Israeli pilots.

These latest escalations follow just after the chairman of the US Joint Chiefs of Staff, Gen. Mark Milley, visited Israel to coordinate the two countries’ efforts against Iran.

Gen. Mark Milley and the IDF chief of staff, Lt. Gen. Aviv Kochavi, conduct a video meeting with Prime Minister Benjamin Netanyahu TEL AVIV: Israeli artillery bombarded a Hezbollah unit approaching the Lebanese border around 4pm local time (9am Eastern) today, while Iran reportedly prepared for live-fire wargames in the Gulf against a simulated US aircraft carrier.

Milley also spoke with Defense Minister Benny Gantz, the IDF Chief of Staff, Lt. Gen. Aviv Kochavi, and other senior officials.

published espionage and intelligence business
Image of article 'Russian cyberspies are attempting to steal coronavirus vaccine information'

Russian cyberspies are attempting to steal coronavirus vaccine information

By the late 1990s, Russian cyberespionage had grown to include the multi-year “Moonlight Maze” intrusions into U.S. military and other government computers, foretelling the massive espionage from Russia today.

And Russian hackers defaced U.S. websites during the Kosovo conflict, portending Russia’s extensive use of disruptive and damaging cyberattacks.

Russia has many skilled cyberoperators, and for good reason: Their educational system emphasizes information technology and computer science, more so than in the U.S. Every year, Russian schools take a disproportionate number of the top spots in the International Collegiate Programming Contest.

Indeed, the cyberespionage groups dubbed APT28 (aka Fancy Bear) and APT29 (aka Cozy Bear and The Dukes) are believed to correspond to Russia’s military intelligence agency GRU and its state security organization FSB, respectively.

Analyst Sarah Geary at cybersecurity firm FireEye reported that the hackers “disseminate propaganda on behalf of Moscow, develop cybertools for Russian intelligence agencies like the FSB and GRU, and hack into networks and databases in support of Russian security objectives.”

Who has been using spyware on Catalan independence campaigners

The day after the story broke, the weekly post-cabinet government press conference was dominated not by questions about Pegasus, but by queries about Covid-19 and the ongoing scandal surrounding the finances of the former king Juan Carlos.

Five days after a joint investigation by the Guardian and El País revealed the use of Pegasus in Spain and beyond, the obvious question lingers: who had been using it to target Catalan independence campaigners?

Neither man could have known that there was evidence that they, and at least three other people in the Catalan independence movement, were in fact being targeted with spyware so powerful it can infiltrate a mobile phone without a target clicking on an infected link.

Gutiérrez works for the Council for the Republic, the Waterloo-based organisation set up by the former Catalan regional president Carles Puigdemont, who fled Spain to avoid arrest after staging a unilateral and illegal independence referendum in October 2017.

Despite recent landmark trials over political corruption on both the left and right, the conviction of Juan Carlos’s son-in-law on charges of fraud and tax evasion and the recently announced supreme court investigation into the former king, Gutiérrez does not expect a proper inquiry into Pegasus.

Russia is hacking virus vaccine trials, US, UK, Canada say

WASHINGTON — Western governments accused hackers believed to be part of Russian intelligence of trying to steal valuable private information about a coronavirus vaccine on Thursday, calling out the Kremlin in an unusually detailed public warning to scientists and medical companies.

Intelligence agencies in the United States, United Kingdom and Canada alleged that the hacking group APT29, also known as Cozy Bear and blamed for American election interference four years ago, is attacking academic and pharmaceutical research institutions involved in COVID-19 vaccine development.

The accusations come at a tenuous time for relations between Russia and both the U.S. and U.K. Besides political ill will, especially among Democrats, about the 2016 election interference, the Trump administration is under pressure to confront Russia over intelligence information that Moscow offered bounties to Taliban fighters to attack allied fighters.

The vaccine assessment came two years to the day after Trump met with Putin in Helsinki and appeared to side with Moscow over U.S. intelligence agencies about the 2016 election interference.

A 16-page advisory prepared by Western agencies and made public Thursday accuses the hacking group tied to Russian intelligence services and known colloquially as Cozy Bear of using custom malicious software to target a number of organizations globally.

Image of article 'FYI Russia is totally hacking the West's labs in search of COVID-19 vaccine files, say UK, US, Canada cyber-spies'

FYI Russia is totally hacking the West's labs in search of COVID-19 vaccine files, say UK, US, Canada cyber-spies

The Kremlin-backed APT29 crew, also known by a variety of other names such as Cozy Bear, Iron Hemlock, or The Dukes, depending on which threat intel company you’re talking to that week, is believed by most reputable analysts to be a wholly owned subsidiary of the FSB, modern-day successor to the infamous Soviet KGB.

DHS, FBI blame Russia for ongoing infrastructure hacks READ MORE Intriguingly, NCSC – along with the US CISA and Canada’s Communications Security Establishment – also said APT29 was deploying a custom malware it named SoreFang against products from Chinese enterprise networking biz Sangfor.

He added that it’s not just Russia doing the hacking, although Vladimir Putin’s nation is at the forefront of today’s report: "The NCSC report emphasises that the global interest in COVID-19 is driving an intelligence collection agenda for Russia, as well as nations like Iran, that has previously been identified targeting COVID-19 related research," he opined.

Meanwhile, Mandiant Threat Intelligence’s John Hultquist said in a statement that APT29 tended to stay below the radar and steal data, making today’s attribution all the more eye-catching for espionage watchers.

"Despite involvement in several high-profile incidents, APT29 rarely receives the same attention as other Russian actors because they tend to quietly focus on intelligence collection," he explained.

Trump Gave CIA Free Rein in Cyberspace: Report

Under a secret 2018 presidential finding, the CIA is given the power to more easily authorize its own offensive cyberattacks against specific foreign adversaries and organizations suspected of working on their behalf, Yahoo News reports, citing former U.S. officials with direct knowledge of the matter.

The targets reportedly authorized under the presidential directive include Russia China, Iran, and North Korea; however, the finding could be interpreted to apply to others as well, a former official told Yahoo.

According to Yahoo, the presidential finding—which the CIA has already reportedly used to launch “at least a dozen operations that were on its wish list”—lowered the evidentiary threshold for use of covert actions against seemingly private entities believed by the CIA to operate on behalf of rival foreign intelligence, such as charities and media organizations.

Former officials told Yahoo that the directive significantly curtailed the vetting process used by the CIA to confirm a potential target is linked to a foreign threat.

According to Yahoo, some former officials have expressed concern over the CIA’s expanded authority in cyberspace, saying that even when subjected to National Security Council oversight, the agency’s cyber operations often lack needed transparency.

How Does Dev - First Security Carve the New Path for Security? - DZone Security

Since security champions are nominated from the team of developers and are quite engaged in the app development project, they can effectively communicate security issues to the development team.

As you embed a security champion within your team of developers, you keep security on the top-of-mind for them, while improving the overall quality of your apps.

The distinction here demands you to rethink and show security flaws to your development team, placing them within an application context, rather than a risk context.

“Zooming out,” for security teams, implies looking at known vulnerabilities across all applications to assess risks, while for developers, it means seeking defects of the same applications that include operability, functionality, and much more to effectively understand their quality.

The major challenge that organizations of today face is their security teams remain siloed, which is why they are not consulted and communicated with, leading to insecure application development.

Image of article 'The US government is considering a TikTok ban, says secretary of state'

The US government is considering a TikTok ban, says secretary of state

The US is considering a ban on Chinese social media apps like the popular video-sharing platform TikTok, Secretary of State Mike Pompeo told Fox News on Monday.

Over the last few years, US lawmakers have grown increasingly concerned over TikTok’s handling of user data and the relationship between its parent company — the Beijing-based ByteDance — and the Chinese government.

Lawmakers allege that TikTok could be pressured into handing over data or other intelligence to the Chinese Communist Party.

TikTok responded to the Indian government’s statements, saying, “TikTok continues to comply with all data privacy and security requirements under Indian law and has not shared any information of our users in India with any foreign government, including the Chinese Government.”

When asked if he would suggest US citizens use TikTok, Pompeo told Fox News, “Only if you want your private information in the hands of the Chinese Communist Party.”

Image of article 'Promethium APT attacks surge, new Trojanized installers uncovered'

Promethium APT attacks surge, new Trojanized installers uncovered

While the Talos team was unable to track the initial attack vector, the researchers say the files could land via a watering hole attack or in-path request interception -- with an ISP performing an HTTP redirect -- as described by CitizenLab in a 2018 report on Promethium's activities.

See also: PhantomLance spying campaign breaches Google Play security To hide the spyware's activities, BitDefender says that the C2 network the team traced has three infrastructure layers, including the use of proxy servers, VPNs, and IP addresses that receive forwarded data.

Talos has tracked roughly 30 new command-and-control (C2) servers belonging to Promethium tied to an evolved form of the group's surveillance malware, StrongPity3, that is also believed to be linked to state-sponsorship.

Active since roughly 2002, the Promethium advanced persistent threat (APT) group has been exposed time and time again by security researchers and civil rights outfits for prolific surveillance and intelligence-gathering related to political targets.

Promethium, the threat group also known as StrongPity, has been tracked in a new wave of attacks deploying an expanded list of Trojanized installers that abuse the popularity of legitimate applications.

Image of article 'Israel's Government Wants Spy Agency To Resume COVID-19 Tracing. Spy Chief Objects'

Israel's Government Wants Spy Agency To Resume COVID-19 Tracing. Spy Chief Objects

A leading Israeli technology and privacy rights expert, Tehilla Shwartz Altshuler of the Israel Democracy Institute, said a contact-tracing app already exists — Hamagen, which a million Israelis have downloaded voluntarily — and its more advanced version could be operational within one week.

But Netanyahu convened his government Wednesday to urge lawmakers to pass a law enshrining the Shin Bet's surveillance program.

From March to May, the Shin Bet domestic intelligence agency tracked Israelis' cellphone location data and notified those who may have crossed paths with a coronavirus carrier to self-isolate at home.

As Israel faces a new surge of coronavirus cases, Prime Minister Benjamin Netanyahu is pushing to restart a controversial cellphone contact-tracing program put on hold this month.

She said data published on the Shin Bet's surveillance program show fewer than 3 out of every 10 positive virus cases were successfully detected, in part because the technology is less effective at tracking subjects indoors.

Australian leader says unnamed state increasing cyberattacks

CANBERRA: Australia is under increasing cyberattack from a “sophisticated state-based cyber actor,” the Australian prime minister said Friday.

Morrison said he had discussed the growing cyber security threat with Australia's allies and had spoken overnight to British Prime Minister Boris Johnson on the subject.

Morrison said “Australia doesn't engage lightly in public attribution” and would not name the country behind the current cyber campaign.

Defense Minister Linda Reynolds said the government's cyber agency, Australian Cyber Security Center, and the Home Affairs Department had published on Friday a technical advisory on how organizations can detect and mitigate cyber threats.

“Australian organizations are currently being targeted by a sophisticated state-based cyber actor,” Morrison told reporters.

Image of article 'How did a major cyber attack on Australian governments and business happen'

How did a major cyber attack on Australian governments and business happen

"There aren't too many state-based actors who have those capabilities," Mr Morrison said.

Mr Morrison was pressed about speculations the attacks came from China, but he said the Government would not make public comment about that.

Sources have told the ABC that China is believed to be behind the attacks, however Mr Morrison did not point the finger publicly.

"This activity is targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure," Mr Morrison said.

Mr Morrison wasn't specific about the hackers' individual targets, but all levels of government, critical infrastructure and essential services have been affected.

Image of article 'It turns out coronavirus malware wasn’t even that big a deal'

It turns out coronavirus malware wasn’t even that big a deal

A new published by the Microsoft Threat Intelligence Protection Team outlines how the volume of malware threats detected worldwide did not vary significantly during the pandemic, and coronavirus malware accounted for “barely a blip" in the total volume recorded Microsoft claims opportunistic malware and phishing attacks began after the World Health Organization (WHO) first started using the title “Covid-19” in February.

However, while the number of coronavirus-related cyberattacks spiked at various junctures, the overall number of cyberattacks shifted little from the usual rate, suggesting cybercriminals altered planned attacks rather than launching entirely new campaigns.

“Covid-19-themed attacks are just a small percentage of the overall threats Microsoft has observed over the last four months,” reads the blog post.

The best defence against the kinds of opportunistic, localized attacks identified over the past few months, according to Microsoft, is an emphasis on training end users how to spot and social engineering attacks - as well as a commitment .

“Defender investment is best placed in cross-domain signal analysis, update deployment and users education...Investments that raise the cost of attack or lower the likelihood of success are the optimal path forward,” Microsoft noted.