Facebook Tells 50,000 Users They Have Been Targets of Cyber Mercenaries
Pegasus spyware found on Indian activist's phone, Two spyware types found on Egyptian dissident's phone, Top software still not patched for Log4j, Man pleads guilty to $20m SIM-swapping theft, more
Following a months-long investigation by Meta, Facebook’s parent company, Facebook is notifying nearly 50,000 users in more than 100 countries they may have been targets of cyber-mercenaries who engage in surveillance-for-hire.
Facebook said it is taking enforcement actions against seven surveillance companies based in four countries, removing about 1,500 fake accounts, blocking malicious web addresses, and sending cease-and-desist letters to the companies. The investigators concluded that the companies used Meta’s Facebook and Instagram subsidiaries for surveillance activities, mainly to research and groom targets for later infections by spyware. Among the targets of the spy-for-hire companies were politicians, human rights workers, journalists, dissidents, and family members of opposition figures. (Craig Timberg / Washington Post)
Related: TechCrunch, CNN, Washington Post, Protocol, Meta, CBS News, The Sun, Engadget, France 24, Gadgets Now, CyberNews, Reuters, RNZ News, ETTelecom.com, Infosecurity Magazine, Business Standard, Telecomlive.com, The Financial Express, Reddit - cybersecurity, CNBC Technology, SiliconANGLE, Telecomlive.com, Al Jazeera English, Sky News, Chinanews.net, Big News Network, CNBC Technology, The Register - Security, The Hindu - Technology, The Times of Israel, Economic Times, Tech Xplore, Business Standard, Security Week
A forensic analysis by Amnesty International of jailed Indian activist Rona Wilson’s phone shows it was hacked using Pegasus spyware from sanctioned Israeli spyware maker NSO Group.
The analysis showed that Wilson’s phone was hacked between July 2017 and March 2018, three months before his arrest on terror-related charges. Wilson is part of a network of more than a dozen writers, lawyers, and artists who advocated for the rights of indigenous communities and low-caste Indians and who have been detained since 2018. (Stephanie Kirchgaessner and Michael Safi / The Guardian)
Researchers at the University of Toronto’s Citizen Lab found two kinds of commercial spyware on the phone of leading exiled Egyptian dissident Ayman Nour.
The first spyware was Pegasus spyware from NSO Group of Israel. The second came from Cytrox, a little-known NSO Group rival, marking the first time that Cytrox spyware has been documented. (Frank Bajak / Associated Press)
In 2012, Australian intelligence officials informed their U.S. counterparts that they had detected a sophisticated intrusion into the country's telecommunications systems that began with a software update from Chinese telecom tech supplier Huawei loaded with malicious code.
The incident substantiated suspicions in both countries that China used Huawei equipment as a conduit for espionage, serving as the core rationale for banning the company’s gear in U.S. military and telecommunication installations. (Jordan Robertson and Jamie Tarabay / Bloomberg)
According to a running tally published by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Cisco Systems, IBM, VMware, and Splunk were among the companies with multiple pieces of flawed software being used by customers on Thursday without available patches for the Log4j vulnerability.
As of Thursday, the CISA list included about 20 Cisco products that were vulnerable to attack without a patch available, including Cisco WebEx Meetings Server and Cisco Umbrella, a cloud security product. (Frank Bajak / Reuters)
Related: CSO Online, Heimdal Security Blog, Techradar, ZDNet Security, USA Today, Security Magazine, Security Affairs, The Sun, Checkmarx, WRAL Tech Wire, CSO Online, Reddit cybersecurity, BGR, Schneier on Security, The Register, Reddit - cybersecurity, CyberNews, VentureBeat, BitSight Security Ratings Blog, Bleeping Computer, Tech Wire Asia, New on MIT Technology Review, InfoSec Write-ups - Medium, Cybersecurity Insiders, Cyber Kendra, Chemical Facility Security News
Canada's Desjardins Group reached a settlement with plaintiffs in a lawsuit tied to a massive data breach in 2019, which impacted the personal information of more than 4 million of the financial services firm's users.
Under the agreement, a maximum sum of nearly C$201 million ($157.31 million) would be set aside to pay eligible users who file a claim. (Reuters)
Catalin Cimpanu @campuscodiDesjardins, Canada's largest credit union and one of the world's biggest banks, announces security breach. Data for 2.9M bank members was taken from the bank's system by a now-fired employee. Bank said this is its first breach in its 119-year history. https://t.co/xyq2PWQ0u8 https://t.co/pl6aXAJ9xR
Researchers at Kaspersky Lab said they discovered a new malware botnet named PseudoManyscrypt that has infected roughly 35,000 Windows computers this year. They found the botnet after it infected systems running industrial control systems monitored by its ICS division.
The botnet is distributed via pirated software installers and application cracks advertised on several internet sites. Most of its victims were in Russia, India, and Brazil. Of the 35,000 systems infected this year, Kaspersky said that 7.2% (roughly 2,500) were computers on ICS-specific networks. (Catalin Cimpanu / The Record)
Following a likely ransomware attack, the Coombe Women and Infants University Hospital in Dublin, Ireland, disconnected from the country’s HSE’s national health network.
Most of the hospital’s services continued in unimpeded fashion radiology, although some patients management systems were affected as they were connected to the national network. (Ciara O'Brien, Simon Carswell / The Irish Times)
New York man Nicholas Truglia, who bragged about helping to steal more than $20 million worth of cryptocurrency from a technology executive, has pleaded guilty to conspiracy to commit wire fraud.
Truglia was part of a group alleged to have stolen more than $100 million from cryptocurrency investors using fraudulent “SIM swaps,” scams in which identity thieves hijack a target’s mobile phone number and use that to wrest control over the victim’s online identities. Truglia is currently slated to be sentenced in April 2022 for his guilty plea in New York. He faces a maximum sentence of up to 20 years in prison. (Brian Krebs / Krebs on Security)
iPhone security testing company Correllium raised $25 million in a Series A venture funding round.
Paladin Capital Group led the round with participation from Cisco Investments and other strategic investors. (Thomas Brewster / Forbes)
Related: Business Wire: Venture Capital