Security News This Week: North Korean IT Pros Infiltrate Tech Companies

- Advertisement -


Like a full blown Russian war in Ukraine heading towards its hundredth day, opposition of Ukrainian forces strong as ever. At the same time, hacktivists around the world continue to hack Russian institutions and publish your files and emails. This week, a group of hacktivists took a different — and slightly unusual — approach: they launched a prank service for Russian government officials. new website uses leaked details to link two random Russian officials to each other. Obviously, this will not affect the outcome of the war, but the group that created it hopes that this tool will cause some confusion and annoyance in Moscow.

- Advertisement -

A new study by the Google Threat Analysis Group focuses on the surveillance-for-hire industry and finds that spyware vendors targeting Android devices with zero-day exploits. State-sponsored entities in Egypt, Armenia, Greece, Madagascar, Ivory Coast, Serbia, Spain and Indonesia have purchased hacking tools from North Macedonian firm Cytrox, according to the Google team. The malware used five previously unknown Android exploits, as well as unpatched vulnerabilities. Overall, according to Google researchers, they track more than 30 surveillance firms around the world.

- Advertisement -

As for other malware news, scientists at the Technical University of Darmstadt in Germany have found a way track iPhone location even when it is turned off. When you turn off your iPhone, it doesn’t turn off completely—instead, the internal circuitry runs in a low-power mode. The researchers were able to launch malware that can track the phone in this low power mode. They believe their work is the first of its kind, but this method is unlikely to pose much of a threat in the real world as it first requires jailbreaking the target iPhone, which has become more difficult to do in recent years.

But wait, that’s not all. We’ve compiled all the news that we haven’t disclosed or covered in detail this week. Click on the headings to read all stories. And stay safe there.

- Advertisement -

International sanctions imposed on North Korea for its continued development of nuclear weapons and ballistic missiles mean that the country cannot trade with other countries or import money from outside within its borders. To get around this, in recent years Pyongyang has allowed its state-linked hackers raid cryptocurrency platforms and rob banks. Now the FBI, the US Department of State and the US Treasury warned that thousands of North Korean IT professionals, including app and software developers, are freelancing for companies around the world and sending money home. Many of them are based in China or Russia, officials say. The risks of hiring North Korean workers range from “theft of intellectual property, data and funds to reputational damage and legal consequences, including sanctions from US authorities and the United Nations.”

In a major public move, the U.S. Department of Justice says it will stop prosecuting security researchers under Computer Fraud and Abuse Act. “Computer security research is a key enabler for improving cybersecurity,” said Deputy Attorney General Lisa Monaco. said in a statement. For years, the CFFA anti-hacking law has been criticized for its broad scope and potential for abuse by prosecutors. While a clear shift in Justice Department policy would be welcomed by researchers, as Motherboard reportsthe policy does not go far enough and can still put legitimate researchers at risk.

Based primarily in Russia, the Conti ransomware gang has endured a horrific few months. Having supported Vladimir Putin’s war in Ukraine, thousands of his inner messages and deepest secrets were published on the Internet. While the gang continued to pursue the victims, including the government of Costa Rica, now researchers say that Conti has officially ceased operations. The Conti Tor admin panels have been disabled and the members of the group are splitting into other ransomware groups. according to security firm Advanced Intel. The outage came after the US government proposed $15 million award for information about members of Conti.

Canada has become the latest country in the Five Eyes intelligence group, which also includes the US, UK, Australia and New Zealand, prohibit the use of Huawei telecommunications equipment on their 5G networks. The Chinese telecommunications company ZTE was also banned. The Canadian government, in a statement, cited national security concerns and the fact that companies may be forced to follow orders from “foreign governments.” From September, Canadian firms will be banned from buying new 4G and 5G equipment from Chinese companies. They must remove all existing 5G equipment by summer 2024 and 4G equipment by the end of 2027.

.


Credit: www.wired.com /

- Advertisement -

Stay on top - Get the daily news in your inbox

DMCA / Correction Notice

Recent Articles

Related Stories

Stay on top - Get the daily news in your inbox