Search Results for “Associated Press”


March 28, 2020
Elaine Ganley / Associated Press

Elaine Ganley / Associated Press  
Europol Warns About Rise of Cybercrime, Fraud, Counterfeit and Substandard Goods During Coronavirus Pandemic

Criminals are adversely affecting medical care during the coronavirus pandemic by selling counterfeit products, impersonating health workers, and hacking computers as many citizens do their jobs online at home, Europol said in a new report. In one case, a cyberattack on a major hospital in the Czech Republic where COVID-19 tests are carried out forced the cancellation of planned surgeries. The report lists four main avenues for illicit activity: cybercrime, fraud, counterfeit and substandard goods, and organized property crime. The European law enforcement agency said that it disrupted the work of 37 organized crime groups, and seized 34,000 fake and substandard masks, and more than $14 million in potentially dangerous pharmaceuticals.

May 28, 2020
Frank Jordans and Vladimir Isachenkov / Associated Press

Frank Jordans and Vladimir Isachenkov / Associated Press  
Germany Is Seeking EU Sanctions Against Russian Man Who Allegedly Hacked the German Parliament While Reportedly Working for Russian Intelligence

Germany’s Foreign Ministry said it called in Russian ambassador Sergei Nechayev to let him know it is seeking EU sanctions against a Russian man Dmitriy Badin, and possibly others, over his alleged role in the hacking of the German parliament at a time when evidence shows he was working for Russian intelligence. Senior German diplomat Miguel Berger “strongly condemned the attack on Germany’s parliament in the name of the German government” while meeting with Nechayev, the ministry said. Russia calls the German accusations “baseless.”

Related: Digital Journal, DAILYSABAH, TASS, POLITICO EU, Council on Foreign Relations

Tweets:@hatr @juschuetze @lukOlejnik


Aron Heller / Associated Press

Aron Heller / Associated Press  
Israel’s Cybersecurity Chief Says Attempted Attack on Water Supply Could Have Had Disastrous Outcome, Calls It a ‘Changing Point’ in Modern Cyber-Warfare

Israel’s national cybersecurity chief Yigal Unna acknowledged the country had thwarted a major cyberattack last month against its water systems, an assault widely attributed to arch-enemy Iran, calling it a “synchronized and organized attack” aimed at disrupting key national infrastructure. Unna said the attempted hacking into Israel’s water systems marked the first time in modern history that “we can see something like this aiming to cause damage to real life and not to IT or data.” He said had Israel’s National Cyber Directorate not detected the attack in time, chlorine or other chemicals could have been mixed into the water source in the wrong proportions and resulted in a “harmful and disastrous” outcome.  Unna called the water supply foiled attack a changing point in the history of modern cyber-warfare and warned ominously that “cyber winter is coming.”

Related: YnetSecurityWeek, Deutsche Welle, Arutz Sheva News, Israel National News, Haaretz.com, Algemeiner.com, The Cyber Shafarat – Treadstone 71, Security Affairs, Cyberscoop, Stars and Stripes


March 16, 2020
Josef Federman / Associated Press

Josef Federman / Associated Press  
Israel’s Prime Minister Authorizes Country’s Security Agency to Use Anti-Terrorist Surveillance Technology to Track Coronavirus Patients

Israel Prime Minister Benjamin Netanyahu’s Cabinet on Sunday authorized the Shin Bet security agency to use anti-terrorist tracking technology on coronavirus patients. The Prime Minister conducted a televised address late Saturday, telling the nation that the drastic steps would protect the public’s health. However, he also conceded it would also “entail a certain degree of violation of privacy.” The surveillance technology, which has never been used on civilians before, uses mobile-phone tracking technology to give a more precise history of an infected person’s movements before they were diagnosed and identify people who might have been exposed.

Related: Security News | Tech Times, PYMNTS.com, Algemeiner.com, Voice of America, New York Times

Tweets:@kevincollier @ronenbergman @HowellONeill @LorenzoFB


May 18, 2020
David Shortell, Evan Perez / CNN

David Shortell, Evan Perez / CNN  
FBI Claims to Have Broken the Encryption on Pensacola Shooter’s iPhones Substantially Weakening the Government’s Push for Encryption Backdoors

Mohammed Alshamrani, a member of the Royal Saudi Air Force in training at Naval Air Station Pensacola who killed three U.S. sailors and wounded others at the base, was in touch with a suspected al Qaeda operative, according to the FBI broke which broke through the encryption protecting the Saudi attacker’s iPhones, sources say. If the Bureau did achieve this encryption breakthrough, the case made by the FBI and Attorney General William Barr for demanding backdoors into encrypted communications services and devices appears to be substantially weakened. Law enforcement said they had initially been unable to retrieve data stored on two iPhones belonging to the shooter, and they cited that hurdle in trying to complete their investigation of the attacker’s ideology and his radicalization.

Related: New York Times, Wall Street Journal, Forbes, Justice Department, MacRumors, Associated Press, Task & Purpose, Capital Gazette, The Sun, Business Insider, AOL, GANNETT Syndication Service, Newsweek, Yahoo! News, Bloomberg, RT USA, The Crime Report, Axios, Cult of Mac, USATODAY, AppleInsider, NBC News, Wired, The Register – Security, Cyberscoop, CNET, News : NPR, iDownloadBlog.com, Fortune, WCCFtech, ZDNet Security, AppleInsider, iMore, Cult of Mac, Patently Apple, Business Insider, The Sun, BuzzFeed News, Newsweek, iDownloadBlog.com, Appleosophy, MacRumors, Homeland Security Today, Zero Hedge, CBSNews.com,TechSpot, iPhone Hacks, The Mac Observer,Cult of Mac, The Guardian, UPI.com, TIME, Ars Technica, USATODAY, New York Post, AppleInsider, The Huffington Post , Capital Gazette, TIME, Heavy.com, Engadget, Slashdot, Daily Dot, Cyberscoop, Multichannel, Vox, WCCFtech, POLITICO, The Sun, USNI News, Business Insider, Fortune, Input, TribLIVE, emptywheel, PhoneArena, Channel News Asia, RT USA, Algemeiner.com, MacDailyNews, Reuters: U.S., France 24, The New Daily, The Verge, Slashdot, Washington Post, New York Times

Tweets:@dnvolz @adamgoldmanNYT @kevincollier @nakashimae @zackwhittaker @zackwhittaker @zackwhittaker @iblametom @karaswisher @macrumors @zackwhittaker @iblametom @dotmudge @DevlinBarrett @ahmed

New York Times: F.B.I. Is Said to Find Links Between Pensacola Gunman and Al Qaeda
Wall Street Journal: FBI Discovers al Qaeda Link in Pensacola Attack
Forbes: Feds Hack iPhones In Pensacola Terrorist Shooting Case, But Still Slam Apple For Not Helping
Justice Department: Attorney General William P. Barr and FBI Director Christopher Wray Announce Significant Developments in the Investigation of the Naval Air Station Pensacola Shooting
MacRumors: FBI Reportedly Gained Access to iPhone Used by Mass Shooter in Florida After Apple Refused to Help
Associated Press: Pensacola gunman’s cellphones reveal meticulous planning for attack, FBI says
Task & Purpose: The FBI has evidence linking Al Qaeda to the NAS Pensacola shooting
Capital Gazette: Gunman accused of killing 3 sailors at Pensacola military base linked to al-Qaida, US official says
The Sun: Saudi student who shot dead 3 US sailors on Florida Naval Base ‘had been in contact with Al Qaeda’ in days before attack
Business Insider: The FBI found links to Al Qaeda after cracking the phones of the Saudi gunman who attacked a Florida naval base
AOL: Official: FBI finds link between Pensacola gunman, al-Qaida
GANNETT Syndication Service: Official: FBI finds link between NAS Pensacola gunman, al-Qaida
Newsweek: FBI Finds Florida Gunman Who Killed U.S. Sailors Was Linked to Al Qaeda After Breaking iPhone Encryption
Yahoo! News: FBI finds Al Qaeda link to Pensacola naval base shooting suspect: US official
Bloomberg: FBI Gets Into Pensacola Shooter’s iPhone, Finds an Al-Qaeda Tie
RT USA: Saudi pilot who went on gun rampage at Florida naval base linked to ‘Al-Qaeda operative’
The Crime Report: FBI Finds Link Between Pensacola Shooter, Al-Qaeda
Axios: FBI finds links between Pensacola gunman and Al Qaeda
Cult of Mac: FBI cracks alleged al-Qaida shooter’s iPhone without Apple’s help
USATODAY: Feds connect al Qaeda contacts to deadly Pensacola Naval Air Station shooting
AppleInsider: FBI breaks iPhone security to uncover Pensacola shooter & Al Qaeda link
NBCNews: FBI: Pensacola gunman prodded by al Qaeda to attack
Wired: The FBI Backs Down Against Apple—Again
The Register – Security: Attorney General: We didn’t need Apple to crack terrorist’s iPhones – tho we still want iGiant to do it in future
Cyberscoop: U.S. officials say they’ve cracked Pensacola shooter’s iPhones, blast Apple
CNET: FBI slams ‘Apple problem’ as it unlocks Pensacola shooter’s iPhones – CNET
News : NPR: FBI: New iPhone Evidence Shows Pensacola Shooter Had Ties To Al-Qaida
iDownloadBlog.com: The FBI has reportedly bypassed the security on the Pensacola mass shooter’s iPhone
Fortune: FBI: “We received effectively no help from Apple” in accessing Pensacola Shooter’s iPhones
WCCFtech: FBI Hacks Florida Shooter’s iPhones without Apple’s Help & Finds al Qaeda Link
ZDNet Security: FBI criticizes Apple for not helping crack Pensacola shooter’s iPhones
AppleInsider: Apple rejects ‘false claims’ by Justice Department regarding Pensacola investigation
iMore: Apple denies “false claims” by Justice Department over Pensacola attack
Cult of Mac: FBI attacks Apple for ‘no help’ unlocking Florida attacker’s iPhone; Apple rejects ‘false’ claims
Patently Apple: DOJ and FBI described crucial data found on the Pensacola Terrorist’s iPhones today in a news Conference, without Apple’s Assistance
Business Insider: The FBI found links to Al Qaeda after cracking the phones of the Saudi gunman who attacked a Florida naval base
The Sun: Saudi student who shot dead 3 US sailors on Florida Naval Base ‘had been in contact with Al Qaeda’ in days before attack
BuzzFeed News: The Pensacola Naval Base Shooter Had Longtime “Significant Ties” To Al-Qaeda
Newsweek: FBI Finds Florida Gunman Who Killed U.S. Sailors Was Linked to Al Qaeda After Breaking iPhone Encryption
iDownloadBlog.com: The FBI has reportedly bypassed the security on the Pensacola mass shooter’s iPhone
Appleosophy: Apple Fires Back at FBI and Attorney General William Barr Regarding Florida Shooter’s iPhone
MacRumors: FBI Reportedly Gained Access to iPhone Used by Mass Shooter in Florida After Apple Refused to Help
Task & Purpose: The FBI has evidence linking Al Qaeda to the NAS Pensacola shooting
MacRumors: Apple Calls FBI Comments on Lack of Help Unlocking Florida Shooter’s iPhone an ‘Excuse to Weaken Encryption’
SlashGear » security: Apple blasts Barr over iPhone lock “false claims” in Pensacola shooter case
Homeland Security Today: FBI: Pensacola Shooter Tied to AQAP Before Coming to the U.S., Discussed Attack
Zero Hedge: FBI Cracks Into Pensacola Shooter’s iPhone, Find “Significant Ties” To Al Qaeda
CBSNews.com: Saudi shooter in Florida air base attack had ties to al Qaeda
TechSpot: Officials still want backdoor into cellphones after cracking two iPhones without help
Yahoo! News: U.S. Supreme Court heaps more damages on Sudan in embassy bombing cases
iPhone Hacks: FBI Has Reportedly Unlocked One of the iPhones Used by Mass Shooter in Florida Last Year
The Mac Observer: FBI Bypasses Encryption on Pensacola Attacker’s iPhones
Cult of Mac: FBI cracks alleged al-Qaida shooter’s iPhone without Apple’s help
The Guardian: Pensacola gunman’s cellphones reveal meticulous planning for attack, FBI says
UPI.com: FBI: Agents unlocked phones to tie Pensacola gunman Mohammed Saeed Alshamrani to al-Qaida
TIME: Gunman in Deadly Pensacola Military Base Attack Linked to al-Qaida, FBI Says
Ars Technica: iPhone crypto hid al-Qaida link to naval base shooting, AG fumes
USATODAY: Feds connect al Qaeda contacts to deadly Pensacola Naval Air Station shooting
New York Post: FBI found al Qaeda’s link to Pensacola shooter through iPhones
AppleInsider: FBI breaks iPhone security to uncover Pensacola shooter & Al Qaeda link [u]
The Huffington Post : FBI Says It Found Links Between Pensacola Gunman And Al-Qaeda
Capital Gazette: Gunman accused of killing 3 sailors at Pensacola military base linked to al-Qaida, US official says
Stars and Stripes: FBI: Shooter at Naval Air Station Pensacola had link to al-Qaida
TIME: Gunman in Deadly Pensacola Military Base Attack Linked to al-Qaida, FBI Says
Ars Technica: iPhone crypto hid al-Qaida link to naval base shooting, AG fumes
Heavy.com: Pensacola, Florida Gunman Mohammed Alshamrani Link to Al-Qaida Found
Engadget: AG Barr seeks ‘legislative solution’ to make companies unlock phones
Daily Dot: FBI unlocks Pensacola shooter’s iPhone despite Apple’s opposition
Multichannel: AG Barr Hammers Apple in Terrorism Case Announcement
Vox: Why Attorney General Bill Barr is mad at Apple
Heavy.com: Pensacola, Florida Gunman Mohammed Alshamrani Link to Al-Qaida Found
POLITICO: Pensacola gunman was working with al Qaeda, FBI finds
USNI News: FBI Says Unlocked iPhone Messages Link NAS Pensacola Shooter to Al Qaeda; AG Barr Says Incident was ‘Act of Terrorism’
Input: FBI breaks into Pensacola shooter’s iPhone after six months, revealing al Qaeda links
TribLIVE: FBI: Shooter at Pensacola military base linked to al-Qaida
emptywheel: Bill Barr and Chris Wray Schedule a Press Conference to Admit Trump Let an Al Qaeda Terrorist onto Our Military Base
PhoneArena: Who is lying, Apple or Attorney General William Barr?
Channel News Asia: FBI phone probe links al Qaeda to Saudi who killed 3 at Florida base
RT USA: Saudi pilot who went on gun rampage at Florida naval base linked to ‘Al-Qaeda operative’
Algemeiner.com: FBI Phone Probe Links Al Qaeda to Saudi Shooter Who Killed Three at Florida Navy Base
MacDailyNews: Apple rejects ‘false claims’ by Justice Department regarding Islamic terrorist attack in Pensacola
Reuters: U.S.: FBI phone probe links al Qaeda to Saudi who killed three at Florida base, Barr says
France 24: FBI says al Qaeda linked to Saudi shooter at Florida naval base
The New Daily: FBI links al-Qaeda to US base shooting
MacDailyNews: FBI cracks iPhone encryption, links al Qaeda to Islamic terrorist who killed three at Florida naval base
MacDailyNews: Apple rejects ‘false claims’ by Justice Department regarding Islamic terrorist attack in Pensacola
CNN.com: FBI delivers to America a chilling reminder about al Qaeda
Input: FBI breaks into Pensacola shooter’s iPhone after six months, revealing al Qaeda links
The Verge: The FBI successfully broke into a gunman’s iPhone, but it’s still very angry at Apple
Washington Post: Attorney general and FBI director blast Apple after tracing Pensacola gunman’s phone to al-Qaeda
New York Times: F.B.I. Finds Links Between Pensacola Gunman and Al Qaeda

@dnvolz: Sound familiar? FBI gets into iPhone belonging to dead terrorist that they said months ago they could not unlock.
@adamgoldmanNYT: The F.B.I. found the gunman, a Saudi Air Force cadet training with the American military, had communicated with a Qaeda operative who had encouraged the attacks
@kevincollier: "Breaking encryption" on an iPhone has a specific meaning and enormous consequences. I really hope those making that claim today wouldn't do so without backing it up.
@nakashimae: FBI Director Chris Wray: "We received effectively no help from Apple" in accessing the Pensacola shooter's iPhones.
@zackwhittaker: Apple in January: "The FBI only notified us on January 6 that they needed additional assistance—a month after the attack occurred. Only then did we learn about the existence of a second iPhone associated with the investigation and the FBI's inability to access either iPhone."
@zackwhittaker: Apple also said at the time it responded to six more legal requests for information between Dec. 7 and Dec. 14, and that it provided iCloud backups, account information and transactional data for multiple accounts.
@zackwhittaker: It's not that Apple provided "effectively no help" to the FBI. It's that Apple didn't acquiesce to the wants and wishes of the government and backdoor its own devices. We almost had an entire court case about this — but the FBI bottled it.
@iblametom: New - The FBI hacks into the iPhones of Pensacola shooter, finds links to Al Qaeda. But director Chris Wray still says Apple should've helped and its delays caused real problems.
@karaswisher: Looks like the government can do what it said it could not do
@macrumors: FBI Reportedly Gained Access to iPhone Used by Mass Shooter in Florida After Apple Refused to Help https://macrumors.com/2020/05/18/fbi-reportedly-accessed-alshamrani-iphone/ by @rsgnl
@zackwhittaker: ACLU statement is extremely Nail polish "The boy who cried wolf has nothing on the agency that cried encryption."
@iblametom: Source at FBI told me they chose the wrong battle with Pensacola too... they’ve been able to get into iPhone 5 and 7 for some time.
@dotmudge: Two things: 1 - AQAP (Al Qaeda Arabian Peninsula) linked terrorist attack on US soil, and it barely makes the news cycle 2 - investigations show accessing iPhones on one-off’s continues to negate necessity to drop user crypto protections at large
@DevlinBarrett: Attorney general and FBI director crank up their encryption fight with Apple, blasting the company after agents traced data on a Pensacola gunman’s phone to al-Qaeda
@ahmed: FBI says Saudi shooter at Pensacola base was in touch with al-Qaeda leaders, accuses Apple of wasting “valuable time” by refusing to unlock his phone to investigators


September 17, 2016
Brad Heath / USA Today

Brad Heath / USA Today  
USA Today, Vice News, Associated Press Sue FBI for iPhone 5c Hack Details, Cost

Three news organizations, USA Today, Vice News and the Associated Press, have banded together to file suit in the U,S. District Court for the District of Columbia against the FBI seeking information on how the Bureau was able to break into the locked iPhone 5c of one of the San Bernardino shooters. The lawsuit seeks to identify the source of the exploit agents used to unlock the phone, which followed a brutal public debate, and how much the government paid for it.

May 19, 2020
Jasper Jolly / The Guardian

Jasper Jolly / The Guardian  
EasyJet Says Personal Data on Nine Million Customers Were Accessed in ‘Highly Sophisticated’ Cyberattack, Over Two Thousand Customers’ Credit Card Details Stolen

European budget airlines EasyJet has revealed that the personal information of 9 million customers was accessed in a “highly sophisticated” cyberattack on the airline. The company said that email addresses and travel details were accessed, and it would contact the customers affected. Of the 9 million people affected, 2,208 had credit card details stolen, but no passport details were uncovered. Those customers whose credit card details were taken have been contacted, while everyone else affected will be contacted by 26 May. EasyJet offered no details of the hack but said it had “closed off this unauthorized access” and reported the incident to the National Cyber Security Centre and the Information Commissioner’s Office (ICO), the data regulator.

Related: BBC News, TechCrunch, Associated Press Technology, Financial Times Technology, Bloomberg, CNBC Technology, Information Age, Evening Standard, Graham Cluley, Channel News Asia, France 24, IT Pro, PerthNow, Thomas Brewster – Forbes, RT News, MediaNama: Digital Media in India, POLITICO EU, Computer Business Review, The Sun, BetaNews, Voice of America, The State of Security, The Loadstar, RTE, Sky News, Independent

Tweets:@lukOlejnik @dcuthbert @joetidy @racheltobac @zsk @jc_stubbs

BBC News : EasyJet admits nine million customers hacked
TechCrunch: Europe to Facebook: Pay taxes and respect our values — or we’ll regulate
Associated Press Technology: EasyJet reveals ‘sophisticated’ hack of customer details
Financial Times Technology: EasyJet says hackers accessed travel details of 9m customers
Bloomberg: EasyJet Says Hackers Accessed Data of 9 Million Customers
CNBC Technology: EasyJet hack leaves 9 million customers’ details exposed
Information Age: EasyJet data breached, over 9 million customers affected
Evening Standard: Millions of easyJet customers at risk after hackers access personal details
Graham Cluley: EasyJet hack impacts nine million passengers
Channel News Asia: EasyJet hit by cyber attack, hackers access 9 million customers’ details
France 24: Hackers access details of millions of easyJet passengers in cyber attack
IT Pro: Easyjet hack exposes details of nine million customers | IT PRO
PerthNow: Cyber attackers target easyJet
Thomas Brewster – Forbes: EasyJet Hacked: 9 Million Customers And 2,000 Credit Cards Hit
RT News: Hackers steal personal data of 9 million EasyJet costumers in ‘highly sophisticated’ cyber attack
MediaNama: Digital Media in India: Hackers accessed details of 9 million EasyJet customers, credit card details of 2K+ people
POLITICO EU: Easyjet cyberattack hits 9 million customers
Computer Business Review: EasyJet Hacked: 9 Million Customers Affected
The Sun: EasyJet hit by cyber attack with 9million customers details stolen
BetaNews: easyJet hit by ‘highly sophisticated’ cyberattack: 9 million customers’ details exposed
Voice of America: EasyJet Hit by Cyber Attack, Hackers Access 9 mln Customers’ Details 
The State of Security: Around 9 Million easyJet Customers’ Details Stolen in Hacking Incident
The Loadstar: SN: EasyJet: Nine million customers’ details ‘accessed’ by hackers
RTE: EasyJet hit by ‘highly sophisticated’ cyber attack
Sky News: EasyJet: Nine million customers’ details ‘accessed’ by hackers
Independent: EasyJet hacked: 9M customers’ details stolen

@lukOlejnik: Hacked EasyJet. Stolen data of 9M customers, for >2000 of them this includes credit card numbers. Users to be contacted gradually. Certainly not a good time to be an airline :)
@dcuthbert: My personal details are 99% included in this. So, let's play a game shall we? #easyjet
@joetidy: EasyJet’s stock exchange notice about the cyber attack here. Looks like they’ve taken all the correct steps (notifying ICO/ NCSC) etc but if the hack happened in Jan - why are we only learning of it now? http://otp.investis.com/clients/uk/easyjet1/rns/regulatory-story.aspx?cid=2&newsid=1391756
@racheltobac: Prepare to receive phishing emails, texts or calls pretexting as your bank looking to investigate fraud on your account, airlines attempting to cancel, rebook, or alert you to changes on your account, and much more. Contact back using 2nd form of comms ImpRobot face
@zsk: And now my inbox overfloweth with "comments" from PR people's cybersecurity clients, all of whom are scrambling trying to connect the EasyJet data breach with the Covid19 pandemic.
@jc_stubbs: Scoop >> The cyberattack disclosed by #easyJet earlier today is thought to be the work of a suspected Chinese hacking group that has targeted multiple airlines in recent months, two sources tell @Reuters


May 23, 2020
Geoffrey Fowler / Washington Post

Geoffrey Fowler / Washington Post  
Coronavirus Tracing App Developed for North and South Dakota Sends Location Data to Third Parties

Care 19, a coronavirus tracing app developed for both North and South Dakota, which launched in April sends location data to Foursquare, along with something called an Advertising Identifier (commonly referred to as an IDFA), to third parties including Google and data intelligence company Foursquare privacy research firm Jumbo discovered. Foursquare said the Care 19 app data is promptly deleted. The app is also sending data to a company called Bugfender, which said the data doesn’t correlate any information to the user. The developer of the app, a company called ProudCrowd, admitted it provides the users’ data to third parties but said it does not do so for commercial purposes.

Related: Security News | Tech Times, The Independent, Tech Insider, The Mac Observer, The Register – Security, Digital Journal, Lifehacker, Futurism, MacDailyNews, Fortune, WebProNews, Input, Slate Articles, Associated Press Technology, iMore, Slashdot, MacDailyNews, Jumbo

Tweets:@ruskin147 @stevebellovin @agidari

Security News | Tech Times: Contact-Tracing App Care19 Caught Sharing Location Data To Foursquare Thus Violating Their Own Privacy Agreement
The Independent: Coronavirus: US contact tracing app shares private data with outside firm
Tech Insider: Researchers found North Dakota’s contact-tracing app covertly sending location and advertising data to third parties
The Mac Observer: The Care19 Contact Tracing App Gives Your Location Data to Foursquare
The Register – Security: UK’s Ministry of Defence: We’ll harvest and anonymise private COVID-19 apps’ tracing data by handing it to ‘behavioural science’ arm
Digital Journal : Q&A: India contact tracing app — 3rd party risk implications
Lifehacker: What Does a Contact Tracer Really Do?
Futurism: Gov Contact-Tracing App Sends User Data to Foursquare, Google
MacDailyNews: North and South Dakota’s COVID-19 contact tracing app sends location data to Google and Foursquare
Fortune: Tech privacy firm warns contact tracing app violates policy
WebProNews: North Dakota’s Contact Tracing App Shares Location Data With Advertisers
Input: Contact-tracing apps aren’t meant to share location data, but Care19’s does
Slate Articles: The Apple-Google Contact Tracing System Won’t Work. It Still Deserves Praise.
Associated Press Technology: Tech privacy firm warns contact tracing app violates policy
iMore: North Dakota’s contact tracing app shares location with Foursquare, Google
Slashdot: North Dakota’s COVID-19 App Has Been Sending Data To Foursquare and Google
MacDailyNews: North and South Dakota’s COVID-19 contact tracing app sends location data to Google and Foursquare
Jumbo: Jumbo Privacy Review: North Dakota’s Contact Tracing App

@ruskin147: if you think there are privacy issues with contact tracing apps prepare to be shocked by this thread on manual contact tracing
@stevebellovin: Important thread on contact tracing
@agidari: 1/ This is a longer tweet on manual contact tracing and your privacy. Many oppose using tech like bluetooth to fight COVID, arguing manual contact tracing works, it is "tried & true" and has none of the privacy concerns that tech raises. But are those claims true?


March 9, 2020
Lawrence Abrams / Bleeping Computer

Lawrence Abrams / Bleeping Computer  
City of Durham, North Carolina Shuts Down Computer Network Following Ryuk Ransomware Attack

After suffering a Ryuk ransomware attack over the weekend, the city of Durham, North Carolina, has shut down its network. To stop the spread of the malware, the City of Durham has “temporarily disabled all access into the DCI Network for the Durham Police Department, the Durham Sheriff’s Office, and their communications center.”

May 28, 2020
Andy Greenberg / Wired

Andy Greenberg / Wired  
NSA Warns That Russian State-Backed Hacker Group Sandworm Has Been Exploiting Known Flaw in Exim Mail Transfer Agent

Using its newly created blog, and its even more brand new Twitter account devoted to cybersecurity, the NSA issued an advisory that the Russian hacker group known as Sandworm, a unit of the GRU military intelligence agency, has been actively exploiting a known vulnerability in Exim, a commonly used mail transfer agent that runs on email servers around the world. Exim is an alternative to more prominent players like Exchange and Sendmail. NSA says that Sandworm has been exploiting vulnerable Exim mail servers since at least August of 2019, using the hacked servers as an initial infection point on target systems and likely pivoting to other parts of the victim’s network. The vulnerability used by Sandworm allows an attacker to merely send a malicious email to the server and immediately gain the ability to run code on the server remotely. In its intrusions, the NSA warns. The spy agency recommends that administrators patch their Exim software immediately, comb their traffic logs for signs of exploitation, and segment their networks to make it harder for intruders to exploit their initial compromise of a mail server.

Related: Cyberscoop, ZDNet, NSA, Washington Examiner, SiliconANGLE, iTnews – Security, Security Affairs, Bleeping Computer, CBSNews.com, RT USA, Dark Reading: Attacks/Breaches, Law & Disorder – Ars Technica, Japan Today, Associated Press Technology, TribLIVE, Washington Examiner, FCW, Jerusalem Post, Task & Purpose, Reuters: U.S., Security – Computing, Infosecurity Magazine, HOTforSecurity, Help Net Security, The State of Security, Computer Business Review, The Register

Tweets:@NSACyber @a_greenberg @campuscodi @shanvav @Adam_K_Levin @Bing_Chris @bleepincomputer @bleepincomputer @bleepincomputer

Cyberscoop: NSA calls out Russian military hackers targeting mail relay software
ZDNet: NSA warns of new Sandworm attacks on email servers
NSA: Exim Mail Transfer Agent Actively Exploited by Russian GRU Cyber Actors
Washington Examiner: NSA accuses Russian military hackers of targeting US systems
SiliconANGLE: NSA warns Russian hacking group is targeting unpatched email servers
iTnews – Security: NSA warns ‘Sandworm’ hackers targeting email servers
Security Affairs: NSA warns Russia-linked APT group is exploiting Exim flaw since 2019
Bleeping Computer: NSA: Russian govt hackers exploiting critical Exim flaw since 2019
CBSNews.com: NSA warns of new “Sandworm” cyberattacks by Russia-backed hackers
RT USA: NSA urges email providers to update software warning that ‘Russian military hackers’ already gained ‘dream access’ to them
Dark Reading: Attacks/Breaches: NSA Warns Russia’s ‘Sandworm’ Group Is Targeting Email Servers
Law & Disorder – Ars Technica: Russian hackers are exploiting bug that gives control of US servers
Japan Today: NSA: Russian agents have been hacking major email program
Associated Press Technology: NSA: Russian agents have been hacking major email program
TribLIVE: NSA: Russian agents have been hacking major email program
Washington Examiner: NSA accuses Russian military hackers of targeting US systems
FCW: NSA warns Russian hackers exploited email flaw
Jerusalem Post: NSA warns of ongoing Russian hacking campaign against US systems
Task & Purpose: NSA warns of ongoing Russian hacking campaign against US systems
Reuters: U.S.: NSA warns of ongoing Russian hacking campaign against U.S. systems
Security – Computing: Hackers linked with Russian military intelligence are exploiting Exim mail transfer agent bug to target US organisations, NSA warns
CyberSecurity Help s.r.o.: Sandworm hacking group exploiting Exim flaw since at least 2019
Infosecurity Magazine: NSA: Russian Military Sandworm Group is Hacking Email Servers
HOTforSecurity: Russian ’Sandworm‘ Hackers Attacking Exim Email Servers, Says NSA
Help Net Security: NSA warns about Sandworm APT exploiting Exim flaw
The State of Security: Sandworm Team Exploiting Vulnerability in Exim Mail Transfer Agent
Computer Business Review: Exim Vulnerability: GRU Widely Exploited Critical 2019 Bug, Warns NSA
The Register: It’s not every day the NSA publicly warns of attacks by Kremlin hackers – so take this critical Exim flaw seriously

@NSACyber: Sandworm Team, Russian GRU Main Center for Special Technologies actors, continue to exploit Exim mail transfer agent #vulnerability, CVE-2019-10149. Patch to the latest version to protect your networks. Learn more here: https://nsa.gov/News-Features/
@a_greenberg: NSA warns Russia's Sandworm hackers have been exploiting Exim mail servers using a bug from last June. Not exactly surprising, but given the source and Sandworm's history—from NotPetya to the attacks on US State Boards of Election in 2016—worth watching.
@campuscodi: BREAKING: NSA warns of new Sandworm APT attacks on email servers - attacks target Exim email server - they exploit CVE-2019-10149 (Return of the WIZard) - attacks have been happening since August 2019 - Sandworm plants backdoors, creates new admin user https://zdnet.com/article/nsa-wa
@shanvav: BREAKING: NSA calls out Russian military hackers targeting mail relay software https://hubs.ly/H0qVX_P0 by @shanvav
@Adam_K_Levin: A Russian hacking group tied to power-grid attacks in Ukraine, and other nefarious Kremlin operations is exploiting a vulnerability that allows it to take control of computers operated by the US government and its partners.
@Bing_Chris: NSA warns of ongoing Russian hacking campaign against U.S. systems
@bleepincomputer: The @NSACyber attributes the attacks to Sandworm Team, a.k.a: * BlackEnergy Group * ELECTRUM * Hades/OlympicDestroyer * Voodoo Bear
@bleepincomputer: The earliest attacks were tracked to August 2019, less than a month after Exim was patched for CVE-2019-10149 The flaw allows execution of arbitrary commands with root privileges on Exim mail servers.
@bleepincomputer: Attackers can exploit this vulnerability remotely on servers where "verify = recipient" ACL is removed by sending an email