— The cybersecurity community during the COVID-19 emergency
Google highlights Indian 'hack-for-hire' companies in new TAG report (ZDNet) Google also discloses seven coordinated political influence campaigns that took place on its platforms during Q1 2020.
International Plea for Governments to Protect Healthcare from Cyber-Attacks (Infosecurity Magazine) Cyber Peace Institute’s call for the defense of healthcare providers garners international support
Yes, Blame WHO for Its Disastrous Coronavirus Response (Foreign Policy) A step-by-step reconstruction of events reveals a long series of mistakes and missteps.
As debate over contact tracing continues, CSE warns of foreign surveillance technology (CBC) Some foreign governments are likely looking to deploy foreign surveillance technologies in Canada by promising to help fight the spread of the novel coronavirus, warns a new threat bulletin from Canada's cyber spies.
Personal information collected by NHS Test and Trace to be kept for 20 years (Computing) And there is 'no absolute right' for people to delete their personal data after the pandemic has passed
French Privacy Watchdog Okays Coronavirus Tracing App (SecurityWeek) France's privacy watchdog gave the green light Tuesday to a government-backed cellphone app that will alert users if they have been in contact with an infected person.
Cyber defence agency found over 1,500 ‘malicious’ fake Canadian government COVID-19 websites (National Post) Canadians are increasingly at risk of being scammed, defrauded, spied upon or exploited as a technological vulnerability by cyber criminals
Google finds hack-for-hire firms posing as World Health Organization via email (CyberScoop) Hack-for-hire firms in India are impersonating the World Health Organization in spearphishing emails, according to Google’s Threat Analysis Group research.
How Hackers Are Impersonating Google And Microsoft To Catch Out Remote Workers (Forbes) Google file sharing and storage websites such as storage.googleapis.com, docs.google.com, storage.cloud.google.com and drive.google.com were used in 65,000 attacks on remote workers. Hackers have also used Microsoft links to do the same.
Google most popular brand to impersonate in phishing campaigns - report (Security Brief) A new report from Barracuda released today shows 100,000 attacks impersonating reputable brands, with 65% of this figure using Google as a masquerade.
Google launches website to help people avoid online scams (CNET) Scammers have exploited the coronavirus pandemic with "alarming speed," the search giant says.
Consumers more cautious about covid-19 frauds, but it might not be enough (Livemint) A McAfee report showed that thousands of covid-19-themed spam emails and websites had been discovered, which were scamming victims seeking to purchase medical supplies.
Majority of COVID phishing attacks coming from US IP addresses, report finds (TechRepublic) An anti-phishing firm discovered that most of the malicious coronavirus emails were coming from the United States.
FTC COVID-19 Complaints (US Federal Trade Commission) [A summary of complaints, January 1, 2020 - May 21, 2020]
()
FBI investigating 'Zoom bombings' involving child sexual abuse (TheHill) The FBI announced Wednesday that it is seeking information on victims of so-called “Zoom bombings” that contain videos of child sexual abuse, calling such instances a “violent crime.”
UIA warns of impostor unemployment claim scams (WKZO) “There is a rise in unlawful unemployment claims across the nation and unfortunately criminals are taking advantage of this global pandemic," UIA Director Steve Gray said.
Cybersecurity: how to keep your supply chain safe in a crisis (Raconteur) As COVID-19 continues to disrupt supply chains, cyber criminals are on the prowl for vulnerable third parties as a way of gaining access.
He Has A Job And Never Applied For Unemployment. Why Does He Have A Benefit Check In His Mailbox? (WBUR) Thieves may be using personal information gleaned from pre-pandemic data breaches to file fraudulent unemployment claims around the world.
Zoom Makes The Update To The Latest Version Mandatory (Android Headlines) Zoom is making it mandatory for all users to update the app to the latest version if they want to continue using the service.
Bank of America suffers data breach in Paycheck Protection Program application process (Computing) Other lenders and partners were able to view private data of business loan applicants
Cybersecurity CMO Survey: COVID-19 Impact on Security Marketing Strategy (InkHouse) Cybersecurity CMO Survey: COVID-19 Impact on Security Marketing Strategy
Cloud security: 'Suspicious superhumans' behind rise in attacks on online services (ZDNet) As more people work remotely, hackers are trying to gain access to cloud-based services.
New Research Indicates 84% of Businesses Will Likely Increase Work-from-home Capacity Beyond Pandemic Despite Security Concerns (Bloomberg) IT decision makers to expand work-from-home initiatives as two-thirds prepare for increased malware, phishing, and unauthorised user and device access exposures
5 principles for effective cybersecurity leadership in a post-COVID world (World Economic Forum) As more people work from home due to COVID-19, cybersecurity operations are facing tremendous challenges. These five principles can help Chief Information Security Officers (CISOs) and cybersecurity leaders ensure effective business continuity in the "new normal."
Securing the surge in remote work for government (StateScoop) Duo Security co-founder and cybersecurity expert Dug Song on how state and local agencies can address security challenges in a working-from-home world.
DeskFlix: Mimecast exec on how to stay protected while remote working (CRN) Partner technical specialist Ernesto Broersma on the threats that have increased since lockdown started
COVID-19 Resource Center Sign Up (RiskIQ) The COVID-19 pandemic changed the way we live and work overnight. Staff and business operations moved outside the purview of network cybersecurity systems, and threat actors immediately got to work exploiting this visibility gap while tapping into the global anxiety around the virus.
Sapience Vue Supports Post-COVID-19 Workplace Productivity and Engagement Without Compromising Employee Privacy (Sapience) Next-generation advanced business analytics platform powered by business intelligence and machine learning provides transparency around employee effort, processes, and technology PLANO, Texas – May 27, […]
Allied Universal's HELIAUS(R) Health Screening Application Helps Keep Facilities Secure During COVID-19 Pandemic (AccessWire) Allied Universal®, a leading security and facility services company in North America, announces that their advanced artificial intelligence platform, HELIAUS®, is helping to keep facilities secure during the COVID-19 pandemic. HELIAUS® is an advanced artificial intelligence platform designed to improve safety and reduce risk by enhancing on-site guarding services.
Cyber Attacks, Threats, and Vulnerabilities
Israel thwarted attack on water systems: cyber chief (Deutsche Welle) Israel's cyber chief has said the country prevented a major cyber attack on its water systems last month. He said it was the first attempt to use cyber technology to disrupt real life.
Microsoft warns about attacks with the PonyFinal ransomware (ZDNet) PonyFinal infections have been reported in India, Iran, and the US.
PonyFinal deployed in human-operated ransomware attacks (SC Media) Microsoft told organizations Wednesday to focus less on the payload of Java-based ransomware PonyFinal and instead key “more on how it’s delivered” via
()
Google Just Gave Millions Of Users A Reason To Quit Chrome (Forbes) Google engineers have revealed the Chrome browser has core weaknesses that will be difficult to fix...
Watch Your Step: The Prevalence of IDN Homograph Attacks (Akamai) The internationalized domain name (IDN) homograph attack is used to form domain names that visually resemble legitimate domain names, albeit, using a different set of characters [1]. For example, the IDN
USB ports on Windows, macOS and Linux hide 26 vulnerabilities (Explica) The research has been carried out by Hui Peng of Purdue University; and Mathias Payer of the Swiss Federal Institute of Technology in Lausanne. The...
()
Email scam aims to drop Dridex on machines by impersonating FedEx, UPS (CyberScoop) Hackers are sending spoofed emails that appear to be from FedEx, UPS and DHL that are meant to infect victims’ computers with Dridex.
Computer science student discovers privacy flaws in security and doorbell cameras (Help Net Security) Manufacturers of internet-connected doorbell and security cameras have been alerted to systemic privacy flaws discovered by Florida Tech student.
DoubleGun Group Builds Massive Botnet Using Cloud Services (Threatpost) The latest campaign spread malware via pirate gaming portals.
Chinese Researchers Disrupt Malware Attack That Infected Thousands of PCs (The Hacker News) Chinese Baidu and Qihoo 360 Researchers Disrupt Double Gun Botnet Malware Attack That Infected Thousands of PCs
Valak Malware Grew to Become More Than Just a Loader (TechNadu) The developers behind Valak have published thirty versions in the last six months, turning the loader into a sophisticated malware.
()
Truecaller denies breach after data of 4.75 crore Indians appear on dark web (Livemint) While it is unclear who leaked the data on the dark web, the person goes by the user handle TooGod.While Truecaller claims that there has been no breach of its system, the leak could still be a problem for the company
Check Point Unmasks Hacktivist Who Defaced Nearly 5000 Sites (Infosecurity Magazine) Check Point Unmasks Hacktivist Who Defaced Nearly 5000 Sites. Brazilian police notified about prolific Uberlandian
Canada Post silent on possible financial cyber attacks (Squamish Chief) Cybercriminals continue to target Canadians – recently with the sending of phishing emails pretending to be Canada Post but actually trying to steal users’ financial information, California-based . . .
Columbus Mayor confirms ransomware attack on city government yesterday (WRBL) The Columbus Consolidated Government confirmed today that a ransomware attack targeting the city occurred on May 26. “The City of Columbus computer system was hit…
Michigan State University hit by ransomware gang (ZDNet) The operators of the NetWalker ransomware gang have given MSU officials seven days to pay the ransom or they will leak stolen university files.
Fargo Police warn college students of phishing scams (KVRR Local News) Scams targeting college students are making the rounds. Fargo Police say students should be on the lookout for emails claiming to be from their University’s “Financial Department.” The emails encourage students to click a link to receive a message regarding the COVID-19 stimulus checks. By clicking the link and logging in, scammers may be able to access user names,...
#PLDTHacked: Hackers take over Twitter account, call for faster internet (Coconuts Manila) Hackers allegedly from the international group Anonymous took over telecom giant PLDT's Twitter account today to demand something we all need during quarantine: faster internet The hackers posted a Guy Fawkes mask a few hours ago and tweeted this...
Security Patches, Mitigations, and Software Updates
German govt urges iOS users to patch critical Mail app flaws (BleepingComputer) Germany's federal cybersecurity agency today urged iOS users to immediately install the iOS and iPadOS security updates released by Apple on May 20 to patch two actively exploited zero-click security vulnerabilities impacting the default email app.
Apple Patches Over 40 Vulnerabilities in macOS Catalina (SecurityWeek) Apple this week released security updates to address over 50 vulnerabilities impacting macOS and Safari
()
Realme 5i starts getting May 2020 Security patch update (GoAndroid) Realme 5i starts getting May 2020 Security patch update. The update is rolling out in a phase manner, Which means that a set of random...
Microsoft bans Trend Micro driver for 'cheating' hardware test (dtNext.in) A Microsoft cybersecurity team has blocked a free Trend Micro anti-virus tool from running on Windows 10 that appeared to alter its operation and allegedly cheat through the stringent certification test for drivers.
Cyber Trends
Digital Guardian Announces Inaugural DG Data Trends Report Which Highlights the Increased Risk of Data Loss Due to Coronavirus-Induced Remote Work (Digital Guardian) Digital Guardian today announced it has released a new research report, The DG Data Trends Report, which assesses the risk of sensitive data loss during the COVID-19 crisis.
C-suite execs often pressure IT teams to make security exceptions for them (Help Net Security) Despite being highly targeted by malicious cyberattacks, the C-suite is the most likely group to ask the security team to make security exceptions.
Ransomware Demands Soared 950% in 2019 (Infosecurity Magazine) Ransomware Demands Soared 950% in 2019. Group-IB said attacks also spiked 40% after quiet 2018
Modern Bank Heists 3.0: 'A Hostage Situation' (GovInfo Security) Ransomware, wire transfer fraud, destructive attacks: In recent months, the financial sector has seen these and other online attacks surge by 238%, as criminals
Marketplace
Gatsby Raises $28M in Series B Funding to Become the Way the Web is Built (Odessa American) Gatsby, the modern way to build the web, is announcing a $28 million Series B round of funding led by Index Ventures with repeat investments from CRV and Trinity Ventures.
Tugboat Logic Secures Funding to Expand its Security Assurance as a Service Platform (WFMZ) Series A Round of $8M Led by Inovia Capital Fuels Product- and Partner-Led Growth
Apple Buys Machine-Learning Startup to Improve Data Used in Siri (Bloomberg) Inductiv engineering team joined iPhone maker in recent weeks. Apple has acquired over a dozen AI-related companies for Siri.
Austin AI firm SparkCognition creates subsidiary focused on defense sector (Statesman) Austin-based artificial intelligence company SparkCognition is launching a subsidiary company, SparkCognition Government Systems, that will focus on government and national defense products.
Synack's $52 Million Investment Fuels Future of Remote Security Testing from World's Elite Hackers (BusinessWire) Synack raised $52 million to transform security testing through its crowdsourced platform powered by the world’s most skilled ethical hackers.
Bug bounty startup Synack valued at $500 million to boost 'white hat' hacking from home (Fortune) As more people work from home, bug bounty programs are finding favor with investors and hackers alike.
HackerOne Bounties Hit $100M Milestone (Dark Reading) The bug-hunting platform has now paid more than $100 million in bounties since October 2013.
Keeper Security hits 1M paying customers (ChicagoInno) Chicago-based password management company Keeper Security hit a major milestone Tuesday: one million paying customers.
How Checkmarx was acquired for $1.15 billion during COVID-19 - watch (The Jerusalem Post) Checkmarx's CEO speaks with tech blogger Hillel Fuld about the company's $1.15 billion acquisition in a live event organized by Startup Grind.
Hacking Team Founder: ‘Hacking Team is Dead’ (Vice) The company's former CEO posted a bizarre obituary on LinkedIn saying the infamous surveillance firm is "definitely dead."
Top 25 Cyber Execs to Watch in 2020: DHS' Garth White (WashingtonExec) As the chief information security officer for the Science and Technology Directorate at Department of Homeland Security, Garth White is responsible for
“Father of SSL” and Public-Key Cryptography Co-Inventor Headline Beyond Identity’s Technical Advisory Board | Beyond Identity (Beyond Identity) CISOs of Koch Industries and Aflac Round Out All-Star Team of Advisers for Passwordless Identity Management Pioneer
Quarles & Brady Broadens Data Privacy & Security Practice with Three New Attorneys (Quarles & Brady LLP) The national law firm of Quarles & Brady LLP today announced the expansion of its Data Privacy & Security practice with the addition of three new attorneys.
CyVolve Adds Ex CISCO SVP to Board of Directors (INSIDENOVA.COM) Innovative data security provider, CyVolve, has further strengthened its Board of Directors with a new, key, appointment. John N. Stewart, the former SVP
Coustillière follows first generation cyberspies into private sector (Intelligence Online) Squadron Vice-Admiral Arnaud Coustillière, the head of the French armed forces ministry's digital, information and commmunication department, the DGNUM
Tim Adams joins BitSight as CFO, Jay Roxe as CMO (Help Net Security) BitSight, the Standard in Security Ratings, has appointed Tim Adams to Chief Financial Officer (CFO) and Jay Roxe to Chief Marketing Officer (CMO).
Products, Services, and Solutions
Opengear Adds NetOps to Out-of-Band Management, With Launch of Operations Manager Appliances (PR Newswire) Opengear, a Digi International company (NASDAQ: DGII), and a leading provider of solutions that deliver secure, resilient network access and...
Choosing 2FA authenticator apps can be hard. Ars did it so you don’t have to (Ars Technica) Losing your 2FA codes can be bad. Having backups stolen can be worse. What to do?
Radware Helps HT Media Protect Its News and Photographic Archives From DDoS Attacks (GlobeNewswire) Radware® (NASDAQ: RDWR), a leading provider of cyber security and application delivery solutions, today announced that HT Media selected Radware’s Attack Mitigation Solution to protect the data centers that house its archive of news and photographs, and added Cloud DDoS protection to its on premise DDoS protection.
Kenna Security Unveils New, Free Tool for Custom Benchmarking of Vulnerability Management Programs (GlobeNewswire) Kenna Security, the enterprise leader in risk-based vulnerability management, today released the Prioritization to Prediction Benchmark Survey, a free new tool that enables companies to compare their vulnerability management programs to an industry average.
BlackBerry Previews Unified Partner Program with Cylance (Channel Futures) BlackBerry announces a new merged, unified partner program to be in place by September. The vendor has already started migrating top-tier resellers to it.
Okera Launches No-Code Policy Creation for Fine-Grained Access Control with De-Identification (PR Newswire) Okera today introduced no-code, fine-grained access control (FGAC) policy creation with de-identification to its secure data access platform....
Veristor and Respond Software Partner to Speed the Time to Diagnose Security Incidents with Automated Cybersecurity Monitoring (Veristor) Partnership Simplifies Endpoint Analysis While Increasing the Value of Endpoint Detection and Response (EDR) Data ATLANTA and MOUNTAIN VIEW, Calif. – May 28, 2020 – Veristor Systems, Inc., a leading p
Exabeam Unveils Enhanced Partner Program for MSSPs and MDR Providers (Exabeam) SIEM leader will offer new dedicated resources for key segments of partner ecosystem
Technologies, Techniques, and Standards
Disruptionware III: Protect Your Business from a Disruptionware Cyber Attack (The National Law Review) In the first blog n this series, we defined "Disruptionware" and showed how it was growing as a threat to many types of industries throughout the country and the world.
Maryland gets cyber assist from National Guard during pandemic (GCN) Maryland Governor Larry Hogan called in the National Guard to help the state not just with its pandemic response but also with cybersecurity assessments.
Design and Innovation
The State of Data Loss Prevention 2020 (Tessian) Tessian’s research report explores the challenges around data loss prevention (DLP) on email. Learn why current solutions are failing and what’s next.
()
Research and Development
DARPA Looks to Automate Security for IC Design (EE times) The latest in a series of Pentagon semiconductor initiatives seeks to embed security features into chip designs that would allow silicon architects to probe economics-versus-security tradeoffs while baking in security throughout device lifecycles.
Academia
Australian University Launches Blockchain Postgraduate Program With IBM (Cointelegraph) Australian research university RMIT announced two postgraduate programs in cybersecurity and blockchain
The University of Tulsa now enrolling online MBA and M.S. in Cyber Security students for fall 2020 (The Purcell Register ) The University of Tulsa (TU), Oklahoma's highest-ranked national university, is now enrolling for its recently launched online MBA and elevating its online Master's
UVA engineering students win national cyber defense championship (NBC29) University of Virginia engineering students are proving they will be among the best cybersecurity professionals.
Top 10 high school cybersecurity teams from across Canada progress to ICTC’s Cybersecurity National Finals this June 8 (IT Business) Ten 10 high school cybersecurity teams from BC to New Brunswick will clash in an online cybersecurity battle on June 8th, 2020.
Legislation, Policy, and Regulation
Canada to lead global effort to counter election interference (TheHill) The government of Canada, alongside Microsoft and the Alliance for Securing Democracy, will lead a global effort to counter the use of cyberattacks and disinformation campaigns to disrupt elections, officials announ
AP EXPLAINS: Why China is pushing Hong Kong security law (Federal News Network) China is taking matters into its own hands after last year’s tumultuous anti-government protests in Hong Kong that often descended into tear gas-filled clashes…
()
U.S. Officially Declares That Hong Kong Is No Longer Autonomous (Wall Street Journal) The State Department has officially determined that Hong Kong is no longer autonomous from China, Secretary of State Mike Pompeo said in a statement that holds implications for the future of economic ties and could lead to sanctions against China.
How the U.S. Could Really Hurt China (Wall Street Journal) Scrapping the privileges the U.S. affords Hong Kong would downgrade the city’s economic role, but a broader basket of financial sanctions could be even more painful for China.
‘We must use fighting to promote stability’, Chinese defence minister says (South China Morning Post) US has intensified its ‘suppression and containment’ of China since start of Covid-19 pandemic, top defence official and PLA general Wei Fenghe says.
Huawei hits out at fresh UK network probe (ComputerWeekly) UK cyber security agency confirms it will conduct a new investigation into the security-worthiness of Huawei’s 5G technology.
Ditching Huawei would make 2025 broadband pledge 'impossible', ministers say (Computing) Media reports suggested last week that Downing Street was preparing the ground for an outright ban on Huawei
Huawei: US using technological strengths to ‘crush’ companies outside its own borders (ComputerWeekly) Chinese tech giant hits back at White House decision to extend technology ban and says it will ultimately be self-harming.
Australia is painting a big red cyber target on its critical infrastructure (ComputerWeekly) Australian’s critical infrastructure is particularly vulnerable right now to cyber attacks due to years of under investment in cyber security and aging legacy systems
Bern Up Cyber Defenses (Finews) Switzerland is ramping up its cyberdefenses, including by hiring new specialists. The move represents a massive expansion of preventive measures in the last 18 months.
Trump Threatens to Shut Social Media Companies After Twitter Fact Check (Bloomberg) Attack comes after Twitter fact-checked, labeled Trump tweet Tech companies have faced criticism from conservatives of bais.
Trump Draft Order Could Seek to Limit Protections for Social-Media Companies (Wall Street Journal) The draft executive order would make it easier for federal regulators to hold companies such as Twitter and Facebook liable for curbing users’ speech, for example by suspending their accounts or deleting their posts.
Trump to sign executive order on social media amid Twitter furor (POLITICO) “Big Tech is doing everything in their very considerable power to CENSOR in advance of the 2020 Election,” Trump tweeted late Wednesday.
Trump order to enable punishment for social media (Seeking Alpha) President Trump's planned executive order for tomorrow could open the door for federal officials to punish social media companies for the way they moderate content, The Washington Post reports. Accor
Analysis | The Cybersecurity 202: Twitter’s action gives Trump a new enemy in the mail voting fight (Washington Post) The president and his allies are calling for bold action against the social media giant.
Twitter's New 'Fact-Checking' Label Has Dangerous Implications, Experts Say (Epoch Times) Twitter, in a first for the social media platform, has added a fact-checking label to posts by President Donald ...
Nick Clegg says Facebook is not in the business of vetting what politicians say (The Telegraph) Sir Nick says it is not up to private tech companies to fact-check politicians, a day after Twitter adds label to Donald Trump's tweet
House effort to pass surveillance overhaul collapses after Trump tweets and pushback from DOJ (Washington Post) House Democratic leaders decided to abandon a scheduled vote after the president threatened to veto the measure.
US Lawmakers Push for Internet Privacy Amendments to USA Freedom Act (SecurityWeek) US lawmakers this week will vote on an amendment to the surveillance bill known as the USA FREEDOM Reauthorization Act that would limit law enforcement access to people’s search and browsing histories
USA: The EARN IT Act - Analysis and Critique (Boxcryptor) Why is the EARN IT Act a threat to end-to-end encryption? In our security blog we explain the strategy of the 4 senators and look at the implications.
With new standards, the time to prepare is now (Fifth Domain) While it remains unclear what the full impact of COVID-19 will be on the CMMC process, defense contractors have no time to waste in preparing for this new certification.
WSJ News Exclusive | U.S. Seizure of Chinese-Built Transformer Raises Specter of Closer Scrutiny (Wall Street Journal) Federal authorities last summer diverted a giant transformer built by Jiangsu Huapeng Transformer Company to a U.S. lab, a move experts said could herald tighter scrutiny of foreign-made gear over security concerns.
Control system device insecurity is addressed by the Presidential Executive Order but is being ignored at your own peril (Control Global) You can’t secure control systems and the critical infrastructures without having the right people and processes in place.
Lawmakers Urge More Federal Funding for State Cybersecurity (Wall Street Journal) Lawmakers sent a bipartisan letter last week to House and Senate leaders urging federal funds for technology improvements in state and local governments.
Does the Justice Department Need a Dedicated Compliance Expert? (Wall Street Journal) The Justice Department in recent years has issued a series of policies designed to incentivize companies to invest in programs that ensure employees don’t violate the law. Few have been as central to those efforts as Andrew Weissmann, who was chief of the department’s criminal fraud section from 2015 to 2017.
New Cyber Office Will Unify NAVSEA's Digital Efforts (USNI News) Vice Adm. Tom Moore has listed “cyber” as a top priority for Naval Sea Systems Command (NAVSEA) since assuming command four years ago, but despite the emphasis, the organization hadn’t found a way to define and pursue cyber and digital issues in any kind of unified way. Even after nudging from former Chief of Naval …
Litigation, Investigation, and Law Enforcement
Canada court finds against Huawei CFO Meng Wanzhou on double criminality; extradition trial to continue (TechCrunch) In a closely watched decision today, the Supreme Court of British Columbia published a key decision in the extradition case of Meng Wanzhou, the CFO of Huawei Technologies, China’s largest telecommunications company and a frequent target of U.S. policymakers. In its ruling, the court said that the …
Canadian judge OKs extradition proceedings for Huawei CFO (CyberScoop) A Canadian Supreme Court judge has ruled that extradition proceedings should continue for an executive of Chinese telecommunications giant Huawei.
ICE used ‘stingray’ cell phone snooping tech hundreds of times since 2017 (TechCrunch) Exclusive: New documents shed light on ICE's recent use of the controversial snooping technology.
NYC Hacker Charged Over $94 Million Bitcoin-for-Cards Scheme (Cointelegraph) Vitalii Antonenko is facing up to 20 years in jail for selling sensitive data after the prosecution traced his Bitcoin wallet
Stupid Facebook Mistake Finally Catches Malicious Hacker With 1 Million Stolen Identities (Forbes) After a hacking spree that targeted 5,000 websites, this UGNazi super-hacker was finally exposed. Here's how it happened.
Whistleblowers say Facebook has not warned investors about illegal activity, in new SEC complaint (Washington Post) The whistleblower’s complaint claims the social media giant is aware of illegal activity on its platform, such as the sale of opioids, and has failed to properly police it.
Facebook Wants Full 9th Circ. To Reconsider Wiretap Ruling (Law360) Facebook on Tuesday urged the full Ninth Circuit to reconsider a panel's ruling last month that users could move forward with several wiretap and privacy claims, arguing that the panel's finding "conflicts with precedent and fundamentally changes the definition of 'wiretapping.'"
Arizona sues Google over allegations it illegally tracked Android smartphone users’ locations (Washington Post) Arizona Attorney General Mark Brnovich sued Google on Wednesday, alleging the tech giant violated its users’ privacy by collecting information about their whereabouts even if they thought they had turned off such digital tracking.
Capital One Ordered To Release Report Of Massive Data Heist (Law360) Capital One Financial Corp. has been ordered to disclose a cybersecurity firm's forensic analysis of its massive 2019 data breach, after a Virginia federal court that is hearing consumer litigation stemming from the breach rejected an argument that the report is protected by attorney-client privilege.
Bose Shakes Wiretap Claims In Headphone Data Privacy Row (Law360) An Illinois federal judge on Wednesday permanently axed wiretapping claims from a proposed class action accusing Bose Corp. of secretly collecting and sharing Bluetooth headphone users' listening histories, finding that the plaintiff's "slightly modified allegations" about Bose "redirecting" music track information to a data miner weren't enough to save the claims.
Maine AG Defends Constitutionality Of Internet Privacy Law (Law360) Maine's attorney general, fighting internet service providers' bid to overturn the state's new online privacy law on First Amendment grounds, told a federal court Wednesday the law passes constitutional muster and that it would be "premature" to grant the ISPs' request for judgment on the pleadings.
New FBI document confirms the Trump campaign was investigated without justification (TheHill) The document created by Peter Strzok clearly establishes that 'Crossfire Hurricane' was an illicit, made-up investigation.