At a glance.
- US Ninth Circuit finds bulk phone metadata collection violated FISA.
- Blackbaud ransomware incident affects more organizations.
- Evilnum has a new data-stealing RAT.
Ninth Circuit finds warrantless phone surveillance illegal.
Reuters reports that the US Court of Appeals for the Ninth Circuit yesterday ruled that warrantless surveillance of US citizens' telephone calls, the practice exposed by Edward Snowden's 2013 leaks, was in fact illegal. The Court held that the collection violated the Foreign Intelligence Surveillance Act and may have violated the Fourth Amendment to the US Constitution. TechCrunch cites various privacy advocates who view the case as a victory against mass surveillance of telephone traffic.
The case reviewed involved the conviction of four people for sending (or conspiring to send) money to Somalia in support of a terrorist group. The panel didn't overturn the convictions, but the opinion didn't affirm the Government's collection practices. Among the evidence the Government used in its investigation were NSA-obtained metadata, obtained through bulk collection. The opinion reads in part:
"The panel held that the government may have violated the Fourth Amendment when it collected the telephony metadata of millions of Americans, including at least one of the defendants, pursuant to the Foreign Intelligence Surveillance Act (FISA), but that suppression is not warranted on the facts of this case. Having carefully reviewed the classified FISA applications and all related classified information, the panel was convinced that under established Fourth Amendment standards, the metadata collection, even if unconstitutional, did not taint the evidence introduced by the government at trial. The panel wrote that to the extent the public statements of government officials created a contrary impression, that impression is inconsistent with the contents of the classified record....
"Also problematic is the extremely large number of people from whom the NSA collected telephony metadata, enabling the data to be aggregated and analyzed in bulk."
More not-for-profits disclose the effects of the Blackbaud ransomware incident.
Several more not-for-profits have disclosed that they were affected by the Blackbaud ransomware attack. WOOD News reports that data from the Michigan-based Spectrum Health Foundation's Grateful Giving program had been exposed. The Buffalo News reports that Catholic Health facilities in Western New York had been affected. And the Art Newspaper says that both the Smithsonian Institution and the Parrish Art Museum disclosed that data about donors had potentially been exposed in the incident. At this point it would appear prudent to assume that any organization that used Blackbaud's donor-relations platform has a data privacy and security problem.
Evilnum gang has a new Trojan.
Cybereason researchers have found that the Evilnum gang, which has been active mostly against financial sector targets in the UK and the EU, has deployed a new remote access Trojan, "PyVil RAT." The group's spearphishing campaigns abuse Know Your Customer (KYC) policies and use malicious KYC documents as phishbait. Cybereason says that Evilnum steals "passwords, documents, browser cookies, [and] email credentials."