The US says North Korea behind malware attacks
North Korea has been spying on US public infrastructure, aerospace, financial and media companies for nine years using a malware. This was revealed by FBI and DHS who said that North Korea used two pieces of malware to target the key US cyber assets. While this news is important for all US companies, it is surprising that the authorities took nine long years to discover the North Korean malware. Read more about North Korean malware on AP News.
This is also a critically important reminder that you should take steps to keep all malware, including that from nation states from getting into your systems at home and work. It is a challenge, but there are many low cost configuration steps you can take to do just that. Find our list at the Crucial Point Cybersecurity Best Practices Page.
Facebook Is Giving Scientists Its Data to Fight Misinformation
Facebook faced considerable umbrage from a wide spectrum of politicians and the public for their advertising practices and policies and procedures (or lack there of) during the 2016 US Presidential election. Facebook seems to have learned a vital lesson after the Cambridge Analytica data breach scandal became public and has claimed to have found at least a partial answer to mitigating risks that their platform will be used in election manipulation. Facebook said that it will give researchers encrypted laptops to access Facebook’s data and publish findings without pre-approval to prevent abuse during elections. Source: Wired. Also see: The Ethics Of AI and Big Data: Facebook and Cambridge Analytica Are Writing New Case Studies For Us All
SEC Obtains Emergency Order Halting Fraudulent Coin Offering Scheme
With the proliferation of initial coin offerings or ICOs as they are called, it was about time that regulators took notice. ICOs are offerings for new cryptocurrencies and are an open invitation to scamming and fraud. One such ICO offering company, Titanium was found to committed grave financial irregularities according to the US Securities and Exchange Commission. It has now charged the second person with fraud in the Titanium ICO case, alleging man behind Titanium lied about ties with Disney, Paypal, and others to raise millions of dollars from gullible users. Read the press release issued by authorities on the SEC Website.
Hacker Steals $1.35 Million From Cryptocurrency Trading App Taylor
Another reason to stay away from these so-called ICOs. Creators of cryptocurrency trading app Taylor, which recently completed an ICO, claim a hacker stole around $1.35M of Ether from company funds. The hack allegedly took place on Tuesday, last week, on May 22. The Taylor team says the hacker somehow “got access to one of our devices and took control of one of our 1Password files.” Read more about why you should stay away from ICOs on Bleeping Computer.
Hacker gets 5 years for Russian-linked Yahoo security breach
Here is a victory for the cyber defenders: Karim Baratov found this the hard way. A US federal judge sentence Toronto based Baratov to five years in prison and fined him $250K for using data stolen during the massive Yahoo data breach. The Judge held prosecutions charge that Baratov to hack into private email accounts using the stolen Yahoo data breach credentials. Read more on Associated Press.