New: US Immigration and Customs Enforcement to gain access to controversial Israeli spyware designed to hack phones & read private messages after Trump administration jettisons Biden-era order: www.bloomberg.com/news/article...
In 2012, yes! Microsoft accused a company called Hangzhou DPtech Technologies of leaking a Windows vulnerability and booted it out of MAPP
New: Microsoft curbs Chinese companiesβ access to info on cybersecurity vulnerabilities after investigating whether a leak led to a global hacking campaign that exploited flaws in its SharePoint software: www.bloomberg.com/news/article...
Microsoft said in a statement it would "review this incident, find areas to improve, and apply those improvements broadly." Full story: www.bloomberg.com/news/article...
Victims of the SharePoint attacks, which were first detected on July 7, now total more than 400 government agencies and corporations worldwide, including the US's National Nuclear Security Administration, the division responsible for designing and maintaining the country's nuclear weapons.
Some of the Chinese companies that are involved in MAPP are also members of a Chinese government vulnerability reporting program, the China National Vulnerability Database, which is operated by the countryβs Ministry of State Security.
Microsoft has attributed SharePoint breaches to state-sponsored hackers from China, and at least a dozen Chinese companies participate in the alert sharing initiative, called the Microsoft Active Protections Program, or MAPP.
New: Microsoft is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to exploit flaws in SharePoint before they were patched, enabling a global campaign of cyberattacks, according to people familiar: www.bloomberg.com/news/article...
A whistleblower shared 1 million two-factor authentication codes that had been sent to people by SMS from the world's largest tech companies, such as Google, Meta, & Amazon. We found the codes had been routed via an obscure Swiss company with links to spy agencies: www.bloomberg.com/news/article...
New: How a Tiny Middleman Could Access Two-Factor Login Codes From Tech Giants www.bloomberg.com/news/article...
βDragonForceβ Hacking Gang Takes Credit for UK Retail Attacks: www.bloomberg.com/news/article...
Portugal's National Cybersecurity Centre says: "There is no evidence to date pointing to a cyberattack. We would like to draw attention to the circulation of disinformation that occurs in these situations, and we therefore advise that every information should be confirmed with reliable sources."
Initial probe into cause of power outages in Spain & Portugal today suggests fault rather than cyberattack, according to the European Union Agency for Cybersecurity (ENISA). βFor the moment the investigation seems to point out to a technical/cable issue,β a spokesperson for the agency tells me.
The end result is that Ukraine's digital front lines are weaker now, making the country an βeasy targetβ for Russia, said Yegor Aushev, a Kyiv-based cybersecurity expert. The βsudden & unannounced shutdownβ of cyber operations, he said, βhas created a significant challenge.β
βMany projects were stopped halfway, contractors were let go before finishing their work, & a lot of plans didnβt get the chance to reach their full potential,β Mankish said.
Andrii Mankish, a Ukrainian cybersecurity expert who worked on US-funded projects to identify Russian hacking attempts, said the US's cyber pullback was likely to βimpact our efforts & slow down progress in key areas.β Long-planned cybersecurity projects had suddenly ended, he said.
That work is now paused & it's unclear whether it will resume -- Ukrainians say they have been left in the dark. Equipment & services that were to be provided to the country for ongoing initiatives, such as a project to strengthen the countryβs central election commission, are now not going ahead.
US cybersecurity assistance had included specialist support, training, equipment & software to organizations across Ukraine, including to dozens of government offices & departments & to key gas & electricity providers, the national bank & nuclear facilities such as Chernobyl.
New: US cuts to foreign aid are impacting Ukraine's cybersecurity. Dozens of people have had to stop work protecting the country from Russian hackers & shipments of vital cyber equipment have stopped, according to people familiar with the situation: www.bloomberg.com/news/article...
Awesome news Will, congrats!
A UK court has blocked the UK government's attempt to keep secret a legal case over its demand to access Apple users' encrypted data. Judges said in a ruling Monday that authoritiesβ efforts were a βfundamental interference with the principle of open justiceβ: www.bloomberg.com/news/article...
Trump envoy dismisses UK peacekeeping plan for Ukraine, says: "I don't regard Putin as a bad guy. He's super smart." www.bbc.com/news/article...
US national security agencies have halted work on a coordinated effort to counter Russian sabotage, disinformation & cyberattacks. Initiative had involved at least seven agencies working w/ European allies to disrupt plots targeting Europe & the US, Reuters reports: www.reuters.com/world/us-sus...
Researchers find evidence suggesting spyware from Israeli firm Paragon has been obtained by Australia, Canada, Cyprus, Denmark & Singapore. The technology - used to hack phones & read private msgs - was recently linked to hacks of Italian journalists & activists: www.bloomberg.com/news/article...
New: Cybersecurity experts who worked to secure US government computers from Russian & Chinese hackers have been ousted from their roles following pressure from DOGE. One senior official resigned in protest over move sources say has created "massive security gaps": www.bloomberg.com/news/article...
Very sad news π₯
New: A cyberattack that brought down Elon Muskβs X targeted servers that were insufficiently protected from malicious traffic & βshould not be exposed on the internetβ: www.bloomberg.com/news/article...
Swedish authorities investigate damaged cable discovered in the Baltic Sea between Germany & Finland, the latest in a string of similar incidents that have heightened fears of Russian sabotage & spying in the region: apnews.com/article/swed...
Apple pulls encrypted data storage feature from UK after government backdoor demand. Development comes after Apple criticized βunprecedented overreach" of UK surveillance powers: www.bloomberg.com/news/article...
