Tag Archive for: blocks

Facebook Blocks PA-Connected Hacking Ring Targeting Journalists, Activists

/in


(The Media Line) In a report released Wednesday, Facebook detailed its actions against two hacker groups from the Palestinian territories that made use of the Facebook platform to spy on Palestinians.

According to the report, the first group targeted journalists, human rights activists and government opposition, among others, and used malware to access phones and computers for spying. This group is connected to the Palestinian Authority’s Preventive Security Service (PSS), an intelligence agency tasked with internal security.

The second group, named Arid Viper, directed its efforts at Fatah members, PA officials and members of security forces, hinting at a possible connection to Fatah-rival Hamas. This second group employed a variety of tactics, all aimed at accessing personal information on phones and computers.

A PSS spokesperson rejected these allegations, telling Reuters that “we respect the media, we work within the law that governs our work.”

Facebook took action against these groups by blocking their accounts, as well as internet domains connected to them. The company also notified the attackers’ targets as well as “industry partners.”

If the allegations are true, the attacks are in keeping with the PA’s suppression of dissidents and critics. Both the PA and Hamas have been harshly criticized by human rights organizations for their employment of suppressive measures. A 2020 report by Amnesty International said that both Hamas, which controls the Gaza Strip, and Fatah, the organization heading the PA, arrested dozens of protesters, opposition members, activists and journalists throughout the year.

The 2020 annual report of MADA, the Palestinian Center for Development and Media Freedoms, noted a decline in the number of attacks on journalists in the Palestinian territories. Yet the report attributes the smaller numbers to lockdown measures enforced because of COVID-19, which lowered the number of interactions between journalists and potential attackers. “The state of media freedoms in Palestine has not witnessed any real positive and tangible developments that would serve to move away from the path of practices and trends that prevailed during the preceding…

Source…

Will The Darktrace IPO Race Out Of The Blocks?

/in


In a welcome boost for the London IPO market after the Deliveroo flop, UK cyber security company Darktrace has announced its intention to list in London in the coming weeks.

This is great news, and an opportunity for London bankers to showcase it has the expertise to price an IPO correctly, as well as for the company’s management to set expectations around the Darktrace IPO accordingly.

Darktrace IPO coming to London

Darktrace was founded in 2013, and uses Artificial Intelligence (AI) to identify cyber threats within client’s computer systems. The Darktrace IPO offers bankers a chance for redemption to price the listing correctly.

The company has over 4,700 clients and has seen a 45% increase in revenue year to date, with the US its biggest market, though the company’s HQ is in Cambridge.

Formula One fans will know of Darktrace due to its sponsorship of the McLaren team with its name having pride of place on the rear wing of the MCL35M.

Unlike Deliveroo, there are few concerns about the sustainability of its business model, however the company has as yet been unable to turn a profit.

That in itself shouldn’t affect interest in the Darktrace IPO – successful businesses are rarely profitable straight out of the traps. However there is significant growth potential in the cybersecurity market.

Listing could set high value

According to the 12 April filing, from fiscal year 2018 to fiscal year 2020, the company said that group revenue has grown from $79.4m to $199.1m, with adjusted earnings improving from a loss of $27m to a $9m profit.

Client growth over the same period has seen a rise from 1,659 to 3,858.

Expectations are for the company to issue £250m in new and existing shares, with the Darktrace IPO, which could come as soon as the end of this month, set to value the business at around £3bn. 

The shares would also be available for inclusion in the FTSE UK indices.

Potential issues remain

Another potential landmine is the legal problems around former Autonomy CEO Mike Lynch, who also happens to be one of the founders, through his Invoke Capital fund. Lynch is on trial for fraud as part of his involvement in the…

Source…

Airlock Allowlisting Solution Blocks Ransomware And Reduces Operational Overhead For IT And Cybersecurity Teams

/in


Wednesday, 24 March 2021, 1:24 pm
Press Release: Airlock Digital

Auckland, New Zealand – 24 March 2021:
Australian cybersecurity pioneer Airlock Digital
continues to enhance its industry-leading allowlisting
solution to more effectively block malware, ransomware and
zero-day attacks, help comply with cybersecurity standards,
and reduce the allowlisting operational effort for IT and
cybersecurity teams.

Allowlisting – also referred to
as application whitelisting or application control – is
documented in a number of government cybersecurity standards
and/or regulations worldwide, including the ACSC Essential
Eight Strategies to Mitigate Cyber Security Incidents, U.S.
Top 10 Mitigations, NIST 800-171, CMMC, Center for Internet
Security Basic Six, Canadian Top 10 IT Security Actions, and
New Zealand Critical Controls.

Many cybersecurity
solutions exist today that can block the execution of files
on endpoint systems. Almost none offer the granular
centralised control, the workflow support, or the
operational flexibility required to cost-effectively support
allowlisting in dynamic, enterprise computing
environments.

“There are many security products that
can allow or block files. That isn’t the challenge,”
says Airlock Digital Co-Founder, David Cottingham. “The
challenge is how you instrument the allowlisting process to
operationalise pro-active security
controls.”

Airlock reduces the support burden of
allowlisting, utilising easy-to-use workflows that prevent
disruption to users. If a required application is blocked,
IT teams, including non-cybersecurity staff, can simply and
easily grant permissions to users with a range of one-time
password (OTP) options.

In addition to one-time use
and mobile OTP, the latest Airlock version 4.7 release
provides a new codeless self-service capability, helping to
maintain user productivity without compromising on security.
Codeless self-service allows privileged users to
self-administer temporary access to applications and scripts
restricted to the general user base.

“Codeless
self-service aims to reduce friction and enables users to
handle exceptions as quickly as possible, reducing…

Source…

PayPal Blocks Purchases Of Tardigrade Merchandise For Potentially Violating US Sanctions Laws

/in

Moderation at scale is impossible. And yet, you’d still hope we’d get better moderation than this, despite all the problems inherent in policing millions of transactions.

Archie McPhee — seller of all things weird and wonderful — recently tried promoting its “tardigrade” line of goods only to find out PayPal users couldn’t purchase them. Tardigrades are the official name for microscopic creatures known colloquially as “water bears.” Harmless enough, except PayPal blocked the transaction and sent this unhelpful response:

If you can’t read/see the tweet and the screenshot, here’s what it says:

Just an FYI that @PayPal is currently blocking all transactions containing the word “tardigrade” in the product name or description. We’ve contacted them and they told us we should just stop using the word tardigrade.

And PayPal’s response:

Every transaction that goes through our system, is reviewed by our internal security team. Certain words can trigger our security system. Unfortunately, this cannot be overridden. I would advise you to change the wording on your website to prevent this from happening.

PayPal’s size demands the use of automated moderation. But this outcome seems inexplicable. It says the “internal security team” manually reviewed the block… and decided to keep it in place anyway. What’s the point of having a “security team” if they can’t override the algorithm’s decision?

Then there’s the question as to why “tardigrade” is blocked in the first place. It’s the official name for a particularly hardy micro-animal found all over the world. Early speculation centered on the Scunthorpe Problem, suggesting PayPal blocks transactions involving forms of the word “retarded.”

But it appears to be even more ridiculous than that. Tim Ellis at GeekWire received this explanation from PayPal:

A PayPal representative put the blame on the US government’s Office of Foreign Assets Control (OFAC) sanctions, which contain an entry for an industrial supply company called “Tardigrade Limited” located in the country of Cyprus. According to PayPal, the word “tardigrade” triggered a manual review process because their system determined that the payments “may potentially violate US sanction laws.”

Customers have a Balkan arms dealer to blame for their inability to purchase tardigrade goods.

Slobodan Tesic (Tesic) was identified in the annex of E.O. 13818 on December 21, 2017. At the time of his designation, Tesic was among the biggest dealers of arms and munitions in the Balkans, spending nearly a decade on the United Nations (UN) Travel Ban List for violating UN sanctions against arms exports to Liberia.

[…]

Tesic also utilized Cyprus-based Tardigrade Limited (Tardigrade) to conduct business in third-party countries, particularly Arab and African countries. Tesic has also used his Serbian companies to sign contracts with Tardigrade before selling the goods to a final buyer.

So, “tardigrade” is flagged by the system as indicative of sanctions violations. But there’s that term again: “manual review.” Is it impossible for reviewers to distinguish between arms sales through third parties and these?

Now, it could be the manual review team didn’t want to end up on the wrong side of sanctions and felt safer blocking transactions than possibly allowing an arms dealer to launder money through the sale of adorable water bear products. Or it could be the manual “review” consists of scrolling through a list of flagged items as quickly as possible and hitting the “approve all” button. Whatever it is, it ain’t working. And Archie McPhee isn’t the first retailer to run into this problem. Two months ago, Two Photon Art noted it had to rename its Tardigrade pin to “Water Bear Enamel Pin” to allow PayPal users to purchase it.

Erring on the side of caution seems like the smart thing to do. But when the term “manual review” accompanies “automated process,” you’d think manual reviewers would see these errors for what they are, rather than allow the blocking to continue. It appears PayPal is doing a little more manual review for tardigrade-related purchases now that it’s gone a bit viral, with customers experiencing delays rather than being hit with warnings their purchases have violated PayPal policies.

The upshot is stuff like this will only become more common as time goes on. The more pressure that’s placed on tech companies to aggressively police content, the greater the chance harmless content will be rendered inaccessible. It’s not that companies shouldn’t make efforts to keep their sites free of illegal content and whatever the companies would rather not see on their sites, but automated moderation will always create issues like these. And there just aren’t enough manual reviewers available to clean up algorithmic mistakes.

Techdirt.