Tag: Cybercrime | Page 4

Jordan to criminalize VPNs and internet freedoms under new cybercrime law

July 26, 2023/in Internet Security

Internet freedoms are at risk in Jordan under a new proposed cybercrime law. Among other things, the bill plans to criminalize the use of VPN services (in some scenarios) while giving authorities sweeping new powers to censor content online, throttle websites, and block social media.

The 41-article bill comes as a way to “tackle disinformation, hate speech and online defamation,” said the government. It will replace the current legislation’s 15 provisions enforced since 2015. The Parliamentary Legal Committee approved the draft with no substantial changes on July 25—digital rights watchdog Jordan Open Source Association (JOSA) reported.

Activists, civil societies, and journalists in and out the country are now calling Jordan policymakers to scrap the draconian law as it “will strongly undermine digital rights.” At the same time, also the US government expressed its concerns for people’s free speech and Jordan’s technology sector growth.

“A dark prospect of Jordan’s civic space”

“The draft legislation will jeopardize digital rights, including freedom of expression and the right to information, and will ultimately fail in achieving the Jordanian government’s stated goals of tackling disinformation, hate speech, and online defamation,” reads the open letter signed by 14 civil societies across the world, including Access Now, ARTICLE 19 and Human Rights Watch (HRW).

“Given Jordan’s judicial system lacks independence and is frequently used to prosecute human rights defenders, activists, journalists, and political opponents, this law offers a dark prospect of Jordan’s civic space.”

Jordan has a bad track record when it comes to persecuting political dissidents and protecting civil rights. Last year’s Freedom of the Net report labeled the internet in the country “partly free” due to widespread restrictions and state surveillance practices.

Digital rights advocates are especially worried for the broad language and vaguely defined terms present throughout the draft. Examples include undefined terminology such as fake news, promoting, instigating, aiding, or inciting immorality, online assassination of personality, provoking strife, undermining national unity, and contempt for…

Source…

Hitting the Books: How hackers turned cybercrime into a commercial service

June 25, 2023/in Computer Security

As anyone who regularly games online can attest, DDoS (dedicated denial of service) attacks are an irritatingly common occurrence on the internet. Drawing on the combined digital might of a geographically diffuse legion of zombified PCs, hackers are able to swamp game servers and prevent players from logging on for hours or days at a time. The problem has metastasized in recent years as enterprising hackers have begun to package their botnets and spamming tools into commercial offerings, allowing any Tom, Dick, and Script-kiddie rental access to the same power.

It’s a big internet out there, and bad actors are plentiful. There are worse things than spammers and scammers swimming in the depths of the Dark Web. In his new book, Fancy Bear Goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks, Dr. Scott J Shapiro, Professor of Law and Philosophy at Yale Law School traces the internet’s illicit history through five of the biggest attacks on digital infrastructure ever recorded.

portrait-oriented oil painting of a smirking bear in a purple suit, black text on red background top third of the space. — Farrar Straus Giraux

FANCY BEAR GOES PHISHING: The Dark History of the Information Age, in Five Extraordinary Hacks by Scott J. Shapiro. Published by Farrar, Straus and Giroux. Copyright © 2023 by Scott J. Shapiro. All rights reserved.

Crime as a Service

Not all Denial of Service attacks use botnets. In 2013, the Syrian Electronic Army (SEA)—the online propaganda arm of the brutal Bashar al-Assad regime—hacked into Melbourne IT, the registrar that sold the nytimes.com domain name to The New York Times. The SEA altered the DNS records so that nytimes.com pointed to SEA’s website instead. Because Melbourne IT contained the authoritative records for the Times’ website, the unauthorized changes quickly propagated around the world. When users typed in the normal New York Times domain name, they ended up at a murderous organization’s website.

Conversely, not all botnets launch Denial of Service attacks. Botnets are, after all, a collection of many hacked devices governed by the attacker remotely, and those bots can be used for many purposes. Originally, botnets were used for spam. The Viagra and Nigerian Prince emails that used to clutter inboxes were sent from thousands…

Source…

Meta Expunges Multiple APT, Cybercrime Groups From Facebook, Instagram

May 3, 2023/in Mobile Security

Facebook parent Meta said it thwarted the activity of three advanced persistent threat groups (APTs) in South Asia engaged in cyber espionage as well as six adversarial groups from various global regions engaged in what it deems “inauthentic behavior” on Facebook and other social networks.

The company’s takedown of these and other activities on its platforms is indicative of a sea of consistent and globally dispersed exploitative behavior from threat actors to leverage various online platforms to create elaborate social-engineering campaigns to lure and exploit Internet users, the company said.

In most of the cases, threat actors are using Facebook and other social networking and media platforms —including Twitter, Telegram, YouTube, Medium, TikTok, and Blogspot — to create various fake online accounts and personas, according to Meta. The attackers used fake identities, including job recruiters, journalists, or even military personnel, to earn credibility with users and legitimate entities so they could engage in malicious threat activity, the company said.

In its Quarterly Adversarial Threat Report released today, Meta detailed these incidents as well as actions it’s now taking to minimize security threats that leverage its platforms.

The report draws from Meta’s security monitoring of the use of its platforms, as well as monitoring of the Internet overall in order to flag malicious activity, which is increasingly becoming more dispersed across various platforms and geographies and thus harder to track, Nathaniel Gleicher, head of security policy at Meta, told journalists in a briefing on the report May 2.

“These threats are extremely persistent, and that they’re not going anywhere because the threat actors behind them are financially motivated,” he said. “That’s why we see … adversarial adaptation … including malware operators, spreading themselves across many places at once. So each phase of the campaign relies on a different service to survive.”

As part of its work to combat this activity, Meta also plans to empower businesses as well with a new tool it will release later this year to help them identify malicious activity as well as malware being used by the threat groups…

Source…

Cyber Attack on Cosmos Bank: How Hackers Stole Millions”

April 26, 2023/in Video

Tag Archive for: Cybercrime

Crime as a Service