Tag Archive for: western

Letting Assange walk would set a disastrous precedent for Western security

/in


On Wednesday, President Joe Biden told a journalist that he was “considering” dropping charges against Julian Assange, the Australian hacker who’s facing a raft of Justice Department indictments. In February, Australia’s parliament passed a measure, with the support of Prime Minister Anthony Albanese, calling for the return of the fugitive to his native country.

The 52-year-old WikiLeaks founder has struggled mightily to avoid the Western justice system for over a decade. Beginning in 2012, he sought refuge in Ecuador’s embassy in London, and for the past five years, Assange has been incarcerated in London’s Belmarsh prison, fighting U.S. efforts to extradite him. Two weeks ago, London’s High Court granted Assange yet another delay in extradition, guaranteeing that this protracted legal drama will continue for months if not years more. 

It’s therefore understandable that the Biden administration wants this messy case, a long-term irritant between Washington and two of our closest allies, to evaporate at last. However, doing so, letting Assange leave Belmarsh prison a free man, would constitute a terrible mistake. 

Assange claims he was merely acting as a journalist when he compromised American security by leaking vast amounts of U.S. classified information online, multiple times. His ardent fanbase, comprised of the ideological “horseshoe” where the far Left and far Right converge in shared anti-Americanism, ceaselessly repeats the mantra that Assange was merely “doing journalism.” 

This is yet another Assange falsehood, among many.

The Justice Department in 2019 charged Assange with grave crimes, then updated them in 2020. Assange is charged with 18 violations of the Espionage Act, including collaborating in 2009 with U.S. Army junior intelligence analyst Chelsea Manning to hack into classified Department of Defense computer systems. A vast trove of that stolen classified material was subsequently posted online by WikiLeaks, doing serious damage to Western security. Some of the leaked intelligence included the unredacted names of human sources who were supplying information to the United States in Iraq and Afghanistan. That needless act put lives…

Source…

Iranian hacking group impersonating nuclear experts to gain intel from Western think tanks

/in


A cyber espionage group linked to the Iranian government has been impersonating think-tank employees to phish Middle Eastern nuclear weapons experts, according to researchers at Proofpoint.

The group — called “TA453,” “Charming Kitten” or “APT35,” depending on the threat intelligence service you’re relying on — has a long track record of targeting U.S. and European government officials, politicians, think tanks and entities involved in critical infrastructure.

The latest campaign detailed by Proofpoint dates from March to May of this year and begins with benign emails that seek to establish a rapport with foreign policy researchers in the West.

Those initial emails were later followed by phishing emails that link to a password-protected DropBox URL, ostensibly to access the research. Instead, it executes .RAR and LNK files and run a PowerShell script that installs a backdoor on the victim’s system, before calling out to a cloud hosting provider for additional malware payloads.

Full infection chain for GorjolEcho, one of the malware payloads deployed by Charming Kitten (Source: Proofpoint)

Joshua Miller, senior threat researcher at Proofpoint, told SC Media the campaign appears to be extremely targeted: thus far they are aware of fewer than 10 individuals who received phishing emails from the group. Miller said their visibility over the campaign is restricted to data and follow-ups culled from Proofpoint customers, and that none were successfully infected.

It’s not the first time Charming Kitten, which U.S. officials have linked to Iran’s Islamic Revolutionary Guard Corps’ intelligence organization, has targeted think tanks and other research institutions, seemingly in an effort to gather intelligence about Western foreign policy decision-making. While the group has targeted government officials in the past, they may find it easier to obtain some of the same information they’re looking for by targeting and compromising parties at the edge of those discussions.

“When we see them go after think tanks [and] academics, basically they’re informing the policy positions of the West and governments for nuclear sanctions or diplomatic policies. The idea is that that…

Source…

Western Digital Hackers Demand 8-Figure Ransom Payment for Data

/in


After stealing around 10TB of data from Western Digital Corp., the computer drive manufacturer behind digital storage brand SanDisk, hackers are now negotiating a ransom payment within an eight-figure range, according to reports.

The hackers claim to have control of the company’s code-signing certificate, company executives’ private numbers, SAP back-office data, and administrator access to the company’s Microsoft Azure cloud instance, according to security researchers at TechCrunch who spoke with the hackers in an attempt to verify their claims. The hackers provided screenshots and shared phone numbers and files as their proof of holding the data hostage.

The hackers are threatening to publish the stolen data if they do not receive a payment, though it is unknown whether or not Western Digital will actually hand over the funds as it coordinates with forensic experts and law enforcement officials.

This extortion attempt comes after a data breach earlier this month, which Western Digital reported as a “network security incident,” occurring on March 26. The breach caused the corporation’s cloud network to be out of commission for 10 days, only recently having managed to get the service running again.

Western Digital has yet to comment on the claims being made by the hackers, and it has not answered questions regarding whether customer information was accessed. Meanwhile, according to TechCrunch, the hackers “are ready to start publishing the stolen data on the website of the ransomware gang ALPHV. The hackers said they are not directly affiliated with ALPHV, but “I know them to be professional.”

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Source…

Western Capitals Riled by Russian Hacking

/in


Cybercrime
,
Cyberwarfare / Nation-State Attacks
,
Fraud Management & Cybercrime

Australian Official Says Russia Should Bring Russian ‘Hackers to Heel’

Akshaya Asokan (asokan_akshaya) •
March 9, 2023    

Western Capitals Riled by Russian Hacking
St. Basil’s Cathedral in Moscow (Image: Michael Wong/CC BY-NC 2.0)

A top Australian official demanded that Russia crack down on hackers operating inside country borders, another sign of deepening Western frustration with Moscow’s permissive attitude toward cybercriminals.

See Also: OnDemand | Navigating the Difficulties of Patching OT

Michael Pezzullo, secretary of the Department of Home Affairs, called the notion that conventional law enforcement pressure will curtail Russian hacking activity “completely naive.” “They are not a ‘rule of law’ country,” he said during a Wednesday business summit in Sydney, reported Reuters.

“We call on the Russian government to bring those hackers to heel,” he said. The comments from Pezzullo, a civil servant, come just weeks after U.S. Secretary of State Antony Blinken accused the Kremlin of harboring groups such as TrickBot, calling Russia “a safe haven for cybercriminals” (see: US and UK Sanction Members of Russian TrickBot Gang).

Australia experienced a wave of data breaches and ransomware attacks during the second half of 2022. Australian Federal Police fingered cybercriminals likely based in Russia as perpetrators of an invasive leak of information collected from 10 million customers of private insurer Medibank.

The Biden administration has gone from cautiously engaging Russia on cybersecurity in 2021 to making containment of Russian hackers an explicit policy goal. “We want to shrink the surface of the…

Source…