Plus: $10M cybersecurity education bill gets bipartisan support
Part of Network | |
|
Researchers have tracked a widespread surveillance campaign that targets the Uyghurs in China. The campaign, made of two different operations, uses MOONSHINE as a threat vector. More: - The campaign is being attributed to APT-15, a threat actor that is believed to be state-backed.
- APT-15 is also using the BadBazaar malware variant. This hacking campaign could allow the group to collect call logs, GPS locations, SMS messages, record phone calls, take pictures, and retrieve metadata.
- Researchers have found that apps such as Uyghur Lugha are sending information to suspicious Android counterparts, making it clear the hacking campaign affects both Android and iOS devices.
- The MOONSHINE malware is also targeting its victims through apps, but mainly through social media or prayer apps that specifically target the Uyghur group.
Zoom Out: - Uyghurs are a minority demographic group in China that is Muslim. The group has been under inhumane treatment by the Chinese government for the last few years, causing controversy and criticism from the U.S. and other countries globally.
| |
A Russian national has been hit with charges over his alleged role in the LockBit ransomware group. The 33-year-old male will be extradited to the U.S. More: - He is likely to face a five-year prison sentence for conspiracy to damage protected computers intentionally and to ask for ransom from his victims.
- The hacker, who also has Canadian citizenship, was arrested by Canadian law enforcement. During the raid, law authorities were able to seize $17,332 worth of Bitcoin. The funds were illegally received as a ransom payment in February 2022.
- Other materials that were seized by the police include a list of likely future targets, the source code of the LockBit ransomware, and other communication tools and screenshots.
- LockBit ransomware group is believed to have deployed half of the Ransomware-as-a-Service attacks in September and October 2022, highlighting the group's intensity and determination to cause harm to its targets.
- The group has likely earned over $10M in ransom payments since its inception in 2019.
| |
CISA has stated that midterm elections were not hacked by domestic or foreign threat actors. The announcement comes after great anticipation over the level of security that U.S. institutions can provide to avoid controversy around results. More: - CISA director Jen Easterly stated that he is grateful for the long hours that the CISA staff has worked to ensure the safety of the U.S. voting process.
- Easterly added that "there is no sign that any voting system deleted or lost votes, changed votes, or was in any way compromised."
- Only two days ago, CISA stated that some state election websites in states such as Mississippi were hit by cyberattacks, but the agency did not provide more detail. The cyberattacks' threat vector was DDoS, a method that overwhelms servers until they crash. Typically, this type of attack does not cause long-term damage to the system it affects.
| |
A cybersecurity education bill that plans to create a $10M fund has garnered bipartisan support in the House of Representatives. The program would see $100,000 in grants donated each year to different universities and trade schools. More: - Officially named the Cybersecurity Skills Integration Act, the bill would aim to protect U.S. critical infrastructure by creating competent cybersecurity professionals via different education paths, such as universities and trade schools.
- The bill would require grant applicants to ask questions on how the educational materials and the funds would be used and whether the funds are enough.
- Industry experts have praised the bill, while some stated that cybersecurity training must be included in curriculums even earlier than in high school.
- Regarding the funding amount, industry members collectively agree that $10M is too little to make a big difference on a national level but that this plan is a good start and a step in the right direction toward creating a generation of competent cybersecurity experts.
- This bill comes at a time when multiple studies show that the cybersecurity gap in the U.S. currently stands at 700,000 and is only expected to worsen.
- The number of cyberattacks against both private and public organizations has risen dramatically during 2022, largely as a result of the war in Ukraine, a war that has been previously called the first cyber war.
| |
Angoka has raised a $2.8M funding round to protect smart cities and their transportation vehicles from security breaches. The company is based in Belfast, Ireland. More: - The company provides technology that protects machine-to-machine communications for smart cities and mobility.
- Angoka has participated in complex projects such as designing the air corridors for unmanned drones in the U.K. This experience has given the company confidence and the credibility to undertake similar transportation operations.
- In addition to its Ireland headquarters, the company also has offices in The Hague and London.
| |
Quick Hits: - $250 for International Acct. Day? Demo Divvy by Nov. 10 so you can stop wasting time on expense reports and start wasting it at the beach.*
- Several of Twitter's C-level security and privacy executives have resigned after in the wake of changes being implemented by its new owner, Elon Musk.
- A research company claims that the Qatar World Cup 2022 is at risk of being targeted by hackers with multiple threat vectors, including fake URLs that pretend to be live-streaming games, using the advertising space to release propaganda, etc.
- SolarWinds is being investigated by the SEC regarding the 2020 Supply Chain cyberattack. The company settled for $26M regarding the same case a few weeks ago.
- Central Virginia schools will receive $2.48M in grants to fund in-state physical and digital school security equipment.
*This is sponsored content. | |
Upcoming events at Inside: - November 29 - Learn about concrete 3D printed houses: how it works, market snapshot and investment opportunity. (Register Here) *
- January 31 - Growth Summit'23 (Register Here)
*This is a sponsored listing. | |
| | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
767 Bryant St. #203, San Francisco, CA 94107 Copyright © 2022 Inside.com | |
|