Similar Posts
WASHINGTON – Russian hackers are going after US government officials, defence workers and others in a new email phishing campaign targeting thousands of people, according to Microsoft Corp.
The hackers have sent “a series of highly targeted spearphishing emails” to thousands of people in more than 100 organisations since Oct 22, according to a blog post from Microsoft Threat Intelligence published on Oct 29.
The latest campaign will add to mounting concerns over US failures to outwit suspected Russian and Chinese hackers.
The FBI said on Oct 25 it is investigating unauthorised access by Chinese state-affiliated hackers targeting the commercial telecommunications sector.
In some of the emails that were part of the latest campaign, the senders impersonated Microsoft employees, according to the blog.
Spearphishing involves sending tailored emails to individuals, including links to malicious websites that can then steal information.
It wasn’t immediately clear how many of the attacks, if any, were successful.
Microsoft has said the attacks are perpetrated by a sophisticated Russian nation-state group it calls Midnight Blizzard, which US and UK governments have connected to the SVR, the Russian foreign intelligence service.
The company said in January that the group attacked its corporate systems, getting into a “small number” of email accounts, including senior leadership and employees who work in cybersecurity and legal.
In April, US federal agencies were ordered to analyse emails, reset compromised credentials and work to secure Microsoft accounts.
At the time, the Cybersecurity and Infrastructure Security Agency (Cisa) said the incident represented a “grave and unacceptable risk” to agencies, according to the April directive.
Cisa and US State Department didn’t immediately respond to requests for comment.
The Russian Embassy in Washington didn’t immediately respond to a request for comment. BLOOMBERG
We spend so much of our lives online but have we thought about what will happen to our digital trails and assets when we die?
It is a question that came up for husband-and-wife content creators Muhammad Alif Ramli and Liyana Syahirah Ismail Johari.
They realise, for example, if no clear instructions are left behind, not knowing the passwords or about dormant accounts on long-forgotten platforms can pose problems.
It is especially important, given Mr Alif’s medical history.
When Mr Alif was 10, he was diagnosed with rhabdomyosarcoma, a soft tissue cancer. He underwent multiple chemotherapy cycles and nine surgical operations, which the 28-year-old described as a “close-to-death experience”, before he recovered.
In the fourth episode of The Straits Times’ docuseries Let’s Talk About Death, Mr Alif and Ms Liyana, 27, seek help from experts to consolidate their digital assets.
They speak to a cyber security expert to find out how to best manage their passwords. They also talk to a lawyer who specialises in digital assets to look into protecting their social media accounts, which may generate revenue in the future.
Finally, Mr Alif and Ms Liyana also attempt to write their wills with the help of artificial intelligence tools, with the key question being: Will they be valid under syariah law?
Let’s Talk About Death is a five-episode docuseries that follows several millennials and their loved ones as they navigate end-of-life planning, and it starts honest conversations about death and dying well.
SEATTLE – Starbucks said the aftermath of a ransomware attack on a software supplier has been affecting its ability to pay baristas and manage their schedules, the company’s spokesperson said on Nov 25.
The coffee giant said that an outage at a third-party vendor has disrupted a back-end Starbucks process that enables employee scheduling and time tracking.
The outage is not impacting its customer service, and the company was working to ensure its employees were fully paid for their hours worked with limited disruption or discrepancy, according to a Starbucks’ spokesperson.
UK-based Blue Yonder, which provides supply chain software to Starbucks and other retailers, according to the Wall Street Journal, said on Thursday that it has experienced disruptions due to a ransomware attack and it is working to fix the issue. REUTERS
LONDON – Mirror Group Newspapers (MGN) is facing 101 phone-hacking lawsuits from public figures including actors Kate Winslet, Sean Bean and Gillian Anderson and the estate of late Australian cricketer Shane Warne, London’s High Court heard on Nov 20.
The publisher of the Daily Mirror, Sunday Mirror and Sunday People tabloids – which is owned by Reach – has been entangled in litigation for more than a decade over alleged phone hacking and other unlawful information gathering.
MGN had accepted that some unlawful information gathering took place at its newspapers in the early 2000s, before Prince Harry and three others went to trial in 2023.
Harry, the younger son of King Charles, was awarded £140,600 (around S$238,000) after London’s High Court ruled the prince had been targeted by MGN journalists – the biggest win yet in his “mission” to purge the British press.
He accepted substantial damages from MGN to settle the remainder of his lawsuit, but vowed his mission would continue and a trial of his separate case against Rupert Murdoch’s British newspaper arm is due to begin in January.
When Harry largely won his case in December 2023, Reach also claimed victory as two other claimants’ cases were rejected as having been brought too late.
The company said the ruling meant cases brought after October 2020 were “likely to be dismissed other than where exceptional circumstances apply”.
MGN is, however, currently facing a total of 101 lawsuits brought by a number of people, including Prince Harry’s ex-girlfriend Chelsy Davy, the claimants’ lawyers said at a hearing on Nov 20.
The publisher asked for a trial to be heard in late 2025 to decide whether a sample of the 101 cases were brought too late, arguing it would likely prompt a settlement of the cases.
Judge Timothy Fancourt ruled that such a trial would accelerate other cases being resolved and said it was likely to take place in November 2025. REUTERS
WASHINGTON – Chinese hackers compromised eight American telecommunications companies as part of a wide-ranging espionage effort to gather intelligence about prominent US citizens, Biden administration officials said on Dec 4.
Ms Anne Neuberger, deputy assistant to the president and deputy national security advisor for cyber and emerging technologies, said that the Chinese group known as Salt Typhoon continues to linger inside some networks as security personnel work to eject the hackers. President Joe Biden has received multiple briefings on the matter as the US government seeks to investigate the matter, she said.
The update comes after officials from the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency said on Dec 3 that it would be impossible for them to predict how long it would take to clear the intruders from compromised networks.
The White House also has established a unified coordination group that meets on a daily basis to help address the threat, they said.
Director of National Intelligence Avril Haines joined officials from the White House, FBI and other agencies to brief US senators in a classified closed-door meeting on Dec 4. BLOOMBERG
WASHINGTON – Chinese state-affiliated hackers intercepted audio from the phone calls of US political figures including an unnamed campaign adviser of Republican presidential candidate Donald Trump, the Washington Post reported on Oct 27.
The FBI and the US Cybersecurity and Infrastructure Security Agency said on Oct 25 they were investigating unauthorised access to commercial telecommunications infrastructure by people associated with China.
Trump’s campaign and the FBI did not immediately respond to a request for comment.
The Post also reported the hackers were able to access unencrypted communications like text messages, of the individual.
Reuters reported on Oct 25 that Chinese hackers also targeted phones used by people affiliated with the campaign of Democratic presidential candidate Kamala Harris.
Trump and his running mate, J.D. Vance, were targeted, various media outlets reported last week.
The Trump campaign was made aware last week that Trump and Mr Vance were among a number of people inside and outside of government whose phone numbers were targeted through the infiltration of Verizon phone systems, the New York Times reported on Oct 25.
The Trump campaign was hacked earlier in 2024. The US Justice Department charged three members of Iran’s Revolutionary Guard Corps with the hack, accusing them of trying to disrupt the Nov 5 election.
Verizon said on Oct 25 it was aware of a sophisticated attempt to target US telecoms and gather intelligence and is working with law enforcement.
Congress is also investigating and earlier this month U.S. lawmakers asked AT&T, Verizon and Lumen Technologies to answer questions about reports Chinese hackers accessed the networks of U.S. broadband providers.
The Chinese embassy in Washington said last week it was unaware of the specific situation but said China opposes and combats cyber attacks and cyber thefts in all forms. REUTERS