As an invasion of Russia Ukraine delays Navigation system monitors reported this week that they had detected an increase in GPS outages in Russian cities since Ukraine began long-range drone attacks. Elsewhere, a lawsuit against Meta alleges that a lack of adequate moderation of hate speech on Facebook led to the violence that fueled Ethiopia’s civil war.
New evidence suggests the attackers planted data on an Indian priest who died in police custody, and that the hackers may have cooperated with law enforcement when he was investigated. A Russia-based ransomware group, Kuba, has misused Microsoft’s legitimate certificates to sign some of their malware to falsely legitimize hacking tools that cybercriminals have been particularly relying on lately. And with the one-year anniversary of the Log4Shell vulnerability, researchers and security professionals reflected on the current state of open source supply chain security and what needs to be done to improve patch adoption.
We also examined the confluence of factors and circumstances leading to radicalization and extremism in the United States. And Meta gave WIRED some insight into how difficult it is to enable users to recover their accounts when they’re locked out, without allowing attackers to use those same mechanisms to take over accounts.
But wait, there’s more. Each week we highlight security news that we haven’t covered in depth ourselves. Click on the titles below to read the full stories.
Alexei Bryman, 35, was one of seven people named in a 16-count federal indictment this week that accused them of operating an international smuggling ring over the past five years to illegally export restricted technology to Russia. Bryman was arrested Tuesday and later released on $150,000 bail after being ordered to forfeit his passport and obey a curfew. He is an Israeli citizen who was born in Ukraine. Bryman and his wife, Daria, live in Merrimack, New Hampshire, a small town where they both ran a craft online business out of their home. “They’re the best family,” says a delivery driver who regularly drops off packages at their home The Boston Globe. “They will leave gift cards on holidays. And snacks.” The indictment alleges, however, that their home was a staging area for “millions of dollars in sensitive military and dual-use technology from US manufacturers and vendors.” Two more suspects in connection with the case were also arrested in New Jersey and Estonia.
A hacker breached the FBI’s information-sharing database InfraGard this week, compromising the data of more than 80,000 members who share details and updates about the United States’ critical infrastructure through the platform. Some of the data is sensitive and relates to national and digital security threats. Last weekend, a hacker posted samples of data stolen from the platform on a relatively new cybercrime forum called Breached. They valued the database at $50,000 for the complete contents. The hacker claims to have gained access to InfraGard by posing as the CEO of a financial company. The FBI said it is “aware of a possible fraudulent account associated with the InfraGard Portal and is actively investigating the matter.”
Former Twitter employee Ahmad Abuamo was convicted in August of sending user data to the Saudi Arabian government while working at the tech company. He also pleaded guilty to money laundering, wire fraud and falsifying records. Now he was sentenced to 42 months in prison. Abuammo worked at Twitter from 2013 to 2015. “This case has shown that foreign governments will pay bribes to insiders to obtain user information collected and maintained by our Silicon Valley social media companies,” U.S. Attorney Stephanie Hinds said in a statement. “This sentence sends a message to insiders who have access to user information to protect it, particularly from repressive regimes, or risk significant jail time.” Earlier this year, whistleblower and former Twitter security chief Peter Zatko claimed that Twitter has long had problems with foreign agents infiltrating the company. The situation is particularly worrisome as new CEO Elon Musk undergoes a massive overhaul of the company and its workforce.
To compromise Ukrainian government networks, hackers are placing malicious Windows 10 installers on torrent sites used in Ukraine and Russia, according to researchers at security firm Mandiant. The installers are built with the Ukrainian language pack and are free to download. They used malware for intelligence, data collection and exfiltration. Mandiant said it could not definitively attribute the campaign to specific hackers, but the targets matched those previously attacked by the Russian military intelligence agency GRU.
Years after it was proven to be vulnerable and insecure, the US National Institute of Standards and Technology said Thursday that the SHA-1 cryptographic algorithm must be removed from all software platforms by Dec. 31, 2030. Instead, developers should turn to algorithms with stronger security. , specifically SHA-2 and SHA-3. The “Security Hash Algorithm” or SHA was developed by the National Security Agency and debuted in 1993. SHA-1 is a slightly modified replacement that has been in use since 1995. By 2005, it was clear that SHA-1 was “cryptographically broken”, but it continued to gain popularity for years. NIST said this week, however, that attacks on SHA-1 have “become more severe.” Developers have eight years to leave for the remainder of the algorithm’s use. “Modules that still use SHA-1 after 2030 will not be allowed to be purchased by the federal government,” NIST computer scientist Chris Seeley said in a statement.