Connect with us


Fraudsters use ‘fake emergency data requests’ to steal info • The Register

In Brief Cybercriminals have used fake emergency data requests (EDRs) to steal sensitive customer data from service providers and social media firms. At least one report suggests Apple, and Facebook’s parent company Meta, were victims of this fraud.

Both Apple and Meta handed over users’ addresses, phone numbers, and IP addresses in mid-2021 after being duped by these emergency requests, according to Bloomberg.

EDRs, as the name suggests, are used by law enforcement agencies to obtain information from phone companies and technology service providers about particular customers, without needing a warrant or subpoena. But they are only to be used in very serious, life-or-death situations. 

As infosec journalist Brian Krebs first reported, some miscreants are using stolen police email accounts to send fake EDR requests to companies to obtain netizens’ info. There’s really no quick way for the service provider to know if the EDR request is legitimate, and once they receive an EDR they are under the gun to turn over the requested customer info. 

“In this scenario, the receiving company finds itself caught between two unsavory outcomes: Failing to immediately comply with an EDR — and potentially having someone’s blood on their hands — or possibly leaking a customer record to the wrong person,” Krebs wrote.

Large internet and other service providers have entire departments that review these requests and do what they can to get the police emergency data requested as quickly as possible, Mark Rasch, a former prosecutor with the US Department of Justice, told Krebs. 

“But there’s no real mechanism defined by most internet service providers or tech companies to test the validity of a search warrant or subpoena” Rasch said. “And so as long as it looks right, they’ll comply.”

Days after Krebs and Bloomberg published the articles, Sen Ron Wyden (D-OR) told Krebs he would ask tech companies and federal agencies for more information about these schemes. 

“No one wants tech companies to refuse legitimate emergency requests when someone’s safety is at stake, but the current system has clear weaknesses that need to be addressed,” Wyden said. “Fraudulent government requests are a significant concern, which is why I’ve already authored legislation to stamp out forged warrants and subpoenas.”

Hive ransomware reportedly hits healthcare group

The Hive ransomware gang claimed it stole 850,000 personally identifiable information (PII) records from the nonprofit health-care group Partnership HealthPlan of California.

Brett Callow, a threat analyst at anti-malware company Emsisoft, alerted Santa Rosa newspaper The Press Democrat that the ransomware gang posted what was said to be details about the intrusion on its Tor-hidden blog. Hive claimed it stole 400GB of data including patients’ names, social security numbers, addresses, and other sensitive information.

Partnership HealthPlan of California did not respond to The Register‘s inquiries about the alleged ransomware attack. But a notice on its website acknowledged “anomalous activity on certain computer systems within its network.”

The healthcare group said it had a team of third-party forensic specialists investigating the incident and was working to restore its systems. “Should our investigation determine that any information was potentially accessible, we will notify affected parties according to regulatory guidelines,” it added. 

Hive, which the FBI and security researchers started paying attention to in June 2021, is known for double-extortion ransomware attacks against healthcare organizations. Still, attacking a nonprofit is a “new low,” even for these cybercriminals, said IoT security firm Armis cyber risk officer Andy Norton. 

“It also raises some tough questions,” Norton wrote in an email to The Register. “I think we assume that charities and not for profits don’t have the big cyber budgets their commercial cousins have, and yet they hold the same sensitivity of data. What constitutes appropriate and proportionate security during times of heightened risk?”

Shutterfly admits employee data stolen

Shutterfly disclosed cybercriminals stole employees data during a December 2021 ransomware attack.

In documents filed with the California Attorney General’s office, the firm revealed that “an unauthorized third party gained access to our network” in a ransomware attack on or around December 3. The online photo company said it discovered the security breach on December 13.

While Shutterfly didn’t name the third-party in its filing, it was widely reported that the notorious Conti ransomware gang was behind the intrusion. Data stolen included employees’ names, salary information, family leave, and workers’ compensation claims, according to Shutterfly.  

The company said it “quickly took steps” to restore the systems, notified law enforcement, and brought in third-party cybersecurity experts to investigate the breach. It also offered employees two years of free credit monitoring from Equifax, and “strongly encouraged” them to take advantage of this offer.

It also noted that employees “may wish” to change account passwords and security questions.

Law enforcement’s ransomware response lacking

Law enforcement agencies face a barrage of difficulties responding to ransomware attacks, and chief among them is simply not being made aware of intrusions and infections by victims.

According to an analysis by threat intelligence firm Recorded Future of ransomware enforcement operations in 2020 and 2021, law enforcement agencies around the globe aren’t equipped to respond to ransomware outbreaks. In addition to simply not knowing about the attacks, they also lack the cybersecurity skills, technology, and data such as threat intel to respond. 

Recorded Future, citing several other surveys, says law enforcement doesn’t know about the vast majority of cyberattacks, and have to learn about them from the media.

In parts of the UK alone, just 1.7 percent of all fraud and cybercrime was reported to the authorities between September 2019 and September 2020, Recorded Future claimed, citing data from the UK Office for National Statistics from its crime survey for England and Wales. 

It also cited a Europol IOCTA report from 2020, which found ransomware remains an under-reported crime. While the Europol report doesn’t provide any numbers to illustrate how under-reported ransomware is, it noted “several law enforcement authorities mentioned identifying ransomware cases through (local) media and approaching victims to assist them by potentially starting a criminal investigation.”

Unless organizations do a better job reporting ransomware attacks, law enforcement can’t get an accurate picture of the threat landscape, Recorded Future noted. “Without reliable and valid data on the number and types of cyber attacks (that is, attack vectors), it is difficult for law enforcement agencies to accurately evaluate threats and react appropriately, resulting in threats not being given the resources or priority they deserve.”

While this analysis doesn’t provide any US-specific reporting stats, it’s worth noting that a newly signed federal law will require US critical infrastructure owners and operators to report a “substantial” cybersecurity incident to Uncle Sam’s Cybersecurity and Infrastructure Security Agency within 72 hours and within 24 hours of making a ransomware payment. 

Supporters of the new law, including CISA director Jen Easterly, have said it will give federal agencies and law enforcement better data and visibility to help it protect critical infrastructure.

Orgs aren’t ready for cyber reporting rules

Despite the US cybersecurity incident reporting law, along with a related US Securities and Exchange Commission proposal that would force public companies to disclose cyberattacks within four days, organizations really aren’t prepared for these new disclosure rules, according to Bitsight.

The cyber risk ratings firm published research this week that found, among other things, it takes the average organization 105 days to discover and disclose an incident from the date it occurred.

Additionally, it takes twice as long for organizations to disclose higher-severity incidents compared with lower severity incidents. This, on average, means it takes more than 70 days to disclose a moderate-, medium- or high-severity incident once it has been discovered, and 34 days for low-security events.

For this research, Bitsight analyzed more than 12,000 publicly disclosed cyber incidents globally between 2019 and 2022. This included type of incident, date of incident, date of discovery, and date of disclosure.

BitSight used its classification methodology (a 0 to 3 scale) to analyze the severity of the security incidents. Events received a higher-severity score due to a combination of more serious incidents, such as ransomware and human error, and higher record counts.

The security firm also segmented the disclosing organizations by employee count: extra large (more than 10,000 employees), large (1,000 to 10,000 employees), medium (500 to 1,000 employees) and small (less than 500 employees).

Perhaps unsurprisingly, the extra-large organizations are 30 percent faster at discovering and disclosing incidents than the rest. Still, it takes these companies an average of 39 days to discover and 41 days to disclose an incident, BitSight found, noting that this is still way longer than the timeframes proposed in the new rules. ®

Source link


European Startup Ecosystems Awash With Gulf Investment – Here Are Some Of The Top Investors

European Startup Ecosystem Getting Flooded With Gulf Investments

The Voice Of EU | In recent years, European entrepreneurs seeking capital infusion have widened their horizons beyond the traditional American investors, increasingly turning their gaze towards the lucrative investment landscape of the Gulf region. With substantial capital reservoirs nestled within sovereign wealth funds and corporate venture capital entities, Gulf nations have emerged as compelling investors for European startups and scaleups.

According to comprehensive data from Dealroom, the influx of investment from Gulf countries into European startups soared to a staggering $3 billion in 2023, marking a remarkable 5x surge from the $627 million recorded in 2018.

This substantial injection of capital, accounting for approximately 5% of the total funding raised in the region, underscores the growing prominence of Gulf investors in European markets.

Particularly noteworthy is the significant support extended to growth-stage companies, with over two-thirds of Gulf investments in 2023 being directed towards funding rounds exceeding $100 million. This influx of capital provides a welcome boost to European companies grappling with the challenge of securing well-capitalized investors locally.

Delving deeper into the landscape, Sifted has identified the most active Gulf investors in European startups over the past two years.

Leading the pack is Aramco Ventures, headquartered in Dhahran, Saudi Arabia. Bolstered by a substantial commitment, Aramco Ventures boasts a $1.5 billion sustainability fund, alongside an additional $4 billion allocated to its venture capital arm, positioning it as a formidable player with a total investment capacity of $7 billion by 2027. With a notable presence in 17 funding rounds, Aramco Ventures has strategically invested in ventures such as Carbon Clean Solutions and ANYbotics, aligning with its focus on businesses that offer strategic value.

Following closely is Mubadala Capital, headquartered in Abu Dhabi, UAE, with an impressive tally of 13 investments in European startups over the past two years. Backed by the sovereign wealth fund Mubadala Investment Company, Mubadala Capital’s diverse investment portfolio spans private equity, venture capital, and alternative solutions. Notable investments include Klarna, TIER, and Juni, reflecting its global investment strategy across various sectors.

Ventura Capital, based in Dubai, UAE, secured its position as a key player with nine investments in European startups. With a presence in Dubai, London, and Tokyo, Ventura Capital boasts an international network of limited partners and a sector-agnostic investment approach, contributing to its noteworthy investments in companies such as Coursera and Spotify.

Qatar Investment Authority, headquartered in Doha, Qatar, has made significant inroads into the European startup ecosystem with six notable investments. As the sovereign wealth fund of Qatar, QIA’s diversified portfolio spans private and public equity, infrastructure, and real estate, with strategic investments in tech startups across healthcare, consumer, and industrial sectors.

MetaVision Dubai, a newcomer to the scene, has swiftly garnered attention with six investments in European startups. Focusing on seed to Series A startups in the metaverse and Web3 space, MetaVision raised an undisclosed fund in 2022, affirming its commitment to emerging technologies and innovative ventures.

Investcorp, headquartered in Manama, Bahrain, has solidified its presence with six investments in European startups. With a focus on mid-sized B2B businesses, Investcorp’s diverse investment strategies encompass private equity, real estate, infrastructure, and credit management, contributing to its notable investments in companies such as Terra Quantum and TruKKer.

Chimera Capital, based in Abu Dhabi, UAE, rounds off the list with four strategic investments in European startups. As part of a prominent business conglomerate, Chimera Capital leverages its global reach and sector-agnostic approach to drive investments in ventures such as CMR Surgical and Neat Burger.

In conclusion, the burgeoning influx of capital from Gulf investors into European startups underscores the region’s growing appeal as a vibrant hub for innovation and entrepreneurship. With key players such as Aramco Ventures, Mubadala Capital, and Ventura Capital leading the charge, European startups are poised to benefit from the strategic investments and partnerships forged with Gulf investors, propelling them towards sustained growth and success in the global market landscape.

We Can’t Thank You Enough For Your Support!

— By Darren Wilson, Team

— Contact us:

— Anonymous submissions:

Continue Reading


China Reveals Lunar Mission: Sending ‘Taikonauts’ To The Moon From 2030 Onwards

China Reveals Lunar Mission

The Voice Of EU | In a bold stride towards lunar exploration, the Chinese Space Agency has unveiled its ambitious plans for a moon landing set to unfold in the 2030s. While exact timelines remain uncertain, this endeavor signals a potential resurgence of the historic space race reminiscent of the 1960s rivalry between the United States and the USSR.

China’s recent strides in lunar exploration include the deployment of three devices on the moon’s surface, coupled with the successful launch of the Queqiao-2 satellite. This satellite serves as a crucial communication link, bolstering connectivity between Earth and forthcoming missions to the moon’s far side and south pole.

Unlike the secretive approach of the Soviet Union in the past, China’s strategy leans towards transparency, albeit with a hint of mystery surrounding the finer details. Recent revelations showcase the naming and models of lunar spacecraft, steeped in cultural significance. The Mengzhou, translating to “dream ship,” will ferry three astronauts to and from the moon, while the Lanyue, meaning “embrace the moon,” will descend to the lunar surface.

Drawing inspiration from both Russian and American precedents, China’s lunar endeavor presents a novel approach. Unlike its predecessors, China will employ separate launches for the manned module and lunar lander due to the absence of colossal space shuttles. This modular approach bears semblance to SpaceX’s Falcon Heavy, reflecting a contemporary adaptation of past achievements.

Upon reaching lunar orbit, astronauts, known as “taikonauts” in Chinese, will rendezvous with the lunar lander, reminiscent of the Apollo program’s maneuvers. However, distinct engineering choices mark China’s departure from traditional lunar landing methods.

The Chinese lunar lander, while reminiscent of the Apollo Lunar Module, introduces novel features such as a single set of engines and potential reusability and advance technology. Unlike past missions where lunar modules were discarded, China’s design hints at the possibility of refueling and reuse, opening avenues for sustained lunar exploration.

China Reveals Lunar Mission: Sending 'Taikonauts' To The Moon From 2030 Onwards
A re-creation of the two Chinese spacecraft that will put ‘taikonauts’ on the moon.CSM

Despite these advancements, experts have flagged potential weaknesses, particularly regarding engine protection during landing. Nevertheless, China’s lunar aspirations remain steadfast, with plans for extensive testing and site selection underway.

Beyond planting flags and collecting rocks, China envisions establishing a permanent lunar base, the International Lunar Research Station (ILRS), ushering in a new era of international collaboration in space exploration.

While the Artemis agreements spearheaded by NASA have garnered global support, China’s lunar ambitions stand as a formidable contender in shaping the future of space exploration. In conclusion, China’s unveiling of its lunar ambitions not only marks a significant milestone in space exploration but also sets the stage for a new chapter in the ongoing saga of humanity’s quest for the cosmos. As nations vie for supremacy in space, collaboration and innovation emerge as the cornerstones of future lunar endeavors.

Continue Reading


Aviation and Telecom Industries Reach Compromise on 5G Deployment

The Voice Of EU | In a significant development, AT&T and Verizon, the two largest mobile network operators in the United States, have agreed to delay the deployment of 5G services following requests from the aviation industry and the Biden administration. This decision marks a crucial compromise in the long-standing dispute between the two industries, which had raised concerns over the potential interference of 5G with flight signals.
The aviation industry, led by United Airlines CEO Scott Kirby, had been vocal about the risks of 5G deployment, citing concerns over the safety of flight operations. Kirby had urged AT&T and Verizon to delay their plans, warning that proceeding with the deployment would be a “catastrophic failure of government.” The US Senate Commerce Committee hearing on the issue further highlighted the need for a solution.
In response, US Transportation Secretary Pete Buttigieg and Federal Aviation Administration (FAA) head Steve Dickson sent a letter to the mobile networks, requesting a two-week delay to reassess the potential risks. Initially, AT&T and Verizon were hesitant, citing the aviation industry’s two-year preparation window. However, they eventually agreed to the short delay, pushing the deployment to January 19.
The crux of the issue lies in the potential interference between 5G signals and flight equipment, particularly radar altimeters. The C-Band spectrum used by 5G networks is close to the frequencies employed by these critical safety devices. The FAA requires accurate and reliable radar altimeters to ensure safe flight operations.

Airlines in the US have been at loggerheads with mobile networks over the deployment of 5G and its potential impact on flight safety.

Despite the concerns, both the FAA and the telecoms industry agree that 5G mobile networks and airline travel can coexist safely. In fact, they already do in nearly 40 countries where US airlines operate regularly. The key lies in reducing power levels around airports and fostering cross-industry collaboration prior to deployment.
The FAA has been working to find a solution in the United States, and the additional two-week delay will allow for further assessment and preparation. AT&T and Verizon have also agreed to not operate 5G base stations along runways for six months, similar to restrictions imposed in France.
President Joe Biden hailed the decision to delay as “a significant step in the right direction.” The European Union Aviation Safety Agency and South Korea have also reported no unsafe interference with radio waves since the deployment of 5G in their regions.
As the aviation and telecom industries continue to work together, it is clear that safe coexistence is possible. The delay in 5G deployment is a crucial step towards finding a solution that prioritizes both safety and innovation. With ongoing collaboration and technical assessments, the United States can join the growing list of countries where 5G and airlines coexist without issue.

Continue Reading


Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!