DOGE hacks America? U.S. adversaries turn to cybercriminals? New LiDAR system ID faces a km away? - Cybersecurity Headlines

Summary5 min read

Cyber Security Headlines - Detailed Summary Episode: DOGE hacks America? U.S. adversaries turn to cybercriminals? New LiDAR system ID faces a km away? Release Date: February 13, 2025 Host: CISO Series

1. Dogeco Security Breach: A Historic Compromise

The episode opens with a concerning report about a significant breach by the Department of Government Efficiency (DOGE). Security experts Bruce Schneier and Davi Ottenheimer highlighted the severity of this incident in a recent Foreign Policy post. DOGE has reportedly accessed critical U.S. Government systems, including those of the Treasury and personnel databases, leading to the compromise of sensitive data and the dismantling of security protocols.

Schneier emphasized the gravity of the situation, stating, “Dogeco may be the most consequential security breach in US history” (02:15). Despite a federal judge’s block on February 8th preventing DOGE from accessing Treasury systems, questions linger about the extent of the damage across various government departments. The breach introduces severe national security risks and potential vulnerabilities that could be exploited by foreign adversaries. Schneier urges immediate media action to revoke DOGE’s access, restore monitoring, and audit all changes to secure the compromised systems (03:00).

2. Lithuanian Ad Tech Company Exposed Sensitive Military Data

Further delving into data security, the podcast discusses a joint report by Wired and 404 Media revealing that Lithuanian ad tech company Eskimai was the source of sensitive location data on U.S. Military personnel stationed overseas. This data was illicitly sold by Florida-based data broker Data Stream Group and included precise coordinates from devices at U.S. military sites in Germany, collected through SDKs embedded in mobile apps.

U.S. Senator Ron Wyden’s office has raised national security concerns and has been in contact with Lithuania's data protection authority (DPA) and Google, which listed Eskimai as an authorized buyer. The Lithuanian DPA is currently assessing the situation, and Eskimai could face significant penalties under the General Data Protection Regulation (GDPR) if found in violation (04:45).

3. Removal of Malicious Apps Containing Sparkat Malware

The episode continues with an update on malware threats, highlighting that Apple and Google have removed 20 apps from their respective app stores following the discovery of Sparkat malware by Kaspersky researchers. Since its emergence in March 2024, Sparkat has been downloaded over 242,000 times. The malware employs optical character recognition to scan image galleries for cryptocurrency wallet recovery phrases and other personal information.

Google confirmed that its Play Protect feature successfully safeguarded users from known versions of the malware, while Apple has not yet provided a statement. A report from Google’s Threat Intelligence Group indicates a rising trend of adversarial governments leveraging cybercriminals and their tools to advance espionage goals, driven by resource constraints and ongoing conflicts like the war in Ukraine. This trend is particularly noted in countries such as China, Iran, and North Korea, where state-sponsored attackers use commercially available malware to enhance deniability and reduce operational costs. Google and other cybersecurity firms warn that this convergence between state actors and cybercriminals significantly elevates global national security threats (05:50).

4. Breakthrough in LiDAR Technology

Shifting focus to technological advancements, scientists from various prestigious institutions, including Harvard University, NASA’s Jet Propulsion Lab, MIT, and the University of Glasgow, have developed a groundbreaking superconducting LiDAR system. This system captures ultra-detailed 3D data from up to 1 kilometer away using a superconducting nanowire single-photon detector. It boasts 13-picosecond accuracy in tracing single photons and can see through fog and smoke, offering image resolutions that are at least ten times better than existing systems—even in daylight.

However, the technology comes with a significant challenge: it requires cooling to minus 272 degrees Celsius to function properly. The research team has addressed this by developing a compact cryo cooler, making the system more feasible for practical applications (06:30).

5. Trump’s Nomination of Karen Cross as National Cyber Director

In political news, President Donald Trump has nominated Karen Cross, the Republican National Committee’s Chief Operating Officer, as his National Cyber Director. If confirmed, Cross will play a pivotal role in shaping the administration’s cyber policy. This nomination marks the first major cybersecurity appointment of Trump’s administration. The Office of the National Cyber Director, established just before former President Biden took office, serves as an advisory body to the president on cybersecurity matters. Notably, Karen Cross lacks direct cybersecurity experience, though she has held various roles within the first Trump administration. Her nomination is pending Senate confirmation (07:10).

6. Romance Scams Surge Despite Decline in Cases

A new report from Comparatech reveals alarming statistics on romance scams in 2024. Nearly 59,000 Americans lost approximately $697.3 million to these fraudulent schemes, although the number of cases decreased by 6% compared to 2023. Financial losses remain substantial, with Arizona experiencing the highest rate of scams per capita and California leading in total losses, accounting for $104.8 million across 6,687 cases.

Scammers are increasingly exploiting cryptocurrency and employing "double-barreled" tactics, where they pose as romantic partners before persuading victims to invest in fake cryptocurrency opportunities. Comparatech estimates that the total financial damage from romance scams could exceed $535 billion. In response, Seattle-based NameTag has launched Verified Hire, an identity verification and deepfake defense tool aimed at combating North Korean espionage in U.S. and global enterprises (07:55).

7. Verified Hire: Combating North Korean Espionage

Verified Hire by NameTag is designed to prevent North Korean operatives from infiltrating remote IT jobs through front companies, a strategy that has reportedly generated over $88 million to fund the regime. The tool employs automated identity verification to secure the employee onboarding process and prevent contractor fraud. It integrates seamlessly with Identity and Access Management (IAM) providers like Okta and Microsoft Entra, offering customizable workflows that save time and costs for IT and HR departments (08:10).

8. Google Addresses YouTube Vulnerabilities

In an update on platform security, Google has patched two vulnerabilities that could expose YouTube users’ email addresses, posing significant privacy risks, especially for creators wishing to remain anonymous. These flaws, discovered by security researchers Brutecat and Nathan, involved leaking Gaia IDs through YouTube's live chat API and converting them into email addresses using Pixel Recorder's sharing features. The issues, which affected multiple Google services, were initially disclosed in September and have since been resolved as of February 9th. Google awarded the researchers $10,633 in bounty and confirmed that there is no evidence of exploitation related to these vulnerabilities (08:00).

9. Emphasizing Cyber Resilience and Backup Protection

Concluding the episode, the discussion shifts to the growing emphasis on cyber resilience within the cybersecurity landscape. The focus is on ensuring that backups, often considered a safety net, are robust and secure against threats like ransomware. The upcoming episode of CISO Series’ "Defense In Depth" will delve into strategies for protecting backups effectively, ensuring they are reliable and ready when needed (08:15).

This episode of "Cyber Security Headlines" by CISO Series provides a comprehensive overview of the latest developments in the cybersecurity realm, from significant breaches and technological advancements to evolving threats and strategic responses. For more in-depth stories behind these headlines, listeners are encouraged to visit CISOseries.com.

Loading summary

Transcript4 lines

[00:00]
A
From the CISO series, it's Cybersecurity Headlines.
[00:06]
B
These are the cybersecurity headlines for Thursday, February 13, 2025. I'm Sarah Lane. In today's Cybersecurity news, In a post on foreign policy published Wednesday, security technologists Bruce Schneier and Davi Ottenheimer warned that the Department of Government Efficiency, also known as Dogeco, which accessed critical US Government systems including the treasury and personnel databases, compromising sensitive data and dismantling security protocols, may be the most consequential security breach in US history. Despite a block from a federal judge on February 8th against the Doge team from accessing the Treasury Department systems, any further questions remain about what damage has been done in in various government departments, like introducing severe national security risks and potential vulnerabilities to foreign adversaries, Schneier warns media actions are needed to revoke access, restore monitoring and audit all changes to secure the compromised Systems. Wired and 404 Media jointly report Lithuanian ad tech company Eskimai was the source of sensitive location data on US Military personnel overseas, which was sold by Florida based data broker Data Stream Group. The data included precise coordinates from devices at US military sites in Germany and was collected through SDKs in mobile apps. US Senator Ron Wyden's office raised national security concerns contacting Eskomai, Lithuania's data protection authority, and also Google, which listed Eskomai as an authorized buyer. The Lithuanian DPA is assessing the situation and Eskima could face penalties under GDPR if found in violation. Following up from our reporting last week, Apple and Google both removed 20 apps from their app stores after security researchers at Kaspersky discovered they contained malware called Sparkat. Since as early as March of 2024, the malware has been downloaded over 242,000 times. Used optical character recognition to scan image galleries for cryptocurrency, wallet recovery phrases and other personal information. Google banned the developers and confirmed that its Play Protect feature safeguarded users from known malware versions. Apple did not comment. According to a Google Threat Intelligence Group report, adversarial governments are increasingly leveraging cybercriminals and their tools to advance cyber espionage goals fueled by resource constraints and the operational demands of conflicts like the war in Ukraine. The trend is also observed in China, Iran and North Korea, where state sponsored attackers can utilize malware and techniques commonly associated with cybercriminals to enhance deniability and cost efficiency. Google and other cybersecurity firms warn that this growing overlap between state actors and and cybercriminals poses a significant national security threat worldwide. Thank you to today's episode sponsor Vanta. Do you know the status of your compliance controls right now, like this very second? We know that real time visibility is critical for security, but when it comes to our GRC programs we rely on point in time checks. But more than 9,000 companies have continuous visibility into their controls with Fanta. Fanta brings automation to evidence collection over 35 frameworks like SoC2 and ISO 27001. They also centralize key workflows like policies, access reviews and reporting. And Vanta helps you get security questionnaires done five times faster using AI. Now that's a new way to GRC. Get started@vanta.com Scientists from Harriet Watt University, NASA's Jet Propulsion Lab, MIT and the University of Glasgow have created a superconducting LIDAR system that captures ultra detailed 3D data from up to 1km away using a superconducting nanowire single photon detector. It traces single photons with 13 picosecond accuracy and sees through fog and smoke. It's at least 10 times better at image resolution than existing systems. Even in daylight. There is a catch. It needs to be cooled to minus 272 degrees Celsius to work properly, though the team says they developed a compact cryo cooler to solve that. President Trump is nominating Sean Cairncross, the RNC's chief operating officer and as his National Cyber Director. If confirmed, Karen Cross would play a key role in shaping the administration's cyber policy. This would be the first major cybersecurity nomination of Trump's administration. The Office of the National Cyber Director was established right before former President Biden took office and advises the president on cybersecurity matters. Karen Cross has no known cybersecurity experience, but has held various roles in the first Trump administration. His nomination requires requires Senate confirmation. A new report from Comparatech reveals that nearly 59,000Americans lost about $697.3 million to romance scams in 2024, although cases dropped by 6% from 2023. So that's trending the right way. Financial losses remain high. Arizona had the highest rate of scams per capita. California led in total losses with 104.8 million from 6,687 cases. Scammers are increasingly using cryptocurrency and what is known as a double barreled scam, posing as a romantic partner before pushing fake crypto investments. Comparatech estimates that total financial damage from romance scams could exceed $535 billion Seattle based NameTag has launched Verified Hire, an identity verification and deepfake defense tool to combat North Korean espionage in US and global enterprises. The company says North Korean operatives have infiltrated remote IT jobs through front companies, generating over 88 million to fund the regime. Verified Hire uses automated identity verification to secure employee onboarding and prevent contractor fraud. It integrates with IAM providers like Okta and Microsoft Entra, offering customizable workflows that save time and cost for IT and HR departments. Google has fixed two vulnerabilities that could expose YouTube users email addresses, posing a big privacy risk for any creator who wishes to remain anonymous. The flaws were discovered by security researchers Brutecat and Nathan and involved leaking Gaia IDs through YouTube's live chat API and converting them into email addresses using Pixel Recorder's sharing features. The issues, which impacted multiple Google services, were first disclosed last September and patched on February 9th. Google awarded the researchers $10,633 in bounty and confirmed no evidence of exploitation. For the past few years, the focus of cybersecurity has increasingly been shifting to resilience. Core to a resilience program, Are backups a safety net that's also highly vulnerable? How do you make sure your backups are ready when the time comes? That's what we're digging into in our latest episode of Defense In Depth. Look for protecting your backups from ransomware wherever you get your podcasts.
[08:23]
A
Cybersecurity headlines are available every weekday. Head to cisoseries.com for the full stories behind the headlines.
[08:31]
B
I'm Sarah Lane reporting for the CISO series. Thank you so much for listening.