← Risky Bulletin
Loading summary
Transcript1 lines
- [00:04]
Claire Aird
NSO group ordered to pay Meta $167 million the White House tells NSA to cut 8% of its civilian staff, the US sanctions a Myanmar militia group leader for cyber scams, and one of the Nomad Bridge hackers gets arrested in Israel. This is the risky bulletin prepared by Catalyn Kim Panu and read by me, Claire aird. Today is the 7th of May and this podcast episode is brought to you by Ste. Israeli spyware maker NSO Group has been ordered to pay Meta $167 million. The payment will mark the end of Meta's five year lawsuit against NSO over its 2019 WhatsApp hacking campaign. Of the total amount, just $444,000 covers the cost of WhatsApp employees investigating the hacks. The rest is punitive. NSO has not said if it will appeal. Microsoft has added anti spam features to its Outlook.com email service. Bulk senders must use modern email sender identification standards such as dkim, DMARC and spf. They must also provide users an easy unsubscribe option and remove invalid email addresses from their lists. The new rules apply to domains that Send more than 5,000 emails a day to Outlook users. Google and Yahoo introduced similar rules last year, and Apple followed suit in March. The White House has ordered the U.S. national Security Agency to cut 8% of its civilian workforce, according to the record. The layoffs will impact up to 2,000 employees and will happen this year. Last week, the Trump administration also ordered the CIA to cut about 1,200 employees. A second hacker has breached Telemessage, the Israeli company that sells modified versions of secure messaging apps. Last week, a photograph revealed that members of the Trump administration were logging conversations with a tele message modified version of Signal. The first hack was reported by 404 Media on Sunday. The second separate hack was reported by NBC the next day. The hackers proved they had access by providing NBC a list of Coinbase employees using Telemessage. The company has since suspended its services. Almost a dozen top cybersecurity Experts from the U.S. national Institutes of Standards and Technology are leaving the agency, according to Cybersecurity Dive. The Experts worked in NIST's computer security division. They accepted the Trump administration's retirement office as part of a downsizing operation. Hackers have breached and stolen data from a charter airline used by the Trump administration for deportation flights. The data, stolen from charter operator GlobalX, includes flight records and passenger manifests from January until May. The hackers also defaced the airline's website British retailer Marks N Spencer reportedly had no incident response plan before being hit by a ransomware attack last month. An anonymous employee told Sky News the situation was chaotic following the attack. The company has suspended online orders and sent staff home in the wake of the incident. The company insider said it would take a few months to recover Marks and Spencer has lost 500 million pounds in market value since the breach. Russian state sponsored hackers have allegedly breached one of Azerbaian's largest media companies. Global Media Group was hacked in February after Azerbaijan shut down a Russian cultural centre it accused of espionage. The attacks disrupted four news portals and the operation of the Baku TV channel. Azabayan said the attacks were the work of APT 29, linked to Russia's SVR intelligence agency. Europol has established a task force to investigate violence as a service providers. The task force, named Grim, will be led by Swedish authorities. A recent wave of violence in Europe has been traced to online communities that recruit people for violent attacks and sabotage. The U.S. treasury has sanctioned the leader of a Myanmar militia group over involvement in cyberscam compounds. Officials sanctioned saw Chitta, 2 and 2 of sons. They also designated the Karen national army as a criminal organisation. US officials claim Soar and his militia group are central figures in Myanmar's scam economy. Israeli authorities have arrested a Russian Israeli national accused of hacking cryptocurrency exchange Nomad Bridge. Alexander Gurevich allegedly stole $2.89 million worth of crypto assets in 2022. He offered to return the funds for a $500,000 reward. The Nomad Bridge $190 million and finally, attackers are exploiting a vulnerability in the AI toolkit LangFlow. The vulnerability allows unauthenticated remote attackers to run malicious code. Proof of Concept code was published last month and exploitation began soon after. And that is all for this podcast edition. Today's show was brought to you by our sponsor Stairwell. Find them@stairwell.com thanks for your.