Connect with us

Technology

Uber says Lapsus$-linked hacker responsible for breach

Avatar

Published

on

 By: Reuters, Updated September 20, 2022

Sept 19 (Reuters) – Uber Technologies Inc said on Monday a hacker affiliated with the Lapsus$ hacking group was responsible for a cyber attack that forced the ride-hailing company to shut several internal communications temporarily last week.

Uber said the attacker had not accessed any user accounts and the databases that store sensitive user information such as credit card numbers, bank account or trip details.

“The attacker accessed several internal systems, and our investigation has focused on determining whether there was any material impact,” Uber said, adding that investigation was still ongoing.

The company said it was in close coordination with the FBI and the U.S. Department of Justice on the matter.

Friday’s cybersecurity incident had brought down Uber’s internal communication system for a while and employees were restricted to use Salesforce-owned office messaging app Slack.

Uber said the attacker logged in to a contractor’s Uber account after they accepted a two-factor login approval request following multiple requests, giving the hacker access to several employee accounts and tools such as G-Suite and Slack.

The hacking group, Lapsus$, has targeted firms including Nvidia , Microsoft Corp and Okta Inc, an authentication services company relied on by thousands of major businesses.

Lapsus$ could not be immediately reached for comment.

The hacker, who goes by the name “teapotuberhacker,” also reportedly claimed to leak early gameplay footage of Take-Two Interactive Software Inc’s muck-awaited game “Grand Theft Auto VI” on Monday.

The hacker had posted a message on the forum about seeking to “negotiate a deal” with the videogaming company.

Social Networking

Twitter Set to Introduce New Controls for Ad Placements to Lure Advertisers Back After Elon Musk Takeover

Avatar

Published

on

Twitter is also considering bringing its content moderators in-house, to allow the platform to invest in moderation of non-English languages.
By Reuters |  Updated: 9 December 2022 09:58 IST

Twitter will roll out new controls as soon as next week to let companies prevent their ads from appearing above or below tweets containing certain keywords, the social media platform told advertisers in an email on Thursday.

The new controls are part of Twitter’s effort to reassure and lure back advertisers that have pulled ads off the platform since it was purchased in October by billionaire Elon Musk, amid reports from civil rights groups that hate speech has risen since the acquisition and after several banned or suspended accounts were reinstated.

Twitter earns nearly 90 percent of its revenue from selling digital ads. Musk recently attributed a “massive drop in revenue” to civil rights organisations that have pressured brands to pause their Twitter ads.

In a recent call with an advertising industry group, a Twitter representative said the platform was considering bringing its content moderators, many of whom are contracted through third-party vendors, in-house, according to a source familiar with the remarks.

The Twitter representative said bringing content moderators in-house at Twitter would allow the platform to invest more in moderation for non-English languages, according to the source.

The email to advertisers on Thursday, which was reviewed by Reuters, said a revamped version of Twitter’s subscription service called Twitter Blue would begin rolling out on Friday.

The subscription will allow accounts to receive a verified check mark. Accounts for individuals will get a blue check, while gold and gray check marks will denote business and government accounts, according to the email.

The subscription price will be $7 (roughly Rs. 500) per month on the web and $11 (roughly Rs. 800) per month on Apple devices, the email said.

Twitter, which has lost many members of its communications team, did not immediately respond to a request for comment.

© Thomson Reuters 2022

Continue Reading

Internet

China-Based APT41 Hacker Group Stole $20 Million Worth of US COVID-19 Relief Funds: Report

Avatar

Published

on

Other federal investigations of pandemic fraud reportedly seem to point back to foreign state-affiliated hackers.
By ANI | Updated: 8 December 2022

China-based hackers stole at least $20 million (roughly Rs. 165 crore) in US Covid relief benefits, including unemployment insurance funds and Small Business Administration loans, NBC news reported citing the country’s Secret Service. Hackers linked to the Chinese government are from a Chengdu-based group known as APT41. The report said other federal investigations of pandemic fraud also seem to point back to foreign state-affiliated hackers. “It would be crazy to think this group didn’t target all 50 states,” Roy Dotson, national pandemic fraud recovery coordinator for the Secret Service, told NBC. The US Secret Service declined to confirm the scope of other investigations.

They said there are over 1,000 ongoing investigations involving transnational and domestic criminal actors defrauding public benefits programs, and APT41 is “a notable player,” according to NBC news.

In recent months, the US has witnessed a rise in espionage cases emanating from China.

Last month, in three separate cases, the US government charged 13 individuals, including members of China’s security and intelligence apparatus and their agents, for alleged efforts to unlawfully exert influence in the United States for the benefit of their government.

“As these cases demonstrate, the government of China sought to interfere with the rights and freedoms of individuals in the United States and to undermine our judicial system that protects those rights. They did not succeed,” said US Attorney General Merrick B. Garland, as quoted in the Justice Department press statement.

“The Justice Department will not tolerate attempts by any foreign power to undermine the Rule of Law upon which our democracy is based. We will continue to fiercely protect the rights guaranteed to everyone in our country. And we will defend the integrity of our institutions,” Garland added.

Seven Chinese nationals were charged – two of whom were arrested on October 20 in New York – with participating in a scheme to cause the forced repatriation of a PRC national residing in the United States.

The defendants are accused of conducting surveillance of and engaging in a campaign to harass and coerce a US resident to return to Beijing as part of an international extralegal repatriation effort known as “Operation Fox Hunt.”

Continue Reading

Social Networking

Biden Administration Tells US Supreme Court Section 230 of Communications Decency Act Has Limits

Avatar

Published

on

Section 230 of the US Communications Decency Act holds that social media firms can't be treated as the publisher of information posted by users.
By Reuters | Updated: 8 December 2022

The Biden administration argued to the US Supreme Court on Wednesday that social media giants like Google could in some instances have responsibility for user content, adopting a stance that could potentially undermine a federal law shielding companies from liability.

Lawyers for the US Department of Justice made their argument in the high-profile lawsuit filed by the family of Nohemi Gonzalez, a 23-year-old American citizen killed in 2015 when Islamist militants opened fire on the Paris bistro where she was eating.

The family argued that Google was in part liable for Gonzalez’ death because YouTube, which is owned by the tech giant, essentially recommended videos by the Islamic State group to some users through its algorithms. Google and YouTube are part of Alphabet (GOOGL.O).

The case reached the Supreme Court after the San Francisco-based 9th US Circuit Court of Appeals sided with Google, saying they were protected from such claims because of Section 230 of the Communications Decency Act of 1996.

Section 230 holds that social media companies cannot be treated as the publisher or speaker of any information provided by other users.

The law has been sharply criticised across the political spectrum. Democrats claim it gives social media companies a pass for spreading hate speech and misinformation.

The case reached the Supreme Court after the San Francisco-based 9th US Circuit Court of Appeals sided with Google, saying they were protected from such claims because of Section 230 of the Communications Decency Act of 1996.

Section 230 holds that social media companies cannot be treated as the publisher or speaker of any information provided by other users.

The law has been sharply criticised across the political spectrum. Democrats claim it gives social media companies a pass for spreading hate speech and misinformation.

Continue Reading

Internet

Data of 6 Lakh Indians Stolen, Sold on Bot Markets So Far; Around 50 Lakh Users Affected Globally, Study Shows

Avatar

Published

on

A study of three major bot markets found stolen logins including those from Google, Microsoft and Facebook accounts.
By Reuters | Updated: 8 December 2022

Around five million people globally have had their data stolen and sold on the bot market to date, of which 6 lakh are from India, making it the worst affected country, according to one of the world’s largest VPN service providers NordVPN.

Bot markets are used by hackers to sell stolen data from victims’ devices with bot malware.

The study by NordVPN, of Lithuania’s Nord Security, said the stolen data included user logins, cookies, digital fingerprints, screenshots and other information, with the average price for the digital identity of a person pegged at Rs. 490.

NordVPN tracked data for the past four years, ever since bot markets were launched in 2018.

India has been dealing with cyber security concerns for a while. As recently as last month, multiple servers of the All India Institute of Medical Sciences (AIIMS), a federal government hospital that caters to ministers, politicians and the general public, were infected on November 23, a senior police official told Reuters.

A week after the ransomware attack on AIIMS, the Indian Council of Medical Research (ICMR) faced around 6,000 hacking attempts within 24 hours on November 30, Times of India reported.

Indian cybersecurity rules have tightened only earlier this year, with the Indian Computer Emergency Response Team (CERT) requiring tech companies to report data breaches within six hours of noticing such incidents and to maintain IT and communications logs for six months.

NordVPN’s study looked into three major bot markets — the Genesis market, the Russian Market, and 2Easy — and found stolen logins including those from Google, Microsoft and Facebook accounts.

“What makes bot markets different from other dark web markets is that they are able to get large amounts of data about one person in one place,” said Marijus Briedis, chief technology officer at NordVPN.

“And after the bot is sold, they guarantee the buyer that the victim’s information will be updated as long as their device is infected by the bot.”

Researchers of NordVPN found 667 million cookies, 81,000 digital fingerprints, 5,38,000 auto-fill forms, numerous device screenshots, and webcam snaps in their study.

© Thomson Reuters 2022

Continue Reading

Social Networking

Meta in Big Tech Club but Dwarfed by ‘Giant Tech’ Company Apple, Nick Clegg Says

Avatar

Published

on

Apple's tracking protection for iPhone introduced last year has contributed to a halving of Meta's third-quarter profits this year.
By Agence France-Presse | Updated: 8 December 2022

Facebook parent Meta may be in the Big Tech club but it sees itself as being dwarfed by “Giant Tech” company — and corporate foe — Apple, a top executive, Nick Clegg, said Wednesday.

“There’s Big Tech and there’s Giant Tech,” Clegg told an audience in Brussels, where Meta was courting policymakers with its latest virtual reality (VR) gear.

“I mean Apple is now, what, eight times the size of Meta” in terms of stock market capitalisation, he said.

“I mean, it’s just there is very, very, very, very big” in the Big Tech sector and Apple is it, added Clegg.

The comparison underlines Meta’s steep market slide over the past 16 months — and the bad blood with Apple, which has eviscerated Meta’s data collection strategy.

Apple last year introduced a data privacy option on its hugely popular iPhones that prevents Meta and other online data collectors from getting user tracking information they previously relied upon to target advertising.

That has contributed to a halving of Meta’s third-quarter profits this year.

The US company’s costly focus on the metaverse, a virtual world where users appearing as digital avatars can interact, has also played a role.

Meta — re-branded to reflect its focus — has spent a staggering $100 billion (roughly Rs. 8.2 lakh crore) to date on building that technology, whose widespread adoption is forecast to be many years away.

Meta last month announced it was axing 11,000 employees — 13 percent of its workforce — in a general tech belt-tightening that has also seen jobs shed at Twitter, Amazon, and Hewlett-Packard (HP).

Challenge from China

Meta’s stock market capitalisation has slid from an all-time high of $1.07 trillion (roughly Rs. 88 lakh crore) in August 2021 to just over $300 billion (roughly Rs. 25 lakh crore) today — a 72 percent drop.

Apple’s over the same period has stayed steadily above $2 trillion (roughly Rs. 165 lakh crore) since late 2020, and is currently around $2.3 trillion (roughly Rs. 190 lakh crore).

Meta has long complained that Apple is building a “walled garden”, with its users locked into its devices, operating system and app store, at the expense of Meta and other online players.

Both Meta and Apple, as well as other Big Tech ones, have repeatedly come under the regulatory microscope in the European Union and the United States as commercial strategies butt up against anti-trust and data privacy concerns.

But Clegg said China was increasingly challenging the US domination of the online world.

“You’ve got US and Chinese big tech now really kind of looming over the whole scene,” he said.

“And don’t, by the way, underestimate how aggressively Chinese big tech is investing in the metaverse,” he added, pointing to the Pico VR headsets being marketed by ByteDance, the Chinese owner of the popular social app TikTok.

Meta’s own investment into VR and Augmented Reality — collectively known as XR, or extended reality — showed its belief that “the biggest bets are the bets which are furthest away… and they’re also the ones where the technology is most expensive,” Clegg said.

Investor criticism of that focus, and a “narrative of pessimism” about Meta’s focus on it, “profoundly underestimates the very, very strong health of the underlying business” of the company, he said.

Continue Reading

Cryptocurrency

FTX Collapse: Sam Bankman-Fried Reportedly Faces Market Manipulation Inquiry by US Prosecutors

Avatar

Published

on

US prosecutors are looking into whether Sam Bankman-Fried controlled the prices of two interlinked currencies, TerraUSD and LUNA.
By Reuters | Updated: 8 December 2022

US federal prosecutors are investigating whether FTX’s founder Sam Bankman-Fried manipulated the market for two cryptocurrencies this May that led to their collapse and resulted in the implosion of his own cryptocurrency exchange, the New York Times reported on Wednesday.

The prosecutors are looking into whether Bankman-Fried controlled the prices of two interlinked currencies, TerraUSD and LUNA, to benefit the entities he controlled including FTX and Alameda Research, the report said.

The investigation is in its early stages, the newspaper said, adding that it is not clear whether prosecutors have determined any wrongdoing by Bankman-Fried, or when they began looking at the TerraUSD and Luna trades.

US federal prosecutors are investigating whether FTX’s founder Sam Bankman-Fried manipulated the market for two cryptocurrencies this May that led to their collapse and resulted in the implosion of his own cryptocurrency exchange, the New York Times reported on Wednesday.

The prosecutors are looking into whether Bankman-Fried controlled the prices of two interlinked currencies, TerraUSD and LUNA, to benefit the entities he controlled including FTX and Alameda Research, the report said.

The investigation is in its early stages, the newspaper said, adding that it is not clear whether prosecutors have determined any wrongdoing by Bankman-Fried, or when they began looking at the TerraUSD and Luna trades.

The crypto exchange filed for bankruptcy last month after a liquidity crisis that saw at least $1 billion (roughly Rs. 8,200 crore) of customer funds vanish. FTX’s demise comes after a string of meltdowns that have taken down other key players including Voyager Digital and Celsius Network and led some global investors to question the viability of the cryptocurrency sector.

In recent weeks, US authorities have sought information from investors and potential investors in FTX, according to two sources with knowledge of the requests.

Federal prosecutors in New York are asking for details on any communications such firms have had with the crypto firm and its executives, including Bankman-Fried, the sources said. Bloomberg previously reported the information requests.

FTX and Alameda research did not respond to Reuters request for comments.

© Thomson Reuters 2022

Continue Reading

Trending