Social media and video streaming services (SMVSSs), including Amazon, Alphabet-owned YouTube, Meta’s Facebook and TikTok, are engaging in a “vast surveillance of users” to profit off their personal information. The report also raised concerns about the lack of meaningful privacy safeguards for children and teens. “These surveillance practices can endanger people’s privacy, threaten their freedoms, and expose them to a host of harms, from identity theft to stalking,” said FTC Chair Lina Khan in a statement. The findings stem from a special investigation launched in December 2020, targeting nine major companies in the U.S. to understand how their platforms impact…
Author: ISB Staff Reporter
In a major cyber operation, the U.S. Justice Department announced the successful takedown of a botnet controlled by People’s Republic of China (PRC) state-sponsored hackers. The botnet, dubbed “Raptor Train” by Black Lotus Labs, spanned over 200,000 devices globally. It was linked to hackers working for Integrity Technology Group, a Beijing-based company known in cybersecurity circles as “Flax Typhoon.” It infected various consumer devices like home routers, IP cameras, and DVRs, forming a network that hackers used for malicious activities disguised as normal internet traffic. In response, U.S. authorities launched a court-authorized operation, effectively neutralizing the botnet by sending disabling…
Tensions in Lebanon soared on Wednesday as handheld radios used by Hezbollah fighters exploded across the country’s south, marking the deadliest day since cross-border skirmishes with Israel began nearly a year ago, reported Reuters. The explosions left 20 dead and over 450 injured, according to Lebanon’s health ministry, further stoking fears of a broader conflict with Israel. This latest incident follows a similar wave of blasts on Tuesday when thousands of pagers used by Hezbollah members detonated, killing 12 people, including two children, and wounding nearly 3,000 others. Lebanon’s Red Cross reported a massive response, dispatching 30 ambulance teams to…
In a coordinated and deadly attack, pagers used by hundreds of Hezbollah members exploded almost simultaneously across Lebanon on Tuesday, killing at least nine people and injuring thousands more, according to officials. Both Hezbollah and the Lebanese government have pointed to Israel as the orchestrator of what appears to be a highly sophisticated remote strike. A U.S. official revealed that Israel had briefed the United States following the operation, which involved small amounts of explosives being secretly planted inside the pagers and then detonated. The official, who was not authorized to discuss the matter publicly, provided insight into the complex…
Yesterday, Reuters reported that multiple explosions involving communication devices used by Hezbollah resulted in at least nine deaths and over 3000 injuries across Lebanon. Among those wounded were Hezbollah fighters, medics, and Iran’s ambassador to Lebanon, Mojtaba Amani, who sustained minor injuries. The blasts, which occurred around 3:45 p.m. local time, have been described by Hezbollah as the “biggest security breach” they have faced during their ongoing conflict with Israel. While Hezbollah and the Lebanese government blamed Israel for the explosions, Israeli officials have not commented. The Lebanese Red Cross deployed over 50 ambulances and 300 medics to assist the…
Cyware joins CoSAI to help drive the development of secure and ethical AI technologies, addressing the urgent need for AI safety amid today’s rapidly evolving cyber threats. Cyware, a provider of threat intelligence management, security collaboration, and orchestrated response, has joined the Coalition for Secure AI (CoSAI). By joining CoSAI, Cyware says it reinforces its commitment to fostering innovation in AI while ensuring that safety, privacy, and security remain at the forefront of technological advancement. CoSAI is an international alliance dedicated to promoting the development and deployment of secure, ethical, and transparent AI technologies. It is a collaborative open-source initiative…
Nearly two weeks after a significant cybersecurity breach, Transport for London (TfL) announced on its employee hub that its 30,000 employees must attend in-person appointments to verify their identities and reset their passwords. This move follows a full system reset after the entity discovered that some employee and customer data had been compromised. The cyberattack first detected on 1 September 2024, prompted immediate action to limit access to TfL systems. According to TfL’s Chief Technology Officer, Shashi Verma, investigations revealed that employee directory details, including email addresses, job titles, and employee numbers, were accessed. Luckily, there is zero evidence that…
In 2024, Unit 42 researchers observed a sharp increase in large-scale phishing campaigns using a novel technique involving the HTTP response header. Between May and July, they detected approximately 2,000 malicious URLs daily, which directed web browsers to refresh or reload pages automatically—without user interaction. Unit 42 is a threat intelligence, incident response, and cyber risk expertise team backed by Palo Alto Networks technology. Unlike traditional phishing tactics that rely on HTML content, this method manipulates the HTTP response header, allowing malicious links to execute before any visible content loads. “Since the original and landing URLs are often found under…
The ransomware group, Hunters International, has reportedly claimed responsibility for a breach at the London branch of the Industrial and Commercial Bank of China (ICBC), one of China’s largest state-owned banks. According to the group, they have exfiltrated 6.6 terabytes of data, comprising over 5.2 million files. The gang was given a ransom deadline of 13 September 2024 and threatened to release the stolen data if their demands are not met. Potentially Catastrophic Exposure Ted Miracco, CEO of Approov, says financial entities house and manage highly sensitive data, and a breach of this magnitude could result in heavy fines and…
Cleafy’s Threat Intelligence team has uncovered a new variant of the TrickMo Android banking Trojan. Initially classified as an unknown malware sample, deeper analysis revealed it as a TrickMo variant with some new anti-analysis features, making detection more difficult and posing a significant threat to mobile banking users. TrickMo’s Evolution TrickMo, first identified by CERT-Bund in 2019, has a long history of targeting Android devices to carry out financial fraud. It initially gained infamy for intercepting one-time passwords (OTPs) and other two-factor authentication (2FA) mechanisms, focusing on European banking applications, particularly in Germany. The Trojan evolved from the notorious TrickBot…
