—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
Author: admin
Russian Prosecutor Asks for 18 Years in Jail for Group-IB Founder
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
Chinese Hackers Breached Ambassador’s Email
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
Clop Drives Record Ransomware Activity in June
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
GitHub Warns Devs of North Korean Attacks
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
Friday Squid Blogging: Chromatophores
Neat:
Chromatophores are tiny color-changing cells in cephalopods. Watch them blink back and forth from purple to white on this squid’s skin in an Instagram video taken by Drew Chicone…
It’s completely hypnotic to watch these tiny cells flash with color. It’s as if the squid has a little sky full of twinkling stars on its skin. This has to be one of the coolest looking sea creatures I’ve seen.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
AI and Microdirectives
Imagine a future in which AIs automatically interpret—and enforce—laws.
All day and every day, you constantly receive highly personalized instructions for how to comply with the law, sent directly by your government and law enforcement. You’re told how to cross the street, how fast to drive on the way to work, and what you’re allowed to say or do online—if you’re in any situation that might have legal implications, you’re told exactly what to do, in real time.
Imagine that the computer system formulating these personal legal directives at mass scale is so complex that no one can explain how it reasons or works. But if you ignore a directive, the system will know, and it’ll be used as evidence in the prosecution that’s sure to follow.
This future may not be far off—automatic detection of lawbreaking is nothing new. Speed cameras and traffic-light cameras have been around for years. These systems automatically issue citations to the car’s owner based on the license plate. In such cases, the defendant is presumed guilty unless they prove otherwise, by naming and notifying the driver.
In New York, AI systems equipped with facial recognition technology are being used by businesses to identify shoplifters. Similar AI-powered systems are being used by retailers in Australia and the United Kingdom to identify shoplifters and provide real-time tailored alerts to employees or security personnel. China is experimenting with even more powerful forms of automated legal enforcement and targeted surveillance.
Breathalyzers are another example of automatic detection. They estimate blood alcohol content by calculating the number of alcohol molecules in the breath via an electrochemical reaction or infrared analysis (they’re basically computers with fuel cells or spectrometers attached). And they’re not without controversy: Courts across the country have found serious flaws and technical deficiencies with Breathalyzer devices and the software that powers them. Despite this, criminal defendants struggle to obtain access to devices or their software source code, with Breathalyzer companies and courts often refusing to grant such access. In the few cases where courts have actually ordered such disclosures, that has usually followed costly legal battles spanning many years.
AI is about to make this issue much more complicated, and could drastically expand the types of laws that can be enforced in this manner. Some legal scholars predict that computationally personalized law and its automated enforcement are the future of law. These would be administered by what Anthony Casey and Anthony Niblett call “microdirectives,” which provide individualized instructions for legal compliance in a particular scenario.
Made possible by advances in surveillance, communications technologies, and big-data analytics, microdirectives will be a new and predominant form of law shaped largely by machines. They are “micro” because they are not impersonal general rules or standards, but tailored to one specific circumstance. And they are “directives” because they prescribe action or inaction required by law.
A Digital Millennium Copyright Act takedown notice is a present-day example of a microdirective. The DMCA’s enforcement is almost fully automated, with copyright “bots” constantly scanning the internet for copyright-infringing material, and automatically sending literally hundreds of millions of DMCA takedown notices daily to platforms and users. A DMCA takedown notice is tailored to the recipient’s specific legal circumstances. It also directs action—remove the targeted content or prove that it’s not infringing—based on the law.
It’s easy to see how the AI systems being deployed by retailers to identify shoplifters could be redesigned to employ microdirectives. In addition to alerting business owners, the systems could also send alerts to the identified persons themselves, with tailored legal directions or notices.
A future where AIs interpret, apply, and enforce most laws at societal scale like this will exponentially magnify problems around fairness, transparency, and freedom. Forget about software transparency—well-resourced AI firms, like Breathalyzer companies today, would no doubt ferociously guard their systems for competitive reasons. These systems would likely be so complex that even their designers would not be able to explain how the AIs interpret and apply the law—something we’re already seeing with today’s deep learning neural network systems, which are unable to explain their reasoning.
Even the law itself could become hopelessly vast and opaque. Legal microdirectives sent en masse for countless scenarios, each representing authoritative legal findings formulated by opaque computational processes, could create an expansive and increasingly complex body of law that would grow ad infinitum.
And this brings us to the heart of the issue: If you’re accused by a computer, are you entitled to review that computer’s inner workings and potentially challenge its accuracy in court? What does cross-examination look like when the prosecutor’s witness is a computer? How could you possibly access, analyze, and understand all microdirectives relevant to your case in order to challenge the AI’s legal interpretation? How could courts hope to ensure equal application of the law? Like the man from the country in Franz Kafka’s parable in The Trial, you’d die waiting for access to the law, because the law is limitless and incomprehensible.
This system would present an unprecedented threat to freedom. Ubiquitous AI-powered surveillance in society will be necessary to enable such automated enforcement. On top of that, research—including empirical studies conducted by one of us (Penney)—has shown that personalized legal threats or commands that originate from sources of authority—state or corporate—can have powerful chilling effects on people’s willingness to speak or act freely. Imagine receiving very specific legal instructions from law enforcement about what to say or do in a situation: Would you feel you had a choice to act freely?
This is a vision of AI’s invasive and Byzantine law of the future that chills to the bone. It would be unlike any other law system we’ve seen before in human history, and far more dangerous for our freedoms. Indeed, some legal scholars argue that this future would effectively be the death of law.
Yet it is not a future we must endure. Proposed bans on surveillance technology like facial recognition systems can be expanded to cover those enabling invasive automated legal enforcement. Laws can mandate interpretability and explainability for AI systems to ensure everyone can understand and explain how the systems operate. If a system is too complex, maybe it shouldn’t be deployed in legal contexts. Enforcement by personalized legal processes needs to be highly regulated to ensure oversight, and should be employed only where chilling effects are less likely, like in benign government administration or regulatory contexts where fundamental rights and freedoms are not at risk.
AI will inevitably change the course of law. It already has. But we don’t have to accept its most extreme and maximal instantiations, either today or tomorrow.
This essay was written with Jon Penney, and previously appeared on Slate.com.
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
Android SpyNote attacks electric and water public utility users in Japan

Authored by Yukihiro Okutomi
McAfee’s Mobile team observed a smishing campaign against Japanese Android users posing as a power and water infrastructure company in early June 2023. This campaign ran for a short time from June 7. The SMS message alerts about payment problems to lure victims to a phishing website to infect the target devices with a remote-controlled SpyNote malware. In the past, cybercriminals have often targeted financial institutions. However, on this occasion, public utilities were the target to generate a sense of urgency and push victims to act immediately. Protect your Android and iOS mobile devices with McAfee Mobile Security.
Smishing Attack Campaign
A phishing SMS message impersonating a power or water supplier claims a payment problem, as shown in the screenshot below. The URL in the message directs the victim to a phishing website to download mobile malware.

Notice of suspension of power transmission because of non-payment of charges from a power company in Tokyo (Source: Twitter)

Notice of suspension of water supply because of non-payment of charges from a water company in Tokyo (Source: Twitter)
When accessed with a mobile browser, it will start downloading malware and display a malware installation confirmation dialog.

The confirmation dialog of Spyware installation via browser (Source: Twitter)
SpyNote malware
SpyNote is a known family of malware that proliferated after its source code was leaked in October 2022. Recently, the malware was used in a campaign targeting financial institutions in January and targeting Bank of Japan in April 2023.
The SpyNote malware is remotely controlled spyware that exploits accessibility services and device administrator privileges. It steals device information and sensitive user information such as device location, contacts, incoming and outgoing SMS messages, and phone calls. The malware deceives users by using legitimate app icons to look real.

Application Icons disguised by malware.
After launching the malware, the app opens a fake settings screen and prompts the user to enable the Accessibility feature. When the user clicks the arrow at the bottom of the screen, the system Accessibility service settings screen is displayed.

A fake setting screen (left), system setting screen (center and right)
By allowing the Accessibility service, the malware disables battery optimization so that it can run in the background and automatically grants unknown source installation permission to install another malware without the user’s knowledge. In addition to spying on the victim’s device, it also steals two-factor authentication on Google Authenticator and Gmail and Facebook information from the infected device.
Although the distribution method is different, the step of requesting Accessibility service after launching the app is similar to the case of the Bank of Japan that occurred in April.
Scammers keep up with current events and attempt to impersonate well-known companies that have a reason to reach out to their customers. The mobile malware attack using SpyNote discovered this time targets mobile apps for life infrastructure such as electricity and water. One of the reasons for this is that electric bills and water bills, which used to be issued on paper, are now managed on the web and mobile app. If you want to learn about smishing, consult this article “What Is Smishing? Here’s How to Spot Fake Texts and Keep Your Info Safe”. McAfee Mobile Security detects this threat as Android/SpyNote and alerts mobile users if it is present and further protects them from any data loss. For more information, visit McAfee Mobile Security.
Indicators of compromise (IoC)
C2 Server:
- 104.233.210.35:27772
Malware Samples:
| SHA256 Hash | Package name | Application name |
| 075909870a3d16a194e084fbe7a98d2da07c8317fcbfe1f25e5478e585be1954 | com.faceai.boot | キャリア安全設定 |
| e2c7d2acb56be38c19980e6e2c91b00a958c93adb37cb19d65400d9912e6333f | com.faceai.boot | 東京電力 |
| a532c43202c98f6b37489fb019ebe166ad5f32de5e9b395b3fc41404bf60d734 | com.faceai.boot | 東京電力TEPCO |
| cb9e6522755fbf618c57ebb11d88160fb5aeb9ae96c846ed10d6213cdd8a4f5d | com.faceai.boot | 東京電力TEPCO |
| 59cdbe8e4d265d7e3f4deec3cf69039143b27c1b594dbe3f0473a1b7f7ade9a6 | com.faceai.boot | 東京電力TEPCO |
| 8d6e1f448ae3e00c06983471ee26e16f6ab357ee6467b7dce2454fb0814a34d2 | com.faceai.boot | 東京電力TEPCO |
| 5bdbd8895b9adf39aa8bead0e3587cc786e375ecd2e1519ad5291147a8ca00b6 | com.faceai.boot | 東京電力TEPCO |
| a6f9fa36701be31597ad10e1cec51ebf855644b090ed42ed57316c2f0b57ea3c | com.faceai.boot | 東京電力TEPCO |
| f6e2addd189bb534863afeb0d06bcda01d0174f5eac6ee4deeb3d85f35449422 | com.faceai.boot | 東京電力TEPCO |
| 755585571f47cd71df72af0fad880db5a4d443dacd5ace9cc6ed7a931cb9c21d | com.faceai.boot | 東京電力TEPCO |
| 2352887e3fc1e9070850115243fad85c6f1b367d9e645ad8fc7ba28192d6fb85 | com.faceai.boot | 東京電力TEPCO |
| 90edb28b349db35d32c0190433d3b82949b45e0b1d7f7288c08e56ede81615ba | com.faceai.boot | 東京電力TEPCO |
| 513dbe3ff2b4e8caf3a8040f3412620a3627c74a7a79cce7d9fab5e3d08b447b | com.faceai.boot | 東京電力TEPCO |
| f6e2addd189bb534863afeb0d06bcda01d0174f5eac6ee4deeb3d85f35449422 | com.faceai.boot | 東京電力TEPCO |
| 0fd87da37712e31d39781456c9c1fef48566eee3f616fbcb57a81deb5c66cbc1 | com.faceai.boom | 東京水道局アプリ |
| acd36f7e896e3e3806114d397240bd7431fcef9d7f0b268a4e889161e51d802b | com.faceai.boom | 東京水道局アプリ |
| 91e2f316871704ad7ef1ec74c84e3e4e41f557269453351771223496d5de594e | com.faceai.boom | 東京水道局アプリ |
The post Android SpyNote attacks electric and water public utility users in Japan appeared first on McAfee Blog.
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
Scammers Love Barbie: Fake Videos Promote Bogus Ticket Offers That Steal Personal Info

Turns out, scammers really love Barbie.
As Barbie makes her debut on the big screen, scammers are aiming to cash in on the summer blockbuster. A rash of scams have cropped up online, including bogus downloads of the film that install malware, Barbie-related viruses, and fake videos that point people to free tickets—but lead to links that steal personal info with spyware instead. Cybercriminals are always on the lookout for opportunities to make phishing and other scams more attractive and believable,” said Steve Grobman, CTO of McAfee, “They often leverage popular and well-publicized events such as movie premieres, concerts, or sporting events to trick users into clicking on malicious links.
Fans lining up to see “Barbie” can steer clear of these attacks if they know what to look for. Here are a few examples of what our researchers have turned up.
Examples of the Barbie fake download scam
In India, we’ve seen several examples of malicious campaigns that attempt to trick victims into downloading the “Barbie” movie in different languages:

Screenshot of malicious campaign aimed at Hindi-speaking users
By clicking the link, it prompts victims to download a .zip file, which is packed with malware.
Barbie-related malware is on the rise
In the last 3 weeks, we’ve seen 100 new instances of malware that have Barbie-related filenames. Once again, this shows how attackers have latched onto the movie’s hype, hoping the people will click the malicious files because the Barbie name is trending.
The types of files varied but included typical types such as .html and .exe. By and large, attackers focused on the U.S., yet other countries have found themselves targeted as well. Below, you can see the country-by-country stats in where these instances of Barbie malware have cropped up:

Malware distribution by country, as of July 20, 2023
Fake videos leading Barbie-branded attacks
The videos will direct potential victims to a Discord server or a website. There, attackers prompt visitors to download a large size .exe file. As before, the file is loaded with malware, such as a variety known as “Redline Stealer” that siphons personal info, login information, and more from devices.

Example of a video pitching bogus Barbie tickets on YouTube
Sharing personal and financial information with these scam sites leads to identity theft and fraud. Scammers might commit these follow-on crimes themselves, and they might post the stolen information for resale on dark web marketplaces as well—all of which puts movie fans at risk.
Even while the Barbie and Oppenheimer films churn up hot, new hype, the online scams linked to them are old hat. Historically, big media events of any kind usher in a glut of online scams. We can point to scam sites linked to the Super Bowl in the U.S., cryptocurrency scams that capitalize on hit shows like Squid Games, and the merchandise and streaming scams that pop up during FIFA’s Men’s and Women’s World Cup.
Cybercriminals are always on the lookout for opportunities to make phishing and other scams more attractive and believable,” Said Steve Grobman, CTO of McAfee, “They often leverage popular and well-publicized events such as movie premieres, concerts or sporting events to trick users into clicking on malicious links.
With that, it’s good news for movie fans. You can avoid these “Barbie” and “Oppenheimer” scams by looking out for several telltale signs and by putting a few simple security measures in place.
Protect yourself from online movie scams
- Stick with trusted retailers and streamers. Keeping your shopping and viewing to known, reputable brands remain your safest bet online. Trusted retailers carry legitimate merchandise. And if counterfeit and knockoff goods do slip into their marketplaces, refund policies give you a way to recover your loss. Moreover, trusted streamers will only carry shows and events that they have the rights to. If you find an offer to stream something that’s heavily discounted, free, or not available on known media outlets, it’s likely a scam. At the very least, it might be pirated content, which could carry malware threats along with it.
- Purchase tickets from the theater chain or a reputable ticketing app. Another way scammers like to cash in on a hot ticket is to open a bogus online box office that charges for tickets. Of course, they won’t deliver. They’ll simply take your money and your card number to boot. You can avoid this by purchasing your tickets online directly from the theater or with a reputable online movie ticketing app that you can find in Apple’s App Store or Google Play.
- Watch out for shoddy-looking sites. Online scammers have various levels of sophistication when it comes to building and designing scam sites. Some can look quite legitimate, yet others look rather slapped together. In either case, keep a sharp eye out for poor web design, typos, and grammatical errors, however small. These often indicate a scam site, as reputable companies make every effort to provide a clean and professional-looking experience.
- View offers, promos, and giveaways with a critical eye. With big media events come big marketing efforts, and scammers will do their best to blend in with them. A quick way to sniff out a scam is to take a close look at the promotion. If it asks you to provide your bank or card information to qualify, count on it being a scam. Put simply, steer clear of promotions that ask for something in return, particularly if it’s your money or personal information.
- Get online protection. Comprehensive online protection software will defend against the latest virus, malware, spyware, and ransomware attacks. Plus, it further protects your privacy and identity. Specific to the “Barbie” and “Oppenheimer” scams floating around, online protection can help prevent you from clicking links to known or suspected malicious sites. In addition, it offers strong password protection by generating and automatically storing complex passwords to keep your credentials safer from hackers and crooks who might try to force their way into your accounts.
The post Scammers Love Barbie: Fake Videos Promote Bogus Ticket Offers That Steal Personal Info appeared first on McAfee Blog.
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
Few Fortune 100 Firms List Security Pros in Their Executive Ranks
Many things have changed since 2018, such as the names of the companies in the Fortune 100 list. But one aspect of that vaunted list that hasn’t shifted much since is that very few of these companies list any security professionals within their top executive ranks.

The next time you receive a breach notification letter that invariably says a company you trusted places a top priority on customer security and privacy, consider this: Only four of the Fortune 100 companies currently list a security professional in the executive leadership pages of their websites. This is actually down from five of the Fortune 100 in 2018, the last time KrebsOnSecurity performed this analysis.
A review of the executives pages published by the 2022 list of Fortune 100 companies found only four — BestBuy, Cigna, Coca-Cola, and Walmart — that listed a Chief Security Officer (CSO) or Chief Information Security Officer (CISO) in their highest corporate ranks.
One-third of last year’s Fortune 100 companies included a Chief Technology Officer (CTO) in their executive stables; 40 listed Chief Information Officer (CIO) roles, but just 21 included a Chief Risk Officer (CRO).
As I noted in 2018, this is not to say that 96 percent of the Fortune 100 companies don’t have a CISO or CSO in their employ: A review of LinkedIn suggests that most of them in fact do have people in those roles, and experts say some of the largest multinational companies will have multiple people in these positions.
But it is interesting to note which executive positions the top companies deem worth publishing in their executive leadership pages. For example, 88 percent listed a Director of Human Resources (or “Chief People Officer”), and 37 out of 100 included a Chief Marketing Officer.
Not that these roles are somehow more or less important than that of a CISO/CSO within the organization. Nor is the average pay hugely different among all these roles. Yet, considering how much marketing (think consumer/customer data) and human resources (think employee personal/financial data) are impacted by your average data breach, it’s somewhat remarkable that more companies don’t list their chief security personnel among their top ranks.
One likely explanation as to why a great many companies still don’t include their security leaders within their highest echelons is that these employees do not report directly to the company’s CEO, board of directors, or Chief Risk Officer.
The CSO or CISO position traditionally has reported to an executive in a technical role, such as the CTO or CIO. But workforce experts say placing the CISO/CSO on unequal footing with the organization’s top leaders makes it more likely that cybersecurity and risk concerns will take a backseat to initiatives designed to increase productivity and generally grow the business.
“Separation of duties is a fundamental concept of security, whether we’re talking about cyber threats, employee fraud, or physical theft,” said Tari Schreider, an analyst with Datos Insights. “But that critical separation is violated every day with the CISO or CSO reporting to the heads of technology.”
IANS, an organization geared toward CISOs/CSOs and their teams, surveyed more than 500 organizations last year and found roughly 65 percent of CISOs still report to a technical leader, such as the CTO or CIO: IANS found 46 percent of CISOs reported to a CIO, with 15 percent reporting directly to a CTO.
A survey last year by IANS found 65 percent of CISOs report to a tech function within organizations, such as the CTO or CIO. Image: IANS Research.
Schreider said one big reason many CISOs and CSOs aren’t listed in corporate executive biographies at major companies is that these positions often do not enjoy the same legal and insurance protections afforded to other officers within the company.
Typically, larger companies will purchase a “Directors and Officers” liability policy that covers legal expenses should one of the organization’s top executives find themselves dragged into court over some business failing on the part of their employer. But organizations that do not offer this coverage to their security leaders are unlikely to list those positions in their highest ranks, Schreider said.
“It’s frankly shocking,” Schreider said, upon hearing that only four of the Fortune 100 listed any security personnel in their top executive hierarchies. “If the company isn’t going to give them legal cover, then why give them the responsibility for security? Especially when CISOs and CSOs shouldn’t own the risk, yet the majority of them carry the mantle of responsibility and they tend to be scapegoats” when the organization eventually gets hacked, he said.
Schreider said while Datos Insights focuses mostly on the financial and insurance industries, a recent Datos survey echoes the IANS findings from last year. Datos surveyed 25 of the largest financial institutions by asset size (two of which are no longer in existence), and found just 22 percent of CSOs/CISOs reported to the CEO. A majority — 65 percent — had their CSOs/CISOs reporting to either a CTO or CIO.
“I’ve looked at these types of statistics for years and they’ve never really changed that much,” Schreider said. “The CISO or CSO is in the purview of the technical stack from a management perspective. Right, wrong or indifferent, that’s what’s happening.”
Earlier this year, IT consulting firm Accenture released results from surveying more than 3,000 respondents from 15 industries across 14 countries about their security maturity levels. Accenture found that only about one-third of the organizations they surveyed had enough security maturity under their belts to have integrated security into virtually every aspect of their businesses — and this includes having CISOs or CSOs report to someone in charge of overseeing risk for the business as a whole.
Not surprisingly, Accenture also found that only a third of respondents considered cybersecurity risk “to a great extent” when evaluating overall enterprise risk.
“This highlights there is still some way to go to make cybersecurity a proactive, strategic necessity within the business,” the report concluded.
One way of depicting the different stages of security maturity.
A spreadsheet tracking the prevalence of security leaders on the executive pages of the 2022 Fortune 100 firms is available here.
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains