Cybercrime Crew Claims It Hacked Mike Lindell’s MyPillow
Cybercrime Crew Claims It Hacked Mike Lindell’s MyPillow
网络犯罪团伙声称已入侵迈克·林德尔的 MyPillow
The United States military has known for years that enemies could use location data to track troops’ phones—and it’s also long been aware of easy fixes for the problem. The Pentagon adopted almost none of these protections, though, in spite of admitting in a letter exposed this week that US adversaries are actually using the data to target soldiers in war. Meanwhile, US law enforcement warned this week about “anti-tech extremism” as AI backlash grows around the country. 多年来,美国军方一直清楚敌人可以利用位置数据追踪士兵的手机,也早就知道解决这一问题的简便方法。然而,尽管本周曝光的一封信件承认美国对手确实正在利用这些数据在战争中锁定士兵,五角大楼却几乎没有采取任何保护措施。与此同时,随着全国范围内对人工智能的抵制情绪日益高涨,美国执法部门本周发出了关于“反科技极端主义”的警告。
After a nearly 90-day internet shutdown, connectivity started to trickle back into Iran this week amid internal political power struggles and ongoing negotiations with the US to end its war with Tehran. Researchers cautioned that it is unclear how extensive the restoration will be and whether connectivity will only return temporarily. 在经历了近 90 天的互联网中断后,随着内部政治权力斗争以及与美国就结束对德黑兰战争的谈判持续进行,伊朗本周开始逐步恢复网络连接。研究人员提醒称,目前尚不清楚恢复的范围有多大,以及这种连接是否只是暂时的。
As cybercriminals and offensive hackers ramp up their use of AI to exploit vulnerabilities and develop hacking tools, the technology is also radically changing the dynamics of how security researchers hunt for vulnerabilities. And scammers are using real hotel reservation data and other travel details to conduct effective spear-phishing campaigns, potentially accessing customer data from 350 hotels and vacation rentals around the world. 随着网络罪犯和攻击型黑客越来越多地利用人工智能来挖掘漏洞和开发黑客工具,这项技术也正在从根本上改变安全研究人员寻找漏洞的方式。此外,诈骗者正利用真实的酒店预订数据和其他旅行细节进行有效的鱼叉式网络钓鱼攻击,可能导致全球 350 家酒店和度假租赁平台的客户数据遭到泄露。
And there’s more. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there. 还有更多内容。每周,我们都会汇总那些我们未进行深度报道的安全与隐私新闻。点击标题即可阅读全文。祝大家保持安全。
Cybercrime Crew Claims It Hacked Mike Lindell’s MyPillow
网络犯罪团伙声称已入侵迈克·林德尔的 MyPillow
Play, a Russian-language ransomware operation that has affected more than 900 organizations since 2022, posted to its dark-web leak site on Monday claiming it had pulled “private and personal confidential data, clients’ documents, budget, payroll, IDs, taxes,” and other financial records from MyPillow. The Minnesota-based home goods company is run by Mike Lindell, who is among at least 10 Republicans seeking the party’s nomination for governor of Minnesota in August’s primary. Lindell is also one of the most prolific backers of Donald Trump’s false claims of victory in the 2020 election. 自 2022 年以来,俄语勒索软件组织“Play”已影响了 900 多个组织。该组织周一在其暗网泄露网站上发帖称,已从 MyPillow 获取了“私人和个人机密数据、客户文档、预算、工资单、身份证件、税务”及其他财务记录。这家总部位于明尼苏达州的家居用品公司由迈克·林德尔(Mike Lindell)经营,他是至少 10 位寻求在 8 月份初选中获得明尼苏达州州长共和党提名的候选人之一。林德尔也是唐纳德·特朗普关于 2020 年大选获胜的虚假主张的最积极支持者之一。
Play reportedly set a Friday deadline for MyPillow to make contact before publishing the data online. Lindell told Straight Arrow News, which broke the story of the ransomware claims on Tuesday, that his company was not hacked and that allegations that it was are a political hit job. 据报道,Play 为 MyPillow 设定了周五的最后期限,要求其在数据被发布到网上之前进行联系。林德尔在接受周二率先报道此勒索软件声明的 Straight Arrow News 采访时表示,他的公司并未遭到黑客攻击,有关攻击的指控是一场政治抹黑。
“This is another hit job by outside sources because I’m running for governor,” Lindell said. “I guarantee it. We do not have any breaches in our data at all.” “这是外部势力针对我竞选州长发起的又一次抹黑,”林德尔说。“我保证。我们的数据根本没有任何泄露。”
Lindell has been on the losing end of two recent defamation rulings over his 2020 election claims: A federal jury in Colorado last year found that he had defamed Eric Coomer, a former Dominion Voting Systems director, and ordered Lindell and his media platform, FrankSpeech, to pay $2.3 million in damages; a federal judge in Minnesota separately ruled in September that Lindell had defamed Smartmatic through 51 false statements about its voting machines, with damages still to be set at trial. 林德尔最近因其关于 2020 年大选的言论而在两起诽谤诉讼中败诉:去年,科罗拉多州的一个联邦陪审团裁定他诽谤了前 Dominion 投票系统公司主管埃里克·库默(Eric Coomer),并责令林德尔及其媒体平台 FrankSpeech 支付 230 万美元的赔偿金;明尼苏达州的一名联邦法官在 9 月份另行裁定,林德尔通过 51 条关于 Smartmatic 投票机的虚假陈述构成了诽谤,赔偿金额仍待审判确定。
A Ransomware Group Is Stealing Data in Person
勒索软件组织开始“线下”窃取数据
In recent years, ransomware groups have been more aggressive and ruthless in their efforts to obtain money from victims. Most of these criminal hackers now focus on stealing data and extorting companies rather than using malware to lock computer systems. But in rare occasions, ransomware groups have been seen directly threatening executives, or contacting people named in stolen data, to try to obtain payment. The FBI said this week that one ransomware group is going even further: sending people to steal data directly from companies IRL. 近年来,勒索软件组织在向受害者勒索钱财方面变得更加激进和冷酷。这些犯罪黑客中的大多数现在专注于窃取数据和勒索公司,而不是使用恶意软件锁定计算机系统。但在极少数情况下,勒索软件组织会直接威胁高管,或联系被盗数据中提及的人员以试图获取赎金。联邦调查局(FBI)本周表示,一个勒索软件组织甚至更进一步:派遣人员直接到公司内部窃取数据。
Among more traditional social engineering techniques, the FBI says the Silent Ransom Group (SRG), which is targeting law firms, has sent people to company offices to directly get access to computers. “By sending someone in person to the victim’s location to facilitate the intrusion, SRG actors exfiltrate data to an external hard drive or USB drive inserted by the threat actor into the victim’s computer,” the FBI said in an alert. Security researchers say the tactic has not been seen before. The FBI did not provide any information about who the Russian-speaking ransomware group was sending to conduct its attacks, but researchers believe they could be paying freelancers who do not necessarily know who they are working for. 在传统的社会工程学手段之外,FBI 表示,针对律师事务所的“沉默勒索组织”(Silent Ransom Group, SRG)已经派遣人员前往公司办公室直接访问计算机。“通过派遣人员亲自前往受害者所在地进行入侵,SRG 成员将数据导出到由威胁行为者插入受害者计算机的外部硬盘或 USB 驱动器中,”FBI 在一份警报中称。安全研究人员表示,这种策略此前从未见过。FBI 没有提供关于该俄语勒索软件组织派遣何人进行攻击的信息,但研究人员认为,他们可能是在雇佣那些并不一定知道自己为谁工作的自由职业者。
BusPatrol School Bus Cameras Aim to Feed Surveillance Data to Cops
BusPatrol 校车摄像头旨在向警方提供监控数据
The AI surveillance company BusPatrol, which has installed its cameras in tens of thousands of US school buses, says that it will now turn those cameras into automatic license plate readers that will record the location of every vehicle a BusPatrol school bus passes and make the data available to law enforcement without a warrant. The initiative would turn the familiar yellow buses into what 404 Media aptly described as “roaming surveillance vehicles.” BusPatrol technology, and school bus surveillance tech more broadly, was originally intended to be used for ticketing vehicles that illegally pass stopped buses—a critical safety issue for children. 人工智能监控公司 BusPatrol 已在美国数万辆校车上安装了摄像头。该公司表示,现在将把这些摄像头转变为自动车牌识别器,记录 BusPatrol 校车经过的每一辆车的位置,并无需搜查令即可将这些数据提供给执法部门。这一举措将使这些熟悉的黄色校车变成 404 Media 所形容的“流动监控车”。BusPatrol 的技术以及更广泛的校车监控技术,最初的目的是用于对非法超越停车校车的车辆进行罚款——这对儿童的安全至关重要。
Dropping ShotSpotter Improved Chicago Police Response Times for 911 Calls
弃用 ShotSpotter 后,芝加哥警方对 911 报警的响应时间有所改善
University of Chicago sociology professor Rob Vargas found this month that the Chicago Police Department was four minutes faster in responding to the most urgent non-gunshot 911 calls in the six-month period after Mayor Brandon Johnson shut down ShotSpotter gunshot detection tech in 12 neighborhoods in September 2024. Analyzing Chicago city data as well as data obtained through public records requests, Vargas compared the time period with the preceding six months during which ShotSpotter was still active. The data couldn’t be used to assess response times for calls specifically related to gunshots, but it indicated that ShotSpotter alerts may have been occupying officers with false positives and delaying them in responding to other types of critical 911 calls. 芝加哥大学社会学教授罗布·瓦尔加斯(Rob Vargas)本月发现,在布兰登·约翰逊(Brandon Johnson)市长于 2024 年 9 月关闭 12 个社区的 ShotSpotter 枪声检测技术后的六个月内,芝加哥警察局对最紧急的非枪击类 911 报警的响应速度快了四分钟。通过分析芝加哥城市数据以及通过公共记录请求获得的数据,瓦尔加斯将这一时期与 ShotSpotter 仍在运行的前六个月进行了比较。虽然这些数据无法用于评估与枪击事件直接相关的报警响应时间,但它表明 ShotSpotter 的警报可能因误报而占用了警力,从而延误了他们对其他类型紧急 911 报警的响应。