NIBS (credit image/Pixabay/ Ryan McGuire)News is picking up as we get into conference season and vendors launch new products. In the UK this week, one of the ongoing stories is a cyber-attack against Transport for London. Initially, it seemed to be contained, but it hit disabled travellers during the week.

WithSecure announced the sale of its open-source data collection business and products to Patria. It is a major defence supplier in the Nordics, majority owned by the Finnish government. Ten members of staff are also transferring to Patria, which is opening a new office.

Neo4j has announced a major transformation of its Aura cloud database management system (DBMS). It promises faster performance across its graph technology and has added GenAI to improve the use of Aura.

CSIS Security Group (CSIS) has acquired Security Alliance Limited (SecAlliance) for an undisclosed amount. The acquisition is part of CSIS’ strategy to become the leading European actionable, intelligence-driven cybersecurity service vendor.

Jitterbit has released a significant upgrade to its Harmony Platform. The company calls it “the next era of integration, orchestration, automation, and application development.” It believes AI is key to helping organisations transform their IT.

New research from VinciWorks shows that the adoption of AI is causing increased business risks for UK firms. The warning comes as more than 60% of companies are looking to implement AI technology. However, 78% are failing to add safeguards around that technology.

Vortex 6 has launched V6 BOM Analyzer, the new solution that enables Cisco partners to maximise their revenue opportunities. It achieves this by delivering complete visibility of the margins on any deal. It uses the key criteria to calculate the margin on any deal. Thus helping to ensure that pricing is as competitive as possible yet still profitable.

Salesforce has signed a definitive agreement to acquire Own Company for around $1.9 billion in cash. Own Company is a leading provider of data protection and data management and already partners with Salesforce.

Egress

Egress has been shortlisted as a finalist for the prestigious ‘IT Security Provider of the Year’ award at the British Legal Technology Awards 2024.

FBI

Musician uses AI to defraud streaming services

Michael Smith has been charged with three counts of trying to defraud streaming services Amazon Music, Apple Music, Spotify, and YouTube Music out of royalty payments. It is alleged that he use AI to create thousands of songs. He then used a range of bots to stream those songs billions of times. It led to him getting more than $10 million in royalty payments.

U.S. Attorney Damian Williams said: “As alleged, Michael Smith fraudulently streamed songs created with artificial intelligence billions of times in order to steal royalties. Through his brazen fraud scheme, Smith stole millions in royalties that should have been paid to musicians, songwriters, and other rights holders whose songs were legitimately streamed. Today, thanks to the work of the FBI and the career prosecutors of this Office, it’s time for Smith to face the music.”

Three indicted for laundering over $1 million from online fraud

Chidi Olujie and Jennifer Chibueze, Nigerian citizens and residents of Maryland, and Jessica Nortey, a Ghanaian citizen and resident of Maryland, have been charged with conspiring to launder over $1 million in proceeds from a romance scam and other online frauds.  according to an indictment unsealed today.

U.S. Attorney Graves, said  “Online fraud schemes require people who are willing and able to launder the money stolen through these schemes. Today’s indictment reflects our commitment to aggressively prosecute the launderers whom we believe are enabling the fraudsters.”

Among the amounts they stole were:

  • $774,150 from a victim of an online romance scam in 2017 through 2018
  • $84,320 from victims who believed they were consummating a business transaction in 2018
  • $140,000 stolen from a victim’s bank account in 2019
  • Over $37,000 in funds misdirected from a victim company in 2019 as a result of a business email compromise scheme.

Two Nigerians sentenced for Business Email Compromise scheme

Franklin Ifeanyichukwu Okwonna has been sentenced to five years and three months in prison and ordered to pay nearly $5 million in restitution for participating in a computer hacking and business email compromise (BEC) scheme that caused over $5 million in losses to multiple victims in the United States and elsewhere.

Okwonna’s co-defendant, Ebuka Raphael Umeti, was sentenced to 10 years in prison and ordered to pay nearly $5 million in restitution. Umeti was convicted of conspiracy to commit wire fraud, three counts of wire fraud, conspiracy to cause intentional damage to a protected computer, and intentional damage to a protected computer.

NCSC

In a new joint advisory, the National Cyber Security Centre and agencies in the United States, the Netherlands, the Czech Republic, Germany, Estonia, Latvia, Canada, Australia and Ukraine have revealed the tactics and techniques used by Unit 29155 of the Russian GRU to carry out cyber operations globally.

Unit 29155 is assessed to have targeted organisations to collect information for espionage purposes, caused reputational harm by the theft and leaking of sensitive information, defaced victim websites and undertaken systematic sabotage caused by the destruction of data.

It is the first time the UK has publicly exposed Unit 29155, also designated as 161st Specialist Training Centre, as being responsible for carrying out malicious cyber activity, which it has undertaken since at least 2020.

Paul Chichester, NCSC Director of Operations, said: “The exposure of Unit 29155 as a capable cyber actor illustrates the importance that Russian military intelligence places on using cyberspace to pursue its illegal war in Ukraine and other state priorities.

“The UK, alongside our partners, is committed to calling out Russian malicious cyber activity and will continue to do so. The NCSC strongly encourages organisations to follow the mitigation advice and guidance included in the advisory to help defend their networks.”

US Department of Justice

Six Russian nationals have been charged with conspiracy to commit computer intrusion and wire fraud conspiracy. Five of the defendants were officers in Unit 29155 of the Russian Main Intelligence Directorate (GRU). The sixth individual was a civilian already under indictment for conspiracy to commit computer intrusion and is now also charged with wire fraud conspiracy.

The indictment alleges that these GRU hackers and their co-conspirator engaged in a conspiracy to hack into, exfiltrate data from, leak information obtained from and destroy computer systems associated with the Ukrainian Government in advance of the Russian invasion of Ukraine. The defendants did so in order to sow concern among Ukrainian citizens regarding the safety of their government systems and personal data.

The defendants’ targets included Ukrainian Government systems and data with no military or defense-related roles. Later targets included computer systems in countries around the world that were providing support to Ukraine, including the United States and 25 other North Atlantic Treaty Organization (NATO) countries.

Assistant Attorney General Matthew G. Olsen of the National Security Division, said, “The GRU’s WhisperGate campaign, including targeting Ukrainian critical infrastructure and government systems of no military value, is emblematic of Russia’s abhorrent disregard for innocent civilians as it wages its unjust invasion.

“Today’s indictment underscores that the Justice Department will use every available tool to disrupt this kind of malicious cyber activity and hold perpetrators accountable for indiscriminate and destructive targeting of the United States and our allies.”

Xalient

Xalient has earned a prestigious spot on the Global Top 100 Inspiring Workplaces List for the second year in a row. This accolade, awarded by The Inspiring Workplaces Group (IWG), follows Xalient’s high rankings earlier this year in the Top Inspiring Workplaces for EMEA, UK, and the US.

Security news from the week beginning 26 August 2024

LEAVE A REPLY

Please enter your comment!
Please enter your name here