A WIRED investigation uncovered coordinates collected by a controversial data broker that reveal sensitive information about visitors to an island once owned by Epstein, the notorious sex offender.

Nearly 200 mobile devices of people who visited Jeffrey Epstein’s notorious “pedophile island” in the years prior to his death left an invisible trail of data pointing back to their own homes and offices. Maps of these visitations generated by a troubled international data broker with defense industry ties, discovered last week by WIRED, document the numerous trips of wealthy and influential individuals seemingly undeterred by Epstein’s status as a convicted sex offender.

The data amassed by Near Intelligence, a location data broker roiled by allegations of mismanagement and fraud, reveals with high precision the residences of many guests of Little Saint James, a United States Virgin Islands property where Epstein is accused of having groomed, assaulted, and trafficked countless women and girls.

Some girls, prosecutors say, were as young as 14. The former attorney general of the US Virgin Islands alleged that girls as young as 12 were trafficked to Epstein by those within his elite social circle.

The coordinates that Near Intelligence collected and left exposed online pinpoint locations to within a few centimeters of space. Visitors were tracked as they moved from the Ritz-Carlton on neighboring St. Thomas Island, for instance, to a specific dock at the American Yacht Harbor—a marina once co-owned by Epstein that hosts an “impressive array” of pleasure boats and mega-yachts. The data pinpointed their movements as they were transported to Epstein’s dock on Little St. James, revealing the exact routes taken to the island.

The tracking continued after they arrived. From inside Epstein's enigmatic waterfront temple to the pristine beaches, pools, and cabanas scattered across his 71-acres of prime archipelagic real estate, the data compiled by Near captures the movements of scores of people who sojourned at Little St. James as early as July 2016. The recorded surveillance concludes on July 6, 2019—the day of Epstein’s final arrest.

Eleven years earlier, the disgraced financier was sentenced to 18 months in jail after a guilty plea in 2008 for soliciting and procuring a minor engaged in prostitution, securing a secret “sweetheart” deal to avoid any federal charges. Renewed interest in the case, notably prompted by a _Miami Herald_ investigation, spawned new charges against Epstein, who was apprehended at New Jersey’s Teterboro Airport in July 2019. A raid of Epstein’s Manhattan townhouse by federal agents yielded a cache of child sexual abuse material, nearly 50 individually cut diamonds, and a fraudulent Saudia Arabian passport, which had expired. He reportedly died by suicide a month later while incarcerated at the Metropolitan Correctional Center, a federal detention facility that closed shortly after Epstein’s death.

Ghislaine Maxwell, former British socialite and an Epstein accomplice, was convicted in 2021 on five counts including sexual trafficking of children by force. Maxwell was arrested in New Hampshire, tracked to a million-dollar home by federal agents using location data pulled from her cell phone.

Little is known publicly about Epstein’s activities in the decade prior to his 2019 arrest. The majority of women who came forward that year to accuse the convicted pedophile in court say they were assaulted in the ’90s and early 2000s.

Now, however, 11,279 coordinates obtained by WIRED show not only a flood of traffic to Epstein’s island property—nearly a decade after his conviction as a sex offender—but also point to as many as 166 locations throughout the US where Near Intelligence infers that visitors to Little St. James likely lived and worked. The cache also points to cities in Ukraine, the Cayman Islands, and Australia, among others.

Near Intelligence, for example, tracked devices visiting Little St. James from locations in 80 cities crisscrossing 26 US states and territories, with Florida, Massachusetts, Texas, Michigan, and New York topping the list. The coordinates point to mansions in gated communities in Michigan and Florida; homes in Martha’s Vineyard and Nantucket in Massachusetts; a nightclub in Miami; and the sidewalk across the street from Trump Tower on Fifth Avenue in New York City.

The coordinates also point to various Epstein properties beyond Little St. James, including his 8,000-acre New Mexico ranch and a waterfront mansion on El Brillo Way in Palm Beach, where prosecutors said in an indictment that Epstein trafficked numerous “minor girls” for the purposes of molesting and abusing them. Near’s data is notably missing any locations in Europe, where citizens are safeguarded by comprehensive privacy laws.

Near Intelligence’s maps of Epstein’s island reveal in stark detail the precision surveillance that data brokers can achieve with the aid of loose privacy restrictions under US law. The firm, which has roots in Singapore and Bengaluru, India, sources its location data from advertising exchanges—companies that quietly interact with billions of devices as users browse the web and move about the world.

Before a targeted advertisement appears on an app or website, phones and other devices send information about their owners to real-time bidding platforms and ad exchanges, frequently including users’ location data. While advertisers can use this data to inform their bidding decisions, companies like Near Intelligence will siphon, repackage, analyze, and sell it.

Several ad exchanges, according to _The Wall Street Journal_, have reportedly terminated arrangements with Near, claiming that its use of their data violated the exchanges’ terms of service.

Officially, this data is intended to be used by companies hoping to determine where potential customers work and reside. But in October 2023, the _Journal_ revealed that Near had once provided data to the US military via a maze of obscure marketing companies, cutouts, and conduits to defense contractors. Bankruptcy records reviewed by WIRED show that in April 2023, Near Intelligence signed a yearlong contract with another firm called nContext, a subsidiary of the defense contractor Sierra Nevada.

nContext secured six federal contracts to provide data in support of the National Security Agency and the Defense Counterintelligence and Security Agency, according to reporting by Byron Tau, author of _Means of Control_, an exposé of the data-broker industry and its ties to the US surveillance state. According to information released during a $100 million funding round in 2019, Near claims to have information on roughly 1.6 billion people in 44 countries.

“The pervasive surveillance machine that has been developed for digital advertising now enables other uses completely unrelated to marketing, including government mass surveillance,” says Wolfie Christl, a Vienna-based researcher at Cracked Labs who investigates the data industry.

The data on Epstein’s guests was produced using an intelligence platform formerly known as Vista, which has now been folded into a product called Pinnacle. WIRED discovered several so-called Vista reports while examining Pinnacle’s publicly accessible code. While the specific URLs for the reports are difficult to find, Google’s web crawlers were able to locate at least two other publicly accessible Vista reports: one geofencing the Westfield Mall of the Netherlands and another targeting Saipan-Ledo Park in El Paso, Texas.

The Little St. James report features five maps, one of which reveals locations of devices observed on the island over more than three years prior to Epstein’s arrest. Two of the maps indicate the inferred “Common Evening Locations” and “Common Daytime Locations” for each device that had visited the island. According to the Vista report, these metrics are meant to show visitors’ “most frequented location on weekdays” as well as weeknights and weekends.

A fourth map shows the “general geographic areas from which a location generates the majority of its visits.” The fifth details visitors’ locations 30 minutes before and after they arrived on Epstein’s island, producing a trail of signals that show phones and other devices carried over by helicopter and boat from the main island.

WIRED extracted the location data from the charts and maps to conduct its analysis, which is ongoing. For this story, we reproduced some of the maps created by Near, while excluding any precise location data that could be used to identify properties or individuals, to protect the privacy of anyone uninvolved in Epstein’s crimes.

Crippled by debt, Near Intelligence filed for bankruptcy protection in December, reporting liabilities of approximately $100 million, less than a year after being listed by Nasdaq. An independent investigation commissioned by the company's board alleged multiple executives engaged in a years-long “concealed scheme” to cheat the company out of tens of millions of dollars. (One of those former executives has filed a claim against the company alleging defamation.)

Near Intelligence has since quietly resumed operations, under the same leadership that initiated the bankruptcy proceedings, rebranding itself as a newly incorporated entity called Azira.

US senator Ron Wyden in early February urged federal regulators to launch investigations into Near Intelligence, citing reporting by _The Wall Street Journal_ that found its platform had been used by a third party to geofence “sensitive locations,” including roughly 600 reproductive health clinics at the behest of a conservative group that waged a multiyear antiabortion campaign. US regulators have begun to designate certain types of locations “sensitive,” including health clinics, domestic abuse shelters, and places of religious worship, in an attempt to shield Americans from predatory data brokers amid the US Congress’s years-long failure to pass a comprehensive privacy law.

In an email to WIRED, Kathleen Wailes, speaking on behalf of Azira, acknowledged that Near Intelligence had deliberately collected the data on Epstein’s island for its own purposes. Wailes declined multiple invitations to discuss how the data was collected, which prospective client may have created the report of Epstein’s island, and what purpose it served.

Image: WIRED/Flourish

“Azira is committed to data privacy and responsible access to and use of location data,” Wailes said. “To this end, Azira works to track and respond to legal developments under emerging new state laws, FTC guidance and prior enforcement examples, and best practices. Azira is developing procedures to protect consumers' sensitive location data. This includes working to disable all sample offering accounts created by Near.”

Although the discovery of the Epstein island data involved many additional steps, WIRED also found it could be easily retrieved with a simple Google search.

A Department of Justice spokesperson for the US District Court for the Southern District of New York, where Epstein was prosecuted in 2019, declined to comment on whether its investigators ever did business with Near.

While many of the coordinates captured by Near point to multimillion-dollar homes in numerous US states, others point to lower-income areas where Epstein victims are known to have lived and attended school, including areas of West Palm Beach, Florida, where police and a private investigator say they located around 40 of Epstein’s victims.

"Most of the clients who come to me, their number one concern is privacy and safety,” says attorney Lisa Bloom, who represented 11 of Epstein's alleged victims. “It's deeply concerning to think that any sexual abuse victims’ location will be tracked and then stored and then sold to someone, who can presumably do whatever they want with it.”

Legislation introduced during multiple sessions of Congress have aimed to restrict the sale of location data, chiefly to prevent US law enforcement and intelligence agencies from tracking Americans without a warrant. So far, those efforts have failed. Separately, US president Joe Biden issued an executive order in February instructing the Justice Department to establish new rules preventing US companies from selling data to rival nations, which might include Iran, China, Russia, and North Korea. This order is unlikely to impact Azira’s business in the United States.

“The fact that they have this data in the first place and are allowing people to share it is certainly disturbing,” says Eva Galperin, the director of cybersecurity at the Electronic Frontier Foundation, a digital-rights nonprofit. “I just don’t know how many more of these stories we need to have in order to get strong privacy regulations.”

Jeffrey Epstein's Island Visitors Exposed by Data Broker

Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM (dynamic random-access memory) attack that, for the first time, successfully works against AMD Zen 2 and Zen 3 systems despite mitigations such as Target Row Refresh (TRR).
"This result proves that AMD systems are equally vulnerable to Rowhammer as Intel systems, which greatly increases the attack

New ZenHammer Attack Bypasses Rowhammer Defenses on AMD CPUs

By Uzair Amir
COTI's V2 confidentiality layer secures Civic's Dynamic DID, empowering users with control over their data and seamless regulatory compliance.
This is a post from HackRead.com Read the original post: COTI and Civic Partner to Give Users Self-sovereignty of Their Digital Identity

COTI, the world’s fastest, lightest, and most secure confidentiality layer on Ethereum, has announced a partnership with Civic, the leading provider of identity management tools for **Web3**, to ensure full data protection and confidentiality for Civic users. The partnership will see Civic using COTI V2’s confidentiality layer for the Dynamic decentralized identity (DID) offering.

The recent partnership followed closely after COTI announced a community rewards initiative **last week**. This initiative involved airdropping up to 40 million COTI V2 tokens, currently valued at approximately $10 million, to its Native and ERC-20 $COTI holders.

Shahaf Bar-Geffen, COTI CEO said: “We’re excited to integrate COTI V2s confidentiality layer into Civic’s platform. Civic is an industry leader in the field of identity management tools for Web3, and COTI will continue to partner with industry leaders. We look forward to working with Civic’s professional team to bring Dynamic DID into full production”.

COTI V2’s Dynamic DIDs leverage Civic Pass, which is both a verified credential and a non-transferable token in the user’s wallet. Civic Pass can serve as input to meet regulatory requirements like Anti-Money Laundering (AML) and Know Your Customer (KYC).

A user’s **digital identity** is the personal record of their data, credentials, and identifiers that exist throughout the Internet. With so much of our lives taking place online, users are growing increasingly aware of the importance of actively managing their digital identities to avoid data breaches, hacks, and non-consensual data monetization. COTI V2’s confidentiality layer allows the data to provide both verification and computation while staying encrypted throughout.

Civic prioritizes user protection, as seen in their recent **introduction of a physical ID card** for Civic Pass holders. This enables Civic users to prove their identity and minimize the threat of AI-driven identity fraud. The partnership between Civic and COTI represents a major step forward in protecting the digital footprint and credentials of users.

Both COTI and Civic are committed to providing users with full data privacy as they engage with dApps and explore innovative Web3 use cases with confidence. The ability to manage an advanced version of users’ decentralized identity (DID) with COTI V2 will empower dApps to interact with Civic’s identities and query complex insights without accessing sensitive data.

Harnessing the privacy-preserving power of garbled circuits, COTI V2 unlocks Dynamic DID, a powerful upgrade that allows for advanced features like confidential data sharing and complex calculations. Civic will be integrating with COTI V2 across all phases of COTI V2’s development: Devnet, Testnet, and Mainnet, as a design partner

The partnership marks a major step in enabling true self-sovereignty of users’ digital identity as more people enter the Web3 ecosystem. Users can securely store their sensitive information with Civic without having to physically disclose it, while still enabling seamless compliance with regulatory frameworks like **Anti-Money Laundering (AML)** and Know Your Customer (KYC) requirements.

> Today, we’re announcing the Civic ID System, which combines digital, analog, and mobile identity.
> 
> We’re also launching the Civic ID card, a physical ID card that will bridge our online and offline digital identity platform.
> 
> Civic ID is designed to meet the next generation of… pic.twitter.com/BO2O0Q6jK4
> 
> — Civic (@civickey) March 26, 2024

****About Civic****

Civic is a leading provider of identity management tools for web3, empowering people to easily and privately manage their identities across chains with an on-chain representation of their reusable identity.

The company’s flagship product, Civic Pass, is an integrated permissions tool that helps business customers enable secure access to their on-chain assets. Users may also manage their identity, presence and reputation with a dashboard. Civic aims to be the most trusted on-chain identity tool in the world, used by billions every day. Civic was co-founded in 2015 by Vinny Lingham and Jonathan Smith. For more information, visit: **Civic.com**.

****About COTI****

COTI is the fastest and lightest confidentiality layer on Ethereum. Powered by the breakthrough cryptographic protocol Garbled Circuits and secured by Ethereum, COTI introduces the most advanced and compliant solution for data protection on the public blockchain.

Paving the way for the next wave of Web3 innovation and adoption, COTI unlocks a whole new world of use cases, including confidential transactions, Artificial Intelligence, DeFi, decentralized identification, and more. For more information, visit: **Coti.io**.

1.  Powerloom to Hold First Ever Node Mint on Polygon Network
2.  Owning Versus Renting – The Circumstances of Web3 Domains
3.  Overworld secures $10M for cross-platform ARPG development
4.  GoPlus Security Raises $4 Million to Enhance Web3 User Protection
5.  UOB, Samsung Back Singapore’s Startale Labs in $7 Million Web3 Push

COTI and Civic Partner to Give Users Self-sovereignty of Their Digital Identity

By Waqas
The cyberattack occurred in the first week of March 2024 during the ASEAN-Australia Special Summit in Melbourne.
This is a post from HackRead.com Read the original post: Chinese APTs Targeted ASEAN During Summit with Espionage Malware

Chinese APT groups launched a cyberespionage campaign targeting ASEAN organizations with malware, coinciding with the recent ASEAN-Australia Special Summit — Palo Alto Networks’ Unit 42 report reveals the attacks, highlighting the need for robust cybersecurity measures in Southeast Asia.

A recent report by Palo Alto Networks’ Unit 42 cybersecurity research team has revealed a coordinated cyber espionage campaign that targeted countries affiliated with the Association of Southeast Asian Nations (ASEAN). The Chinese Advanced Persistent Threat (APT) groups are blamed for this.

The report, titled “ASEAN Entities in the Spotlight: Chinese APT Group Targeting,” highlights the activities of two separate APT groups. One identified group is Stately Taurus, a well-known threat actor with a history of cyberespionage operations.

Unit 42 researchers discovered that the cyber attack involved two malicious packages including “Talking\_Points\_for\_China.zip,” a ZIP file and “PSO.scr,” an executable screensaver file. One of these malware packages was created by Stately Taurus specifically matching with the dates of the ASEAN-Australia Special Summit held in March 2024 in Melbourne.

The malicious package (Screenshot: Unit 42)

This suggests a targeted effort to gather intelligence during the critical regional event. This incident is also similar to the one in July 2023, where pro-Ukraine attendees of the NATO Summit were targeted with the RomCom RAT malware. Russian government hackers were suspected in that case.

> _“These types of campaigns continue to demonstrate how organizations are targeted for cyber espionage purposes, where nation-state affiliated threat groups collect intelligence of geopolitical interests within the region”_
> 
> Palo Alto Networks’ Unit 42

The report goes on to show why organizations within ASEAN countries must take strong measures to defend against such cyberattacks. Palo Alto Networks recommends deploying advanced security solutions like DNS Security, Advanced URL Filtering, and WildFire to mitigate these threats.

While the Unit 42 report identifies two specific APT groups, the full extent of the campaign and the potential involvement of other actors remain under investigation. Continued monitoring and threat intelligence gathering are essential to fully understand the scope of this espionage activity.

Nevertheless, this discovery comes amidst heightened geopolitical tensions in the Southeast Asian region. The targeted nature of the attacks, coinciding with a major regional summit, raises concerns about potential attempts to gain an advantage in international relations.

Cybersecurity experts are urging ASEAN member states and affiliated organizations to remain alert against such cyberespionage efforts. Collaboration on information sharing and implementing proper cybersecurity measures is a must to defend against these ongoing threats.

1.  China Arrests 4 for Weaponizing ChatGPT for Ransomware Attack
2.  China-Linked Spyware Found in Google Play Apps, 2m Downloads
3.  Chinese Evasive Panda Targets Tibetans with Nightdoor Backdoor
4.  China-Blackwood APT Uses NSPX30 Backdoor in Cyberespionage
5.  Chinese Hackers Hack Dutch Defense Networks with Coathanger RAT

Chinese APTs Targeted ASEAN During Summit with Espionage Malware

Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining.
"This vulnerability allows attackers to take over the companies' computing power and leak sensitive data," Oligo Security researchers Avi

Critical Unpatched Ray AI Platform Vulnerability Exploited for Cryptocurrency Mining

By Waqas
Tributes turned toxic as crooks abuse AI.
This is a post from HackRead.com Read the original post: AI Generated Fake Obituary Websites Target Grieving Users

Scammers are using AI generated fake obituaries. These deceptive websites appear identical to real memorials, exploiting human emotions to steal personal data, solicit donations for non-existent causes, or infect devices.

Cybersecurity researchers at SecureWorks have discovered an alarming trend in which scammers are leveraging AI (artificial intelligence) to create fake obituary websites. These sites, identical to genuine memorials, exploit human emotions for malicious purposes.

SecureWorks team noticed an uptick in web domains registered with obituary-related keywords, coupled with unusually sophisticated content. Upon closer inspection, the truth emerged: these were not heartfelt tributes but AI-generated fabrications aimed at scamming unsuspected individuals.

The increasing misuse of artificial intelligence (AI) is hardly unexpected. Recent findings indicate that cybercriminals are employing open-source AI technologies to create child abuse material (CSAM). Additionally, the emergence of harmful chatbots such as FraudGPT and WormGPT shows the extent to which AI can be exploited for malicious purposes.

The latest scam operates by creating obituary notices that mimic real ones in detail and sentiment, thanks to AI’s capability to generate human-like text. Visitors to these sites are often led to believe they’re paying respects to a deceased individual, not realizing the information is entirely fake.

The end game of it could be to phish for personal data, solicit donations for non-existent causes, or infect visitors’ devices with malware. Additionally, users are bombarded with fake malware pop-ups and in case the individual is using AdBlock (which they should) are blocked from visiting the site unless they whitelist the scam site.

Source: Secureworks

Some of the scam sites identified by SecureWorks include the following:

*   obituaryway.com
*   funeralinfotime.com
*   memorialinfoblog.com
*   obituaryinfotimes.com
*   obitsmemorialhomes.com
*   nextdoorfuneralhomes.com

Nevertheless, the emotional toll of these fake sites cannot be overstated. Families and friends of individuals who have recently passed away may stumble upon these fake notices, experiencing fresh waves of grief and confusion.

Moreover, these scams also have a financial angle—some sites solicit donations for funeral expenses or charitable causes in the deceased’s name, unintentionally funding contributions into the pockets of scammers.

****Identifying Fake Obituary Sites****

Distinguishing between genuine and fake obituary sites can be challenging, given the sophistication of AI-generated content. However, there are red flags to look for:

*   **Unverified Information**: Real obituary notices are usually posted by known funeral homes or are verifiable through local news sources.
*   **Solicitation of Funds**: Genuine obituary sites rarely, if ever, ask for donations directly on the page.
*   **Poorly Credentialed Websites**: Look at the website’s other content and credibility. A legitimate obituary site will not have advertisements or unrelated content.
*   **Absence of Detailed Personal Stories**: While AI can generate convincing summaries, it lacks the personal anecdotes and depth that come from genuine contributions.

1.  AI Boosts Ransomware Threat, UK Cyber Security Center
2.  ShadowRay Campaign Hits Ray AI Framework in Global Attack
3.  AI-Powered Scams, Human Trafficking Fuel Global Cybercrime
4.  Deepfakes Are Being Used to Circumvent Facial Recognition Systems
5.  McAfee’s Mockingbird AI Tool Detects Deepfake Audio with 90% accuracy

AI Generated Fake Obituary Websites Target Grieving Users

By Uzair Amir
Discover the top three cybersecurity tools designed to safeguard your business data from online threats and breaches, ensuring secure data transfer.
This is a post from HackRead.com Read the original post: Top 3 Cybersecurity Tools to Protect Business Data

Cybersecurity threats have increased over the years. Research shows that, on average, 2,200 cyber-attacks are happening daily, and a single data breach can cost your business around $9.44 million on average.

These stats highlight the importance of securing your business data. If your business frequently deals with data transfers or file exchanges, investing in reliable cybersecurity tools is necessary.

But with so many options available, it can be overwhelming to determine which ones are best suited for your organization’s needs. That’s why we’re here to help. In this article, we’ll discuss the top three cybersecurity software to help protect your business data effectively.

****Why Should You Use Cybersecurity Tools or Platforms?****

Cybersecurity tools are software solutions designed to protect against online threats such as viruses, malware, and hacking attempts. These tools help you to,

*   Keep important data safe from hackers and cyber threats.
*   Stop unauthorized users from getting into your networks and systems.
*   Continuously watch for unusual actions and alert you to potential breaches.
*   Prevent costly data breaches that could harm your finances.
*   Comply with laws and standards for your industry.
*   Maintain the confidentiality of your customers’ personal information.
*   Prevent interruptions in your business operations, saving time and money.

Regular use of cybersecurity tools improves your overall security, making it harder for attackers to succeed.

****Top 3 Cybersecurity Tools** **

Among the variety of cybersecurity tools available, these three are tailored specifically for businesses managing substantial volumes of sensitive file transfers.

****IBM Aspera****

IBM Aspera is a high-speed data transfer solution developed by IBM. It serves organizations globally, including those in the manufacturing, healthcare, and media industries. With this tool, you can enjoy file transfer up to 100 times faster, managing up to 100 TB of data daily. 

Aspera ensures secure data transfer, facilitating big data transport, large file sending, and low-latency streaming. It supports automation and management of file transfer processes, including hybrid cloud workflows. Additionally, it uses blockchain technology to enhance security in multi-cloud environments.

****Features****

*   **Secure data transfer:** Transfers safely globally with strong security measures. 
*   **Big data transport and sync:** Move, distribute, and sync large files and datasets efficiently worldwide. 
*   **Large-file sharing:** Speed up collaboration by sharing big data and large files with teams globally. 
*   **Transfer management:** Automate, monitor, and control file transfers and workflows smoothly. 
*   **Any bit-rate streaming:** Send data of any size and high-bit-rate video with very little delay.
*   **Hybrid cloud workflows:** Create scalable workflows that work on-premises, in the cloud, or both. 
*   **Secure asset exchange:** Increase security in digital asset movement using blockchain technology.

****Trend Micro Cloud One****

Trend Micro Cloud One File Storage Security offers strong security solutions for cloud storage services. With the increasing use of cloud-based applications, protecting file upload and transfer processes is vital. 

Trend Micro provides top-notch protection supported by extensive threat research. It includes automated malware scanning and file reputation technologies to ensure safety. This solution protects files of all sizes across different business processes and applications, making the cloud storage environment secure. 

****Features****

*   **File reputation:** Blocks known malicious files using anti-malware signatures.
*   **Variant protection:** Identifies obfuscated or polymorphic malware variants.
*   **Extensive flexibility:** Supports scanning of various file types, including .BIN, .EXE, .JPEG, .MP4, .PDF, .TXT, .ZIP, and more.

****Irdeto****

Irdeto is a trusted cybersecurity solution with over 50 years of experience. It protects your business solutions from piracy and cybercriminals. 

Irdeto protects over 5 billion platforms and apps, ensuring robust security measures. It addresses increasing threats in video entertainment, gaming, connected transport, health, and IoT industries. 

Its expertise lies in providing modernized content security protection, including DRM technology for encrypting and transmitting encryption keys. By managing encryption keys effectively, Irdeto reduces the risk of cyber-attacks, safeguarding your organization’s intellectual property.

****Features****

*   **DRM Security:** Protects high-value content through digital rights management.
*   **Enhanced HLS Protection:** Safeguard content delivery with advanced encryption methods.
*   **Forensic Watermarking:** Provides hidden intelligence to shape strategic goals and refine operational tactics for content owners.

****Conclusion****

It is important to protect your business data if you don’t want to become a victim of cyber-attacks. By investing in the top 3 cybersecurity software we have discussed in this blog, you can easily keep your data safe from cyber threats. These tools offer advanced features to securely manage data transfer, prevent breaches, and comply with industry standards. 

1.  CISA Publishes List of Free Cybersecurity Tools and Services
2.  Cybersecurity Business Needs a Real-Time Collaboration Tool
3.  Cybersecurity, Big Data, Automation Tools: What You Must Know
4.  Steps In Penetration Testing, Their Methodology In Cybersecurity
5.  Collaboration Across Platforms Could Supercharge AI Performance

Top 3 Cybersecurity Tools to Protect Business Data

A high court in London says the WikiLeaks founder won’t be extradited “immediately” and the US must provide more “assurances” about any extradition.

The UK high court has extended WikiLeaks founder Julian Assange’s hope to avoid espionage charges in the United States, allowing Assange to further challenge his extradition from the UK to the US.

In a ruling issued in London on Tuesday, two high court judges said that Assange will not be immediately extradited to the United States. In a press summary of the 60-page decision, the court said Assange has a “real prospect of success” in appealing his extradition order and that it requires the US and UK to make further “assurances” about his treatment if he were to be extradited.

“The Court has given the Government of the United States three weeks to give satisfactory assurances: that Mr Assange is permitted to rely on the First Amendment to the United States Constitution (which protects free speech), that he is not prejudiced at trial (including sentence) by reason of his nationality, that he is afforded the same First Amendment protections as a United States citizen and that the death penalty is not imposed,” the press summary says.

Assange’s extradition was first authorized by the British government in June 2022, more than three years after his arrest. The appeals process was repeatedly delayed by the Covid-19 pandemic and Assange’s own deteriorating health, a result, his doctors say, of his prolonged pretrial confinement and his previous stay in the Ecuadorian embassy in London, where he lived under asylum for nearly seven years.

The embattled WikiLeaks founder faces an 18-count indictment in the US, which alleges a conspiracy to commit computer crimes and, most significantly, violations of the Espionage Act for soliciting and publishing classified information related primarily to the US-led wars in Iraq and Afghanistan.

For Assange, his supporters, and the US government, Tuesday’s ruling has been a long time coming, culminating more than four years of legal battles in the UK. The extensive delay inevitably gave rise to a flood of analysis and conjecture from legal scholars, human rights defenders, and envoys of the US intelligence system, spawning myriad theories about the ultimate repercussions of his potential capture, trial, and imprisonment.

Free press advocates have argued the charges against Assange amount to an attack on legal journalistic activities, portrayed by prosecutors as crimes against the state. The right of journalists to publish stolen or leaked information, even when classified “secret,” has been repeatedly affirmed by the US Supreme Court.

US prosecutors allege that Assange in 2010 took matters a step further than what is legally permitted, encouraging then-WikiLeaks source Chelsea Manning to violate the law further by stealing additional files, and by offering to help her crack a hashed password that would have, ostensibly, furthered her access inside a classified Defense Department network.

Though it is unclear whether any of Assange’s offers actually aided Manning or resulted in any additional files being leaked, under the scope of US law, legal experts widely agree, success is beside the point.

Manning, a former US Army intelligence analyst, confessed during a court martial in 2013 to leaking more than 725,000 documents to WikiLeaks, though her conviction pertains only to portions of hundreds of documents. Manning was accused but acquitted of “aiding the enemy.” Her 35-year prison sentence was commuted in January 2017 by former US president Barack Obama in one of his final acts of office.

The Espionage Act, under which Assange is charged, is among the most controversial in the nation’s criminal code, wielded by prosecutors against whistleblowers and national security leakers with the same intensity as any captured traitor or spy.

Much of the US case is based on digital logs of conversations held between WikiLeaks associates and accounts allegedly manned by Assange himself. Ironically, most if not all of this evidence has itself been leaked over the years or otherwise amassed by independent researchers. Distributed Denial of Secrets (DDOS), a WikiLeaks successor, has compiled at least hundreds of thousands of pages of relevant documents from various confidential sources, including those targeted by FBI informers and by the bureau itself via search warrants.

A private database created by DDOS, reviewed by WIRED, currently contains roughly 100 gigabytes’ worth of WikiLeaks material, including several hundred thousand internal emails and tens of thousands of chat logs, many bearing account names known to have been used by Assange personally.

Despite being rigorously cataloged by DDOS researchers, it remains difficult to quantify how many individuals’ communications were logged due to the sheer volume of text. The anti-secrecy organization’s earliest files pertaining to Assange’s activities online date back 30 years.

Emma Best, a journalist and co-founder of DDOS, says it is believed the organization possesses all—or nearly all—of the recorded conversations cited in the US government’s indictment. A large percentage of internal WikiLeaks chatter is said to have been recorded by Sigurdur Thordarson, a former WikiLeaks associate, in the years and months prior to his betrayal of the organization.

Following his stint as an FBI informer in 2011, Thordarson faced multiple convictions in Icelandic court for sex crimes involving minors and for fraud in relation to funds embezzled from WikiLeaks. According to Best, a close inspection of the files would shed even further doubt as to Thordarson’s reliability, as he often mischaracterizes statements by Assange when communicating with other WikiLeaks associates and supporters.

Best says making the WikiLeaks files public is a priority due to the US’s aggressive moves in the case and the international repercussions, but distribution remains limited currently to trusted professionals, primarily for privacy reasons. WIRED’s review found that the documents identify countless individuals, including many who are not affiliated with WikiLeaks. Additionally, while the US and UK governments presumably have access to all or most of the same files, Best says, other governments, which could seek to act upon them legally, likely do not.

“The case against WikiLeaks and Assange is as misunderstood as it is secretive and important, problems worsened by the many liars involved and the largely vibes-based analysis of it,” she tells WIRED. “The first step to fixing this is simple: Leak the case.”

Assange’s case has garnered scrutiny from human rights groups, many evaluating the conditions inside US prisons as too brutal and lousy to be considered anything but cruel and inhumane.

Concerns over American prison conditions posed a major hurdle for US prosecutors in 2021 after the UK high court ruled the odds they would result in Assange’s death by suicide as unacceptable. The court decided that the US successfully mitigated these concerns by offering assurances that Assange would not face certain treatments that, while commonplace in the US, are widely gauged to run afoul of international law, including the use of extreme isolation.

The US’s assurances did little to quell protests from rights groups and Assange family members, as they’d been offered in the past to little effect. Frequently highlighted is the case of British poet Syed Talha Ahsan, who was kept in solitary confinement for years in a Connecticut “supermax” prison known as the Northern Correctional Institution. The prison closed in June 2021.

A key assurance offered by the US is that Assange will never be confined at another supermax prison, Colorado’s ADX Florence, which currently cages more than 300 prisoners. The use of prolonged isolation, common within the prison but employed throughout the US, has been labeled “torture” by current and past United Nations prison watchdogs. Repeated studies have shown prolonged isolation to have deleterious and potentially irreversible effects on the human brain, leading to significantly higher rates of suicide, homicide, and opioid dependence among incarcerated people upon their release.

Another assurance offered by the US is that Assange will not be subjected to “special administrative measures,” an Orwellian euphemism for the government surveilling a prisoner’s attorney-client communications. Among other justifications, the US can implement this procedure—known as SAM—by claiming the monitoring is necessary to “prevent the disclosure of classified information.”

If convicted, Assange’s lawyers say he faces a maximum of 175 years in prison, though US prosecutors have downplayed in the press the likelihood of him receiving such a lengthy sentence.

_This is a developing story and is being updated with new information._

Julian Assange Won’t Be Extradited to the US Yet

US and UK officials hit Chinese hacking group APT31 with sanctions and criminal charges after they targeted thousands of businesses, politicians, and critics of China.

For years, China’s state-backed hackers have stolen huge troves of company secrets, political intelligence, and the personal information of millions of people. On Monday, officials in the United States and United Kingdom expanded the long list of hacking allegations, claiming China is responsible for breaching the UK’s elections watchdog and accessing 40 million people’s data. The countries also issued a raft of criminal charges and sanctions against a separate Chinese group following a multiyear hacking rampage.

In August last year, the UK’s Electoral Commission revealed “hostile actors” had infiltrated its systems in August 2021 and could potentially access sensitive data for 14 months until they were booted out in October 2022. The deputy prime minister, Oliver Dowden, told lawmakers on Monday that a China state-backed actor was responsible for the attack. In addition, Dowden said, the UK’s intelligence services have determined that Chinese hacking group APT31 targeted the email accounts of politicians in 2021.

“This is the latest in a clear pattern of malicious cyber activity by Chinese state-affiliated organizations and individuals targeting democratic institutions and parliamentarians in the UK and beyond,” Dowden said in the UK’s House of Commons. The revelations were accompanied by the UK sanctioning two individuals and one company linked to APT31.

Alongside the UK’s announcement on Monday, the US Department of Justice and Department of the Treasury’s Office of Foreign Assets Control unveiled further action against APT31, also known as Violet Typhoon, Bronze Vinewood, and Judgement Panda, including charging seven Chinese nationals with the conspiracy to commit computer intrusions and wire fraud.

The DOJ claims the hacking group, which has been linked back to China’s Ministry of State Security (MSS) spy agency, has spent 14 years targeting thousands of critics, businesses, and political entities around the world in widespread espionage campaigns. This includes posing as journalists to send more than 10,000 malicious emails that tracked recipients, compromising email accounts, cloud storage accounts, telephone call records, home routers, and more. The spouses of one high-ranking White House official and those of multiple US senators were also targeted, the DOJ says.

“These allegations pull back the curtain on China’s vast illegal hacking operation that targeted sensitive data from US elected and government officials, journalists and academics; valuable information from American companies; and political dissidents in America and abroad,” Breon Peace, a US attorney for the Eastern District of New York, said in a statement. “Their sinister scheme victimized thousands of people and entities across the world, and lasted for well over a decade.”

The moves come as countries increasingly warn of an increase in China-linked espionage, during a year when more than 100 countries will host major elections. Statements from officials focus on the impact of the hacking activity on democratic processes, including the targeting of elected officials around the world and the compromising of pro-democracy activists and lawmakers in Hong Kong. However, the disclosures also coincide with continued jostling from Western politicians over pro- or anti-China stances, including the proposed sale of TikTok to a US company, which could result in a ban on the popular app if the sale fails to go through.

As officials in the UK disclosed the details of the hacking activity, Lin Jian, a Chinese foreign ministry spokesperson, claimed it was “disinformation” and told reporters the country “opposes illegal and unilateral” sanctions. “When investigating and determining the nature of cyber cases, one needs to have adequate and objective evidence, instead of smearing other countries when facts do not exist, still less politicize cybersecurity issues,” Jian said in a daily press conference on Monday.

“China is embarking on a huge global campaign of interference and espionage, and the UK and the like-minded nations are pretty sick of it,” says Tim Stevens, a global security lecturer and head of the cybersecurity research group at King’s College London. Stevens says the public shaming and sanctions are unlikely to significantly change China’s actions but may signal a warning to other countries about what is and isn’t deemed acceptable when it comes to international affairs.

China has a broad range of hacking groups linked to its intelligence services and military, as well as companies that it contracts to launch some cyber operations. Many of these groups have been active for more than a decade. Dakota Cary, a China-focused consultant at security firm SentinelOne, says that groups associated with China’s civilian intelligence service are largely conducting diplomatic or government intelligence collection and espionage, while China’s military hackers are behind attacks on power grids and US critical infrastructure such as water supplies. “We do see China engaging in all of those activities simultaneously,” Cary says.

In announcing criminal charges and sanctions against members of APT31, officials in the US laid out a series of hacking allegations that include the targeting of businesses, political entities, and dissidents around the world. These included a “leading provider” of 5G telecoms equipment in the US, Norwegian government officials, and people working in the aerospace and defense industries. APT31 was run by the MSS’s Hubei State Security Department in the city of Wuhan, US officials say.

The seven Chinese nationals hit with charges are Ni Gaobin, Weng Ming, Cheng Feng, Peng Yaowen, Sun Xiaohui, Xiong Wang, and Zhao Guangzong. Both Zhao Guangzong and Ni Gaobin were also sanctioned. The two are alleged to be affiliated with Wuhan XRZ, a company that has also been sanctioned by the US and UK and is believed to be a cover for MSS-linked hacking operations. Employees of the company hacked into a Texas-based energy company in 2018, the US Treasury Department said.

The group used sophisticated malware—including Rawdoor, Trochilus, and EvilOSX—to compromise systems, according to a 27-page indictment unsealed by the DOJ. They also used a “cracked/pirated” version of penetration testing tool Cobalt Strike Beacon to compromise victims, the indictment says. It adds that, between 2010 and November 2023, the group “gained access” to a defense contractor that designed flight simulators for the US Army, Air Force, and Navy; a multi-factor authentication company; an American trade association; a steel company; a machine learning laboratory based in Virginia; and multiple research hospitals.

In its announcement, the UK outlined two separate China-linked incidents: first, the targeting of the email inboxes of 43 members of parliament (MPs) by APT31 in 2021; and second, the hack of the Electoral Commission by further unnamed China-linked hackers. Elections in the UK are decentralized and organized locally, with the commission overseeing the entire process. This setup means the integrity of the electoral process was not impacted, the commission says; however, a huge amount of data may have been taken by the hackers.

When the Electoral Commission revealed it had been compromised last year, it said the details of around 40 million people may have been accessed. The commission said names and addresses of people in Great Britain who were registered to vote between 2014 and 2022 could have been compromised, and that file-sharing and email systems could have been made accessible. “It’s really remarkable that China would go after election oversight systems, particularly given the diplomacy that the PRC \[People’s Republic of China\] is trying to pull off with the EU,” Cary says. “It’s a very significant act for the PRC to go after these types of systems,” Cary says. “It’s something that democracies are really sensitive to.”

While nations have called out China’s hacking activities for years, the country has evolved its tactics and techniques to become harder to detect. “Over the past couple of years, tired of having their operations rumbled and publicly outed, the Chinese have placed a growing emphasis on stealthy tradecraft in cyber espionage attacks,” Don Smith, vice president of threat intelligence at security firm Secureworks’ counter-threat unit, said in a statement. “This is a change in MO from its previous ‘smash and grab’ reputation but it is viewed by the Chinese as a necessary evolution to one, make it harder to get caught and two, make it nearly impossible to attribute an attack to them.”

Chinese Hackers Charged in Decade-Long Global Spying Rampage

By Deeba Ahmed
New Dark Web Tool GEOBOX, sold for $700 on Telegram and underground forums, hijacks Raspberry Pi, allowing cybercriminals to fake locations and evade detection.
This is a post from HackRead.com Read the original post: New GEOBOX Tool Hijacks Raspberry Pi, Lets Hackers Fake Location

Cybercriminals now repurpose devices like Raspberry Pi into ‘plug-and-play’ weapons for digital fraud. With GEOBOX on the Dark Web, their capabilities are even more sophisticated, enabling manipulation of GPS, network simulation, Wi-Fi mimicry, and anti-fraud filter evasion.

Cybercriminals are targeting IoT devices for illicit activities through OPSEC techniques and customizable settings, allowing these devices to operate without logs and ensure anonymity for perpetrators, reveals research from the US-based cybersecurity solutions and services provider, Resecurity. 

According to Resecurity’s Cyber Threat Intelligence team, a significant discovery has been made on the Dark Web: a malicious tool known as GEOBOX. This tool can turn ordinary IoT hardware into powerful weapons for cybercriminals. GEOBOX represents a “paradigm shift in cybercriminal tactics,” highlighting the evolving nature of threats in the digital landscape.

GEOBOX is being sold on Telegram (Screenshot credit: Resecurity)

GEOBOX is a powerful, deceptive tool specifically designed for the Raspberry Pi 4 Model B devices to facilitate cybercriminals in anonymization and fraud. It was first discovered while investigating an online banking theft involving a high-net-worth (HNW) client of a Fortune 100 financial company, prompting researchers to dig deeper into its workings.

The emergence of GEOBOX is not unexpected, appearing shortly after the discovery of another dark web tool known as TMChecker. TMChecker has been arming ransomware gangs, specifically targeting the e-commerce and aviation industries with precision cyberattacks.

The research blog, shared by Resecurity with Hackread.com, ahead of publication on Monday revealed that threat actors have already used multiple internet-connected GEOBOX devices as proxies, each placed at a strategic remote location, enhancing their anonymity.

This complicated the investigation and tracking process, as GEOBOX devices do not store logs by default. Resecurity observed a bad actor using GEOBOX with two LTE-based wireless modems for enhanced anonymization, particularly in remote connections.

The package can be rented for a lifetime fee of $700 or a monthly rate of $80, payable in cryptocurrency and advertised on major underground forums and Telegram. The user manual provides clear instructions on the download and installation of the Raspberry Pi OS using Raspberry Pi Imager, how to obtain the GEOBOX Software Image and work with the GEOBOX software.

It is a feature-rich tool, including WebRTC IP for discreet online communication, GPS spoofing for geolocation manipulation, and the ability to mask Wi-Fi MAC addresses. The device requires at least 4 GB of RAM, but an 8 GB version is also available offering superior performance. 

Further, it connects to the internet via Ethernet or USB modem and offers various tabs like INTERNETBOX, MIDDLEBOX, Proxy, VPN, and Wi-Fi, each providing specific functionalities. Users can configure various internet connection types, including VPN protocols like L2TP, PPTP, L2TP-IPsec, Wireguard, SSTP, Zerotier, and OpenVPN, and even create a VPN tunnel within another VPN tunnel. 

GEOBOX can help threat actors in cyberattack coordination, dark web market operations, sophisticated financial frauds, circumvention of government censorship, anonymous malware distribution, credential stuffing campaigns, disinformation campaigns, surveillance evasion in authoritarian regimes, content piracy and geo-restriction bypassing, and network security testing.

That’s not all. Cybercriminals can also use GEOBOX to fake their geographical location using a GPS-like driver, bypassing location verification checks on websites like Whoer.net and browserleaks.com, and creating customized accounts on popular platforms like Google and Amazon.

The emergence of GEOBOX necessitates robust digital risk monitoring and endpoint protection strategies, making collaboration between law enforcement agencies, deployment of proactive measures, and continuous innovation in cybersecurity strategies fundamental to counter such threats effectively.

1.  Kaspersky’s iShutdown Tool Detects Pegasus Spyware
2.  New Dark Web Market Styx: Focuses on Money Laundering
3.  USB Wormable Raspberry Robin Malware Hits Windows PCs
4.  Building Your Defense Toolbox: Tools to Combat Cyber Threats
5.  Following WormGPT, FraudGPT Emerges for AI-Driven Cyber Crime

Tag

#intel