• Iranian threat groups take advantage of a Papercut bug
• Watchdog said XCast didn’t hesitate to break the law even though it was aware
• After a multi-year FBI operation, malware used for online spying has been shut down in the US
• Unnerving rise in cyber attacks is fueled by growing China-Taiwan conflict
• TP-Link routers being used by China’s Mustang Panda hackers to launch repeated attacks

 

RFK Jr: ‘Eich Been En Bitcoiner’

(Filed by Mark Jr)

Democrat Presidential Candidate Robert F Kennedy gave a keynote address at the Bitcoin2023 conference last week in Miami and declared full support for the decentralized, non-state monetary protocol. “As President, I will make the right to own, self-custody and run a Bitcoin node inviolable.“

While many Bitcoiners in attendance (I was there too) noted that nobody needs permission to own Bitcoin – the speech was welcomed as a game-changer in the conversation around Bitcoin. Further, RFK opened the speech by saying what *made* him a Bitcoiner was what the Canadian government did during the trucker convoy, freezing the bank accounts of Canadian citizens (and nearly crashing the Canadian financial system in the process).

It was a vindicating moment for Bitcoin, RFKjr was only one of many Presidential contenders and politicians from both sides of the aisle who were there in Miami to woo the Bitcoin vote (wow).

Others included Tulsi Gabbard (Independent), Vivek Ramaswamy (R), Patrick McHenry (R-NC) Chairman of the House Financial Services Committee, and Senator Cynthia Lummis (R-WY).

In stark contrast to Liz Warren and her “anti-crypto army“,  the Miami conference signaled that Bitcoin is here to stay, and the only political choice is whether to find some manner of alignment with it or be swept aside.

In my excitement after the speech I zipped back to my hotel room where I dashed off a quick piece for my blog.

Read: https://bombthrower.com/the-right-to-own-bitcoin-shall-be-inviolate-rfkjr-delivers-historic-keynote-at-bitcoin2023/

Triggernometry Podcast Debanked in UK

(Filed by Mark Jr)

Speaking of being debanked for your political views, the highly successful and world renowned UK podcast Triggernometry  has had their accounts closed by the UK Fintech company Tide. No explanation was given, however with the show regularly having “honest conversations with fascinating people“, including: Nigel Farage, Jordan Peterson, Peter Zeihan and Jaron Lanier, some kind of “wongthink” is suspected.

easyDNS has been a proud sponsor of Triggernometry since 2020 and will continue to stand behind the show (I’m in the process of trying to convince them to just let us send payment in Bitcoin from now on)

Read: https://www.spiked-online.com/2023/05/22/now-the-banks-have-joined-the-war-on-free-speech/

FBI Misuses Intelligence Database 278,000 times

The Foreign Intelligence Surveillance Court (FISC) has found that the Federal Bureau of Investigations (FBI) improperly used a database of foreign intelligence on 278,000 occasions.

The Office of the Director of National Intelligence (ODNI) released the information. The searching of these databases by the FBI are only meant to be used for foreigners abroad and COULD be used only if those foreigners had communications with Americans.

“The court ruling found the FBI violated rules around the use of the database, created under Section 702 of the FISA Act with its searches.

Specifically, the court found that searches as part of probes into crimes between 2016 and 2020 violated the rules because there was “no reasonable basis to expect they would return foreign intelligence or evidence of crime”, although the FBI believed this was “reasonably likely,” the decision said.”

Read: https://www.reuters.com/world/us/fbi-misused-intelligence-database-278000-searches-court-says-2023-05-19/



Linkedin bans journalist after tussle with NYT CEO

According to Ben Sellers from Headline USA, LinkedIn might be the latest in a long line of offending social media platforms that are resorting to censoring conservative speech. Last Tuesday, LinkedIn banned Sellers over a post he made denouncing the NYT’s fake coverage of the Durham report. Sellers posted a response to Meredith Kopit Levien, president, and chief executive officer of the Times, on the site, in which he asked the NYT to return its Pulitzer Prize for reporting on the Russia collusion hoax. He claimed that in the wake of special counsel John Durham’s confirmation that Hillary Clinton’s campaign had entirely fabricated the hoax, their reporting was no longer valid.

Sellers wrote this response in answer to another LinkedIn post in which Levien referenced the Times’ dedication to engaging in deep analysis and frequent skepticism of the public narrative. Sellers found the post to be tone-deaf and in bad faith and felt that he needed to correct the narrative Levien was trying to build around her newspaper.

By 11 a.m. Tuesday, Sellers had received a notice from LinkedIn’s Trust and Safety Team saying that he had violated its policies on “bullying and harassment.” The message referred to the site’s “Professional community policies” page: “We don’t allow bullying or harassment,” said the site. “This includes targeted personal attacks, intimidation, shaming, disparagement, and abusive language directed at other members.”

The email also included a link to appeal his case, but when Sellers attempted to log in, he was met with a notice saying that he had been “restricted.“

Sellers claim LinkedIn, which regularly pushes “woke” leftist storylines in its newsfeed, has demonstrated a clear double standard. As a place to post one’s articles and political commentary at a time when Facebook and Twitter were at the peak of their censorship, LinkedIn was long seen as a safe space for freedom of expression.

Unfortunately, it now seems apparent that LinkedIn engages in some of the same practices as the more prominent leftist social-media publishers, thus warrants the same level of oversight.

Read: https://www.zerohedge.com/political/linkedin-bans-journalist-mentioning-durham-report

Users can get encrypted direct messages option on Twitter now

After Elon Musk, the company’s chief executive, announced plans for the feature in November 2022, Twitter is now officially starting to roll out support for encrypted direct messages (DMs) on the network. After Elon Musk, the company’s chief executive, announced plans for the feature in November 2022, Twitter is now officially starting to roll out support for encrypted direct messages (DMs) on the network.

Another requirement for sending and receiving encrypted communications is that the recipient must follow the sender, have previously sent a message to the sender, or have previously agreed to the sender’s request for a direct message.

Twitter stated it utilizes an “assemblage of strong cryptographic schemes” to encrypt user messages, links, and reactions; however, it did not specify the precise mechanism used to protect the discussions.

According to Twitter, an attacker could decrypt all encrypted messages sent and received by a registered device if its private key was obtained, which added that it had no plans to change the restriction to improve the overall user experience.

Read: https://thehackernews.com/2023/05/twitter-finally-rolling-out-encrypted.html

New phishing-as-a-service tool has been detected

Researchers cautioned that a new phishing-as-a-service (PaaS) tool is enabling inexperienced hackers to include “some of the most advanced” aspects in their operations. Similar to other illegal services, PaaS platforms make it easier for novice hackers to commit cybercrime by enabling them to automate the steps necessary to fool victims into entering their credentials on a phony login page.

By imitating their Microsoft 365 login screens, it has “almost exclusively” been used to target businesses rather than government institutions, demonstrating that the service’s users are motivated by accessing their targets’ networks for financial benefit rather than espionage.

The service offers its partners everything they need, from an attachment and link builder to “highly convincing decoy and login pages,” where the victim’s email address is already pre-filled, and the company logo and background image have been taken from the real Microsoft 365 login page for the company.

According to Cisco, other features include IP filtering, multi-factor authentication (MFA) bypass, and interaction with Telegram bots. Before the cookie expires, the Telegram bot is used to alert affiliates as soon as the service has stolen an authenticated session cookie.

Read: https://therecord.media/phishing-as-a-service-tool-greatness-used-by-hackers-cisco

Taylor Lorenz, Twitter’s infamous “banning queen”

Shortly after Elon Musk purchased Twitter last October, he made it a policy to reinstate several accounts the company had previously banned. This sounded the alarms for the Washington Post’s Taylor Lorenz, who even wrote an article on the issue: “Opening the gates of hell“: Musk says he will revive banned accounts.

According to several newly disclosed Twitter files, Taylor Lorenz has herself been behind several Twitter bans. The platform seems to have a special relationship with her, as she has successfully managed to ban a Twitter account called @fearthefloof, among others. This account dug into her past and detailed her life as a Manhattan rich girl who attended a Swiss boarding school and has a well-connected sister named Brook Lorenz—a publicist who has worked at CNN, the Washington Post, and CBS News.

According to this now-deactivated account, Lorenz is also able to scrub much of her past from web searches because her uncle owns the internet archive, which stores old web pages.

When Lorenz reported @fearthefloof, Twitter executives looked for possible rules violations but apparently found none, concluding that the account was “generally healthy and mostly conversational or commentary in nature.” Nonetheless, the account was suspended for violating “Twitter media policy.”

Several past targets of Taylor Lorenz have revealed to Paul Thacker of The Disinformation Chronicle that she wields tremendous influence inside social media company circles and appears to coordinate attacks with left-wing political groups. “She’s constantly online and likes to pick on people,” said Arya Toufanian, the subject of a 2020 Lorenz article when Lorenz was at the New York Times. “Once you show any bit of aggressive response to her—not stroking her ego and submitting—she goes scorched earth.“

Read: https://disinformationchronicle.substack.com/p/twitter-files-twitter-provided-privileged

New Russian cybercrime group, Cuba Ransomware, detected by researchers

For years, Russian government hackers have been using made-up personas to trick security researchers and government agencies who may be chasing on their trail. Recently, researchers claim to have found another one of these Russian false flags.

According to security researchers at BlackBerry, the cybercrime group known as Cuba Ransomware, which was previously linked to a malware strain known as RomCom RAT, is not a cybercrime group at all. It’s actually a group working for the Russian government targeting Ukrainian military units and local governments, the researchers said.

“It’s a misleading attribution,” said Dmitry Bestuzhev, senior director of BlackBerry’s cyberthreat Intelligence team, referring to the links between RomCom RAT and Cuba. “It looks like it’s just another unit working for the Russian government,” he said.

RomCom RAT is a remote access trojan first discovered by Unit 42, the Palo Alto Networks security research group, in May 2022. The company’s security researchers linked the malware to the Cuba gang, which has used ransomware against targets in the sectors of “financial services, government facilities, healthcare and public health, critical manufacturing, and information technology,” according to U.S. cybersecurity agency CISA.

The name comes from the group itself, which used illustrations of Fidel Castro and Che Guevara on its dark website. However, no researcher has ever found any evidence that the group has anything to do with the island nation.

RomCom RAT has reportedly used fake versions of popular apps to target its victims, such as the password manager KeePass, the IT administration tool SolarWinds, Advanced IP Scanner, and Adobe Acrobat Reader. Over the last few months, according to Bestuzhev and his colleagues, RomCom RAT also targeted Ukrainian military units, local government agencies, and Ukraine’s parliament.

Read: https://techcrunch.com/2023/05/15/cybercriminals-who-targeted-ukraine-are-actually-russian-government-hackers-researchers-say/

Elsewhere Online:

Iranian threat groups take advantage of a Papercut bug
Read: https://cyware.com/news/iranian-threat-groups-abuse-papercut-flaw-warns-microsoft-1f7e2260/

Watchdog said XCast didn’t hesitate to break the law even though it was aware
Read: https://www.theregister.com/2023/05/16/ftc_xcast_illegal_robocalls/

After a multi-year FBI operation, malware used for online spying has been shut down in the US
Read: https://www.cpomagazine.com/cyber-security/malware-used-for-cyber-espionage-since-2004-shut-down-in-us-after-years-long-fbi-operation/

Unnerving rise in cyber attacks is fueled by growing China-Taiwan conflict
Read: https://thehackernews.com/2023/05/escalating-china-taiwan-tensions-fuel.html

TP-Link routers being used by China’s Mustang Panda hackers to launch repeated attacks
Read: https://thehackernews.com/2023/05/chinas-mustang-panda-hackers-exploit-tp.html

Previously on #AxisOfEasy