LockBit Ransomware Group Claims 1.5TB of Stolen Documents Against Canadian Government

The LockBit ransomware gang claims they suffered a severe attack against Canadian government contractors involving 1.5TB of stolen documents dating back to 1999. A third-party data breach of two relocation services providers may have exposed government employees’ passports, financial information, and other personal information from various agencies and branches.

The government has confirmed that Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services were breached in September and October, and though it has yet to confirm the extent of the stolen data, it is already re-issuing passports and providing credit monitoring to government employees that may be impacted. The breach is thought to impact members of the Canadian Armed Forces, the Royal Canadian Mounted Police (RCMP), and Government of Canada employees who have used these relocation services since 1999.

The government has not yet attributed an attacker, but LockBit has already taken to the dark web to claim responsibility. The ransomware group claimed that it stole over 1.5TB of documents and has already been through failed negotiations with SIRVA, whom they say would only pay a ransom of $1 million. The hackers appeared to initially demand a ransom of $15 million but dropped the price to $7.5 million before ending negotiations.

It’s also not clear how many government employees are impacted by the third-party data breach, but any that have used BGRS or SIRVA since 1999 may have had personal data exposed. There is not yet a confirmation that any login data has been exposed, but the Canadian Centre for Cyber Security is advising anyone who may be using shared or recycled login information relating to these systems to change passwords and enable MFA where possible as a precaution.

Read: https://www.cpomagazine.com/cyber-security/third-party-data-breach-of-contractors-exposed-personal-information-of-canadian-government-employees-dating-back-25-years/

Unencrypted Messages Lead to Removal of Nothing Chats from Play Store

The Nothing Chats beta, a messaging app developed by Nothing in partnership with Sunbird, has been pulled from the Google Play Store. This drastic action was taken after it was discovered that the company had access to users’ unencrypted messages. The app, which was designed to allow Nothing Phone 2 owners to message other iMessage users, was found to be a reskinned version of the existing Sunbird application.

Despite claims from Nothing that Sunbird’s architecture doesn’t store messages at any point during their journey, a blog post from Texts.com titled “Sunbird / ‘Nothing Chats’ is Not Secure” revealed several vulnerabilities and implementation issues. While Sunbird attempts to implement end-to-end encryption (E2EE), it decrypts and stores unencrypted payloads in its database.

Furthermore, all data related to a message sent by Sunbird and Nothing Chat, including contact information, message contents, and attachment URLs, are routed to Sunbird’s Sentry. This debugging platform allows authorized parties within the company to access the data in plaintext.

Read: https://www.malwarebytes.com/blog/news/2023/11/nothing-chats-pulled-from-google-play

Child Safety Risks Linked to iPhone’s New ‘NameDrop’ Feature

U.S. police departments have raised concerns about a new iPhone feature, NameDrop, warning it could pose a risk to children and vulnerable individuals. The feature, introduced in the iOS 17 update, allows the sharing of contact info and images wirelessly between two closely held devices. Despite these concerns, cybersecurity experts argue that the fear may not be based on reality as the two devices need to be within an inch of each other for the feature to work, and the user has to physically accept the data transfer.

Police departments have issued warnings regarding the safety of children online, particularly about sharing personal information and images online. The FBI has cautioned that sending images to strangers could lead to nefarious actors using content manipulation technologies to create explicit images.

A coalition of attorneys general from 52 US states and territories has urged Congress to study the use of AI image manipulation technology to create child sexual abuse material (CSAM) and to implement laws to prosecute those who engage in such criminal activities.

Read: https://www.zerohedge.com/technology/police-warn-parents-about-iphones-new-namedrop-feature

World Economic Forum Backs UNESCO’s Push To Regulate Speech on Social Media

Three times as many people worldwide use social media than own a car. Yet how many more regulations are there for our roads than for governing the digital platforms we spend so much of our days using?

An estimated 60% of the world – that’s 4.75 billion people – use social media to express themselves, connect with others, and inform themselves about news and global events. That’s one of the leading statistics in UNESCO’s new Guidelines for the Governance of Digital Platforms, which aim to ensure people retain their rights online and are protected from misinformation, disinformation, hate speech, and conspiracy theories.

“If we can no longer distinguish fiction from reality, falsehood from truth, the foundations of our societies crumble. Democracy, dialogue, and debate – all essential to address major contemporary challenges – become impossible,” UNESCO says.

“Faced with the global nature of these issues, we need to develop consistent responses around the world, and avoid the fragmentation of regulations or approaches that compromise human rights.”

The guidelines aim to create what UNESCO calls an “Internet of trust.” They were produced through a consultation process with 134 countries and cover the responsibilities of states, digital platforms, intergovernmental organizations, the media, and everyday people to “respect, protect, and fulfill human rights.”

According to ReclaimTheNet, users need to be on the lookout for more potential social media censorship schemes coming in from this corner. Although most people around the world do not own a home or car, many, at least, own a phone and access to social media.

ReclaimTheNet sees the new WEF guidelines as another way of censoring and disenfranchising the global population so that only “trusted” forms of information (i.e., “guaranteed” by the elites) are allowed on visible platforms.

Read: https://reclaimthenet.org/wef-backs-unescos-plan-regulate-speech-on-social-media

US and UK Release New AI System Development Guidelines

The US and UK have released new guidelines for developing secure artificial intelligence (AI) systems, along with international partners from 16 other countries.

“The approach prioritizes ownership of security outcomes for customers, embraces radical transparency and accountability, and establishes organizational structures where secure design is a top priority,” said the U.S. Cybersecurity and Infrastructure Security Agency (CISA). According to the National Cyber Security Centre (NCSC), the goal is to increase AI cyber security levels and help ensure the technology is designed, developed, and deployed securely.

The guidelines also build upon the U.S. government’s ongoing efforts to manage the risks posed by AI by ensuring new tools are tested adequately before public release, appropriate guardrails have been put in place to address societal harms, and robust systems have been set up for consumers to identify AI-generated material.
The commitments also require companies to commit to third-party discovery facilitation and reporting vulnerabilities in their AI systems through a bug bounty system.

The latest guidelines “help developers ensure that cyber security is both an essential precondition of AI system safety and integral to the development process from the outset and throughout, ” said the NCSC.

Read: https://thehackernews.com/2023/11/us-uk-and-global-partners-release.html


easyDNS CEO Mark Jeftovic will be speaking at SplinterCon

SplinterCon will be taking place in Montreal, Dec 7-8 – a conference devoted to examining the effects and remedies of “internet splitting” – government crackdowns and political actions that interrupt or quash the free flow of information online.

Mark will be there to give a talk.

“The Rise of Decentralized Naming: Incentives, Opportunities, and Consequences”

This presentation will explain why internet naming is a fundamental, albeit overlooked, cornerstone of online discourse and the free flow of information. It will also discuss how naming systems are used as chokepoints by both state and non-state actors, which incentivizes the creation and proliferation of decentralized naming ecosystems.

A brief overview of ascendant systems will be provided before exploring the consequences — both good and bad — of truly uncensorable and indelible naming systems.

The conference will occur under Chatham House Rules, so if you really want to know what he says, you’ll have to be there.

Read: https://splintercon.net/

Elsewhere Online

Researchers Catch New Konni RAT Malware Campaign Distributed via Malicious Word Files
Read: https://latesthackingnews.com/2023/11/27/konni-rat-malware-campaign-spreads-via-malicious-word-files/

Samsung Begins Notifying Customers After Year-Long Data Breach Affects UK Online Store Customers
Read: https://www.cpomagazine.com/cyber-security/samsung-confirms-year-long-data-breach-impacting-uk-online-store-customers/

US Water Utility Targeted: Hackers Seize Control of Industrial Control System
Read: https://www.securityweek.com/hackers-hijack-industrial-control-system-at-us-water-utility/

Concerns Raised Over Moderna’s Alleged Surveillance Practices
Read: https://www.leefang.com/p/moderna-is-spying-on-you

North Korean Lazarus Group Exploits MagicLine4NX Flaw in New Campaign
Read: https://cyware.com/news/lazarus-group-exploit-magicline4nx-flaw-to-launch-supply-chain-attacks-11b98153/

Previously on #AxisOfEasy