Microsoft says it hasn’t been able to shake Russian state hackers

Microsoft says it hasn’t been able to shake Russian state hackers
Microsoft admitted on March 8, 2024, that it had been unable to evict the elite Russian government hackers who broke into the email accounts of senior company executives in November and who it said have been trying to breach customer networks with stolen access data. (AP/File)
Short Url
Updated 09 March 2024
Follow

Microsoft says it hasn’t been able to shake Russian state hackers

Microsoft says it hasn’t been able to shake Russian state hackers
  • The hackers from Russia’s SVR foreign intelligence service used data obtained in the intrusion to compromise some source-code repositories and internal systems, Microsoft says
  • Microsoft’s admission exposes the perils of the heavy reliance by government and business on the company’s software monoculture, say cybersecurity experts

BOSTON: Microsoft said Friday it’s still trying to evict the elite Russian government hackers who broke into the email accounts of senior company executives in November and who it said have been trying to breach customer networks with stolen access data.

The hackers from Russia’s SVR foreign intelligence service used data obtained in the intrusion, which it disclosed in mid-January, to compromise some source-code repositories and internal systems, the software giant said in a blog and a regulatory filing.
A company spokesman would not characterize what source code was accessed and what capability the hackers gained to further compromise customer and Microsoft systems. Microsoft said Friday that the hackers stole “secrets” from email communications between the company and unspecified customers — cryptographic secrets such as passwords, certificates and authentication keys — and that it was reaching out to them “to assist in taking mitigating measures.”
Cloud-computing company Hewlett Packard Enterprise disclosed on Jan. 24 that it, too, was an SVR hacking victim and that it had been informed of the breach — by whom it would not say — two weeks earlier, coinciding with Microsoft’s discovery it had been hacked.
“The threat actor’s ongoing attack is characterized by a sustained, significant commitment of the threat actor’s resources, coordination, and focus,” Microsoft said Friday, adding that it could be using obtained data “to accumulate a picture of areas to attack and enhance its ability to do so.” Cybersecurity experts said Microsoft’s admission that the SVR hack had not been contained exposes the perils of the heavy reliance by government and business on the Redmond, Washington, company’s software monoculture — and the fact that so many of its customers are linked through its global cloud network.
“This has tremendous national security implications,” said Tom Kellermann of the cybersecurity firm Contrast Security. “The Russians can now leverage supply chain attacks against Microsoft’s customers.”
Amit Yoran, the CEO of Tenable, also issued a statement, expressing both alarm and dismay. He is among security professionals who find Microsoft overly secretive about its vulnerabilities and how it handles hacks.
“We should all be furious that this keeps happening,” Yoran said. “These breaches aren’t isolated from each other and Microsoft’s shady security practices and misleading statements purposely obfuscate the whole truth.”
Microsoft said it had not yet determined whether the incident is likely to materially impact its finances. It also said the intrusion’s stubbornness “reflects what has become more broadly an unprecedented global threat landscape, especially in terms of sophisticated nation-state attacks.”
The hackers, known as Cozy Bear, are the same hacking team behind the SolarWinds breach.
When it initially announced the hack, Microsoft said the SVR unit broke into its corporate email system and accessed the accounts of some senior executives as well as employees on its cybersecurity and legal teams. It would not say how many accounts were compromised.
At the time, Microsoft said it was able to remove the hackers’ access from the compromised accounts on or about Jan. 13. But by then, they clearly had a foothold.
It said they got in by compromising credentials on a “legacy” test account but never elaborated.
Microsoft’s latest disclosure comes three months after a new US Securities and Exchange Commission rule took effect that compels publicly traded companies to disclose breaches that could negatively impact their business.


Live video of man who set himself on fire outside court proves challenging for news organizations

Live video of man who set himself on fire outside court proves challenging for news organizations
Updated 20 April 2024
Follow

Live video of man who set himself on fire outside court proves challenging for news organizations

Live video of man who set himself on fire outside court proves challenging for news organizations
  • The man, who distributed pamphlets before dousing himself in an accelerant and setting himself on fire, was in critical condition
  • The incident tested how quickly the networks could react, and how they decided what would be too disturbing for their viewers to see

NEW YORK: Video cameras stationed outside the Manhattan courthouse where former President Donald Trump is on trial caught the gruesome scene Friday of a man who lit himself on fire and the aftermath as authorities tried to rescue him.

CNN, Fox News Channel and MSNBC were all on the air with reporters talking about the seating of a jury when the incident happened and other news agencies, including The Associated Press, were livestreaming from outside the courthouse. The man, who distributed pamphlets before dousing himself in an accelerant and setting himself on fire, was in critical condition.
The incident tested how quickly the networks could react, and how they decided what would be too disturbing for their viewers to see.
With narration from Laura Coates, CNN had the most extensive view of the scene. Coates, who at first incorrectly said it was a shooting situation, then narrated as the man was visible onscreen, enveloped in flames.
“You can smell burning flesh,” Coates, an anchor and CNN’s chief legal analyst, said as she stood at the scene with reporter Evan Perez.

The camera switched back and forth between Coates and what was happening in the park. Five minutes after the incident started, CNN posted the onscreen message “Warning: Graphic Content.”
Coates later said she couldn’t “overstate the emotional response of watching a human being engulfed in flames and to watch his body be lifted into a gurney.” She described it as an “emotional and unbelievably disturbing moment here.”
Fox’s cameras caught the scene briefly as reporter Eric Shawn talked, then the network switched to a courtroom sketch of Trump on trial.
“We deeply apologize for what has happened,” Shawn said.
On MSNBC, reporter Yasmin Vossoughian narrated the scene. The network showed smoke in the park, but no picture where the body was visible.
“I could see the outline of his body inside the flames,” Vossoughian said, “which was so terrifying to see. As he went to the ground his knees hit the ground first.”
The AP had a camera with an unnarrated live shot stationed outside the courthouse, shown on YouTube and APNews.com. The cameras caught an extensive view, with the man lighting himself afire and later writhing on the ground before a police officer tried to douse the flames with a jacket.
The AP later removed its live feed from its YouTube channel and replaced it with a new one because of the graphic nature of the content.
The news agency distributed carefully edited clips to its video clients — not showing the moment the man lit himself on fire, for example, said executive producer Tom Williams.


Russian war correspondent for Izvestia killed in Ukraine

Russian war correspondent for Izvestia killed in Ukraine
Updated 20 April 2024
Follow

Russian war correspondent for Izvestia killed in Ukraine

Russian war correspondent for Izvestia killed in Ukraine
  • Izvestia said Semyon Eremin, 42, died of wounds from a drone attack in Zaporizhzhia region
  • Eremin had reported for the Russian daily from hottest battles in Ukraine during the 25-month-old war

Semyon Eremin, a war correspondent for the Russian daily Izvestia, was killed on Friday in a drone attack in southeastern Ukraine, the daily said.

Izvestia said Eremin, 42, died of wounds suffered when a drone made a second pass over the area where he was reporting in Zaporizhzhia region.
Izvestia said Eremin had sent reports from many of the hottest battles in Ukraine’s eastern regions during the 25-month-old war, including Mariupol, besieged by Russian troops for nearly three months in 2022.
He had also reported from Maryinka and Vuhledar, towns at the center of many months of heavy fighting.


WhatsApp being used to target Palestinians through Israel’s Lavender AI system

WhatsApp being used to target Palestinians through Israel’s Lavender AI system
Updated 20 April 2024
Follow

WhatsApp being used to target Palestinians through Israel’s Lavender AI system

WhatsApp being used to target Palestinians through Israel’s Lavender AI system
  • Targets’ selection based on membership to some WhatsApp groups, new report reveals
  • Accusation raises questions about app’s privacy and encryption claims

LONDON: WhatsApp is allegedly being used to target Palestinians through Israel’s contentious artificial intelligence system, Lavender, which has been linked to the deaths of Palestinian civilians in Gaza, recent reports have revealed.

Earlier this month, Israeli-Palestinian publication +972 Magazine and Hebrew-language outlet Local Call published a report by journalist Yuval Abraham, exposing the Israeli army’s use of an AI system capable of identifying targets associated with Hamas or Palestinian Islamic Jihad.

This revelation, corroborated by six Israeli intelligence officers involved in the project, has sparked international outrage, as it suggested Lavender has been used by the military to target and eliminate suspected militants, often resulting in civilian casualties.

In a recent blog post, software engineer and activist Paul Biggar highlighted Lavender’s reliance on WhatsApp.

He pointed out how membership in a WhatsApp group containing a suspected militant can influence Lavender’s identification process, highlighting the pivotal role messaging platforms play in supporting AI targeting systems like Lavender.

“A little-discussed detail in the Lavender AI article is that Israel is killing people based on being in the same WhatsApp group as a suspected militant,” Bigger wrote. “There’s a lot wrong with this.”

He explained that users often find themselves in groups with strangers or acquaintances.

Biggar also suggested that WhatsApp’s parent company, Meta, may be complicit, whether knowingly or unknowingly, in these operations.

He accused Meta of potentially violating international humanitarian law and its own commitments to human rights, raising questions about the privacy and encryption claims of WhatsApp’s messaging service.

The revelation is just the latest of Meta’s perceived attempts to silence pro-Palestinian voices.

Since before the beginning of the conflict, the Menlo Park giant has faced accusations of double standards favoring Israel.

In February, the Guardian revealed that Meta was considering the expansion of its hate speech policy to the term “Zionist.”

More recently, Meta quietly introduced a new feature on Instagram that automatically limits users’ exposure to what it deems “political” content, a decision criticized by experts as a means of systematically censoring pro-Palestinian content.

Responding to requests for comment, a WhatsApp spokesperson said that the company could not verify the accuracy of the report but assured that “WhatsApp has no backdoors and does not provide bulk information to any government.”


Eastern European mercenaries suspected of attacking Iranian journalist Pouria Zeraati

Eastern European mercenaries suspected of attacking Iranian journalist Pouria Zeraati
Updated 19 April 2024
Follow

Eastern European mercenaries suspected of attacking Iranian journalist Pouria Zeraati

Eastern European mercenaries suspected of attacking Iranian journalist Pouria Zeraati
  • UK security services believe criminal proxies with links to Tehran carried out London knife attack

LONDON: Police said on Friday that a group of Eastern European mercenaries is suspected to have carried out the knife attack on Iranian journalist Pouria Zeraati in late March.

Zeraati was stabbed repeatedly by three men in an attack outside his south London home.

The Iran International presenter lost a significant amount of blood and was hospitalized for several days. He has since returned to work, but is now living in a secure location.

Iran International and its staff have faced repeated threats, believed to be linked to the Iranian regime, which designated the broadcaster as a terrorist organization for its coverage of the 2022 protests.

Iran’s charge d’affaires, Seyed Mehdi Hosseini Matin, denied any government involvement in the attack on Zeraati.

Investigators revealed that the suspects fled the UK immediately after the incident, with reports suggesting they traveled to Heathrow Airport before boarding commercial flights to different destinations.

Police are pursuing leads in Albania as part of their investigation.

Counterterrorism units and Britain’s security services leading the inquiry believe that the attack is another instance of the Iranian regime employing criminal proxies to target its critics on foreign soil.

This method allows Tehran to maintain plausible deniability and avoids raising suspicions when suspects enter the country.

Zeraati was attacked on March 29 as he left his home home to travel to work. His weekly show serves as a source of impartial and uncensored news for many Iranians at home and abroad.

In an interview with BBC Radio 4’s “Today” program this week, Zeraati said that while he is physically “much better,” mental recovery from the assault “will take time.”


Court orders release of prominent Palestinian professor suspected of incitement

Court orders release of prominent Palestinian professor suspected of incitement
Updated 19 April 2024
Follow

Court orders release of prominent Palestinian professor suspected of incitement

Court orders release of prominent Palestinian professor suspected of incitement
  • Nadera Shalhoub-Kevorkian was under investigation after questioning Hamas atrocities, criticizing Israel
  • Insufficient justification for arrest, says court
  • Detention part of a broader campaign, says lawyer

LONDON: The prominent Hebrew University of Jerusalem professor, Nadera Shalhoub-Kevorkian, was released on Friday after a court order rejected police findings.

The criminologist and law professor was arrested the previous day on suspicion of incitement. She had been under investigation for remarks regarding the Oct. 7 attacks by Hamas and for saying Israelis were committing “genocidal crimes” in the Gaza Strip and should fear the consequences.

On Friday, the court dismissed a police request to extend her remand, citing insufficient justification for the arrest, according to Hebrew media reports.

Protesters gathered outside the courthouse to demonstrate against Shalhoub-Kevorkian’s arrest.

Israeli Channel 12, which first reported the news, did not specify where Shalhoub was arrested but her lawyer later confirmed she was apprehended at her home in the Armenian Quarter of Jerusalem.

“She’s not been in good health recently and was arrested in her home,” Alaa Mahajna said. “Police searched the house and seized her computer and cellphone, [Palestinian] poetry books and work-related papers.”

Mahajna described Shalhoub-Kevorkian’s arrest as part of a broader campaign against her, which has included numerous threats to her life and of violence. 

The professor was suspended by her university last month after calling for the abolition of Zionism and suggesting that accounts of sexual assault during the Hamas-led attacks on Israel were fabricated.

The suspension was initially criticized by the university community as a blow to academic freedom in Israel. However, the decision was later reversed following an apology from Shalhoub-Kevorkian and an admission that sexual assaults took place.

Since hostilities began last year, numerous dissenting voices in Israel have faced arrest for expressing solidarity with victims of the bombardment in Gaza.

In October, well-known ultra-Orthodox Israeli journalist Israel Frey was forced into hiding following a violent attack on his home.

Bayan Khateeb, a student at the Technion-Israel Institute of Technology, was arrested last year for incitement after posting an Instagram story showing the preparation of a popular spicy egg dish with the caption: “We will soon be eating the victory shakshuka.”