After nearly 90 days of internet shutdown, connectivity started to come back in Iran this week amid internal political power struggles and ongoing talks with the US to end its war with Tehran. The researchers cautioned that it is unclear how widespread the restoration will be and whether connectivity will return only temporarily.
As cybercriminals and offensive hackers are increasingly using AI to exploit vulnerabilities and develop hacking tools, the technology is also fundamentally changing the dynamics of how security researchers look for vulnerabilities. And scammers are using real hotel reservation data and other travel details to conduct effective spear-phishing campaigns, potentially accessing customer data from 350 hotels and vacation rentals around the world.
There is so much more. Each week, we round up security and privacy news that we haven’t covered in depth ourselves. Click on titles to read full stories. And stay safe there.
Play, a Russian-language ransomware operation that has hit more than 900 organizations since 2022, posted on its dark-web leak site on Monday claiming it had pulled “private and personal confidential data, customer documents, budgets, payroll, IDs, taxes” and other financial records from MyPillow. The Minnesota-based home goods company is run by Mike Lindell, one of at least 10 Republicans seeking the party’s nomination for Minnesota governor in the August primary. Lindell is one of the most ardent supporters of Donald Trump’s false claims of victory in the 2020 election.
Play has reportedly set a Friday deadline for MyPillow to get in touch before publishing the data online. Lindell told Straight Arrow News, which broke the story of the ransomware claims on Tuesday, that his company was not hacked and the allegations it was a political hit job.
“This is another hit job by outside sources because I’m running for governor,” Lindell said. “I guarantee it. There have been no breaches of our data.”
Lindell is facing defeat in two recent defamation rulings over his 2020 election claims: Last year a federal jury in Colorado found that he defamed former Dominion Voting Systems director Eric Coomer, and ordered Lindell and his media platform, FrankSpeech, to pay $2.3 million in damages; A federal judge in Minnesota separately ruled in September that Lindell had defamed Smartmatic through 51 false statements about its voting machines, with damages still to be determined in the lawsuit.
In recent years, ransomware groups have become more aggressive and ruthless in their efforts to extort money from victims. Most of these criminal hackers now focus on stealing data and extorting companies rather than using malware to lock down computer systems. But in rare occasions, ransomware groups have been seen directly threatening authorities, or contacting people named in the stolen data to try to obtain payment. The FBI said this week that one ransomware group is going even further: sending people to steal data directly from companies IRL.
Among more traditional social engineering techniques, the FBI says the Silent Ransom Group (SRG), which is targeting law firms, has sent people directly to company offices to gain access to computers. “By sending someone in person to the victim’s location to facilitate the intrusion, SRG actors send the data to an external hard drive or USB drive inserted into the victim’s computer by the threat actor,” the FBI said in an alert. Security researchers say this strategy has never been seen before. The FBI did not provide any information about who the Russian-speaking ransomware group was sending to carry out its attacks, but researchers believe they may be paying freelancers who don’t necessarily know who they’re working for.
BusPatrol, the AI surveillance company that has installed its cameras in thousands of US school buses, says it will now turn those cameras into automated license plate readers that will record the location of every vehicle that passes a BusPatrol school bus and make the data available to law enforcement without a warrant. The initiative will replace the familiar yellow buses described in 404 media as “roaming surveillance vehicles”. BusPatrol technology, and school bus monitoring technology more broadly, was originally intended to be used for ticketing vehicles that illegally pass stopped buses – a significant safety issue for children.
University of Chicago sociology professor Rob Vargas found this month that the Chicago Police Department was four minutes faster to respond to the most urgent non-gunshot 911 calls over a six-month period after Mayor Brandon Johnson turned off ShotSpotter gunshot detection technology in 12 neighborhoods in September 2024. Analyzing data from the City of Chicago as well as data obtained through public records requests, Vargas compared that time period to the previous six months during which ShotSpotter was still active. The data can’t be used to specifically assess response times for gunshot-related calls, but it does indicate that ShotSpotter alerts are giving officers false positives and delaying them from responding to other types of critical 911 calls. “It’s clear that ShotSpotter wasted officers’ time by sending them on a wild goose chase,” Vargas told WTTW News.
<a href