LinkedIn has come under scrutiny for using user data to train AI models without updating its privacy terms in advance. While LinkedIn has since revised its terms, United States users were not informed beforehand, which usually allows them time to make decisions about their accounts. LinkedIn offers an opt-out feature for data used in generative AI, but this was not initially reflected in their privacy policy.
LinkedIn clarified that its AI models, including content creation tools, use user data. Some models on its platform may also be trained by external providers like Microsoft. LinkedIn assures users that privacy-enhancing techniques, such as redacting personal information, are employed during the process.
The Open Rights Group has criticised LinkedIn for not seeking consent from users before collecting data, calling the opt-out method inadequate for protecting privacy rights. Regulatory bodies, including Ireland‘s Data Protection Commission, have been involved in monitoring the situation, especially within regions under GDPR protection, where user data is not used for AI training.
LinkedIn is one of several platforms reusing user-generated content for AI training. Others, like Meta and Stack Overflow, have also begun similar practices, with some users protesting the reuse of their data without explicit consent.
The NCSC has collaborated with cybersecurity agencies from the United States, Australia, Canada, and New Zealand to effectively address the global botnet threat. That joint effort underscores the importance of international cooperation in tackling cyber threats that span multiple countries.
By combining their expertise and resources, these agencies have been able to produce a comprehensive advisory that provides detailed information on the botnet’s operation, its impact, and the types of devices it targets. Consequently, this collaboration ensures a robust and unified response to the threat, reflecting the global commitment to enhancing cybersecurity.
Moreover, the advisory issued by these agencies details how the botnet, managed by Integrity Technology Group and used by the cyber actor Flax Typhoon, exploits vulnerabilities in internet-connected devices. It includes technical information on the botnet’s activities, such as malware distribution and Distributed Denial of Service (DDoS) attacks, and offers practical mitigation strategies.
Therefore, it underscores the need for updating and securing devices to prevent them from becoming part of the botnet, providing crucial guidance to individuals and organisations seeking to protect their digital infrastructure. In addition, this international collaboration serves to promote proactive security measures and raise awareness about cybersecurity best practices. The joint advisory encourages users to safeguard their devices and avoid contributing to malicious activities immediately.
The National Security Agency (NSA), in conjunction with the Federal Bureau of Investigation (FBI), United States Cyber Command’s Cyber National Mission Force (CNMF), and international allies, has issued a critical cybersecurity advisory. Titled ‘People’s Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations,’ the advisory reveals the extensive activities of cyber actors affiliated with the People’s Republic of China (PRC).
These actors have breached internet-connected devices worldwide, establishing a massive botnet. To address this threat, the NSA has outlined several key mitigations aimed at helping device vendors, owners, and operators secure their devices and networks. These recommendations include regularly applying patches and updates, turning off unused services and ports, replacing default passwords with strong alternatives, and implementing network segmentation to reduce IoT device risks.
Furthermore, the advisory suggests monitoring network traffic for signs of DDoS attacks, planning device reboots to eliminate non-persistent malware, and upgrading outdated equipment with supported models. Moreover, NSA Cybersecurity Director Dave Luber has emphasised the importance of the advisory, noting that it provides crucial and timely insights into the botnet’s infrastructure, the geographical distribution of the compromised devices, and effective mitigation strategies.
According to the advisory, the botnet encompasses thousands of devices across various sectors, with over 260,000 devices compromised in North America, Europe, Africa, and Southeast Asia as of June 2024. Consequently, this extensive network of affected devices highlights the urgent need for enhanced security measures to protect against such pervasive cyber threats.
Microsoft researchers have uncovered a Russian disinformation operation that falsely accused United States Democratic presidential candidate Kamala Harris of leaving a 13-year-old girl paralysed in a hit-and-run incident in 2011. The operation, led by a Kremlin-linked group called Storm-1516, used actors and fabricated news outlets, including a fake site called ‘KBSF-TV’, to spread the baseless claim. The hoax was widely shared on social media, gaining millions of views.
The disinformation effort is part of a broader Russian campaign to interfere with the upcoming US presidential election. After initial difficulties shifting focus following President Biden’s withdrawal from the 2024 race, Russian actors have targeted Harris and her running mate, Tim Walz, with fabricated conspiracy theories. The false claim against Harris was amplified on social media by pro-Russian figures, including Aussie Cossack, who encouraged MAGA supporters to spread the misinformation.
Microsoft‘s investigation highlights how Storm-1516 produces misleading videos featuring actors impersonating journalists or whistleblowers. The hit-and-run story gained traction online, particularly on X.com, where it was shared by key figures within the pro-Russian ecosystem. The US Justice Department has also recently charged two Russian state media employees with money laundering, linked to efforts to influence the election.
US officials believe Russia’s goal is to deepen political divisions within the country and undermine public support for military aid to Ukraine. Kamala Harris has stated her intention to continue supporting Ukraine’s defence against Russia‘s invasion if elected.
A US federal judge has warned key members of the judiciary to remain vigilant against potential cyberattacks by foreign actors that could target election-related litigation. Judge Michael Scudder, who chairs the judiciary’s IT committee, highlighted the risks during a US Judicial Conference meeting, stressing the need for heightened security during the election season to guard against misinformation and interference attempts.
Scudder referenced recent warnings from United States intelligence agencies, which pointed to foreign adversaries using the upcoming elections as an opportunity to undermine trust in the government. He mentioned that while no current cyber threats targeting the judiciary have been identified, the courts could be at risk, especially with the possibility of election-related cases emerging in the near future.
The federal judiciary has faced cyberattacks before, with three foreign actors breaching the document-filing system in 2020. The incident led to changes in how sensitive documents are handled in lower courts. Scudder urged his colleagues to remain cautious, given that election-related litigation may again come before the courts in the upcoming election cycle.
Cybersecurity remains a concern across all branches of government, as both political campaigns and judicial systems are seen as targets for potential foreign interference. Intelligence agencies have reported recent cyber operations by foreign countries, including Iran, aimed at disrupting US elections.
A group of crypto scammers appears to have missed out on a major payday after hacking several high-profile social media accounts on 18 September, only to walk away with just a few thousand dollars. The compromised accounts, including Lenovo India, Yahoo News UK, and film director Oliver Stone, were used to promote a Solana-based memecoin called HACKED.
The hackers took an unusual approach by openly admitting the accounts had been breached and encouraging followers to invest in the token, claiming they could all profit together. However, this tactic backfired. Blockchain investigator ZachXBT revealed that top traders made less than $1,000, and the scammers only earned about $8,000 after removing liquidity from the coin.
Despite the initial pump, the HACKED token quickly collapsed, with its market cap falling to just $3,100. ZachXBT speculated that the affected accounts may have granted permissions to the same site or app, reminding users to review their connected apps for security. This is the latest instance of hackers targeting social media accounts to promote dodgy cryptocurrencies.
The United States is pushing Vietnam to avoid using Chinese firm HMN Technologies in its plan to build 10 new undersea cables by 2030, amid concerns over national security and sabotage. Vietnam’s current cables, essential for global internet connectivity, have suffered repeated failures, prompting the government to prioritise new projects.
Washington is lobbying Hanoi to select more experienced and trusted suppliers for the cables, citing concerns about espionage and security threats linked to HMN Technologies, which the US views as associated with Chinese tech giant Huawei. The US has also raised concerns about possible sabotage of Vietnam’s current subsea cables.
Vietnamese authorities have remained open to working with Chinese firms, but United States officials have stressed that choosing HMN Tech could discourage American companies from investing in Vietnam. Meanwhile, Vietnam’s top telecoms company, Viettel, is already planning a cable with Singapore, bypassing disputed waters in the South China Sea.
The US and China are vying for influence in Vietnam as the Southeast Asian nation looks to expand its undersea cable infrastructure. Both countries are heavily invested in Vietnam, with subsea cables becoming a critical element in the broader US-China technology rivalry.
Taiwan’s government is taking decisive action to combat telecom fraud through new regulations proposed by the Ministry of Digital Affairs. These regulations focus on the stringent management of four-digit telephone numbers beginning with ’19,’ typically allocated to government agencies and charitable organisations.
The primary goal is to safeguard these critical numbers from misuse. To this end, the government plans to impose penalties on telecom operators who breach the Fraud Hazard Prevention Act, including limiting the number of phone numbers they can receive. This measure aims to deter fraudulent activities effectively. Furthermore, organisations in Taiwan will need to obtain government approval before making any changes to the use of these numbers and must return them if their usage changes. To ensure compliance, the Ministry will conduct random inspections to monitor the proper use of these numbers.
Taiwan’s government is also enhancing its anti-fraud efforts by proposing amendments to the Subsidy, Reward, and Assistance Regulations for Promoting Industry Innovation. These changes will allow the Ministry to offer financial support, including subsidies and rewards, to digital industries developing technologies to prevent fraud. By encouraging technological innovation in this field, the government aims to strengthen fraud prevention measures and protect individuals and organisations against telecom-related fraud.
BlackDice and Bin Omran Trading and Telecommunication have launched a strategic partnership to enhance Qatar’s cybersecurity infrastructure significantly. Combining their expertise will deliver state-of-the-art cybersecurity solutions, with BlackDice leveraging its AI-powered security and data intelligence to safeguard critical infrastructure and sensitive information.
Additionally, their collaboration will focus on strengthening the cybersecurity capabilities of major telecom operators in the region, thereby boosting network resilience and protecting extensive personal and financial data. Consequently, this comprehensive approach supports DA2030’s goal of creating a secure and resilient digital environment essential for Qatar’s economic diversification and social development.
By addressing the evolving needs of the digital landscape in Qatar, BlackDice and Bin Omran Trading and Telecommunication contribute to the nation’s ambition of becoming a global leader in technology and connectivity and ensuring robust protection against emerging cyber threats.
Australian authorities have charged a Sydney man with creating and managing an encrypted messaging app, Ghost, allegedly used by global crime networks. The man, 32, was arrested in western Sydney and appeared in court on Wednesday, facing multiple charges related to the platform’s role in organised crime. Ghost is said to have been used by syndicates from Australia, the Middle East, and South Korea for drug trafficking and contract killings.
Police, in collaboration with international forces, carried out extensive raids across Australia and beyond, with searches also conducted in Italy, Ireland, Sweden, and Canada. Up to 50 Australians allegedly involved with Ghost are now facing charges, with significant prison terms expected. More arrests are anticipated in both Australia and abroad.
Authorities have made a breakthrough by cracking Ghost’s encryption, preventing the deaths or serious injuries of 50 individuals in Australia. This marks the first time an Australian has been accused of running a global criminal messaging platform, a major milestone in the country’s fight against organised crime.
The Australian Federal Police Deputy Commissioner highlighted the complex nature of dismantling encrypted communication platforms. The success in accessing evidence from Ghost represents a major achievement in efforts to disrupt global criminal activity.
