Network security Archives | Page 134 of 177

New FDIC system targets fintech risks

The Federal Deposit Insurance Corporation (FDIC) has begun directly monitoring financial technology (fintech) companies partnering with banks across the United States. New system like this one aims to enhance oversight by identifying risks associated with these partnerships before they threaten banking stability. The monitoring system also allows regulators to maintain consistent supervision, even if fintech firms change their banking partners.

The move comes amid heightened scrutiny of bank-fintech collaborations, following the collapse of Synapse Financial Technologies in April. The startup, backed by Andreessen Horowitz, had provided critical services enabling fintech firms to offer financial products via FDIC-insured banks. Its failure left thousands of users without access to their funds and brought significant regulatory attention to the sector.

In response, the FDIC has proposed strengthening bank record-keeping requirements and expanding the definition of brokered deposits to include fintech-related funds. While these rules are not expected to take effect before 2025, the new monitoring framework provides examiners with an additional tool to safeguard financial stability without waiting for legislative approval.

FDIC Chairman Martin Gruenberg, who is stepping down in January, has played a central role in developing this regulatory approach. His leadership has been pivotal in navigating the challenges posed by the evolving relationship between traditional banking and fintech startups.

Meta reports minimal AI impact on global misinformation

Meta Platforms has reported that generative AI had limited influence on misinformation campaigns across its platforms in 2023. According to Nick Clegg, Meta‘s president of global affairs, coordinated networks spreading propaganda struggled to gain traction on Facebook and Instagram, and AI-generated misinformation was promptly flagged or removed.

Clegg noted, however, that some of these operations have migrated to other platforms or standalone websites with fewer moderation systems. Meta dismantled around 20 covert influence campaigns this year. The company aims to refine content moderation while maintaining free expression.

Meta also reflected on its overly strict moderation during the COVID-19 pandemic, with CEO Mark Zuckerberg expressing regret over certain decisions influenced by external pressure. Looking forward, Zuckerberg intends to engage actively in policy debates on AI under President-elect Donald Trump‘s administration, underscoring AI’s critical role in US technological leadership.

Europol takes down encrypted messaging service ‘designed by criminals for criminals’

European authorities have dismantled a sophisticated encrypted messaging app called Matrix, allegedly designed ‘by criminals for criminals,’ according to Europol. Discovered on the phone of a suspect involved in the 2021 murder of a Dutch journalist, Matrix was accessible by invitation only, hosted on 40 servers across multiple countries, and provided features like anonymous internet access, video calls, and transaction tracking. Subscription costs ranged from €1,300 to €1,600 for six months.

During a three-month investigation, authorities intercepted and analysed over 2.3 million messages exchanged on the platform in 33 languages. These communications revealed links to major crimes, including international drug and arms trafficking, as well as money laundering. The operation, led by law enforcement in the Netherlands, France, Lithuania, Italy, and Spain, resulted in the seizure of €145,000 in cash and half a million euros in cryptocurrency.

This takedown follows similar actions against encrypted platforms such as Ghost, Exclu, and EncroChat, highlighting a trend of criminals adopting smaller, more complex communication services. Europol emphasised that these platforms are increasingly used for illicit activities, while Dutch authorities warned that serious criminals ‘wrongly believe they can still operate in secret.’

Arrests were made in France and Spain, while main servers were seized in France and Germany, signalling an intensified effort to disrupt organised crime networks.

US senators briefed on Chinese telecom hacking allegations

US agencies have briefed senators on ‘Salt Typhoon,’ a Chinese cyber-espionage campaign allegedly targeting American telecommunications networks. Officials claim the hackers stole call metadata and other sensitive information, affecting at least eight US telecom firms and dozens of companies worldwide. The breaches have sparked bipartisan concern, with some senators pressing for stronger preventive measures and legislation.

Telecom giants like Verizon, AT&T, and T-Mobile acknowledged the incidents but downplayed the impact on customer data. Federal agencies, including the FBI and Cybersecurity and Infrastructure Security Agency, emphasised the challenge of fully removing hackers from networks, while incoming FCC Chair Brendan Carr pledged to strengthen cybersecurity defences.

China has denied the allegations, calling them disinformation. Meanwhile, a Senate subcommittee hearing on December 11 will focus on the risks posed by such cyber threats and explore ways to protect US communications infrastructure.

US official advises encryption amid alleged Chinese hacking efforts

A senior United States cybersecurity official has urged Americans to embrace encryption to safeguard their communications, citing ongoing efforts to expel alleged Chinese hackers from US telecom networks. Jeff Greene, Executive Assistant Director for Cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), emphasised the importance of avoiding plaintext communications and recommending encrypted apps like Signal and WhatsApp.

US authorities have accused hackers from China of infiltrating telecommunications companies, such as T-Mobile, to access sensitive data, including call records and intercepted audio, predominantly from Washington, DC. Beijing has denied the allegations, calling them disinformation. Greene acknowledged that removing the hackers entirely from the networks could take an unpredictable amount of time, further underscoring the need for encryption to ensure secure communications.

The advice marks a notable shift from previous US government positions that questioned strong encryption’s impact on public safety. As concerns over foreign cyber intrusions grow, Greene’s remarks highlight encryption as a critical tool for Americans facing prolonged cybersecurity threats.

Turkey ends Meta investigation over Threads and Instagram data sharing

Turkey‘s competition board has concluded its investigation into Meta Platforms regarding data-sharing practices between Threads and Instagram. The inquiry, launched last year over potential competition law violations, ended after Meta addressed concerns through commitments deemed satisfactory by the authority.

Meta pledged that Threads users in Turkey will be able to access the platform without needing an Instagram account, once Threads becomes available again. Additionally, the company assured that data from Threads accounts will not be merged with Instagram unless users explicitly choose to link their profiles.

In April, Meta temporarily suspended Threads in Turkey to comply with an interim order from regulators. The resolution paves the way for the app’s reinstatement while easing concerns over anti-competitive practices.

Senator Cruz questions foreign influence on US AI policy

Republican Senator Ted Cruz has called for an investigation into whether European governments have improperly influenced US policies on AI. Cruz’s concerns stem from growing international collaborations on AI regulation, including treaties and partnerships initiated by the Biden administration.

Cruz criticised European regulations as overly restrictive, claiming they target American AI companies and could shape US policies unfairly. He also accused the Centre for the Governance of Artificial Intelligence (GovAI), a UK-based nonprofit, of political activities without registering as a foreign agent, though GovAI has denied any wrongdoing.

The European Union has taken a leading role in AI regulation, recently passing the AI Act, the world’s first comprehensive law for governing technology. Cruz has framed these efforts as part of what he describes as ‘radical left’ interference, urging transparency about foreign involvement in shaping US AI laws.

Meta eyes nuclear energy to power AI and data centres

Meta has announced plans to harness nuclear energy to meet rising power demands and environmental goals. The company is soliciting proposals for up to 4 gigawatts of US nuclear generation capacity, with projects set to commence in the early 2030s. By doing so, it aims to support the energy-intensive requirements of AI and data centre operations.

Nuclear energy, according to Meta, offers a cleaner, more reliable solution for diversifying the energy grid. Power usage by US data centres is projected to triple by 2030, necessitating about 47 gigawatts of new capacity. However, challenges such as regulatory hurdles, uranium supply issues, and community resistance may slow progress.

The tech giant is open to both small modular reactors and traditional large-scale designs. Proposals are being accepted until February 2025, with a focus on developers skilled in community engagement and navigating complex permitting processes. An official statement highlighted nuclear’s capital-intensive nature, which demands a thorough request-for-proposals process.

Interest in nuclear power among tech firms is growing. Earlier agreements by Microsoft and Amazon have set precedents for nuclear-powered data centres. Meta’s latest initiative underscores a broader shift towards innovative energy solutions within the industry.

Russian court hands life sentence to Hydra founder

The founder of Hydra, a notorious darknet marketplace and crypto mixing service has been sentenced to life in prison by a Russian court. Stanislav Moiseev and 15 accomplices were convicted of running a criminal network that handled over $5 billion in cryptocurrency transactions, while also producing and selling illegal drugs and psychotropic substances. Moiseev was also fined $38,100, with additional fines imposed on his accomplices.

Hydra, which was dismantled in 2022 by German authorities, accounted for 80% of all darknet-related cryptocurrency transactions at its peak. It sold stolen credit card data, counterfeit currencies, and fake identity documents. Despite its shutdown, Hydra’s criminal operations left a significant mark, with its user base reportedly including 17 million customers and 19,000 vendors.

The sentences include prison terms ranging from eight to 23 years for Moiseev’s accomplices, alongside the seizure of properties, vehicles, and nearly a ton of drugs. Russian officials have been investigating Hydra since 2016, but the convictions are subject to appeal.

FTC targets data brokers over privacy concerns

Data brokers Mobilewalla and Gravy Analytics have agreed to stop using sensitive location data following a settlement with the US Federal Trade Commission (FTC). The agreement addresses concerns about tracking individuals’ religious beliefs, political leanings, and pregnancy status through mobile device data.

The settlement represents the first instance of banning the collection of location data through online advertising auctions. The FTC accused the companies of unfair practices, stating that Mobilewalla gathered information without consent from ad auction platforms. Such platforms allow advertisers to bid on specific audiences but inadvertently exposed consumers to privacy risks.

Gravy Analytics, owned by Unacast, sold location data to government contractors, prompting constitutional concerns from FTC commissioners. Mobilewalla disputed the allegations but stated the agreement allows it to continue offering insights while respecting privacy. Both companies committed to halting sensitive data usage and introducing opt-out options for consumers.

FTC Chair Lina Khan highlighted the broader risks of targeted advertising, warning that Americans’ sensitive data is at risk of misuse. The settlement is part of the Biden administration’s effort to regulate data brokers and strengthen privacy protections, as outlined by proposed rules from the US Consumer Financial Protection Bureau.