Lifeboat Foundation

A warning that hackers are exploiting vulnerable email servers doesn’t qualify as an unusual event in general. But when that warning comes from the National Security Agency, and the hackers are some of the most dangerous state-sponsored agents in the world, run-of-the-mill email server hacking becomes significantly more alarming.

On Thursday, the NSA issued an advisory that the Russian hacker group known as Sandworm, a unit of the GRU military intelligence agency, has been actively exploiting a known vulnerability in Exim, a commonly used mail transfer agent—an alternative to bigger players like Exchange and Sendmail—running on email servers around the world. The agency warns that Sandworm has been exploiting vulnerable Exim mail servers since at least August 2019, using the hacked servers as an initial infection point on target systems and likely pivoting to other parts of the victim’s network. And while the NSA hasn’t said who those targets have been, or how many there are, Sandworm’s history as one of the most aggressive and destructive hacking organizations in the world makes any new activity from the group worth noting.

“We still consider this to be one of the most, if not the most aggressive and potentially dangerous actor that we track,” says John Hultquist, the director of intelligence at FireEye, who also led a team at iSight Partners when that company first discovered and named Sandworm in 2014.

The US National Security Agency (NSA) has published today a security alert warning of a new wave of cyberattacks against email servers, attacks conducted by one of Russia’s most advanced cyber-espionage units.

The NSA says that members of Unit 74455 of the GRU Main Center for Special Technologies (GTsST), a division of the Russian military intelligence service, have been attacking email servers running the Exim mail transfer agent (MTA).

Also known as “Sandworm,” this group has been hacking Exim servers since August 2019 by exploiting a critical vulnerability tracked as CVE-2019–10149, the NSA said in a security alert [PDF] shared today with ZDNet.

The NSA has today issued an advisory warning concerning an ongoing Russian military hacking campaign.

Edward Snowden revealed the agency’s phone-record tracking program. But thanks to “precomputed contact chaining,” that database was much more powerful than anyone knew.

A biometric data privacy suit against Clearview AI will move forward, and in the District Court for Northern Illinois, as requested by the plaintiff, after a pair of rulings by Judge Sharon Johnson Coleman reported by Law Street Media.

There are two separate BIPA cases currently ongoing against Clearview, known by their plaintiffs Hall and Mutnick. Mutnick filed a motion for a preliminary injunction several months into the case, and says in a clarified motion for reassignment that it is seeking to have Hall v. Clearview AI, Inc., et al. moved to Illinois, and that plaintiff Hall agrees with the motion.

Clearview had filed a motion to stay the proceedings pending decisions on its motion to dismiss based on personal jurisdiction, and to move the case to the Southern District of New York, where the company is based. In New York, Chief Justice Colleen McMahon said that because the suit applies an Illinois state law and includes class members based on their Illinois residence at the time of the alleged violation, it is not clear that the cases belong in New York district court.

ID R&D has released IDFraud Contact Center to prevent fraudsters from using stolen or fake identities to create new accounts and gain access to telco services and equipment, the company announced.

The solution leverages ID R&D’s Text Independent Voice Biometric technology to analyze the voices of new subscribers to identify fraud attempts by comparing voice prints against a database of known fraudster voices.

According to a Europol report, telco fraud is on the rise, generating an annual global loss of some $32 billion.

Fingerprints and DNA are widely known forms of biometrics, thanks to crime dramas on television. But as technology advances the Internet of Things, the interconnection of computer devices in common objects, other forms of biometrics are sought for security. For example, distinctive physical characteristics of users are increasingly used in computer science as forms of identification and access restriction. Smartphones use fingerprints, iris scans and face recognition in this way. Other biometrics that are likely to come into use include retinas, veins and palm prints.

The ear is another potential biometric. According to research published recently in the Journal of Electronic Imaging, ear recognition technology, or “earprints,” could one day be used as personal identification to secure smart homes via smartphones.

Even as dramatic social change has been imposed by COVID-19, the kinds of fraud attacks companies experience and the biometric authentication technologies they use to prevent them have remained basically the same. What has changed is that online volumes of traffic, transactions and authentications have reached levels they were expected to years in the future, BehavioSec VP of Products Jordan Blake told Biometric Update in an interview.

As a result, he says, “timelines are getting advanced.”

Demand is coming from new verticals, according to Blake, as numerous people begin using the online channel to interact with many organizations they never have dealt with that way before.

CloudWalk has raised RMB 1.8 billion (US$254 million) in funding from a group of provincial and municipal funds in China to become the fourth most well-funded biometric facial recognition company in the country, according to a report in Chinese-language publication 36Kr covered by its English-language affiliate KrAsia.

CloudWalk intends to launch an IPO on Shanghai’s Star Market by the end of 2020, according to the report. The company has raised a total of RMB 2.8 billion ($400 million) so far.

CloudWalk provides facial recognition for numerous public agencies, including the Bank of China, Shanghai Pudong Airport, and China Mobile’s brick and mortar stores.