CyberScoop reports that mounting congressional action against spyware developers may help discourage business even though improper utilization of the commercial surveillance technology may be challenging to combat.
"Many companies like [Israeli spyware maker NSO Group] see entering the U.S. market as the ultimate prize and what we've seen so far is that the U.S. government does have the ability to chill investment interest in bad actors, and thats really important. If we're casting around looking for ways to sort of pump the brakes on the proliferation, I think these are very promising ways to start doing that," said University of Toronto Citizen Lab researcher John Scott-Railton, who will be testifying about spyware at a House Intelligence hearing.
Meanwhile, Atlantic Council Cyber Statecraft Initiative Fellow Justin Sherman noted that legislation aimed at cutting the revenue streams of spyware makers could effectively curtail developers. "
This is especially important given that many democracies don't seem to care to do enough to crack down on commercial spyware and related technologies sold from within their borders," said Sherman.
Vulnerable Apache NiFi implementations are being targeted in new attacks deploying the Kinsing cryptomining malware, as indicated by the significant increase in HTTP requests for "/nifi" on May 19, according to The Hacker News.
Numerous fraudulent websites masquerading as legitimate software, including ChatGPT, Gimp, AstraChat, and Go To Meeting, have been used in a new RomCom malware campaign by Cuba ransomware affiliate Void Rabisu, also known as Tropical Scorpius, from December 2022 to April 2023, which was mostly targeted at Eastern Europe, according to BleepingComputer.
Scandinavian Airlines has been demanded to pay $3 million by the Anonymous Sudan threat operation to put an end to distributed denial-of-service attacks against the airline's websites that began in February, reports The Record, a news site by cybersecurity firm Recorded Future.