SAN FRANCISCO – Karim Baratov, a/k/a “Kay,” a/k/a Karim Taloverov, a/k/a Karim Akehmet Tokbergenov, pleaded guilty today to charges returned by a grand jury in the Northern District of California in February 2017. The guilty plea was announced by U.S. Attorney Brian J. Stretch; Acting Assistant Attorney General Dana J. Boente of the U.S. Justice…
Category: Of Note
Court dates set in Justin Shafer case
On Friday, December 1, lawyers for an infosec researcher who has been in jail since April will argue that U.S. District Judge David C. Godbey should release Justin Shafer from jail while he awaits trial. For those who are not familiar with the case, Shafer, a dental integrator technician and independent infosecurity researcher, faces federal…
Man linked to TheDarkOverlord sentenced to 3 years in jail
Sam Wildman reports that a Wellingborough, U.K. man who has been linked to TheDarkOverlord has been sentenced to jail for three years, but for crimes that do not unequivocally appear to be the work of the blackhat hacking collective. “Crafty Cockney,” whose real name is Nathan Wyatt, had pleaded guilty in September to 20 counts…
Pentagon Exposed Some Of Its Data On Amazon Server
CNN reports: A researcher says the Pentagon exposed huge amounts of web-monitoring data in a security failure. Anyone with a free Amazon Web Services account could have looked at the hoard of information stored in the cloud by the U.S. Defense Department, according to Chris Vickery, a researcher at cybersecurity firm UpGuard who discovered the exposure. Read more…
Google: Our hunt for hackers reveals phishing is far deadlier than data breaches
Liam Tung reports: Google has released the results of a year-long investigation into Gmail account hijacking, which finds that phishing is far riskier for users than data breaches, because of the additional information phishers collect. Hardly a week goes by without a new data breach being discovered, exposing victims to account hijacking if they used…
Eavesdropper: The Mobile Vulnerability Exposing Millions of Conversations
Michael Bentley writes: Appthority has discovered a significant data exposure vulnerability we’ve named Eavesdropper that affects almost 700 apps in enterprise environments. The vulnerability is caused by including hard coded credentials in mobile applications that are using the Twilio Rest API or SDK. By hard coding their credentials, the developers have effectively given global access…