Mobile devices, such as smartphones and tablets, have become an integral part of our daily lives. We use them for communication, entertainment, online shopping, and many other purposes. However, the convenience offered by these devices also brings certain risks, particularly concerning the security of our data. Mobile data leakage and data breaches have become prevalent, making it crucial for individuals and organizations to take necessary precautions to safeguard their sensitive information What are Mobile Data Leakage and Data Breaches? Mobile data leakage refers to the unauthorized disclosure or exposure of data stored on a mobile device. It can occur due to various reasons, including software vulnerabilities, malicious apps, weak passwords, or even physical theft of the device. On the other hand, data breaches involve unauthorized access or exposure of data stored in a system, network, or database. Mobile data breaches can result from cyberattacks, hacking attempts, or security vulnerabilities in mobile applications. Common Causes of Mobile Data Leakage Insecure Mobile Applications One of the leading causes of mobile data leakage is the use of insecure mobile applications. Some developers may not prioritize security measures, leading to vulnerabilities that attackers can exploit. These vulnerabilities may allow unauthorized access to sensitive data stored within the application. Weak Device Security A lack of robust device security measures can make mobile devices vulnerable to data leakage. Weak passwords, lack of biometric authentication, and outdated security patches can allow attackers to gain unauthorized access to the device and its data. Read more: Understanding VPN: The Comprehensive Guide Phishing Attacks Phishing attacks targeting mobile devices have become increasingly common. Attackers may use deceptive techniques, such as fraudulent emails or text messages, to trick users into providing sensitive information or downloading malicious apps. Falling victim to a phishing attack can result in data leakage. Malware and Spyware Mobile devices are also susceptible to malware and spyware infections. These malicious programs can be installed through untrusted apps or compromised websites, allowing attackers to monitor and collect sensitive data without the user's knowledge. Unsecured Wi-Fi Networks Connecting to unsecured Wi-Fi networks exposes mobile devices to potential data leakage. Attackers can intercept data transmitted over these networks, compromising the confidentiality of the user's information. It is essential to avoid connecting to untrusted or public Wi-Fi networks whenever possible. Lost or Stolen Devices The loss or theft of a mobile device can lead to significant data leakage. If the device is not adequately protected with passwords or encryption, anyone who gains access to it can potentially access the sensitive information stored on the device. Read more: How to Protect Your YouTube Channel from Getting Hacked Lack of Data Encryption Data encryption plays a vital role in protecting sensitive information. Without proper encryption, unauthorized individuals can easily access and exploit data stored on mobile devices. Insider Threats Insider threats refer to individuals within an organization who have authorized access to sensitive data but misuse it for personal gain or with malicious intent. Insider threats can lead to intentional or unintentional data leakage.

From online frauds, and scams to even hacking sensitive personal information, the Internet these days seems to be a haven for fraudsters. There’s a growing concern about internet security and how it might jeopardize the security of information and finance of people and organizations. VPN or Virtual Private Network can be a solution to such problems. Millions of people around the world are adopting VPNs for their data security and safe online browsing. So here’s a beginner's guide on VPN. Let’s find out how a VPN works, the benefits, and the types of VPNs.  What is a VPN?  VPN stands for Virtual Private Network. Generally, the internet is provided through an ISP which processes all of their user’s traffic simultaneously. This makes them susceptible to malicious attacks which might intercept the net traffic to access personal data.  A VPN works as an intermediary between the computer and the destination to make it untraceable. There are a few complicated steps involved in the process. Let’s have a look.  Read more: How to Protect Your YouTube Channel from Getting Hacked How Does VPN Work? VPN creates a secure channel between the computer and the intended destination by developing a private network just for the user. The data gets encrypted and sent directly to the VPN server. There it gets decoded and sent to the intended location. This middle encryption allows the data to be completely untraceable by anyone.  Every device has a unique IP address that can be used to trace all of its activity. VPN essentially masks the IP address and assigns a new IP address from their server. As a result, the data becomes completely untraceable even by the ISP. VPN works not only to maintain anonymity online and protect privacy but also to allow users to access region-specific content.  Benefits of Using a VPN  There are a lot of benefits to using VPN. Here are a mentionable few.  Enhanced Privacy  VPN brings enhanced privacy thanks to the end-to-end encryption between you and the VPN server, making it impossible to be tracked by a third party.  Read More: Bank Account Hacking Protection: How to save financial accounts from hackers? Secured Data Transmission  The end-to-end computer-to-server extension also allows for secured data transmission. This is especially helpful if a user is in a public network zone like using free wifi. It's impossible to tell who else is signed into the network and what kind of monitoring they might be running. Secured encryption allows for safe data transmission.  Bypassing Geographical Restrictions  VPN helps to bypass geographical restrictions so that a user can access services that might not be available in their location or to evade censorship. For example, Netflix has a host of shows that are available in the UK but not in India. With VPN, a user from India can reroute their IP through the UK and access all the contents regardless of the restrictions.

Nowadays, millions of people around the world create YouTube channels and publish videos for diverse purposes like recreation, knowledge-sharing, experience-sharing, brand promotion, and earning. Hackers target successful channels which may waste the time, passion, and hard work of talented YouTubers. However, YouTube channels can be protected from hackers, by following a few simple steps. Let’s find out the ways to ensure a YouTube channel’s security. 14 Effective Tips to Protect YouTube Channel’s Security and Prevent Hacking Create Dedicated Google Accounts Multiple YouTube channels can be created using one Google account. Though it saves time, it is the least secure way to manage multiple YouTube channels. If a hacker gains access to that specific Google account, all YouTube channels connected to that account may get hacked. Therefore, it is recommended to create a separate Google account for each YouTube channel to prevent hacking. Opening a YouTube channel with one’s regular Google account can be risky too. However, if someone’s YouTube channel is created using his or her regular Google ID, then it would be wise to switch the YouTube channel to a separate Google account. Read More: Somoy TV regains control of YouTube channel after it got hacked Keep the email ID Private Many people have a tendency to use the same email address for several related online business accounts. For instance, many Youtube channel owners create business-related accounts with the same Gmail IDs that have been used to create their primary YouTube channels. This practice enhances the risks of hacking. When one uses an email address on any other website, there is a high risk of a breach of privacy and security. As hackers may attempt to access the email address, the Google account may be in danger. Having said that, a YouTube channel owner or manager should never divulge the email address (which is used to manage a YouTube account) to anyone or anywhere. Set a Strong Password There is a great chance of being hacked if one uses the same password across multiple apps, websites, and online platforms. A hacker can access someone’s Google account by obtaining the password from a less secure website where the user has previously applied it. Read More: YouTube Affiliate Marketing: Tips to build a successful channel One should use different passwords for each website one registers with and each account one creates. A unique and strong password needs to be created while opening a new channel under a dedicated Google account. The passwords should be stored somewhere safe; it can be saved in memory or documents. Under no circumstances, the password should be shared with anyone else or reused again. To assure security to a higher level, encryption programs can be used to encrypt the password and save it safely digitally. To decode the password from its encrypted form, all it needs is to remember the decrypt private key. Only the Google account’s real owner can interpret the original password because it is encrypted with a secret key. Use Password Managers Carefully Password managers can store passwords safely in one place. However, relying on password manager apps blindly can be risky. Not every password manager app or tool is secured. Still, today, storing passwords offline is the best way to preserve a YouTube channel's Google account password safely.  Read More: How to Increase YouTube subscribers for free If the YouTube account’s manager wants to sync and store across multiple devices, the Google Password Manager can be used. This default feature of Chrome browser has lots of facilities. Chrome Password Manager notifies the account holder if any password gets compromised. Furthermore, offline passwords can be imported into Google Password Manager. Before using a third-party password manager, don’t forget to check reviews in different forums, and communities about any security breach news. Change Account Password Regularly It is crucial to routinely change the passwords of Google accounts. There is always a danger that one’s credentials can be exposed online or on the dark web. If someone uses the same password for a very long time and it is accidentally disclosed online, he or she may not find time or scope to protect the Google account and YouTube channel from hacking. Read More: Best YouTube Channels to Learn English One can create their own highly safe password using a combination of numbers, symbols, small letters, and capital letters. Different apps and software can be used to generate strong and secure passwords randomly.  Use Two Factor Authentication Two-factor authentication (2FA) is the top-level protection one can give to one’s Google account apart from the password. Sundar Pichai, CEO of Google (Alphabet Inc.), has recently revealed his trust in 2FA as the best measure to protect his accounts. If someone’s YouTube channel’s dedicated Google account is not secured with a 2FA, it is high time for the channel owner to enable it. One can easily step up the Google account security with the Authenticator app from Google. It’s recommended to use a dedicated app and not your mobile number for 2FA. Hackers might clone your SIM card and get access to your 2FA codes if they already have access to your password. Read More: Top YouTube Movie Channels to Watch Full Length Movies Online Free When 2FA is enabled on a Google account, for every signing attempt, the system will verify the confirmation code sent on the account owner’s primary phone. Thus, hackers will fail to hack that Google account even if they somehow get the password.

There is a very high chance that you have heard about the hacking of bank accounts. Hackers are able to steal personal information, including bank account info, from millions of people every year. Many of these hacks involve malicious software or malware. The good news is that there are ways to protect yourself from these attacks and avoid having your financial information stolen. In this post, we are going to look at some of the most common ways that hackers get your personal information. We will also discuss how to keep the hackers away from banks as well as financial accounts. Some Common ways how bank accounts get hacked Hackers have a wide range of methods they use to break into bank accounts. In most of the cases, hackers have one goal in common and that is money. Here are some of the most common ways hackers attack bank accounts: Phishing Phishing is the act of fraudulently obtaining personal information (such as login credentials, bank account information, or personal identification numbers) by masquerading as a trustworthy entity in an electronic communication. Phishing scams are common and can be executed through email, web pages, or instant messages. One of the most popular methods of phishing is through fake emails that appear to be from banks or other financial institutions. Unfortunately, it's becoming increasingly common. Read Internet Safety Tips for Children, Teens, and Adults Malware Bank account hacking through Malware is a real threat that businesses and individuals need to be aware of. Malware is a crucial tool for criminals and hackers. Criminals use malware to steal data, passwords, and other confidential information from users of computers. Hackers use malware to gain access to systems and steal data or money. Mobile Banking Trojan There are a number of mobile banking trojans that infect devices and capture user credentials, bank account numbers, and other sensitive information. These malware variants can be installed through malicious emails or links in SMS messages and can then hijack user accounts and withdraw money from their bank accounts. While these trojans are only targeting mobile banking users, anyone who uses mobile banking to manage their finances is at risk. Using Unprotected Public Internet If you use a public internet connection to access your bank account, you may be at risk of having your information stolen. Hackers may be able to steal your username and password, which could allow them to access your account and financial information. Always use a secure login method, and make sure to keep your passwords confidential. Read Dangerous Android Apps That Can Steal Your Information Using Weak Password If you are using a weak password, your bank account may be at risk. A study from DataProt found that nearly 23 million people use easily guessed passwords like "password" or "123456". This leaves their accounts vulnerable to hackers who try to guess these passwords in order to gain access to their bank accounts. If you are concerned about the security of your bank account, make sure to create a strong password and keep it updated. How to protect your bank account from getting hacked? If you are like most people, you have a bank account that you use to store your money. Unfortunately, banks are lucrative targets for hackers. If your bank is hacked, your money could be stolen. Here are some tips on how to protect your bank account from being hacked. Use a Strong Password An easy way to keep your bank account safe from being hacked is to use a strong password. By creating a password that is difficult to guess, you can help protect yourself against potential cyber-attacks. A strong password should be at least 8 characters long and include at least one number and one letter. You will need to make sure that you have included numbers, lowercase letters, and uppercase letters. You can also include special characters, such as '$,' '@,' '#,' and '%.' Read How to Check Official Phone Using BTRC IMEI Number? Change your Password Frequently You will want to make sure you change your password regularly. You should also make sure you have changed it on all of your social media accounts. You can use a password manager to make this easier. Use Two-Factor Authentication Two-factor authentication is a security measure that requires you to enter both a password and a one-time code sent to your phone or computer. Many online banks and other sites now offer this protection, and it can help keep your bank account safe from being hacked. Two-factor authentication is also a good way to protect yourself against other types of online attacks. Always Use Secure Devices Secure your devices. Always use secure devices to save your bank account from getting hacked. Protect yourself with a password manager, 2-factor authentication, and other security features. Make sure to regularly update your software and keep your devices up-to-date with the latest security patches. Read Coronavirus: How hackers are preying on fears of Covid-19 Set Up Alerts from Bank If you bank online, it's important to set up alerts to keep yourself alert if your account is hacked. Hackers typically try to get access to your bank account in order to steal your money or use the funds for their own purposes. By setting up alerts, you'll be able to quickly detect any suspicious activity and take appropriate action. Keep Your Browser Up to Date Internet browsers are constantly being updated with new security features, but not all updates are created equal. Some browser updates protect against known attacks and vulnerabilities, while others may introduce new exploits that could put your bank account at risk. Make sure you keep your browser up to date by checking for browser updates regularly and installing only the latest versions. Keep Your Computer Safe If you are like most people, you use your computer for work, email, paying bills, and other important tasks. But what you might not know is that your computer can also be a powerful tool for criminals. Criminals use your computer to steal your personal information, bank account numbers, and more. So it's important to keep your computer safe so that it doesn't become a tool for criminals. Install antivirus software to protect your computer from malware and viruses. Keep up with regular security updates. Make sure your software is up to date so that it can detect any new threats. Read Wisconsin Republican Party says hackers stole $2.3 million Final Words So far, we have discussed some common methods how hackers can steal money from your bank. We have also shown some ways to avoid situations like bank account hacking. However, If you see anything suspicious in your bank account, you should report it straight away. It needs to make sure that you are reporting it to your bank without making any delay. Then, the bank authority is supposed to contact the police, and they will be able to investigate the incident. Hope it helps!

An investigation by a global media consortium based on leaked targeting data provides further evidence that military-grade malware from Israel-based NSO Group, the world’s most infamous hacker-for-hire outfit, is being used to spy on journalists, human rights activists and political dissidents. From a list of more than 50,000 cellphone numbers obtained by the Paris-based journalism nonprofit Forbidden Stories and the human rights group Amnesty International and shared with 16 news organizations, journalists were able to identify more than 1,000 individuals in 50 countries who were allegedly selected by NSO clients for potential surveillance. They include 189 journalists, more than 600 politicians and government officials, at least 65 business executives, 85 human rights activists and several heads of state, according to The Washington Post, a consortium member. The journalists work for organizations including The Associated Press, Reuters, CNN, The Wall Street Journal, Le Monde and The Financial Times. Amnesty also reported that its forensic researchers had determined that NSO Group’s flagship Pegasus spyware was successfully installed on the phone of Post journalist Jamal Khashoggi’s fiancee, Hatice Cengiz, just four days after he was killed in the Saudi Consulate in Istanbul in 2018. The company had previously been implicated in other spying on Khashoggi. Read: CJA shocked at killing of photojournalist Danish Siddiqui NSO Group denied in an emailed response to AP questions that it has ever maintained “a list of potential, past or existing targets.” In a separate statement, it called the Forbidden Stories report “full of wrong assumptions and uncorroborated theories.” The company reiterated its claims that it only sells to “vetted government agencies” for use against terrorists and major criminals and that it has no visibility into its customers’ data. Critics call those claims dishonest — and have provided evidence that NSO directly manages the high-tech spying. They say the repeated abuse of Pegasus spyware highlights the nearly complete lack of regulation of the private global surveillance industry. The source of the leak — and how it was authenticated -- was not disclosed. While a phone number’s presence in the data does not mean an attempt was made to hack a device, the consortium said it believed the data indicated potential targets of NSO’s government clients. The Post said it identified 37 hacked smartphones on the list. The Guardian, another consortium member, reported that Amnesty had found traces of Pegasus infections on the cellphones of 15 journalists who let their phones be examined after discovering their number was in the leaked data. The most numbers on the list, 15,000, were for Mexican phones, with a large share in the Middle East. NSO Group’s spyware has been implicated in targeted surveillance chiefly in the Middle East and Mexico. Saudi Arabia is reported to be among NSO clients. Also on the lists were phones in countries including France, Hungary, India, Azerbaijan, Kazakhstan and Pakistan. “The number of journalists identified as targets vividly illustrates how Pegasus is used as a tool to intimidate critical media. It is about controlling public narrative, resisting scrutiny, and suppressing any dissenting voice,” Amnesty quoted its secretary-general, Agnes Callamard, as saying. In one case highlighted by the Guardian, Mexican reporter Cecilio Pineda Birto was assassinated in 2017 a few weeks after his cell phone number appeared on the leaked list. AP’s director of media relations, Lauren Easton, said the company is “deeply troubled to learn that two AP journalists, along with journalists from many news organizations” are on the list of the 1,000 potential targets for Pegasus infection. She said the AP was investigating to try to determine if its two staffers’ devices were compromised by the spyware. The consortium’s findings build on extensive work by cybersecurity researchers, primarily from the University of Toronto-based watchdog Citizen Lab. NSO targets identified by researchers beginning in 2016 include dozens of Al-Jazeera journalists and executives, New York Times Beirut bureau chief Ben Hubbard, Moroccan journalist and activist Omar Radi and prominent Mexican anti-corruption reporter Carmen Aristegui. Her phone number was on the list, the Post reported. The Times said Hubbard and its former Mexico City bureau chief, Azam Ahmed, were on the list. Two Hungarian investigative journalists, Andras Szabo and Szabolcs Panyi, were among journalists on the list whose phones were successfully infected with Pegasus, the Guardian reported. Among more than two dozen previously documented Mexican targets are proponents of a soda tax, opposition politicians, human rights activists investigating a mass disappearance and the widow of a slain journalist. In the Middle East, the victims have mostly been journalists and dissidents, allegedly targeted by the Saudi and United Arab Emirates governments. Read:Gaza-based journalists in Hamas chat blocked from WhatsApp The consortium’s “Pegasus Project” reporting bolsters accusations that not just autocratic regimes but democratic governments, including India and Mexico, have used NSO Group’s Pegasus spyware for political ends. Its members, who include Le Monde and Sueddeutsche Zeitung of Germany, are promising a series of stories based on the leak. Pegasus infiltrates phones to vacuum up personal and location data and surreptitiously control the smartphone’s microphones and cameras. In the case of journalists, that lets hackers spy on reporters’ communications with sources. The program is designed to bypass detection and mask its activity. NSO Group’s methods to infect its victims have grown so sophisticated that researchers say it can now do so without any user interaction, the so-called “zero-click” option. In 2019, WhatsApp and its parent company Facebook sued NSO Group in U.S. federal court in San Francisco, accusing it of exploiting a flaw in the popular encrypted messaging service to target — with missed calls alone — some 1,400 users. NSO Group denies the accusations. The Israeli company was sued the previous year in Israel and Cyprus, both countries from which it exports products. The plaintiffs include Al-Jazeera journalists, as well as other Qatari, Mexican and Saudi journalists and activists who say the company’s spyware was used to hack them. Several of the suits draw heavily on leaked material provided to Abdullah Al-Athbah, editor of the Qatari newspaper Al-Arab and one of the alleged victims. The material appears to show officials in the United Arab Emirates discussing whether to hack into the phones of senior figures in Saudi Arabia and Qatar, including members of the Qatari royal family. NSO Group does not disclose its clients and says it sells its technology to Israeli-approved governments to help them target terrorists and break up pedophile rings and sex- and drug-trafficking rings. It claims its software has helped save thousands of lives and denies its technology was in any way associated with Khashoggi’s murder. NSO Group also denies involvement in elaborate undercover operations uncovered by The AP in 2019 in which shadowy operatives targeted NSO critics including a Citizen Lab researcher to try to discredit them. Last year, an Israeli court dismissed an Amnesty International lawsuit seeking to strip NSO of its export license, citing insufficient evidence. NSO Group is far from the only merchant of commercial spyware. But its behavior has drawn the most attention, and critics say that is with good reason. Read:Journalist Ranjan appointmented 1st Secretary (Press) at Kolkata Mission Last month, it published its first transparency report, in which it says it has rejected “more than $300 million in sales opportunities as a result of its human rights review processes.” Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation and a strident critic, tweeted: “If this report was printed, it would not be worth the paper it was printed on.” A new, interactive online data platform created by the group Forensic Architecture with support from Citizen Lab and Amnesty International catalogs NSO Group’s activities by country and target. The group partnered with filmmaker Laura Poitras, best known for her 2014 documentary “Citzenfour” about NSA whistleblower Edward Snowden, who offers video narrations. “Stop what you’re doing and read this,” Snowden tweeted Sunday, referencing the consortium’s findings. “This leak is going to be the story of the year.” Since 2019, the U.K. private equity firm Novalpina Capital has controlled a majority stake in NSO Group. Earlier this year, Israeli media reported the company was considering an initial public offering, most likely on the Tel Aviv Stock Exchange.

A cyberespionage campaign blamed on China was more sweeping than previously known, with suspected state-backed hackers exploiting a device meant to boost internet security to penetrate the computers of critical U.S. entities. The hack of Pulse Connect Secure networking devices came to light in April, but its scope is only now starting to become clear. The Associated Press has learned that the hackers targeted telecommunications giant Verizon and the country’s largest water agency. News broke earlier this month that the New York City subway system, the country’s largest, was also breached. Security researchers say dozens of other high-value entities that have not yet been named were also targeted as part of the breach of Pulse Secure, which is used by many companies and governments for secure remote access to their networks. It’s unclear what sensitive information, if any, was accessed. Some of the targets said they did not see any evidence of data being stolen. That uncertainty is common in cyberespionage and it can take months to determine data loss, if it is ever discovered. Ivanti, the Utah-based owner of Pulse Connect Secure, declined to comment on which customers were affected. Read: Huawei's largest cybersecurity, privacy protection transparency centre launched But even if sensitive information wasn’t compromised, experts say it is worrisome that hackers managed to gain footholds in networks of critical organizations whose secrets could be of interest to China for commercial and national security reasons. “The threat actors were able to get access to some really high-profile organizations, some really well-protected ones,” said Charles Carmakal, the chief technology officer of Mandiant, whose company first publicized the hacking campaign in April. The Pulse Secure hack has largely gone unnoticed while a series of headline-grabbing ransomware attacks have highlighted the cyber vulnerabilities to U.S. critical infrastructure, including one on a major fuels pipeline that prompted widespread shortages at gas stations. The U.S. government is also still investigating the fallout of the SolarWinds hacking campaign launched by Russian cyber spies, which infiltrated dozens of private sector companies and think tanks as well as at least nine U.S. government agencies and went on for most of 2020. China has a long history of using the internet to spy on the U.S. and presents a “prolific and effective cyber-espionage threat,” the Office of the Director of the National Intelligence said in its most recent annual threat assessment. Six years ago Chinese hackers stole millions of background check files of federal government employees from the Office of Personnel Management. And last year the Justice Department charged two hackers it said worked with the Chinese government to target firms developing vaccines for the coronavirus and stole hundreds of millions of dollars worth of intellectual property and trade secrets from companies across the world. Read:Attacks on individuals fall as cybercrime shifts tactics The Chinese government has denied any role in the Pulse hacking campaign and the U.S. government has not made any formal attribution. In the Pulse campaign, security experts said sophisticated hackers exploited never-before-seen vulnerabilities to break in and were hyper diligent in trying to cover their tracks once inside. “The capability is very strong and difficult to defend against, and the profile of victims is very significant,” said Adrian Nish, the head of cyber at BAE Systems Applied Intelligence. “This is a very targeted attack against a few dozen networks that all have national significance in one way or another.” The Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency, or CISA, issued an April alert about the Pulse hack saying it was aware of “compromises affecting a number of U.S. government agencies, critical infrastructure entities, and other private sector organizations.” The agency has since said that at least five federal agencies have identified indications of potential unauthorized access, but not said which ones. Verizon said it found a Pulse-related compromise in one of its labs but it was quickly isolated from its core networks. The company said no data or customer information was accessed or stolen. Read:Hack against US is 'grave' threat, cybersecurity agency says “We know that bad actors try to compromise our systems,” said Verizon spokesman Rich Young. “That is why internet operators, private companies and all individuals need to be vigilant in this space.” The Metropolitan Water District of Southern California, which provides water to 19 million people and operates some of the largest treatment plants in the world, said it found a compromised Pulse Secure appliance after CISA issued its alert in April. Spokeswoman Rebecca Kimitch said the appliance was immediately removed from service and no Metropolitan systems or processes were known to have been affected. She said there was “no known data exfiltration.” The Metropolitan Transportation Authority in New York also said they’ve not found evidence of valuable data or customer information was stolen. The breach was first reported by The New York Times. Nish, the BAE security expert, said the hackers could have broken into networks but not stolen data right away for any number of operational reasons. He compared it to a criminal breaking into a house but stopping in the hallway. “It’s still pretty bad,” Nish said. Read: UK government sets up cyber unit to fight coronavirus-related fake news Mandiant said it found signs of data extraction from some of the targets. The company and BAE have identified targets of the hacking campaign in several fields, including financial, technology and defense firms, as well as municipal governments. Some targets were in Europe, but most in the U.S. At least one major local government has disputed it was a target of the Pulse Secure hack. Montgomery County, Maryland, said it was advised by CISA that its Pulse Secure devices were attacked. But county spokesman Scott Peterson said the county found no evidence of a compromise and told CISA they had a “false report.” CISA did not directly respond to the county’s statement. The new details of the Pulse Secure hack come at a time of tension between the U.S. and China. Biden has made checking China’s growth a top priority, and said the country’s ambition of becoming the wealthiest and most powerful country in the world is “not going to happen under my watch.”

The Treasury Department of US on Thursday slapped six Russian technology companies with sanctions for supporting Kremlin intelligence agencies engaged in “dangerous and disruptive cyber attacks.” But only one of them stands out for its international footprint and partnerships with such IT heavyweights as Microsoft and IBM. That company, Positive Technologies, claims more than 2,000 customers in 30 countries, including major European banks Societe Generale and ING, as well as Samsung, SK Telecom of South Korea and BT, the British telecommunications giant. Also read: Microsoft server hack has victims hustling to stop intruders Its clients also include the FSB, a successor to the KGB that “cultivates and co-opts criminal hackers” who carry out ransomware and phishing attacks, the Treasury Department said. The U.S. said big conventions hosted by Positive Technologies are “used as recruiting events” by the FSB and the GRU, Russia’s military intelligence agency. GRU agents are the swashbucklers of Russian intelligence. The agency stands accused of spearheading the hack-and-leak operation that interfered in the 2016 U.S. presidential election to favor Donald Trump. Its agents also conducted the most damaging cyberattack on record, the runaway 2017 NotPetya virus that did more than $10 billion in global damage, its victims including the shipping giant Maersk and pharmaceutical company Merck. The CEO of the software industry-supported Internet Research Institute in Moscow, Karen Kazaryan, said he was not familiar with most of the Russian IT companies sanctioned on Thursday. But Positive Tech is well-known in the industry for its annual Hack Days conference, which is scheduled for May 20-21 at a Moscow hotel. Also read: Microsoft buying speech recognition firm Nuance in $16B deal Former CIA analyst Michael van Landingham applauded the naming and sanctioning of Russian IT companies known to have aided and abetted malign government activity. “Naming specific companies can create incentives for educated and skilled Russians who might be able to obtain jobs elsewhere where they don’t support Russian state hacking,” he said. Positive Tech’s specialty is identifying vulnerabilities in popular software such as Microsoft’s Windows operating system. The world’s intelligence agencies regularly lean on companies like it not to disclose potent vulnerabilities publicly when they find them but to instead quietly share them for hacking adversaries’ networks. The U.S. did not accuse Positive Technologies of any such behavior and the Treasury Department declined to answer questions about the company’s activities beyond a press release.