U.S. warnings to Russian President Vladimir Putin over shielding cybercriminals holed up in Russia appear to have made little impact, according to top U.S. law enforcement and cyber officials. “There is no indication that the Russian government has taken action to crack down on ransomware actors that are operating in the permissive environment that they’ve created there,” Paul Abbate, deputy director of the Federal Bureau of Investigation, said Tuesday at an intelligence summit just outside Washington. “We’ve asked for help and cooperation with those who we know are in Russia, who we have indictments against, and we’ve seen no action,” Abbate said. “So, I would say that nothing’s changed in that regard.” U.S. President Joe Biden has twice called on the Russian leader to take action against cybercriminals operating out of Russia — first at a summit in June in Geneva and again in a phone call a month later. FILE – President Joe Biden, right, and Russian President Vladimir Putin meet at the Villa la Grange, in Geneva, Switzerland, June 16, 2021.”I made it very clear to him that the United States expects when a ransomware operation is coming from his soil, even though it’s not sponsored by the state, we expect them to act if we give them enough information to act on who that is,” Biden told reporters following the July phone call.Biden, Putin Discuss Ransomware Attacks From Russia Biden warns of consequences if attacks continueSince the initial talks, senior White House officials have noted a decrease in ransomware attacks, though they have been hesitant to attribute the change to any action by Moscow. “The present absence of criminal activity should not be confused with solid policing,” U.S. National Cyber Director Chris Inglis told an audience later Tuesday. “There’s still a monetary incentive and possibly a geopolitical incentive to allow that to come back,” he said, pushing back against calls for the U.S. to go on the offensive. “There is a sense that we can perhaps fire some cyber bullets and kind of shoot our way out of this. That will be useful in certain circumstances if we have a clear shot at a cyber aggressor and it could take them offline,” Inglis said. “That’s not going to affect the leadership that allows this to happen.” “We have to figure out what is it that matters to Putin and the oligarchs and how do we change their decision calculus,” he added. The Kremlin has repeatedly denied any role in a series of ransomware and cyberattacks against U.S. companies and infrastructure. And following the Biden-Putin call in July, it issued a statement supporting collaboration on cybersecurity, calling for such efforts to “be permanent, professional and nonpoliticized and should be conducted via special communication channels … and with respect to international law.” New: Discussions w/#Russia on #cyber continue, per Deputy National Security Advisor for Cyber Anne Neuberger@POTUS “looking for action” she says, adding US must also focus on “doing everything we can to lock our digital doors”— Jeff Seldin (@jseldin) September 2, 2021The U.S. blames Russia or Russian-based cyber actors for a series of high-profile hacks and ransomware attacks, including the December 2020 hack of SolarWinds, a U.S.-based software management company, and for the May 7 ransomware attack against Colonial Pipeline, the largest fuel pipeline operator in the U.S. U.S. officials have blamed the GRU for targeting the Democratic National Committee during the 2016 elections and the pharmaceutical companies developing vaccines against the coronavirus. US, Britain Warn of Russian ‘Brute Force’ Cyber CampaignUS officials urge agencies and organizations to take basic precautions as a first step in fighting backAsked Tuesday whether the U.S. has reached the point where it is ready to take action against Russia, the commander of U.S. Cyber Command deferred to the White House. “That’s obviously for the president to decide,” CYBERCOM’s General Paul Nakasone said. “But those options certainly will be provided for his consideration.” VOA’s Masood Farivar contributed to this report.
…
Day: September 14, 2021
Apple released a critical software patch to fix a security vulnerability that researchers said could allow hackers to directly infect iPhones and other Apple devices without any user action.
Researchers at the University of Toronto’s Citizen Lab said the security issue was exploited to plant spyware on a Saudi activist’s iPhone. They said they had high confidence that the world’s most infamous hacker-for-hire firm, Israel’s NSO Group, was behind that attack.
The previously unknown vulnerability affected all major Apple devices — iPhones, Macs and Apple Watches — the researchers said. NSO Group responded with a one-sentence statement saying it will continue providing tools for fighting “terror and crime.”
It was the first time a so-called “zero-click” exploit — one that doesn’t require users to click on suspect links or open infected files — has been caught and analyzed, the researchers said. They found the malicious code on September 7 and immediately alerted Apple. The targeted activist asked to remain anonymous, they said.
“We’re not necessarily attributing this attack to the Saudi government,” said researcher Bill Marczak.
Citizen Lab previously found evidence of zero-click exploits being used to hack into the phones of Al-Jazeera journalists and other targets but hasn’t previously seen the malicious code itself.
Although security experts say that average iPhone, iPad and Mac user generally need not worry — such attacks tend to be limited to specific targets — the discovery still alarmed security professionals.
Malicious image files were transmitted to the activist’s phone via the iMessage instant-messaging app before it was hacked with NSO’s Pegasus spyware, which opens a phone to eavesdropping and remote data theft, Marczak said. It was discovered during a second examination of the phone, which forensics showed had been infected in March. He said the malicious file causes devices to crash.
Citizen Lab says the case reveals, once again, that NSO Group is allowing its spyware to be used against ordinary civilians.
In a blog post, Apple said it was issuing a security update for iPhones and iPads because a “maliciously crafted” PDF file could lead to them being hacked. It said it was aware that the issue may have been exploited and cited Citizen Lab.
In a subsequent statement, Apple security chief Ivan Krstić commended Citizen Lab and said such exploits “are not a threat to the overwhelming majority of our users.” He noted, as he has in the past, that such exploits typically cost millions of dollars to develop and often have a short shelf life.
Apple didn’t respond to questions regarding whether this was the first time it had patched a zero-click vulnerability.
Users should get alerts on their iPhones prompting them to update the phone’s iOS software. Those who want to jump the gun can go into the phone settings, click “General” then “Software Update,” and trigger the patch update directly.
Citizen Lab called the iMessage exploit FORCEDENTRY and said it was effective against Apple iOS, MacOS and WatchOS devices. It urged people to immediately install security updates.
Researcher John Scott-Railton said the news highlights the importance of securing popular messaging apps against such attacks.
“Chat apps are increasingly becoming a major way that nation-states and mercenary hackers are gaining access to phones,” he said. “And, it’s why it’s so important that companies focus on making sure that they are as locked down as possible.”
The researchers said it also undermines NSO Group’s claims that it only sells its spyware to law enforcement officials for use against criminals and terrorists and audits its customers to ensure it’s not abused.
“If Pegasus was only being used against criminals and terrorists, we never would have found this stuff,” said Marczak.
Facebook’s WhatsApp also was allegedly targeted by an NSO zero-click exploit. In October 2019, Facebook sued NSO in U.S. federal court for allegedly targeting some 1,400 users of the encrypted messaging service with spyware.
In July, a global media consortium published a damning report on how clients of NSO Group have been spying for years on journalists, human rights activists, political dissidents, and people close to them, with the hacker-for-hire group directly involved in the targeting.
Amnesty International said it confirmed 37 successful Pegasus infections based on a leaked targeting list whose origin was not disclosed.One case involved the fiancee of Washington Post journalist Jamal Khashoggi just four days after he was killed in the Saudi Consulate in Istanbul in 2018. The CIA attributed the murder to the Saudi government.
The recent revelations also prompted calls for an investigation into whether Hungary’s right-wing government used Pegasus to secretly monitor critical journalists, lawyers and business figures. India’s parliament also erupted in protests as opposition lawmakers accused Prime Minister Narendra Modi’s government of using NSO Groups’ product to spy on political opponents and others.
France also is trying to get to the bottom of allegations that President Emmanuel Macron and members of his government may have been targeted in 2019 by an unidentified Moroccan security service using Pegasus.
Morocco, a key French ally, denied those reports and is taking legal action to counter allegations implicating the North African kingdom in the spyware scandal.
…
A robot called Moxi is helping nurses and hospital staff focus more on patients by taking care of menial tasks. The VOA’s Deana Mitchell has the story.
…
An international group of vaccine experts have come out in opposition of providing booster shots of COVID-19 vaccines to the general population, an opinion that pushes back against increasing efforts in the United States and other nations battling a surge of new cases.In an essay published Monday in The Lancet medical journal, the experts say recent studies show the current vaccines in use around the world continue to provide strong protection against the virus despite the presence of the more contagious delta variant, especially against severe illness and hospitalization. The trend to provide booster shots of COVID-19 vaccines began after studies out of Israel suggested the two-dose Pfizer vaccine’s effectiveness had significantly decreased among elderly people who were inoculated at the beginning of this year. The data prompted Israel to begin administering booster shots to people 50 years of age or older. The authors suggest that modifying the vaccines to match the specific COVID-19 variants is a better approach than providing extra doses of the original vaccine. The authors include two leading scientists with the World Health Organization, Ana-Maria Henao-Restrepo and Soumya Swaminathan, and Dr. Marian Gruber and Dr. Philip Krause, two key officials in the U.S. Food and Drug Administration’s vaccine review office who are leaving their posts before the end of the year. The New York Times recently reported that Gruber and Krause are upset over the Biden administration’s recent announcement that booster shots would be offered for some Americans beginning next month, well before the FDA had time to properly review the data. The FDA is nearing a decision on whether to recommend COVID-19 vaccines for children under 12 years of age and booster shots of the current vaccines already approved for adult Americans. Both the FDA and the Centers for Disease Control and Prevention last month recommended a third shot of Pfizer or Moderna for some people with weakened immune systems. FILE – World Health Organization Director-General Tedros Adhanom Ghebreyesus attends a news conference in Geneva.Tedros Adhanom Ghebreyesus, the director-general of the World Health Organization, recently implored wealthy nations to forgo COVID-19 vaccine booster shots for the rest of the year to ensure that low- and lower-middle-income countries have more access to the vaccine. Tedros had previously asked high and upper-middle income nations not to provide boosters until September. British Prime Minister Boris Johnson is set to announce Wednesday that the government will provide COVID-19 vaccine booster shots for citizens 50 years of age and older in time for the upcoming winter months. Putin self-isolatingMeanwhile, Russian President Vladimir Putin is self-isolating after several members of his entourage tested positive for COVID-19, according to a statement by the Kremlin. President Putin has tested negative for the virus, but has decided not to travel to Tajikistan for upcoming security conferences, the statement added. He met Monday with Syrian President Bashar al-Assad and held a separate public event with several members of Russia’s Paralympic team. Putin has been fully vaccinated against COVID-19 with the domestically-developed two-dose Sputnik V vaccine. Some information for this report came from the Associated Press, Reuters and Agence France-Presse.
…
Four people are set to become the world’s first all-civilian crew to fly into Earth orbit when they blast off from NASA’s Kennedy Space Center Wednesday as space tourism takes its biggest leap yet. Weather conditions are 70% favorable for Wednesday night’s scheduled launch of Americans Jared Isaacman, Hayley Arceneaux, Chris Sembroski and Sian Proctor from the U.S. spaceport’s historic Launch Pad 39A, which was used for the Apollo moon missions during the 1960s and 70s. The four-member crew will fly into space aboard the Crew Dragon spacecraft built by SpaceX, the privately-run company which has begun sending astronauts to the International Space Station. The fully automated Crew Dragon spacecraft will take the crew to an altitude of 575 kilometers above the Earth’s surface, just above the current positions of both the ISS and the Hubble Space Telescope. SpaceX said the four space tourists will “conduct scientific research designed to advance human health on Earth and during future long-duration spaceflights” before splashing down in the Atlantic Ocean near the Florida coast three days later. The mission, dubbed Inspiration4, will be led by the 38-year-old Isaacman, a billionaire technology entrepreneur and founder of an online payment-processing company who is said to have paid SpaceX several million dollars for the flight. The 29-year-old Arceneaux is a childhood bone cancer survivor who has a titanium rod in her leg, which makes her the first person to fly in space with a prosthesis. Sembroski is a 42-year-old retired U.S. Air Force ballistic missile maintenance engineer who now works in the aviation industry, while 51-year-old Proctor is a geoscientist and community college professor who was a NASA astronaut finalist in 2009. Sembroski and Proctor were selected through a nationwide search contest, while Arceneaux is flying as a representative of St. Jude Children’s Research Hospital in Memphis, Tennessee, where she was treated during her battle with cancer and now works as a physician’s assistant. Isaacman is using the flight to raise $100 million for St. Jude, and has pledged $100 million of his own money to the hospital. Isaacman’s flight will far exceed those of fellow billionaires Richard Branson and Jeff Bezos, who each took brief non-orbital flights to the edge of space aboard their own self-financed vehicles — Virgin Galactic and Blue Origin, respectively — earlier this year. Some information for this report came from the Associated Press, Reuters and Agence France Presse.
…
Hurricane Nicholas officially made landfall early Tuesday morning along the southeastern coast of Texas. The National Hurricane Center says Nicholas made landfall shortly after midnight local time (0530 GMT) on the eastern part of Texas’ Matagorda Peninsula shortly after midnight local time (0530 GMT) about 15 kilometers west-southwest of Sargent Beach. The storm is carrying maximum sustained winds of 120 kilometers an hour, making it a Category 1 storm on the five-level scale that measures a storm’s maximum sustained wind speed and destructive potential. It is the sixth named hurricane of the 2021 Atlantic hurricane season. Nicholas had already begun to produce heavy rains and strong winds along parts of Texas and neighboring Louisiana before making landfall. Forecasters expect the hurricane to travel along a northeastern path outside of the city of Houston before moving into Louisiana during the day. Forecasters have issued hurricane watches and warnings and storm surge warnings for several communities along the Texas coast, with the likelihood of life-threatening situations such as flash flooding. Nicholas is expected to produce between 15 and 30 centimeters of rain along the region into Wednesday. The National Hurricane Center also says there is a chance of “a tornado or two” along the upper Texas and southwest Louisiana coast through Tuesday morning. The flood-prone city of Houston was swamped by Hurricane Harvey in 2017, which dropped 152 centimeters of rain (60 inches) on the city over four days. “Listen to local weather alerts and heed local advisories about the right and safe thing to do, and you’ll make it through this storm just like you’ve had many other storms,” Texas Governor Greg Abbott said during a news conference in Houston Monday. Forecasters say Nicholas is likely to gradually weaken over the next two or three days. Some information for this report came from The Associated Press.
…
Billie Eilish went full glam in a huge peach ball gown at the pandemic-delayed Met Gala on Monday night, while fellow host of the evening Amanda Gorman was breathtaking in blue custom Vera Wang with a diamond laurel wreath in her hair.Co-host Timothée Chalamet raced onto Fifth Avenue to take selfies with fans before walking up the steps of the Metropolitan Museum of Art for his entrance after a marching band and gymnast kicked off the long-awaited evening. Last year’s gala was canceled due to the pandemic.This year’s official theme of the fundraiser for the museum’s Costume Institute was “American Independence,” leaving plenty of room for interpretation. Just ask Lil Nas X, who did a Lady Gaga-esque strip tease on the carpet in gold Versace, from cape to armor to embellished jumpsuit.
Eilish, the belle of the ball, wore Oscar de la Renta. She told Vogue: “It was time for this. I feel like I’ve grown so much over the last few years.”Chalamet had sneakers on his feet but diamonds on his look. Chalamet called his look “a bit of everything,” just like America.Gorman’s dress, which included more than 3,000 hand-sewn crystals, was made to evoke a starry night sky. She told Vogue she felt like Lady Liberty, reimagined. Her crown, the star poet said, was a nod to publishing. Another of the hosts, Naomi Osaka, wanted to celebrate all her cultures — Japan, Haitian and the U.S. — and picked a Louis Vuitton gown designed in collaboration with her sister, Mari Osaka. It was a swirly blue, aqua and purple print with long black ruffle sleeves and a wide red sash.If this gala produced a trend, it’s huge statement sleeves, with some stars and stripes thrown in. There was a smattering of red, as in the red, white and blue of the American flag. Karlie Kloss wore red Carolina Herrera with huge ruffles at the neck and sleeves. Jennifer Hudson also chose red sans sleeves. Also in red: Ella Emhoff, the daughter of the country’s second gentleman, Doug Emhoff, and Vice President Kamala Harris. She wore a trouser look with a sheer top and a crystal design in all the right places.Dan Levy took the party’s theme to the extreme in a blue confection from Loewe. It had, according to the brand, “printed leg of mutton sleeves” on a polo shirt with an applique of two men kissing. Leon Bridges, meanwhile, honored his home state of Texas in a white cowboy hat and a blue suede fringe jacket. “It’s all about embodying the aesthetic of Texas,” said Bridges, with jewels in his hair.Yara Shahidi wore silver custom Dior complete with a head piece. She said she was inspired by Josephine Baker. Emma Chamberlain went for a gold mini with cutouts at the waist and chunky mirror and chain detail. Harris Reed put Iman in a huge golden hat.Gala overseer Anna Wintour arrived early with a wave to the crowd accompanied by her pregnant daughter, Bee, in a floral design with ruffles at the neck.Along with oh-so-many jumpsuits, there were plenty of classic red carpet looks and a wave of gold, the latter including a Peter Dundas look worn by Mary J. Blige. It plunged to the belly button and beyond at the front and back. Megan Fox, fresh from hear appearance at the MTV VMAs, also wore embellished Dundas, a red body hugger with crisscrossing at the front and sides. MJ Rodriguez, the “Pose” star and first transgender performer to pick up an Emmy nomination in a major acting category, wore an old glam, black-and-white corseted look from Thom Brown. The designer called it a modern-day twist on classic American sportswear. She attended the gala with purpose.”Not a lot of trans girls like myself get this opportunity,” she said. “The human condition is what I’m here for.”U.S. Rep. Alexandria Ocasio-Cortez showed up in an Aurora James gown of white with a message splashed in red across the back: “Tax the Rich.”The evening had its share of what-the-heck moments, like a couple of horse heads on dresses and a green-haired Frank Ocean carrying a fake baby with a green face to match. Thom Browne gave the walking fashion statement Erykah Badu an extra-tall top hat with a bulky black look, a bunch of crystals and chunky bling around her neck.Her purse was a black leather dachshund.Dundas also dressed Ciara, who honored Seahawks hubby Russell Wilson with his No. 3 emblazoned on her lime green sequined gown. She added a little something extra — a Super Bowl ring — and carried a bedazzled purse in the shape of a football.She said the designer was inspired by the sporty vibe of the late great Geoffrey Beene.
The gala, which raises money for the museum’s Costume Institute, was pushed last year from its traditional May berth and morphed this year into a two-part affair marking the institute’s 75th anniversary. It coincides with the opening of “In America: A Lexicon of Fashion,” the first of a two-part exhibition at the Met’s Anna Wintour Costume Center. Organizers invited 400 guests, or about a third the number that usually attend.
…
George Wein, an impresario of 20th century music who helped found the Newport Jazz and Folk festivals and set the template for gatherings everywhere from Woodstock to the south of France, died Monday. Wein, 95, died “peacefully in his sleep” in his New York City apartment, said Carolyn McClair, a family spokesperson. A former jazz club owner and aspiring pianist, Wein launched the Newport Jazz Festival in 1954 under pouring rain and with a lineup for the heavens — Billie Holiday and Dizzy Gillespie, Ella Fitzgerald and Lester Young. Louis Armstrong was there the following year and Duke Ellington made history in 1956, his band’s set featuring an extraordinary, 27-chorus solo from saxophonist Paul Gonsalves that almost single-handedly revived the middle-aged Ellington’s career. Wein led the festival for more than 50 years, and performers would include virtually every major jazz star, from Miles Davis and Thelonious Monk to Charles Mingus and Wynton Marsalis. Just in 1965, the bill featured Frank Sinatra, Count Basie, John Coltrane, Ellington, Gillespie, Davis and Monk. FILE – Wynton Marsalis performs at the Newport Jazz Festival in Newport, Rhode Island, on August 6, 2011.The success of Newport inspired a wave of jazz festivals in the U.S., and Wein replicated his success worldwide, his other projects including the New Orleans Jazz & Heritage Festival and the Grande Parade du Jazz in Nice, France. His multiday, all-star gatherings were also a model for rock festivals, whether Woodstock in 1969 or the Lollapalooza tours of recent years. Critic Gene Santoro observed in 2003 that without Wein, “everything from Woodstock to Jazz at Lincoln Center might have happened differently — if it happened at all.” Wein “can justifiably claim to have invented, developed and codified the contemporary popular music festival,” Santoro wrote. The idea for Newport came in part from locals Louis and Elaine Lorillard, who urged Wein to organize a jazz festival in their resort community in Rhode Island. Elaine Lorillard, a socialite, complained that the summer scene was “terribly boring.” Her tobacco-heir husband backed her up with a $20,000 donation. Wein had never known of a large-scale jazz festival, so, in the spirit of the music, he improvised — seeking to combine the energy and musicality of a Harlem jazz club with the ambience of a summer classical concert in Tanglewood. “What was a festival to me?” Wein later said. “I had no rulebook to go by. I knew it had to be something unique, that no jazz fan had ever been exposed to.” FILE – In this 1963 file photo, Joan Baez and Bob Dylan perform at the festival in Newport, Rhode Island.In 1959, Wein joined with Pete Seeger and began a companion folk festival that would feature early performances by Joan Baez and Jose Feliciano among others and track the evolution of Bob Dylan from earnest troubadour to rule-breaking rock star. Dylan’s show in 1963 helped establish him as the so-called “voice of his generation,” but by 1965 he felt confined by the folk community and turned up at Newport with an electric band. The response was mostly positive, but there were enough boos from the crowd and conflicts backstage — Wein rejected the legend that Seeger tried to cut the power cables to Dylan’s amps — to make Dylan’s appearance a landmark in rock and folk history. In his memoir, “Myself Among Others,” Wein remembered confronting Dylan as he left the stage and insisted he return to play something acoustic. Years later, Wein remained moved by memories of hearing Dylan sing “It’s All Over Now, Baby Blue,” a farewell ballad in more ways than one. “It was a farewell to the idealism and purity of the folk revival,” Wein wrote. “There was no turning back — not for Dylan, not for anyone.” The Newport festivals have led to numerous films and concert albums, notably Murray Lerner’s Oscar-nominated 1967 documentary “Festival!” with Dylan, Johnny Cash and Howlin’ Wolf among the performers. Wein would later bring in Led Zeppelin, Sly and the Family Stone and James Brown and other rock and rhythm and blues acts. In 2020, when Newport went virtual because of the pandemic, Wein introduced Mavis Staples from his home in Manhattan. Wein himself had been a pianist since childhood and he maintained an active music career, releasing “Wein, Women and Song,” “Swing That Music” and several other albums and making yearly appearances at the Newport festival with his Newport All-Stars band. He was named a “Jazz Master” in 2005 by the National Endowment for the Arts and received an honorary Grammy in 2014. Years earlier, President Bill Clinton brought his saxophone to the White House stage for a celebration of the Newport Jazz Festival. The Newport festival lasted despite ongoing conflicts, whether objections from the locals in Newport, the declining appeal of jazz, or the demands and resentments of the musicians. In the mid-1970s, he was struggling financially and became among the first popular music promoters to work with corporate sponsors, notably the makers of Kool cigarettes. In 2005, he sold his company Festival Productions Inc. to Festival Network LLC and took on a more limited role at Newport. Six years later, he established the nonprofit Newport Festivals Foundation to oversee the summertime events. “I want the festivals to go on forever,” Wein told The Associated Press at the time. “With me it’s not a matter of business. This is my life.”
…