Tag Archive for: agrees

Government agrees law to protect confidential journalistic material from state hacking

/in


The government has agreed to bring in legislation to require MI5 and GCHQ to seek independent authorisation before accessing confidential journalistic material obtained through the bulk hacking of phones or computer systems.

The Investigatory Powers (Amendment) Bill, which was debated in the House of Commons yesterday (Monday 19 February), will require the intelligence services to seek independent approval from the investigatory powers commissioner before accessing journalistic material or material that could identify a confidential journalistic source.

The concession follows a seven-year legal challenge brought by human rights organisation Liberty with the support of the National Union of Journalists (NJU).

It follows separate warnings from technology companies and rights organisations that proposed changes to the Investigatory Powers Act would disrupt the ability of technology companies to apply security updates and introduce end-to-end encryption.

The government has asked Liberty to drop legal proceedings against it in the light of a proposed amendment to the Investigatory Powers Bill 2016 that will require an independent body to review all requests to search and retain confidential journalistic information obtained through bulk hacking of computers, phones and tablets.

Journalists exposed to state surveillance and interference

Under current law, security and intelligence agencies and other state bodies can search for confidential journalist material, including emails, calls and texts, among data obtained through bulk hacking operations without the need for prior authorisation from a judicial commissioner.

The government introduced similar protections for journalistic material obtained through bulk interception in March 2023 following a landmark ruling by the European Court of Human Rights in the case of “Big Brother Watch and others v UK”,  which found that bulk interception of communications data breached the privacy rights of UK citizens.

Megan Goulding, a lawyer for Liberty, said journalists have been exposed to state surveillance and interference for more than a decade with few safeguards or protections.

“The introduction of a new requirement for an independent…

Source…

Thoma Bravo agrees to acquire digital forensics firm Magnet Forensics for over $1B • TechCrunch

/in


Thoma Bravo, the private equity and growth capital firm, today announced that it would spend $1.8 billion CAD (~$1.34 billion) to acquire Magnet Forensics, a Waterloo-based company making software used by defense forces and businesses to investigate cybersecurity threats.

Magnet Forensics will be purchased by a newly created corporation controlled by Thoma Bravo, Morpheus Purchaser Inc., which will pay Magnet Forensics shareholders a 15% premium over Thursday’s closing price on the Toronto Stock Exchange. Post-buy, Morpheus will be merged with mobile device forensics outfit Grayshift, which Thoma Bravo acquired majority control of last July.

The transaction is expected to close by Q2 2023, subject to shareholder and other customary approvals.

“We look forward to bringing together the complementary capabilities of Magnet and Grayshift to create a leader in the digital forensics and cyber security space,” Thoma Bravo partner Hudson Smith said in a press release. “Digital evidence is an increasingly critical aspect of investigations and the combined company will be well-positioned to further market expansion, accelerate innovation and provide even greater solutions to its customers.”

Launched in 2010, Magnet Forensics develops digital investigation software that acquires, analyzes, reports on and manages evidence from computers, mobile devices, Internet of Things devices and cloud services. The company was founded by Jad Saliba, a Waterloo regional police constable who worked in the police force’s high-tech crimes unit. After incubating Magnet Forensics’ software at the unit, Saliba decided to strike out on his own and sell the tech for a licensing fee, partnering with Jim Balsillie and Adam Belsher, then BlackBerry executives.

Before going public, Magnet Forensics attracted an investment from In-Q-Tel, the nonprofit venture arm of the U.S. intelligence community. The company claims that its software is used by more than 4,000 public and private sector customers — e.g. police forces, intelligence agencies, tax officials, border guards and militaries — in over 100 countries, helping investigators protect assets and guard national security.

Business was booming…

Source…

Netwalker ransomware affiliate agrees to plead guilty to hacking charges

/in


Prolific Netwalker ransomware affiliate Sebastien Vachon-Desjardins agreed to plead guilty on Tuesday to several charges related to a hacking campaign against a company based in Florida. 

The 34-year-old Vachon-Desjardins, who previously was sentenced to seven years in prison by Canadian officials for other ransomware attacks, was extradited to the U.S. in March and has been held in a Tampa prison since then. 

According to a plea agreement filed on Tuesday, Vachon-Desjardins agreed to forfeit $21.5 million, about 27.65 BTC and dozens of seized devices. 

United States Attorney for the Middle District of Florida Roger Handberg said Vachon-Desjardins has agreed to plead guilty to four charges: Conspiracy to Commit Computer Fraud, Conspiracy to Commit Wire Fraud, Intentional Damage to a Protected Computer and Transmitting a Demand in Relation to Damaging a Protected Computer.

A portion of the plea agreement filed Tuesday.

The charges carry a combined maximum prison sentence of 40 years, but the document made references to a potential deal where Vachon-Desjardins will face less years in exchange for cooperation.

The lawyers did not say which company was attacked but noted that it is based in Tampa and was attacked on May 1, 2020. 

Vachon-Desjardins sent the company a ransom note demanding $300,000 in bitcoin but the company did not pay, instead spending $1.2 million to recover from the incident. 

The ransom note Vachon-Desjardins sent the company. Image: DOJ

In the plea deal, and in a presentation at the RSA conference earlier this month, the Justice Department said it was able to gain access to the backend server of the NetWalker Tor Panel and the NetWalker Blog, giving them a view into the gang’s operations. 

The group had managed to extort victims for about 5,058 bitcoin — worth about $40 million based on the value of bitcoin at the time of each transaction.

“These records also tied Vachon Desjardins to the successful extortion of approximately 1,864 bitcoin in ransoms (an approximate total of $21 .5 million USD based on the value of bitcoin at the time of each transaction) from dozens of victim companies across the world, including Victim 1,” the Justice Department…

Source…