Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label U.S. Agencies. Show all posts

LexisNexis' Virtual Crime Center: Making Millions from Sales to the U.S. Government

 

According to contracting data and government records examined by Motherboard,a cybersecurity portal, the data firm LexisNexis generates millions of dollars offering specialised tools to law enforcement and other U.S. government organisations. 

The contracts draw attention to LexisNexis' frequently underappreciated government work, which entails capabilities beyond its standard people-search or article databases accessible to consumers and businesses. One of these is the Virtual Crime Center, a system for connecting open records with internal and external databases from various organisations. The Secret Service purchased licences for the Virtual Crime Center, according to papers obtained by security analysts at Motherboard. 

“Today’s law enforcement agencies need a view beyond their own jurisdictions. LexisNexis Accurint Virtual Crime Center brings together disconnected data from over 10,000 different sources, including police agencies nationwide and public records for intelligence-led policing that can then drive decisions and actions,” the website for the Virtual Crime Center reads. The product is sold by LexisNexis under the Accurint name, which the company also uses for its range of government and law enforcement solutions. 

As per procurement records, the Secret Service paid roughly $400,000 per year between 2020 and 2022 for access to the Virtual Crime Center. The tool is intended to be a one-stop shop for data searches that would often require a number of different independent platforms. 

Security analysts also discovered purchases of Accurint by the State Department, the Food and Drug Administration, the Animal and Plant Health Inspection Service, the U.S. Coast Guard, the Department of Navy, and the Defense Counterintelligence and Security Agency. The Intercept has previously reported on ICE's acquisition of LexisNexis data. According to documents obtained by the immigrant rights group Just Futures Law, ICE checked that data more than one million times in just seven months.

A LexisNexis product description for its Accurint data package was obtained by Motherboard through a Freedom of Information Act (FOIA) request. A large portion of such information is also found in LexisNexis' consumer editions, such as business and corporate information. Additionally, it contains information about "relatives, neighbours, and associates," which may be especially useful to police enforcement. 

"Relatives, neighbours, and acquaintances information" is seriously concerning, said Zach Edwards, a security researcher who monitors the data trade industry, to Motherboard in an online conversation. By establishing consumer profiles with information about people's intimate personal contacts and making them available to the government for purchase, it would seem that LexisNexis has elevated the idea of "friends and family plans" to a completely disturbing level. 

He also mentioned Accurint, which has licences for hunting, fishing, and using firearms. Selling hunting, fishing, and concealed weapon permits is a risky game to play because laws against the sharing of that information exist in nearly half of the states in the United States.

U.S. Agencies Warn of Russian APT Operators Exploiting Five Publicly Known Vulnerabilities

 

The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) jointly published an advisory on Thursday warning that Russian APT operators are exploiting five publicly known and already fixed vulnerabilities in corporate VPN infrastructure products, insisting it is “critically important” to mitigate these issues immediately. 

The urgent advisory was issued by the U.S. authorities to call attention to a quintet of CVEs that are being actively exploited by a threat actor associated with Russia’s foreign intelligence service (SVR). According to the NSA, the five vulnerabilities should be prioritized for patching alongside the latest batch of Exchange Server updates published by Microsoft earlier this week.

NSA took up mitigation of known vulnerabilities in the SolarWinds Orion software supply chain, the use of WellMess malware against COVID-19 researchers, and network attacks exploiting VMware vulnerability. They left little doubt that quick action is necessary to protect against those attack vectors.

“Mitigation against these vulnerabilities is critically important as the U.S. and allied networks are constantly scanned, targeted, and exploited by Russian state-sponsored cyber actors,” NSA, CISA, and FBI said.

“NSA, CISA, and FBI strongly encourage all cybersecurity stakeholders to check their networks for indicators of compromise related to all five vulnerabilities and the techniques detailed in the advisory and to urgently implement associated mitigations,” the agencies added.

 The vulnerabilities flagged by the agencies are:

• CVE-2018-13379 Fortinet FortiGate VPN 

• CVE-2019-9670 Synacor Zimbra Collaboration Suite

• CVE-2019-11510 Pulse Secure Pulse Connect Secure VPN 

• CVE-2019-19781 Citrix Application Delivery Controller and Gateway

• CVE-2020-4006 VMware Workspace ONE Access

According to AP News, ten Russian diplomats are being expelled by the US State Department as a result of this activity and 32 individuals and entities are accused of attempting to influence last year’s presidential election, including by spreading disinformation are sanctioned. “We cannot allow a foreign power to interfere in our democratic process with impunity”, president Biden said. 

The US Department of the Treasury announced that it was sanctioning “16 entities and 16 individuals who attempted to influence the 2020 U.S. presidential election at the direction of the leadership of the Russian Government.” Four front media organizations associated with Russian intelligence services were identified as disinformation shops: SouthFront, NewsFront, InfoRos, and the Strategic Culture Foundation.