BRASILIA, July 2 (Reuters) - Brazil's central bank said on Wednesday that technology services provider C&M Software, which serves financial institutions lacking connectivity infrastructure, had reported a cyberattack on its systems.
The bank did not provide further details of the attack, but said in a statement that it ordered C&M to shut down financial institutions' access to the infrastructure it operates.
C&M Software commercial director Kamal Zogheib said the company was a direct victim of the cyberattack, which involved the fraudulent use of client credentials in an attempt to access its systems and services.
C&M said critical systems remain intact and fully operational, adding that all security protocol measures had been implemented. The company is cooperating with the central bank and the Sao Paulo state police in the ongoing investigation, added Zogheib.
Brazilian financial institution BMP told Reuters that it and five other institutions experienced unauthorized access to their reserve accounts during the attack, which took place on Monday.
BMP said the affected accounts are held directly at the central bank and used exclusively for interbank settlement, with no impact on client accounts or internal balances.
WASHINGTON, June 30 (Reuters) - Iran-linked hackers have threatened to disclose more emails stolen from U.S. President Donald Trump's circle, after distributing a prior batch to the media ahead of the 2024 U.S. election.
In online chats with Reuters on Sunday and Monday, the hackers, who go by the pseudonym Robert, said they had roughly 100 gigabytes of emails from the accounts of White House Chief of Staff Susie Wiles, Trump lawyer Lindsey Halligan, Trump adviser Roger Stone and porn star-turned-Trump antagonist Stormy Daniels.
Germany's data protection commissioner has asked Apple and Google to remove Chinese AI startup DeepSeek from their app stores in the country due to concerns about data protection, following a similar crackdown elsewhere.
FRANKFURT, June 27 (Reuters) - Germany's data protection commissioner has asked Apple (AAPL.O), opens new tab and Google (GOOGL.O), opens new tab to remove Chinese AI startup DeepSeek from their app stores in the country due to concerns about data protection, following a similar crackdown elsewhere.
Commissioner Meike Kamp said in a statement on Friday that she had made the request because DeepSeek illegally transfers users' personal data to China.
The two U.S. tech giants must now review the request promptly and decide whether to block the app in Germany, she added, though her office has not set a precise timeframe.
Google said it had received the notice and was reviewing it.
DeepSeek did not respond to a request for comment. Apple was not immediately available for comment.
According to its own privacy policy, opens new tab, DeepSeek stores numerous pieces of personal data, such as requests to its AI programme or uploaded files, on computers in China.
"DeepSeek has not been able to provide my agency with convincing evidence that German users' data is protected in China to a level equivalent to that in the European Union," Kamp said.
"Chinese authorities have far-reaching access rights to personal data within the sphere of influence of Chinese companies," she added.
AI firm DeepSeek is aiding China's military and intelligence operations, a senior U.S. official told Reuters, adding that the Chinese tech startup sought to use Southeast Asian shell companies to access high-end semiconductors that cannot be shipped to China under U.S. rules.
The U.S. conclusions reflect a growing conviction in Washington that the capabilities behind the rapid rise of one of China's flagship AI enterprises may have been exaggerated and relied heavily on U.S. technology.
Hangzhou-based DeepSeek sent shockwaves through the technology world in January, saying its artificial intelligence reasoning models were on par with or better than U.S. industry-leading models at a fraction of the cost.
"We understand that DeepSeek has willingly provided and will likely continue to provide support to China's military and intelligence operations," a senior State Department official told Reuters in an interview.
"This effort goes above and beyond open-source access to DeepSeek's AI models," the official said, speaking on condition of anonymity in order to speak about U.S. government information.
The U.S. government's assessment of DeepSeek's activities and links to the Chinese government have not been previously reported and come amid a wide-scale U.S.-China trade war.
June 19 (Reuters) - Tata Consultancy Services (TCS.NS), opens new tab said none of its "systems or users were compromised" as part of the cyberattack that led to the theft of customer data at retailer Marks and Spencer (MKS.L), opens new tab, its client of more than a decade.
"As no TCS systems or users were compromised, none of our other customers are impacted" independent director Keki Mistry told its annual shareholder meeting.
The Reuters Daily Briefing newsletter provides all the news you need to start your day. Sign up here.
"The purview of the investigation (of customer) does not include TCS," Mistry added.
This is the first time India's No 1 IT services company has publicly commented on the cyber hack. M&S did not immediately respond to a request for comment.
TCS is one of the technology services providers for the British retailer. In early 2023, TCS reportedly, opens new tab won a $1 billion contract for modernising M&S' legacy technology with respect to its supply chain and omni-channel sales while increasing its online sales.
The "highly sophisticated and targeted" cyberattack which M&S disclosed in April will cost about 300 million pounds ($403 million) in lost operating profit, and disruption to online services is likely until July.
Last month, Financial Times reported that TCS is internally investigating whether it was the gateway for a cyberattack.
Mistry presided as the chairman at the company's annual shareholder meeting as Tata Group Chairman N Chandrasekaran skipped it due to "exigencies".
The chairman's absence comes as the Group's airline Air India plane with 242 people on board crashed after take-off in Ahmedabad last week, killing all passengers except one.
Reporting by Sai Ishwarbharath B and Haripriya Suresh, Editing by Louise Heavens
he Czech Republic on Wednesday accused China of being responsible for a "malicious cyber campaign" targeting a network used for unclassified communication at its Foreign Affairs ministry, but China rejected the accusations.
China's embassy in Prague called on the Czech side to end its "microphone diplomacy".
The attacks started during the country's 2022 EU presidency and were perpetrated by the cyber espionage group APT31, the Czech government said in a statement. The Czech Republic, an EU state and NATO member, said APT31 was publicly associated with the Chinese Ministry of State Security.
Foreign Minister Jan Lipavsky said that after the attack was detected, the ministry implemented a new communications system with enhanced security in 2024.
"I summoned the Chinese ambassador to make clear that such hostile actions have serious consequences for our bilateral relations," he said.
Lipavsky said the attacks centered on email and other documents and focused on information concerning Asia.
"The Government of the Czech Republic strongly condemns this malicious cyber campaign against its critical infrastructure," the government said in its statement.
China's embassy in the Czech Republic expressed "strong concern and decisive disagreement" with the Czech accusations.
LONDON, May 14 (Reuters) - U.S. energy officials are reassessing the risk posed by Chinese-made devices that play a critical role in renewable energy infrastructure after unexplained communication equipment was found inside some of them, two people familiar with the matter said.
Power inverters, which are predominantly produced in China, are used throughout the world to connect solar panels and wind turbines to electricity grids. They are also found in batteries, heat pumps and electric vehicle chargers. While inverters are built to allow remote access for updates and maintenance, the utility companies that use them typically install firewalls to prevent direct communication back to China.
However, rogue communication devices not listed in product documents have been found in some Chinese solar power inverters by U.S experts who strip down equipment hooked up to grids to check for security issues, the two people said.
Over the past nine months, undocumented communication devices, including cellular radios, have also been found in some batteries from multiple Chinese suppliers, one of them said.
Reuters was unable to determine how many solar power inverters and batteries they have looked at. The rogue components provide additional, undocumented communication channels that could allow firewalls to be circumvented remotely, with potentially catastrophic consequences, the two people said.
Both declined to be named because they did not have permission to speak to the media.
"We know that China believes there is value in placing at least some elements of our core infrastructure at risk of destruction or disruption," said Mike Rogers, a former director of the U.S. National Security Agency. "I think that the Chinese are, in part, hoping that the widespread use of inverters limits the options that the West has to deal with the security issue."
A spokesperson for the Chinese embassy in Washington said: "We oppose the generalisation of the concept of national security, distorting and smearing China's infrastructure achievements."
Hackers targeted around ten official websites in Italy on Saturday, including the websites of the Foreign Ministry and Milan's two airports, putting them out of action temporarily, the country's cyber security agency said.
The pro-Russian hacker group Noname057(16) claimed the cyber attack on Telegram, saying Italy's "Russophobes get a well deserved cyber response".
Russian companies have begun using bitcoin and other digital currencies in international payments following legislative changes that allowed such use in order to counter Western sanctions, Finance Minister Anton Siluanov said on Wednesday.
Sanctions have complicated Russia's trade with its major partners such as China or Turkey, as local banks are extremely cautious with Russia-related transactions to avoid scrutiny from Western regulators.
Turkey's Personal Data Protection Board (KVKK) has fined Amazon.com's gaming platform Twitch 2 million lira ($58,000) over a data breach, the official Anadolu Agency reported on Saturday.
Italian police have placed four people under house arrest including Leonardo Maria Del Vecchio, son of the late billionaire founder of Luxottica, as part of a probe into alleged illegal access to state databases, a source said on Saturday.
A lawyer for Leonardo Maria Del Vecchio said he was "eagerly awaiting the completion of preliminary investigations to be able to prove he has nothing to do with the events in question and that charges laid against him have no basis.
Reuters News has restored to its website an investigation into mercenary hacking after a New Delhi court lifted a takedown order it issued last year.
The article, originally published on Nov. 16, 2023, and titled “How an Indian startup hacked the world,” detailed the origins and operations of a New Delhi-based cybersecurity firm called Appin. Reuters found that Appin grew from an educational startup to a hack-for-hire powerhouse that stole secrets from executives, politicians and wealthy elites around the globe.
An invisible detonator and wafer-thin plastic explosives turned batteries into bombs
Russia is increasingly turning to American social media stars to covertly influence voters ahead of the 2024 presidential election, according to U.S. officials and recently unveiled criminal charges.
“What we see them doing is relying on witting and unwitting Americans to seed, promote and add credibility to narratives that serve these foreign actors’ interest,” a senior intelligence official said in a briefing on Friday. “These foreign countries typically calculate that Americans are more likely to believe other Americans’ views.”
The investigation into Telegram boss Pavel Durov that has fired a warning shot to global tech titans was started by a small cybercrime unit within the Paris prosecutor's office, led by 38-year-old Johanna Brousse.
The arrest of Durov, 39, last Saturday marks a significant shift in how some global authorities may seek to deal with tech chiefs reluctant to police illegal content on their platforms.
The arrest signalled the mettle of the J3 cybercrime unit, but the true test of its ambitions will be whether Brousse can secure a conviction based on a largely untested legal argument, lawyers said.
CrowdStrike (CRWD.O), opens new tab has been sued by shareholders who said the cybersecurity company defrauded them by concealing how its inadequate software testing could cause the July 19 global outage that crashed more than 8 million computers.
In a proposed class action filed on Tuesday night in the Austin, Texas federal court, shareholders said they learned that CrowdStrike's assurances about its technology were materially false and misleading when a flawed software update disrupted airlines, banks, hospitals and emergency lines around the world.
North Korean hackers have conducted a global cyber espionage campaign in efforts to steal classified military secrets to support Pyongyang's banned nuclear weapons programme, the United States, Britain and South Korea said in a joint advisory on Thursday.
The hackers, dubbed Anadriel or APT45 by cybersecurity researchers, are believed to be part of North Korea's intelligence agency known as the Reconnaissance General Bureau, an entity sanctioned by the U.S. in 2015.
Shares of CrowdStrike plunged 13% on Monday, extending their loss-making streak, after Wall Street analysts downgraded the stock on concerns over the financial fallout from a global cyber outage last week.
