Motorbike ride-share app CEO taken to pieces in grisly New York dismemberment

Australian Federal Police (AFP) commissioner Reece Kershaw has accused un-named nations of helping organized criminals to use technology to commit and launder the proceeds of crime, and called for international collaboration to developer technologies that counter the threats that behaviour creates.

Kershaw’s remarks were made at a meeting of the Five Eyes Law Enforcement Group (FELEG), the forum in which members of the Five Eyes intelligence sharing pact – Australia, New Zealand, Canada, the UK and the USA – discuss policing and related matters. Kershaw is the current chair of FELEG.

“Criminals have weaponized technology and have become ruthlessly efficient at finding victims,” Kerhsaw told the group, before adding : “State actors and citizens from some nations are using our countries at the expense of our sovereignty and economies.”

China’s Ministry of Public Security has revealed the five most prevalent types of fraud perpetrated online or by phone.

The e-commerce scam known as “brushing” topped the list and accounted for around a third of all internet fraud activity in China. Brushing sees victims lured into making payment for goods that may not be delivered, or are only delivered after buyers are asked to perform several other online tasks that may include downloading dodgy apps and/or establishing e-commerce profiles. Victims can find themselves being asked to pay more than the original price for goods, or denied promised rebates.

Brushing has also seen e-commerce providers send victims small items they never ordered, using profiles victims did not create or control. Dodgy vendors use that tactic to then write themselves glowing product reviews that increase their visibility on marketplace platforms.

David Harville, eBay's former director of global resiliency, pleaded guilty this week to five felony counts of participating in a plan to harass and intimidate journalists who were critical of the online auction business.

Harville is the last of seven former eBay employees/contractors charged by the US Justice Department to have admitted participating in a 2019 cyberstalking campaign to silence Ina and David Steiner, who publish the web newsletter and website EcommerceBytes.

Former eBay employees/contractors Philip Cooke, Brian Gilbert, Stephanie Popp, Veronica Zea, and Stephanie Stockwell previously pleaded guilty. Cooke last July was sentenced to 18 months behind bars. Gilbert, Popp, Zea and Stockwell are currently awaiting sentencing.

The US Ninth Circuit Court of Appeals on Wednesday affirmed the 2019 conviction and sentencing of Carsten Igor Rosenow for sexually exploiting children in the Philippines – and, in the process, the court may have blown a huge hole in internet privacy law.

The court appears to have given US government agents its blessing to copy anyone's internet account data without reasonable suspicion of wrongdoing – despite the Fourth Amendment's protection against unreasonable searches and seizures. UC Berkeley School of Law professor Orin Kerr noted the decision with dismay.

"Holy crap: Although it was barely mentioned in the briefing, the CA9 just held in a single sentence, in a precedential opinion, that internet content preservation isn't a seizure," he wrote in a Twitter post. "And TOS [Terms of Service] eliminate all internet privacy."

A now-former eBay security director accused of harassing a couple who wrote a critical newsletter about the internet tat bazaar is set to plead guilty to cyberstalking.

James Baugh, of San Jose, California, was charged with conspiracy to commit cyberstalking and conspiracy to tamper with witnesses, alongside six former colleagues in a baffling case brought in 2020.

Five of them pleaded guilty; Baugh and David Harville, eBay's now-ex-director of global resiliency, denied the allegations and were due to go on trial.

A former acting branch chief of IT for the US Department of Homeland Security's (DHS) oversight office was convicted on Monday of conspiring to steal US government software in order to develop a commercial copy that could be resold to other government agencies.

Murali Venkata, 56, of Aldie, Virginia, served as acting branch chief of the Information Technology Division of the DHS Office of the Inspector General (DHS-OIG). He was indicted in March 2020 alongside former acting inspector general of DHS-OIG Charles Edwards, 59, of Sandy Spring, Maryland.

Both men faced charges that they and others conspired to steal government property and to defraud the US, that they stole government property, and that they committed wire fraud and aggravated identity theft. Venkata also faced an additional charge that he destroyed records.

A now-former finance director stole tablet computers and other equipment worth $40 million from the Yale University School of Medicine, and resold them for a profit.

Jamie Petrone, 42, on Monday pleaded guilty to one count of wire fraud and one count of filing a false tax return, crimes related to the theft of thousands of electronic devices from her former employer. As director of finance and administration in the Department of Emergency Medicine, Petrone, of Lithia Springs, Georgia, was able to purchase products for her organization without approval if the each order total was less than $10,000.

She abused her position by, for example, repeatedly ordering Apple iPads and Microsoft Surface Pro tablets only to ship them to New York and into the hands of a business listed as ThinkingMac LLC. Money made by this outfit from reselling the redirected equipment was then wired to Maziv Entertainment LLC, a now-defunct company traced back to Petrone and her husband, according to prosecutors in Connecticut [PDF].

Scammers appear to be targeting university students looking to kickstart their careers, according to research from cybersecurity biz Proofpoint.

From the department of "if it's too good to be true, it probably is" comes a study in which Proofpoint staffers responded to enticement emails to see what would happen.

This particular threat comes in the wake of COVID-19, with people open to working from home and so perhaps more susceptible. "Threat actors use the promise of easy money working from home to collect personal data, steal money, or convince victims to unwillingly participate in illegal activities, such as money laundering," the researchers said.

A former school IT technician who wiped his ex-employer's network but also the devices of children connected to it at the time has been sentenced – after telling a judge he was seeking a new career in cybersecurity.

Adam Georgeson, 29, went on the digital rampage after being dismissed by Welland Park Academy in Leicestershire, England, last January. He wiped 125 devices "including those belonging to 39 families", according to the Leicester Mercury.

The IT professional, of Robin Lane, Wellingborough, Northamptonshire, pleaded guilty to two crimes under the Computer Misuse Act 1990 last year.

A Canadian who used the Netwalker ransomware to attack 17 organisations and had C$30m (US$23.6m) in cash and Bitcoin when police raided his house has been jailed for more than six years.

Sebastien Vachons-Desjardins of Gatineau, Ottawa, was sentenced to six years and eight months in prison earlier this month after pleading guilty to five criminal charges in Ontario's Court of Justice.

"The Defendant excelled at what he did," sniffed Justice Paul Renwick in a sentencing note published on Canadian court document repository CanLII. "Between 10-15 unknown individuals hired the Defendant to teach them his methods. Some of these activities benefitted those interested in securing computer networks from these types of attacks. Some of the Defendant's students were likely other cyber threat actors."