Save-Point
News of the Cyber World - Printable Version

+- Save-Point (https://www.save-point.org)
+-- Forum: Official Area (https://www.save-point.org/forum-3.html)
+--- Forum: Tech Talk (https://www.save-point.org/forum-87.html)
+--- Thread: News of the Cyber World (/thread-7678.html)

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36


RE: News of the Cyber World - kyonides - 09-09-2020

Hartford Public Schools delay reopening amid ransomware attack
https://www.cyberscoop.com/hartford-ransomware-attack-mayor-bronin-fbi/
Well, hackers aren't education friendly at all. They've attacked several schools and universities like those located Hartford, Connecticut.

CyberScoop Wrote:Officials in Hartford, Conn., are dealing with another, unexpected challenge now that a ransomware attack has forced the city’s public schools to postpone classes.
The file-locking malware “caused an outage of critical systems and the restoration of those systems [is] not complete,” Hartford Public School officials said in a statement. “This includes the system that communicates our transportation routes to our bus company and it is preventing our ability to operate schools on Tuesday.”
An incident in April shut down computer servers at a community college in Illinois. In June, the University of California, San Francisco paid hackers more than $1 million to retrieve the university’s stolen data, Bloomberg News reported.
With more than 18,000 students, from pre-kindergarten through the 12th grade, Hartford is one of the largest public school systems in Connecticut.

How the government is keeping hackers from disrupting coronavirus vaccine research
https://www.cyberscoop.com/operation-warp-speed-coronavirus-vaccine-cybersecurity-dds-nsa-dhs-cisa-fbi-hhs/
CyberScoop Wrote:Known as the Security and Assurance portion of Operation Warp Speed, the mission is no small effort. Consisting of people from DDS, NSA, FBI, the Department of Homeland Security and the Department of Health and Human Services, it has been running behind the scenes for months.

The effort’s main goal is to provide cybersecurity advice, guidance, and services to pharmaceutical giants developing a vaccine or working on manufacturing and distribution, as well as government agencies participating in OWS, multiple U.S. government officials involved in the operation told CyberScoop.

The mission has been tested already, as hackers attached to foreign governments have targeted the U.S. vaccine effort. In recent months, the NSA has detected Russian intelligence hackers targeting coronavirus vaccine research in the U.S. Chinese government hackers have also been targeting American entities working on a vaccine with the intent of conducting intellectual property theft. In July, the Department of Justice also charged two men for working with Chinese intelligence agencies on efforts to compromise COVID-19 vaccine research.

The program’s primary concern, for now, is hackers motivated to manipulate, delete, or steal vaccine trial data, Brett Goldstein, the Director of DDS

the operation also includes scanning participating companies’ internet-connected devices, sharing notifications and technical indicators on potential nation-state threats, as well as providing assistance following security incidents.

They tell us that Moderna, one of the companies producing a vaccine candidate that reached phase 3 trials already, has been targeted by Chinese hackers! Shocked


RE: News of the Cyber World - kyonides - 09-17-2020

Sony’s new $500 PlayStation 5
will launch November 12th
https://apnews.com/8606be227f0596605992fc426a745cd5

AP News Wrote:Sony’s upcoming PlayStation 5 video game console will cost $500 and launch Nov. 12, the company said Wednesday, setting up a holiday battle with Microsoft’s Xbox Series X over whose new console will turn up under more trees this year.
The new consoles promise faster load times, souped up graphics and new games. Sony’s console is also more expensive this time around; the PS4 launched for $400 in 2013.
Sony’s PS5 will come in two different models — a standard version with an Ultra HD Blu-ray disc drive for $500, and a digital-oriented version with no disk drive that costs $400. While you can still buy games on optical disks, it’s increasingly common for gamers to download them in digital form instead.
In a presentation Wednesday, Sony previewed games including “Spider-Man: Miles Morales,” which will be available at launch, and a Harry Potter game, “Hogwarts Legacy,” which will be out in 2021. It gave a sneak peak of “Final Fantasy XVI,” which will be exclusive to PlayStation, but did not specify when that game will launch.

Happy with a sweat Well, it's good for countries in Latin America or Africa to be able to buy a console with some UHD Blu-ray disc player because they can rarely connect to the Sony cloud services.

Microsoft's Xbox Series X
will debut November 10th

AP News Wrote:Last week, Microsoft said its Xbox Series X will cost $500 and debut Nov. 10, just ahead of the holidays. A stripped down version, Xbox Series S, will cost $300 and be available at the same time. Pre-orders begin Sept. 22. New video games at launch include “Assassin’s Creed Valhalla,” “Gears Tactics,” “Dirt 5,” and “Watch Dogs Legion.”


Happy with a sweat So pick your favorite console... now!? Confused


RE: News of the Cyber World - kyonides - 09-21-2020

PlayStation apologizes for PS5 preorder fiasco,
says process 'could have been a lot smoother'
https://www.foxbusiness.com/technology/playstation-apologizes-for-ps5-preorder-fiasco-says-process-could-have-been-a-lot-smoother
Company will release more consoles for preorder over next few days and make more available through year's end

Sony claims retailers launched preorders prematurely. Actually their websites crashed after a while. Confused The PS5 will launch on Nov. 12 in the U.S., Japan, Canada, Mexico, Australia, New Zealand, and South Korea before being unveiled to the rest of the world on Nov. 19. The console sports a custom processor that supports 4K graphics and ray-tracing support and an SSD hard drive that provides "lightning-fast" loading speeds. Drooling

Fox Business Wrote:In addition to details about the PS5, Sony released pricing for the console's accessories, including the DualSense Wireless Controller for $69.99, PULSE 3D wireless headset for $99.99, an HD Camera with dual 1080p lenses for broadcasting for $59.99, a media remote for movies and streaming services for $29.99 and a DualSense charging station for $29.99.

Of course, MS didn't waste time mocking Sony by claiming they'd share precise information on preorders to prevent such a mess from ever happening to Xbox new generation consoles. Laughing

Iran hackers and the Aerospace and Satellite companies
https://www.cyberscoop.com/iran-indictment-justice-department-aerospace/
CyberScoop Wrote:U.S. prosecutors accused the three men of “engaging in a coordinated campaign of identity theft and hacking” on behalf of Iran’s Islamic Revolutionary Guard Corps. The scheme allegedly spanned more than three years, through February 2019, and a target list of over 1,8000 online accounts comprising aerospace and satellite companies and government organizations, from the U.S. to the United Kingdom to Israel.

Here's the procedure they followed to get access to such data.

CyberScoop Wrote:Said Pourkarim Arabi, 34, Mohammad Reza Espargham, 25, and Mohammad Bayati, 34, allegedly impersonated Americans working in the aerospace and satellite industries by registering email addresses in their names and then sending other people in those industries spearphishing emails. With access to a target computer, the men allegedly used other hacking tools to gain greater privileges on the computer and hunt for data sought by the IRGC and then exfiltrate it.

By the way, Rumor US Treasury announced sanctions against Iranians working for Iranian Ministry of Intelligence, as part of a group known as APT39 by US authorities, who were targeting dissidents and journalists. They infiltrated telecommunications and travel industries to collect data and personal information on their victims. But that wasn't all that happened this week.

CyberScoop Wrote:The Department of Justice on Wednesday announced charges against two other Iranian citizens for allegedly conducting cyber-espionage operations at the behest of the Iranian government. The two men allegedly targeted American universities and a U.S defense contractor, among other organizations, and stole hundreds of terabytes of data. On Tuesday, U.S. officials accused an Iranian teenager of retaliating for the U.S. killing of a top Iranian general by defacing dozens of websites (he was not accused of acting on behalf of the Iranian government.)

NS8 Cyber Fraud Prevention company was a Cyber Fraud! Shocked
https://www.cyberscoop.com/ns8-cyber-fraud-prevention-startup-adam-rogas-sec-fbi/
While promoting itself as a cyber fraud prevention startup, this company's co founder was an actual fraudster or so said SEC and FBI. He falsified bank statements by letting investors think they've got enough customers paying their bills when the truth was that they were fake. Laughing He kept $17,5 millions in his pockets. Confused NS8 sold fraud prevention and detection software to businesses, claiming it combined behavioral analytics and scoring to warn customers of possible risk. Suddenly its co founder stepped down and the company started laying off workers. Sad


RE: News of the Cyber World - kyonides - 09-26-2020

Singapore and Facial Recognition
https://www.bbc.com/news/business-54266602
BBC Wrote:Singapore will be the first country in the world to use facial verification in its national identity scheme.
The biometric check will give Singaporeans secure access to both private and government services.
The government's technology agency says it will be "fundamental" to the country's digital economy.
It has been trialled with a bank and is now being rolled out nationwide. It not only identifies a person but ensures they are genuinely present.

Singapore's cloud-based service provider is iProov, an United Kingdom company. Shocked  Nonetheless, there's controversy on the actual consequences of using this technology. Confused

BBC Wrote:"Consent does not work when there is an imbalance of power between controllers and data subjects, such as the one observed in citizen-state relationships," said Ioannis Kouvakas, legal officer with London-based Privacy International.
Additionally, Mr Kwok said, it is better for privacy because companies won't need to collect any biometric data.
In fact, they would only see a score indicating how close the scan is to the image the government has on file.

Really? What will they do if the system ever throws a false positive? Confused
The report also mentions a curious fact about China. Thinking

BBC Wrote:China hasn't attempted to link facial verification to its national ID, but last year enacted rules forcing customers to have their faces scanned when they buy a new mobile phone, so that they could be checked against the ID provided.
So a Chinese citizen might be quickly recognized by the CCP with ease. Happy with a sweat  Keep in mind China's two laws that facilitate the government to retrieve data from companies at their request without a judge issuing any warrant for him or her to study such data privately as part of any given trial. Sad


RE: News of the Cyber World - kyonides - 09-28-2020

Americans can still use TikTok for the time being
https://apnews.com/article/archive-donald-trump-ad614fb615efe904057a1911985bb108
AP News Wrote:A federal judge on Sunday postponed a Trump administration order that would have banned the popular video sharing app TikTok from U.S. smartphone app stores around midnight.
A more comprehensive ban remains scheduled for November, about a week after the presidential election. The judge, Carl Nichols of the U.S District Court for the District of Columbia, did not agree to postpone the later ban.

While ByteDance argues Trump is infringing the First Amendment rights, the DOJ stated it's not controlled by a purely private company but it's partially owned by the Chinese government. The very same ByteDance like many other Chinese companies is compelled to share information with the CCP at any time. The Chinese foreign ministry asserted they'll take the necessary measures to safeguard its companies.

So far there's no actual deal but a proposal to purchase TikTok and found TikTok Global. We don't know if Oracle and Walmart will really control the new company. Plus there's no guarantee the Chinese government will approve any deal. Confused


RE: News of the Cyber World - kyonides - 09-29-2020

Universal Health Services at risk! Shocked
https://www.cyberscoop.com/uhs-cybersecurity-health-care-incident/

CyberScoop Wrote:Computer networks at Universal Health Services, which describes itself as one of the largest health care providers in the U.S., were down Monday due to what the company described as “an IT security issue.”


Several media suggested UHS’s IT network had been hit by ransomware and that some nurses had reverted to pen and paper. UHS controls 400 hospitals in the US. Confused They've denied their patients' data had been compromised... as far as they know. Happy with a sweat 

German patient dies because of ransomware!? Huh?
Article in English
https://www.cyberscoop.com/germany-ransomware-homicide-duesseldorf-hospital/
in German
https://www.sueddeutsche.de/gesundheit/krankenhaeuser-duesseldorf-hacker-angriff-ermittlungen-wegen-fahrlaessiger-toetung-dpa.urn-newsml-dpa-com-20090101-200917-99-598587
CyberScoop Wrote:The investigation centers around a ransomware infection that hobbled the IT systems of the University of Duesseldorf’s main hospital earlier this month. The disruption forced a critically ill patient to be redirected to a hospital 20 miles away. The patient later died, according to German media reports.

The poor patient desperately needed a doctor Surgeon but the ransomware attack forced them to tell the ambulance to go anywhere else. Sad
You know 20 miles or 32 kilometers can make a huge difference under such circumstances. Worried

CyberScoop Wrote:German security officials suggested that the attackers exploited a flaw in popular virtual private networking software made by Citrix. Various hackers have exploited that vulnerability before and after a patch for it was released in January.

You'd usually expect people to apply patches as soon as possible but what can you do when it doesn't mean anything to any affected institution? Confused

Thinking Curiously hackers forgot about their demands and provided the decryption key to finally let the University regain access to their data. Nope, that didn't help the patient that passed away later on at all. Sad

Cyber Truce Offer From Russia With Love!? Huh?
https://www.cyberscoop.com/cyber-truce-putin-russia-us/
CyberScoop Wrote:Russian President aka tyrant Vladimir Putin in a statement Friday that called for the U.S. and Russia to create “a comprehensive program of practical measures to reboot our relations in the field of security in the use of information and communication technologies (ICTs).” But the term fits. The former KGB agent’s proposal was otherwise broad and vague. He mentioned nothing about Russia’s well-documented misdeeds in cyberspace, and he made no accusations about what the U.S. might be doing in response.
The White House dismissed Putin’s proposal in a statement to the New York Times, and Russia-watchers expressed the usual caution.
Yeah, emphasis is mine for sure. Tongue sticking out
Anyway, Really? who would ever trust Russians? They've tried to leave the treaty of non proliferation of nuclear weapons in the past. Confused Plus Putin doesn't look like he's ever leaving the government for good. Sarcasm That would be a real deal or miracle indeed. Besides he supports the Belarusian president Lukashenko. Serious


RE: News of the Cyber World - kyonides - 09-29-2020

Microsoft Office 365 + Outlook + Teams Outage
https://www.theguardian.com/technology/2020/sep/29/major-microsoft-outage-brings-down-office-365-outlook-and-teams
Were you unable to send an email or connect to Teams? Confused 
Well, you're not alone! Shocked 

The Guardian Wrote:Microsoft says a recent update has affected the processing of authentication requests, making cloud-based services inaccessible. The outage had affected services worldwide.
At 3am UTC, Microsoft reported the services were mostly restored, but small subset of customers in North America and Asia Pacific were still unable to access services.

How did they expect to fix these issues? Confused Well, they stated that the update would be rolled back to mitigate them. Happy with a sweat
I hope any of you that were affected by this inability to use those products as usual won't be experiencing any timeouts and the like by the time you're reading this post. Grinning

Do you recall my concern about relying on facial recognition to solve all of the issues society faces on a daily basis? Happy with a sweat
Well, you no longer need to imagine it. You can read about its consequences! Shocked

Detroit: Wrongfully Accused by an Algorithm

New York Times Wrote:In what may be the first known case of its kind, a faulty facial recognition match led to a Michigan man’s arrest for a crime he did not commit.
This January, Robert Julian-Borchak Williams was in his office at an automotive supply company when he got a call from the Detroit Police Department telling him to come to the station to be arrested. He thought at first that it was a prank.
An hour later, when he pulled into his driveway in a quiet subdivision in Farmington Hills, Mich., a police car pulled up behind, blocking him in. Two officers got out and handcuffed Mr. Williams on his front lawn, in front of his wife and two young daughters, who were distraught. The police wouldn’t say why he was being arrested, only showing him a piece of paper with his photo and the words “felony warrant” and “larceny.”

The prosecutor's office commented the victim, Robert Julian-Borchak Williams, could have the case and his fingerprint data expunged. They also apologized for the problems it has caused him so far, like living in a cell for hours.


RE: News of the Cyber World - kyonides - 10-02-2020

ESET catches spyware posing as Telegram, Android messaging apps
https://www.cyberscoop.com/telegram-spyware-android-messaging-apps/
CyberScoop Wrote:A hacking group that typically spies on targets in the Middle East has updated its malware and is distributing it through bogus versions of popular messaging apps such as Telegram.
The malware has been circulating since May 2019.

The group is known as APT-C-23 or the Two-tailed Scorpion. Why do I emphasize on its name here? Happy with a sweat Err, you see, back in 2017 and 2018 this very same group was linked to nobody else but HAMAS. Shocked Yes, it's related to that Middle Eastern terrorist group.

CyberScoop Wrote:Victims are infected by visiting a fake app store, “DigitalApps,” containing both clean and malicious software.The malware was hidden in apps posing as Telegram, another messaging platform, Threema, and a utility labeled as AndroidUpdate. Users who downloaded the two messaging apps had the apps’ full functionality, but also were infected with malware.
The malware has extended spying functionality, including reading notifications from messaging apps, call recording and screen recording, and new stealth features, such as dismissing notifications from built-in Android security apps.

Yeap, this guy is a real thief Thief for sure. Sad


RE: News of the Cyber World - kyonides - 10-05-2020

Nintendo Switch + Lockdown + Hackers
https://www.cyberscoop.com/nintendo-switch-jailbreak-hacker-arrest/
A Canadian guy, a French criminal and a Chinese man still on the run were indicted for jailbreaking the Nintendo Switch, and even allow their customers to connect to Nintendo online services as if they were using legitimate games. One of their favorite methods was using reverse proxies, making it more difficult to locate them actual location. Obviously they didn't admit they were doing anything wrong. They claimed they were allowing legitimate users play homebrew games.
Sarcasm Right...
Their targets were Nintendo 3DS, the Nintendo Entertainment System Classic Edition, the Sony PlayStation Classic, and the Microsoft Xbox.


RE: News of the Cyber World - kyonides - 10-08-2020

Chowbus was hacked! Shocked 
https://www.cyberscoop.com/chowbus-breach-personal-data-customers-linxin-wen/
If you depend on phone apps like Chowbus to buy food, think it twice after reading this article. Confused

CyberScoop Wrote:Two months after securing a $33 million funding round from investors, food delivery startup Chowbus is grappling with a breach that observers say exposed personal data on hundreds of thousands of customers.
Customers reported receiving an email on Monday from Chowbus containing reams of customer data, including names, phone numbers and mailing and email addresses. The file is said to contain more than 800,000 rows.
In an email to customers, Chowbus CEO Linxin Wen said the data had been “illegally accessed” and dumped online, but he did not say how. Credit card numbers were not compromised, Wen said.

They claim your credit card is safe but can you be totally sure about that? Sarcasm

CyberScoop Wrote:Have I Been Pwned, a data breach reporting service, said the data included 444,000 unique email addresses. Fifty-eight percent of the total dataset was already reported compromised by Have I Been Pwned.
So you could be sending dangerous spam to many users around the world unwillingly... Sad