Group items tagged

"A story on the site of the Japanese broadcaster NHK shows how this is playing out in the world of social networks. Online criticism of the behavior of the President of South Korea following the sinking of the ferry MV Sewol prompted the government to set up a team to monitor online activity. That, in its turn, has led people to seek what the NHK article calls "cyber-asylum" -- online safety through the use of foreign mobile messaging services, which aren't spied on so easily by the South Korean authorities. According to the NHK article: Many users have switched [from the hugely-popular home-grown product KakaoTalk] to a German chat app called Telegram. It had 50,000 users in early September. Now 2 million people have signed up."

"Re/code, a technology news website, was the first to float the North Korea theory last Friday. Citing unnamed sources familiar with the matter, it said: "Sony Pictures Entertainment is exploring the possibility that hackers working on behalf of North Korea, possibly operating out of China, may be behind a devastating attack that brought the studio's network to a screeching halt earlier this week … The sources stress that a link to North Korea hasn't been confirmed, but has not been ruled out, either.""

"His program became the first of a particular type of cyber attack called "distributed denial of service," in which large numbers of internet-connected devices, including computers, webcams and other smart gadgets, are told to send lots of traffic to one particular address, overloading it with so much activity that either the system shuts down or its network connections are completely blocked."

"Computer security experts suggested that the crisis could reflect weaknesses in the NHS's cybersecurity. Ross Anderson, of Cambridge University, said the attack appeared to exploit a weakness in Microsoft's software that was fixed by a "critical" software patch earlier this year but which may not have been installed across NHS computers."

"That's the crux of the problem. While you can legislate to only give state agencies access to terrorists' communications, and with proper oversight and authorisation, you cannot actually build encryption that works like that. If you put a backdoor in, it's there not just for security services to exploit, but for cyber-criminals, oppressive regimes and anyone else."

"The hacker compromised the firm's global email server through an "administrator's account" that, in theory, gave them privileged, unrestricted "access to all areas". The account required only a single password and did not have "two-step" verification, sources said."

"In a statement, the company said: "Colonial Pipeline is taking steps to understand and resolve this issue. At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already under way, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline."

"JBS, the world's biggest meat processor, has paid an $11m (£7.8m) ransom after a cyber-attack shut down operations, including abattoirs in the US, Australia and Canada. While most of its operations have been restored, the Brazilian-headquartered company said it hoped the payment would head off any further complications including data theft."

"Facebook said on Thursday it had taken down about 200 accounts run by a group of hackers in Iran as part of a cyber-spying operation that targeted mostly US military personnel and people working at defense and aerospace companies. The social media company said the group, dubbed "Tortoiseshell" by security experts, used fake online personas to connect with targets, build trust - sometimes over the course of several months - and drive them to other sites, where they were tricked into clicking malicious links that would infect their devices with spying malware."

"Spyware sold by an Israeli private intelligence firm was allegedly used to hack the phones of dozens of Al Jazeera journalists in an unprecedented cyber-attack that is likely to have been ordered by Saudi Arabia and the United Arab Emirates, according to leading researchers."

""Critical, user-facing vulnerabilities" were found in the Chinese supplier's fixed-broadband products caused by poor code quality and an old operating system, the Huawei Cyber Security Evaluation Centre Oversight Board said in a report. "U.K. operators needed to take extraordinary action to mitigate the risk.""

"Nearly 10 million Australians have had their private health data hacked - with sensitive medical records detailing treatments for alcoholism, drug addictions, and pregnancy terminations already posted online - in a cyber-attack believed to have been coordinated from Russia."

"After "social engineering" efforts using personal details to target staff were uncovered, badges no longer carry last names, clean-desk policies are far more strictly enforced and the processing and communication of sensitive information is now subject to higher bars of regular mandatory training."

"While the name behind the attack might be relatively new, the criminal technique is not. Ransomware gangs render an organisation's computers inaccessible by infecting them with malicious software - malware - and then demanding a payment, typically in cryptocurrency, to unlock the files. In recent years, however, in a process dubbed "double extortion", the majority of gangs steal data at the same time and threaten to release it online, which they hope will strengthen their negotiating hand."

"Cybersecurity researchers say the My2022 mobile app - the official app of the Beijing Winter Olympics - has serious security vulnerabilities and that "all Olympian audio is being collected, analyzed and saved on Chinese servers." Why This Matters: The Chinese government is mandating all Olympic athletes, coaches, and attendees use the My2022 app and, as of Thursday morning, the app is still available in the Apple and Android U.S. app stores where Americans can download it too."

""It's not so much the technical disruption, it's what it does to undermine confidence, like in the financial sector. It gets people quite nervous. It's more that kind of secondary impact," said Jamie Collier, a Mandiant consultant, who described a DDoS as akin to stuffing a thousand envelopes through a letterbox every second."

"Cyber conflicts are fought in the shadows, but in the case of Russia's invasion of Ukraine, it is a group that calls itself Anonymous that has made the most public declaration of war. Late on Thursday the hacker collective tweeted from an account linked to Anonymous, @YourAnonOne, that it had Vladimir Putin's regime in its sights."

"The personal details of millions of voters are believed to have been accessed in an attack by China on Britain's democratic process, ministers will say. MPs and peers are thought to be among 43 people who the government looks set to confirm have been targeted by cyber-attacks backed by the Chinese state. The UK could impose sanctions on individuals believed to be involved in these acts of state-backed interference, one of which was a separate attack on the Electoral Commission in which Beijing accessed the personal details of about 40 million voters."

"Kafaar was inspired to turn the tables on telephone fraudsters after he played a "dad's joke" on a scam caller in front of his two kids while they enjoyed a picnic in the sun. With inane chatter, he kept the scammer on the line. "The kids had a very good laugh," he says. "And I was thinking the purpose was to deceive the scammer, to waste their time so they don't talk to others. "Scamming the scammers, if you like." The next day he called his team from the university's Cyber Security Hub in. There must be a better way than his "dad joke" method, he thought. And there had to be something smarter than a popular existing piece of technology - the Lennybot. Before Malcolm and Ibrahim, there was Lenny. Lenny is a doddery, old Australian man, keen for a rambling chat. He's achatbot, designed to troll telemarketers. With a thready voice, tinged with a slight whistle, Lenny repeats various phrases on loop. Each phrase kicks in after 1.5 seconds of silence, to mimic the rhythm of a conversation."