Group items matching

in title, tags, annotations or url

"Re/code, a technology news website, was the first to float the North Korea theory last Friday. Citing unnamed sources familiar with the matter, it said: "Sony Pictures Entertainment is exploring the possibility that hackers working on behalf of North Korea, possibly operating out of China, may be behind a devastating attack that brought the studio's network to a screeching halt earlier this week … The sources stress that a link to North Korea hasn't been confirmed, but has not been ruled out, either.""

"Gmail users are under attack in a gigantic phishing operation that's spreading like wildfire across the internet right now. People took to Twitter to report receiving an email that looks like an invitation to join a Google Doc from someone they know. But when you click on the link to open the file, you are directed to grant access to an app that looks like Google Docs but is actually a program that sends spam emails to everyone you've emailed, according to a detailed outline of the attack on Reddit. "

"Computer security experts suggested that the crisis could reflect weaknesses in the NHS's cybersecurity. Ross Anderson, of Cambridge University, said the attack appeared to exploit a weakness in Microsoft's software that was fixed by a "critical" software patch earlier this year but which may not have been installed across NHS computers."

"Worse: turbines are networked, so once one turbine is compromised, the rest of the turbines in the field can be poisoned, with attacks that include "paralyzing turbines, suddenly triggering their brakes to potentially damage them, and even relaying false feedback to their operators to prevent the sabotage from being detected.""

"Netlab researchers, who are usually among the firsts to discover emerging botnets, said the botnet contains several clues to suggest this is the work of the same group which developed the Moobot botnet in 2019 and the LeetHozer botnet in 2020. Both botnets were essentially built and used for launching DDoS attacks, which also appears to be Matryosh's primary function, as well. The Netlab team says they found functions in the code specific to features that will use infected devices to launch DDoS attacks via protocols like TCP, UDP, and ICMP."

"I heard from one political dissident about a suspicious motorcycle parked in front of his London house. When the police checked it out, they found a wifi router connected to the bike's battery with the same name as his home's wifi. There's a name for this attack: "evil twin"."

"This is the dark, flamboyant humour beloved of the "stan" culture of pop superfans, and in this case, quite funny. But another attack on Jillian Mapes, Pitchfork's reviewer, was very serious: "Contact info both old and current was leaked, down to a photo of my home," she wrote on Twitter. "I've gotten too many emails saying some version of, 'you are an ugly fat bitch who is clearly jealous of Taylor, plz die' … It sucks to be scared of every person milling about outside or feel like you can't answer the phone." Her overwhelmingly positive review nevertheless tarnished the numerical perfection conferred by Metacritic, hence the attack."

"WhatsApp announced last year that 1,400 of its users were attacked with the malware, which is made by Israel's NSO Group, over a two-week period last April."

"The Purdue researchers have created Electro-Quasistatic Human Body Communication (EQS-HBC) which uses low-frequency, carrier-less broadband transmission, and so keeps the signal almost entirely within the human body. That means data from pacemakers and other implantable medical devices would only be readable a handful of centimetres outside the wearer."

"Increasing numbers of implantable medical devices are now gaining internet connectivity, giving doctors the ability to monitor patients health remotely, and even update the devices to tweak a treatment plan. Unfortunately, that flexibility offers a way for hackers to hijack that hardware, and even potentially make changes to the way the devices work. While so far no attacks have been successful, proof-of-concept attacks have been available for years"

"The BBC has warned that a video carrying its branding in which it is claimed that a missile attack on a railway station that killed dozens of people was carried out by Ukraine is fake."

"The folks at Signal are taking one of the four post-quantum cryptography algorithms that have been chosen by the US National Institute of Standards and Technology to withstand attacks by quantum computers, but instead of using it to replace their existing public-key encryption system, they are layering the new algorithm on top of what they already have. "We are augmenting our existing cryptosystems," they say, "such that an attacker must break both systems in order to compute the keys protecting people's communications." And they will be rolling out this augmented system to all users in the next few months."

"The coverage of the Israel-Hamas conflict on social media platforms has come under scrutiny from the UK government and Brussels, as tech firms including X and Meta were urged to deal with a surge in violent and misleading content on their sites. In the UK, the technology secretary summoned social media executives on Wednesday to demand the removal from their platforms of violent content related to the Hamas attacks on Israel."

"While the name behind the attack might be relatively new, the criminal technique is not. Ransomware gangs render an organisation's computers inaccessible by infecting them with malicious software - malware - and then demanding a payment, typically in cryptocurrency, to unlock the files. In recent years, however, in a process dubbed "double extortion", the majority of gangs steal data at the same time and threaten to release it online, which they hope will strengthen their negotiating hand."

Who said you could not bring the internet down?

""Anonymous Korea" claimed to take down several North Korean state websites Saturday, just hours after North Korea said it has entered into a "state of war" with South Korea. North Korea's main official state website was back up and running, as of 5 p.m. Eastern Time on Saturday. But Mashable was still unable to access three of the five listed websites that Anonymous Korea claimed to have attacked. "

"Bruce Schneier makes the point that if the Russian state is behind the DNC hacks, there's no reason to expect that its attacks on the US political system will end there. Voting machines are so notoriously terrible that they'd be a very tempting target for Russia or other states that want to influence the outcome in 2016 (or merely destabilize the US by calling into question the outcome in an election). "

"The new documents reveal that a GCHQ unit dubbed the Joint Threat Research Intelligence Group, or JTRIG, launched an operation called Rolling Thunder against the hacker collective in 2011. That operation included using DDoS attacks as well as malware to slow down the hackers and later identify them, as first reported by as reported by NBC News on Wednesday."