Group items matching

in title, tags, annotations or url

"A big leak of data from a Chinese cybersecurity firm has revealed state security agents paying tens of thousands of pounds to harvest data on targets, including foreign governments, while hackers hoover up huge amounts of information on any person or institution who might be of interest to their prospective clients. The cache of more than 500 leaked files from the Chinese firm I-Soon was posted on the developer website Github and is thought by cybersecurity experts to be genuine. Some of the targets discussed include Nato and the UK Foreign Office."

"The organisation is a pioneer of the "ransomware as a service" model, whereby it outsources the target selection and attacks to a network of semi-independent "affiliates", providing them with the tools and infrastructure and taking a commission on the ransoms in return. As well as ransomware, which typically works by encrypting data on infected machines and demanding a payment for providing the decryption key, LockBit copied stolen data and threatened to publish it if the fee was not paid, promising to delete the copies on receipt of a ransom."

"After "social engineering" efforts using personal details to target staff were uncovered, badges no longer carry last names, clean-desk policies are far more strictly enforced and the processing and communication of sensitive information is now subject to higher bars of regular mandatory training."

"How do you maximize food production and prevent waste in your supply chain at a time when climate change and a growing global population are placing an increasing strain on resources?  According to Israeli startup Blue Circle, you do it in the same way you protect your technology from hackers: with artificial intelligence, machine learning and huge amounts of data. "

"ussian, North Korean, or Iranian state backed-hackers, for example, might now be able to execute much more convincing social engineering and election interference schemes in the US using this tool. ChatGPT can also generate multiple versions of these campaigns and many fake online profiles to promote them, to allow the success of such attacks through sheer volume or variation in content."

""In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains many TB of data and information on billions of Chinese citizen," the post said. "Databases contain information on 1 billion Chinese national residents and several billion case records, including: name, address, birthplace, national ID number, mobile number, all crime/case details.""

"Cyber conflicts are fought in the shadows, but in the case of Russia's invasion of Ukraine, it is a group that calls itself Anonymous that has made the most public declaration of war. Late on Thursday the hacker collective tweeted from an account linked to Anonymous, @YourAnonOne, that it had Vladimir Putin's regime in its sights."

"The January snow lay thick on the Moscow ground, as masked officers of the FSB - Russia's fearsome security agency - prepared to smash down the doors at one of 25 addresses they would raid that day. Their target was REvil, a shadowy conclave of hackers that claimed to have stolen more than $100m (£74m) a year through "ransomware" attacks, before suddenly disappearing. As group members were led away in cuffs, FSB officers gathered crypto-wallets containing untold volumes of digital currency such as bitcoin. Others used money-counting machines to tot up dozens of stacks of hundred dollar bills."

"Ukraine has been hit by a "massive" cyber-attack, with the websites of several government departments including the ministry of foreign affairs and the education ministry knocked out. Officials said it was too early to draw any conclusions but they pointed to a "long record" of Russian cyber assaults against Ukraine, with the attack coming after security talks between Moscow and the US and its allies this week ended in stalemate."

"Virtually every company and organisation now has - indeed has to have - an online presence. But many still take only rudimentary cybersecurity precautions and are sitting ducks for hackers. For most of companies, that's a matter for them and their boards of directors - it's their lookout if a ransomware attack makes them insolvent."

"Two prominent hospitals were the victims of data breaching hackers in the last few days with each hospital having over 40,000 patients' personal information at risk. On Monday, Phetchabun Hospital had the personal data of 46,000 of their patients compromised while Bhumirajanagarindra Kidney Institute Hospital had the data from 40,000 patients stolen in parallel attacks."

"The hacker who is taking responsibility for breaking into T-Mobile US Inc.'s systems said the wireless company's lax security eased his path into a cache of records with personal details on more than 50 million people and counting."

"The Purdue researchers have created Electro-Quasistatic Human Body Communication (EQS-HBC) which uses low-frequency, carrier-less broadband transmission, and so keeps the signal almost entirely within the human body. That means data from pacemakers and other implantable medical devices would only be readable a handful of centimetres outside the wearer."

"Increasing numbers of implantable medical devices are now gaining internet connectivity, giving doctors the ability to monitor patients health remotely, and even update the devices to tweak a treatment plan. Unfortunately, that flexibility offers a way for hackers to hijack that hardware, and even potentially make changes to the way the devices work. While so far no attacks have been successful, proof-of-concept attacks have been available for years"

"Facebook said on Thursday it had taken down about 200 accounts run by a group of hackers in Iran as part of a cyber-spying operation that targeted mostly US military personnel and people working at defense and aerospace companies. The social media company said the group, dubbed "Tortoiseshell" by security experts, used fake online personas to connect with targets, build trust - sometimes over the course of several months - and drive them to other sites, where they were tricked into clicking malicious links that would infect their devices with spying malware."

"In 2015, a research group fed an AI system called Deep Patient health and medical data from some 700,000 people, and tested whether it could predict diseases. It could, but Deep Patient provides no explanation for the basis of a diagnosis, and the researchers have no idea how it comes to its conclusions. A doctor either can either trust or ignore the computer, but that trust will remain blind."

"Facebook has blocked a group of hackers in China who used the platform to target Uighurs living abroad with links to malware that would infect their devices and enable surveillance."

"Inoculating people from misinformation and tackling the "infodemic" are key to fighting the coronavirus. Tang, Taiwan's first transgender government minister and a self-described "civic hacker", has done this by fostering digital democracy: using technology to encourage civic participation and build consensus. Tang has also quashed faked news by implementing a 2-2-2 "humour over rumour" strategy. A response to misinformation is provided within 20 minutes, in 200 words or fewer, alongside two fun images. Early in the pandemic, for example, people were panic-buying toilet paper because of a rumour that it was being used to manufacture face masks; supplies were running out. So, the Taiwanese premier, Su Tseng-chang, released a cartoon of him wiggling his bum, with a caption saying: "We only have one pair of buttocks." It sounds silly, but it went viral. Humour can be far more effective than serious fact-checking."

"WILL HACKERS LAUNCH NUCLEAR WEAPONS?"

"According to the report, Twitter's security "problems" were only exacerbated by the push to remote work necessitated by the coronavirus pandemic. Like many other newly remote workers, Twitter's employees experienced tech problems working from home. Hackers were able to capitalize on this, tricking at least one Twitter employee into believing the hacker was a member of Twitter's IT team."

"Google said in a new blog post that hackers linked to the Chinese government have been impersonating antivirus software McAfee to try to infect victims' machines with malware. And, Google says, the hackers appear to be the same group that unsuccessfully targeted the presidential campaign of former Vice President Joe Biden with a phishing attack earlier this year. A similar group of hackers based in Iran had tried to target President Trump's campaign, but also was unsuccessful."