China had “persistent” access to U.S. critical infrastructure

source: https://www.axios.com, contributed by FAN, Steve Page  |  image: pexels.com

 

China-backed hackers have had access to some major U.S. critical infrastructure for “at least five years,” according to an intelligence advisory released Wednesday.

Why it matters: The hacking campaign laid out in the report marks a sharp escalation in China’s willingness to seize U.S. infrastructure — going beyond the typical effort to steal state secrets.

  • The advisory provides the fullest picture to-date of how a key China hacking group has gained and maintained access to some U.S. critical infrastructure.

Details: The U.S. Cybersecurity and Infrastructure Security Agency, the National Security Agency and the Federal Bureau of Investigation released an advisory Wednesday to warn critical infrastructure operators about China’s ongoing hacking interests.

Continue reading “China had “persistent” access to U.S. critical infrastructure”

The Hacking Threat Rises

source:  CNN.com  | image: pexels.com

 

At The New Yorker last month, Sam Knight detailed the devastating consequences of a ransomware attack on the British Library in London: “The outage became an incident. The National Cyber Security Centre, a branch of G.C.H.Q., the British equivalent of the National Security Agency, got involved. On November 20th, a hacking group called Rhysida—after a genus of centipedes—offered 490,191 files stolen from the British Library for sale on the dark Web. United States cybersecurity officials describe Rhysida as a ‘ransomware-as-a-service’ provider—a gun for hire—part of an increasingly professional array of cyber-extortion organizations.” Knight also noted the widely international array of apparent victims of this group: “Since Rhysida surfaced, in May, its victims have included the Chilean Army, a medical-research lab in Australia, and Prospect Medical Holdings, a health-care company with hospitals in Pennsylvania, Rhode Island, Connecticut, and California. There are reports that its code contains fragments of Russian, and it appears not to have struck inside Russia or its close allies.”
Continue reading “The Hacking Threat Rises”

The surprising threat lurking even in your ‘secure’ work environment

source: fastcompany.com  |  image: pexels.com

 

When Netflix released The Most Hated Man on the Internet, we got an up-close glimpse of the harm that nefarious people can do by exposing the personal information of others online. The series illustrated how Hunter Moore used stolen or hacked images to populate a pornographic website, targeting women who did not consent for their images to be used—and introducing many people to the concept of “doxing.” 

Derived from 1990s hacker culture, doxing is a play on the word document or dossier, referring to compiling data on a person or company. It gained greater visibility in 2014 when a group released the private information of women who they perceived as receiving favoritism in the gaming journalism industry. The incident, titled GamerGate, exposed the dangers of being targeted by bad actors and the potential for negative psychological outcomes. Continue reading “The surprising threat lurking even in your ‘secure’ work environment”

This Cryptomining Tool Is Stealing Secrets

 

source: wired.com  |  image: pexels.com

 

As the Israel-Hamas war raged on this week and Israel expanded its ground invasion of the Gaza Strip, the territory’s compromised internet infrastructure and access to connectivity went fully dark on Friday, leaving Palestinians without access to ground or mobile data connections. Meanwhile, researchers are bracing for the fallout if Hamas makes good on its threats to distribute hostage execution videos online. And TikTokkers are using a niche livestreaming feature and exploiting the Israeli-Hamas conflict to collect virtual gifts from viewers, a portion of which goes to the social media company as a fee.

As the worst mass shooting in Maine’s history unfolded this week and the gunman remained at large, disinformation about the situation and the suspect flooded social media, adding to the already chaotic and horrific situation. Elon Musk, the owner of X (formerly Twitter) posted remarks earlier this month mocking Ukrainian president Vlodymr Zelensky that were met with a flood of support and enthusiasm from Russian trolls and accounts distributing pro-Russia propaganda.

Continue reading “This Cryptomining Tool Is Stealing Secrets”

Casino Breaches Expose Why Identity Management Is at a Crossroads

 

source: technewsworld.com  |  image: pexels.com

 

As cyberthreats become more prevalent, the tangible losses from identity access management-related breaches underline the critical need to reform this cornerstone of digital security.

By now, many have heard about the massive cyberattacks that affected casino giants MGM Resorts and Caesars, leaving everything from room keys to slot machines on the fritz. Like many recent breaches, it’s a warning to improve security around digital identities — because that’s where it all started.

The origin story of this breach is similar to many we have seen lately: social engineering and impersonation attacks.

Hackers called MGM’s IT department and tricked the help desk into resetting legitimate logins, which they then used to launch a ransomware attack. The same group allegedly staged a rash of similar attacks across various other sectors, including a breach at casino rival Caesars Entertainment, which reportedly paid $15 million to get its data back days before the MGM attack.

Continue reading “Casino Breaches Expose Why Identity Management Is at a Crossroads”

Fingerprint Theft Just a Shutter Click Away

source: technewsworld.com  |  image: pixabay.com

 

Ever since smartphone makers started incorporating fingerprint scanners as a means of unlocking mobile phones, the Chaos Computer Club has attacked the technology with vigor. 

Not long after Apple added Touch ID to its iPhones, the German hackers demonstrated how to lift prints from a surface and create a flexible pad containing the print that could be used to break into a phone.

Now the CCC hacker known as “Starbug” has used digital photography to perform the same trick without lifting any prints at all. At a recent cybersecurity conference, Starbug demonstrated how he created the thumb print of German Minister of Defense Ursula von der Leyen from several news photos.

“After this talk, politicians will presumably wear gloves when talking in public,” Starbug said.

Continue reading “Fingerprint Theft Just a Shutter Click Away”

Data of 2.6 Million Duolingo Users Leaked on Hacking Forum

 

source: infosecurity-magazine.com  |  image: pixabay.com

 

Data from 2.6 million users of Duolingo, a language learning platform with over 74 million monthly users, has been leaked on a hacking forum.

The compromised data, which includes real names, login names, email addresses and internal service-related details, was initially offered for sale on the now defunct Breached hacking forum in January 2023 for $1500. 

Despite Duolingo’s confirmation to The Record that the data was sourced from publicly available profiles, the leaked email addresses are particularly alarming as they are not public information and can facilitate targeted phishing attempts.

“We’re aware of this report. These records were obtained by data scraping public profile information. We have no indication that our systems were compromised. We take data privacy and security seriously and are continuing to investigate this matter to determine if any further action is needed to protect our learners,” a spokesperson from the company confirmed to Infosecurity in an email. 

Continue reading “Data of 2.6 Million Duolingo Users Leaked on Hacking Forum”

Officials found suspected Chinese malware hidden in various US military systems. Its intended use is disruption rather than surveillance, a ‘disturbing’ change in intent, experts say.

 

source: businessinsider.com  |  image: pexels.com

 

  • Suspected Chinese malware has been identified in several US military systems. 
  • Unlike other surveillance malware from China, this malware seems intended to disrupt operations.
  • The malware could also have the ability to disrupt normal civilian life and businesses.

US officials found suspected Chinese malware across several military systems — and unlike previous attacks, experts say the intent is more likely to disrupt rather than to surveil, The New York Times reports.

The attacks first came into the public eye in May after Microsoft identified malicious code in telecommunications software in Guam, where the US houses the Andersen Air Force Base.

Continue reading “Officials found suspected Chinese malware hidden…”

New report details China’s presence in U.S. systems

 

source: axios.com (contributed by FAN, Bill Amshey)  |  image: pexels.com

 

U.S. officials are reportedly concerned about the possibility that China-backed hackers have snuck malware onto networks underpinning military and critical infrastructure operations.

Driving the news: That’s according to a New York Times report that ran Saturday, which raises the question of whether China is already laying the groundwork for a potential Taiwan invasion.

Why it matters: U.S. officials and cybersecurity experts have long anticipated that cyber warfare would play a major role in a potential Chinese invasion of Taiwan.

  • In that scenario, experts anticipate that China would use a destructive cyberattack to disrupt communications between the U.S. and Asian countries.

The big picture: In recent years, China state-backed hackers have become stealthier and more difficult to detect on networks — targeting internet-facing security tools to evade traditional detection and stealing obscure encryption keys to hack government email accounts.

  • The Times’ report is the latest warning that China-backed hackers are getting savvier.

Details: The new concerns build on a Microsoft report released in May that identified a new piece of China-linked malware on telecommunications systems in Guam and elsewhere in the U.S.

  • Now, the Times reports the malware is more widespread and older than initially suggested. The White House has reportedly kicked off a series of Situation Room meetings and started briefing state officials and utility companies.

Yes, but: It’s unclear what the motive for the campaign might be. Countries spy on each other all the time, but a destructive cyberattack is much rarer and would have larger geopolitical consequences.

What they’re saying: “Without weighing in on the specific details of the NYT story, the topic is significant, but threats of this nature, which seek to compromise our critical infrastructure, are not new,” Marc Raimondi, a former national security official, told Axios.

  • “It’s something to be concerned about for sure, but it’s amongst many things that we should be concerned about regarding the [People’s Republic of China] and our other advanced adversaries in the cyber and critical infrastructure realm,” he added.

Russia-Linked RomCom Hackers Targeting NATO Summit Guests

source: securityweek.com  |  image: pixabay.com

 

A recent RomCom cyber operation has been targeting NATO Summit guests and other entities supporting Ukraine.

As part of a recently identified cyber operation, a Russia-linked threat actor known as RomCom has been targeting entities supporting Ukraine, including guests at the 2023 NATO Summit taking place July 11-12, the cybersecurity unit at BlackBerry reports.

Taking place in Vilnius, Lithuania, the NATO Summit has on the agenda talks focusing on the war in Ukraine, as well as new memberships in the organization, including Sweden and Ukraine itself.

Taking advantage of the event, RomCom has created malicious documents likely to be distributed to supporters of Ukraine, and appears to have dry-tested its delivery on June 22 and a few days before the command-and-control (C&C) domain used in the campaign went live,BlackBerry explains.

Continue reading “Russia-Linked RomCom Hackers Targeting NATO Summit Guests”