Author: esimantiras

A Powerful Tool US Spies Misused to Stalk Women Faces Its Potential Demise

Posted on by esimantiras

A Powerful Tool US Spies Misused to Stalk Women Faces Its Potential Demise

 

source: wired.com  |  image: pixabay.com

 

Though often viewed as the “crown jewel” of the US intelligence community, fresh reports of abuse by NSA employees and chaos in the US Congress put the tool’s future in jeopardy.

The federal law authorizing a vast amount of the United States government’s foreign intelligence collection is set to expire in two months, a deadline that threatens to mothball a notoriously extensive surveillance program currently eavesdropping on the phone calls, text messages, and emails of no fewer than a quarter million people overseas.

The US National Security Agency (NSA) relies heavily on the program, known as Section 702, to compel the cooperation of communications giants that oversee huge swaths of the internet’s traffic. The total number of communications intercepted under the 702 program each year, while likely beyond tally, ostensibly reaches into the high hundreds of millions, according to scraps of reportage declassified by the intelligence community over the past decade, and the secret surveillance court whose macroscopic oversight—even when brought to full bear against the program—scarcely takes issue with any quotidian abuses of its power.

Continue reading “A Powerful Tool US Spies Misused to Stalk Women Faces Its Potential Demise”

Social engineering for espionage and for profit

Posted on by esimantiras

Social engineering for espionage

and for profit

 

source: thecyberwire.com  |  image: pixabay.com

 

At a glance.

  • Okta discloses a data exposure incident.
  • Cisco works to fix zero-day.
  • DPRK threat actors pose as IT workers.
  • Five Eyes warn of AI-enabled Chinese espionage.
  • Job posting as phishbait.
  • The risk of first-party fraud.
  • The Quasar RAT and DLL side-loading.
  • Hacktivists trouble humanitarian organizations with nuisance attacks.
  • Content moderation during wartime.
  • Not content-moderation, but fact-checking.
  • Cyberespionage at the ICC.

Okta discloses a data breach.

Identity and access management company Okta has disclosed a data breach affecting some of the company’s customers. The company stated, “The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases. It should be noted that the Okta support case management system is separate from the production Okta service, which is fully operational and has not been impacted. In addition, the Auth0/CIC case management system is not impacted by this incident.”

Continue reading “Social engineering for espionage and for profit”

The Best Password Managers to Secure Your Digital Life

Posted on by esimantiras

The Best Password Managers to Secure Your Digital Life

 

source: wired.com  |  image: pexels.com

 

PASSWORD MANAGERS ARE the vegetables of the internet. We know they’re good for us, but most of us are happier snacking on the password equivalent of junk food. For nearly a decade, that’s been “123456” and “password”—the two most commonly used passwords on the web. The problem is, most of us don’t know what makes a good password and aren’t able to remember hundreds of them anyway.

The safest (if craziest) way to store your passwords is to memorize them all. (Make sure they are long, strong, and secure!) Just kidding. That might work for Memory Grand Master Ed Cooke, but most of us are not capable of such fantastic feats. We need to offload that work to password managers, which offer secure vaults that can stand in for our memory.

A password manager offers convenience and, more importantly, helps you create better passwords, which makes your online existence less vulnerable to password-based attacks. Read our guide to VPN providers for more ideas on how you can upgrade your security, as well as our guide to backing up your data to make sure you don’t lose anything if the unexpected happens.

Scammers Impersonate Companies to Steal Cryptocurrency from Job Seekers

Posted on by esimantiras

Scammers Impersonate Companies to Steal Cryptocurrency from Job Seekers

 

source: infosecurity-magazine.com  |  image: pexels.com

 

Security researchers have discovered a major new scam operation designed to trick job seekers into parting with cryptocurrency, by getting them to complete meaningless tasks they believe will earn them money.

Dubbed “WebWyrm” by CloudSEK, the operation has already targeted more than 100,000 individuals across over 50 countries by impersonating over 1000 companies across 10 industries. It has already potentially netted the scammers over $100m.

The scammers approach victims primarily on WhatsApp, potentially using data from recruitment portals to target their schemes to those most likely to respond.

Promising a weekly salary of $1200-1500, they request the victim to complete 2-3 “packets” or “resets” per day, with each containing 40 tasks.

Continue reading “Scammers Impersonate Companies to Steal Cryptocurrency from Job Seekers”

The surprising threat is lurking even in your ‘secure’ work environment

Posted on by esimantiras

The surprising threat is lurking even in your ‘secure’ work environment

 

source: fast company.com  |  image: pexels.com

 

When Netflix released The Most Hated Man on the Internet, we got an up-close glimpse of the harm that nefarious people can do by exposing the personal information of others online. The series illustrated how Hunter Moore used stolen or hacked images to populate a pornographic website, targeting women who did not consent for their images to be used—and introducing many people to the concept of “doxing.” 

Derived from 1990s hacker culture, doxing is a play on the word document or dossier, referring to compiling data on a person or company. It gained greater visibility in 2014 when a group released the private information of women who they perceived as receiving favoritism in the gaming journalism industry. The incident, titled GamerGate, exposed the dangers of being targeted by bad actors and the potential for negative psychological outcomes.

Continue reading “The surprising threat is lurking even in your ‘secure’ work environment”

Cyberattacks on hospitals are growing threats to patient safety, experts say

Posted on by esimantiras

Cyberattacks on hospitals are growing threats to patient safety, experts say

source: abcnews.go.com  | image: pexels.com

 

The number of attacks on U.S. hospitals each year doubled between 2016 and 2021

Jes Kraus was supposed to be going to the University of Vermont Medical Center every day for aggressive radiation and chemotherapy treatments to fight stage three colorectal cancer, for which he was diagnosed in September 2020.

But at the end of October 2022, the hospital called to tell him not to come in for his appointments until further notice. The medical center had just been hit by a cyberattack, which infected computer systems across the state and locked out health care workers from his treatment plan and other critical tools.

“Radiation was canceled for a week,” Kara Kraus, Jes’s wife, told ABC News. “We were afraid. We weren’t sure if that would affect the outcome. Again, the tumor, would it start growing back within that week? What was going to happen?”

Continue reading “Cyberattacks on hospitals are growing threats to patient safety, experts say”

Michigan Tech Research Award Winner Pursues Discovery of Galactic Mysteries

Posted on by esimantiras

Michigan Tech Research Award Winner Pursues Discovery of Galactic Mysteries

source: mfu.edu. |  image: pixabay.com

 

An internationally recognized expert in high-energy gamma-ray astronomy and galactic cosmic rays, Petra Huentemeyer serves as a vice-spokesperson for a globally collaborative observatory and mentors her students to seek their own bright futures. The experimental astrophysicist and distinguished professor of physics is the 2023 recipient of the Michigan Technological University Research Award.

Huentemeyer views the career path she has followed as a natural if not always easy progression. Fueled by a persistent curiosity to probe the unknown origins of the universe, her work has led her to study and conduct research at the world’s leading institutions in her field.

The researcher, who enjoys watching movies in her leisure time, said summer 2023’s blockbuster biopic  “Oppenheimer” sparked reflections on how she chose her discipline. “In the context of ‘Oppenheimer,’ I thought about how I actually started in the field of physics coming out of high school,” she said. “I grew up in the Cold War era. In 1991 I was watching a German miniseries, called the “End of Innocence,” about the competition with the Manhattan Project and the work of Otto Hahn.”

Continue reading “Michigan Tech Research Award Winner Pursues Discovery of Galactic Mysteries”

Taliban weighs using US mass surveillance plan, met with China’s Huawei

Posted on by esimantiras

Taliban weighs using US mass surveillance plan, met with China’s Huawei

 

source: reuters.com  |  image: pixabay.com

 

KABUL, Sept 25 (Reuters) – The Taliban are creating a large-scale camera surveillance network for Afghan cities that could involve repurposing a plan crafted by the Americans before their 2021 pullout, an interior ministry spokesman told Reuters, as authorities seek to supplement thousands of cameras already across the capital, Kabul.

The Taliban administration — which has publicly said it is focused on restoring security and clamping down on Islamic State, which has claimed many major attacks in Afghan cities — has also consulted with Chinese telecoms equipment maker Huawei about potential cooperation, the spokesman said.

Continue reading “Taliban weighs using US mass surveillance plan, met with China’s Huawei”

DOD Represented at Five Eyes Technology Principals Meeting

Posted on by esimantiras

DOD Represented at Five Eyes Technology Principals Meeting

 

source: defense.gov  |  image: department of defense

 

Last week, Dr. Steven G. Wax, performing the duties of the Assistant Secretary of Defense for Science and Technology, presented the National Defense Science and Technology Strategy at the Technology Cooperation Program (TTCP) Principals Meeting.

TTCP is a science and technology alliance among the Five Eyes (FVEY) nations – Australia, Canada, New Zealand, the United Kingdom, and the United States. Representatives met Sept. 11-15, 2023, in Quebec City, Quebec, Canada.

That strategy highlights the important role our allies and partners play in our research and development ecosystem.

Continue reading “DOD Represented at Five Eyes Technology Principals Meeting”

China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers

Posted on by esimantiras

China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers

 

source: thehackernews.com  |  image: pixabay.com

 

China’s Ministry of State Security (MSS) has accused the U.S. of breaking into Huawei’s servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions between the two countries.

In a message posted on WeChat, the government authority said U.S. intelligence agencies have “done everything possible” to conduct surveillance, secret theft, and intrusions on many countries around the world, including China, using a “powerful cyber attack arsenal.” Specifics about the alleged hacks were not shared.

It explicitly singled out the U.S. National Security Agency’s (NSA) Computer Network Operations (formerly the Office of Tailored Access Operations or TAO) as having “repeatedly carried out systematic and platform-based attacks” against the country to plunder its “important data resources.”

Continue reading “China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers”