Author: esimantiras

Data of 2.6 Million Duolingo Users Leaked on Hacking Forum

Posted on by esimantiras

Data of 2.6 Million Duolingo Users Leaked on Hacking Forum

 

source: infosecurity-magazine.com  |  image: pixabay.com

 

Data from 2.6 million users of Duolingo, a language learning platform with over 74 million monthly users, has been leaked on a hacking forum.

The compromised data, which includes real names, login names, email addresses and internal service-related details, was initially offered for sale on the now defunct Breached hacking forum in January 2023 for $1500. 

Despite Duolingo’s confirmation to The Record that the data was sourced from publicly available profiles, the leaked email addresses are particularly alarming as they are not public information and can facilitate targeted phishing attempts.

“We’re aware of this report. These records were obtained by data scraping public profile information. We have no indication that our systems were compromised. We take data privacy and security seriously and are continuing to investigate this matter to determine if any further action is needed to protect our learners,” a spokesperson from the company confirmed to Infosecurity in an email. 

Continue reading “Data of 2.6 Million Duolingo Users Leaked on Hacking Forum”

Ransomware Attacks are on the Rise

Posted on by esimantiras

Ransomware Attacks are on the Rise

source:  threatpost.com  |  image: pixabay.com

 

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

After a recent dip, ransomware attacks are back on the rise. According to data released by NCC Group, the resurgence is being led by old ransomware-as-a-service (RaaS) groups.

With data gathered by “actively monitoring the leak sites used by each ransomware group and scraping victim details as they are released,” researchers have determined that Lockbit was by far the most prolific ransomware gang in July, behind 62 attacks. That’s ten more than the month prior, and more than twice as many as the second and third most prolific groups combined. “Lockbit 3.0 maintain their foothold as the most threatening ransomware group,” the authors wrote, “and one with which all organizations should aim to be aware of.”

Continue reading “Ransomware Attacks are on the Rise”

US issues threat warning after hackers break into a satellite

Posted on by esimantiras

US issues threat warning after hackers break into a satellite

source: defenseone.com  |  image: pexels.com

Three teams at the DEF CON 23 convention met a government challenge to hack satellite in orbit.

It seems like nothing is off limits for threat actors to target these days. Hospitals, schools, charity organizations and even municipalities have all been successfully targeted by malicious cyberattacks in recent years. And now, it seems like attackers are even looking into space for new systems to try and compromise.

Last week, the Office of the Director of National Intelligence, in coordination with the FBI, the National Counterintelligence and Security Center, and the Air Force Office of Special Investigations, issued a warning about increased attempts to attack both satellites in orbit and the intellectual property of companies developing space technologies.

The warning comes just about a month after three teams at the DEF CON 23 convention in Las Vegas managed to hack a government satellite in orbit. Those attacks were conducted with the full permission of the government as part of the U.S. Space Force’s Hack-A-Sat competition. Three of the teams that successfully breached the security of the orbiting satellite were awarded up to $50,000 in prize money for demonstrating how such an attack could be conducted. This was the first time that hacker groups were able to prove that it was now possible to circumvent the cybersecurity protections of satellites in orbit.

Continue reading “US issues threat warning after hackers break into a satellite”

Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities

Posted on by esimantiras

Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities

source: securityweek.com  |  image: pexels.com

 

Five Eyes government agencies have published a list of the software vulnerabilities that were most frequently exploited in malicious attacks in 2022.

Government agencies in Australia, Canada, New Zealand, the UK, and the US have published a list of the software vulnerabilities that were most frequently exploited in malicious attacks in 2022.

Last year, the Five Eyes agencies say, threat actors mainly targeted internet-facing systems that were not patched against older, known vulnerabilities, including flaws for which proof-of-concept (PoC) exploit code exists publicly.

Continue reading “Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities”

Officials found suspected Chinese malware hidden…

Posted on by esimantiras

Officials found suspected Chinese malware hidden in various US military systems. Its intended use is disruption rather than surveillance, a ‘disturbing’ change in intent, experts say.

 

source: businessinsider.com  |  image: pexels.com

 

  • Suspected Chinese malware has been identified in several US military systems. 
  • Unlike other surveillance malware from China, this malware seems intended to disrupt operations.
  • The malware could also have the ability to disrupt normal civilian life and businesses.

US officials found suspected Chinese malware across several military systems — and unlike previous attacks, experts say the intent is more likely to disrupt rather than to surveil, The New York Times reports.

The attacks first came into the public eye in May after Microsoft identified malicious code in telecommunications software in Guam, where the US houses the Andersen Air Force Base.

Continue reading “Officials found suspected Chinese malware hidden…”

Array Labs is scanning Earth from space to equip autonomous vehicles with 3D maps

Posted on by esimantiras

Array Labs is scanning Earth from space to equip autonomous vehicles with 3D maps

source: tecncrunch.com  |  image: pexels.com

 

It’s an oft-told story: The boom of space startups today can be traced to dramatically lowered cost in launch and satellite manufacturing over the past 10 years. But Array Labs, a two-year-old startup based in Silicon Valley, is also taking advantage of other technological developments in its quest to build a 3D map of Earth.

Those include computation gains, like in advanced graphics processors (GPUs), and radar software development, Array CEO Andrew Peterson explained. Peterson, an aerospace engineer who had previously worked for General Atomics Aeronautical Systems and Moog’s space and defense division, said the revolution in scientific computing has opened up new possibilities.

“If could take all of this superpower that we were seeing in radar and scientific computing, and you could couple that with really low-cost satellites . . . there’s probably a really, really interesting way to do a new type of Earth observation,” he said. “This was the best idea that I’ve ever had.”

New report details China’s presence in U.S. systems

Posted on by esimantiras

New report details China’s presence in U.S. systems

 

source: axios.com (contributed by FAN, Bill Amshey)  |  image: pexels.com

 

U.S. officials are reportedly concerned about the possibility that China-backed hackers have snuck malware onto networks underpinning military and critical infrastructure operations.

Driving the news: That’s according to a New York Times report that ran Saturday, which raises the question of whether China is already laying the groundwork for a potential Taiwan invasion.

Why it matters: U.S. officials and cybersecurity experts have long anticipated that cyber warfare would play a major role in a potential Chinese invasion of Taiwan.

  • In that scenario, experts anticipate that China would use a destructive cyberattack to disrupt communications between the U.S. and Asian countries.

The big picture: In recent years, China state-backed hackers have become stealthier and more difficult to detect on networks — targeting internet-facing security tools to evade traditional detection and stealing obscure encryption keys to hack government email accounts.

  • The Times’ report is the latest warning that China-backed hackers are getting savvier.

Details: The new concerns build on a Microsoft report released in May that identified a new piece of China-linked malware on telecommunications systems in Guam and elsewhere in the U.S.

  • Now, the Times reports the malware is more widespread and older than initially suggested. The White House has reportedly kicked off a series of Situation Room meetings and started briefing state officials and utility companies.

Yes, but: It’s unclear what the motive for the campaign might be. Countries spy on each other all the time, but a destructive cyberattack is much rarer and would have larger geopolitical consequences.

What they’re saying: “Without weighing in on the specific details of the NYT story, the topic is significant, but threats of this nature, which seek to compromise our critical infrastructure, are not new,” Marc Raimondi, a former national security official, told Axios.

  • “It’s something to be concerned about for sure, but it’s amongst many things that we should be concerned about regarding the [People’s Republic of China] and our other advanced adversaries in the cyber and critical infrastructure realm,” he added.

US power grid faces escalating cyber threats, infrastructure experts warn

Posted on by esimantiras

US power grid faces escalating cyber threats, infrastructure experts warn

source: govexec.com  |  image: pixabay.com

The power grid is experiencing heightened threats from foreign adversaries and domestic extremist groups that can pose devastating consequences for the nation’s supply of electricity, experts told a House subcommittee. 

 

Energy infrastructure experts testified that the U.S. power grid is facing a myriad of escalating cybersecurity risks and emerging threats from both foreign adversaries and domestic extremists amid an ongoing critical modernization journey.

The latest annual threat assessment out of the Intelligence Community identifies Chinese cyber operations against the U.S. homeland as a major national security threat and warns that Beijing is “almost certainly capable of launching cyber attacks that could disrupt critical infrastructure services” nationwide, including the power grid. 

Continue reading “US power grid faces escalating cyber threats, infrastructure experts warn”

Pro-China influence campaign infiltrates U.S. news websites

Posted on by esimantiras

Pro-China influence campaign infiltrates U.S. news websites

source: washington post, courtesy of FAN, Bill Amshey  |  image: pixabay.com

  • Haixun is a private company but has links to Chinese government actors, according to its own publicity and government media coverage of the firm. 
  • It’s not clear whether the content published on U.S. news websites is paid for by Chinese state actors. However, much of it is directly reproduced from Chinese state media reports or state-funded think tanks. 
The articles — which have appeared in financial news subdomains of at least 32 websites including the Arizona Republic and the Pittsburgh Post-Gazette — include Chinese state media stories and scathing critiques of U.S. policymakers, academics and others critical of Beijing. 

Continue reading “Pro-China influence campaign infiltrates U.S. news websites”

Destroying Just 250 Satellites Would Make Orbit ‘Totally Useless’ in 40 Years

Posted on by esimantiras

Destroying Just 250 Satellites Would Make Orbit ‘Totally Useless’ in 40 Years:  STUDY

source: themessenger.com, contributed by Artemus Founder, Bob Wallace  |  image: pixabay.com

So far human conflicts haven’t spilled into attacking each others’ satellites with missiles, but the technology exists

Should countries begin blowing each others satellites up in a war, it would spell doom for almost all of the technology orbiting the Earth, according to calculations published in a new study.

So far human conflicts haven’t spilled into attacking each others’ satellites with missiles, but the technology exists: In November, 2021, the Russian military tested out its Nudol missile by blowing up a defunct satellite. The explosion created a cloud of thousands of fragments, many of them not trackable due to their size, traveling at thousands of miles per hour around the globe. 

Continue reading “Destroying Just 250 Satellites Would Make Orbit ‘Totally Useless’ in 40 Years”