Author: esimantiras

Experts Weigh In on Refusing or Paying After a Ransomware Attack

Posted on by esimantiras

Experts Weigh In on Refusing or Paying After a Ransomware Attack

source: technewsworld.com |  image: pexels.com

 

Ransomware attacks have shown signs of decreasing in recent months. Yet they still pose enough threat for organizations to rethink whether a successful breach of their computers justifies paying a ransom demand in hopes attackers will not divulge their stolen content.

According to the NCC Group Threat Pulse Report released in May, the ransomware landscape remains turbulent despite fewer reported incidents since April. Industrials (34%) and Consumer Cyclicals (18%) remained the first and second-most targeted sectors.

There has been a significant shake-up among the top 10 ransomware actors since April. Hunters, one of the leading bad actors, moved from eighth to the second most active threat actor. It launched 61% more ransomware attacks in April than in March. RansomHub replaced RA Group in third place and saw a 42% increase in attacks over March.

The policy of not paying ransom, often called a “no concessions” policy, is a widely debated strategy in counterterrorism and hostage situations. Its effectiveness continues to be argued from multiple perspectives. Cybersecurity experts apply the same reasoning when deciding whether to make or not make ransomware payments. Continue reading “Experts Weigh In on Refusing or Paying After a Ransomware Attack”

China’s Satellites Are Dodging US Eyes In Space

Posted on by esimantiras

China’s Satellites Are Dodging US Eyes In Space

source: defenseone.com  |  image: pixabay.com

 

The Pentagon doesn’t post location data for its secretive GSSAP satellites, but Chinese spacecraft are maneuvering to avoid their gaze.

The Pentagon has long been closed-mouthed about a family of U.S. spy satellites that since 2014 have kept an eye on foreign spacecraft in geosynchronous orbits. That hasn’t stopped Chinese satellites from dodging them.

U.S. officials declassified the Geosynchronous Space Situational Awareness Program a decade ago to show that they had eyes on high-Earth orbit, but they have rarely discussed the the six GSSAP satellites themselves, and they do not publish the standard location data meant to reduce collisions. Now, a new paper from the U.S. Air Force’s China Aerospace Studies Institute explores what the Chinese know about GSSAP—and what they’re doing about it. Continue reading “China’s Satellites Are Dodging US Eyes In Space”

Cyberattackers Unleash Flood of Potentially Disruptive Election-Related Activity

Posted on by esimantiras

Cyberattackers Unleash Flood of Potentially Disruptive Election-Related Activity

source: darkreading.com  |  image: pexels.com

 

Cyber-threat actors have ramped up their targeting of the 2024 US electionswith a flood of malicious activity expected to peak over the next month, aimed at causing disruption to voters and the election process and requiring increased vigilance on the part of stakeholders.

Specifically, attackers have bolstered election-related threat activity since the beginning of the year with an increase in the sale of phishing kits targeting US voters and campaign donors; the registration of more than 1,000 domains aimed at exploiting election-related content for malicious purposes; and increased ransomware activity targeting government entities, according to research from FortiGuard Labs Threat Research released today.

Since the inception of Internet-related threats, cyber-threat actors have typically increased malicious activity ahead of elections, notes Derek Manky, chief security strategist and vice president of global threat intelligence at Fortinet. However, they aim to be especially disruptive during the current election cycle, requiring that all stakeholders be prepared to fend off malicious actors in the upcoming weeks to protect election outcomes. Continue reading “Cyberattackers Unleash Flood of Potentially Disruptive Election-Related Activity”

New Targets, New Tools, Same Threat.

Posted on by esimantiras

New Targets, New Tools, Same Threat.

source: thecyberwire.com  |  image: pixabay.com

 

Listen to the podcase here

 

This week we are joined by Chester Wisniewski, Global Field CTO from SophosX-Ops team, to discuss their work on “Crimson Palace returns: New Tools, Tactics, and Targets.” Sophos X-Ops has observed a resurgence in cyberespionage activity, tracked as Operation Crimson Palace, targeting Southeast Asian government organizations.

After a brief lull, Cluster Charlie resumed operations in September 2023, using new tactics such as web shells and open-source tools to bypass detection, re-establish access, and map target network infrastructure, demonstrating ongoing efforts to exfiltrate data and expand their foothold.

The research can be found here:

Did Israel Intercept Any Iranian Missiles?

Posted on by esimantiras

Did Israel Intercept Any Iranian Missiles?

source: https://joecirincione.substack.com (contributed by FAN, Bill Amshey)  |  image: pexels.com

The available evidence indicates that most of Iran’s missiles got through.

Something has been bothering me. Almost every reporter and Israeli official says that Israel intercepted most of the 180 missiles Iran fired at three Israeli military bases October 1. If that were true, then you would expect to see dozens of large explosions in the air as the Israeli Arrow 2 or Arrow 3 interceptors found their targets and destroyed the incoming warheads.

But that is not what you see. Dozens of videos show scores of missiles streaking across the sky with many hitting the ground and exploding in fireballs. There are numerous reports of substantial ground damage, including large craters, damaged buildings and at least one intact ballistic missile that failed to explode.

It appears that the Iranian missiles were so inaccurate that most landed a kilometer or more from their intended targets, with some landing in the sea or in vacant land. The Washington Post reports, in one of the few attempts to independently assess the damage, that, “Video recorded from the southern town of Ar’arat an-Naqab on Tuesday showed at least 20 projectiles flying through the air above the Nevatim military air base. At least six missiles hit the facility, erupting into fireballs; plumes of smoke rose from the airfield. No aircraft was hit, the Israel Defense Forces told Israeli media.” Continue reading “Did Israel Intercept Any Iranian Missiles?”

This Brain Implant Lets People Control Amazon Alexa With Their Minds

Posted on by esimantiras

This Brain Implant Lets People Control Amazon Alexa With Their Minds

source: wired.com (contributed by Artemus founder, Bob Wallace)  |  image: pexels.com

 

Neuralink rival Synchron is connecting its brain–computer interface with consumer technologies to allow people with paralysis more functionality.

Mark, a 64-year-old with amyotrophic lateral sclerosis, or ALS, uses Amazon Alexa all the time using his voice. But now, thanks to a brain implant, he can also control the virtual assistant with his mind.

ALS affects the nerve cells in the brain and spinal cord, causing loss of muscle control over time. Mark, who asked that his last name not be used, has limited mobility as a result of his condition. He can walk and talk but has no use of his arms and hands. As part of a clinical trial, he received a brain-computer interface, or BCI, made by startup Synchron in August 2023.

Synchron is developing a BCI that decodes brain signals to allow people with paralysis the ability to control digital devices with their thoughts alone. On Monday, the company announced that its BCI can now be used with Alexa without the need for voice or physical interaction with a touchscreen. Synchron says Mark is the first person to use Alexa with an implanted BCI. Continue reading “This Brain Implant Lets People Control Amazon Alexa With Their Minds”

European Government Air-Gapped Systems Breached Using Custom Malware

Posted on by esimantiras

European Government Air-Gapped Systems Breached Using Custom Malware

source: bleepingcomputer.com (contributed by FAN, Steve Page)  |  image: pexels.com

 

An APT hacking group known as GoldenJackal has successfully breached air-gapped government systems in Europe using two custom toolsets to steal sensitive data, like emails, encryption keys, images, archives, and documents.

According to an ESET report, this happened at least two times, one against the embassy of a South Asian country in Belarus in September 2019 and again in July 2021, and another against a European government organization between May 2022 and March 2024.

In May 2023, Kaspersky warned about GoldenJackal’s activities, noting that the threat actors focus on government and diplomatic entities for purposes of espionage.

Continue reading “European Government Air-Gapped Systems Breached Using Custom Malware”

Chinese hacking “typhoons” threaten U.S. infrastructure

Posted on by esimantiras

Chinese Hacking “Typhoons” Threaten U.S. Infrastructure

source: axios.com (contributed by FAN, Bill Amshey)  |  image: pexels.com

 

The Chinese government is running another broad campaign to hack as many American organizations as possible — heightening the threat across critical infrastructure.

Why it matters: The new hacking campaign suggests China could hold more expansive power to turn off key U.S. infrastructure than previously thought.

Driving the news: FBI director Christopher Wray said at the Aspen Cyber Summit on Wednesday that the bureau and its partners hijacked thousands of devices last week that a Chinese hacking group had infected with malware.

  • Flax Typhoon, a new China-backed hacking team, infected home routers, firewalls, storage devices, and Internet of Things devices like cameras and video recorders.

Zoom in: As of June, Flax Typhoon’s botnet included more than 260,000 malware-infected devices across North America, South America, Europe, Africa, Southeast Asia and Australia, according to a U.S. government advisory.

  • Half of the hijacked devices were located in the U.S., Wray said in his remarks.
  • Security researchers at Black Lotus Labs said in a coinciding report that hackers have used the botnet to target U.S. and Taiwanese organizations in the military, government, higher education, telecommunications, defense and IT sectors.
  • The FBI also alleged that the Flax Typhoon hackers worked for Integrity Technology Group, a Chinese tech company that does contract work for Beijing’s intelligence agencies.
  • The FBI also said that Integrity Technology Group operated and controlled the botnet. Continue reading “Chinese hacking “typhoons” threaten U.S. infrastructure”

Apple Dives Deeper Into Med Tech With Focus on Hearing Health

Posted on by esimantiras

Apple Dives Deeper Into Med Tech With Focus on Hearing Health

 

source: cnet.com  |  image: pexels.com

 

An Apple a Day…

There’s nothing quite as thrilling as the chaos and hype of an Apple event day. Granted, as a longtime Apple user, I’m a bit biased. But the launch of the new iPhone 16; the 10th anniversary of the Apple Watch; and the release of the next generation of Watches and AirPods warrants that kind of excitement. While our tech experts are knee-deep in all things iPhone and Watch, I want to highlight one important bit of news from yesterday’s Glowtime presentation: The AirPods Pro 2 earbuds will have over-the-counter hearing aid capability.

Anyone who’s experienced hearing loss, or who knows someone who has, understands the challenges associated with it. Traditional hearing aids are designed to help ease confusion, but they tend to raise the volume on all sounds, not just people’s voices. On top of that, they can cost thousands of dollars. With the new AirPods Pro 2, you’ll be able to give yourself a hearing test, and the earbuds will use “personalized dynamic adjustments” to boost sound in real time, Apple said. They’re expected to be available this fall.

It was hard to pick which of our Apple stories to include this week. Make sure you check out our other Apple event coverage, including a comparison of the iPhone 16 specs and commentary on why Apple’s hardware-focused event was so refreshing.

Was YOUR SSN Included In This Hack?

Posted on by esimantiras

Check if Your Social Security Number Is Included in the National Public Data Hack

source: cnet.com (contributed by FAN, Steve Page)  |  image: pexels.com

 

Check if your Social Security number was stolen in the massive data theft and what to do to secure your personal information.

If your Social Security number or other personal information was stolen in the December 2023 National Public Data breach, you can take steps to protect yourself. Here’s how. A reported 2.7 millionto 2.9 billion records from 170 million people were stolen, including full names and phone numbers along with Social Security numbers. 

According to an August statement from National Public Data — a data broker that sells personal information to private investigators, consumer public record sites, human resources and staffing agencies — “a third-party bad actor” hacked into the data and leaked the stolen information on the dark web. National Public Data obtained the information by scraping nonpublic sources without consent, according to a proposed class action lawsuit. A House of Representatives committee has opened an investigation in response.

Here are steps you can take to see if your information was stolen and then what to do if your Social Security number and other personal data were leaked in the massive data hack. For more information, here are the best identity theft protection services and how to freeze your credit. For more on Social Security, here’s when to expect your Social Security check to arrive this month and four ways you can lose your Social Security benefits.

How was my personal information stolen in the National Public Data hack?

National Public Data said it obtains personal information from public record databases, court records, state and national databases and other repositories nationwide.

According to a National Public Data statement in August, “The incident is believed to have involved a third-party bad actor that was trying to hack into data in late December 2023, with potential leaks of certain data in April 2024 and summer 2024.” Continue reading “Was YOUR SSN Included In This Hack?”