Citizen Lab is reporting that a New York Times journalist was hacked with the NSO Group’s spyware Pegasus, probably by the Saudis.
The world needs to do something about these cyberweapons arms manufacturers. This kind of thing isn’t enough; NSO Group is an Israeli company.
Powered by WPeMatico
October 25, 2021 cyberweapons, hacking, israel, Security technology, spyware, Uncategorized Read more >
Someone has been hacking telecommunications networks around the world:
Some relation to China is reported, but this is not a definitive attribution.
Powered by WPeMatico
October 22, 2021 attribution, china, cyberespionage, espionage, hacking, Security technology, Uncategorized Read more >
This is interesting:
A company that is a critical part of the global telecommunications infrastructure used by AT&T, T-Mobile, Verizon and several others around the world such as Vodafone and China Mobile, quietly disclosed that hackers were inside its systems for years, impacting more than 200 of its clients and potentially millions of cellphone users worldwide.
I’ve never heard of the company.
No details about the hack. It could be nothing. It could be a national intelligence service looking for information.
Powered by WPeMatico
October 6, 2021 cybersecurity, data breaches, hacking, Security technology, Uncategorized Read more >
The Wall Street Journal is reporting on a baby’s death at an Alabama hospital in 2019, which they argue was a direct result of the ransomware attack the hospital was undergoing.
Amid the hack, fewer eyes were on the heart monitors — normally tracked on a large screen at the nurses’ station, in addition to inside the delivery room. Attending obstetrician Katelyn Parnell texted the nurse manager that she would have delivered the baby by caesarean section had she seen the monitor readout. “I need u to help me understand why I was not notified.” In another text, Dr. Parnell wrote: “This was preventable.”
[The mother] Ms. Kidd has sued Springhill [Medical Center], alleging information about the baby’s condition never made it to Dr. Parnell because the hack wiped away the extra layer of scrutiny the heart rate monitor would have received at the nurses’ station. If proven in court, the case will mark the first confirmed death from a ransomware attack.
What will be interesting to see is whether the courts rule that the hospital was negligent in its security, contributing to the success of the ransomware and by extension the death of the infant.
Springhill declined to name the hackers, but Allan Liska, a senior intelligence analyst at Recorded Future, said it was likely the Russianbased Ryuk gang, which was singling out hospitals at the time.
They’re certainly never going to be held accountable.
Another article.
Powered by WPeMatico
October 1, 2021 cybercrime, hacking, healthcare, ransomware, Security technology, Uncategorized Read more >
The MIT Technology Review is reporting that 2021 is a blockbuster year for zero-day exploits:
One contributing factor in the higher rate of reported zero-days is the rapid global proliferation of hacking tools.
Powerful groups are all pouring heaps of cash into zero-days to use for themselves — and they’re reaping the rewards.
At the top of the food chain are the government-sponsored hackers. China alone is suspected to be responsible for nine zero-days this year, says Jared Semrau, a director of vulnerability and exploitation at the American cybersecurity firm FireEye Mandiant. The US and its allies clearly possess some of the most sophisticated hacking capabilities, and there is rising talk of using those tools more aggressively.
[…]
Few who want zero-days have the capabilities of Beijing and Washington. Most countries seeking powerful exploits don’t have the talent or infrastructure to develop them domestically, and so they purchase them instead.
[…]
It’s easier than ever to buy zero-days from the growing exploit industry. What was once prohibitively expensive and high-end is now more widely accessible.
[…]
And cybercriminals, too, have used zero-day attacks to make money in recent years, finding flaws in software that allow them to run valuable ransomware schemes.
“Financially motivated actors are more sophisticated than ever,” Semrau says. “One-third of the zero-days we’ve tracked recently can be traced directly back to financially motivated actors. So they’re playing a significant role in this increase which I don’t think many people are giving credit for.”
[…]
No one we spoke to believes that the total number of zero-day attacks more than doubled in such a short period of time — just the number that have been caught. That suggests defenders are becoming better at catching hackers in the act.
You can look at the data, such as Google’s zero-day spreadsheet, which tracks nearly a decade of significant hacks that were caught in the wild.
One change the trend may reflect is that there’s more money available for defense, not least from larger bug bounties and rewards put forward by tech companies for the discovery of new zero-day vulnerabilities. But there are also better tools.
Powered by WPeMatico
September 24, 2021 china, exploits, hacking, Security technology, Uncategorized, zero-day Read more >
The Washington Post reports that the FBI had a decryption key for the REvil ransomware, but didn’t pass it along to victims because it would have disrupted an ongoing operation.
The key was obtained through access to the servers of the Russia-based criminal gang behind the July attack. Deploying it immediately could have helped the victims, including schools and hospitals, avoid what analysts estimate was millions of dollars in recovery costs.
But the FBI held on to the key, with the agreement of other agencies, in part because it was planning to carry out an operation to disrupt the hackers, a group known as REvil, and the bureau did not want to tip them off. Also, a government assessment found the harm was not as severe as initially feared.
Fighting ransomware is filled with security trade-offs. This is one I had not previously considered.
Another news story.
Powered by WPeMatico
September 22, 2021 externalities, extortion, fbi, hacking, ransomware, Security technology, tradecraft, Uncategorized Read more >
Apparently, a nation-state hacked Alaska’s Department of Health and Social Services.
Not sure why Alaska’s Department of Health and Social Services is of any interest to a nation-state, but that’s probably just my failure of imagination.
Powered by WPeMatico
September 21, 2021 cyberespionage, hacking, healthcare, leaks, Security technology, Uncategorized Read more >
We knew the basics of this story, but it’s good to have more detail.
Here’s me in 2015 about this Juniper hack. Here’s me in 2007 on the NSA backdoor.
Powered by WPeMatico
September 9, 2021 backdoors, china, firewall, hacking, Juniper, nsa, random numbers, Security technology, Uncategorized Read more >
Normal-looking cables (USB-C, Lightning, and so on) that exfiltrate data over a wireless network.
I blogged about a previous prototype here
Powered by WPeMatico
September 7, 2021 apple, eavesdropping, hacking, key logging, Security technology, Uncategorized, Wi-Fi Read more >
Black Hat is a hacker-themed board game.
Powered by WPeMatico
September 3, 2021 games, hacking, Security technology, Uncategorized Read more >