Category: Uncategorized

Auto Added by WPeMatico

Nation-State Attacker of Telecommunications Networks

Posted on By infossl
attribution, china, cyberespionage, espionage, hacking, Security technology, Uncategorized

Someone has been hacking telecommunications networks around the world: LightBasin (aka UNC1945) is an activity cluster that has been consistently targeting the telecommunications sector at a global scale since at least 2016, leveraging custom tools and an in-depth knowledge of telecommunications network architectures. Recent findings highlight this cluster’s extensive knowledge of telecommunications protocols, including the … Read More “Nation-State Attacker of Telecommunications Networks” »

Problems with Multifactor Authentication

Posted on By infossl
authentication, phishing, ransomware, Security technology, social engineering, two-factor authentication, Uncategorized

Roger Grimes on why multifactor authentication isn’t a panacea: The first time I heard of this issue was from a Midwest CEO. His organization had been hit by ransomware to the tune of $10M. Operationally, they were still recovering nearly a year later. And, embarrassingly, it was his most trusted VP who let the attackers … Read More “Problems with Multifactor Authentication” »

Textbook Rental Scam

Posted on By infossl
amazon, courts, crime, fraud, scams, Security technology, Uncategorized

Here’s a story of someone who, with three compatriots, rented textbooks from Amazon and then sold them instead of returning them. They used gift cards and prepaid credit cards to buy the books, so there was no available balance when Amazon tried to charge them the buyout price for non-returned books. They also used various … Read More “Textbook Rental Scam” »

Using Machine Learning to Guess PINs from Video

Posted on By infossl
atms, credit cards, machine learning, privacy, Security technology, Uncategorized

Researchers trained a machine-learning system on videos of people typing their PINs into ATMs: By using three tries, which is typically the maximum allowed number of attempts before the card is withheld, the researchers reconstructed the correct sequence for 5-digit PINs 30% of the time, and reached 41% for 4-digit PINs. This works even if … Read More “Using Machine Learning to Guess PINs from Video” »

Ransomware Attacks against Water Treatment Plants

Posted on By infossl
cyberattack, infrastructure, ransomware, scada, Security technology, Uncategorized

According to a report from CISA last week, there were three ransomware attacks against water treatment plants last year. WWS Sector cyber intrusions from 2019 to early 2021 include: In August 2021, malicious cyber actors used Ghost variant ransomware against a California-based WWS facility. The ransomware variant had been in the system for about a … Read More “Ransomware Attacks against Water Treatment Plants” »

The Missouri Governor Doesn’t Understand Responsible Disclosure

Posted on By infossl
courts, disclosure, overreactions, Security technology, Uncategorized, vulnerabilities

The Missouri governor wants to prosecute the reporter who discovered a security vulnerability in a state’s website, and then reported it to the state. The newspaper agreed to hold off publishing any story while the department fixed the problem and protected the private information of teachers around the state. […] According to the Post-Dispatch, one … Read More “The Missouri Governor Doesn’t Understand Responsible Disclosure” »

Suing Infrastructure Companies for Copyright Violations

Posted on By infossl
copyright, courts, infrastructure, Internet and society, Security technology, Uncategorized

It’s a matter of going after those with deep pockets. From Wired: Cloudflare was sued in November 2018 by Mon Cheri Bridals and Maggie Sottero Designs, two wedding dress manufacturers and sellers that alleged Cloudflare was guilty of contributory copyright infringement because it didn’t terminate services for websites that infringed on the dressmakers’ copyrighted designs…. … Read More “Suing Infrastructure Companies for Copyright Violations” »

Airline Passenger Mistakes Vintage Camera for a Bomb

Posted on By infossl
fear, Security technology, security theater, terrorism, Uncategorized, war on the unexpected

I feel sorry for the accused: The “security incident” that forced a New-York bound flight to make an emergency landing at LaGuardia Airport on Saturday turned out to be a misunderstanding — after an airline passenger mistook another traveler’s camera for a bomb, sources said Sunday. American Airlines Flight 4817 from Indianapolis — operated by … Read More “Airline Passenger Mistakes Vintage Camera for a Bomb” »

The European Parliament Voted to Ban Remote Biometric Surveillance

Posted on By infossl
biometrics, eu, privacy, Security technology, surveillance, Uncategorized

It’s not actually banned in the EU yet — the legislative process is much more complicated than that — but it’s a step: a total ban on biometric mass surveillance. To respect “privacy and human dignity,” MEPs said that EU lawmakers should pass a permanent ban on the automated recognition of individuals in public spaces, … Read More “The European Parliament Voted to Ban Remote Biometric Surveillance” »

Syniverse Hack

Posted on By infossl
cybersecurity, data breaches, hacking, Security technology, Uncategorized

This is interesting: A company that is a critical part of the global telecommunications infrastructure used by AT&T, T-Mobile, Verizon and several others around the world such as Vodafone and China Mobile, quietly disclosed that hackers were inside its systems for years, impacting more than 200 of its clients and potentially millions of cellphone users … Read More “Syniverse Hack” »