SolarWinds Hackers Seek Their Next Big Score

The eternal cybercriminal The cat and mouse game continues this week with an international collaboration law enforcement operations, Dark HunTor, resulting in 150 arrests of alleged dark web vendors and the seizure of $ 31.6 million in cash and cryptocurrency and 230 kilograms of drugs. The action targeted retailers selling their wares on the dark web marketplace DarkMarket, which was shut down by German police in January. Meanwhile, ransomware gangs continue their attacks. The Russian group Sadness, seems to be a front for the permitted ransomware gang Evil Corp, claims to have hit the National Rifle Association this week. The apparent incident is the latest in a series of attacks in which victims have to consider the potential consequences of violating penalties if they want to pay.

British digital identity company Yoti says a machine learning-based image analysis tool is possible predict the age of people between 6 and 60. The tool can be used to enforce minimum ages on platforms and keep kids safer online, but it raises questions about how much digital surveillance is too much. Blind and visually impaired individuals have once again won a DMCA exemption that allows them break down digital rights management protections in ebooks and create accessible versions. But the exemption is still temporary, and promoters will have to fight to win it again in three years. They said the move should be permanent.

Google’s Pixel 6 and 6 Pro have a few advanced security features, thanks to their Tensor processors, Google’s first custom-built Pixel system-on-a-chip. If you need some security tips for Windows, though, we’re around 11 of the most important settings to focus on. Plus, we have updated recommendations if you will looking for a reliable VPN.

And many more! Every week we gather all the security news that is not covered by WIRED. Click on the titles to read the full stories, and stay safe there.

Russian SVR foreign intelligence service hacking group known as Nobelium and Cozy Bear is targeting a new wave of international IT companies embedded in the global supply chain, according to a warning from Microsoft today semanaha. As poorly as network management company SolarWinds did in 2020, the group is looking to compromise key — but often relatively obscure — tech companies as an invisible springboard to attack its own customers of the target company. This time, Tom Burt, Microsoft’s vice president of security and customer confidence, says Nobelium is pursuing managed cloud service providers and technology vendors. Burt says the Nobelium will be productive throughout the summer. Between July 1 and October 19 the company informed 609 customers that they had been attacked 22,868 times in the group-almost the same number of attacks Microsoft has seen from Cozy Bear in the past three years combined. Burt added, however, that all of this new targeting has a “success rate below a number.”

“This recent activity is another indication that Russia is trying to gain long-term, systematic access to various points in the technology supply chain and establish a mechanism for surveying-now or in future – target interests of the Russian government, ”Burt wrote. The spies will watch.

A hack on Tuesday targeting Iranian gas stations knocked out nearly every subsidized payment terminal for bombs for several days, leading to long lines and chaos. “There must be serious preparedness in the field of cyberwar, and the relevant bodies must not allow the enemy to pursue their nefarious intentions,” said Iranian president Ebrahim Raisi. No one has claimed responsibility for the attack and Raisi has not blamed it, but he has indicated that he believes anti-Iranian actors were behind the attack. During the attack, payment terminals reportedly read “cyberattack 64411,” a reference to a religious hotline run by the office of Supreme Leader Ayatollah Ali Khamenei. The number “64411” also indicates a July attack on Iran’s national railroad.

Europol announced the arrest of 12 people on Friday with alleged links to ransomware attacks on corporations and critical infrastructure that apparently affected more than 1,800 people in 71 countries. . Law enforcement from eight countries cooperated in the action and seized more than $ 52,000 in cash, five luxury vehicles, and a set of electronic devices. The attacks used several ransomware, including LockerGoga, MegaCortex, and Dharma.

A bug in the medical records app Docket has revealed data on New Jersey and Utah residents who were vaccinated against Covid-19. Both states have specifically endorsed the app, which allows people to download the digitally signed version of their paper vaccination card. Like other “vaccine passports,” Docket allows users to access their vaccination record as a visible card or a scanned QR code. The vulnerability allows anyone to access other users ’QR codes and corresponding personal data. It includes names, date of birth, and vaccination information such as vaccination date and brand used. TechCrunch discovered the bug on Tuesday and notified the company that day. Docket said within hours it fixed the bug by making server-level changes. The company is in the process of reviewing its logs to see if anyone is clearly abusing the error before it is disclosed.

Lots of Great WIRED Stories

Source link


Leave a Reply

Your email address will not be published. Required fields are marked *