Page 2 of 2 [ 29 posts ]  Go to page Previous  1, 2

Double Retired
Veteran
Veteran

User avatar

Joined: 31 Jul 2020
Age: 69
Gender: Male
Posts: 5,578
Location: U.S.A.         (Mid-Atlantic)

16 Feb 2024, 7:14 pm

"FBI director says Chinese hackers are 'poised to attack' as infiltrations reach 'fever pitch'"

Quote:
China's cyberattacks against the U.S. and its allies are reaching a "fever pitch," FBI director Christopher Wray warned at the Munich Cyber Security Conference on Thursday.

Wray spoke to allies at the conference about hackers affiliated with the Chinese Communist Party (CCP) that are known to have infiltrated critical U.S. infrastructure and remain "poised to attack" even now. The event is playing host to hundreds of security leaders from Western countries.

"You might find your companies harassed and hacked, targeted by a web of corporate CCP proxies," Wray told the leaders gathered in Germany. "You might also find PRC [People’s Republic of China] hackers lurking in your power stations, your phone companies and other infrastructure, poised to take them down when they decide you stepped too far out of line, and that hurting your civilian population suits the CCP."

"China-sponsored hackers pre-positioned for potential cyberattacks against U.S. oil and natural gas companies way back in 2011, but these days, it’s reached something closer to a fever pitch," he continued. "What we’re seeing now is China’s increasing build-out of offensive weapons within our critical infrastructure, poised to attack whenever Beijing decides the time is right."


_________________
When diagnosed I bought champagne!
I finally knew why people were strange.


Double Retired
Veteran
Veteran

User avatar

Joined: 31 Jul 2020
Age: 69
Gender: Male
Posts: 5,578
Location: U.S.A.         (Mid-Atlantic)

22 Feb 2024, 3:42 pm

"Rubio warns Chinese cyberattack 'will be 100 times worse' than AT&T outage: 'Your power, your water'"

Quote:
GOP Sen. Marco Rubio warned on social media that the AT&T outage affecting tens of thousands of Americans pales in comparison to what a potential China cyberattack would look like.

"I don’t know the cause of the AT&T outage," the Florida Republican posted on X on Thursday. "But I do know it will be 100 times worse when #China launches a cyber attack on America on the eve of a #Taiwan invasion.

"And it won’t be just cell service they hit, it will be your power, your water and your bank."

Rubio's warning came as tens of thousands of AT&T customers reported outages on Thursday morning for their home phone, internet and mobile phone services, according to Downdetector.

Who is Marco Rubio? :scratch:


_________________
When diagnosed I bought champagne!
I finally knew why people were strange.


Double Retired
Veteran
Veteran

User avatar

Joined: 31 Jul 2020
Age: 69
Gender: Male
Posts: 5,578
Location: U.S.A.         (Mid-Atlantic)

23 Feb 2024, 2:51 pm

"UnitedHealth says Change Healthcare hacked by nation-state, as US pharmacy outages drag on"

Quote:
Change Healthcare has not yet disclosed the specific nature of its cyberattack.

Pharmacies across the U.S. are reporting that they are unable to fulfill prescriptions through patients' insurance due to the ongoing outage at Change Healthcare, which handles much of the billing process.

Several people who work in the healthcare space and whose work is affected by the outage tell TechCrunch that they are experiencing downtime because of the ongoing cyberattack.


_________________
When diagnosed I bought champagne!
I finally knew why people were strange.


Double Retired
Veteran
Veteran

User avatar

Joined: 31 Jul 2020
Age: 69
Gender: Male
Posts: 5,578
Location: U.S.A.         (Mid-Atlantic)

24 Feb 2024, 7:11 pm

Ooooh! This news isn't about computer security!

"From Black Nazis to female Popes and American Indian Vikings: How AI went ‘woke’"

Quote:
Eight years ago, Google came under fire after an artificial intelligence (AI) tool mistakenly labelled pictures of black people as “gorillas” in its photo app.

Now its AI tools have been accused of racial bias once again after its Gemini bot generated ethnically diverse yet utterly implausible images of historical figures.

Its new Gemini AI is able to create images from text prompts alone. Yet the AI inserted black, Asian or American Indian characters into pictures when asked to create people from European or American history, even when those figures were all white.

Among the most absurd images were pictures of “diverse” Nazis, including black and Asian soldiers in Wehrmacht uniforms, and images of black and American Indian “Vikings”.


_________________
When diagnosed I bought champagne!
I finally knew why people were strange.


cyberdad
Veteran
Veteran

User avatar

Joined: 21 Feb 2011
Age: 56
Gender: Male
Posts: 34,608

24 Feb 2024, 8:16 pm

The prospect of cyberattack going nuclear has always been lurking in our collective memories since the paranoia over Y2K in 1999. A common fear is that foreign governments have planted sleeper killer codes in every computer in the world that when activated will destroy all electrical computer devices around the world (effectively sending us back to the horse and buggy age using gas lamps).



Double Retired
Veteran
Veteran

User avatar

Joined: 31 Jul 2020
Age: 69
Gender: Male
Posts: 5,578
Location: U.S.A.         (Mid-Atlantic)

10 Mar 2024, 1:56 pm

"Medicare providing emergency funds for doctors impacted by Change Healthcare cyberattack"

Quote:
Relief is coming for hospitals and healthcare providers still reeling from a cyberattack that crippled the nation's largest insurance processing company, leaving them unable to collect payments for weeks.

On Saturday, the Centers for Medicare and Medicaid Services announced it will expand its response to the Feb. 21 cybersecurity breach on Change Healthcare, a subsidiary of UnitedHealth Group, to include advance payments for Medicare Part B providers.

Since the attack, thousands of healthcare providers across the country have struggled to get paid. The emergency funds will allow for upfront payments.


_________________
When diagnosed I bought champagne!
I finally knew why people were strange.


Double Retired
Veteran
Veteran

User avatar

Joined: 31 Jul 2020
Age: 69
Gender: Male
Posts: 5,578
Location: U.S.A.         (Mid-Atlantic)

29 Mar 2024, 1:59 pm

"US Warns of Cyberattacks Against Water Systems Throughout Nation"

Quote:
The Biden administration is warning states to be on guard for cyberattacks against water systems, citing ongoing threats from hackers linked to the governments of Iran and China.

“Disabling cyberattacks are striking water and wastewater systems throughout the United States,” Environmental Protection Agency Administrator Michael Regan and National Security Advisor Jake Sullivan wrote in a letter to governors made public Tuesday. “These attacks have the potential to disrupt the critical lifeline of clean and safe drinking water, as well as impose significant costs on affected communities.”

Hackers affiliated with the Iranian Government Islamic Revolutionary Guard Corps have attacked drinking water systems, while a People’s Republic of China state-sponsored group, Volt Typhoon, has compromised information technology of drinking water and other critical infrastructure systems, the letter warned.


_________________
When diagnosed I bought champagne!
I finally knew why people were strange.


Double Retired
Veteran
Veteran

User avatar

Joined: 31 Jul 2020
Age: 69
Gender: Male
Posts: 5,578
Location: U.S.A.         (Mid-Atlantic)

31 Mar 2024, 2:24 pm

"AT&T notifies users of data breach and resets millions of passcodes"

Quote:
AT&T said it has begun notifying millions of customers about the theft of personal data recently discovered online.

The telecommunications giant said Saturday that a dataset found on the “dark web” contains information such as Social Security numbers for about 7.6 million current AT&T account holders and 65.4 million former account holders.

The company said it has already reset the passcodes of current users and will be communicating with account holders whose sensitive personal information was compromised.

It is not known if the data "originated from AT&T or one of its vendors,” the company said in a statement. The compromised data is from 2019 or earlier and does not appear to include financial information or call history, it said. In addition to passcodes and Social Security numbers, it may include email and mailing addresses, phone numbers and birth dates.


_________________
When diagnosed I bought champagne!
I finally knew why people were strange.


Double Retired
Veteran
Veteran

User avatar

Joined: 31 Jul 2020
Age: 69
Gender: Male
Posts: 5,578
Location: U.S.A.         (Mid-Atlantic)

16 May 2024, 7:20 pm

My in-basket had some links to these stories...

"Space assets are in foreign adversaries' cyber crosshairs, DOD official says"

Quote:
U.S. adversaries including China and Russia are showing increased interest in disrupting American space assets through cyberattacks that could cripple military communications, a top DOD cyber official said Thursday.

Deputy Assistant Secretary of Defense for Cyber Policy Mieke Eoyang said nation-state hackers are mulling disrupting space assets “at all segments,” and emphasized ground stations that transmit data to satellites and space stations are easiest to target.

“The cybersecurity of the space systems — the ways in which the information from space flows across networks to enable traffic — is something that we’re very worried about,” she told an audience at RSA Conference in San Francisco.

Ground segment space assets like mission control centers, launch facilities and other networking equipment used for relaying data are easiest to breach because defending them from intrusions often involves basic cybersecurity concepts that many other organizations don’t deploy, Eoyang said.



"Cyberthreat landscape permanently altered by Chinese operations, US officials say"
Quote:
Even if the U.S. government eventually ejects a notorious Chinese hacking operation that has tunneled into critical infrastructure entities, the sweeping digital campaign has permanently altered the cyberthreat landscape, federal officials say.

The hacking activity, labeled Volt Typhoon, remains a major focus of federal national security leaders, who have scrutinized the group’s capabilities as well as its intent — to cause disruption and sow societal panic, especially in the event of a military conflict — and concluded Beijing will not back away from that approach in the future.

The end result is that China has moved beyond the traditional goal of nation-state hacking operations — spying on an adversary — into something more sinister, the officials say.



"Iran most likely to launch destructive cyber-attack against US – ex-Air Force intel analyst"
Quote:
China remains the biggest cyber threat to the US government, America's critical infrastructure, and its private-sector networks, the nation's intelligence community has assessed.

This is probably not all that shocking to anyone paying attention to recent headlines warning of Beijing's cyber-snoops burrowing into energy facilities, emergency responder networks, and government officials' email inboxes and waiting to unleash some degree of chaos at Chinese President Xi Jinping's command.

But there's an often overlooked threat when it comes to cyber warfare capabilities, according to Crystal Morin, former intelligence analyst for the US Air Force and today cybersecurity strategist at Sysdig.

"A destructive cyber-attack against the United States would come from Iran before someone else," Morin told The Register. Check out our full interview below with Morin to find out her reasoning.



"Report: US Cybersecurity Makes Major Gains Amid New Threats"
Quote:
The United States' cyber posture has made steady and significant improvements over the past year despite an ever-changing threat landscape and emerging technologies that stand to reshape the global digital ecosystem, according to the nation's first-ever federal cybersecurity posture report.

The U.S. is "in the midst of a fundamental transformation" in national cybersecurity, the Office of the National Cyber Director said in a Tuesday report that assesses a wide variety of cybersecurity threats. The office also released an accompanying update to the 2023 National Cyber Strategy Implementation Plan that adds 31 new initiatives to the strategy and directs six federal agencies to lead cyber initiatives for the first time.

Despite the White House advancing "an affirmative vision for a safe, prosperous and equitable digital future," National Cyber Director Harry Coker acknowledged in a letter accompanying the report that "the threats we face remain daunting, our defenses are not impregnable and our work continues to evolve to meet the changing landscape."

ONCD described artificial intelligence as "one of the most powerful, publicly accessible technologies of our time" and said advances throughout 2023 in large-language models and other foundational algorithms "presented opportunities and challenges for cyber risk management at scale." The report warned that cybercriminals with limited resources and technical expertise can use AI to conduct malicious cyber activity, while AI-enabled surveillance and censorship have enabled authoritarian regimes "to more effectively and efficiently target journalists, dissidents and human rights defenders."

The implementation plan prioritizes defending critical infrastructure and essential services, calling for healthcare and public health sector-specific cybersecurity performance goals and the establishment of an Education Facilities Subsector Government Coordinating Council. The plan also calls for the adoption of cybersecurity best practices across the water and wastewater systems sector.

ONCD focused on the increasing reliance among critical infrastructure owners and operators on third-party cloud service providers and said that cloud migrations and hybrid deployments can often introduce complex centralized logging and authentication regimes that can allow threat actors to hack identity management systems.


_________________
When diagnosed I bought champagne!
I finally knew why people were strange.


Double Retired
Veteran
Veteran

User avatar

Joined: 31 Jul 2020
Age: 69
Gender: Male
Posts: 5,578
Location: U.S.A.         (Mid-Atlantic)

31 May 2024, 7:06 pm

"Chinese hackers hide on military and govt networks for 6 years"

Quote:
A previously unknown threat actor dubbed "Unfading Sea Haze" has been targeting military and government entities in the South China Sea region since 2018, remaining undetected all this time.

Bitdefender researchers who discovered the threat group report that its operations align with Chinese geo-political interests, focusing on intelligence collection and espionage.




"EPA Issues Alert After Finding Critical Vulnerabilities in Drinking Water Systems"
Quote:
Inspections conducted by the EPA since September 2023 found that more than 70% of water systems do not fully comply with the Safe Drinking Water Act. The inspections found that some systems have critical cyber vulnerabilities, including ones introduced by the use of default passwords and authentication systems that can be easily compromised.


_________________
When diagnosed I bought champagne!
I finally knew why people were strange.


Double Retired
Veteran
Veteran

User avatar

Joined: 31 Jul 2020
Age: 69
Gender: Male
Posts: 5,578
Location: U.S.A.         (Mid-Atlantic)

20 Jun 2024, 1:13 pm

"Microsoft Accepts Responsibility for U.S. Government Security Breaches"

Quote:
Microsoft president Brad Smith in sworn testimony before a congressional committee this week said with humility the company accepts full responsibility for every cybersecurity issue raised in a recent Cyber Safety Review Board report created by multiple officials from several U.S. government agencies including the Department of Homeland Security, the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI).

The investigation was commissioned by President Biden in response to Microsoft disclosing that a Chinese hacking group referred to as “Storm-0558” was responsible for a security breach that led to the access of the email accounts belonging to multiple Federal agencies.

Rep. Mark Green, MD (R-TN), chairman of the House Committee on Homeland Security, noted the unsophisticated attack that the U.S. State Department first discovered, has raised doubts about Microsoft’s ability to ensure U.S. national security. The report concludes that the internal culture at Microsoft needs an overhaul following a cyberattack on Federal agencies that exploited a vulnerability, first disclosed in 2016.


Personal suspicion...their products have so much code that has been worked on iteratively by a large number of people over such a long period of time that the code might as well be labeled "Here be dragons!"

Realistically, I doubt they can be sure which parts of the code are still needed to perform which functions. They just have to leave the code in place in case the code is needed.

And this cynical opinion is not limited to Microsoft products.


_________________
When diagnosed I bought champagne!
I finally knew why people were strange.


Double Retired
Veteran
Veteran

User avatar

Joined: 31 Jul 2020
Age: 69
Gender: Male
Posts: 5,578
Location: U.S.A.         (Mid-Atlantic)

20 Jun 2024, 2:42 pm

"CDK's cyber outage hits US auto dealers for second day in a row"

Quote:
CDK told Reuters it was working to reinstate its services and get its dealers back to business "as quickly as possible".

The company, which provides software to car dealerships, briefly shut down all its systems on Wednesday, saying it was investigating a cyber incident.


_________________
When diagnosed I bought champagne!
I finally knew why people were strange.


Double Retired
Veteran
Veteran

User avatar

Joined: 31 Jul 2020
Age: 69
Gender: Male
Posts: 5,578
Location: U.S.A.         (Mid-Atlantic)

12 Jul 2024, 4:24 pm

"10 billion passwords have been leaked on a hacker site. Are you at risk?"

Quote:
The 10 billion passwords included in a file uploaded by a user named ObamaCare are not all new, Cybernews said.

Cybernews said its team "cross-referenced the passwords included in the RockYou2024 leak with data from Cybernews’ Leaked Password Checker, which revealed that these passwords came from a mix of old and new data breaches."

The passwords on the document have likely been collected from more than 4,000 databases over the last 20 years, Cybernews said.

“In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world. Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks,” Cybernews said.

Credential stuffing is when hackers take information, such as passwords, from one data leak and attempt to log onto other websites, which can be very damaging to businesses and consumers, Cybernews said.

The recent wave of hacks targeting several sites including Ticketmaster were the result of credential stuffing attacks, said Cybernews.

Three years ago, a leak of 8.4 billion passwords called RockYou2021 was posted on a hacker site. At the time it was the largest password leak.

Cybernews said its analysis determined that the 10 billion leaked passwords in the RockYou2024 document included 1.5 billion new passwords leaked from 2021 through 2024.


_________________
When diagnosed I bought champagne!
I finally knew why people were strange.