Cyber Security Executive Confesses To Hacking Hospitals


Vikas Singla, an ex-COO of the US cybersecurity firm Securolytics has confessed to hacking two US hospitals with the intention to generate business for the company he was working for. In Court, Singla admitted responsibility for attacking the hospitals in Atlanta, part of the Gwinnett Medical Center.

Singla’s actions disrupted the hospital’s printers, phone systems and a digitizer (a device that allows input of handwritten notes into a computer) which resulted in financial losses exceeding $800,000 for Gwinnett Medical Center.

According to Cybernews, as part of the incident that occurred in September 2018, Singla disabled several hundred ASCOM phones used by the hospital staff, severely affecting the hospital’s work. That same day, he extracted several hundred patient names, dates of birth, and other data that was attached to a mammography machine. He later hijacked 200 printers in both hospitals and started printing the patient names that he stole, followed by a message reading “WE OWN YOU”.

He subsequently attempted to generate publicity about the attack, including the bpublication of information obtained without authorisation from the digitizer, with the aim to generate business for his company.

Singla set up a Twitter account several days later to post dozens of messages claiming that Gwinnett Medical Center was hacked and exposed stolen patient details to prove his point.  When the attack was complete, Securolytics emailed potential clients using the Gwinnett Medical Center hack as an example of inadequate security measures.

According to reports, prosecutors will recommend a sentence of 5 years probation, although the Judge can impose a maximum term of imprisonment of 10 years at a sentencing hearing scheduled in February next year.

Cybernews:    Washington Post:    New York Times:    I-HLS:     Bleeping Computer:    Lemmy:

Image: ckstockphoto

You Might Also Read: 

US Hospitals Knocked Offline For Weeks:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access,…

Source…

ChatGPT Spit Out Sensitive Data When Told to Repeat ‘Poem’ Forever


OpenAI didn’t immediately respond to WIRED’s request for comment on the researchers’ findings. When we tried the “repeat ‘poem’ forever” and “repeat ‘book’ forever” prompts ourselves, they didn’t produce training data but instead threw up flags for a potential violation of ChatGPT’s terms of use, suggesting at least some instances of the problem may have been fixed.

In the midst of Israel’s ongoing war with Hamas, US and Israeli government agencies on Friday warned that hackers calling themselves “Cyberav3ngers” but working for Iran’s Revolutionary Guard Corps had breached the networks of multiple US water and wastewater utilities. The breaches, which affected “less than 10” utilities, according to a CNN source, aimed to deface computer screens in the facilities with an anti-Israel message. In each case, the hackers took advantage of vulnerabilities in equipment sold by Unitronics, an Israeli company. “You have been hacked, down with Israel. Every equipment ‘made in Israel’ is Cyberav3ngers legal target,” some of the defaced screens read. While the intrusions appear to have been opportunistic and aimed at sending a message, the ability of a foreign government to gain broad access to US critical infrastructure led the Cybersecurity and Infrastructure Security agency to brief members of Congress on the hacking campaign on Thursday.

In a sprawling bust that spanned multiple Ukrainian cities, at least five key members of a ransomware gang were arrested this week in raids coordinated by Europol along with law enforcement agents from Ukraine, the US, Canada, the Netherlands, and other European countries. The group’s members are accused of deploying multiple ransomware variants including LockerGoga, Hive, MegaCortex, and Dharma. According to Ukrainian police, the gang allegedly did at least $82 million in damage in attacks that encrypted more than a thousand servers on victim networks over the past five years.

In a very different sort of Ukrainian criminal case, Ukrainian law enforcement this week detained Viktor Zhora, the deputy director of the State Special Communications Service of Ukraine, its agency focused on cybersecurity. Zhora, along with the agency’s…

Source…

Fraudsters attack Booking.com customers after hacking hotels


Fraudsters, Booking.com, customers, hacking hotels
Image Source : FILE Fraudsters attack Booking.com customers after hacking hotels

This year, we witnessed larger cybercrime cases which upscaled across the world. Recently, cybersecurity researchers have warned people about a new scam that was targeting Booking.com customers. The hackers are posting advertisements on the Dark Web and asking for help in finding victims. This time, the hackers are targeting accommodation that has been listed on the platform to imitate the staff members.

How are hackers operating now?

At present, the scam is being investigated by the cyber-security firm named Secureworks, which is involved in the deployment of the Vidar infostealer to steal a hotel’s Booking.com credentials.

Access to the Booking.com management portal will enable the threat to see the upcoming bookings and will directly message the guests, as per Secureworks- the cybersecurity firm.

Although the portal of Booking.com has not been hacked, the hackers have come up with several ways to get into the administration portals of individual hotels which use the service.

Hackers are compensating this time

Hackers are offering USD 30 to USD 2,000 per valid log with additional incentives for regular suppliers.

As per the reports, hackers will be making so much money in their attacks that they are now offering to pay thousands of dollars to the criminals who share access to the hotel’s portal.

The spokesperson of Booking.com stated that they are aware that some of its accommodation partners are being targeted by the hackers by “using a host of known cyber-fraud tactics”, the BBC report states.

Secureworks incident responders have noted further that the threat actor has initiated contact by emailing a member of the hotel’s operations staff.

The security team noted, “The sender claimed to be a former guest who had lost an identification document (ID), and they requested the recipient’s assistance in finding it. The email did not include an attachment or malicious links, and it was likely intended to gain the recipient’s…

Source…

Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware


Dec 02, 2023NewsroomCybercrime / Malware

TrickBot Malware

A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced.

Vladimir Dunaev, 40, was arrested in South Korea in September 2021 and extradited to the U.S. a month later.

“Dunaev developed browser modifications and malicious tools that aided in credential harvesting and data mining from infected computers, facilitated and enhanced the remote access used by TrickBot actors, and created a program code to prevent the TrickBot malware from being detected by legitimate security software,” the DoJ said.

“During Dunaev’s participation in the scheme, 10 victims in the Northern District of Ohio, including Avon schools and a North Canton real-estate company, were defrauded of more than $3.4 million via ransomware deployed by TrickBot.”

Cybersecurity

Dunaev, who pleaded guilty to committing computer fraud and identity theft and conspiracy to commit wire fraud and bank fraud, faces a maximum of 35 years in prison. He is scheduled to be sentenced on March 20, 2024.

Dunaev is also the second TrickBot gang malware developer to be arrested after Alla Witte, a Latvian national who, was sentenced to two years and eight months in prison in June 2023.

The development came nearly three months after the U.K. and U.S. governments sanctioned 11 individuals suspected of being part of the TrickBot cybercrime group.

TrickBot, which started off as a banking trojan in 2016, evolved into a multi-purpose tool capable of delivering additional payloads to infected hosts and acting as an initial access facilitator for ransomware attacks.

Cybersecurity

After surviving law enforcement to dismantle the botnet, the infamous Conti ransomware crew gained control over the operation. However, both Conti and TrickBot suffered a major blow last year following Russia’s invasion of Ukraine, when Conti pledged allegiance to Russia.

This led to a series of leaks dubbed ContiLeaks and TrickLeaks that gave away valuable information about their internal chats and infrastructure, ultimately resulting in the shut down of Conti and its disintegration into numerous other groups.

Found this article…

Source…