Tag Archive for: count

The SolarWinds Body Count Now Includes NASA and the FAA

/in


Some blasts from the past surfaced this week, including revelations that a Russia-linked hacking group has repeatedly targeted the US electrical grid, along with oil and gas utilities and other industrial firms. Notably, the group has ties to the notorious industrial-control GRU hacking group Sandworm. Meanwhile, researchers revealed evidence this week that an elite NSA hacking tool for Microsoft Windows, known as EpMe, fell into the hands of Chinese hackers in 2014, years before that same tool then leaked in the notorious Shadow Brokers dump of NSA tools.

WIRED got an inside look at how the video game hacker Empress has become so powerful and skilled at cracking the digital rights management software that lets video game makers, ebook publishers, and others control the content you buy from them. And the increasingly popular, but still invite-only, audio-based social media platform Clubhouse continues to struggle with security and privacy missteps.

If you want something relaxing to take your mind off all of this complicated and concerning news, though, check out the new generation of Opte, an art piece that depicts the evolution and growth of the internet from 1997 to today.

And there’s more. Each week we round up all the news we didn’t cover in depth. Click on the headlines to read the full stories. And stay safe out there.

In addition to infiltrating the unclassified networks of seven other US government agencies, the suspected Russian hackers who compromised the IT services firm SolarWinds as a jumping off point also penetrated NASA and the Federal Aviation Administration. Researchers and officials testified before the Senate Intelligence Committee on Tuesday about the scope and scale of the attack. The Washington Post reported ahead of the hearing that the Biden administration is preparing sanction against Russia related to the SolarWinds espionage operation and other recent incidents of aggression. The seven other breached agencies are the Departments of Commerce, Homeland Security, Energy, and State, the US Treasury, the National Institutes of Health, and the Justice Department. The White House said earlier this month that hackers also compromised 100 companies in the spree….

Source…

The count of managed service providers getting hit with ransomware mounts

/in
Scrabble letters sitting atop laptop computer spell Ransomware.

Enlarge / When MSPs get owned by ransomware, their customers can lose more than just access to an application. (credit: Getty Images)

When more than 20 local governments in Texas were hit this summer by ransomware in one day. The attack was apparently tracked back to one thing the organizations had in common: a managed service provider. With limited IT resources of their own, local governments have increasingly turned to MSPs to operate significant portions of their networks and applications, as have other organizations and businesses—often placing critical parts of their business operations in the MSPs’ hands. And that has made MSPs a very attractive target to ransomware operators.

Threat researchers at the global cloud security provider Armor have been tracking publicly-reported incidents in which MSP and cloud service providers have been hit with ransomware. Thus far, they have documented 13 such incidents this year—with 6 of them reported in the past few months.

The most recent publicly exposed victim is Billtrust, which as security journalist Brian Krebs reported, was hit by what BleepingComputer reported was BitPaymer ransomware (a report that has not been confirmed). BillTrust is an online invoicing and billing provider based in New Jersey that also provides credit decision services. Billtrust executives sent an email to customers on October 22, informing them of the attack, stating:

Read 3 remaining paragraphs | Comments

Biz & IT – Ars Technica

How to Count the Time Until a Date From Your Mac’s Menu Bar

/in

For those unaware, Progress Bar is a $ 5 app that drops a lovely little progress bar into your Mac’s Menu Bar. As time passes, the bar fills up. You pick the interval, either the day, the month …
mac hacker – read more

NYPD can’t count cash they’ve seized because it would crash computers

/in

(credit: See-ming Lee)

The New York City Police Department takes in millions of dollars in cash each year as evidence, often keeping the money through a procedure called civil forfeiture. But as New York City lawmakers pressed for greater transparency into how much was being seized and from whom, a department official claimed providing that information would be nearly impossible—because querying the 4-year old computer system that tracks evidence and property for the data would “lead to system crashes.”

The system, the Property and Evidence Tracking System (PETS), was built on top of SAP’s enterprise resource planning software platform and IBM’s DB2 database by Capgemini in 2012, and was used as a flagship case study by the company. PETS replaced the long-established paper-based evidence logging system used by the department, and was supposed to revolutionize evidence and property tracking. It was even submitted for the 2012 Computerworld Honors, an awards program honoring “those who use Information Technology to benefit society.”

Even with the system, however, the NYPD’s Assistant Deputy Commissioner Robert Messner told the New York City Council’s Public Safety Committee that the department had no idea how much money it took in as evidence, nor did it have a way of reporting how much was seized through civil forfeiture proceedings—where property and money is taken from people suspected of involvement in a crime through a civil filing, and the individuals whom it is seized from are put in the position of proving that the property was not involved in the crime of which they were accused.

Read 3 remaining paragraphs | Comments

Technology Lab – Ars Technica