Tag Archive for: Exposed

‘Empire of hacking’ exposed: China Daily editorial

/in


Although the Central Intelligence Agency had acquired exceptional experience in overthrowing governments by triggering “peaceful evolution” or instigating “color revolutions” in other countries before the emergence of the internet, it is the advancement of information and communication technology, in which the US enjoys huge advantages, that has greatly boosted the intelligence agency’s capability to accomplish its goals in the new century.

The disintegration of the Soviet Union — the United States established the CIA in 1947 to counter Soviet intelligence wings — transformed the former socialist republics in Eastern and Central Europe, and created a golden opportunity for the CIA to trigger “color revolutions” in the region as well as in the Middle East and Central Asia.

The end of the Cold War gave the CIA the reason to help establish the US’ global hegemony by exploiting its advantages in cyberspace to infiltrate, spy on and subvert other countries’ governments.

A report “Empire of Hacking: the US Central Intelligence Agency — Part I” jointly published by China’s National Computer Virus Emergency Response Center and the 360 Total Security, a Chinese cybersecurity company, on Thursday deserves credit for not only its systematic and professional approach to the ugly role of the CIA, but also its advice to the agency’s “victims all around the world” in order to help them better respond to the US’ cyberattacks and manipulations.

The report can also be seen as part of China’s efforts to help build a community with a shared future in cyberspace, because it regards maintaining silence in the face of the CIA’s dirty tricks as being complicit in the US’ overall destructive strategy.

The report says that, working with US internet companies, the CIA provides encrypted network communication services, and reconnects service and on-site command communication tools directly for its proxies in targeted countries and regions. For instance, a software called RIOT, developed and promoted jointly by US companies and the CIA, helps the intelligence agency to remote control its pawns triggering demonstrations and riots in other countries, by ensuring they have reliable…

Source…

Throne fixes security bug that exposed creators’ private home addresses

/in


A recently fixed security bug at a popular platform for supporting creators shows how even privacy-focused platforms can put creators’ private information at risk.

Throne, founded in 2021, bills itself as “a fully secure, concierge wishlist service that acts as an intermediary between your fans and you.” Throne claims to support more than 200,000 creators by shipping out thousands of their wish list items per day, all the while protecting the privacy of the creators’ home address.

The idea is that online creators, like streamers and gamers, can publish a wish list of gifts that supporters can buy, and Throne acts as the go-between. “Your fans pay for the gifts and we handle the rest,” its website reads. “We make sure that the payment gets processed, that the item gets sent, and most importantly, that your private information stays private.”

But a group of good-faith hackers found a vulnerability that undermined that claim and exposed the private home addresses of its creator users.

Enter Zerforschung, the German collective of security researchers behind its latest discovery. You may remember the collective from December when they found and disclosed major security bugs in social media alternative Hive, which sprung to popularity in the exodus from Twitter under Elon Musk’s new ownership. Hive briefly shut itself down to fix the vulnerabilities found by Zerforschung, which allowed anyone to modify anyone else’s posts and access other people’s private messages.

Zerforschung told TechCrunch that they discovered the vulnerability in how the company set up its database, hosted on Google’s Firebase, to store data. The researchers said that the database was inadvertently configured to allow anyone on the internet to access the data inside, including session cookies for its Amazon accounts from the database, which can be used to break into an account without needing the password.

Session cookies are small bits of code that sit on your computer or device to keep users logged into apps and websites without having to repeatedly re-enter a password or sign-in with two-factor authentication. Because session cookies keep the user logged in, they can be an…

Source…

Hacking healthcare: With 385M patient records exposed, cybersecurity experts sound alarm on breach surge

/in


Healthcare companies more than ever are using electronic records and tapping digital services. That’s also creating more opportunities for cybercriminals — who already have exposed the private medical information of millions of patients — and bolsters the case for the industry to make security priority No. 1, experts say.

Healthcare breaches have exposed 385 million patient records from 2010 to 2022, federal records show, though individual patient records could be counted multiple times.

Hacking incidents, a type of breach, at healthcare firms have skyrocketed in the past five years as cybercriminals demand ransoms in exchange for restoring access to sensitive medical data.

Hacking or IT incident is the most common breach type

Other types include unauthorized access/disclosure, theft, loss, improper disclosure, other and unknown.

While healthcare companies have to improve their cybersecurity given the rise in breaches and cyberattacks, regulators need to raise the bar on cybersecurity standards, experts told Healthcare Dive.

“Could all these organizations do a better job? Absolutely,” said Jim Trainor, former assistant director of the Cyber Division at the Federal Bureau of Investigation and who is now a senior vice president of Aon Cyber Solutions, a global professional services firm.

Disrupting any one of the nation’s 16 critical infrastructure sectors, including the healthcare industry, poses a national security threat. These sectors are vital to daily life for millions of Americans and disabling them would have a debilitating effect on society, according to the Cybersecurity and Infrastructure Security Agency, or CISA, the country’s cyber defense agency.


Cyberattacks that disrupt hospital operations put patients’ lives at risk. The FBI said that the healthcare industry was hit the hardest by ransomware attacks in 2021 compared to other critical infrastructure. And the threats come as hospitals struggle with staffing shortages and financial pressures exacerbated by the COVID-19 pandemic.

In the wake of a ransomware attack on one of the nation’s largest hospital operators last year, Healthcare Dive analyzed more than 5,000 breaches…

Source…

Former city worker speaks out after personal data exposed in Oakland ransomware attack

/in


Former city worker speaks after personal data exposed in Oakland ransomware attack

A former employee for the City of Oakland speaks out after he received an alert from his credit card company notifying him that his personal information was on the dark web.

OAKLAND, Calif.The Oakland ransomware attack involves personal data of current and former employees going back to 2010, according to city officials.

An ex-worker whose information was exposed spoke out Thursday, calling the situation a “disaster.”

David Cruise, is himself a former state disaster official, and he also served as Oakland’s public safety systems advisor.

“This morning, I woke up to a credit card alert saying my information was leaked onto the dark web,” Cruise said. “My social security number. My date of birth. My name. My home address.”

Cruise says he’s one of the victims whose personal information was compromised in the Oakland ransomware attack that was first detected a month ago.

The city now says current and former workers, going back to 2010, had their personal information stolen.

“We’re all scrambling right now to go to the different credit bureaus to put security freezes on our accounts, put fraud alerts on our accounts,” Cruise said.

Cruise was Oakland’s public safety systems advisor from 2012 to 2015, overseeing police radio systems and technology. He also has worked for the California Office of Emergency Services, handling disasters. 

The irony that he’s now a victim isn’t lost on him.

“This is a massive, massive disaster,” Cruise said.

Oakland City Councilman Noel Gallo said Thursday that the city is still negotiating with the hackers.

“I’m shocked by what I’m hearing on a daily basis,” Gallo said. “It’s really alarming. It’s a new day. I’ve never been through an experience like this with government.”

Boston College cyber expert Kevin Powers said, “So they have a treasure trove of information on the employees and probably citizens as well.”

Breaking down ransomware attack

Justin Giardina of 11:11 Systems shares insight into ransomware attacks.

Powers said Oakland is likely digging in its heels with the hackers.

“Definitely the unwillingness to pay, and I think that’s a smart move by the City…

Source…