Tag Archive for: Puts

AIIMS cyber attack puts digital health ID plan under scanner

/in


NEW DELHI : The ransomware attack on the All India Institute of Medical Sciences (AIIMS), Delhi has brought the government’s Ayushman Bharat Digital Mission (ABDM) under the scanner, with the country’s premier teaching hospital promoting the use of Ayushman Bharat Health Account (ABHA) ID for out-patients registration of new and follow-up cases.

The Indian Computer Emergency Response Team (CERT-In) is conducting assessment and testing of ABDM services and other networks at the medical institute.

AIIMS on 23 November said it had come under a cyber attack and that an FIR had been filed with the Delhi Police.

On Friday Dr Bharati Pravin Pawar, union minister of state for health told the Lok Sabha the national nodal agency for responding to cyber security incidents, CERT-In, has empaneled information security auditing organizations for auditing. This includes “vulnerability assessment and penetration testing of the computer systems, networks and applications involving public service delivery including ABDM.”

“Immediate measures were taken by AIIMS, Delhi to enhance the security like endpoint hardening, string firewall policies and network segmentation to secure all the data of the institute.”

Pawar added that five physical servers of AIIMS, New Delhi, which hosted the e-hospital app of NIC, were affected.

“No specific amount of ransom was demanded by the hackers though a message was discovered on the server suggesting that it was a cyber-attack. All the data for e-Hospital has been retrieved from a backup server which was unaffected and restored on new servers,” she said.

Catch all the Business News, Market News,

Source…

Hack puts Latin American security agencies on edge

/in


MEXICO CITY — A massive trove of emails from Mexico’s Defense Department is among electronic communications taken by a group of hackers from military and police agencies across several Latin American countries, Mexico’s president confirmed Friday.

The acknowledgement by President Andrés Manuel López Obrador comes after Chile’s government said last week that emails had been taken from its Joint Chiefs of Staff.

The Mexican president spoke at his daily news conference following a local media report that the hack revealed previously unknown details about a health scare he had in January.

López Obrador downplayed the hack, saying that “there’s nothing that isn’t known.” He said the intrusion apparently occurred during a change of Defense Department systems.

But Chile was so concerned by the breach to its own systems that it called its defense minister back from the United States last week where she was attending the United Nations General Assembly with President Gabriel Boric.

The 10 terabytes of data taken by the group also include emails from the militaries in El Salvador, Peru and Colombia, as well as El Salvador’s National Police. The Mexico portion of the data appeared to be the largest.

A group of anonymous, self-described social justice warriors who call themselves Guacamaya say they use hacking to expose injustice and corruption in defense of Indigenous peoples. Hackers using the same name previously hacked and released the emails of a mining company long accused of human rights and environmental abuses in Guatemala.

In a statement accompanying the most recent action, the group complained of the plundering of Latin America, which it refers to as Abya Yala, by colonizers and the continuing extractivist goals of the “Global North.”

The group issued a 1,400-word comunique saying that the militaries and police of Latin American countries, often with extensive training by the United States, are used by governments “to keep their inhabitants prisoner.”

“The police minimize the risk that the people exercise their honorable right to protest, to destroy the system that oppresses them,” the group wrote.

The group said it would make the documents available to…

Source…

Okta hack puts thousands of businesses on high alert

/in


Okta, an authentication company used by thousands of organizations around the world, has now confirmed an attacker had access to one of its employees’ laptops for five days in January 2022 — but claims its service “has not been breached and remains fully operational.”

The disclosure comes as hacking group Lapsus$ has posted screenshots to its Telegram channel claiming to be of Okta’s internal systems, including one that appears to show Okta’s Slack channels, and another with a Cloudflare interface.

Any hack of Okta could have major ramifications for the companies, universities, and government agencies that depend upon Okta to authenticate user access to internal systems.

But in a statement on Tuesday afternoon, Okta now says that an attacker would only have had limited access during that five-day period — limited enough that the company claims “there are no corrective actions that need to be taken by our customers.”

Here’s what Okta chief security officer David Bradbury says is and isn’t at stake when one of its support engineers is compromised:

The potential impact to Okta customers is limited to the access that support engineers have. These engineers are unable to create or delete users, or download customer databases. Support engineers do have access to limited data – for example, Jira tickets and lists of users – that were seen in the screenshots. Support engineers are also able to facilitate the resetting of passwords and MFA factors for users, but are unable to obtain those passwords.

Writing in its Telegram channel, the Lapsus$ hacking group claims to have had “Superuser/Admin” access to Okta’s systems for two months, not just five days, that it had access to a thin client rather than a laptop, and claims that it found Okta storing AWS keys in Slack channels. The group also suggested it was using its access to zero in on Okta’s customers. The Wall Street Journal notes that in a recent filing Okta said it had over 15,000 customers around the world. It lists the likes of Peloton, Sonos, T-Mobile, and the FCC as customers on its website.

In a earlier statement sent to The Verge, Okta spokesperson Chris Hollis said the company has not…

Source…

BitMart Hack Puts Crypto’s Weakness on Display

/in


Well, crypto got hacked again. This time it was the exchange BitMart, which announced a hack of at least $150 million on the evening of Saturday, Dec. 4.

Blockchain security firm Peckshield — which spotted and tweeted out a warning of the leak about an hour and a half before BitMart CEO Sheldon Xia announced it — put the losses at closer to $200 million.

Read more: Crypto Exchange Bitmart Confirms $196M Lost in Security Breach

Saying that the stolen funds were “a small percentage of assets on BitMart,” Xia added that customers will not suffer any losses, promising “BitMart will use our own funding to cover the incident and compensate affected users.”

The theft comes less than a week after decentralized finance (DeFi) project BadgerDAO was hit for $120 million by a hacker who drained funds directly from users’ wallets. Which comes just four months after the mid-August attack in which a hacker drained a staggering $612 million from another DeFi project, Poly Network (and, strangely enough, promptly gave it all back).

DeFi is an especially inviting target, and the lack of central control means there’s less pushback against crooks. DeFi projects have been hit to the tune of $10 billion so far, according to a recnet report from crypto intelligence firm Elliptic.

Also read: DeFi Losses Top $10B From Exploits, Fraud, Theft

Then there were the 6,000 Coinbase users whose wallets were drained in a phishing attack in October.

So, what’s going on? Well, business as usual.

A Juicy Target

There’s a couple of reasons for all these hacks, starting with how large they are. When you’ve got the largest vault around, you’ll attract all the top criminals. Especially when, like crypto, your vault isn’t too secure.

Remember, one of the early ways bitcoin broke into mainstream consciousness was when a hacker drained $350 million in bitcoin from the Mt. Gox exchange in a February 2014 hack.

Part of the problem is that exchanges need “hot” wallets that are connected online for their ongoing transactions, which can run to billions of…

Source…