Tag Archive for: Sophisticated

Aniview Renews Partnership with HUMAN to Continue Safeguarding Its Video Ad Platform From Sophisticated Bot Attacks

/in


NEW YORK–()–Aniview (https://www.aniview.com/), a global video technology company playing a central role in delivering digital advertising for publishers, and HUMAN (https://www.humansecurity.com/) Security Inc., a global leader in collective protection against sophisticated bot attacks and fraud, renew their partnership to help Aniview protect its customers’ inventory from sophisticated automated cybersecurity risks. This further strengthens the two companies’ partnership, empowering publishers and advertising networks on the Aniview platform continued access to HUMAN’s MediaGuard advertising fraud product.

Twenty-twenty-one was a tumultuous year (https://www.securitymagazine.com/articles/96496-ddos-attacks-and-botnets-in-2021-mozi-takedowns-and-high-frequency-attacks-reshape-the-threat-landscape) for botnet attacks, with PARETO (https://www.humansecurity.com/newsroom/human-formerly-white-ops-together-with-newly-formed-human-collective-and-industry-leaders-google-roku-announces-discovery-and-disruption-of-pareto-ctv-botnet), a highly sophisticated fraud operation, amassing an army of nearly one million bots to target CTV ad-ecosystems via mobile apps. The botnet used dozens of mobile apps to impersonate or spoof more than 6,000 CTV apps, accounting for an average of 650 million ad requests every day. PARETO used sophisticated techniques to hide its identity across the ecosystem, but was ultimately discovered and disrupted by HUMAN and the Human Collective in April 2021.

By renewing its partnership with HUMAN, Aniview is able to successfully identify and further eliminate threats of this nature from within its platform. The successful exposure of PARETO was enabled by Aniview’s dedicated approach to implementing HUMAN’s guidance, including adopting all industry anti-fraud standards across their platform and installing a dedicated quality leader. It has also better prepared Aniview and its customers for further cybersecurity challenges for the road ahead, placing it on stronger footing for the next generation of ad fraud attacks from bad actors.

“We’re incredibly pleased to continue our successful relationship with HUMAN,” says Alon…

Source…

68K affected by data theft, ‘sophisticated’ network hack of health nonprofit Advocates

/in


A number of breaches were reported in the healthcare sector, though not all are yet listed on the Department of Health and Human Services breach reporting tool.(Photo by Alex Wong/Getty Images)

Approximately 68,000 individuals who’ve received services from Advocates are being notified that their personal and protected health information was stolen during a four-day hack in September 2021. Advocates also provided notice to certain employees, whose data was exfiltrated during the hacking incident.

Advocates is a nonprofit organization based in Massachusetts that provides a range of services for individuals requiring support with addiction, autism, brain injury, mental health, addiction, and other health conditions.

First discovered on Oct. 1, the nonprofit was notified that its data had been exfiltrated from its digital environment by a threat actor. Advocates took action to secure the system and engaged with an outside cybersecurity firm to investigate the scope of the incident.

The investigation found that a hacker gained access to the network between Sept. 14 and Sept. 18, 2021 through a “sophisticated cyberattack” on its network. During that time, the attacker gained access to and copied data tied to both current and former individuals served by Advocates.

The stolen data included names, contacts, Social Security numbers, dates of birth, client identification numbers, health insurance information, diagnoses, and treatments.

Advocates is cooperating with the ongoing FBI investigation, while taking steps to bolster its security to prevent a recurrence. All impacted individuals will receive free credit monitoring and identity theft protection services.

St. Lucie County reports 4-year hack of drug screening lab

Over the course of four years, a misconfiguration error in the St. Lucie County’s Drug Screening Lab’s web portal allowed for certain data to be accessible by unauthorized parties. The breach is not yet listed on the HHS reporting tool, so it’s not yet known how many individuals have been affected.

“After an extensive forensic investigation and thorough review of the data impacted,” SLC discovered the unauthorized access to the portal data on Dec. 28. The exposure…

Source…

Sophisticated cyber-attack targets Red Cross Red Crescent data on 500,000 people – World

/in


A sophisticated cyber security attack against computer servers hosting information held by the International Committee of the Red Cross (ICRC) was detected this week.

The attack compromised personal data and confidential information on more than 515,000 highly vulnerable people, including those separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention. The data originated from at least 60 Red Cross and Red Crescent National Societies around the world.

The ICRC’s most pressing concern following this attack is the potential risks that come with this breach — including confidential information being shared publicly — for people that the Red Cross and Red Crescent network seeks to protect and assist, as well as their families. When people go missing, the anguish and uncertainty for their families and friends is intense.

“An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised,” said Robert Mardini, ICRC’s director-general. “This cyber-attack puts vulnerable people, those already in need of humanitarian services, at further risk.”

The ICRC has no immediate indications as to who carried out this cyber-attack, which targeted an external company in Switzerland the ICRC contracts to store data. There is not yet any indication that the compromised information has been leaked or shared publicly.

“While we don’t know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them,” said Mr Mardini. “Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world’s least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data.”

The ICRC along with the wider Red Cross and Red Crescent network jointly runs a program called Restoring Family Links that seeks to reunite family members separated by conflict, disaster or migration….

Source…

APT focus: ‘Noisy’ Russian hacking crews are among the world’s most sophisticated

/in


Unpacking the Matryoshka dolls behind Kremlin-backed cybercrime campaigns

APT focus: 'Noisy' Russian hacking crews are among the world's most sophisticated threat groups

State-sponsored Russian cyber espionage groups are among the most sophisticated of the nation-state threat actors, with an added flair for deception that makes them the canniest of adversaries.

Experts quizzed by The Daily Swig said that Russian cyber-threat actors are among the best in the world, on a par with the top groups operating out of China, and with similar capabilities to western intelligence agencies – especially those with close links to the Federal Security Service (FSB) or military.

What are the techniques and tactics of Russian threat actors?

Russian state-sponsored actors typically have more sophisticated tactics, techniques, and procedures (TTPs) alongside custom malware development capabilities and tighter operational security when compared to other groups.

Xueyin Peh, senior cyber threat intelligence analyst at Digital Shadows, told The Daily Swig: “Russia-linked APT groups are arguably some of the most technically advanced state-sponsored threat groups.

“They have used techniques that enable them to remain undetected for long periods of time, such as in the supply chain attack leveraging SolarWinds’ Orion Platform (which likely began as early as Spring 2020 but was only made known publicly in December 2020).

“This large-scale intrusion and the multiple techniques used to obfuscate their activity are testament to the technical prowess of these groups. In comparison, very few other state-associated APT groups – probably only those linked to the People’s Republic of China – have conducted supply chain attacks of similar scale,” Peh added.

The recent SolarWinds campaign that drew so much attention to the threat of Russian cyber espionage was actually atypical for Russian actors in its use of a technology supply chain access vector, according to some threat intel experts.

SOLARWINDS ATTACK Hackers could have launched supply chain attack months earlier than previously thought

Paul Prudhomme, head of threat intelligence advisory at IntSights, explained: “Russian cyber espionage groups have not historically used such attack vectors on any…

Source…