News – Page 511

Cyber-attacks: What is hybrid warfare and why is it such a threat?

Posted on 23 July 2021

From livemint.com

The scale of cyber-attacks conducted at a military level signals the involvement of state actors behind the scenes to organise or encourage these attacks (iStockphoto)

LONDON : Washington and Moscow are engaged in a war of words over a spate of ransomware attacks against organisations and businesses in the US and other countries. These increasingly sophisticated cyber-attacks represent a new type of warfare aimed at disorganising and even destroying a nation’s economy.

This has been called “hybrid warfare“. It’s a mixture of conventional and unconventional methods used against a much stronger adversary that aims to achieve political objectives that would not be possible with traditional warfare.

Akamai DNS global outage takes down major websites, online services

Posted on 23 July 2021

From bleepingcomputer.com

Worldwide Akamai DNS outage takes down major sites, online services

Akamai is investigating an ongoing outage affecting many major websites and online services, including Steam, the PlayStation Network, Newegg, AWS, Amazon, Google, and Salesforce.

While the company has already acknowledged the issue, pinning it on an Edge DNS service problem, Akamai is still trying to find the underlying cause behind the incident.

“We are aware of an emerging issue with the Edge DNS service,” the company said in an Edge DNS Service Incident notice.

“We are actively investigating the issue. If you have questions or are experiencing impact due to this issue, please contact Akamai Technical Support.

Chinese State-Sponsored Hackers Have Breached 13 US Oil And Natural Gas (ONG) Pipeline Companies

Posted on 23 July 2021

From cybersecuritynews.com

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint advisory stating, State-sponsored Chinese hackers breached 13 US oil and natural gas pipeline operators from 2011 through 2013.

CISA advisory mentions that “ Overall the U.S. Government identified and tracked 23 U.S. natural gas pipeline operators targeted in this spearphishing and intrusion campaign. Of the known targeted entities, 13 were confirmed compromises, 3 were near misses, and 7 had an unknown depth of intrusion.”

The actors behind this campaign particularly targeting U.S. pipeline infrastructure to hold U.S. pipeline infrastructure at risk.

CISA and the FBI judge that this activity was eventually intended to help China develop cyberattack capabilities against U.S. pipelines to physically damage pipelines or disrupt pipeline operations.

Thousands of Humana customers have their medical data leaked online by threat actors

Posted on 22 July 2021

From securityaffairs.co

An SQL database containing what appears to be highly sensitive health insurance data of more than 6,000 patients has been leaked on a popular hacker forum.

The author of the post claims that the data was acquired from US insurance giant Humana and includes detailed medical records of the company’s health plan members dating back to 2019. The leaked information includes patients’ names, IDs, email addresses, password hashes, Medicare Advantage Plan listings, medical treatment data, and more.

How (and Why) Hacker Forums Self-Moderate

Posted on 22 July 2021

From securityboulevard.com

“Everything in moderation,” the saying goes. But it may come as a surprise that this expression even seems to apply to many of the hacker forums littered across the dark web. On the surface, these forums may appear to be a lawless landscape, but there are some activities even hacker forums ban because they tend to attract too much heat.

Most recently, ransomware has been the focus of attention from security professionals and malicious actors alike. Throughout 2020, at least 59 hospitals and health care centers were impacted by ransomware, a trend that continued into 2021 with further attacks on critical infrastructure. Colonial Pipeline fell victim to a ransomware attack that cost it nearly $5 million. JBS paid nearly $11 million after its meatpacking plants were disrupted by ransomware.

TicketClub Italy Database Offered in Dark Web

Posted on 22 July 2021

From securityaffairs.co

TicketClub is an Italian company providing a mobile-based coupons platform for offline purchases. Their clients include Burger King, McDonald’s, Cinecittà World, Rainbow Magicland, and many other enterprises having coupon and loyalty programs.

The platform lists coupons in multiple categories including health, travel, food, services, events. The end-user can download the coupons of interest on the mobile app and show during the checkout at partner stores.

July 19, 2021 – The actor having the alias “bl4ckt0r” has published TicketClub Italy database with over 340,957 users for sale and released several meaningful data dumps which may confirm the breach. The information has been originally published at RaidForums which are known for the illegal selling of any data loss from Internet portals and insecure online services.

WiFiDemon – iPhone Zero-click Wifi Hacking Flaw Can be Used to Execute Remote Code

Posted on 22 July 2021

From gbhackers.com

WiFiDemon – iPhone Zero-click Wifi Hacking Flaw Can be Used to Execute Remote Code

Recently the mobile security experts at zecOps have discovered a bug in the iPhone last month that intrudes wireless connectivity when it gets connected to an access point with a specific name.

This bug was dubbed as WiFiDemon, and it is a remote code execution vulnerability, and for implementing operation it does not require any kind of user intervention.