Save-Point
News of the Cyber World - Printable Version

+- Save-Point (https://www.save-point.org)
+-- Forum: Official Area (https://www.save-point.org/forum-3.html)
+--- Forum: Tech Talk (https://www.save-point.org/forum-87.html)
+--- Thread: News of the Cyber World (/thread-7678.html)

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37


RE: News of the Cyber World - DerVVulfman - 04-11-2022

Elon Musk takes 9% stake in social media company

Yeah, no kidding. 'Cause with his current stake... he posted a poll in Twitter about



In a regulatory filing, Musk having the largest shares in the company has a seat on the company's board, the term expiring at the 2024 annual meeting.

So what's he suggesting as a shareholder?  An authentication checkmark for the premium users, and features to discourage the tons of spambots appearing.  He also wishes to eliminate advertisements so companies don't have power to dictate policy, and allow various payment options including Doge.

But the title of this article was regarding the "San Francisco Twitter HQ". As he saw no one actively using the site, he made a poll asking members if it was a valid idea.  As of 3:30p.m. Sunday, there have been nearly 1.8 million votes in favor of the idea.


RE: News of the Cyber World - kyonides - 04-14-2022



New York Post Wrote:A retired nurse has lost $43,000 and her part-time job after bitcoin scammers took over her work computer.

The woman from Buffalo, New York, who asked ABC affiliate WKBW to withhold her identity from their report, said she was duped into sending scammers the money via wire transfer and “bitcoin ATM” to an unknown party after a computer pop-up told her to do it.

The fake ad was part of a common phishing scheme involving malware that purports to lock you out of your desktop and warn you that your finances have been hacked. The victim is told that the only way to save their money is to move it into a new location — one where you’re never given access.

The pop-up asked the woman to call a number, which connected her with someone who informed her that her bank credentials had been compromised and she needed to move her money in order to save it.

She lost a total of $43,130 in cash, wiring $13,700 to a bank in East Asia and depositing $29,430 into a bitcoin ATM, which converts your dollars to cryptocurrency and moves it into a digital wallet — ideally your own. In this case, the woman was provided a barcode and sent her money to somewhere in Kolkata, India.

Indifferent Don't be naive, guys!


RE: News of the Cyber World - kyonides - 04-26-2022



Epoch Times Wrote:Twitter’s board of directors has approved Elon Musk’s offer to purchase the social media firm and take it private in a transaction valued at about $44 billion, the company announced on April 25.

The company accepted the billionaire entrepreneur’s proposal of $54.20 per share in cash.

“Twitter has a purpose and relevance that impacts the entire world. Deeply proud of our teams and inspired by the work that has never been more important,” CEO Parag Agrawal said in a company statement.

Musk said in a statement: “Free speech is the bedrock of a functioning democracy, and Twitter is the digital town square where matters vital to the future of humanity are debated. I also want to make Twitter better than ever by enhancing the product with new features, making the algorithms open source to increase trust, defeating the spam bots, and authenticating all humans. Twitter has tremendous potential—I look forward to working with the company and the community of users to unlock it.”
...
The agreement came after Musk confirmed last week that he had secured $46.5 billion in funding commitments to finance the takeover. This included $25.5 billion in debt financing through Morgan Stanley and other financial firms.

Musk plans to take the company private when the transaction is completed. The deal is expected to finalize this year. Goldman Sachs, J.P. Morgan, and Allen & Co. are working as financial advisers to Twitter, while Morgan Stanley is serving as lead financial adviser to Musk.

Some people Thinking think that Musk's move will bring free speech back to Twitter...
Confused I'm not that optimistic to be honest with you.
Only time will tell...


RE: News of the Cyber World - JayRay - 04-30-2022

My issue is that almost everything Musk has tried to take on has massively failed a few times before he got it right...

Rocket that lands itself? BOOM, BOOM, almost there... Boom, and YAY it worked!

Lunching his Tesla Roaster to Mars? Well... we'll pass Mars orbit and start rotations about ... here.. No where near Mars.

Internet Satellites? Whoops lost 40 at once.

Hyper Loop? Well... uh...


Let's hope that he handles Twitter with kid gloves.


RE: News of the Cyber World - kyonides - 05-17-2022


Editor's Note: Hackers had also mentioned something terrible about US President Joe Biden on a memo they had published online.

CyberScoop Wrote:The new president of Costa Rica declared a national emergency over the weekend as fallout continues from a late-April ransomware attack.

President Rodrigo Chaves Robles, who began a four-year term as president Sunday after winning the country’s April 4 election, signed the declaration on May 8 as one of his first official acts, according to local news outlet Amelia Rueda. The executive decree reads, in part, that Costa Rica is “suffering from cybercriminals, cyberterrorists” and that the decree allows “our society to respond to these attacks as criminal acts.”

Somebody calling themselves “unc1756” using the Russian-based Conti ransomware platform claimed responsibility for the April 17 attacks in a post on the Conti dark web data portal. The post indicates that 97% of the stolen data has been published so far, totaling more than 672 gigabytes of information.

The post also blames the government of Costa Rica for not paying the original $10 million ransomware demand, which outgoing President Carlos Alvarado said was an attempt to “threaten the country’s stability in a transitional situation.”

Here I am in the dire need of adding several facts to this story. First of all, Conti's initial demand was a single payment of US$30 millions. Former President Alvarado refused to make any such payment. Later on the hackers proposed the Costa Rican government could make a payment of US$10 millions instead. At the same time they  had also announced that Conti would attack private businesses for they would surely pay the ransom to keep their data "safe" (as if).

Yesterday, President Chaves declared that Costa Rican hackers Thief and public servitors Boring got to be involved in this heinous hack as well.

By the way, the hackers also made a curious statement. They said US President Joe Biden would die any time soon.

State Department Spokesperson Wrote:“Announcing this reward jointly with the Costa Rican government signals the commitment of the United States to support its allies against the leaders and affiliates of the Conti ransomware variant group.”



CyberScoop Wrote:A Ukrainian man convicted in February of trafficking in stolen username and password credentials was sentenced to four years in federal prison Thursday, the U.S. Department of Justice announced Thursday.

Polish authorities arrested Glib Oleksandr Ivanov-Tolpintsev, 28, on Oct. 3, 2020, and extradited to the U.S. to appear in a Florida courtroom on Sept. 8, 2021. He pleaded guilty to the charges on Feb. 22, 2022.

Ivanov-Tolpinstev allegedly boasted of controlling a botnet that was capable of accessing 2,000 usernames and passwords a day, which then enabled other perpetrators to commit fraud or other crimes such as tax fraud and ransomware, prosecutors said. Between 2017 and 2019 he listed thousands of login credentials for sale on a darkweb marketplace. The scheme netted Ivanov-Tolpinstev roughly $80,000.
...
An IRS affidavit showed that a multiple email addresses associated with Ivanov-Tolpinstev were included in receipts to vape shops, while another email address was used to communicate with a dark web associate based in China.



CyberScoop Wrote:Annual spending by the Immigration and Customs Enforcement agency on surveillance technologies ballooned from roughly $71 million in 2008 to $388 million today, researchers at Georgetown Law’s Center for Privacy and Technology conclude in a research paper published Tuesday.

The report, which took researchers two years, shows how ICE’s surveillance and data-collection and data-sharing initiatives have expanded over the past decade into a dragnet that captures the personal data of not just immigrants, but nearly three out of four Americans.
...
Based on public records, researchers found that ICE has scanned at least a third of all adults’ driver’s licenses with facial recognition technology and is able to access the licenses of roughly 75% of adults. ICE can also locate three in four adults through their utility records.

The report demonstrates how over the past decade ICE has moved past using data collected in a law enforcement context and DMV records to data that includes child welfare data, utility bills, hospital records and other sensitive information available from data brokers to track individuals.

Sarcasm I hope nobody here is going to claim that an agency that should focus its resources on immigrants should also spy the American people "for the greater good."



CyberScoop Wrote:The FBI announced charges Monday against a Venezuelan cardiologist that the bureau said was moonlighting as a cybercriminal mastermind, both designing and using ransomware that he bragged was deployed by Iranian state-sponsored hackers.

Moises Luis Zagala Gonzalez, who also went by the user names “Nosophoros,” “Aesculapius” and “Nebuchadnezzar,” is being charged with attempted computer intrusions and conspiracy to commit computer intrusions.

According to the complaint unsealed Monday, Zagala sold and rented out his ransomware software, providing cybercriminals with extensive training on how to use his product and even set up their own ransomware gangs.

One of his tools, titled “Thanos,” allowed users to create their own custom ransomware for a licensing fee of up to $800 a month. Another product, called “Jigsaw v. 2” had a built-in “Doomsday” counter feature that erased a victim’s hard drive after multiple attempts to remove the ransomware.



RE: News of the Cyber World - kyonides - 05-21-2022


Epoch Times Wrote:Chicago Public Schools (CPS) has revealed that nearly half a million students and over 50,000 staff members have fallen prey to a massive data breach involving the theft of personal information via a ransomware attack.
...
The stolen student records span a four-year period from 2015 to 2019 and include name, date of birth, gender, grade level, school, student ID number, information about the courses students had taken, and student scores from performance tasks used for teacher evaluations.

The staff records that were involved in the breach include name, school, employee ID number, CPS email address, and information about courses taught during the four-year span.
...
CPS said that the vendor, Battelle for Kids, had taken mitigation measures to reduce the likelihood of similar data breaches in the future, including enhancing network security and hiring a third-party security firm to provide “up-to-date defenses and industry-leading practices” in terms of cybersecurity.

And just as I had reported Reporter not long ago...


CyberScoop Wrote:“We are at war and that is not an exaggeration,” Chaves said, according to a Google translation. “The war is against an international terrorist group.” He added that “there are very clear indications that people inside the country are collaborating with Conti,” but did not share details.
...
Over the weekend messages posted to Conti’s website captured by Emsisoft threat analyst Brett Callow called on the people of Costa Rica to “organize rallies” to force the government to pay and also that “we are determined to overthrow the government by means of a cyber attack.” The attackers demanded $20 million — doubling the previous demand of $10 million — and also claimed the decryption keys would be deleted within a week.
...
Chaves said Monday that the government has assembled a “SWAT Team” from various government agencies to handle the April 17 ransomware attack that has affected at least 27 institutions — nine of them “significantly,” according to La Nación — and that there is still no full diagnosis of the magnitude of the situation.



CyberScoop Wrote:A hacking group associated with the government of Belarus and aligned with Russian interests “leveraged compromised assets” to push a false story about an alleged Polish criminal ring harvesting organs from Ukrainian refugees to illegally traffic in the European Union, researchers with the cybersecurity firm Mandiant said Thursday.

The previously unattributed activity was the work of Ghostwriter, which Mandiant formally linked to the Belarusian government in November 2021.
...
Targets of the operations include Ukrainian citizens and those in other European countries, domestic audiences in China and Iran, but also the domestic Russian populace — “underscoring Russia’s need to sell the war to its own people,” the Mandiant researchers wrote.

Well, I cannot support fake news, yet, I find it important to investigate Police those claims first. It is better to confirm that no refugee has been endangered by any third party like some phony NGO, probably pretending to work for UN or the Ukrainian government, than just closing our eyes mainly because the accusations do not stick with the official version.

Confused Keep in mind how Joe Biden was pretending to control the (cyber) narrative via his own "Ministry of Truth" a la George Orwell. Sarcasm


RE: News of the Cyber World - kyonides - 06-01-2022



Associated Press Wrote:Electronic voting machines from a leading vendor used in at least 16 states have software vulnerabilities that leave them susceptible to hacking if unaddressed, the nation’s leading cybersecurity agency says in an advisory sent to state election officials.

The U.S. Cybersecurity and Infrastructure Agency, or CISA, said there is no evidence the flaws in the Dominion Voting Systems’ equipment have been exploited to alter election results. The advisory is based on testing by a prominent computer scientist and expert witness in a long-running lawsuit that is unrelated to false allegations of a stolen election pushed by former President Donald Trump after his 2020 election loss.

Sarcasm False allegations? If they were false at all, how did they manage to find software vulnerabilities in the first place? Weren't they an integral part of the original claims announced by other experts?

Serious Now they pretend us to believe that NOBODY would ever exploit them even if we're talking about the US elections not Cambodia's nor Costa Rica's or any other tiny or weak country.

Associated Press Wrote:Amid a swirl of misinformation and disinformation about elections, CISA seems to be trying to walk a line between not alarming the public and stressing the need for election officials to take action.
...
Yet the advisory seems to suggest states aren’t doing enough. It urges prompt mitigation measures, including both continued and enhanced “defensive measures to reduce the risk of exploitation of these vulnerabilities.” Those measures need to be applied ahead of every election, the advisory says, and it’s clear that’s not happening in all of the states that use the machines.

University of Michigan computer scientist J. Alex Halderman...and many other election security experts have insisted that using hand-marked paper ballots is the most secure method of voting and the only option that allows for meaningful post-election audits.

And making a brief comeback, we now go straight to our "beloved" section...

How did they do it? Tongue sticking out

Associated Press Wrote:One of the most serious vulnerabilities could allow malicious code to be spread from the election management system to machines throughout a jurisdiction, Halderman said. The vulnerability could be exploited by someone with physical access or by someone who is able to remotely infect other systems that are connected to the internet if election workers then use USB sticks to bring data from an infected system into the election management system.

Several other particularly worrisome vulnerabilities could allow an attacker to forge cards used in the machines by technicians, giving the attacker access to a machine that would allow the software to be changed, Halderman said.



RE: News of the Cyber World - kyonides - 06-08-2022


Epoch Times Wrote:Elon Musk is accusing Twitter of “resisting and thwarting” his ability to obtain information about bot accounts on the social media website, saying that it’s a “breach” of the terms of their April deal.

Musk, the world’s richest person, sent a letter to the San Francisco-based firm on June 6.

“Mr. Musk reserves all rights resulting therefrom, including his right not to consummate the transaction and his right to terminate the merger agreement,” the letter reads.
...
After the letter was released on the U.S. Securities and Exchange Commission’s website, shares of Twitter dropped 1.5 percent.
...
Last month, Musk said his team wanted to perform a random sampling to calculate the number of fake accounts. However, Twitter’s CEO, Parag Agrawal, later said nonpublic information would be required to obtain an accurate count.

In the last few years, Twitter has demonstrated that it doesn't care about free speech but censorship.
Thinking Why would they love to share data like the amount of bots Twitter depends on?
Sarcasm Why should they stop making people think it's as popular as the company has always claimed to be?


RE: News of the Cyber World - kyonides - 07-14-2022


CNN Wrote:The lawsuit, filed in the Delaware Court of Chancery on Tuesday, comes after Musk said in a letter to Twitter's top lawyer late Friday that he wants to terminate the blockbuster $44 billion acquisition agreement.

Musk's lawyer alleged in Friday's letter that Twitter (TWTR) is "in material breach of multiple provisions" of the deal, claiming the company has withheld data Musk requested in order to evaluate the number of bots and spam accounts on the platform. Twitter's legal team hit back in a letter on Monday, calling Musk's attempted termination "invalid and wrongful," claiming that Musk himself had violated the agreement and demanding that he follow through with the deal.

In the complaint filed Tuesday, Twitter's lawyers say they are seeking to prevent Musk from further breaches of the agreement, and to "compel consummation of the merger upon satisfaction of the few outstanding conditions."

Well, Musk wanted to know how many users were fake and apparently, Twitter refused to provide accurate information to Musk and SEC. Therefore it seems natural to quit instead of dealing with blockheads that are doing everything they can to prevent him from acquiring the company.



Quote:The company provided details after James Paterson, the shadow minister for cybersecurity and countering foreign interference, wrote to TikTok’s Australian general manager on July 3, asking for clarification on local user data.

Paterson, also the chair of the Joint Parliamentary Committee on Intelligence and Security, publicized the correspondence on social media.

“TikTok Australia has replied to my letter and admitted that Australian user data is also accessible in mainland China, putting it within reach of the Chinese government, despite their previous assurances it was safe because it was stored in the US and Singapore,” he wrote in a Twitter post on July 12.

So we can't trust in a Corona-Chan Chinese company's promise that our data will be safely stored in the Western World. Confused


RE: News of the Cyber World - kyonides - 07-26-2022


Quote:But researchers with Censys, a firm that indexes devices connected to the internet, said Thursday they’ve flipped the typical script and found what appears to be a ransomware command and control network capable of launching attacks, including one host located in the U.S.

Matt Lembright, Censys’ director of federal applications and author of the report, told CyberScoop that they came across the network after running a search through the company’s data for the top 1,000 software products currently observable on Russian hosts. After seeing Metasploit — penetration testing software frequently used for legitimate purposes — on just nine hosts out of more than 7.4 million, the team did some additional digging.

The team eventually found two Russian-based hosts containing a combination of Acunetix, a web vulnerability tester, and DeimosC2, a command and control tool to use on compromised machines after exploitation.

One of the hosts in the network is located in Ohio, according to the data, and was running the DeimosC2 tool as recently as July 6. Other software present on the host indicated it might be serving as a proxy in the network, and a historical review of the host revealed that it hosted malware for a short period in October 2021 later tied to the Karma ransomware strain.

So beware of the MedusaLocker ransomware. Shocked

Quote:“Successful exploitation of these vulnerabilities could allow an attacker control over any MV720 GPS tracker, granting access to location, routes, fuel cutoff commands and the disarming of various features (e.g., alarms),” according to the Cybersecurity and Infrastructure Security Agency.

The Chinese-made tracker in question is known as the MiCODUS MV720 GPS tracker. It’s used across the globe by consumers and businesses alike seeking theft protection and location management, according to the cybersecurity company BitSight, which discovered the problem earlier this year and notified CISA. BitSight and CISA collaborated on the vulnerability alert.

Government, military and law enforcement agencies as well as corporations spanning a variety of industries such as aerospace, energy, engineering, manufacturing and shipping rely on the MiCODUS tracker, BitSight said in a press release.

Security and privacy experts have long complained about GPS trackers putting people at risk due to built-in vulnerabilities. Additionally, devices such as the Apple AirTag have been used to track people without their consent. A Connecticut man was arrested and charged with stalking in February after police found an AirTag in his ex-girlfriend’s car. Law enforcement in multiple states have issued warnings alerting the public to how criminals can deploy AirTags.



Quote:The state-backed Russian hacking team behind some of the biggest digital intrusions in recent years has been using both Google Drive and Dropbox to deliver malware against a range of targets, researchers said Tuesday.
...
But in a series of spear phishing attacks dating back to early May, the hackers have demonstrated “sophistication and the ability to rapidly integrate popular cloud storage services to avoid detection,” most notably by mixing Google Drive’s cloud storage services into their mix.
...
Dropbox and other cloud and web services such as project management app Trello and Google’s Firebase app development platform aren’t new to the APT29 playbook, as documented in April 2022 by Mandiant and May 2021 by the Microsoft Threat Intelligence Center. But adding Google Drive brings an additional layer of threat.
...
The latest hacking campaigns highlighted by Unit 42 targeted several unnamed “Western diplomatic missions” between May and June 2022 using what appears to be compromised email accounts within foreign embassies of Portugal and Brazil. ... Building off that the researchers identified an additional campaign May 24 which consisted of two emails to the same unnamed NATO country’s ministry of foreign affairs just a few hours apart.

They even used a dropper called EnvyScout that downloads additional malware. Confused