Cybersecurity

"It's not often that a piece of FBI advice triggers a Snopes fact check. But the agency's urgent message this month to Americans, often summarized as "stop texting," surprised many consumers.

The warning from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) highlighted vulnerabilities in text messaging systems that millions of Americans use every day.

The U.S. believes hackers affiliated with China's government, dubbed Salt Typhoon, are waging a "broad and significant cyber-espionage campaign" to infiltrate commercial telecoms and steal users' data — and in isolated cases, to record phone calls, a senior FBI official who spoke to reporters on condition of anonymity said during a Dec. 3 briefing call.

The new guidance may have surprised consumers — but not security experts.

"People have been talking about things like this for years in the computer security community," Jason Hong, a professor at Carnegie Mellon University's School of Computer Science, told NPR. "You should not rely on these kinds of unencrypted communications because of this exact reason: There could be snoopers in lots of infrastructure.""

https://www.npr.org/2024/12/17/nx-s1-5223490/text-messaging-security-fbi-chinese-hackers-security-encryption

#USA #FBI #SaltTyphoon #CyberSecurity #China #StateHacking

"The Department of Homeland Security (DHS) believes that China, Russia, Iran, and Israel are the “primary” countries exploiting security holes in telecommunications networks to spy on people inside the United States, which can include tracking their physical movements and intercepting calls and texts, according to information released by Senator Ron Wyden.

The news provides more context around use of SS7, the exploited network and protocol, against phones in the country. In May, 404 Media reported that an official inside DHS’s Cybersecurity Insurance and Security Agency (CISA) broke with his department’s official narrative and publicly warned about multiple SS7 attacks on U.S. persons in recent years. Now, the newly disclosed information provides more specifics on where at least some SS7 attacks are originating from."

https://www.404media.co/dhs-says-china-russia-iran-and-israel-are-spying-on-people-in-us-with-ss7/

#USA #CyberSecurity #DHS #SS7 #MobilePhones #Surveillance

▪ @cybernews@infosec.exchange research ▪ A trove of loan applicants' private data, including national IDs and account statements, was left unsecured.

#DataSecurity #DataPrivacy #CyberSecurity #privacy #dataleak

https://cnews.link/fatak-pay-data-leak-3/

Malicious campaigns are attacking Chinese-branded IoT devices – web cameras and DVRs – to crack authentication.

#China #CyberSecurity #privacy #vulnerable #cyberthreat

https://cnews.link/hiatus-rat-attack-web-cameras-hikvision-xiongmai-1/

"Paragon, an Israeli spyware maker that has largely kept a low profile in recent years, was acquired last week by American private equity giant AE Industrial Partners, according to Israeli news reports.

Tech news website Calcalist reported that the investment firm bought Paragon for $500 million, and depending on how the company grows, the deal could reach $900 million. Globes reported that the upfront payment is $450 million, 20% of which will go to Paragon’s 400 employees, and 30% to the five co-founders, with the remaining 50% going to U.S. venture capital fund Battery Ventures and Israeli venture capital fund Red Dot.

In 2021, Forbes first revealed the existence of Paragon, which didn’t — and still doesn’t — have a website. The magazine reported that the company was founded by a group of former Israeli intelligence officers: Ehud Schneorson, former commander of Unit 8200, a renowned Israeli spy agency whose alumni often then work in the cybersecurity private sector, as well as CEO Idan Nurick, CTO Igor Bogudlov, and vice president of research Liad Avraham."

https://techcrunch.com/2024/12/16/israeli-spyware-maker-paragon-bought-by-u-s-private-equity-giant/

#CyberSecurity #Israel #Paragon #Graphite #Spyware

Meta has been fined $264 million for a 2018 security breach in Facebook's "View As" feature which exposed the data of around 29 million users. Read more at @cnet. #Meta #CyberSecurity #Facebook #Ireland #Tech #Technology https://flip.it/xRnQRv

Regional Care, Inc. (RCI) has contacted nearly a quarter of a million people whose data was exposed in a hacker attack.

#US #Hacked #DataSecurity #healthcare #cyberattack #cybersecurity

https://cnews.link/rci-healthcare-data-breach-exposed-thousands-3/

#IoT #developers face challenges at the #cloud-edge continuum: performance, resilience & #energy efficiency. Learn how the #EU #COGNIT project tackles these with #AI-driven #FaaS! 🌐 Explore use cases in Industry, #SmartCities, #Cybersecurity & more. https://youtu.be/CwXApt-LLyQ

▪ @cybernews@infosec.exchange research ▪ Thousands of Virtavo security camera users might have been exposed.

#Virtavo #DataPrivacy #DataSecurity #cybersecurity #Security

https://cnews.link/virtavo-security-camera-app-data-spilled-online-3/

Threat actors have been observed exploiting a Windows kernel-mode driver elevation of privilege vulnerability, the severity of which is assessed as high (7.8 out of 10).

#cyberthreat #CyberSecurity #Windows #vulnerable #hackers

https://cnews.link/hackers-actively-exploiting-windows-system-privileges-1/

🧪 NEW BETA RELEASES 🧪

📱 iOS 18.3 beta (22D5034e)
📱 iPadOS 18.3 beta (22D5034e)
💻 macOS 15.3 beta (24D5034)
📺 tvOS 18.3 beta (22K5534e)
🥽 visionOS 2.3 beta (22N5875e)
⌚ watchOS 11.3 beta (22S5534d)

#apple #cybersecurity #infosec #security #ios

Arctic Wolf has acquired Cylance, BlackBerry’s beleaguered cybersecurity business, for $160 million — a significant discount from the $1.4 billion BlackBerry paid to acquire the startup in 2018. Read more at @Techcrunch. #BlackBerry #Cylance #CyberSecurity #Tech #Technology https://flip.it/82oI4A

A ransomware attack on Deloitte shut down Rhode Island's RIBridges system, exposing health coverage applicants.

#Ransomware #CyberSecurity #Deloitte #cybercrime #dataprivacy #DataSecurity

https://cnews.link/rhode-island-deloitte-data-breach-3/

Did you know that you could become a millionaire by hunting vulnerabilities in companies’ networks? Youtube link in the comments⤵️

#hack #BugBounty #Documentary #YouTube #CyberSecurity #DataSecurity

https://cnews.link/bug-bounty-cybernews-documentary-3/

The new malvertising campaign abusing fake captchas to drive infostealer infections has an astonishing reach.

#CAPtcha #fake #cybercrime #CyberSecurity

https://cnews.link/fake-captchas-reaching-millions-malvertising-mayhem-1/

There’s a new malicious campaign focusing on YouTube creators. The victims are losing their data and accounts.

#hack #YouTube #DataSecurity #cybercrime #cybersecurity #infosec

https://cnews.link/hackers-targeting-thousands-of-youtubers-3/

Important reminder, if you own a domain name and don't use it for sending email.

There is nothing to stop scammers from sending email claiming to be coming from your domain. And the older it gets, the more valuable it is for spoofing. It could eventually damage your domain's reputation and maybe get it blacklisted, unless you take the steps to notify email servers that any email received claiming to come from your domain should be trashed.

Just add these two TXT records to the DNS for your domain:
TXT v=spf1 -all
TXT v=DMARC1; p=reject;

The first says there is not a single SMTP server on earth authorized to send email on behalf of your domain. The second says that any email that says otherwise should be trashed.

If you do use your domain for sending email, be sure to add 3 records:
SPF record to indicate which SMTP server(s) are allowed to send your email.
DKIM records to add a digital signature to emails, allowing the receiving server to verify the sender and ensure message integrity.
DMARC record that tells the receiving email server how to handle email that fails either check.

You cannot stop scammers from sending email claiming to be from your domain, any more than you can prevent people from using your home address as a return address on a mailed letter. But, you can protect both your domain and intended scam victims by adding appropriate DNS records.

UPDATE: The spf and the dmarc records need to be appropriately named. The spf record should be named "@", and the dmarc record name should be "_dmarc".

Here's what I have for one domain.

One difference that I have is that I'm requesting that email providers email me a weekly aggregated report when they encounter a spoof. gmail and Microsoft send them, but most providers won't, but since most email goes to Gmail, it's enlightening when they come.

#cybersecurity #email #DomainSpoofing #EmailSecurity #phishing

"The collective shrug around Salt Typhoon can also be seen across the news industry, where headlines about Salt Typhoon are making the rounds in the cybersecurity community, but generally aren’t splashed across front pages. In fairness, the news cycle at the moment is exhausting for reporters and readers alike — there’s a new administration forming, major global conflicts rage on and people are looking to take a break from it all over the holidays. Worrying about a massive and likely devastating global hack does not feel very merry.

And many details about the hack — when it happened, who was impacted, the extent of the damage — are slowly emerging and are still not totally clear, making it difficult for the layperson to follow.

But Beijing is taking notes on the sluggish U.S. response. At the one Senate Commerce hearing on the topic held Wednesday, JAMES LEWIS, director of the Strategic Technologies Program at the Center for Strategic and International Studies, testified about the need for the U.S. to counter Chinese hacking operations by giving Beijing a taste of its own medicine through U.S. offensive hacking. Otherwise, he warned, China would just keep going."

https://www.politico.com/newsletters/national-security-daily/2024/12/12/we-need-to-talk-about-salt-typhoon-00183727

#CyberSecurity #China #USA #SaltTyphoon #StateHacking

Cybercrooks stole personal details of hundreds of thousands of SRP Federal Credit Union customers.

#cybercrime #DataSecurity #DataBreach #cybersecurity #infosec

https://cnews.link/srp-federal-credit-union-data-breach-3/

Law enforcement agencies have shut down Rydox, an illegal platform known for selling personal information.

#DataSecurity #cybercrime #cybersecurity #Prison #website

https://cnews.link/police-shut-down-rydox-1/

One of the largest bitcoin ATM operators in the US has had tens of thousands of its customers exposed.

#ATM #Bitcoin #Crypto #datasecurity #DataPrivacy #cybersecurity

https://cnews.link/thousands-byte-federal-customers-data-exposed-3/

Byte Federal, one of the largest Bitcoin ATM operators in the U.S., said the personal data of thousands of customers may have been compromised during a recent breach. Read it at @Techcrunch. #Bitcoin #Cryptocurrecny #ByteFederal #Cybersecurity #Tech #Technology https://flip.it/SJwPjkz

Microsoft accounts lacked rate limiting, letting attackers bypass MFA by guessing authenticator codes.

#Microsoft #Security #MFA #Outlook #cybersecurity #infosec

https://cnews.link/researchers-bypass-microsoft-mfa-by-guessing-codes-3/

"WhatsApp fixed a bug that allowed malicious users to save pictures and videos that were supposed to be viewed only once and then vanish.

In September, TechCrunch reported that a bug in the implementation of the “View Once” privacy feature allowed people using WhatsApp’s browser-based web app to display and then keep the picture or video. The View Once feature is designed to prevent recipients from saving, sharing, forwarding, copying, and even screenshotting or screen recording media sent as “View Once,” given that in normal circumstances, the pictures or videos disappear after being viewed.

On Friday, WhatsApp spokesperson Zade Alsawah told TechCrunch that the company has rolled out a longer-term fix that resolved the issue."

https://techcrunch.com/2024/12/09/whatsapp-fixes-bug-that-let-users-bypass-view-once-privacy-feature/

#CyberSecurity #WhatsApp #Privacy #Meta

▪ @cybernews@infosec.exchange research ▪ The Turkish app Quran Kuran has exposed over 3.6 million records of highly sensitive data.

#Turkey #Quran #app #DataPrivacy #datasecurity #cybersecurity #infosec

https://cnews.link/sigma-telecom-data-leak-3/