Attack against supercomputers

More than 10 high-performance data centers were hacked, including the one in the city of Garching (Germany). They are used for research on Covid-19 therapies, but those affected suspect other motives behind the attacks.

Dieter Kranzlmüller cannot explain what the hacker wanted. "Someone broke in and manipulated the system. But we don't know exactly what he did," says the head of the Leibniz computer centre in Garching near Munich. The high-performance computer SuperMUC-NG is located there. Kranzlmüller's team had to take it off the Internet this week after a hacker had gained access to the system. The Cybercrime Department of the Bavarian State Office of Criminal Investigation is investigating.

The case has shaken the research community, which depends on the expensive machines for its investigations. They are scattered internationally, but can no longer access the computers online. According to Kranzlmüller, in addition to Garching, more than ten high-performance computer centres in different countries are affected, including those in Freiburg, Stuttgart and Jülich. A "serious problem right across the academic community", is what those responsible for the super computer Archer in Edinburgh call it.

Read more 🇩🇪:
https://www.computerbase.de/2020-05/sicherheitsprobleme-europaeische-rechenzentren-supercomputer/

https://www.sueddeutsche.de/digital/supercomputer-hacker-garching-corona-1.4909397

#attack #hacker #hacked #supercumputers #datacenter #research
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Hackers who stole files from a law firm to stars like Lady Gaga and Drake doubled their ransom to $42 million and threatened to release 'dirty laundry' on Trump

Grubman, Shire, Meiselas and Sacks was recently the target of a hack by a group called REvil, which is attempting to random the information.

One of the top entertainment law firms in the US — Grubman, Shire, Meiselas and Sacks — was recently the target of a ransomware attack.

REvil, the group behind the attack, on Thursday doubled their ransom to $42 million, Page Six reported.
They also threatened to release "dirty laundry" on President Donald Trump if the amount wasn't paid.
They did not elaborate on what the material might be. Sources told Page Six that Trump had never been a client of the firm.

A hacker group that stole 756 gigabytes of data from one of top US entertainment law firms has doubled their ransom to $42 million, and threatened to release "dirty laundry" on President Donald Trump if the money is not paid.

👉🏼 Weiter auf:
https://www.businessinsider.fr/us/revil-hackers-threaten-trump-dirty-laundry-taken-from-law-firm-2020-5

#hacker #hacked #ransom #LadyGaga #drake #trump
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

🚨🚨The US Government is Seizing Massive New Surveillance Powers

We tried to warn you. The Patriot Act will soon be much stronger and more invasive.

https://news4achange.com/the-us-government-is-seizing-massive-new-surveillance-powers/

Huge, mysterious list appears online of where people met, personal information and more of tens of millions

'There's nothing you nor I can do about it,' notes security expert

A huge data dump includes the personal information of tens of millions of people and where they have met – and its origin is a mystery.

The breach includes almost 90GB of people's personal data, including details of where they have been and met people.

But there is no clue where the information has actually come from in the first place.

Though the information has been hosted publicly, and available to anyone, there is no hint about where it was first collected from.

The dump includes listings of individual people, including information on their social media sites, phone numbers and addresses. Unusually, however, it also includes details about where people have met, and information about where the people listed within the dump may know each other from.

As such, it appears that the data was probably collected from CRM, or customer relationship management, software. Users presumably took down a contact's personal information as well as a note about where they had met them to remember in future, and recorded it in a piece of software, which has since been breached.

But Troy Hunt, who tracks such data breaches and runs the website HaveIBeenPwned.com to allow users to check if they have been caught up in them, said that he had been unable to find any clue about what that software might be or how it had become public.

"Nowhere – absolutely nowhere – was there any indication of where the data had originated from," he wrote in a blog post announcing the find.

👉🏼 Read more:
https://www.independent.co.uk/life-style/gadgets-and-tech/news/data-dump-personal-information-breach-crm-a9515931.html

https://www.troyhunt.com/the-unattributable-db8151dd-data-breach/

#leak #breach #CRM
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Facebook Welcomes GIPHY as Part of Instagram Team

GIPHY, a leader in visual expression and creation, is joining the Facebook company today as part of the Instagram team. GIPHY makes everyday conversations more entertaining, and so we plan to further integrate their GIF library into Instagram and our other apps so that people can find just the right way to express themselves.

A lot of people in our community already know and love GIPHY. In fact, 50% of GIPHY’s traffic comes from the Facebook family of apps, half of that from Instagram alone. By bringing Instagram and GIPHY together, we can make it easier for people to find the perfect GIFs and stickers in Stories and Direct. Both our services are big supporters of the creator and artist community, and that will continue. Together, we can make it easier for anyone to create and share their work with the world.

👉🏼 Read more:
https://about.fb.com/news/2020/05/welcome-giphy/

#DeleteFacebook #fb #giphy #instagram
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

2Africa: a transformative subsea cable for future internet connectivity in Africa announced by global and African partners

2Africa is one of the largest subsea projects in the world, connecting 23 countries in Africa, the Middle East and Europe

#China #Mobile #International, #Facebook, #MTN #GlobalConnect, #Orange, #stc, #Telecom #Egypt, #Vodafone and #WIOCC announced today that they will partner to build #2Africa, which will be the most comprehensive #subsea #cable to serve the African continent and Middle East region. The parties have appointed #Alcatel Submarine Networks (“#ASN”) to build the cable in a fully funded project which will greatly enhance connectivity across Africa and the Middle East.

At 37,000km long, 2Africa will be one of the world’s largest subsea cable projects and will interconnect Europe (eastward via Egypt), the Middle East (via Saudi Arabia), and 21 landings in 16 countries in Africa. The system is expected to go live in 2023/4, delivering more than the total combined capacity of all subsea cables serving Africa today, with a design capacity of up to 180Tbps on key parts of the system. 2Africa will deliver much needed internet capacity and reliability across large parts of Africa, supplement the fast-growing capacity demand in the Middle East and underpin the further growth of 4G, 5G and fixed broadband access for hundreds of millions of people.

In countries where the 2Africa cable will land, service providers will obtain capacity in carrier-neutral data centres or open-access cable landing stations on a fair and equitable basis. This will support healthy internet ecosystem development by facilitating greatly improved accessibility for businesses and consumers alike.

The 2Africa cable has been designed to improve resilience and maximise performance, including the option of a seamless optical crossing between East Africa and Europe. The 2Africa parties and Airtel have signed an agreement with Telecom Egypt to provide a completely new crossing linking the Red Sea and the Mediterranean, the first in over a decade. This includes new cable landing stations and deployment of next-generation fibre on two new, diverse terrestrial routes parallel to the Suez Canal from Ras Ghareb to Port Said, and a new subsea link that will provide a third path between Ras Ghareb and Suez.

Read more:
https://www.orange.com/en/Press-Room/press-releases/press-releases-2020/2Africa-a-transformative-subsea-cable-for-future-internet-connectivity-in-Africa-announced-by-global-and-African-partners

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Average American had personal data stolen at least 4 times last year, report says

Over the past decade or so you’ve probably noticed the increasing frequency of major data breaches around the world. There have been at least 200 documented data breaches since 2005, and the number of records exposed is only on the rise as more folks move their lives online. With more people transitioning facets of their lives online in the context of the “stay home” orders of the 2020 pandemic, these numbers of are sure to climb even higher in years to come.

It’s impossible to know the impact and extent to which data breaches are occurring as many almost certainly go unreported. Here are some of the data breaches we analyzed in our research:

👉🏼 Read more:
https://www.interest.com/personal-finance/the-average-american-had-personal-information-stolen-at-least-4-times-in-2019/

https://en.wikipedia.org/wiki/List_of_data_breaches

https://www.statista.com/statistics/273550/data-breaches-recorded-in-the-united-states-by-number-of-breaches-and-records-exposed/

https://theweek.com/articles/730439/have-almost-certainly-been-hacked

#USA #hacked #breach #leak
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Noyb files complaint against Google under GDPR, saying Android Advertising ID can be tracked

Every phone has an Android Advertising ID and it can be used to track your phone’s actions – and tied back to your identity. A privacy advocacy group called Noyb – European Center for Digital Rights has filed a legal complaint with the Austrian Data Protection Agency against Google under Europe’s GDPR law. Noyb stands for None of Your Business – and that’s exactly how activists feel about the use of the Android Advertising ID to track Android users. Noyb was started by Austrian privacy activist Max Schrems who has filed privacy cases against Google and Facebook in the past and is deservedly highly celebrated in the privacy community.

‼️ Noyb’s privacy lawyer, Stefano Rossetti succinctly summed up the problem:

“In essence, you buy a new Android phone, but by adding a tracking ID they ship you a tracking device.”

How the Android Advertising ID violates the GDPR
This Android Advertising ID is on by default and does not allow users to opt-out. If you choose not to be targeted by “interest-based ads” that still doesn’t get rid of the Android Advertising ID. Even if it did, that still wouldn’t be a GDPR compliant for Google to go about this. To be compliant under the GDPR, Google is supposed to get opt-in user consent before setting up any sort of tracking ID. Right now, all users can do is have Google change their advertising ID – which may hinder the ability of third party apps to track your Android device, but doesn’t do anything to stop Google from tracking you with the Android Advertising ID.

👉🏼 Read more:
https://www.privateinternetaccess.com/blog/noyb-files-complaint-against-google-under-gdpr-saying-android-advertising-id-can-be-tracked/

#android #google #DeleteGoogle #GDPR #advertising #id #tracking #privacy
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Dark Winter, Restaurant Snitches, Black Mirror – New World Next Week

This week on the New World Next Week: Plandemic planners threaten a dark winter for America; the reopening comes with strings attached; and reality has officially overtaken science fiction.

https://www.corbettreport.com/dark-winter-restaurant-snitches-black-mirror-new-world-next-week/

MP3:
http://www.corbettreport.com/mp3/2020-05-14_James_Evan_Pilato.mp3

#corbettreport #video #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S. Secret Service.

A memo seen by KrebsOnSecurity that the Secret Service circulated to field offices around the United States on Thursday says the ring has been filing unemployment claims in different states using Social Security numbers and other personally identifiable information (PII) belonging to identity theft victims, and that “a substantial amount of the fraudulent benefits submitted have used PII from first responders, government personnel and school employees.”

“It is assumed the fraud ring behind this possesses a substantial PII database to submit the volume of applications observed thus far,” the Secret Service warned. “The primary state targeted so far is Washington, although there is also evidence of attacks in North Carolina, Massachusetts, Rhode Island, Oklahoma, Wyoming and Florida.”

The Secret Service said the fraud network is believed to consist of hundred of “mules,” a term used to describe willing or unwitting individuals who are recruited to help launder the proceeds of fraudulent financial transactions.

“In the state of Washington, individuals residing out-of-state are receiving multiple ACH deposits from the State of Washington Unemployment Benefits Program, all in different individuals’ names with no connection to the account holder,” the notice continues.

👉🏼 Read more:
https://krebsonsecurity.com/2020/05/u-s-secret-service-massive-fraud-against-state-unemployment-insurance-programs/

#USA #SecretService #alert #nigerian #fraud #coronavirus
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

RATicate Group Hits Industrial Firms With Revolving Payloads

A new threat group uses NSIS as an installer to target industrial companies with revolving payloads, including LokiBot, FormBook, BetaBot, Agent Tesla and Netwire.

Researchers have unearthed a new cybercrime group, RATicate, which is behind several waves of malspam attacks targeting industrial companies with various information-stealing payloads – from LokiBot to Agent Tesla.

At least six separate campaigns have been tied to RATicate, with the first wave starting November and the most recent spotted in March. All campaigns leveraged Nullsoft Scriptable Install System (NSIS), a legitimate, open-source tool used to create Windows installers, to ultimately drop various remote access trojans (RATs) on victims’ systems.

More recently, “a new campaign we believe connected to the same actors leverages concern about the global COVID-19 pandemic to convince victims to open the payloads,” said Markel Picado, threat researcher with SophosLabs, in a Thursday analysis. “This is a shift in tactics, but we suspect that this group constantly changes the way they deploy malware — and that the group has conducted campaigns prior to this past November.”

👉🏼 Read more:
https://threatpost.com/raticate-group-industrial-firms-revolving-payloads/155775/

#RATicate #payloads #LokiBot #NSIS #RATs #malspam
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

NOT DELIVERING Amazon ending ‘hero pay’ in Canada slashing hourly wages and cutting double overtime pay despite coronavirus outbreaks

AMAZON is cancelling "hero pay" for its Canadian workforce, despite rising infections in its warehouses - and as CEO Jeff Bezos prepares to become the world's first trillionaire.

The pay was granted in recognition of working in hazardous conditions during the pandemic, and equated to a $2 wage increase and double overtime pay.

The announcement was made in an internal company memo, obtained by PressProgress, and came as a number of workers tested positive in warehouses across the country.

“We are providing a final extension of the temporary $2/hour pay increase and double overtime pay through May 30.”

After that, the memo continues: “we will return to our regular pay and overtime structure.”

On May 1, an outbreak at an Alberta warehouse was declared, after five people tested positive.

👉🏼 Read more:
https://pressprogress.ca/amazon-tells-canadian-warehouse-workers-theyre-getting-a-pay-cut/

#DeleteAmazon #bezos #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

News Wrap: Ransomware Extortion Tactics, Contact-Tracing App Security Worries

Threatpost editors discuss the top news stories of the week ended May 15

https://threatpost.com/news-wrap-ransomware-extortion-tactics-contact-tracing-app-security/155796/

#NewsWrap #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Script for getting unlimited GB on Warp+ ( https://1.1.1.1/ )

With this script, you can recharge your account indefinitely.

About warp+
WARP+ uses Cloudflare’s virtual private backbone, known as Argo, to achieve higher speeds and ensure your connection is encrypted across the long haul of the Internet.

👉🏼 Read more:
https://github.com/ALIILAPRO/warp-plus-cloudflare

https://blog.cloudflare.com/announcing-warp-plus/

#cloudflare #warp #FuckCloudflare #script
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Smart-tv-telegram

A Telegram Bot to stream content on your smart TV (also Chromecast, FireTV and other UPnP device)
Feature

👉🏼 Streaming, the bot will not have to download the entire file before playing it on your device

👉🏼 You can play anything if your device has the right codec

👉🏼 You can streaming on any device that supports UPnP (AVTransport)

👉🏼 Chromecast support

👉🏼 Streaming over HTTP

Note: Chromecast (1st, 2nd and 3rd Gen.) only supports H.264 and VP8 video codecs

Note: Most LG TVs with WebOS have an incorrect UPnP implementation, throw it in the trash and buy a new TV

👉🏼 Read more:
https://github.com/andrew-ld/smart-tv-telegram

#smart #tv #tg #bot #streaming
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

“What about building 7?” A social psychological study of online discussion of 9/11 conspiracy theories

Recent research into the psychology of conspiracy belief has highlighted the importance of belief systems in the acceptance or rejection of conspiracy theories. We examined a large sample of conspiracist (pro-conspiracy-theory) and conventionalist (anti-conspiracy-theory) comments on news websites in order to investigate the relative importance of promoting alternative explanations vs. rejecting conventional explanations for events.

In accordance with our hypotheses, we found that conspiracist commenters were more likely to argue against the opposing interpretation and less likely to argue in favor of their own interpretation, while the opposite was true of conventionalist commenters. However, conspiracist comments were more likely to explicitly put forward an account than conventionalist comments were. In addition, conspiracists were more likely to express mistrust and made more positive and fewer negative references to other conspiracy theories.

The data also indicate that conspiracists were largely unwilling to apply the “conspiracy theory” label to their own beliefs and objected when others did so, lending support to the long-held suggestion that conspiracy belief carries a social stigma. Finally, conventionalist arguments tended to have a more hostile tone. These tendencies in persuasive communication can be understood as a reflection of an underlying conspiracist worldview in which the details of individual conspiracy theories are less important than a generalized rejection of official explanations.

“The Internet was made for conspiracy theory: it is a conspiracy theory: one thing leads to another, always another link leading you deeper into no thing and no place.” (Stewart, 1999, p. 18).

👉🏼 Kent Academic Repository Full text document (pdf)
https://kar.kent.ac.uk/36252/1/Wood%20and%20Douglas%202013%20Frontiers.pdf

👉🏼 Read more:
https://www.frontiersin.org/articles/10.3389/fpsyg.2013.00409/full

https://www.forschung-und-wissen.de/nachrichten/psychologie/menschen-die-an-verschwoerungstheorien-glauben-sind-vernuenftiger-13372102

#research #psychological #study #conspiracy #theories #pdf #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Gangnam Industrial Style: APT Campaign Targets Korean Industrial Companies

Section 52, CyberX’s threat intelligence team, has uncovered an ongoing industrial cyberespionage campaign targeting hundreds of manufacturing and other industrial firms primarily located in South Korea. CyberX has identified more than 200 compromised systems from this campaign, including one belonging to a multi-billion dollar Korean conglomerate that manufactures critical infrastructure equipment such as heavy equipment for power transmission and distribution facilities, renewable energy, chemical plants, welding, and construction.

👉🏼 The research can be found here:
https://cyberx-labs.com/blog/gangnam-industrial-style-apt-campaign-targets-korean-industrial-companies/

#apt #korea #CyberX #Section52 #cyberwire #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Generate WireGuard profile from Cloudflare Warp account

wgcf is a utility for Cloudflare Warp that allows you to create and manage accounts, assign license keys, and generate WireGuard profiles.

💡 Features:

👉🏼 Register new Cloudflare Warp device and account

👉🏼 Update account to allow connection via WireGuard

👉🏼 Update account with new license key, sharing Warp+ status with up to 5 devices

👉🏼 Generate WireGuard profile

👉🏼 Check Cloudflare device status

👉🏼 Print trace information to debug Warp/Warp+ status

💻 Download:
You can find pre-compiled binaries on the releases page.
https://github.com/ViRb3/wgcf/releases

👉🏼 Read more:
https://github.com/ViRb3/wgcf

🚀 Try with:
Script for getting unlimited GB on Warp+ ( https://1.1.1.1/ )
https://t.me/BlackBox_Archiv/919

#cloudflare #warp #FuckCloudflare #script
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

⚠️ Important message from @BlackBox_Archiv ⚠️

‼️ Any contribution in this channel(s) is for educational purposes only
All actions and/or activities in connection with the material contained in this channel are your sole responsibility. Use of the information in this channel may result in criminal charges against the persons concerned.

The authors and @BlackBox_Archiv are not liable in the event that criminal charges are brought against persons who misuse the information in this telegram channel to violate applicable law.

⚠️ Always remember to use these techniques, instructions or hardware only with devices whose owners or users permitted it. The unauthorized access to foreign infrastructure is punishable by law.

#EducationalPurposes #BlackBox
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
📡@FLOSSb0xIN

Bellingcat's free online open source research toolkit

Version 5.1 (March 09, 2020)

The list includes satellite and map services, photo and video review tools, web archiving sites, and more.

Content (All links lead to GoogleDocs):

💡 Maps, Satellites & Streetview
💡 Location Based Searches
💡 Image & Video Verification
💡 Social Media
💡 Transportation
💡 Date & Time

💡 WhoIs, IPs & Website Analysis
💡 People & Phone Numbers
💡 Archiving & Downloading
💡 Company Registries
💡 Data Visualization
💡 Online Security & Privacy
💡 Finding Experts
💡 Miscellaneous
💡 Guides & Handbooks

https://docs.google.com/document/d/1BfLPJpRtyq4RFtHJoNpvWQjmGnyVkfE2HYoICKOGguA/mobilebasic#h.6igzqqftqvh4

#Bellingcat #toolkit #research #collection
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN

Now More Than Ever, Facebook Is a ‘Mark Zuckerberg Production’

For years, he was an obsessive C.E.O. in some ways, distant in others. Then Facebook’s problems became too acute to leave to anyone else.

SAN FRANCISCO — On Jan. 27, at a regularly scheduled Monday morning meeting with top executives at Facebook, Mark Zuckerberg turned the agenda to the coronavirus. For weeks, he told his staff, he had been hearing from global health care experts that the virus had the makings of a pandemic, and now Facebook needed to prepare for a worst-case scenario — one in which the company’s ability to combat misinformation, scammers and conspiracy theorists would be tested as never before.

To start, Mr. Zuckerberg said, the company should take some of the tools it had developed to fight 2020 election garbage and attempt to retool them for the pathogen. He asked executives in charge of every department to develop plans for responding to a global outbreak by the end of the week.

The meeting, described by two people who attended it, helped vault Facebook ahead of other companies — and even some governments — in preparing for Covid-19. And it exemplified a change in how the 36-year-old is running the company he founded.

Since the day he coded the words “a Mark Zuckerberg production” onto every blue-and-white Facebook page, he has been the singular face of the social network. But to an extent not widely appreciated outside Silicon Valley, Mr. Zuckerberg has long been a kind of binary chief executive — extraordinarily involved in some aspects of the business, and virtually hands-off in areas that he finds less interesting.

👉🏼 Read more:
https://www.nytimes.com/2020/05/16/technology/zuckerberg-facebook-coronavirus.html

#DeleteFacebook
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN