Forwarded from BlackBox (Security) Archiv
Iranian hackers pose as journalists
IT agents of Iran pose as journalists and conduct "interviews" to gain the trust of their victims. The attackers learn from North Korea.
State hackers of Iran pose as Farsi-speaking journalists of Deutsche Welle and the US weekly Jewish Journal. For their false identities, the attackers set up nice LinkedIn accounts. They also pick up the phone and call their victims via WhatsApp, ostensibly to conduct interviews or prepare an alleged webinar in which the victim is supposed to be the keynote speaker.
π ππΌ π¬π§ The Kittens Are Back in Town 3 (PDF)
https://www.clearskysec.com/wp-content/uploads/2020/08/The-Kittens-are-Back-in-Town-3.pdf
π ππΌ π¬π§ Operation βDream Jobβ
https://www.clearskysec.com/wp-content/uploads/2020/08/Dream-Job-Campaign.pdf
π ππΌ π©πͺ https://www.heise.de/newsticker/meldung/Iranische-Hacker-geben-sich-als-Journalisten-aus-4881027.html
#iran #hacker #agents #attack #journalists #pdf
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
IT agents of Iran pose as journalists and conduct "interviews" to gain the trust of their victims. The attackers learn from North Korea.
State hackers of Iran pose as Farsi-speaking journalists of Deutsche Welle and the US weekly Jewish Journal. For their false identities, the attackers set up nice LinkedIn accounts. They also pick up the phone and call their victims via WhatsApp, ostensibly to conduct interviews or prepare an alleged webinar in which the victim is supposed to be the keynote speaker.
π ππΌ π¬π§ The Kittens Are Back in Town 3 (PDF)
https://www.clearskysec.com/wp-content/uploads/2020/08/The-Kittens-are-Back-in-Town-3.pdf
π ππΌ π¬π§ Operation βDream Jobβ
https://www.clearskysec.com/wp-content/uploads/2020/08/Dream-Job-Campaign.pdf
π ππΌ π©πͺ https://www.heise.de/newsticker/meldung/Iranische-Hacker-geben-sich-als-Journalisten-aus-4881027.html
#iran #hacker #agents #attack #journalists #pdf
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Ransomware attack halts Argentinian border crossing for four hours
Argentina's official immigration agency, DirecciΓ³n Nacional de Migraciones, suffered a Netwalker ransomware attack that temporarily halted border crossing into and out of the country.
While ransomware attacks against cities and local agencies have become all too common, this may be a first known attack against a federal agency that has interrupted a country's operations.
According to a criminal complaint published by Argentina's cybercrime agency, Unidad Fiscal Especializada en Ciberdelincuencia, the government first learned of the ransomware attack after receiving numerous tech support calls from checkpoints at approximately 7 AM on August 27th.
https://www.bleepingcomputer.com/news/security/ransomware-attack-halts-argentinian-border-crossing-for-four-hours/
#South #America #Argentina #ransomware #attack
Argentina's official immigration agency, DirecciΓ³n Nacional de Migraciones, suffered a Netwalker ransomware attack that temporarily halted border crossing into and out of the country.
While ransomware attacks against cities and local agencies have become all too common, this may be a first known attack against a federal agency that has interrupted a country's operations.
According to a criminal complaint published by Argentina's cybercrime agency, Unidad Fiscal Especializada en Ciberdelincuencia, the government first learned of the ransomware attack after receiving numerous tech support calls from checkpoints at approximately 7 AM on August 27th.
https://www.bleepingcomputer.com/news/security/ransomware-attack-halts-argentinian-border-crossing-for-four-hours/
#South #America #Argentina #ransomware #attack
Forwarded from BlackBox (Security) Archiv
Your digital privacy is under attack. Can anything be done to protect it?
A committee from the Council of Europe is concerned with the use of technology for mass surveillance programs.
Intelligence services around the world should be kept in check by an international body with the power to make sure governments don't misuse personal data for surveillance purposes, said the Council of Europe's data protection committee chairs in a joint statement.
Countries should agree at an international level on the extent to which the surveillance carried out by intelligence services can be authorized and under which conditions, recommended the committee. The agreement should come as a legal tool that could be enforced independently by a data protection body that is yet to be created.
The European human rights organization said that calls for better data protection at an international level are especially relevant in times of crisis, when circumstances provide governments with an opportunity to lawfully restrict citizens' privacy rights.
π ππΌ https://www.zdnet.com/article/your-digital-privacy-is-under-attack-can-anything-be-done-to-protect-it
π ππΌ Better protecting individuals in the context ofinternational data flows (PDF):
https://rm.coe.int/statement-schrems-ii-final-002-/16809f79cb
#digital #privacy #attack #data #flows #thinkabout #pdf
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
A committee from the Council of Europe is concerned with the use of technology for mass surveillance programs.
Intelligence services around the world should be kept in check by an international body with the power to make sure governments don't misuse personal data for surveillance purposes, said the Council of Europe's data protection committee chairs in a joint statement.
Countries should agree at an international level on the extent to which the surveillance carried out by intelligence services can be authorized and under which conditions, recommended the committee. The agreement should come as a legal tool that could be enforced independently by a data protection body that is yet to be created.
The European human rights organization said that calls for better data protection at an international level are especially relevant in times of crisis, when circumstances provide governments with an opportunity to lawfully restrict citizens' privacy rights.
π ππΌ https://www.zdnet.com/article/your-digital-privacy-is-under-attack-can-anything-be-done-to-protect-it
π ππΌ Better protecting individuals in the context ofinternational data flows (PDF):
https://rm.coe.int/statement-schrems-ii-final-002-/16809f79cb
#digital #privacy #attack #data #flows #thinkabout #pdf
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
ZDNet
Your digital privacy is under attack. Can anything be done to protect it? | ZDNet
A committee from the Council of Europe is concerned with the use of technology for mass surveillance programs.
Forwarded from BlackBox (Security) Archiv
Crypto crime - KuCoin: Hackers steal 150 million US dollars from Bitcoin stock exchange
The Bitcoin exchange KuCoin has become the victim of a hacker attack. According to estimates, 150 to 200 million US dollars disappeared. Most of the money is said to have already been recovered.
The Bitcoin exchange KuCoin has announced that it became the victim of a hacker attack on September 26. Mainly Bitcoin (BTC), Ether (ETH) and ERC 20 tokens were acquired by the attackers on their raid. The exchange did not explicitly comment on the amount of damage and reassured that it was a small part of the exchange's total capital. According to external estimates, however, crypto-values of 150 to 200 million US dollars (USD) were apparently lost in the process.
π ππΌ https://nitter.net/kucoincom/status/1309689557206491137
π ππΌ π©πͺ https://www.btc-echo.de/kucoin-hacker-stehlen-150-millionen-us-dollar-von-bitcoin-boerse/
#KuCoin #bitcoin #exchange #hacker #hacked #attack
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
The Bitcoin exchange KuCoin has become the victim of a hacker attack. According to estimates, 150 to 200 million US dollars disappeared. Most of the money is said to have already been recovered.
The Bitcoin exchange KuCoin has announced that it became the victim of a hacker attack on September 26. Mainly Bitcoin (BTC), Ether (ETH) and ERC 20 tokens were acquired by the attackers on their raid. The exchange did not explicitly comment on the amount of damage and reassured that it was a small part of the exchange's total capital. According to external estimates, however, crypto-values of 150 to 200 million US dollars (USD) were apparently lost in the process.
π ππΌ https://nitter.net/kucoincom/status/1309689557206491137
π ππΌ π©πͺ https://www.btc-echo.de/kucoin-hacker-stehlen-150-millionen-us-dollar-von-bitcoin-boerse/
#KuCoin #bitcoin #exchange #hacker #hacked #attack
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Nitter
KUCOIN (@kucoincom)
(1/4) We detected some large withdrawals since Sep 26 at 03:05 UTC+8. According to the latest internal security audit report, part of BTC, ERC-20 and other tokens in KuCoin's hot wallets were transferred out of the exchange, which contained few parts of ourβ¦
Ransomware Hits Healthcare Provider UHS, Shuts Down Hospital IT Systems
Although Universal Health Services largely runs behavioral healthcare facilities, it also operates some emergency care centers, potentially putting patients' lives at risk.
A ransomware attack appears to have taken down all IT systems at Universal Health Services (UHS), which operates 400 hospitals and behavioral health facilities in the US and the UK.
UHS employees began reporting problems on Monday via Reddit; the attack has been shutting down computers at various hospitals, forcing them to turn away patients, they say.
One UHS employee based in Arizona told PCMag that the disruption has been blamed on ransomware infecting hospital systems. βEverything is down. No access to any computer at all," the employee said. The hospital has only recently managed to restore the phone system.
βI believe we are turning patients away,β the employee added. βWe have been doing everything on paper charts. What gets me is we had no downtime protocols in place. Itβs all been improv.β
BleepingComputer reports that a notorious ransomware strain known as Ryuk appears to be behind the attack, which has encrypted computers across the UHS network, making them impossible to access.
https://www.pcmag.com/news/ransomware-hits-healthcare-provider-uhs-shuts-down-hospital-it-systems
#US #ransomware #attack #hospital
Although Universal Health Services largely runs behavioral healthcare facilities, it also operates some emergency care centers, potentially putting patients' lives at risk.
A ransomware attack appears to have taken down all IT systems at Universal Health Services (UHS), which operates 400 hospitals and behavioral health facilities in the US and the UK.
UHS employees began reporting problems on Monday via Reddit; the attack has been shutting down computers at various hospitals, forcing them to turn away patients, they say.
One UHS employee based in Arizona told PCMag that the disruption has been blamed on ransomware infecting hospital systems. βEverything is down. No access to any computer at all," the employee said. The hospital has only recently managed to restore the phone system.
βI believe we are turning patients away,β the employee added. βWe have been doing everything on paper charts. What gets me is we had no downtime protocols in place. Itβs all been improv.β
BleepingComputer reports that a notorious ransomware strain known as Ryuk appears to be behind the attack, which has encrypted computers across the UHS network, making them impossible to access.
https://www.pcmag.com/news/ransomware-hits-healthcare-provider-uhs-shuts-down-hospital-it-systems
#US #ransomware #attack #hospital
PCMAG
Ransomware Hits Healthcare Provider UHS, Shuts Down Hospital IT Systems
Although Universal Health Services largely runs behavioral healthcare facilities, it also operates some emergency care centers, potentially putting patients' lives at risk.
Forwarded from BlackBox (Security) Archiv
VoltPillager: Researchers Compromise Intel SGX With Hardware-Based Undervolting Attack
Security researchers out of the University of Birmingham have crafted another attack against Intel Software Guard Extensions (SGX) when having physical motherboard access and using their "VoltPillager" hardware device they assembled for about $30 USD.
Two years ago Plundervolt was widely publicized for compromising Intel's SGX security by manipulating the CPU frequency/voltage as able to through software interfaces. By carefully undervolting the Intel CPUs when executing enclave computations they were able to ultimately compromise the integrity of SGX.
The impact of Plundervolt was already limited as typically the software needs root/administrative rights to access the CPU voltage/frequency MSRs or other kernel interfaces for manipulating them. But in response to Plundervolt, motherboard vendors began offering options to allow disabling voltage/frequency interface controls on their systems. Following Plundervolt, security researchers at the University of Birmingham in the UK began exploring a hardware-based attack on SGX.
https://www.phoronix.com/scan.php?page=news_item&px=VoltPillager-HW-Undervolt
#research #VoltPillager #undervolting #attack #intel #sgx
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
Security researchers out of the University of Birmingham have crafted another attack against Intel Software Guard Extensions (SGX) when having physical motherboard access and using their "VoltPillager" hardware device they assembled for about $30 USD.
Two years ago Plundervolt was widely publicized for compromising Intel's SGX security by manipulating the CPU frequency/voltage as able to through software interfaces. By carefully undervolting the Intel CPUs when executing enclave computations they were able to ultimately compromise the integrity of SGX.
The impact of Plundervolt was already limited as typically the software needs root/administrative rights to access the CPU voltage/frequency MSRs or other kernel interfaces for manipulating them. But in response to Plundervolt, motherboard vendors began offering options to allow disabling voltage/frequency interface controls on their systems. Following Plundervolt, security researchers at the University of Birmingham in the UK began exploring a hardware-based attack on SGX.
https://www.phoronix.com/scan.php?page=news_item&px=VoltPillager-HW-Undervolt
#research #VoltPillager #undervolting #attack #intel #sgx
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
Phoronix
VoltPillager: Researchers Compromise Intel SGX With Hardware-Based Undervolting Attack
Security researchers out of the University of Birmingham have crafted another attack against Intel Software Guard Extensions (SGX) when having physical motherboard access and using their 'VoltPillager' hardware device they assembled for about $30 USD.
Forwarded from BlackBox (Security) Archiv
Media is too big
VIEW IN TELEGRAM
The Great Firewall of...America? WTZ!
This past week on Feb 2 - Feb 7, 2021 a massive attack was conducted on encrypted services, particular VPN's. VPN traffic was throttled to near unusability.
Basically in 2021, the Great Firewall of the USA was turned on. And then abrubtly turned off.
Purpose of the action was unknown. No party stepped up to acknowledge and aside from me, no one has stepped up to call any Internet Provider of their egregious action against privacy minded people.
Why did this attack happen?
Why did the attack stop?
https://www.youtube.com/watch?v=38za1LYj2XQ&t=1
#usa #greatfirewall #firewall #internet #attack #privacy #thinkabout #video
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
This past week on Feb 2 - Feb 7, 2021 a massive attack was conducted on encrypted services, particular VPN's. VPN traffic was throttled to near unusability.
Basically in 2021, the Great Firewall of the USA was turned on. And then abrubtly turned off.
Purpose of the action was unknown. No party stepped up to acknowledge and aside from me, no one has stepped up to call any Internet Provider of their egregious action against privacy minded people.
Why did this attack happen?
Why did the attack stop?
https://www.youtube.com/watch?v=38za1LYj2XQ&t=1
#usa #greatfirewall #firewall #internet #attack #privacy #thinkabout #video
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
Forwarded from BlackBox (Security) Archiv
Computer giant Acer hit by $50 million ransomware attack
Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000.
Acer is a Taiwanese electronics and computer maker well-known for laptops, desktops, and monitors. Acer employs approximately 7,000 employees and earned $7.8 billion in 2019.
Yesterday, the ransomware gang announced on their data leak site that they had breached Acer and shared some images of allegedly stolen files as proof.
https://www.bleepingcomputer.com/news/security/computer-giant-acer-hit-by-50-million-ransomware-attack
#acer #ransomware #attack
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000.
Acer is a Taiwanese electronics and computer maker well-known for laptops, desktops, and monitors. Acer employs approximately 7,000 employees and earned $7.8 billion in 2019.
Yesterday, the ransomware gang announced on their data leak site that they had breached Acer and shared some images of allegedly stolen files as proof.
https://www.bleepingcomputer.com/news/security/computer-giant-acer-hit-by-50-million-ransomware-attack
#acer #ransomware #attack
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
BleepingComputer
Computer giant Acer hit by $50 million ransomware attack
Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000.
Forwarded from BlackBox (Security) Archiv
Texas man charged with planning to blow up Amazon data center in Virginia
The Wichita Falls man was arrested Thursday after receiving a fake bomb from an FBI undercover employee.
The FBI arrested a Texas man Thursday on charges of hatching a plan to blow up an Amazon data center in Virginia.
Seth Aaron Pendley, 28, of Wichita Falls was taken into custody Thursday after receiving what he thought was a bomb from a like-minded person, but it was actually a dud provided by an FBI undercover employee.
Court documents say Pendley came to the FBIβs attention after agents received a tip that he was posting alarming statements on a forum popular with militia groups, mymilitia.com. He began communicating through an encrypted messaging app with another person, who told the FBI that Pendley planned to use plastic explosives to attack the tech companyβs data centers βto kill about 70% of the internet.β
https://www.nbcnews.com/politics/justice-department/texas-man-charged-planning-blow-amazon-data-center-virginia-n1263663
http://telegra.ph/Texas-Man-Charged-With-Intent-to-Attack-Data-Centers-04-09
via www.justice.gov
#usa #virginia #amazon #DeleteAmazon #datacenter #attack #fbi
π‘ @nogoolag π‘ @blackbox_archiv
The Wichita Falls man was arrested Thursday after receiving a fake bomb from an FBI undercover employee.
The FBI arrested a Texas man Thursday on charges of hatching a plan to blow up an Amazon data center in Virginia.
Seth Aaron Pendley, 28, of Wichita Falls was taken into custody Thursday after receiving what he thought was a bomb from a like-minded person, but it was actually a dud provided by an FBI undercover employee.
Court documents say Pendley came to the FBIβs attention after agents received a tip that he was posting alarming statements on a forum popular with militia groups, mymilitia.com. He began communicating through an encrypted messaging app with another person, who told the FBI that Pendley planned to use plastic explosives to attack the tech companyβs data centers βto kill about 70% of the internet.β
https://www.nbcnews.com/politics/justice-department/texas-man-charged-planning-blow-amazon-data-center-virginia-n1263663
http://telegra.ph/Texas-Man-Charged-With-Intent-to-Attack-Data-Centers-04-09
via www.justice.gov
#usa #virginia #amazon #DeleteAmazon #datacenter #attack #fbi
π‘ @nogoolag π‘ @blackbox_archiv
NBC News
Texas man charged with planning to blow up Amazon data center in Virginia
The Wichita Falls man was arrested Thursday after receiving a fake bomb from an FBI undercover employee.
Media is too big
VIEW IN TELEGRAM
CIA's Heart Attack Gun
Former CIA employee Mary Embree discusses the infamous heart attack gun. The weapon was first made public during the Church Committee hearings in 1975. Very lethal & untraceable, using this weapon a murder is made to look natural. No doubt the CIA has been using this weapon and has most likely improved upon it since the 70's.
clip of the 1975 Church Committee at 4:57
https://youtu.be/Uwy56QTV4cs
#cia #Heart #Attack #Gun
Former CIA employee Mary Embree discusses the infamous heart attack gun. The weapon was first made public during the Church Committee hearings in 1975. Very lethal & untraceable, using this weapon a murder is made to look natural. No doubt the CIA has been using this weapon and has most likely improved upon it since the 70's.
clip of the 1975 Church Committee at 4:57
https://youtu.be/Uwy56QTV4cs
#cia #Heart #Attack #Gun