Security Leftovers and Windows TCO
-
Krebs On Security ☛ Incognito Darknet Market Mass-Extorts Buyers, Sellers
Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass extortion attempt comes just days after Incognito Market administrators reportedly pulled an “exit scam” that left users unable to withdraw millions of dollars worth of funds from the platform.
-
The Record ☛ French government agencies hit by cyberattacks of ‘unprecedented intensity’
A number of French government agencies have been hit by “intense” cyberattacks, the prime minister’s office announced on Monday.
The nature of the attacks, which began on Sunday night, has not been confirmed although the description is consistent with distributed-denial-of-service (DDoS) attacks.
The French government said the attack was “conducted using familiar technical means but of unprecedented intensity.”
DDoS attacks are not capable of stealing information, although they can prevent people from accessing a network resource because they flood the servers with junk requests.
While DDoS incidents have been attributed to state-sponsored groups, the simplistic nature of the attack means they cannot offer a lasting disruptive capability or provide the attacker with a method to penetrate the targets’ networks.
-
Over 2,300,000 records of Family Entertainment Business Were Exposed in Data breach
The publicly exposed database contained 2,363,222 documents in.PDF and.PNG formats with a total size of 92.3 GB. These included reservations, injury waivers, and receipts with partial credit card numbers and transaction details. Additionally, there were digital gift cards with no expiration date, source images for websites and templates. I immediately sent a responsible disclosure notice to Kids Empire. The database remained publicly accessible for at least three weeks before it was finally restricted. It is unclear how long the data was exposed or if anyone else may have had access to the non-password-protected database, as only an internal forensic audit could identify this information. Once the database was secured, Kids Empire representatives thanked me by email for my notification and indicated future steps they will take for data protection.
[…]
The data exposure poses potential privacy risks to customers by revealing personally identifiable information (PII) such as names, physical and email addresses, phone numbers, and details about the reservations. The mandatory waivers included the child’s name as well as the parent’s personal information and signature. Kids Empire has 68 locations across 18 states, including Arizona, California, Colorado, Florida, Georgia, Iowa, Illinois, Indiana, Kansas, Michigan, Minnesota, Missouri, Nevada, New Jersey, Pennsylvania, Texas, Utah, and Virginia.
-
CBC ☛ Interior Health warns employees may be victims of privacy breach
An RCMP investigation has revealed a possible privacy breach for thousands of employees who worked or work at the health authority in British Columbia’s Interior.
Interior Health says police contacted them in January about finding a document that contained everything from social insurance numbers to home addresses for about 20,000 people.
The information covered people who worked at Interior Health from 2003 to 2009, although the authority says there was no patient information in the document.
-
Unix Men ☛ The Impact of Artificial Intelligence on Linux Security
However, the cyber threat landscape has changed. Even Linux systems are already being regularly targeted. A recently reported malware, for example, is threatening Linux devices as it exploits misconfigurations in Apache Hadoop, Docker, Confluence, and Redis. This malware employs Golang payloads to automate the search for and exploitation of vulnerable hosts while keeping itself concealed through multiple user-mode rootkits.
-
Unix Men ☛ Harnessing the Power of Free VPNs for Enhanced Cybersecurity on Linux [Ed: This seems to be linkspam rather than security advice]
-
Windows TCO
-
NPR ☛ One reason school cyberattacks are on the rise? Schools are easy targets for hackers [sic]
The bug was in the student records system. So Elder's IT staff shut that network down. But that meant teachers wouldn't have access to basic information about the almost 70,000 students enrolled in New Mexico's largest school district. Educators couldn't take attendance, wouldn't know children's bus routes and were locked out of grading systems.
Meanwhile, IT staff was desperately trying to figure out whether the computer virus had spread to their health records, security system and payroll.
Over the course of the morning, Elder began to understand the enormity of the situation.
-
Meduza ☛ Meduza is facing the most intense cyberattack campaign in its history
Attackers are increasingly trying to disable our website using methods like DDoS attacks, in which our site is bombarded with requests, causing it to either slow down significantly or become inaccessible to legitimate users. Just a few days ago, Meduza recorded one attack in which traffic to our site surged to about 200 times its usual level. We expect to see similar or even larger attacks during Putin’s upcoming election.
-
El País ☛ The French government says it’s being targeted by unusual intense cyberattacks
A group of hackers [sic] called Anonymous Sudan, which is considered by cybersecurity experts as pro-Russia, claimed responsibility for the attacks in online posts. The French prime minister’s office and digital safety agency wouldn’t comment on the claim, or provide details of what was targeted or what damage might have been caused.
-
Cyble Inc ☛ Lindsay Municipal Hospital Cyberattack Claimed By BianLian
The Lindsay Municipal Hospital cyberattack has been claimed by the BianLian ransomware group. This nefarious organization, known for its disruptive tactics, allegedly breached the security measures of the hospital’s system, adding another institution to its list of targets within the United States.
Accompanying their hospital cyberattack claims were brief insights into the Lindsay Municipal Hospital’s profile and its history of service to the Lindsay community and its surrounding areas.
-
-
Integrity/Availability/Authenticity
-
Techdirt ☛ Vehicle Cloning — Another Reason Not To Use Automated License Plate Readers
The problem is that people are making copies of other drivers’ license plates, and using them on similar-looking vehicles — generally the same model and same color — to break the law with impunity. When the ALPR cameras catch the cloners speeding, or failing to pay fees for entering special zones like London’s Ultra Low Emission Zone (ULEZ), the fines are sent to the actual owner of the license plate, not the perpetrator. The result is misery for those unlucky enough to have their license plates cloned, since it is hard to convince the authorities that automated license plate readers have made a mistake when there is apparent photographic evidence they haven’t. The experience of one driver interviewed by the Guardian is typical:
-