Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Privacy Issues. Show all posts
Security Breaches
China Hackers Cyber Security CyberCrime Cyberhackers Cyberthreats Privacy Issues Security Breaches

Security Breach Exposes U.S. Wiretap Systems to China-Linked Hackers

 


A report in The Wall Street Journal on Saturday reported that Chinese hackers broke into the network of a major U.S. broadband service provider and obtained information about the wiretapping system being used by the federal government, according to the journal. The U.S. telecom industry recently experienced a major cyberattack involving Chinese hacker groups infiltrating its networks, gaining access to highly sensitive wiretapping data. 

However, it was not as severe as the NPD breach earlier in 2017. This attack targeted companies such as Verizon, AT&T, and Lumen Technologies, among others, giving unauthorized access to critical systems used for court-authorized wiretaps - a vital tool used for law enforcement surveillance - meaning that users could access their accounts without authority. As a result of the intrusion, the hackers had in their possession this data for months, which raised concerns regarding the depth of the intrusion and its implications for national security and individual privacy, as well as the future of our country. 

These hackers had been identified by U.S. authorities as being part of a Chinese cyber espionage group. It has brought renewed attention to the vulnerability of American broadband networks and the risks that they pose to the nation's security and surveillance systems as tensions between the two countries have already reached a high point over cyber operations. 

As reported by the Wall Street Journal, an attack linked to the Chinese government penetrated several US broadband providers' networks, allowing access to information that the federal government uses for court-authorized network wiretap requests," according to the article. As of the moment, several people familiar with the matter believe that hackers have been able to access network infrastructure, which was used by the US to facilitate legal requests for communication data for months or even years. It is also reported that these attackers were able to access other tranches of more generic Internet traffic as well, as WSJ sources stated. 

To determine who is responsible for the attack, "Salt Typhoon", a Chinese hacking group, has been attributed to it. This attack has been attributed to a Chinese hacker group that appears to have been performing the attack for intelligence-gathering purposes. The U.S. military previously referred to it as the "Salt Typhoon" due to its salty nature. 

The Department of Homeland Security disrupted a major Chinese hacking group called “Flax Typhoon” earlier this year, just months after highlighting the sweeping cyber espionage China is conducting under the title “Volt Typhoon” in a confrontation with the Chinese government. The Wall Street Journal report also states that Microsoft and others in the cybersecurity industry are investigating the Salt Typhoon attacks.  Besides FamousSparrow, Salt Typhoon is also tracked by GhostEmperor, which is also a subsidiary of Empress Network. 

According to ESET, Famous Sparrow is an active cyberespionage group that has been active for the last couple of years, at least as far back as 2019. Security firms at the time reported that a threat actor had been observed primarily targeting airports, hotels, and government and law firms, as well as international companies in countries including Brazil, Canada, Israel, Saudi Arabia, Taiwan, the UK, and many more.  According to Kaspersky, a security company that described GhostEmperor as a highly skilled and stealthy threat actor with a wide range of targets in Southeast Asia and around the globe, it was made official in 2021. 

Until the end of 2023, Sygnia did not see any activity from this group until it noticed rootkits being delivered through attacks.   A report in the Post and a report in the WSJ both suggested that the US wiretapping system could have been penetrated, although it is unlikely that this has yet been proven. It was recently reported that Homeland Security had disrupted an important Chinese hacking group, the "Flax Typhoon," earlier this year, just a few months after they revealed the sweeping cyber espionage China has been conducting under a codename called "Volt Typhoon," to take on the Chinese state. 

It has also been reported that Microsoft has joined other companies in the cybersecurity industry in investigating the Salt Typhoon attacks, according to the Wall Street Journal report.  The GhostEmperor information surveillance service, which is also run by Empress Network, tracks Salt Typhoon in addition to FamousSparrow. Depending on ESET's definition, Famous Sparrow is part of a cyber espionage group that has been active over the past two years, at least as far back as 2019. The group was created to eavesdrop on networks. 

The authors of this report state that, at the time of writing, security organizations reported that a threat actor had been observed primarily targeting airports, hotels, and law firms, along with international companies from a variety of countries, including Mexico, Brazil, Canada, Israel, Saudi Arabia, Taiwan, and the UK.  A security company called Kasperksy has described GhostEmperor as a highly skilled and stealthy threat actor with a wide range of targets in Southeast Asia as well as across the globe. 

It went official in 2021; a year after the threat actor had formed. After Sygnia's surveillance of this group came to a halt until the end of 2023, Sygnia noticed that rootkits were being delivered through attacks that showed that this group was active.   It was reported both in the Post and the Wall Street Journal that American wiretaps may have been compromised. However, there is no evidence to support this claim, even though it is unlikely that it will ever be proven.
Read more »
User Privacy
Amazon AWS FTC GitHub Privacy Privacy Issues User Privacy

Drizly Sued by FTC Over Data Breach Which Affected 2.5 Million Customers

According to claims that Drizly's security lapses resulted in a data breach that exposed the personal information of roughly 2.5 million customers, the Federal Trade Commission is taking legal action against the company and its CEO James Cory Rellas.

The FTC claims that the Uber-owned booze delivery business and its CEO, James Cory Rellas, were made aware of security concerns as early as 2018. The digital alcohol retailer Drizly and its CEO James Cory Rellas are being investigated by the Federal Trade Commission over claims that the company's security flaws caused a data breach that exposed the private data of around 2.5 million customers.

Drizly, an Uber subsidiary, runs an online marketplace where local shops can sell alcohol to customers who are of legal drinking age. The complaint alleges that Drizly gathered and stored users' email addresses, passwords, geolocation data, and postal addresses on Amazon Web Services (AWS) cloud computing service while negotiating deals.

According to the FTC, Drizly's lax security procedures, such as not forcing employees to utilize two-factor authentication for GitHub, where it stored login information, allowed those occurrences to occur. The FTC further notes that Drizly has no senior executive in charge of its security practice and did not restrict employees' access to consumers' personal information.

According to Samuel Levine, Director of the FTC's Bureau of Consumer Protection, "our proposed order against Drizly not only limits what the firm can retain and collect going ahead but also ensures the CEO suffers penalties for the company's negligence."

In its lawsuits and rulings, the FTC has been naming firm officials more frequently. As CEO of Drizly, Rellas was accused by the FTC of failing to appoint a senior executive to manage the security procedures. Companies may wish to make sure they hire a senior official in charge of security to help reduce the potential of individual liability for CEOs.

These draft orders will be published by the FTC soon, and the public will have 30 days to comment on them until the commission chooses whether to make them public.



Read more »
Privacy Issues
Facebook FTC Privacy Issues

Facebook expecting fine of $5 billion over privacy issues







Facebook said that they are keeping $5 billion aside as it is expected to be fined by the Federal Trade Commission for privacy violations. 

The social media website disclosed the amount in its first quarter earnings for 2019, stating that it is estimating a one-time fine of $3 billion to $5 billion, but the matter is unresolved and the negotiation is ongoing. 

“In the first quarter of 2019, we reasonably estimated a probable loss and recorded an accrual of $3.0 billion in connection with the inquiry of the FTC into our platform and user data practices, which accrual is included in accrued expenses and other current liabilities on our condensed consolidated balance sheet,” the company writes in its earnings statement. 

“We estimate that the range of loss in this matter is $3 billion to $5 billion. The matter remains unresolved, and there can be no assurance as to the timing or the terms of any final outcome.”

Facebook is negotiating with the regulator for months over a violation of 2011 privacy consent decree. 

According to the decree, the company promised a series of measures to protect its users’ privacy after an investigation found that its handling of data had harmed consumers.

However, the company came under fire once again last year, and F.T.C opened the case after the Cambridge Analytica fiasco in which personal information of nearly 50 million users were breached. 


Meanwhile, the F.T.C. declined to comment.

Read more »
VPNS.
Bitcoin cryptocurrency cryptonote Privacy Issues VPNS.

Leaked US Army Cyber Protection Brigade Memorandum appears to show Privacy Solutions compromised




The picture being referred to is a leaked picture of a memorandum on image board 4chan, complete with Department of Defence letterhead, seeming, by all accounts, to be from the United States Army’s Cyber Protection Brigade.

The posted picture displays an official document brought up on a terminal screen, on one side of which is a Common Access Card or CAC, complete with picture, conventional of a Department of Defence employee. It seems, by all accounts, to be a legitimate one, however it reeks of incredulity and skepticism. Be that as it may, it's as yet not clear with respect to why somebody would want this data leaked.

However another sensible theory can be that, there might be some sort of involvement of the cryptocommunity. Nevertheless an extraordinary method to constrain utilization of privacy solutions is to convey into the environment rumours about their being anything but, a sort of scheming way of spreading trepidation, uncertainty and doubt.

 “The success we have had with Tor, I2P, and VPN, cannot be replicated with those currencies that do not rely on nodes. There is a growing trend in the employment of Stealth addresses and ring signatures that will require additional R&D.” reads the document.

the memo's first line uncovers a unit required with the National Security Administration (NSA) and Cyber Protection Team (CPT) encouraging all the more financing for "new contracts and extra subsidizing to meet GWOT and drug interdiction targets aimed in July's Command update brief," Global War On Terror (GWOT) being a go-to pretext for about two decades of obtrusive military and law enforcement action.

“In order to put the CPT back on track, we need to identify and employ additional personnel who are familiar with the Crypto Note code available for use in anonymous currencies,” the memo stressed.
Crypto Note which is likewise the application layer for privacy tokens, for example, Bytecoin (BCN), Monero (XMR), utilizes a memory bound function which is hard to pipeline, that the pertinent agencies entrusted with monitoring and tracking internet solutions, and now coins, needs outside help with Crypto Note may say a lot about where the different government divisions are in terms of their security keenness.

The picture was distributed among Steemit, Veekly, and even Warosu exactly five months back, yet outlets, for example, Deep Dot Web may claim to have broken news. The document but is as yet worth dissecting, assuming its legitimacy.


As far as concerns its, Deep Dot Web claims to have contacted "a Monero developer, who spoke on state of obscurity," and the dev "said that the vast majority of the Monero engineers who have seen the leak trust it to be true. A few sources who were some time ago in the Armed force have additionally said they trust the report to be genuine." Offering ascend to the way that the contents of the document do give off an impression of being totally conceivable.
Read more »
Ubuntu is Spyware
Cyber Security News IT Security News Privacy Issues Security News Ubuntu is Spyware

"Ubuntu Linux is spyware" says Richard Stallman, Free Software Foundation President


Richard Stallman, the President of Free software Foundation, is saying the "Ubuntu Linux is Spyware" because the operating systems sends data to Canonical’s servers.

"Ubuntu, a widely used and influential GNU/Linux distribution, has installed surveillance code. When the user searches her own local files for a string using the Ubuntu desktop, Ubuntu sends that string to one of Canonical’s servers. (Canonical is the company that develops Ubuntu.)" Stallman said in the blog post.

According to his blog post, Ubuntu send the keyword searched in the Dash (the hub for finding stuff in the Unity desktop interface) to the Amazon.  Based one the keyword, it will show ads to buy various things from Amazon. If a user buys something from Amazon as a result, money is sent to Canonical in the form of affiliate payments.

"The main issue is the spying. Canonical says it does not tell Amazon who searched for what. However, it is just as bad for Canonical to collect your personal information as it would have been for Amazon to collect it."

Stallman concluded with a plea that people who recommend or redistribute free operating systems "remove Ubuntu from the distros you recommend or redistribute."

Canonical CEO Mark Shuttleworth claims that they are not putting ads in Ubuntu. The feature is to integrate online scope results into the home lens of the dash.

"This is to enable you to hit 'Super' and then ask for anything you like, and over time, with all of the fantastic search scopes that people are creating, we should be able to give you the right answer."Mark Shuttleworth said.

I am regular user of Ubuntu. I don't think this is biggest issue that makes me to use alternative distributions. What do you think about this issue?!
Read more »
Subscribe to: Posts (Atom)