Hacking, Security & Privacy News - Page 9

The White House has blamed China for several cyberattacks aimed at Microsoft's business email server, the Microsoft Exchange Server.

According to the White House website, the US, along with other allies such as the European Union, the United Kingdom, and NATO, are revealing how the People's Republic of China (PRC) has been conducting malicious cyber activity that is endangering national security. The statement from the White House says that the PRC has been using "contract hackers," and due to the lack of interest China has in taking responsibility for the hacks and stopping them, it's believed that they are intentional.

The Department of Justice (DOJ) recently published four indictments for four Chinese nationals over a hacking campaign that occurred between 2011 and 2018. The DOJ website states that the hacking campaign targeted the following industries; aviation, defense, education, government, health care, biopharmaceutical, and maritime. Additionally, the hackers obtained trade secrets, chemical formulas, sensitive technologies, proprietary genetic-sequencing technology.

Ransomware has become a big deal with the recent attack on the US by a Russian-linked hacking group that was carried out on July 4.

Atlas VPN, a free VPN app, has posted an update to its blog where it states that with data it has acquired, "31% of businesses in the US are forced to close down as a consequence of falling victim to ransomware attacks." For those that don't know, ransomware is a form of malware where an individual threatens to publish personal data of a victim that is then forced into paying the individual, either for access to the data or for it not to be published.

Atlas VPN states that the data provided here has been sourced from Cybereason, who surveyed 1,263 cybersecurity professionals in April 2021. Of those 1,263 cybersecurity professionals, it was found that companies between 500+ employees were most likely to fall victim to ransomware (30%), followed by companies with 250-500 employees (23%), "100-249 employees (25%), 50-99 employees (11%), 10-49 employees (10%), and fewer than 10 people (1%)."

The world has been gripped by the pandemic, changing the very fabric of our society bit-by-bit, and now the Biden administration will lurk around in your smartphone spying on your text messages but it's okay... it's for your own safety, they're the government.

In a new post by Politico, the Biden administration is going into the second season of Utopia by ramping up its attack on anti-vaxxers in an article Polico titled "'Potentially a death sentence': White House goes off on vaccine fearmongers" for maximum fear and SEO.

Anyway, inside of that article are some details on what the Biden administration and DNC have planned for the near future for all Americans: they'll be spying on your text messages. Why? Well, for your safety of course -- as the Biden administration will be working with Big Tech and SMS carriers to "dispel misinformation about vaccines".

The United States was the victim of a malicious ransomware attack on July 4 that has now been called the largest ransomware attack in history.

The attack was carried out on July 4, and since then, a Russia-linked hacking group called REvil has claimed responsibility. REvil has now posted onto its dark web site the choice of purchasing a decryptor software key that would allow for companies to access their data. However, the price of that decryptor software key is $70 million in the form of cryptocurrency.

REvil has affected thousands of users and managed to gain control through firms that manage IT infrastructure for companies remotely. President Biden has previously said to Russia's President, Vladamir Putin, "we will respond" if Russia is found responsible for an attack. Deputy National Security Advisor Anne Neuberger has stated that Biden has "directed the full resources of the government to investigate this incident" and is asking anyone who has been affected by this attack to contact the FBI.

The United States experienced a massive cyberattack last Friday, right at the start of the Independence Day weekend.

President Joe Biden has said that at the moment, the US isn't sure "who it is", and that the "initial thinking was it was not the Russian government." However, Biden also said that he has spoken to Russian President Vladimir Putin and said that if Russia is found to be guilty of the attack, the US will respond. "But if it is Russia, I told Putin we will respond", said Biden, in reference to their meeting last month in Geneva, Switzerland.

The cyberattack affected at least 200 companies across the United States, with the cyber-security firm, Huntress Labs describing the attack as "colossal". Earlier reports indicate that Huntress Labs believe the Russia-linked REvill ransomware gang was responsible for the attack. The first attack happened at the Kaseya, a Florida-based IT company. If you are interested in reading any more information about this story, check out this link here.

TikTik has just changed its US privacy policy that includes a new section that says the social video sharing app "may collect biometric identifiers and biometric information" from users' content. Nice.

The biometric identifiers and information will include things like "faceprints and voiceprints", with details on the biometric data collection introduced in a new section TikTok has dubbed "Image and Audio Information" under the heading of "Information we collect automatically" in its newly-revised US privacy policy.

TikTok was already pretty liberal with the amount of data it scrapes from users on the daily, but now it is in overdrive with the new section explaining that it will be collecting information about the images and audio that is in users' actual content.

On June 8, Amazon will be debuting what it has called "Amazon Sidewalk," which will enable all compatible devices into a brand new service.

Amazon Echo speakers and Ring cameras will automatically be hooked up to the Sidewalk service automatically, allowing strangers to use your Wi-Fi connection. Amazon has said that Sidewalk is being rolled out as a way to increase home security. Here's how it works. If you choose to keep Sidewalk enabled, your compatible Amazon devices will connect to other Sidewalk compatible devices within a mile range.

The connection with surrounding devices will allow compatible devices to use an active internet connection even if your home internet connection is currently offline. Essentially, if you have Sidewalk enabled and your internet goes down, your Ring device will jump from using your home connection to a surrounding connection so the device can remain active, thus keeping the security of your home enabled. If you don't want Sidewalk enabled, you can choose to opt out of it by simply going to Account Settings and looking for Amazon Sidewalk and toggle it off.

The United States is currently under siege when it comes to cyberattacks, forcing the White House to respond to recent events.

Major infrastructure such as pipelines, water-treatment plants, hospital I.T. systems, and more have all experienced cyberattacks. Cyberattacker cut off a pipeline to the Eastern Seaboard for days and also attempted to poison a Florida water-treatment plant. According to Fox News, other major infrastructure is being targeted as well, such as transportation hubs, energy facilities, and utility companies.

From the attacks that have already occurred, it's reasonable to suggest they can be seen as acts of war, especially when you consider how many millions of lives would be affected if, for example, drinking water was poisoned for an entire city. Not to mention, holding hostage hospital I.T. systems is certainly not what an ally does. President Biden signed an executive order on Wednesday that will add additional strength to the seemingly buckling U.S. cyber defense systems, as well as boost the Cybersecurity and Infrastructure Security Agency (CISA).

Another day, another huge Facebook data leak with the personal data of 533 million users has leaked online and is available for free.

Business Insider reports that it has verified the leaks, explaining: "The exposed data includes personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. It includes their phone numbers, Facebook IDs, full names, locations, birthdates, BIOS, and - in some cases - email addresses".

Facebook explains that it had fixed a vulnerability in 2019 and that the data scraped was from back then, and not current data. But the information on the users is the same with the biggest point here being the phone numbers, as many more services now just require a phone number for registration and as the creator of Have I Been Pwned database, Troy Hunt, explains:

It seems foreign hackers have gained access to the networks of both the US Department of Energy and National Nuclear Security Administration.

There are new reports from both Bloomberg and Politico that say federal investigators say was part of a "Russian cyber attack that struck a number of federal government agencies. Microsoft Corp. was also breached, and its products were used to further attacks on others".

Shaylyn Hynes, a Department of Energy spokeswoman, said in a statement: "At this point, the investigation has found that the malware has been isolated to business networks only".