This posting is here to collect cyber security news in January 2021.
I post links to security vulnerability news to comments of this article.
You are also free to post related links to comments.
This posting is here to collect cyber security news in January 2021.
I post links to security vulnerability news to comments of this article.
You are also free to post related links to comments.
369 Comments
Tomi Engdahl says:
Malwarebytes says its Office 365, Azure tenancies invaded by SolarWinds hackers, insists its tools are still safe to use
https://www.theregister.com/2021/01/20/malwarebytes_solarwinds_hack_latest/?utm_source=dlvr.it&utm_medium=facebook
Points finger at privilege escalation via application rights in Azure AD, which Microsoft says is as designed
Security company Malwarebytes suspects a breach of its Office 365 and Azure tenancies is by the same attacker behind the SolarWinds hack, but reckons flaws in Azure Active Directory security are also to blame.
Malwarebytes, whose products include widely used anti-malware tools for consumers and businesses, said that it does not use SolarWinds but believes that the same attacker used “another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments”.
The attack was spotted because of suspicious activity reported by Microsoft’s Security Response Center.
The intruder “only gained access to a limited subset of internal company emails” said Malwarebytes, and there was no evidence of unauthorised access to internal or on-premises and production environments. Malwarebytes also checked its source code and build processes including “reverse engineering our own software” but could not find any evidence of compromise, concluding that “our software remains safe to use.”
Tomi Engdahl says:
Hackers publish thousands of files after government agency refuses to pay ransom
https://www.zdnet.com/article/hackers-publish-thousands-of-files-after-government-agency-refuses-to-pay-ransom/
Ransomware gang publishes stolen data after Scottish Environment Protection Agency (SEPA) refuses to pay ransom – as agency confirms operations remain disrupted.
SEPA hasn’t confirmed what form of ransomware it has fallen victim to, but the Conti ransomware gang claimed responsibility for the attack.
As a result of the non-payment, Conti has published all of the stolen data on its website, posting over 4,000 documents and databases related to contracts, commercial services and strategy. The latest update from SEPA confirms that at least 4,000 files have been stolen and published.
“We’ve been clear that we won’t use public finance to pay serious and organised criminals intent on disrupting public services and extorting public funds,”
Tomi Engdahl says:
Google threatens to pull Search from Australia if Media Bargaining Code becomes law
https://www.zdnet.com/article/google-threatens-to-pull-search-from-australia-if-media-bargaining-code-becomes-law/
Search giant’s local managing director said the company has assessed the impact of the legislation and come to the conclusion it would be an untenable risk for its Australian operations.
Google has said it may have no other choice than to pull its Search function from Australia if the News Media Bargaining Code goes ahead in its current form.
Google, alongside Facebook, has been engaged in a stoush with the Australian Competition and Consumer Commission (ACCC) since August over the code that entered the House of Representatives in late December.
The bargaining code, according to the government, is necessary to address the fundamental bargaining power imbalances between Australian news media businesses and major digital platforms.
Tomi Engdahl says:
https://thehackernews.com/2021/01/exclusive-sonicwall-hacked-using-0-day.html?m=1
SonicWall, a popular internet security provider of firewall and VPN products, on late Friday disclosed that it fell victim to a coordinated attack on its internal systems.
The San Jose-based company said the attacks leveraged zero-day vulnerabilities in SonicWall secure remote access products such as NetExtender VPN client version 10.x and Secure Mobile Access (SMA) that are used to provide users with remote access to internal resources.
Tomi Engdahl says:
Laptops given to British schools came preloaded with remote-access worm
Department for Education says: ‘We believe this is not widespread’
https://www.theregister.com/2021/01/21/dept_education_school_laptops_malware/
The Register understands that a batch of 23,000 computers, the GeoBook 1E running Windows 10, made by Shenzhen-headquartered Tactus Group, contained the units that were loaded with malware. A spokesperson for the manufacturer was not available for comment.
Tomi Engdahl says:
SonicWall says it was hacked using zero-days in its own products
https://www.zdnet.com/article/sonicwall-says-it-was-hacked-using-zero-days-in-its-own-products/?utm_source=facebook&utm_medium=news_tab&utm_content=algorithm
The networking device vendor has published a series of mitigations as it’s investigating the incident and preparing patches.
Networking device maker SonicWall said on Friday night that it is investigating a security breach of its internal network after detecting what it described as a “coordinated attack.”
In a short statement posted on its knowledgebase portal, the company said that “highly sophisticated threat actors” targeted its internal systems by “exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products.”
Tomi Engdahl says:
https://thehackernews.com/2021/01/mrbminer-crypto-mining-malware-links-to.html?m=1
relatively new crypto-mining malware that surfaced last year and infected thousands of Microsoft SQL Server (MSSQL) databases has now been linked to a small software development company based in Iran.
Tomi Engdahl says:
Calgary man issues warning after discovering ‘creepy’ security camera live feeds
https://globalnews.ca/news/7593916/calgary-warning-security-cameras-live-streaming/
WATCH: A Calgary man is reminding people who own security cameras to change their default password after stumbling upon a website featuring live private camera feeds from around the world. As Tracy Nagai reports, he fears some people may not know they’re being watched.
After searching the website, called Insecam, Douros said he realized something was wrong.
On the website, live feeds of people’s front steps, workspaces and private homes are open to the public.
“I don’t know if people are aware that their signal is being broadcast out for anyone to find it, if they know how to find it,” he said.
“A lot of those people don’t know they’re broadcasting their personal moments at home, like peoples’ living rooms or basements.”
On the website, it states that a private or unethical camera will be removed immediately upon an e-mail complaint. The other option is for people to reset the default password on their camera.
“These IP cameras stream over their WiFi so it’s connected to their internet and they must make sure their internet is also password protected,” Calgary police Staff Sgt. Mark England said.
Calgary cybersecurity expert Harry Diamantopoulos said the risk extends to any smart home technology and people need to look at their WiFi router first if they’re concerned about their security.
“The home router is the heart of the home network and that needs to be secured,” Diamantopoulos said. “The first thing that anybody should do is to change that password on that router.”
“People may not even be aware that there are security risks by not changing that password.”
Tomi Engdahl says:
Tesla has accused an engineer of downloading about 26,000 sensitive files in his first week
https://trib.al/KUFX0qz
Tesla on Friday filed a complaint accusing an engineer of stealing trade secrets.
Tesla in a Friday court filing said a software engineer transferred about 26,000 confidential documents, including trade secrets, to his personal Dropbox during his first week at the company.
“Within three days of being hired by Tesla, Defendant brazenly stole thousands of trade secret computer scripts that took Tesla years to develop,” Tesla said in a complaint filed on Friday in the San Jose Division of the US district court of the Northern District of California.
Tesla said: “Indeed, as soon as Defendant uploaded the stolen files to his Dropbox account, he could have shared or retransferred those files to anyone or any other storage media (whether an external thumb drive, another computer, a mobile device, or another cloud-based storage system). And Tesla would have had no way to know that.”
The company said investigators had to interview Khatilov remotely because of COVID-19, meaning they weren’t able to “ensure complete deletion” from his devices.
Tomi Engdahl says:
Malwarebytes says its Office 365, Azure tenancies invaded by SolarWinds hackers, insists its tools are still safe to use
Points finger at privilege escalation via application rights in Azure AD, which Microsoft says is as designed
https://www.theregister.com/2021/01/20/malwarebytes_solarwinds_hack_latest/?utm_source=dlvr.it&utm_medium=facebook
Tomi Engdahl says:
Foreign Policy:
As platforms race to purge harmful content after the Capitol attack, police race to gather evidence, showing the need for international data preservation laws
The Internet Is a Crime Scene
https://foreignpolicy.com/2021/01/20/internet-crime-scene-capitol-riot-data-information-governance/
How we conceptualize the role social media played in the Capitol siege will set the stage for information governance across the globe.
In the aftermath of the Capitol siege, journalists, researchers, police, and archivists are racing to gather evidence as platforms purge content and accounts in record numbers. Although the scramble is reducing the capacity of Trump supporters to stage a second attack, it is also preventing others from identifying and collecting evidence for the trials of those involved in the first one.
This moment shows the need for international data preservation laws that would require technology companies to create processes and protocols that make information accessible for journalists, civil society organizations, law enforcement, and researchers. As platform companies delete an incredible amount of content while the FBI calls on these companies to hold onto the information, it is clear that the absence of clear regulations benefits those who tried to overthrow the U.S. government, and serves authoritarians who use social media to misinform the public.
The internet is a crime scene in the specific sense that its major platforms were used to connect, organize, and coordinate #StopTheSteal. As such, the technologies were not just reimagined, but also took on new meanings last week, even though their features remained largely unchanged. Social media on a lazy Sunday afternoon is of course different from social media during an insurrection. That’s why the context of use—who, what, when, where—is so important to identifying when it is being used for actionable offenses.
For many years, OSINT (open-source intelligence) researchers and journalists have developed methods for the analysis of networked data that has led to a better understanding of the identities of criminals and their motives. Police and journalists are increasingly using social media as a platform for investigations, gathering potential evidence, witness accounts, and other clarifying information, hoping the digital traces they find on social media can provide clues for both legal action and rapid-response reporting. During this last week, some public social media users have become active participants in these investigations, engaging in crowd-sourced research and using both verified facts and misinformation to theorize narratives and sort evidence.
Crowdsourced investigations require swarm intelligence, which relies on a particular design feature—threaded conversations, where groups can gather intel and verify it over time. Forums such as Reddit, Twitter threads, Facebook groups, and anonymous message boards allow large groups of individuals to gather evidence and marshal resources during a breaking news incident, communally building a single narrative about an event. Popular posts on these forums attract increased participation from users, and thus greater visibility on these sites, enrolling more and more individuals in the process. Using those and other intelligence, investigators working in parallel can tie together very different pieces of an event or crime.
Tomi Engdahl says:
https://portswigger.net/daily-swig/hackers-actively-scanning-for-vulnerable-sap-systems-after-exploit-gets-dropped-on-github
Tomi Engdahl says:
https://www.zdnet.com/article/a-chinese-hacking-group-is-stealing-airline-passenger-details/
Tomi Engdahl says:
https://www.oregonlive.com/silicon-forest/2021/01/intel-says-hackers-got-early-access-to-its-financial-results.html
Tomi Engdahl says:
https://www.zdnet.com/article/hacker-leaks-data-of-2-28-million-dating-site-users/
Tomi Engdahl says:
After big hack of U.S. government, Biden enlists ‘world class’ cybersecurity team
https://www.reuters.com/article/us-usa-biden-cyber/after-big-hack-of-u-s-government-biden-enlists-world-class-cybersecurity-team-idUSKBN29R18I
WASHINGTON/SAN FRANCISCO (Reuters) – President Joe Biden is hiring a group of national security veterans with deep cyber expertise, drawing praise from former defense officials and investigators as the U.S. government works to recover from one of the biggest hacks of its agencies attributed to Russian spies.
“It is great to see the priority that the new administration is giving to cyber,” said Suzanne Spaulding, director of the Defending Democratic Institutions project at the Center for Strategic and International Studies.
Cybersecurity was demoted as a policy field under the Trump administration. It discontinued the Cybersecurity Coordinator position at the White House, shrunk the State Department’s cyber diplomacy wing, and fired federal cybersecurity leader Chris Krebs in the aftermath of Donald Trump’s Nov. 3 election defeat
Disclosed in December, the hack struck eight federal agencies and numerous companies, including software provider SolarWinds Corp. U.S. intelligence agencies publicly attributed it to Russian state actors. Moscow has denied involvement in the hack.
The Biden administration “has appointed world-class cybersecurity experts to leadership positions,” Microsoft corporate Vice President Tom Burt said in a statement.
Some observers worry, however, that the collective group’s experience is almost entirely in the public sector, said one former official and an industry analyst who requested anonymity. The distinction is important because the vast majority of U.S. internet infrastructure is owned and operated by American corporations.
“The United States remains woefully unprepared for 21st century security threats – the establishment and prioritization of a DNSA for Cyber and Emerging Tech on the NSC indicates the seriousness the Biden Administration will afford to addressing these challenges,” said Phil Reiner, chief executive of the Institute for Security and Technology.
Tomi Engdahl says:
https://thehackernews.com/2021/01/experts-detail-recent-remotely.html?m=1
Tomi Engdahl says:
https://www.tripwire.com/state-of-security/ics-security/key-critical-infrastructure-cyber-resiliency/
Tomi Engdahl says:
Tulsi Gabbard: Domestic-Terrorism Bill Is ‘a Targeting of Almost Half of the Country’
https://www.nationalreview.com/news/tulsi-gabbard-domestic-terrorism-bill-is-a-targeting-of-almost-half-of-the-country/
Tulsi Gabbard, the former Democratic representative from Hawaii, on Friday expressed concern that a proposed measure to combat domestic terrorism could be used to undermine civil liberties.
Gabbard’s comments came during an appearance on Fox News Primetime when host Brian Kilmeade asked her if she was “surprised they’re pushing forward with this extra surveillance on would-be domestic terror.”
“It’s so dangerous as you guys have been talking about, this is an issue that all Democrats, Republicans, independents, Libertarians should be extremely concerned about, especially because we don’t have to guess about where this goes or how this ends,” Gabbard said.
She said the proposed legislation could create “a very dangerous undermining of our civil liberties, our freedoms in our Constitution, and a targeting of almost half of the country.”
The Domestic Terrorism Prevention Act of 2021 was introduced in the House earlier this week in the aftermath of rioting at the U.S. Capitol earlier this month that left five dead.
“Unlike after 9/11, the threat that reared its ugly head on January 6th is from domestic terror groups and extremists, often racially-motivated violent individuals,”
Tomi Engdahl says:
Russians Warned for US-led Cyberspace Threat Ensuing Solar Wind Orion
FSB Russia warns of US cyberattack following the SolarWinds Orion.
https://www.ehackingnews.com/2021/01/russians-warned-for-us-led-cyberspace.html?m=1
Tomi Engdahl says:
TikTok has until Friday to respond to Italy’s order to block users it can’t age-verify after girl’s death
https://techcrunch.com/2021/01/25/tiktok-has-until-friday-to-respond-to-italys-order-to-block-users-it-cant-age-verify-after-girls-death/?tpcc=ECFB2021
TikTok has until Friday to respond to an order by Italy’s data protection agency to block users whose age it cannot verify, TechCrunch has learned.
The GPDP made an ‘immediate’ order Friday in response to the death of a 10-year-old girl from Palermo who died of asphyxiation after participating in a ‘blackout challenge’ on the social network, according to reports in local media.
The agency said the ban would remain place until February 15 — suggesting it would make another assessment about any additional action at that point.
Tomi Engdahl says:
Dominion Voting Sues Rudy Giuliani For $1.3 Billion Over Election Conspiracy
https://www.forbes.com/sites/alisondurkee/2021/01/25/dominion-sues-rudy-giuliani-for-13-billion-over-election-conspiracy/?utm_campaign=forbes&utm_source=facebook&utm_medium=social&utm_term=Valerie
Dominion Voting Systems sued Trump attorney Rudy Giuliani for defamation Monday, accusing the former New York City mayor of having “manufactured and disseminated” a false conspiracy theory involving the company’s voting machines, the second in a series of high-dollar lawsuits Dominion has filed against Trump allies who pushed false accusations of election fraud.
Dominion sued Giuliani after sending the attorney two letters warning legal action was “imminent,” with the second letter on Jan. 10 warning, “There is nothing you can say or do at this point to undo the hundreds of millions of dollars in damage that you and your allies have caused Dominion.”
The company’s voting machines are at the heart of a far-right election conspiracy theory that alleges they were used to fraudulently sway the election against former President Donald Trump—dubbed by Dominion in the lawsuit as “the Big Lie”—which there is no evidence to support.
Dominion points to more than 50 statements Giuliani made about the company that were allegedly defamatory—including comments on his podcast, on social media, in appearances on Fox Business and during the Jan. 6 rally that preceded the violent attack on the U.S. Capitol building—which they argue caused Dominion “unprecedented reputational and financial harm, and its employees’ lives have been put in danger.”
Giuliani “enriche[d] himself by falsely claiming that Dominion fixed the election,” the lawsuit alleges, and the company contends Giuliani allegedly did so knowing the claims were false, because he did not make allegations about the voting machines in the Trump campaign’s actual post-election lawsuits.
“As a lawyer, Rudy Giuliani is well aware that he can be sanctioned for making false claims in court. That’s why he never mentioned Dominion in court and admitted in court that his case wasn’t a fraud case,” Dominion attorney Thomas Clare said in a statement. “Instead, he peddled his lies about Dominion in the court of public opinion, in concert with reckless media outlets that knowingly gave him a global platform to spew baseless falsehoods and to undermine confidence in our democracy.”
Tomi Engdahl says:
Former LulzSec Hacker Releases VPN Zero-Day Used to Hack Hacking Team
https://www.vice.com/en/article/dy85nz/former-lulzsec-hacker-releases-vpn-zero-day-used-to-hack-hacking-team
A security researcher has released an exploit for SonicWall VPNs that was originally found by Phineas Fisher in 2015.
A security researcher who used to be part of the infamous hacktivist group LulzSec published a zero-day exploit for a popular VPN application made by SonicWall on Monday. The exploit relies on the same vulnerabilities exploited by the notorious hacktivist Phineas Fisher to hack Hacking Team.
On Monday, Darren Martyn published the exploit in a blog, following the announcement by SonicWall that hackers had breached its internal network by exploiting zero-days in its equipment. Martyn said he decided to release the exploit to denounce SonicWall’s poor security.
https://darrenmartyn.ie/2021/01/24/visualdoor-sonicwall-ssl-vpn-exploit/
Tomi Engdahl says:
Google: North Korean hackers have targeted security researchers via social media
https://www.zdnet.com/article/google-north-korean-hackers-have-targeted-security-researchers-via-social-media/
Google TAG warns security researchers to be on the lookout when approached by unknown individuals on social media
Tomi Engdahl says:
https://www.justice.gov/usao-ndga/pr/cypriot-hacker-pleads-guilty-extorting-website-operators-stolen-user-data
Tomi Engdahl says:
https://www.is.fi/digitoday/tietoturva/art-2000007761441.html
Tomi Engdahl says:
A user on a popular hacker forum has leaked an archive containing user and creator data allegedly exfiltrated from Teespring, an e-commerce platform that allows people to design, market, and sell custom apparel.
8+ million Teespring user records leaked on hacker forum
https://cybernews.com/security/8-million-teespring-user-records-leaked-on-hacker-forum/?utm_source=facebook&utm_medium=cpc&utm_campaign=rm&utm_content=8_million_teespring&fbclid=IwAR0SKJtNAa1XAKaGgA0HIKeKi650mo6nCgcGlWYnzMUjXFQVtWKl3m6LSfw
Tomi Engdahl says:
Yli 1,3 miljoonan suomalaisen puhelinnumerot vuotivat – ovat myynnissä netissä
Tänään klo 12:30
Puhelinnumeroiden vuotamisen taustalla on vanha Facebook-haavoittuvuus.
https://www.iltalehti.fi/digiuutiset/a/0eb51b06-12fe-4e6d-8ed6-e190e1930336
Bot Lets Hackers Easily Lookup Facebook Users’ Phone Numbers
The person selling access to the service claims it has data on 500 million Facebook users.
https://www.vice.com/en/article/xgz7bd/facebook-phone-numbers-bot-telegram
Tomi Engdahl says:
This new botnet is targeting Linux servers running enterprise apps
https://www.techradar.com/news/this-new-botnet-is-targeting-linux-servers-running-enterprise-apps
Security researchers from Zscaler’s ThreatLabZ team have discovered and analyzed a new Linux-based malware family that is being used by cybercriminals to target Linux servers running enterprise apps.
The cybersecurity firm has dubbed the new malware family DreamBus and it is actually a variant of an older botnet named SytemdMiner which first appeared back in 2019. However, current versions of DreamBus feature several improvements when compared to SystemdMiner.
The DreamBus botnet is currently being used to target a number of popular enterprise apps including PostgreSQL, Redis, Hadoop YARN, Apache Spark, HashiCorp Consul, SaltStack, and the SSH service, all of which run on Linux servers.
The cybercriminals deploying DreamBus are doing so with the aim of gaining a foothold on Linux servers where they can download and install an open-source app used for mining the cryptocurrency Monero (XMR). Additionally, each infected server then becomes part of the botnet,
Tomi Engdahl says:
With the Death of Cash, Privacy Faces a Deeply Uncertain Future
https://hackernoon.com/with-the-death-of-cash-privacy-faces-a-deeply-uncertain-future-l8c344v
The Coming Death of Cash and the Battle for the Future of Money. In One Future We have a Private, Anonymous Alternative to Cash but in the Black Mirror Future the Money in Your Pocket Knows Everything About You.
Cash is dying.
Tomi Engdahl says:
Varo tätä tekstiviestiä – pelottavan uskottava huijaus tuo haittaohjelman puhelimeen
Suomalaisille on levitetty maanantain aikana varsin uskottavaa huijausta Postin nimissä
https://www.is.fi/digitoday/tietoturva/art-2000007761441.html
Tomi Engdahl says:
As Signal downloads surge, employees are reportedly worried the messaging app isn’t doing enough to head off extremism
https://trib.al/sqalBHd
Tomi Engdahl says:
N. Korean Hackers Targeting Security Experts to Steal Undisclosed Researches
https://thehackernews.com/2021/01/n-korean-hackers-targeting-security.html
Google on Monday disclosed details about an ongoing campaign carried out by a government-backed threat actor from North Korea that has targeted security researchers working on vulnerability research and development.
The internet giant’s Threat Analysis Group (TAG) said the adversary created a research blog and multiple profiles on various social media platforms such as Twitter, Twitter, LinkedIn, Telegram, Discord, and Keybase in a bid to communicate with the researchers and build trust.
The goal, it appears, is to steal exploits developed by the researchers for possibly undisclosed vulnerabilities, thereby allowing them to stage further attacks on vulnerable targets of their choice.
Tomi Engdahl says:
Google warns of ‘novel social engineering method’ used to hack security researchers
Government-backed hackers in North Korea are reportedly responsible
https://www.theverge.com/2021/1/26/22250060/google-threat-analysis-group-north-korean-hackers-cybersecurity-researchers-social-engineering
Tomi Engdahl says:
Patients fall victim to health ransomware
Cyber hackers’ access to personal data can cause havoc at medical facilities
https://www.ft.com/content/acf4ac78-c738-48c6-8de1-077697e062d6
Tomi Engdahl says:
Overall, I Believe Some of the Best Red Teamers Are Those Who Were Blue Teamers First (and vice versa)
https://pentestmag.com/heath-adams-interview/
Interview with Heath Adams/The Cyber Mentor YouTuber, CEO of TCM Security and Hacker
Tomi Engdahl says:
https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/
Tomi Engdahl says:
Google Warning: North Korean Hackers Breach Windows And Chrome Defenses To Attack Security Researchers
https://www.forbes.com/sites/thomasbrewster/2021/01/26/google-warning-north-korean-hackers-breach-windows-and-chrome-defenses-to-attack-security-researchers/
Tomi Engdahl says:
Insurers ‘funding organised crime’ by paying ransomware claims
Exclusive: former cybersecurity chief calls for law change and warns situation is ‘close to getting out of control’
https://www.theguardian.com/technology/2021/jan/24/insurers-funding-organised-by-paying-ransomware-claims
Tomi Engdahl says:
Four security vendors disclose SolarWinds-related incidents
Mimecast, Palo Alto Networks, Qualys, and Fidelis confirmed this week they were also targeted during the SolarWinds supply chain attack.
https://www.zdnet.com/article/four-security-vendors-disclose-solarwinds-related-incidents/
Tomi Engdahl says:
Homeland Security Issues Warn Of Domestic, Anti-Government Attacks Following Capitol Riot
https://www.forbes.com/sites/carlieporterfield/2021/01/27/homeland-security-issues-warn-of-domestic-anti-government-attacks-following-capitol-riot/?utm_campaign=forbes&utm_source=facebook&utm_medium=social&utm_term=Gordie
The Department of Homeland Security issued a bulletin Wednesday warning that domestic terrorists may have been “emboldened” by the siege on the U.S. Capitol earlier this month and could be planning more violent attacks.
“Information suggests that some ideologically-motivated violent extremists with objections to the exercise of governmental authority and the presidential transition, as well as other perceived grievances fueled by false narratives, could continue to mobilize,” according to the bulletin.
https://www.dhs.gov/ntas/advisory/national-terrorism-advisory-system-bulletin-january-27-2021
Tomi Engdahl says:
Britain’s Doomsday Nuke Subs Still Run Windows XP
The fate of the country’s nukes is in the hands of an obsolete operating system.
https://www.popularmechanics.com/military/weapons/a19061/britains-doomsday-subs-run-windows-xp/
Britain’s fleet of missile submarines, HMS Vanguard, Victorious, Vigilant, and Vengeance, are four of the deadliest ships ever built. Armed with nuclear weapons, the four “boomers” patrol the oceans, providing a powerful deterrent against a surprise nuclear attack on the United Kingdom.
The four Vanguard-class ballistic missile submarines provide the UK’s entire nuclear deterrent.
The submarines were commissioned in the 1990s. According to The Guardian, Windows XP was installed because it was “cheaper than alternatives.” The software is even branded as “Windows for Submarines.” A joke? We’re not sure.
Microsoft ended security updates for Windows XP in 2014, meaning that the Vanguard submarines could be vulnerable to viruses, malware, and cyberattacks.
Tomi Engdahl says:
Progressives Slam Hedge Funds Irked By GameStop Stock Boom As SEC Says It’s Monitoring The Situation
https://www.forbes.com/sites/nicholasreimann/2021/01/27/progressives-slam-hedge-funds-irked-by-gamestop-stock-boom-as-sec-says-its-monitoring-the-situation/?utm_campaign=forbes&utm_source=facebook&utm_medium=social&utm_term=Gordie
Progressive Democrats in Congress are speaking out about the massive, Reddit-fueled spike in GameStop’s share price, with Sen. Elizabeth Warren (D-Mass.) scolding the “hedge funds, private equity firms, and wealthy investors dismayed by the GameStop trades” while noting that those in the past “have treated the stock market like their own personal casino,” as the Securities and Exchange Commission also announced Wednesday it was reviewing the market volatility.
Shares of GameStop soared as high as $372 Wednesday before closing at $347.51, a monumental spike from where they were trading at around $20 just two weeks ago.
It appears to be driven in massive part by followers of the subreddit r/wallstreetbets, which has continued to push the stock to further heights, with many users taking particular satisfaction in how they’ve managed to disrupt the market and hedge fund managers who had sold the stock short.
Calls for new regulations against the massive number of market-shifting Redditors have sparked backlash, with many noting what would be an apparent double standard in cracking down on successful retail traders but not high-dollar hedge funds.
“Gotta admit it’s really something to see Wall Streeters with a long history of treating our economy as a casino complain about a message board of posters also treating the market as a casino,” Ocasio-Cortez said in a tweet.
Tomi Engdahl says:
10 highly shorted stocks are soaring as Reddit traders wage war against top Wall Street hedge funds
https://trib.al/wUKkxTz
The Wall Street Bets forum on Reddit — now 3 million members strong — is flexing its muscle against hedge funds.
The forum has sparked an epic short squeeze in shares of GameStop, which is now spilling over into other highly shorted stocks.
Detailed below are the 10 highly shorted stocks that are soaring at the expense of many hedge funds.
Tomi Engdahl says:
Hacked patient data reappears on dark web
Police believe at least some of the records are related to the hacking of psychotherapy centre Vastaamo’s database.
https://yle.fi/uutiset/osasto/news/hacked_patient_data_reappears_on_dark_web/11757894
Tomi Engdahl says:
How We Hacked Azure Functions and Escaped Docker
https://www.intezer.com/blog/research/how-we-hacked-azure-functions-and-escaped-docker/
Tomi Engdahl says:
Vanha puhelimesi kiinnostaa rikollisia – nämä laitteet kannattaa tuhota huolellisesti, jos et halua tietojasi vääriin käsiin
Tietomurrot ovat lisänneet kuluttajien tietoisuutta datalaitteiden oikeaoppisesta hävittämisestä.
https://yle.fi/uutiset/3-11756262
Tomi Engdahl says:
Pay-or-Get-Breached Ransomware Schemes Take Off
https://www.darkreading.com/endpoint/pay-or-get-breached-ransomware-schemes-take-off/d/d-id/1339987
In 2020, ransomware attackers moved quickly to adopt so-called “double extortion” schemes, with more than 550 incidents in the fourth quarter alone.
Tomi Engdahl says:
Tips to harden Active Directory against SolarWinds-type attacks
https://www.csoonline.com/article/3603951/tips-to-harden-active-directory-against-solarwinds-type-attacks.html
The SolarWinds attackers took advantage of Active Directory to gain a foothold. Here’s what configurations and policies to check to better protect your network.
Tomi Engdahl says:
Tällainen on suomalaisten puhelimiin parhaillaan levitettävä haittaohjelma – ”Voidaan puhua epidemiasta”
Postin nimissä tehtävä huijauskampanja iskee sekä Android- että iPhone-käyttäjiin. Vaarana ovat haittaohjelma ja mobiililaskutus.
https://www.is.fi/digitoday/tietoturva/art-2000007764380.html