Yet another hacker crew has been battering the healthcare industry in recent months.
But rather than just aim for the PCs, its also gotten footholds on the computers controlling X-Ray, MRI and other medical machines, according to a report from Symantec on Thursday. The hacker group, dubbed Orangeworm, is mainly targeting American healthcare organizations, though there are a number of victims worldwide, including in Asia and Europe. But rather than do anything destructive, Orangeworm is likely using leverage on those medical devices to learn more about them as part of an ongoing corporate espionage operation, Symantec said.Read more
The U.S. Department of Homeland Security wants to monitor hundreds of thousands of news sources around the world and compile a database of journalists, editors, foreign correspondents, and bloggers to identify top “media influencers.”
It’s seeking a contractor that can help it monitor traditional news sources as well as social media and identify “any and all” coverage related to the agency or a particular event, according to a request for information released April 3. The data to be collected includes a publication’s “sentiment” as well as geographical spread, top posters, languages, momentum, and circulation. No value for the contract was disclosed.Read more
Ecuador has cut Julian Assange’s communications with the outside world from its London embassy, where the founder of the whistleblowing WikiLeaks website has been living for nearly six years.
The Ecuadorian government said in statement that it had acted because Assange had breached “a written commitment made to the government at the end of 2017 not to issue messages that might interfere with other states”. It said Assange’s recent behaviour on social media “put at risk the good relations [Ecuador] maintains with the United Kingdom, with the other states of the European Union, and with other nations”.Read more
Facebook has been collecting call records and SMS data from Android devices for years. Several Twitter users have reported finding months or years of call history data in their downloadable Facebook data file.
A number of Facebook users have been spooked by the recent Cambridge Analytica privacy scandal, prompting them to download all the data that Facebook stores on their account. The results have been alarming for some. “Oh wow my deleted Facebook Zip file contains info on every single phone cellphone call and text I made for about a year,” says Twitter user Mat Johnson. Another, Dylan McKay, says “somehow it has my entire call history with my partner’s mum.”Read more
Internet paranoiacs drawn to bitcoin have long indulged fantasies of American spies subverting the booming, controversial digital currency.
Increasingly popular among get-rich-quick speculators, bitcoin started out as a high-minded project to make financial transactions public and mathematically verifiable — while also offering discretion. Governments, with a vested interest in controlling how money moves, would, some of bitcoin’s fierce advocates believed, naturally try and thwart the coming techno-libertarian financial order. It turns out the conspiracy theorists were onto something.Read more
A hacking group is using updated cyber-attacks as part of a campaign targeting a European government, in what's thought to be a continued attempt to conduct espionage and surveillance.
The latest campaign by the Fancy Bear group -- also known as Sofacy and APT28, and believed to be linked to the Kremlin -- has been uncovered by researchers. They observed the campaign taking place on March 12, and then again on March 14. In these attacks, the Sofacy group employs an updated version of DealersChoice, a platform that exploits a Flash vulnerability to stealthily deliver a malicious payload of trojan malware.Read more
A slew of newly discovered vulnerabilities can wreak havoc on 4G LTE network users by eavesdropping on phone calls and text messages, knocking devices offline, and even spoofing emergency alerts.
Ten attacks detailed in a new paper by researchers at Purdue University and the University of Iowa expose weaknesses in three critical protocol operations of the cellular network, such as securely attaching a device to the network and maintaining a connection to receive calls and messages. Those flaws can allow authentication relay attacks that can allow an adversary to connect to a 4G LTE network by impersonating an existing user -- such as a phone number.Read more
A hacking operation has expanded its operations taking advantage of new tools - including the EternalBlue SMB exploit - to attack organisations across the Middle East for the purposes of surveillance and intelligence gathering.
Targets are mostly working in telecoms and transport and their surrounding supply chains - with IT software, payroll, aircraft services and engineering firms all targets during the last year. The operations of Chafer, an Iran-based targeted attack group have been detailed by researchers at security company Symantec, who note that since first being exposed in 2015, the group has expanded its surveillance and cyber attack operations.Read more
Last month, Apple announced that it would hand over management of its Chinese iCloud data to a local, state-owned firm in China called Cloud Big Data Industrial Development Co at the end of February in order to comply with new laws.
Now, experts are reporting that Apple will also hold iCloud encryption keys for Chinese users in China itself, raising new concerns about government access. The new policy does not affect any iCloud users outside of China. Compliance means Chinese authorities will have easier access to user data that’s stored in Apple’s iCloud service, especially now that, for the first time, Apple will store the keys for Chinese iClouds within China.Read more
A recent Wired profile details the lengths at which Facebook employees are willing to go to ensure the company isn’t monitoring their communications.
The piece examines two years of Facebook’s struggles, detailing everything from its Trending Topics debacle, to the dismissal, acceptance, and regret surrounding the hijacking of the 2016 US Presidential Election by Russian operatives. From its beleaguered CEO, to the increasingly paranoid people manning its workstations, one thing is clear: there’s trouble in Menlo Park. What struck me immediately was the lengths some employees felt were necessary in obscuring private information, such as location data, from their employer.Read more