Dislikes: 0
Google published a six-part report today detailing a sophisticated hacking operation that the company detected in early 2020 and which targeted owners of both Android and Windows devices.
The attacks were carried out via two exploit servers delivering different exploit chains via watering hole attacks, Google said.
Watering hole is a computer attack strategy in which an attacker guesses or observes which websites an organization often uses and infects one or more of them with malware. Eventually, some member of the targeted group will become infected. Hacks looking for specific information may only attack users coming from a specific IP address. This also makes the hacks harder to detect and research. The name is derived from predators in the natural world, who wait for an opportunity to attack their prey near watering holes.
2017 CCleaner attack
From August to September 2017, the installation binary of CCleaner distributed by the vendor's download servers included malware. CCleaner is a popular tool used to clean potentially unwanted files from Windows computers, widely used by security-minded users. The distributed installer binaries were signed with the developer's certificate making it likely that an attacker compromised the development or build environment and used this to insert malware.
Ransomware attacks now to blame for half of healthcare data breaches
Almost half of data breaches at hospitals were because of ransomware attacks – and those attacks could've been prevented with timely patching.
Almost half of all data breaches in hospitals and the wider healthcare sector are as a result of ransomware attacks according to new research.
Ransomware gangs are increasingly adding an extra layer of extortion to attacks by not only encrypting networks and demanding hundreds of thousands or even millions of dollars in bitcoin to restore them, but also stealing sensitive information and threatening to publish it if the ransom isn't paid.
This double extortion technique is intended as extra leverage to force victims of ransomware attacks to give in and pay the ransom rather than taking the time to restore the network themselves. For healthcare, the prospect of data being leaked on the internet is particularly disturbing as it can involve sensitive private medical data alongside other forms of identifiable personal information of patients.
One of the key methods for ransomware gangs gaining access to hospital networks is via a pair of VPN vulnerabilities found in the Citrix ADC controller, affecting Gateway hosts (CVE-2019-19781) and Pulse Connect Secure (CVE-2019-11510).
Both of these vulnerabilities had received security patches to stop hackers from exploiting them by the beginning of 2020, but despite this, large numbers of organisations have yet to apply the update.
That's allowed ransomware groups – and even nation-state-linked hacking operations – to exploit unpatched vulnerabilities to gain a foothold on networks and they'll continue to do so as long as networks haven't received the required security patches.
"As the attack surface expands, vulnerability management has a central role to play in modern cybersecurity strategies. Unpatched vulnerabilities leave sensitive data and critical business systems exposed, and represent lucrative opportunities for ransomware actors," said Renaud Deraison, co-founder and chief technology officer at Tenable.
The key way to protect networks falling victim to ransomware and other cyberattacks is to apply patches when they're released, particularly those designed to fix critical vulnerabilities. And if there's applications that your organisation uses that no longer receives security updates, researchers recommend replacing this software with an alternative that's still supported.
"If the software solutions used by your organization are no longer receiving security updates, upgrading to one with an active support contract is vital," the report says.
"It is imperative that organizations identify assets within their environments that are vulnerable to months- and years-old flaws and apply relevant patches immediately," it said.
Biden orders investigation into Russian misdeeds as admin seeks nuclear arms treaty extension
The White House has ordered an intelligence review of Russian misdeeds ranging from the SolarWinds hack to alleged bounties on US troops, but will pursue an agreement with Moscow on an issue of mutual concern: nuclear arms control.
"Even as we work with Russia to advance US interests, so too we work to hold Russia to account for its reckless and adversarial actions," White House press secretary Jen Psaki told reporters at a briefing Thursday.
"To this end, the President is also issuing a tasking to the intelligence community for its full assessment of the SolarWinds cyber breach, Russian interference in the 2020 election, its use of chemical weapons against opposition leader Alexey Navalny and the alleged bounties on US soldiers in Afghanistan," she said.
President Joe Biden's intel chief, Avril Haines, was sworn in on Thursday and overseeing the assessment will be one of her first major tasks.
The launch of the review signals that Biden is prepared to take a more critical approach on countering Moscow than his predecessor, Donald Trump, who failed to forcefully condemn Russia over those incidents.
However, Psaki told reporters that the Biden administration is prepared to work with Russia on the New START Treaty, telling reporters that "the United States intends to seek a five year extension ... as the treaty permits."
"Just as we engage Russia in ways that advance American interests, we in the Department will remain clear-eyed about the challenges Russia poses and committed to defending the nation against their reckless and adversarial actions," Kirby said.
Russia has been cultivating Trump as an asset for 40 years, former KGB spy says
Thomas Colson Jan 29, 2021, 7:25 AM
trump russia 2
Donald Trump. Getty
The KGB cultivated Trump as an asset for 40 years, a former operative told The Guardian.
Yuri Shvets told The Guardian that the KGB had identified Trump as a potential asset in the 1980s.
Shvets said it was stunning when Trump took out an ad repeating anti-Western talking points after a trip to Moscow.
Visit Business Insider's homepage for more stories.
The KGB cultivated Donald Trump as an asset for 40 years, and he proved a highly valuable asset in repeating anti-Western Russian propaganda in the United States, a former KGB operative told The Guardian.
Yuri Shvets is a key source in "American Kompromat," a new book detailing the decades-long relationship between Trump and Russia by the journalist Craig Unger.
The book, which is based on interviews with former Russian and US operatives, details the KGB's attempts in the 1980s to cultivate dozens of unwitting businesspeople in the United States as useful Russian assets.
Read more: Trump administration staffers are getting snubbed while hunting for jobs. One recruiter tried to place 6 of them and couldn't land any interviews.
Shvets told The Guardian that the KGB had identified Trump, then an up-and-coming property developer, as a potential asset in the 1980s.
"This is an example where people were recruited when they were just students and then they rose to important positions; something like that was happening with Trump," Shvets told the paper.
The book's author said Trump became a target for the Russians in 1977 when he married his first wife, the Czech model Ivana Zelnickova.
"He was an asset. It was not this grand, ingenious plan that we're going to develop this guy and 40 years later he'll be president," Unger told The Guardian.
Unger added: "Trump was the perfect target in a lot of ways: his vanity, narcissism made him a natural target to recruit. He was cultivated over a 40-year period, right up through his election."
Trump's 1987 book, "The Art of the Deal," described a visit to Moscow to discuss building "a large luxury hotel across the street from the Kremlin in partnership with the Soviet government."
In fact, Shvets said, Russian operatives used the trip to flatter Trump and told him he should go into politics. Shvets told The Guardian that KGB operatives were then stunned to discover that Trump had returned to the United States, mulled a run for office, and taken out a full-page ad in several newspapers that echoed anti-Western Russian talking points.
The ad, which ran in The Washington Post, The New York Times, and The Boston Globe, was titled "There's nothing wrong with America's Foreign Defense Policy that a little backbone can't cure."
The ad accused Japan and other countries of "taking advantage" of the United States and said the US should stop paying to defend other rich countries — arguments that would become the backbone of his foreign policy when he became president decades later.
Shvets said the ad was considered an "unprecedented" success in Russia's attempts to promote anti-Western talking points in American media.
Trump has long denied that he has any financial connections to Russia. "Russia has never tried to use leverage over me," he tweeted in 2017. "I HAVE NOTHING TO DO WITH RUSSIA - NO DEALS, NO LOANS, NO NOTHING!"
The special counsel Robert Mueller's investigation into Russian interference in the 2016 US election ultimately found that Trump's campaign did not coordinate with Russia to influence the election.
Several senior members of Trump's campaign, including his national security advisor Michael Flynn and his campaign advisor George Papadopoulos, pleaded guilty to lying to prosecutors about their contacts with people linked to the Russian government.
Michael Cohen, Trump's personal lawyer, also pleaded guilty in 2018 to lying to a Senate committee about plans to build a Trump Tower in Moscow.
You would think the way they value HIPPA REGS the servers would be more secure.Originally Posted by SalesServiceGuy
But some dummy ( probably related to to the DNC ) opened a phishing email
Sent from my SM-G960U using Tapatalk
More bullshit coming from liberal rags like CNN MSNBCpms or VOX
Sent from my SM-G960U using Tapatalk
Not to mention, 40 years ago The Donald Trump was a liberal Democrat.
True BUT he *like BillyC* have seen the light and the way the left does things, and they have made the switch.. ( oh and Ronnie Reagan also )
Obviously you haven't seen the video of why trump went with the Reps for his presidential run.
Thanks: 
Likes: 
Reply With Quote
Bookmarks