UK Tax Collecting Department Loses £47 Million
HM Revenue and Customs, the UK government's department responsible for collecting taxes, has been hit by a phishing attack, resulting in the loss of £47 million of taxpayers' money. Thankfully, HMRC's chief executive has stated that the 100,000 people affected will suffer "no financial loss," and their accounts have been locked down to mitigate any further access by bad actors.
The Bottom Line: If you are in the UK and you are one of the affected individuals, HMRC will be sending letters out over the next few weeks with more information.
Ohio-Based Healthcare Provider Hit by Ransomware Attack
Another month, another healthcare provider suffers a data breach. Kettering Health, based in Ohio, was hit by a ransomware hack, forcing it to completely shut down its systems. According to TechCrunch, Kettering Health's senior vice president, John Weimer, says that the company has not paid any ransom. Now, a ransomware group called Interlock has claimed responsibility for the attack and says it now has more than 940 gigabytes of data, including patient names, medications, health concerns, mental health state, and more. Kettering Health is currently working to restore its systems.
The Bottom Line: If you are a patient of Kettering Health, it's possible your health data was included in this breach. Thankfully, it appears your payment information and social security number should be safe. However, other private information could have leaked. Hopefully, Kettering Health will be contacting affected customers.
Everything You Wanted to Know About macOS Infostealers
An infostealer is a malicious program that, once installed on a computer, will try to steal any saved passwords, browser history (websites where you're permanently logged in), and cryptocurrency stored on the device. Hackers try to trick you into installing infostealers by camouflaging them in various ways: hiding them inside free apps, or browser extensions, or sometimes even .PDF files. Infostealer malware is the starting point for most major hacking incidents: spray the internet with infostealers, steal a ton of credentials, and then see if any of your stolen credentials can unlock something important. Infosec company Huntress has a great new article exploring the history and evolution of infostealers. They explore the rapidly evolving world of infostealer malware targeting Mac computers and offer some interesting insights.
The Bottom Line: Infostealer Malware targeting Mac computers is on the rise. Most current families of macOS infostealers target your iCloud keychain data and, if the malware is installed on your Mac, are capable of stealing the passwords stored in your Passwords app. You could mitigate this threat by using a third-party password manager.
Block Annoying Ads with CleanWeb
CleanWeb keeps your device free from annoying ads and protects you from harmful malware, making browsing safer, faster, and more enjoyable. CleanWeb is part of Surfshark, one of our favorite VPN providers. It only takes a few minutes to get set up, and you'll start seeing the benefits right away. Get it right now for as low as $2.19 per month (86% off) plus an extra 3 months free!
Google Exploit Allowed Cybercriminals to Find Out Your Phone Number
A security researcher calling themselves brutecat recently discovered a vulnerability that made it possible to find the phone number attached to any Google account. 404 Media reports that Google has already rolled out a patch for this exploit, but prior to that, the search engine giant only rate-limited attempts to enter an account password, not the recovery phone number linked to the account. That means a hacker could potentially brute force their way into finding out the phone number associated with the account within an hour. A capable hacker could then use that information to SIM swap your phone number and use two-factor authentication to get into your account.
The Bottom Line: Google has already fixed this vulnerability, so there's nothing to worry about right now. However, we recommend using an authenticator app or passkey with your Google account rather than SMS texts for two-factor authentication. SIM swapping allows cybercriminals to bypass two-factor authentication by transferring your phone number to a new SIM card. An authenticator app prevents this, since the 2FA code is instead generated in the app rather than from a text message.
Is XChat More Secure than Twitter DMs?
Security developer Matthew Garrett published a blog post detailing the security of XChat, the new encrypted messaging platform for X (formerly Twitter). Garrett's post concludes that XChat is not much more secure than X's current messaging platform, and that if you want your messages to truly be private, you'd be better off using a more secure app, like Signal.
The Bottom Line: Social media messaging services like Facebook Messenger, Instagram DMs, or XChat are not going to be as secure as encrypted messaging platforms like Signal. If you want your messages to stay private, using Signal is your best bet. iMessage is also an acceptable alternative, as long as you have enabled Advanced Data Protection.
Related: How to Secure Messages on Your iPhone & iPad
Mozilla Offers More Details on Its Thunderbird Pro Suite
Mozilla is introducing a suite of professional tools to compete with Gmail and Office 365. This ecosystem is called Thunderbird Pro and includes all of the same features you would expect from its competitors, like appointment scheduling, secure file sharing, and privacy-focused email. It will also include AI tools, called Thunderbird Assist, which are designed with privacy in mind. Thunderbird Pro will start as a paid subscription, with the goal being to eventually offer a free tier.
The Bottom Line: If you're looking for an alternative to Office 365 or Gmail's professional services, Thunderbird Pro certainly looks promising.
CISA Cutting Its Mobile App Vetting Program
The Cybersecurity and Infrastructure Security Agency (CISA) is ending its mobile app vetting program, which is used to evaluate the security of both government-developed and third-party apps to determine whether or not they're safe for government employees to use. Representative Andrew Garbarino has sent a letter to DHS Secretary Kristi Noem, essentially saying that with the heightened concerns about cybersecurity, cutting the mobile app vetting program would be a mistake. CyberScoop has the full story.
No-Interaction iPhone Hack or Just A Bug?
Digital threat hunter iVerify claims to have discovered evidence of a new high-level hacking campaign targeting the iPhones of politicians and others in the US and EU. iVerify has released a report detailing the signs of suspicious activity that it detected on iPhones. The phones belong to "individuals affiliated with political campaigns, media organizations, A.I. companies, and governments operating in the United States and European Union." The activity appeared to resemble the kinds of attacks used by Predator or Pegasus spyware, which require no user interaction. The victim is sent a malicious text message, and without the victim engaging at all, their phone is compromised. However, iVerify states that it does not have definitive proof that these iPhones were infected; just that the iPhones exhibit behavior associated with devices that have been infected, by which they meant that the devices were crashing unexpectedly. Apple has examined the reports and told Wired that the crashes were due to a regular old software bug, not a malicious campaign, and anyway, they patched the bug back in iOS 18.3.1.
The Bottom Line: It's rare for even elite hacker teams to find iPhone vulnerabilities that might allow this kind of zero-click attack, and once they do, it can be very hard to detect. When hackers find such bugs, they use them carefully and only against high-value targets, which makes it even harder to figure out what's really happening. For the moment, it's unclear if iVerify has actually uncovered a new campaign, but in any case, it's always worth keeping your device up to date.
Related: Answered: Can iPhones Get Viruses?
Save 76% on a NordVPN 2-year Plan & an Amazon Gift Card
You wouldn't leave your front door unlocked, right? Your online data is just as crucial and just as vulnerable as your physical possessions. NordVPN is here to help keep your browsing private and your data safe. Sign up today and get 76% off plus a free Amazon Gift Card.
US Government Shuts Down Darkweb Marketplace
In a major win for cybersecurity, the US Attorney's Office for the Eastern District of Virginia seized "approximately 145 darknet and traditional internet domains, and cryptocurrency funds" associated with an online marketplace used for buying and selling stolen credit cards. The marketplace was responsible for the "trafficking of over 15 million payment card numbers" and had over 117,000 customers. Now, anyone visiting the marketplace will be redirected to a law enforcement-controlled site.
The Bottom Line: It's fairly easy to steal credit card information. A thief can take a picture of a credit card at a restaurant, or intercept your keystrokes at your computer, or read the contactless signal from a tap-to-pay card just by walking past you on the train. The real trick is using the stolen credit card without getting caught, since most credit card companies are pretty good at spotting fraudulent use and can claw back a refund when the card is misused by a thief. One trick that criminals rely on is stealing LOTS of cards, and then using tons of different cards rapidly, so each one gets charged small amounts, less likely to raise an alarm. That's why these credit card marketplaces are such a big deal in the criminal world: it may be easy to steal one credit card number, but stealing twenty thousand needs to be a group project. Shutting down these marketplaces is likely to be a little like mowing the lawn: they will be back, but it's still a win.
US Government Offering $10 Million Reward for Malware Developer
The US government is offering a reward for information on individuals who, on behalf of a foreign government, may be using malware to attack US systems and infrastructure. Of particular interest is Maxim Alexandrovich Rudometov, who developed an infostealer malware called RedLine. Rudometov is actively managing the malware and selling it, which has painted a pretty big target on his back. The US government often places bounties on hackers who are known to reside outside the US, especially in places like Russia where it may be difficult to press charges.
The Bottom Line: You're unlikely to see Rudometov at your local Walmart, since he is known to have fled to Russia. Still, you never know. The reward for information is up to $10 million.
OpenAI's Report on AI Misuse
OpenAI has released a report detailing the various ways that their artificial intelligence systems are misused by authoritarian governments, cybercriminals, scammers, and more, as well as what OpenAI does to try to mitigate those misuses. Top categories include deceptive employment schemes where people use GenAI to fake their credentials to try to get jobs (often with a malicious espionage purpose), as well as a ream of different propaganda-generation campaigns. Check out the full report for more details.
The Bottom Line: Scammers and spammers use GenAI systems like ChatGPT to supercharge the rate at which they can generate scam content. Using ChatGPT, governments with an interest in sowing distrust and chaos, such as Russia and Iran, rapidly create thousands of fake accounts with convincing-looking profiles and content. Continue to practice skepticism when social media accounts post divisive and enraging content.
Cybersecurity Specialist Warns Against Government Use of AI
Security guru Bruce Schneier expressed concerns about feeding government data to artificial intelligence programs at an expert hearing before congress titled "The Federal Government in the Age of Artificial Intelligence." The hearing was meant to determine how the government can use AI as a productivity tool, but Schneier doesn't believe any AI tool is secure enough to handle government data. Check out the full story at The Register.
The Bottom Line: While GenAI tools, machine learning, and chatbots all have great value and many important use cases, the technologies are very new, and the systems which support them are not architected to secure top-secret information. In general, we recommend feeding information to GenAI systems such as ChatGPT or Google Bard with care, always remembering that they will retain copies of that data.
Comentarios
Publicar un comentario