Nonilex
On Mon, the Santa Clara, CA-based company published a blog post about the problem, saying that it had issued a patch & that “impacted customers failed to implement system hardening & #firewall guidelines.”
#Lumen wrote that it located #malware inside #ISP routers serving certain groups or individual customers that could intercept passwords from those customers. Lumen said it believed the malicious #software was being used by #VoltTyphoon.
Nonilex
In a separate report earlier this month, #security company #Volexity said it had found another high-end technique in play at a different, unnamed #ISP. In that case, it said a Chinese state #hacking group distinct from #VoltTyphoon was able to get far enough inside the service provider to alter #DNS web addresses that users were trying to reach & divert them elsewhere, allowing the #hackers to insert #backdoors for #espionage.
#InfoSec #Internet #tech #cybersecurity #China #US #geopolitics
Nonilex
#DNS manipulation is something of a specialty among Chinese govt #hacking groups. A mysterious campaign identified earlier this year by #security experts at #Infoblox & attributed to #China involved using the so-called Great #Firewall of China, which normally misdirects people on the mainland trying to reach restricted services or content.
#InfoSec #espionage #ISP #Internet #tech #cybersecurity #US #geopolitics
Nonilex
Though there is no evidence that the new inroads are aimed at anything other than gathering #intelligence, some of the techniques & resources employed are associated w/those used in the past year by a #China-backed group known as #VoltTyphoon…. #US intelligence ofcls said that group sought access to equipment at Pacific #ports & other #infrastructure to enable China to sow #panic & #disrupt America’s ability to move #troops, #weaponry & supplies to #Taiwan if armed conflict breaks out.
#security
Nonilex
“This is privileged, high-level connectivity to interesting customers,” said Mike Horka, a researcher at Lumen Technologies & a fmr #FBI agent. It was notable, he added, that the groups considered the effort important enough to exploit previously undiscovered #software flaws that could have been preserved for later use.
#InfoSec #espionage #ISP #Internet #tech #cybersecurity #security #China #US #geopolitics
Nonilex
#Lumen researchers said they had identified 3 US ISPs that had been hacked this summer, one of them large, along w/another #US company & 1 in #India.
In a blog made public Tues, Lumen said the #hackers used a previously unknown vulnerability, known as a #ZeroDay flaw, in a program made by #VersaNetworks for managing wide-area networks. #Versa acknowledged the critical vulnerability late last week, warning only its direct customers.
#InfoSec #security #China #geopolitics
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Nonilex
“It is business as usual now for #China, but that is dramatically stepped up from where it used to be. It is an order of magnitude worse,” said Brandon Wales, who until earlier this month was executive director of the #Cybersecurity & Infrastructure #Security Agency, #CISA.
The #hacks raise concern because their targets are believed to include #government & #military personnel working #undercover & groups of strategic interest to China.
Nonilex
#China government #hackers penetrate #US #internet providers to #spy
Beijing’s hacking effort has “dramatically stepped up from where it used to be,” says fmr top US #cybersecurity ofcl.
#Chinese govt-backed hackers have penetrated deep into US ISPs in recent months to spy on their #users.
The unusually aggressive & sophisticated attacks include access to ≥2 major providers w/millions of customers as well as several smaller providers.
#InfoSec #security #geopolitics
https://www.washingtonpost.com/technology/2024/08/27/chinese-government-hackers-penetrate-us-internet-providers-spy/
The Japan Times
With COVID-19 over, nationwide stump speeches are back for the LDP leadership race, but tight security is expected, following recent incidents like Trump's assassination attempt. https://www.japantimes.co.jp/news/2024/08/26/japan/politics/ldp-race-security/ #japan #politics #ldp #fumiokishida #security
heise Security
Kommentar: Das verantwortungslose Schweigen der Hersteller muss ein Ende haben
Wenn eine Sicherheitslücke aktiv ausgenutzt wird, braucht man Zusatz-Informationen. Jürgen Schmidt von heise security sieht da die Hersteller in der Pflicht.
Lockdownyourlife
I can be trusted with tips. 👉 👈 🥺
C: $LockDownYourLife
V: lockdownyourlife
Kofi: lockdownyourlife
Spicy page discounts thru Aug.
https://onlyfans.com/lockdownyourlife
Fansly: https://fans.ly/lockdownyourlife
P.S. I wrote the first blog in a planned series on Identity Theft. It's step by step and has all the updated info to order your credit reports and freeze your credit.
https://www.lockdownyourlife.com/identity-theft-mitigation/
#tech #infosec #friday #photography #nsfw #hot #identitytheft #safety #privacy #security
heise Security
Phishing-Warnung vor betrügerischen ELSTER-Mails
Das Thüringer Finanzministerium warnt vor einer Phishing-Welle mit ELSTER-Bezug. Die Betrüger haben es auf Kontoinformationen abgesehen.
heise online English
SIM swapping remains a marginal phenomenon in Germany
Numerous media warn of damage caused by SIM swapping. However, the scam remains rare in Germany.
Joe Ortiz
National Public Data confirms breach of nearly 3 billion SSNs, which is mostly all Americans... https://www.bleepingcomputer.com/news/security/national-public-data-confirms-breach-exposing-social-security-numbers/
Some coverage:
https://www.bleepingcomputer.com/news/security/hackers-leak-27-billion-data-records-with-social-security-numbers/
https://www.troyhunt.com/inside-the-3-billion-people-national-public-data-breach/
https://krebsonsecurity.com/2024/08/nationalpublicdata-com-hack-exposes-a-nations-data/
Oh by the way, you should freeze your credit if you haven't done so already as it's the best defense you can do as long as our elected officials and government agencies continue to be asleep at the wheel. https://krebsonsecurity.com/2018/09/credit-freezes-are-free-let-the-ice-age-begin/
masukomi
Nonilex
“describing Donald #Trump as an absolute existential #threat to #democracy is 100% accurate. His ability to rip away our allegiances that we formed, & the diplomats know this, that are so critical, not just to Europe, but for the entire planet.”
- #TimWalz Boston fundraiser where he raised more than $1.2M yesterday.
#ForeignPolicy #NATO #NationalSecurity #Security #geopolitics #USpol #HarrisWalz2024
https://www.wbur.org/news/2024/08/15/walz-boston-campaign-fundraiser-harris
Marcus "MajorLinux" Summers
We hackin' bikes now?!
High-end racing bikes are now vulnerable to hacking
https://www.theverge.com/2024/8/14/24220390/bike-hack-wireless-gear-shifters
#Racing #Bikes #Vulnerability #Hacking #Security #InfoSec #Tech #Sports
David August
And Russia wants the world to think it is mighty. Not with these leaders it ain’t.
One soldier’s take on how Russia failed to defend itself: https://istories.media/en/opinions/2024/08/12/kursk-oblast/
#russia #Ukraine #war #kursk #defense #defence #security #military
anubis2814
Source: apnews.com/article/tina-peters…
#crime #USA #politics #deepState #democracy #news #justice #manipulation #conspiracy #vote
heise online
CPU-Sicherheitslücke in AMD-Prozessoren ermöglicht Malware-Infektionen
Sicherheitsforscher haben eine als Sinkclose bezeichnete Sicherheitslücke in AMD-CPUs entdeckt und auf der Defcon 32 in Las Vegas präsentiert.
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.