Tag Archives: security news

Security company exec and founder charged with facilitating cyber attack on Georgia hospital

Abstract

Chris Hacker, an FBIsSpecial agent at the Atlanta field office said the 2018 attack “not only could have had disastrous consequences, but patients’ personal information was also compromised.”

The indictment describes Singla as “chief operating officer for a network security company” at the time of the attack but does not name the company. According to Singla’s public LinkedIn profile, he has been chief operating officer for the Atlanta, Georgia-based security firm Securolytics since 2016. A profile of the company on Crunchbase listsSingla as one of two founders of the firm.

Read more in

https://www.scmagazine.com/home/health-care/security-company-exec-and-founder-charged-with-facilitating-cyber-attack-on-georgia-hospital/

News of the day: Numerous internet disruptions & Chinese businessman plotted with GE insider to steal transistor secrets

The month began in Myanmar with a military coup. Since then, numerous government-directed internet shutdowns have followed. Read more in

https://restofworld.org/2021/in-myanmar-the-junta-is-watching/

Chinese businessman plotted with GE insider to steal transistor secrets, say Feds

A Chinese businessman has been accused by the US government of trying to steal silicon secrets from General Electric (GE).

Chi Lung Winsman Ng, 64, who lives in Hong Kong, has been charged with conspiring to pilfer sensitive information on the American giant’s silicon carbide MOSFET transistors; a technology he told potential investors was worth $100m.

The FBI alleges that between March 2017 and January 2018, Ng and “at least one co-conspirator” – a GE engineer of more than seven years – plotted to swipe the blueprints for the transistor, which are electronic components typically found in industrial equipment and vehicles that regulate the flow of electricity. The duo planned to use the stolen trade secrets to set up a competitor in China, it’s claimed.

Read more in

https://www.theregister.com/2021/03/01/china_mosfet_theft/

Weekly updates: Top of The News

Coronavirus: More Companies Backing Out of RSA Conferences

AT&T Cybersecurity and Verizon have decided not to attend the RSA Conference in San Francisco this week, citing concerns about the coronavirus. IBM announced its decision not to attend RSA on February 15. The conference is taking place this week as scheduled. Sony and Facebook’s Oculus have pulled out of the Game Developer Conference scheduled for March 16-20 in San Francisco. Coronavirus worries have already caused the cancellation of the World Mobile Congress that was to have taken place in in Barcelona February 24-27. Black Hat Asia 2020 has been postponed to fall 2020, and Cisco has cancelled its Cisco Live! Conference that was scheduled to be held in Melbourne, Australia early next month.

Read more in:
– www.scmagazine.com: AT&T, Verizon join RSA exodus over Coronavirus fears

Car Thieves Disabling OnStar, Replacing Vehicle Computers(February 11, 2020)
 In “a recent string of stolen Chevrolet Silverado pickups,” thieves disabled the OnStar anti-theft technology almost immediately, reducing the likelihood of the vehicles’ recovery. Surveillance video has shown how fast the thieves operate – pop the lock, open the hood, change the computer, and disable OnStar tracking.
Read more in:
– gmauthority.com
: Chevrolet Silverado Thieves Disable OnStar Tracking

Median Dwell Time for Breaches is Falling Worldwide

According to the M-Trends 2020 Report, the global median “dwell time” – the time from initial intrusion to detection – fell from 78 days to 56 days in just one year. The report also found that while intrusions are being detected more quickly, they are more often discovered by third parties rather than internally.

Read more in:
– content.fireeye.com: M-Trends 2020 (PDF)
– www.zdnet.com: Cybersecurity: Hacking victims are uncovering cyberattacks faster – and GDPR is the reason why

U.S. Defense of Department DISA Breach Exposed PII of 200,000 People(February 20 & 24, 2020)
 The US Department of Defense’s (DoD’s) Defense Information Systems Agency (DISA) has acknowledged a network breach that compromised the personal information of at least 200,000 individuals. On February 11, 2020, DISA sent letters to the people whose data were compromised, telling them that the breach occurred between May and June 2019. DISA secures and manages White House communications.
Read more in:
– threatpost.com: Data Breach Occurs at Agency in Charge of Secure White House Communications

Wyden Pushing for Release of ShiftState Voatz Audit Results

US Senator Ron Wyden (D-Oregon) is asking a company that conducted an audit on the Voatz mobile voting app to disclose the results. While ShiftState’s audit gave Voatz “high marks,” researchers at MIT recently published a paper enumerating security concerns present in Voatz. Specifically, Wyden wants to know how many “ShiftState personnel that audited Voatz [have] experience in election security, cryptographic protocol design and analysis, side channel analysis, and blockchain security;” whether ShiftState detected the same flaws the MIT researchers found; and whether the company agrees or disagrees with the MIT findings and why.

Read more in:
– www.meritalk.com
: Sen. Wyden Questions ShiftState on Voatz Audit

Why is a 22GB database containing 56 million US folks’ personal details sitting on the open internet using a Chinese IP address?

Exclusive A database containing the personal details of 56.25m US residents – from names and home addresses to phone numbers and ages – has been found on the public internet, served from a computer with a Chinese IP address, bizarrely enough.

The information silo appears to belong to Florida-based CheckPeople.com, which is a typical people-finder website: for a fee, you can enter someone’s name, and it will look up their current and past addresses, phone numbers, email addresses, names of relatives, and even criminal records in some cases, all presumably gathered from public records.

However, all of this information is not only sitting in one place for spammers, miscreants, and other netizens to download in bulk, but it’s being served from an IP address associated with Alibaba’s web hosting wing in Hangzhou, east China, for reasons unknown. It’s a perfect illustration that not only is this sort of personal information in circulation, but it’s also in the hands of foreign adversaries.

Read more in

https://www.theregister.co.uk/2020/01/09/checkpeoplecom_data_exposed/

Top of The Cyber News

Ransomware Targeting Canadian Businesses and Municipalities(October 14, 2019)
 A dental clinic in Toronto, Ontario, was hit with ransomware last week. The office was locked out of 19 of its 22 computers for at least a day; the clinic did not pay a ransom to regain access to its files; the dentist noted that they “were lucky… [because they] had a good backup.” Several Canadian municipalities have also recently found their systems infected with ransomware.

Read more in:
– www.cbc.ca
: ‘Definite uptick’: Global wave of ransomware attacks hitting Canadian organizations

DHS’s CISA Wants Administrative Subpoena Powers(October 9, 2019)
 The US Department of Homeland Security’s (DHS’s) Cybersecurity and Infrastructure Security Agency (CISA) wants the authority to issue administrative subpoenas to service providers to obtain contact information for owners of vulnerable systems and devices. CISA wants to contact these entities directly, and currently cannot always let businesses know about cyber threats because it is not always clear who owns vulnerable systems

Read more in:
– techcrunch.com
: DHS cyber unit wants to subpoena ISPs to identify vulnerable systems

CrowdStrike Report: China’s C919 Aircraft Components Copied from Manufacturers in Other Countries(October 14, 2019)
 According to a report from CrowdStrike, China’s new Comac C919 airplane appears to be an amalgam of components copied from other companies. A Chinese government-backed hacking group has been targeting aerospace companies for their intellectual property for nearly a decade. CrowdStrike said that one of China’s goals was to be able to manufacture all the airplane parts within its own country.
Read more in:
– www.crowdstrike.com
: Huge Fan of Your Work: How TURBINE PANDA and China’s Top Spies Enabled Beijing to Cut Corners on the C919 Passenger Jet

DCH Health Hospitals Open After Ransomware Attack(October 11, 2019)
 The Chief Operating Officer of DCH Health Systems says that all its hospitals’ services are open less than two weeks after they were encrypted by a ransomware attack. DCH Health has access to patient-related electronic systems; non-essential systems are still being restored. DCH Health paid the ransom, but did not disclose the amount. The COO says DCH have cyber insurance.
Read more in:
– www.govtech.com
: Hospital Operations Back to Normal After Paying Ransom

France’s Cybersecurity Agency Warns of Cyber Espionage Attacks(October 7 & 8, 2019)
 France’s national cybersecurity agency, Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI), has issued an alert warning of cyberattacks that are targeting engineering companies and service providers. In its report, ANSSI notes that “attackers are compromising these enterprise networks in order to access data and eventually the networks of their clients.”
Read more in:
– www.zdnet.com
: France warns of cyberattacks against service providers and engineering offices