Forwarded from BlackBox (Security) Archiv
Attacking the Heart of the German Industry
For a number of years now, a group of professional hackers has been busy spying on businesses all over the world: Winnti. Believed to be controlled by China. For the first time, in a joint investigation, German public broadcasters BR and NDR are shedding light on how the hackers operate and how widespread they are.
This investigation starts with a code: daa0 c7cb f4f0 fbcf d6d1. If you know what to look for, you’ll find Winnti. Hackers who have been spying on businesses all over the world for years. A group, presumably China-based, has honed in on Germany and its DAX corporations. For the first time ever, BR and NDR reporters have successfully analyzed hundreds of the malware versions used for that unsavory purpose. The targets: At least six DAX corporations, the stock-listed top companies of the German industry.
Winnti is a highly complex structure that is difficult to penetrate. The term denotes both a sophisticated malware and an actual group of hackers. IT security experts like to call them digital mercenaries. Since at least 2011, these hackers have been using malware to spy on corporate networks. Their mode of operation: to collect information on the organizational charts of companies, on cooperating departments, on the IT systems of individual business units, and on trade secrets, obviously.
Asked about the group an IT security expert who has been analyzing the attacks for years replies, tongue in cheek: “Any DAX corporation that hasn’t been attacked by Winnti must have done something wrong.” A high-ranking German official says: “The numbers of cases are mind-boggling.” And claims that the group continues to be highly active—to this very day. The official’s name will remain undisclosed, as will names of the more than 30 people whom we were able to interview for this article: Company staff, IT security experts, government officials, and representatives of security authorities. They are either not willing or not allowed to speak frankly. But they are allowed to reveal some of their tactics.
This allows us to find the software and to figure out for ourselves how the attackers work. Thanks to the help received from the informers, we, the reporters, are able to get on to the group. Part of their trail is the following code: daa0 c7cb f4f0 fbcf d6d1.
👉🏼 Read the full story without ads n shit:
https://rwtxt.lelux.fi/blackbox/attacking-the-heart-of-the-german-industry
#hacker #china #winnti #attack #spionage #cyberattack #cyberspionage #BASF #Siemens #Henkel
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
For a number of years now, a group of professional hackers has been busy spying on businesses all over the world: Winnti. Believed to be controlled by China. For the first time, in a joint investigation, German public broadcasters BR and NDR are shedding light on how the hackers operate and how widespread they are.
This investigation starts with a code: daa0 c7cb f4f0 fbcf d6d1. If you know what to look for, you’ll find Winnti. Hackers who have been spying on businesses all over the world for years. A group, presumably China-based, has honed in on Germany and its DAX corporations. For the first time ever, BR and NDR reporters have successfully analyzed hundreds of the malware versions used for that unsavory purpose. The targets: At least six DAX corporations, the stock-listed top companies of the German industry.
Winnti is a highly complex structure that is difficult to penetrate. The term denotes both a sophisticated malware and an actual group of hackers. IT security experts like to call them digital mercenaries. Since at least 2011, these hackers have been using malware to spy on corporate networks. Their mode of operation: to collect information on the organizational charts of companies, on cooperating departments, on the IT systems of individual business units, and on trade secrets, obviously.
Asked about the group an IT security expert who has been analyzing the attacks for years replies, tongue in cheek: “Any DAX corporation that hasn’t been attacked by Winnti must have done something wrong.” A high-ranking German official says: “The numbers of cases are mind-boggling.” And claims that the group continues to be highly active—to this very day. The official’s name will remain undisclosed, as will names of the more than 30 people whom we were able to interview for this article: Company staff, IT security experts, government officials, and representatives of security authorities. They are either not willing or not allowed to speak frankly. But they are allowed to reveal some of their tactics.
This allows us to find the software and to figure out for ourselves how the attackers work. Thanks to the help received from the informers, we, the reporters, are able to get on to the group. Part of their trail is the following code: daa0 c7cb f4f0 fbcf d6d1.
👉🏼 Read the full story without ads n shit:
https://rwtxt.lelux.fi/blackbox/attacking-the-heart-of-the-german-industry
#hacker #china #winnti #attack #spionage #cyberattack #cyberspionage #BASF #Siemens #Henkel
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Forwarded from BlackBox (Security) Archiv
Serious cyber-attack on Austria's foreign ministry
Austria's foreign ministry has been targeted by a cyber-attack that is suspected to have been conducted by another country.
The ministry said the seriousness of the attack suggested it might have been carried out by a "state actor".
The hack started on Saturday night and experts warn it could continue for several days.
The breach occurred on the same day Austria's Green party backed forming a coalition with conservatives .
It was recognised very quickly and countermeasures taken immediately, the foreign ministry said in a statement.
"Despite all intensive security measures, there is never 100% protection against cyber-attacks," the ministry said.
https://www.bbc.com/news/world-europe-50997773
https://www.rte.ie/news/world/2020/0105/1104411-austria-cyber-attack/
#austria #cyberattack #stateactor #hacker #breach
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
Austria's foreign ministry has been targeted by a cyber-attack that is suspected to have been conducted by another country.
The ministry said the seriousness of the attack suggested it might have been carried out by a "state actor".
The hack started on Saturday night and experts warn it could continue for several days.
The breach occurred on the same day Austria's Green party backed forming a coalition with conservatives .
It was recognised very quickly and countermeasures taken immediately, the foreign ministry said in a statement.
"Despite all intensive security measures, there is never 100% protection against cyber-attacks," the ministry said.
https://www.bbc.com/news/world-europe-50997773
https://www.rte.ie/news/world/2020/0105/1104411-austria-cyber-attack/
#austria #cyberattack #stateactor #hacker #breach
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
Hackers on Prowl: Cybercriminals Target Indonesia Govt Coronavirus Database, 200 US Police Agencies
Hackers have targeted Indonesia government database on COVID-19 test-takers
200 U.S. police department websites face heightened cyberattack
China and North Korea hit headlines for alleged malicious activities worldwide
As the world is reeling under the COVID-19 pandemic, with restrictions on travel and other stay home rules, the excessive reliance on the internet has given an opportunity to the hackers to launch malicious activities. It seems among all the recently targeted countries, Indonesia and the U.S. agencies are the latest victims of cybercriminals.
https://www.ibtimes.sg/hackers-prowl-cybercriminals-target-indonesia-govt-coronavirus-database-200-us-police-agencies-47233
#hackers #cyberattack
Hackers have targeted Indonesia government database on COVID-19 test-takers
200 U.S. police department websites face heightened cyberattack
China and North Korea hit headlines for alleged malicious activities worldwide
As the world is reeling under the COVID-19 pandemic, with restrictions on travel and other stay home rules, the excessive reliance on the internet has given an opportunity to the hackers to launch malicious activities. It seems among all the recently targeted countries, Indonesia and the U.S. agencies are the latest victims of cybercriminals.
https://www.ibtimes.sg/hackers-prowl-cybercriminals-target-indonesia-govt-coronavirus-database-200-us-police-agencies-47233
#hackers #cyberattack
Von der Leyen: Chinese cyberattacks on EU hospitals ‘can’t be tolerated’
EU Commission President Ursula von der Leyen has accused China of leading a spate of cyberattacks against hospitals in Europe during the coronavirus outbreak, stressing that the EU will not “tolerate” such malicious activity.
The accusations were levelled at the conclusion of an EU-China summit on Monday (22 June), which brought together von der Leyen and Council President Charles Michel with Chinese counterparts Premier Li Keqiang and President Xi Jinping for talks via videoconference.
“We have seen cyber attacks on hospitals and dedicated computing centres,” von der Leyen said, adding that she “pointed out” to Premier Li and President Xi that such attacks along with China’s disinformation campaign in Europe “cannot be tolerated.”
https://www.euractiv.com/section/digital/news/von-der-leyen-chinese-cyberattacks-on-eu-hospitals-cant-be-tolerated/
#eu #china #cyberattack
EU Commission President Ursula von der Leyen has accused China of leading a spate of cyberattacks against hospitals in Europe during the coronavirus outbreak, stressing that the EU will not “tolerate” such malicious activity.
The accusations were levelled at the conclusion of an EU-China summit on Monday (22 June), which brought together von der Leyen and Council President Charles Michel with Chinese counterparts Premier Li Keqiang and President Xi Jinping for talks via videoconference.
“We have seen cyber attacks on hospitals and dedicated computing centres,” von der Leyen said, adding that she “pointed out” to Premier Li and President Xi that such attacks along with China’s disinformation campaign in Europe “cannot be tolerated.”
https://www.euractiv.com/section/digital/news/von-der-leyen-chinese-cyberattacks-on-eu-hospitals-cant-be-tolerated/
#eu #china #cyberattack
State sponsored cyberattacks are happening right now
No one is saying it’s China, but everyone believes it’s China
As if battling the coronavirus and the massive economic downturn that will result from the spread of the virus worldwide wasn’t enough, countries now have to consider another issue: the threat of state-sponsored cyberattacks.
Australia has become the latest victim of a sophisticated attack against its national IT infrastructure, coming under a “sustained” cyberattack on June 18 that targeted not just government computer systems and networks, but also those of the country’s biggest businesses.
“The Australian Government is currently aware of, and responding to, a sustained targeting of Australian governments and companies by a sophisticated state-based actor,” the government said in a statement published in response to the attack.
https://cybernews.com/news/state-sponsored-cyberattacks-are-happening-right-now/
#cyberattack
No one is saying it’s China, but everyone believes it’s China
As if battling the coronavirus and the massive economic downturn that will result from the spread of the virus worldwide wasn’t enough, countries now have to consider another issue: the threat of state-sponsored cyberattacks.
Australia has become the latest victim of a sophisticated attack against its national IT infrastructure, coming under a “sustained” cyberattack on June 18 that targeted not just government computer systems and networks, but also those of the country’s biggest businesses.
“The Australian Government is currently aware of, and responding to, a sustained targeting of Australian governments and companies by a sophisticated state-based actor,” the government said in a statement published in response to the attack.
https://cybernews.com/news/state-sponsored-cyberattacks-are-happening-right-now/
#cyberattack
16-Year-Old Arrested for Cyberattacks on School's Online Learning Systems
The unidentified 16-year-old is a Miami-Dade public school student who admitted to eight DDoS attacks meant to take down school district networks.
A high school junior was arrested this morning for allegedly launching a cyber attack on the web-based systems used by their Florida school district for online learning.
The unidentified 16-year-old attends South Miami Senior High School, part of the Miami-Dade public school district. The student admitted to orchestrating eight DDoS (Distributed Denial of Service) cyber attacks meant to take down school district networks, including the web architecture propping up My School Online. The district has experienced more than a dozen cyber attacks since the 2020-2021 school year started.
https://www.pcmag.com/news/16-year-old-arrested-for-cyberattacks-on-schools-online-learning-systems
#US #Miami #school #cyberattack
The unidentified 16-year-old is a Miami-Dade public school student who admitted to eight DDoS attacks meant to take down school district networks.
A high school junior was arrested this morning for allegedly launching a cyber attack on the web-based systems used by their Florida school district for online learning.
The unidentified 16-year-old attends South Miami Senior High School, part of the Miami-Dade public school district. The student admitted to orchestrating eight DDoS (Distributed Denial of Service) cyber attacks meant to take down school district networks, including the web architecture propping up My School Online. The district has experienced more than a dozen cyber attacks since the 2020-2021 school year started.
https://www.pcmag.com/news/16-year-old-arrested-for-cyberattacks-on-schools-online-learning-systems
#US #Miami #school #cyberattack
PCMAG
16-Year-Old Arrested for Cyberattacks on School's Online Learning Systems
The unidentified 16-year-old is a Miami-Dade public school student who admitted to eight DDoS attacks meant to take down school district networks.
Hungary hit by large cyber attack from Asia: Magyar Telekom
BUDAPEST (Reuters) - Hungarian financial institutions and telecoms infrastructure were hit with a powerful cyber attack on Thursday from computer servers located in Russia, China and Vietnam, telecoms firm Magyar Telekom said.
The event was a distributed-denial-of-service (DDoS) attack where hackers attempt to overwhelm a network with unusually high volumes of data traffic in order to paralyse it.
The volume of the attack was 10 times higher than that of usual DDoS attacks, the company said.
“That means that this was one of the biggest hacker attacks in Hungary ever, both in its size and complexity,” it said.
https://www.reuters.com/article/technologyNews/idUSKBN26H0CB
#Europe #Hungary #cyberattack
BUDAPEST (Reuters) - Hungarian financial institutions and telecoms infrastructure were hit with a powerful cyber attack on Thursday from computer servers located in Russia, China and Vietnam, telecoms firm Magyar Telekom said.
The event was a distributed-denial-of-service (DDoS) attack where hackers attempt to overwhelm a network with unusually high volumes of data traffic in order to paralyse it.
The volume of the attack was 10 times higher than that of usual DDoS attacks, the company said.
“That means that this was one of the biggest hacker attacks in Hungary ever, both in its size and complexity,” it said.
https://www.reuters.com/article/technologyNews/idUSKBN26H0CB
#Europe #Hungary #cyberattack
Forwarded from BlackBox (Security) Archiv
This media is not supported in your browser
VIEW IN TELEGRAM
Ransomware hack cripples United Health Services hospitals, facilities across the US
The cyberattack, which began early Sunday, is thought to have employed the Ryuk ransomware, TechCrunch reported. Computer screens changed with text that referenced the “shadow universe,” which is consistent with the Ryuk ransomware, a person familiar with the situation told TechCrunch. “Everyone was told to turn off all the computers and not to turn them on again,” the person told the tech site. “We were told it will be days before the computers are up again.”
👀 👉🏼 https://www.usatoday.com/story/tech/2020/09/28/health-care-provider-united-health-services-hit-cyberattack/3565533001/
👀 👉🏼 https://techcrunch.com/2020/09/28/universal-health-services-ransomware/
#usa #ransomware #cyberattack
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
The cyberattack, which began early Sunday, is thought to have employed the Ryuk ransomware, TechCrunch reported. Computer screens changed with text that referenced the “shadow universe,” which is consistent with the Ryuk ransomware, a person familiar with the situation told TechCrunch. “Everyone was told to turn off all the computers and not to turn them on again,” the person told the tech site. “We were told it will be days before the computers are up again.”
👀 👉🏼 https://www.usatoday.com/story/tech/2020/09/28/health-care-provider-united-health-services-hit-cyberattack/3565533001/
👀 👉🏼 https://techcrunch.com/2020/09/28/universal-health-services-ransomware/
#usa #ransomware #cyberattack
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Forwarded from BlackBox (Security) Archiv
Suspected Russian hack is much worse than first feared: Here's what you need to know
👉🏼 The U.S. Cybersecurity and Infrastructure Security Agency said the threat "poses a grave risk to the federal government."
👉🏼 CISA has not said who it thinks is the "advanced persistent threat actor" behind the "significant and ongoing" campaign, but many experts are pointing to Russia.
👉🏼 It's not clear exactly what the hackers have done beyond accessing top-secret U.S. government networks and monitoring data.
The scale of a sophisticated cyberattack on the U.S. government that was unearthed this week is much bigger than first anticipated.
The Cybersecurity and Infrastructure Security Agency said in a summary Thursday that the threat "poses a grave risk to the federal government."
It added that "state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations" are also at risk.
CISA believes the attack began at least as early as March. Since then, multiple government agencies have reportedly been targeted by the hackers, with confirmation from the Energy and Commerce departments so far.
"This threat actor has demonstrated sophistication and complex tradecraft in these intrusions," CISA said. "Removing the threat actor from compromised environments will be highly complex and challenging."
https://telegra.ph/Suspected-Russian-hack-is-much-worse-than-first-feared-Heres-what-you-need-to-know-12-18
via www.cnbc.com
#hacker #hacked #usa #russia #cybersecurity #cyberattack #compromised #cisa
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag
📡@BlackBox
👉🏼 The U.S. Cybersecurity and Infrastructure Security Agency said the threat "poses a grave risk to the federal government."
👉🏼 CISA has not said who it thinks is the "advanced persistent threat actor" behind the "significant and ongoing" campaign, but many experts are pointing to Russia.
👉🏼 It's not clear exactly what the hackers have done beyond accessing top-secret U.S. government networks and monitoring data.
The scale of a sophisticated cyberattack on the U.S. government that was unearthed this week is much bigger than first anticipated.
The Cybersecurity and Infrastructure Security Agency said in a summary Thursday that the threat "poses a grave risk to the federal government."
It added that "state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations" are also at risk.
CISA believes the attack began at least as early as March. Since then, multiple government agencies have reportedly been targeted by the hackers, with confirmation from the Energy and Commerce departments so far.
"This threat actor has demonstrated sophistication and complex tradecraft in these intrusions," CISA said. "Removing the threat actor from compromised environments will be highly complex and challenging."
https://telegra.ph/Suspected-Russian-hack-is-much-worse-than-first-feared-Heres-what-you-need-to-know-12-18
via www.cnbc.com
#hacker #hacked #usa #russia #cybersecurity #cyberattack #compromised #cisa
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag
📡@BlackBox
Telegraph
Suspected Russian hack is much worse than first feared: Here's what you need to know
eclipse_images The scale of a sophisticated cyberattack on the U.S. government that was unearthed this week is much bigger than first anticipated. The Cybersecurity and Infrastructure Security Agency said in a summary Thursday that the threat "poses a grave…
Forwarded from BlackBox (Security) Archiv
Gmail 'safer than parliament's email system' says Tory MP
Google's email service - Gmail - is “more secure” than parliament's email system, the chair of the Foreign Affairs Select Committee has claimed.
Tom Tugendhat told BBC Radio 4’s Today programme he has repeatedly been the focus of cyber attacks over the past three years.
Hackers have tried to access his account and sent emails impersonating him, he told the BBC.
The Tory MP believes China and Iran were behind some of these attempts.
“I was told by friends at GCHQ that I was better off sticking to Gmail, rather than using the parliamentary system, because it was more secure,” said Mr Tugendhat.
“Frankly, that tells you the level of security and the priority we're giving to democracy in the United Kingdom.”
https://www.bbc.co.uk/news/technology-56733667
#google #gmail #uk #china #iran #cyberattack #tory #thinkabout
📡 @nogoolag 📡 @blackbox_archiv
Google's email service - Gmail - is “more secure” than parliament's email system, the chair of the Foreign Affairs Select Committee has claimed.
Tom Tugendhat told BBC Radio 4’s Today programme he has repeatedly been the focus of cyber attacks over the past three years.
Hackers have tried to access his account and sent emails impersonating him, he told the BBC.
The Tory MP believes China and Iran were behind some of these attempts.
“I was told by friends at GCHQ that I was better off sticking to Gmail, rather than using the parliamentary system, because it was more secure,” said Mr Tugendhat.
“Frankly, that tells you the level of security and the priority we're giving to democracy in the United Kingdom.”
https://www.bbc.co.uk/news/technology-56733667
#google #gmail #uk #china #iran #cyberattack #tory #thinkabout
📡 @nogoolag 📡 @blackbox_archiv
BBC News
Gmail 'safer than parliament's email system' says Tory MP
Tom Tugendhat, Foreign Affairs Select Committee chair, says he was advised Gmail was 'more secure'.
Forwarded from BlackBox (Security) Archiv
This media is not supported in your browser
VIEW IN TELEGRAM
a MESSAGE to Anonymous #NewBlood from a Old Anonymous Coot #CyberWar #OpDeleteTheElite #Killuminati
https://www.youtube.com/watch?v=0Knb8HsSurs
#breakingnews #Cyberattack #columbia #OffCircuitSec #OCSec #AnonymousPhilippines #Anonymous #FreeGho57 #Arrested #OpColumbia #Columbian #Government #NWO #hostile #Rothschild #UN #LineInTheSand #GameOver #WorldWar #An0NiX #GhostSec #GhostSecurity #video
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
https://www.youtube.com/watch?v=0Knb8HsSurs
#breakingnews #Cyberattack #columbia #OffCircuitSec #OCSec #AnonymousPhilippines #Anonymous #FreeGho57 #Arrested #OpColumbia #Columbian #Government #NWO #hostile #Rothschild #UN #LineInTheSand #GameOver #WorldWar #An0NiX #GhostSec #GhostSecurity #video
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
Ending Anonymity: Why the WEF’s Partnership Against Cybercrime Threatens the Future of Privacy
With many focusing on tomorrow’s Cyber Polygon exercise, less attention has been paid to the World Economic Forum’s real ambitions in cybersecurity – to create a global organization aimed at gutting even the possibility of anonymity online. With the governments of the US, UK and Israel on board, along with some of the world’s most powerful corporations, it is important to pay attention to their endgame, not just the simulations.
https://www.thelastamericanvagabond.com/ending-anonymity-why-wefs-partnership-against-cybercrime-threatens-future-privacy/
@unlimitedhangout @TLAVagabond
#CyberPolygon #CyberPandemic #CyberAttack #WEF #ot
With many focusing on tomorrow’s Cyber Polygon exercise, less attention has been paid to the World Economic Forum’s real ambitions in cybersecurity – to create a global organization aimed at gutting even the possibility of anonymity online. With the governments of the US, UK and Israel on board, along with some of the world’s most powerful corporations, it is important to pay attention to their endgame, not just the simulations.
https://www.thelastamericanvagabond.com/ending-anonymity-why-wefs-partnership-against-cybercrime-threatens-future-privacy/
@unlimitedhangout @TLAVagabond
#CyberPolygon #CyberPandemic #CyberAttack #WEF #ot
The Last American Vagabond
Ending Anonymity: Why the WEF’s Partnership Against Cybercrime Threatens the Future of Privacy
With many focusing on tomorrow’s Cyber Polygon exercise, less attention has been paid to the WEF’s real ambitions in cybersecurity...
This media is not supported in your browser
VIEW IN TELEGRAM
#Klaus #Schwab: #Cyberattack Worse than COVID-19 Crisis - Power Grid Down, Banking Offline
https://youtu.be/0DKRvS-C04o
#cyberpolygon #wef
https://youtu.be/0DKRvS-C04o
#cyberpolygon #wef