Jump to content
The CHANI Project Conspiracy Forum
wildcard

Cyber-security 101 Information thread

Recommended Posts

Totally, breezy!

And I also come to wonder this; maybe someone comes up with the command to utilise the whole lot of smartphones of people to start mining crypto currencies for themselves without the owners ever knowing about it.....as if lending your CPU to SETI for the background work.

If the capacity of smartphones become more and more powerful, this sorta stuff gotta be taken into the consideration for guarding us, methinks.

  • Like 1

Share this post


Link to post
Share on other sites

Google confirms external apps can scan your emails: here's how to check

http://www.abc.net.au/news/2018-07-04/google-admits-it-allows-external-apps-to-access-user-data/9938556

"Google has confirmed it allows some external software developers to read and analyse the inboxes of Gmail users, following scrutiny about privacy on the platform."

"If you want to take a look, navigate to "Google Account", which should be in the top-right section of your Gmail screen on desktop.

Once in your account, you can find the "Apps with account access" button under the sign-in and security section.

On this page, you can see which apps have access to your account, as well as apps and sites where you use your Google password to log in.

Click "Manage Apps", and you will see Google breaks apps into three categories:

  • Third-party apps with account access
  • Those you use your Google password to log in
  • Google apps that you have installed."

"Take a close look at the third-party apps, and what information they collect — some may access your Google contacts, while others might access Google Drive.

If you click on any of these apps, a dropdown box will offer more detail about the type of data it can collect.

Click "remove access" to get rid of any you don't like the look of, or don't use regularly."

 

  • Like 1

Share this post


Link to post
Share on other sites

Computer Virus Cripples IPhone Chipmaker TSMC Plants

Debbie Wu          August 4, 2018

"(Bloomberg) -- A computer virus halted several Taiwan Semiconductor Manufacturing Co. factories Friday night, dealing the company one of its most severe disruptions as it ramps up chipmaking for Apple Inc.’s next iPhones.

The sole maker of the iPhone’s main processor said a number of its fabrication tools had been infected, and while it had contained the problem and resumed some production, several of its factories won’t restart till at least Sunday. The virus wasn’t introduced by a hacker, the company added in a statement.

It’s unclear who targeted TSMC, the world’s biggest contract manufacturer of chips for companies including Apple and Qualcomm Inc. It’s the first time a virus had ever brought down a TSMC facility, recalling the WannaCry cyberattacks of 2017 that forced corporations around the world to suspend operations as they rooted out the ransomware. TSMC is working on solutions now but said the degree of infection varied from factory to factory, and that it will provide more information Monday after it’s assessed the situation.

“TSMC has been attacked by viruses before, but this is the first time a virus attack has affected our production lines,” Chief Financial Officer Lora Ho told Bloomberg News by phone. She wouldn’t talk about how much revenue it would lose as a result of the disruption, or whether the facilities affected were involved in making iPhone chips."

snip

https://www.bloombergquint.com/technology/2018/08/04/tsmc-takes-emergency-steps-as-operations-hit-by-computer-virus#gs.XAwJ0PM

  • Like 2

Share this post


Link to post
Share on other sites

Mozilla, You Too......

Mozilla / Firefox goes all in for EVIL… pushes corporate news collusion to silence independent media

Wednesday, August 15, 2018 by: Mike Adams

https://www.naturalnews.com/2018-08-15-mozilla-firefox-goes-all-in-for-evil-pushes-corporate-news-collusion-to-silence-independent-media.html

These are suggested by Mike in the article to substitute Mozilla products:

"BRAVE – Run by a pro-freedom group that supports small, independent publishers (and even has a mechanism for micropayments)."

https://brave.com/

"Vivaldi – Run by a small, independent group with no ties to deep state funding or the NSA."

https://vivaldi.com/

I appreciated to learn about Vivaldi, considering they got webmail system, BUT I think there's a concern that it's a Norway based company. Another strong hold of the Cs. So even if they want to do the right thing, maybe it's easy for the Cs to crack into their system.

It's an obscure concern. But please have it at the back of your head. So far I like what they do, I found.

 

The thing about such worry is that I can count on some of us always monitoring them, like Mike Adams, and if something goes wrong, those people would be pointing out like how he did this time round.

And there'd be more of us standing up and creating fresh portals, regardless of the advancements made by nasty bunch of controllers, so for them, it'd be like a cat and mouse chase. We will win, as long as we don't become stagnate and get hooked to the badly infiltrated systems, methinks.

  • Like 2

Share this post


Link to post
Share on other sites

T-Mobile Says Hackers Stole Customer's Data in Data Breach

August 24, 2018          Zack Whittaker

 

"T-Mobile  has confirmed hackers breached its systems.

The cell giant, currently merging with Sprint, said in a statement that hackers customer stole names, billing zip codes, phone numbers, email addresses, account numbers, and account type — such as if an account was prepaid or postpaid — in what the company described as an “unauthorized capture of data.”

No customer financial or billing data was compromised, the company said.

It’s not known when the breach occurred but the unauthorized access was detected and shut down on Monday.

A T-Mobile spokesperson told TechCrunch that the breach was “discovered and stopped very quickly,” and “affected a small number” of customers. But Motherboard reported that a spokesperson said about 3 percent of the company’s 77 million users were affected — some 2 million accounts.

T-Mobile began notifying customers of the breach Friday morning with a text message sent to affected accounts. But that drew ire from some, who said the shortlink in the text message looked like phishing."

snip

https://techcrunch.com/2018/08/24/t-mobile-says-hackers-stole-customer-data-in-data-breach/

  • Like 2

Share this post


Link to post
Share on other sites

Health care data hacks are on the rise

Sept. 26, 2018     Sam Baker

snip       image of chart

 

"More than 175 million health care records have been breached since 2010, and they’re getting more vulnerable every year, according to a new analysis published in the Journal of the American Medical Association.

By the numbers: The total number of breaches is increasing — from 99 in 2010 to 344 in 2017. 

Doctors and hospitals are breached most frequently, but insurers’ breaches expose the most individual records.


Data breaches that affect more than 500 people have to be reported to the federal government. There have been more than 2,100 of them since 2010.

Between the lines: A handful of high-profile hacks against large insurance companies in 2015 seem to have been especially damaging.

The cumulative number of records exposed from doctors and hospitals has risen steadily every year. The total number that came from insurance companies, however, skyrocketed in 2015 — then leveled off.
Similarly, the total number of records exposed through hacking (as opposed to other types of breaches) jumped from about 3 million in 2014 to 115 million in 2015. It is still climbing.
2015 saw several big health care hacks, including a historic breach of Anthem’s records."

https://www.axios.com/health-care-data-privacy-hacking-9fff9d57-789b-481c-a4bb-03609f2307c5.html

Share this post


Link to post
Share on other sites

The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies

Oct. 4, 2018   Jordon Robertson and Michael Riley

"The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain, according to extensive interviews with government and corporate sources.


In 2015, Amazon.com Inc. began quietly evaluating a startup called Elemental Technologies, a potential acquisition to help with a major expansion of its streaming video service, known today as Amazon Prime Video. Based in Portland, Ore., Elemental made software for compressing massive video files and formatting them for different devices. Its technology had helped stream the Olympic Games online, communicate with the International Space Station, and funnel drone footage to the Central Intelligence Agency. Elemental’s national security contracts weren’t the main reason for the proposed acquisition, but they fit nicely with Amazon’s government businesses, such as the highly secure cloud that Amazon Web Services (AWS) was building for the CIA.

To help with due diligence, AWS, which was overseeing the prospective acquisition, hired a third-party company to scrutinize Elemental’s security, according to one person familiar with the process. The first pass uncovered troubling issues, prompting AWS to take a closer look at Elemental’s main product: the expensive servers that customers installed in their networks to handle the video compression. These servers were assembled for Elemental by Super Micro Computer Inc., a San Jose-based company (commonly known as Supermicro) that’s also one of the world’s biggest suppliers of server motherboards, the fiberglass-mounted clusters of chips and capacitors that act as the neurons of data centers large and small. In late spring of 2015, Elemental’s staff boxed up several servers and sent them to Ontario, Canada, for the third-party security company to test, the person says.

Nested on the servers’ motherboards, the testers found a tiny microchip, not much bigger than a grain of rice, that wasn’t part of the boards’ original design. Amazon reported the discovery to U.S. authorities, sending a shudder through the intelligence community. Elemental’s servers could be found in Department of Defense data centers, the CIA’s drone operations, and the onboard networks of Navy warships. And Elemental was just one of hundreds of Supermicro customers."
snip

https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

 

  • Like 3

Share this post


Link to post
Share on other sites

Privacy Aware Search Engine: duckduckgo.com 

ixquick.com is now StartPage that's deeply tied with Goggle.

Now we only got duckduckgo.com for privacy.

If you know any other search engines that are decent and protective of privacy, please drop the post here.

  • Like 2

Share this post


Link to post
Share on other sites

Oracle confirms China Telecom internet traffic 'misdirections'

Catalin Cimpanu      Nov. 6, 2018

"Oracle's Internet Intelligence division partially confirms controversial US Naval War College research paper.

Oracle's Internet Intelligence division has confirmed today the findings of an academic paper published two weeks ago that accused China of "hijacking the vital internet backbone of western countries."

The research paper was authored by researchers from the US Naval War College and Tel Aviv University and it made quite a few waves online after it was published. Researchers accused China Telecom, one of China's biggest state-owned internet service providers, of hijacking and detouring internet traffic through its normally-closed internet infrastructure.

Some security experts contested the research paper's findings because it didn't come from an authoritative voice in the world of internet BGP hijacks, but also because the paper touched on many politically sensitive topics, such as China's cyber-espionage activities and how China used BGP hijacks as a way to circumvent the China-US cyber pact of 2015.

But today, Doug Madory, Director of Oracle's Internet Analysis division (formerly Dyn), confirmed that China Telecom has, indeed, engaged in internet traffic "misdirection."

"I don't intend to address the paper's claims around the motivations of these actions," said Madori. "However, there is truth to the assertion that China Telecom (whether intentionally or not) has misdirected internet traffic (including out of the United States) in recent years."

"I know because I expended a great deal of effort to stop it in 2017," Madori said."

china-telekom-bgp-hijack.png

Image: Oracle Internet Intelligence

snip

https://www.zdnet.com/google-amp/article/oracle-confirms-china-telecom-internet-traffic-misdirections/

 

 

  • Like 1

Share this post


Link to post
Share on other sites

SCAM WARNING Warning over Netflix scam that lets hackers steal your money

Dec. 27, 2018         

A government agency in the US is warning Netflix users not to fall for fake emails asking them to update their payment details

snip - video

 

"NETFLIX users are once again being warned not to fall for fake emails asking customers to update their payment details.

The emails claim to be from the streaming service but are actually from scammers trying to steal your money.

The convincing message reads: "We're having some trouble with your current billing information.

"We'll try again, but in the meantime you may want to update your payment details."

At the end of the email, there is a red button that tells you to "Update Account now".

But if you click on it and follow the link, you will be taken to a fake website that is actually run by scammers who may use the information you enter to hack your bank account.

The Federal Trade Commission, a government agency in the US, has now issued an urgent warning about the Netflix "phishing scam" and urged consumers not "take the bait".        The FTC has alerts on their website and on their twitter account.

"Scammers use your information to steal your money, your identity, or both," it explained.

"They also use phishing emails to get access to your computer or network.

"If you click on a link, they can install ransomware or other programs that can lock you out of your data."

snip

https://www.thesun.co.uk/money/8067318/warning-over-netflix-scam-that-lets-hackers-steal-your-money/

 

  • Like 4

Share this post


Link to post
Share on other sites

Malware attack disrupts delivery of L.A. Times and Tribune papers across the U.S.

Dec. 29, 2018        TONY BARBOZA, MEG JAMES and EMILY ALPERT REYES

 

"What first arose as a server outage was identified Saturday as a malware attack, which appears to have originated from outside the United States and hobbled computer systems and delayed weekend deliveries of the Los Angeles Times and other newspapers across the country.

Technology teams worked feverishly to quarantine the computer virus, but it spread through Tribune Publishing’s network and reinfected systems crucial to the news production and printing process. Multiple newspapers around the country were affected because they share a production platform.

The attack delayed distribution of Saturday editions of the Los Angeles Times and San Diego Union Tribune. It also stymied distribution of the West Coast editions of the Wall Street Journal and New York Times, which are printed at the Los Angeles Times’ Olympic printing plant in downtown Los Angeles.

By Saturday afternoon, the company suspected the cyberattack originated from outside the United States, but officials said it was too soon to say whether it was carried out by a foreign state or some other entity, said a source with knowledge of the situation."

snip

https://www.latimes.com/local/lanow/la-me-ln-times-delivery-disruption-20181229-story.html

  • Like 2

Share this post


Link to post
Share on other sites

*** *** **** **: Hackers Threaten To Dump Secret 9/11 Attack Files If Bitcoin Ransom Not Met

Jan. 2, 2019                       Tyler Durden

"A hacking collective known as The Dark Overlord announced on New Year's Eve that it had broken into the computer systems of a law firm and obtained files related to the September 11 attacks - threatening to publicly release a large cache of internal files unless a hefty ransom is paid, according to Motherboard.

Dark Overlord's demands targeted several insurers and legal firms, including Lloyds of London, Silverstein Properties and Hiscox Syndicates. It is unclear what exact files were stolen by the group, however the hacking collective tweeted "We'll be providing many answers about 9.11 conspiracies through our 18.000 secret documents leak from @HiscoxComms and others."

"Hiscox Syndicates Ltd and Lloyds of London are some of the biggest insurers on the planet insuring everything from the smallest policies to some of the largest policies on the planet, and who even insured structures such as the World Trade Centers," the group's announcement reads.  

According to a spokesperson for the Hiscox Group, the hackers had breached a law firm which advised the company and had likely stolen files linked to litigation tied to the 9/11 attacks. 

"The law firm’s systems are not connected to Hiscox’s IT infrastructure and Hiscox’s own systems were unaffected by this incident. One of the cases the law firm handled for Hiscox and other insurers related to litigation arising from the events of 9/11, and we believe that information relating to this was stolen during that breach," the spokesperson told Motherboard in an email. 

"Once Hiscox was informed of the law firm’s data breach, it took action and informed policyholders as required. We will continue to work with law enforcement in both the UK and US on this matter," they added."

snip

https://www.zerohedge.com/news/2019-01-01/pay-fck-hackers-threaten-dump-secret-911-attack-files-if-bitcoin-ransom-not-met

this group had posted a key code on twitter, and just as I was looking at it, poof, it disappeared

  • Like 3

Share this post


Link to post
Share on other sites

Over 770 million email addresses shared online in largest data breach in history

Jan. 17, 2019          RT

"A security researcher has blown the lid off the largest data breach in history as over 770 million emails and 21 million unique passwords have been exposed, eclipsing the Equifax and Yahoo hacks by a significant margin.

The breach is being dubbed ‘Collection #1’ and contains a raw data set of email addresses and passwords totalling 2,692,818,238 rows from potentially thousands of different sources, according to digital security expert Troy Hunt.

snip  -  tweet

In total, there are 1,160,253,228 unique combinations of email addresses and passwords contained within over 12,000 separate files, constituting a truly staggering 87GB of data (for context, this is raw text, not 4K video).

snip  -  image

In terms of sheer volume, it is being considered the largest data breach in history, second only to Yahoo's high profile cyber security gaffes which affected billions of users, though it is an aggregate of potentially hundreds if not thousands of breaches.

“It just looks like a completely random collection of sites purely to maximize the number of credentials available to hackers,” Hunt told WIRED. “There’s no obvious patterns, just maximum exposure.”

snip  -  tweet

The breach contains previously encrypted passwords that have been “dehashed” or cracked and converted back to plain text and includes files allegedly from as early as 2008. The information wasn't even for sale but was merely dumped on MEGA and subsequently on a popular hacking forum, free for anyone with scroll and click capabilities to review. "

snip

https://www.rt.com/news/449028-largest-data-breach-in-history/?utm_source=browser&utm_medium=aplication_chrome&utm_campaign=chrome

  • Like 2

Share this post


Link to post
Share on other sites

 Report: Tech Companies Fear China Spying Through Power Cords

Charlie Nash         March 8, 2019

 

"Major tech companies including Dell, IBM, and HP are reportedly concerned that China may be spying on them through power cords and plugs manufactured in the country.
CNBC, citing a report from Nikkei Asian Review, claimed that the companies are fearful “that China could be spying on them using power cords and plugs,” and “have asked their Taiwanese suppliers to shift production of some components out of the mainland.”

Companies including Lite-On Technology and Quanta Computer have reportedly moved to Taiwan in response to concerns from their American customers, which include Google, Facebook, Dell EMC, IBM, and HP.

According to Nikkei Asian Review, Lite-On Technology “is building a new factory in Taiwan to manufacture power components for servers at the request of American clients that cited cyberespionage risks from Beijing,” and Quanta Computer “has shifted production to Taiwan and elsewhere, citing security as one of the reasons.”

A Lite-On executive allegedly told Nikkei Asian Review that, “Unlike many other Taiwanese tech manufacturers diversifying their production away from China to avoid Washington’s tariffs on Chinese goods, the top priority [for Lite-On’s new plant] is addressing U.S. clients’ security concerns.”

Tien Chin-Wei, a deputy director at the Cybersecurity Technology Institute, also reportedly told Nikkei Asian Review that the concerns were “totally reasonable,” because “technically, it is doable and not difficult for hackers to use the power supply system or power cords to retrieve data stored in servers.”

“Every interface between components, or between motherboards and power supply systems could be a loophole for malicious implants,” Tien elaborated. “You can only reduce or manage the risks, but it is not possible to entirely eliminate the threats.”

snip

https://www.breitbart.com/tech/2019/03/08/report-tech-companies-fear-china-spying-through-power-cords/

Never ask - What next!  :angry2:  It seems the only way to be safe is to shut everything off and move to a remote island somewhere.   

  • Like 2

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×