Data breaches increased 54% in 2019 so far

By: James Sanders

More than 3,800 data breaches have hit organizations in 2019, according to Risk Based Security.

The year 2019 is shaping up to be a landmark one for data breaches, as it has seen over 3,800 breaches—a 50% or greater increase over the last four years, according to a report published by Risk Based Security on Wednesday.

“Between 2015 and 2018, the variation in the number of reported breaches was less than 200 incidents. For the first six months of 2019, the number of breaches increased by 54% compared to the same time last year,” the report states, adding that a high volume of leaks of relatively few records skews, somewhat, this measure.

In contrast, the number of records exposed in the first half of 2019 is 30% lower compared to the same time frame in 2017, according to the report—though this may change in the second half of the year, as recent reports detail the full extent of the data exfiltrated by Paige A. Thompson, the hacker accused in the Capital One data breach, is said to possess “multiple terabytes of data stolen… from more than 30 other companies, educational institutions, and other entities,” according to court documents obtained by ZDNet.

Despite concerns raised in the cybersecurity community about insider threats, 89% of breaches are the result of outside attacks, though the report notes that “more and more sensitive data is exposed when insiders fail to properly handle or secure the information,” pointing to misconfigured databases and services representing 149 of 3,813 incidences reported so far this year resulting in the exposure of over 3.2 billion records.

Risk Based Security also points to the dangers of placing sensitive data in the hands of third parties, naming the American Medical Collection Agency (AMCA) breach, in which “hackers infiltrated AMCA’s network and pilfered over 22 million debtors’ records including data such as names, addresses, dates of birth, Social Security numbers and financial details” as a critical event. “These breaches be more difficult to manage given the multiple parties involved, they can also have more damaging consequences for the individuals whose data is exposed in the event,” the report said, noting that the breach has severe consequences for AMCA, as the company “was forced into filing for bankruptcy protection a mere 2 weeks after news of the breach made headlines.”

More: https://www.techrepublic.com/article/data-breaches-increased-54-in-2019-so-far/

Carro conectado: hacker pode abrir portas, frear e roubar dados a distância.

By: Alessandro Reis

Conectados, inclusive com acesso dedicado à internet, os carros da atualidade e, especialmente, do futuro cada vez mais se assemelham a smartphones. Ter acesso a redes sociais e poder postar de dentro do veículo, por exemplo, é algo que os consumidores querem, e as montadoras sabem disso. No entanto, existe o lado ruim: tal como celulares e computadores pessoais, os automóveis têm sido alvo crescente do ataque de hackers.

A coisa fica ainda mais delicada quando se trata de veículos equipados com tecnologias de condução semiautônoma, com uma série de dispositivos gerenciados por sensores e computadores, como aceleração, freios e até o movimento do volante.

Basta fazer uma pesquisa rápida na internet para encontrar exemplos. Em 2016, pesquisadores chineses do Keen Security Lab conseguiram interferir nos freios, na abertura das portas, na tela da central multimídia e em outros itens de um Tesla Model S controlados eletronicamente. A demonstração, comprovada em vídeo, foi feita com a ajuda de um laptop posicionado a quilômetros de distância.

Mais recentemente, em março deste ano, outro grupo de pesquisadores de cyber segurança, autodenominado Fluoroacetate, vendeu uma competição de hackers realizada em Vancouver, no Canadá, fazendo algo aparentemente mais singelo: aproveitaram uma falha no navegador de internet de um Tesla Model 3 e exibiram uma mensagem na tela multimídia do sedã.

Como prêmio, levaram o carro para casa, mais US$ 35 mil (cerca de R$ 138,5 mil na conversão direta).

Vale destacar que essas vulnerabilidades não são exclusivas da marca norte-americana de carros elétricos, porém os Teslas são os preferidos para demonstrações do tipo por conta da sua fama e do grande volume de tecnologias disponíveis – inclusive os mencionados recursos de condução semiautônoma.

Mais: https://www.uol.com.br/carros/noticias/redacao/2019/08/06/carro-conectado-hacker-pode-abrir-portas-frear-e-roubar-dados-a-distancia.htm

Indícios mostram que ataque hacker no ‘coração’ da Lava Jato foi planejado

By: Agência O Globo

Entre os alvos dos criminosos, estiveram integrantes das forças-tarefas de ao menos três estados (Rio, Paraná e Distrito Federal)

A Polícia Federal e o Ministério Público Federal (MPF) têm indícios de que o ataque hacker que expôs mensagens privadas do juiz Sergio Moro e de procuradores da Operação Lava Jato foi muito bem planejado e teve alcance bem mais amplo do que se sabe até agora. Entre os alvos dos criminosos, estiveram integrantes das forças-tarefas de ao menos quatro estados (Rio, São Paulo, Paraná e Distrito Federal), delegados federais de São Paulo, magistrados do Rio e de Curitiba.

Além do atual ministro da Justiça e do procurador Deltan Dallagnol, estão a juíza substituta da 13ª Vara Federal Gabriela Hardt (que herdou processos de Moro temporariamente quando ele deixou o cargo), o desembargador Abel Gomes, relator da segunda instância da Lava Jato no Rio, o juiz Flávio de Oliveira Lucas, do Rio, o ex-procuradora-geral da República Rodrigo Janot , os procuradores Paulo Galvão , Thaméa Danelon , Ronaldo Pinheir o de Queiroz, Danilo Dias, Eduardo El Haje, Andrey Borges de Mendonça, Marcelo Weitzel e um jornalista do GLOBO.

Outros dois procuradores, ambos ex-auxiliares de Janot, relataram ao GLOBO também terem sido vítimas de ataques de hackers, mas pediram para não terem os nomes publicados.

Em alguns casos, como o da força-tarefa da Lava Jato no Rio, alguns integrantes evitaram a invasão, já que tinha controles mais rígidos, em especial a verificação em duas etapas para acesso remoto ao aplicativo Telegram.

As mensagens atribuídas a entre Moro e Deltan indicam uma atuação combinada em determinados momentos da Lava Jato, inclusive no processo que resultou na condenação do ex-presidente Lula, expondo a operação a inédito desgaste.

Mesmo após a revelação do caso, o esquema criminoso continua em atuação. Na noite de terça-feira, um hacker entrou em contato com José Robalinho, ex-presidente da Associação Nacional de Procuradores, se fazendo passar pelo procurador militar Marcelo Weitzel, que teve seu celular invadido, como revelou a revista Época .

Em meio à crise deflagrada pelos ataques de hacker , procuradores discutem entre si as mais variadas teses sobre as origens dos ataques. Alguns levantam suspeitas até sobre invasões de origem russa, o que não está comprovado. Mas, se os autores ainda são desconhecidos, entre os alvos prevalece a ideia de que as invasões são uma ação orquestrada contra a Lava Jato.

Ação profissional

A Polícia Federal investiga os ataques dos hackers com duas turmas de agentes e delegados, em quatro cidades. A Procuradoria-Geral da República também abriu um procedimento para acompanhar o trabalho da polícia. A apuração desse tipo de crime é tida como complexa, e o prazo para conclusão das investigações será longo, prevê a cúpula da PF.

As suspeitas iniciais apontam para um mandante com capacidade financeira para bancar o esquema aparentemente sofisticado de ação. Uma das hipóteses é a de utilização de equipamentos que custam entre US$ 2 milhões e US$ 3 milhões, segundo uma fonte da cúpula da PF ouvida pelo GLOBO. Há diversas empresas sediadas no leste europeu e no Oriente Médio que oferecem estes serviços por esses valores.

Mais: https://ultimosegundo.ig.com.br/politica/2019-06-12/indicios-mostram-que-ataque-hacker-no-coracao-da-lava-jato-foi-planejado.html

Sem defesas contra golpes, empresas podem perder US$ 133 bilhões em 5 anos

By: Luiza Ferraz

Com o crescimento da era digital, também aumentaram exponencialmente os ataques cibernéticos no Brasil. Segundo uma pesquisa da consultoria de tecnologia Accenture, esse tipo de crime na segurança digital cresceu em 67% nos últimos cinco anos no país.

E grande parte das empresas brasileiras, na avaliação da consultoria, ainda não construiu uma arquitetura de negócios focada na segurança. O estudo estima uma perda geral, ao longo dos próximos cinco anos, no valor de US$ 133 bilhões, ou em torno de 7,5% do PIB brasileiro em 2018 –US$ 1,71 trilhões, ou R$ 6,8 trilhões.

Para chegar à conclusão, a empresa entrevistou especialistas e realizou pesquisas de opinião com 1.700 executivos de 13 países, incluindo o Brasil.

“Antes, o hacker era alguém motivado pelo desafio. Quando perceberam que essa atividade tinha ganhos financeiros, evoluíram para quadrilhas muito bem organizadas”André Fleury, diretor executivo de cibersegurança da Accenture

Como proteger a empresa?

Antes de pensar na empresa individualmente, é preciso enxergar todo o ‘ecossistema’, ou seja, o ambiente de negócios no qual ela se encaixa. “As corporações precisam trabalhar juntas para melhorar a segurança e criar padrões. É importante que elas compartilhem informações sobre ataques, pois quando um criminoso descobre um método de invadir um lugar, ele avisa seus colegas e isso se espalha como um vírus“, explicou Fleury.

Para que isso não aconteça, as áreas de segurança e comunicação de uma empresa precisam estar interligadas para encontrar a melhor forma de gerenciar uma crise e conquistar a confiança dos clientes.

Mais: https://noticias.uol.com.br/tecnologia/noticias/redacao/2019/05/11/

Hacker Demos Jailbreak of iOS on iPhone X

By: Kacy Zurkus

A security researcher with the Qihoo 360 Vulcan Team, Qixun Zhao (@S0rryMybad), has revealed the second stage of an exploit chain in which he was able to remotely jailbreak the latest iOS system on iPhone X.

In a January 23 blog post, Zhao released the proof of concept (PoC) of a kernel vulnerability that can be reached in the sandbox, which he dubbed Chaos. For the benefit of beginners, he provides what he calls elaborate details on the tfp0 exploit, though he does not reveal the exploit code.

Instead, he stated, “if you want to jailbreak, you will need to complete the exploit code yourself or wait for the jailbreak community’s release. At the same time, I will not mention the exploit details of the post exploit, as this is handled by the jailbreak community.”

Zhao does demonstrate the jailbreak in a video posted to Twitter..

Following his intuition, Zhao said he believed there would be a path that would cause a leak, which he found could be exploited before iOS 12 even started in the sandbox.

Noting that the bug has been fixed in the most recent version, Zhao wrote, “As soon as I saw the code I felt that this part of the code is definitely lacking review and the quality is not high enough. After all, the code that can be directly reached in the sandbox, that means the kernel developer may not be familiar with the rules for generating MIG code. This information is more important than finding the bug in the above.”

More: https://www.infosecurity-magazine.com/news/hacker-demos-jailbreak-of-ios-on/

2018 Data Breaches: The List No One Wanted To Make

By: PYMNTS

So far this year (and there’s still one more day), Verizon reported that there have been 2,216 confirmed data breaches across 65 countries. Even more disturbing, perhaps, is that 68 percent of those breaches took months for the breached companies to discover. If that’s not disturbing enough, 28 percent of those incidents were perpetuated by insiders. More than half of those breaches by outsiders were done by members of organized crime.

According to the report, cybercrime touched nearly every sector throughout 2018, including those that may seem less obvious, like education or manufacturing — and for one obvious reason: the money. There were a few noteworthy headliners. For example, MarriottFacebook and a database marketing firm by the name of Exactis exposed the records of roughly 300 million people. So, as we turn the page to 2019, a year that will no doubt see more of the same, here’s another look at those that made The Best Of The Worst Things To Happen In 2018 list.

Facebook

Facebook’s 2018 regarding the stewardship of user data and privacy was one it would like to soon forget. The most eye-catching — and headline-generating — of those lapses was the Cambridge Analytica scandal, which saw the data of 87 million Facebook users end up in the hands of a political consultancy.

That incident, however, is not why Facebook makes this list. While the intricacies of how exactly Cambridge Analytica gathered the data are still somewhat contested, no one is disputing that it got access to customer data that it wasn’t supposed to have.

Facebook makes this list due to its late-September revelation that roughly 50 million of its users had their data exposed through an attack on its network. The social media giant found that attackers were able to take control of user accounts through a function within the platform’s code, according to reports. In the aftermath of the breach, about 90 million Facebook users had to log out while Facebook fixed the vulnerability and consulted the authorities.

More: https://www.pymnts.com/news/security-and-risk/2018/data-breach-user-account-card-retail-hack/

UnityPoint warns 1.4 million patients their information might have been breached by email hackers

By: Tony Leys

One of Iowa’s main hospital and clinic systems has notified about 1.4 million patients that their personal information might have been breached.

 UnityPoint Health officials said hackers used “phishing” techniques to break into the company’s email system. The company, based in West Des Moines, said the hackers could have obtained medical information, such as diagnoses and types of care, that was included in emails.

“While we are not aware of any misuse of patient information related to this incident, we are notifying patients about what happened, what information was involved, what we have done to address the situation, and what patients can do to help protect their information,” RaeAnn Isaacson, UnityPoint’s privacy officer, said in a press release Monday.

The hackers also might have obtained some patients’ financial information, such as bank account numbers, UnityPoint said.

The hackers used official-looking emails to obtain employees’ passwords, leading to the breach, the company said. The company said after it discovered the problem May 31, it hired outside experts and notified the FBI.

More: https://amp-desmoinesregister-com.cdn.ampproject.org

Boys Town Healthcare Data Breach Exposed Personal Details of Patients

By: Wang Wei

Another day, Another data breach!

This time-sensitive and personal data of hundreds of thousands of people at Boys Town National Research Hospital have been exposed in what appears to be the largest ever reported breach by a pediatric care provider or children’s hospital.

According to the U.S. Department of Health and Human Services Office for Civil Rights, the breach incident affected 105,309 individuals, including patients and employees, at the Omaha-based medical organization.

In a “Notice of Data Security Incident” published on its website, the Boys Town National Research Hospital admitted that the organization became aware of an abnormal behavior regarding one of its employees’ email account on May 23, 2018.

After launching a forensic investigation, the hospital found that an unknown hacker managed to infiltrate into the employee’s email account and stole personal information stored within the email account as a result of unauthorized access.

The hacker accessed the personal and medical data of more than 100,000 patients and employees, including:

  • Name
  • Date of birth
  • Social Security number
  • Diagnosis or treatment information
  • Medicare or Medicaid identification number
  • Medical record number
  • Billing/claims information
  • Health insurance information
  • Disability code
  • Birth or marriage certificate information
  • Employer Identification Number
  • Driver’s license number
  • Passport information
  • Banking or financial account number
  • Username and password

With this extensive information in hand, it’s most likely that hackers are already selling personal information of victims on the dark web or attempting to carry out further harm to them, particularly child patients at the hospital.

However, The Boys Town National Research Hospital says it has not received any reports of the misuse of the stolen information so far.

More: https://thehackernews.com/2018/07/data-breach-healthcare.html?m=1

Bitcoin in Brief Wednesday: Hacker Gets Trolled, Vertcoin Gets Hacked

By: Avi Mizrahi

With all the talk about buying lambos, and some people making serious money, it’s no surprise that the cryptocurrency world attracts hackers looking for rich targets. Today’s edition of Bitcoin in Brief showcases two typical cases and one atypical response.

Ransomware Hacker Trolled

Aaron Lammer, a cryptocurrency podcaster, got his website hijacked by a hacker demanding ransom. But instead of paying the requested 0.025 bitcoin or calling the police, he decided to have some fun with the criminal.

The hacker left a ‘contact us’ option, which is not as unusual as it might sound because often such schemers need to help victims with the process. The link directed Lammer to the facebook profile of one Barberousse Mohammed, and so he began trolling him. After Mohammed refused to accept a million pre-sale ICO tokens instead of bitcoin, Lammer tried to lure his hacker into the whole BTC vs. BCH debate by appearing to educate him about the advantages of bitcoin cash. See the entire amusing chat transcript here.

And don’t worry, eventually the website was restored by the hosting service. They said the hacker used a WordPress exploit on a different domain housed under the same user to gain control.

Vertcoin Twitter Hacked

Fake cryptocurrency giveaway scams continue to plague Twitter, with the latest example coming from Vertcoin. Usually the scammers create a new account that looks as close as possible to the real one and reply to all tweets with promises to send back large amounts to anyone that sends them ether. This time they actually took over the official Vertcoin account to promote the scam. Luckily, it appears that only three people actually fell for it and sent BTC to the address before the tweet was taken down.

More: https://news.bitcoin.com/bitcoin-in-brief-wednesday-hacker-gets-trolled-vertcoin-gets-hacked/?utm_source=OneSignal%20Push&&utm_medium=notification&&utm_campaign=Push%20Notifications

Iran angered by US imposition of cyber sanctions

By: BBC

Iran has railed against US sanctions imposed on 10 citizens and a tech firm accused of cyber attacks on at least 320 universities worldwide, along with US firms and government agencies.

Tehran called the sanctions a gimmick that was provocative, illegal and unjustified.

The Mabna Institute is accused of stealing 31 terabytes of “valuable intellectual property and data”.

Iranian foreign ministry spokesperson Bahram Qassemi said the new US sanctions were an act of provocation, and that the move would not prevent Iran’s technological progress.

“The US will definitely not benefit from the sanctions gimmick, aimed at stopping or preventing the scientific growth of the Iranian people,” Mr Qassemi said in a statement.

The indicted individuals are still in Iran. They were called “fugitives of justice” by US Deputy Attorney General Rod Rosenstein, and could face extradition in more than 100 countries if they travelled outside Iran.

Many of the “intrusions”, Mr Rosenstein said, were done “at the behest of the Iranian government and, specifically, the Iranian Revolutionary Guard Corps”.

More: http://www.bbc.com/news/world-middle-east-43527152?lipi=urn%3Ali%3Apage%3Ad_flagship3_feed%3BW3%2BPYrkkRCqlNdstUs%2FBkg%3D%3D