A cyberattack targeting a contractor working for the International Committee of the Red Cross has spilled confidential data on more than 515,000 “highly vulnerable” people, many of whom have been separated from their families due to conflict, migration and disaster. From a report:
The Red Cross did not name the contractor, based in Switzerland, which it uses to store data nor say what led to the security incident, but said that the data comes from at least 60 Red Cross and Red Crescent national societies. In a statement, the international organization pleaded with the attackers not to publicly share or leak the information given the sensitivity of the data.
The European Parliament has definitively backed major limits on behavioral advertising during a plenary vote on amendments to the pan-EU Digital Services Act (DSA).
A cyberattack targeting a contractor working for the International Committee of the Red Cross has spilled confidential data on more than 515,000 “highly vulnerable” people, many of whom have been separated from their families due to conflict, migration and disaster.
An exploration of zero-click attack surface for the popular video conferencing solution Zoom has yielded two previously undisclosed security vulnerabilities that could be exploited to crash the service, execute malicious code, and even leak arbitrary areas of its memory.
An anonymous reader quotes a report from The Guardian: Antimicrobial resistance poses a significant threat to humanity, health leaders have warned, as a study reveals it has become a leading cause of death worldwide and is killing about 3,500 people every day. More than 1.2 million — and potentially millions more — died in 2019 as a direct result of antibiotic-resistant bacterial infections, according to the most comprehensive estimate to date of the global impact of antimicrobial resistance (AMR). The stark analysis covering more than 200 countries and territories was published in the Lancet. It says AMR is killing more people than HIV/Aids or malaria. Many hundreds of thousands of deaths are occurring due to common, previously treatable infections, the study says, because bacteria that cause them have become resistant to treatment.
The new Global Research on Antimicrobial Resistance (Gram) report estimates deaths linked to 23 pathogens and 88 pathogen-drug combinations across 204 countries and territories in 2019. Statistical modeling was used to produce estimates of the impact of AMR in all locations — including those with no data — using more than 470m individual records obtained from systematic literature reviews, hospital systems, surveillance systems, and other data sources. The analysis shows AMR was directly responsible for an estimated 1.27 million deaths worldwide, and associated with an estimated 4.95 million deaths, in 2019. HIV/Aids and malaria have been estimated to have caused 860,000 and 640,000 deaths, respectively, in 2019. While AMR poses a threat to people of all ages, young children were found to be at particularly high risk, with one in five deaths attributable to AMR occurring in children under the age of five.
Hackable: 3, Vulnhub medium machine was created by Elias Sousa and can be downloadedhere.This lab is designed for experienced CTF players who want to put their abilities to the test. We used the machine in the way that it was designed. Also, if you haven’t checked the machine or are having problems, you can attempt every approach you know. The key is port knocking, so let’s get started and discover how to split things down into digestible chunks.
Pentesting Methodology
Network Scanning
netdiscover
nmap
Enumeration
abusing http
dirb
wordlist
port knocking
Exploitation
hydra
ssh
user flag
linpeas
Privilege Escalation
lxd
root flag
Level: Medium
Network Scanning
To begin with, we must use the netdiscover command to scan the network for the IP address of the victim machine.
netdiscover
Our IP address is 192.168.1.185.
To move forward in this process, we are launching Nmap. For open port enumeration.
nmap -sC -sV 192.168.1.185
According to Nmap, we have an SSH server operating on port 22 and an HTTP service (Apache Server) running on port 80.
Enumeration
First, we’ll attempt to use HTTP. Let’s look at port 80 and see if anything interesting comes up. We can immediately verify it in the browser because the Apache Server is listening on port 80.
w
Nothing in-trusting on the main page. As a result, we examined its source code and discovered some information that will be valuable in this lab.
We received a link to the login page.
We chose the username “jubiscleudo.”
We have gotten a hint that this lab requires port knocking.
To find out more about this laboratory. To uncover certain hidden directory paths, we execute a dirb directory scan.
At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner, which has been integrated into Kaspersky products since the beginning of 2019. Further analysis has shown that a single component within the inspected firmware’s image was modified by attackers in a way that allowed them to intercept the original execution flow of the machine’s boot sequence and introduce a sophisticated infection chain.
A coordinated law enforcement operation has resulted in the arrest of 11 members allegedly belonging to a Nigerian cybercrime gang notorious for perpetrating business email compromise (BEC) attacks targeting more than 50,000 victims in recent years.
The Red Cross has disclosed that it was the victim of a cyber attack and has asked the hackers who broke into the IT network of one of its contractors not to leak the personal information of more than 515,000 of “highly vulnerable people.” The Record reports: The data was stolen from a Red Cross program called Restoring Family Links, which aims to reunite family members separated by conflict, disaster, or migration. “While we don’t know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them,” said Robert Mardini, director-general for the International Committee of the Red Cross. “Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world’s least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data,” Mardini said.
“While we don’t know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them,” said Robert Mardini, director-general for the International Committee of the Red Cross. “Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world’s least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data,” Mardini said. “The people affected include missing people and their families, unaccompanied or separated children, detainees and other people receiving services from the Red Cross and Red Crescent Movement as a result of armed conflict, natural disasters or migration,” the organization said in an email.
Terra Quantum, a Zurich, Switzerland-based startup that aims to build a Quantum-as-a-Service platform (including, eventually, its own proprietary quantum hardware), today announced that it has raised a $60 million Series A round led by Lakestar, which also backed the company’s 2019 seed round. The additional investors in this round prefer to remain anonymous. According to Terra, they include two of the largest and globally renowned German family offices and one of the most influential cryptocurrency investors globally.
Advertorial I’ve seen it countless times. Another CISO walks into a board meeting and muddles through stats showing their compliance status. Great, you’re 75% compliant with ISO 27001, but what does this tell anyone about their level of risk?
A quick and pain-free scan of the human eyeball could one day help doctors identify “fast agers,” who are at greater risk of early mortality. ScienceAlert reports: A machine learning model has now been taught to predict a person’s years of life simply by looking at their retina, which is the tissue at the back of the eye. The algorithm is so accurate, it could predict the age of nearly 47,000 middle-aged and elderly adults in the United Kingdom within a bracket of 3.5 years. Just over a decade after these retinas were scanned, 1,871 individuals had died, and those who had older-looking retinas were more likely to fall in this group.
For instance, if the algorithm predicted a person’s retina was a year older than their actual age, their risk of death from any cause in the next 11 years went up by 2 percent. At the same time, their risk of death from a cause other than cardiovascular disease or cancer went up by 3 percent. The findings are purely observational, which means we still don’t know what is driving this relationship at a biological level. Nevertheless, the results support growing evidence that the retina is highly sensitive to the damages of aging. Because this visible tissue hosts both blood vessels and nerves, it could tell us important information about an individual’s vascular and brain health.
Microsoft on Wednesday disclosed details of a new security vulnerability in SolarWinds Serv-U software that it said was being weaponized by threat actors to propagate attacks leveraging the Log4j flaws to compromise targets.
The modern digital environment is more risky than ever before, and the incidence of cyberattacks only increased throughout the COVID-19 pandemic. In this day and age, even the most robust security systems may still be penetrated or breached by a sophisticated cyber-attack. This means companies can no longer afford to be complacent about security.
Trusted-Computing-Group-article-USCM-winter-2022-Issue The number of cyber-attacks attempting to compromise global industry supply chains are on the rise, and a new survey by BlueVoyant found that 97 percent of global firms have been impacted by a cybersecurity breach in their supply chain in the past 12 months. Not only that, but 95 percent of respondents said their … Continue reading “How to Reduce The Risk of Cyber-Attacks on Global Supply Chains”
Finding Log4j Instances in Runtime and Tracking Completed Remediation at a Fortune 100 Company
Time is a funny thing. It’s hard to believe that it’s already been just over a month since Log4Shell, a zero-day vulnerability in the Java logging tool Log4j, was publicly disclosed on December 9th, 2021. The following day, I was contacted by one of our customers, a Fortune 100 company, for assistance with finding and patching Log4j instances amongst the millions of assets they manage. At the onset of the crisis they estimated it would take 2-3 months just to discover instances of Log4j across their environment, and several more months to remediate instances that were vulnerable.
An anonymous reader quotes a report from The Verge: The CEO of cryptocurrency exchange Crypto.com, Kris Marszalek, has finally confirmed that hundreds of user accounts were indeed compromised by hackers and had funds stolen as a result, though details of the exact method of breach remain unclear. Marszalek acknowledged the hack in an online interview with Bloomberg Wednesday, stating that around 400 customer accounts had been compromised. He also told Bloomberg that he had not received any outreach from regulators since the attack was first disclosed but would share information if official inquiries were made.
Previous statements from Marszalek and other communications from Crypto.com have been criticized for being vague and unclear. Official messaging from the company referred to a security “incident,” and an early Twitter post mentioned only that a small number of users were “reporting suspicious activity on their accounts.” Marszalek followed up by tweeting that “no customer funds were lost” — a statement some commentators interpreted as meaning that the exchange would take the financial hit rather than passing it on to customers. Shortly afterward, security company PeckShield posted a tweet claiming that, in reality, Crypto.com’s losses amounted to around $15 million in ETH and were being sent to Tornado Cash to be “washed.”