Locations and Contact Data on 515,000 Vulnerable People Stolen in Red Cross Data Breach

A cyberattack targeting a contractor working for the International Committee of the Red Cross has spilled confidential data on more than 515,000 “highly vulnerable” people, many of whom have been separated from their families due to conflict, migration and disaster. From a report:

The Red Cross did not name the contractor, based in Switzerland, which it uses to store data nor say what led to the security incident, but said that the data comes from at least 60 Red Cross and Red Crescent national societies. In a statement, the international organization pleaded with the attackers not to publicly share or leak the information given the sensitivity of the data.

Antimicrobial Resistance Now a Leading Cause of Death Worldwide, Study Finds

An anonymous reader quotes a report from The Guardian: Antimicrobial resistance poses a significant threat to humanity, health leaders have warned, as a study reveals it has become a leading cause of death worldwide and is killing about 3,500 people every day. More than 1.2 million — and potentially millions more — died in 2019 as a direct result of antibiotic-resistant bacterial infections, according to the most comprehensive estimate to date of the global impact of antimicrobial resistance (AMR). The stark analysis covering more than 200 countries and territories was published in the Lancet. It says AMR is killing more people than HIV/Aids or malaria. Many hundreds of thousands of deaths are occurring due to common, previously treatable infections, the study says, because bacteria that cause them have become resistant to treatment.

The new Global Research on Antimicrobial Resistance (Gram) report estimates deaths linked to 23 pathogens and 88 pathogen-drug combinations across 204 countries and territories in 2019. Statistical modeling was used to produce estimates of the impact of AMR in all locations — including those with no data — using more than 470m individual records obtained from systematic literature reviews, hospital systems, surveillance systems, and other data sources. The analysis shows AMR was directly responsible for an estimated 1.27 million deaths worldwide, and associated with an estimated 4.95 million deaths, in 2019. HIV/Aids and malaria have been estimated to have caused 860,000 and 640,000 deaths, respectively, in 2019. While AMR poses a threat to people of all ages, young children were found to be at particularly high risk, with one in five deaths attributable to AMR occurring in children under the age of five.

Hackable: 3 VulnHub Walkthrough

Hackable: 3, Vulnhub medium machine was created by Elias Sousa and can be downloaded here.This lab is designed for experienced CTF players who want to put their abilities to the test. We used the machine in the way that it was designed. Also, if you haven’t checked the machine or are having problems, you can attempt every approach you know. The key is port knocking, so let’s get started and discover how to split things down into digestible chunks.

Pentesting Methodology

Network Scanning

  • netdiscover
  • nmap

Enumeration

  • abusing http
  • dirb
  • wordlist
  • port knocking

Exploitation

  • hydra
  • ssh
  • user flag
  • linpeas

Privilege Escalation

  • lxd
  • root flag

Level: Medium

Network Scanning

To begin with, we must use the netdiscover command to scan the network for the IP address of the victim machine.

netdiscover

Our IP address is 192.168.1.185.

To move forward in this process, we are launching Nmap. For open port enumeration.

nmap -sC -sV 192.168.1.185

 According to Nmap, we have an SSH server operating on port 22 and an HTTP service (Apache Server) running on port 80.

Enumeration

First, we’ll attempt to use HTTP. Let’s look at port 80 and see if anything interesting comes up. We can immediately verify it in the browser because the Apache Server is listening on port 80.

w

Nothing in-trusting on the main page. As a result, we examined its source code and discovered some information that will be valuable in this lab.

  • We received a link to the login page.
  • We chose the username “jubiscleudo.”
  • We have gotten a hint that this lab requires port knocking.

To find out more about this laboratory. To uncover certain hidden directory paths, we execute a dirb directory scan.

dirb http://192.168.1.185/

MoonBounce: the dark side of UEFI firmware

What happened?

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner, which has been integrated into Kaspersky products since the beginning of 2019. Further analysis has shown that a single component within the inspected firmware’s image was modified by attackers in a way that allowed them to intercept the original execution flow of the machine’s boot sequence and introduce a sophisticated infection chain.

Red Cross Begs Hackers Not To Leak Data of ‘Highly Vulnerable People’

The Red Cross has disclosed that it was the victim of a cyber attack and has asked the hackers who broke into the IT network of one of its contractors not to leak the personal information of more than 515,000 of “highly vulnerable people.” The Record reports: The data was stolen from a Red Cross program called Restoring Family Links, which aims to reunite family members separated by conflict, disaster, or migration. “While we don’t know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them,” said Robert Mardini, director-general for the International Committee of the Red Cross. “Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world’s least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data,” Mardini said.

“While we don’t know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them,” said Robert Mardini, director-general for the International Committee of the Red Cross. “Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world’s least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data,” Mardini said. “The people affected include missing people and their families, unaccompanied or separated children, detainees and other people receiving services from the Red Cross and Red Crescent Movement as a result of armed conflict, natural disasters or migration,” the organization said in an email.

Terra Quantum raises $60M for its Quantum-as-a-Service platform

Terra Quantum, a Zurich, Switzerland-based startup that aims to build a Quantum-as-a-Service platform (including, eventually, its own proprietary quantum hardware), today announced that it has raised a $60 million Series A round led by Lakestar, which also backed the company’s 2019 seed round. The additional investors in this round prefer to remain anonymous. According to Terra, they include two of the largest and globally renowned German family offices and one of the most influential cryptocurrency investors globally.

Something In Your Eyes May Reveal If You’re At Risk of Early Death, Study Shows

A quick and pain-free scan of the human eyeball could one day help doctors identify “fast agers,” who are at greater risk of early mortality. ScienceAlert reports: A machine learning model has now been taught to predict a person’s years of life simply by looking at their retina, which is the tissue at the back of the eye. The algorithm is so accurate, it could predict the age of nearly 47,000 middle-aged and elderly adults in the United Kingdom within a bracket of 3.5 years. Just over a decade after these retinas were scanned, 1,871 individuals had died, and those who had older-looking retinas were more likely to fall in this group.

For instance, if the algorithm predicted a person’s retina was a year older than their actual age, their risk of death from any cause in the next 11 years went up by 2 percent. At the same time, their risk of death from a cause other than cardiovascular disease or cancer went up by 3 percent. The findings are purely observational, which means we still don’t know what is driving this relationship at a biological level. Nevertheless, the results support growing evidence that the retina is highly sensitive to the damages of aging. Because this visible tissue hosts both blood vessels and nerves, it could tell us important information about an individual’s vascular and brain health.

How to Reduce The Risk of Cyber-Attacks on Global Supply Chains

Trusted-Computing-Group-article-USCM-winter-2022-Issue The number of cyber-attacks attempting to compromise global industry supply chains are on the rise, and a new survey by BlueVoyant found that 97 percent of global firms have been impacted by a cybersecurity breach in their supply chain in the past 12 months. Not only that, but 95 percent of respondents said their … Continue reading “How to Reduce The Risk of Cyber-Attacks on Global Supply Chains”

Hunting for Log4j Vulnerabilities: A Fortune 100 Case Study

Finding Log4j Instances in Runtime and Tracking Completed Remediation at a Fortune 100 Company

Time is a funny thing. It’s hard to believe that it’s already been just over a month since Log4Shell, a zero-day vulnerability in the Java logging tool Log4j, was publicly disclosed on December 9th, 2021. The following day, I was contacted by one of our customers, a Fortune 100 company, for assistance with finding and patching Log4j instances amongst the millions of assets they manage. At the onset of the crisis they estimated it would take 2-3 months just to discover instances of Log4j across their environment, and several more months to remediate instances that were vulnerable.

Crypto.com CEO Confirms Hundreds of Accounts Were Hacked

An anonymous reader quotes a report from The Verge: The CEO of cryptocurrency exchange Crypto.com, Kris Marszalek, has finally confirmed that hundreds of user accounts were indeed compromised by hackers and had funds stolen as a result, though details of the exact method of breach remain unclear. Marszalek acknowledged the hack in an online interview with Bloomberg Wednesday, stating that around 400 customer accounts had been compromised. He also told Bloomberg that he had not received any outreach from regulators since the attack was first disclosed but would share information if official inquiries were made.

Previous statements from Marszalek and other communications from Crypto.com have been criticized for being vague and unclear. Official messaging from the company referred to a security “incident,” and an early Twitter post mentioned only that a small number of users were “reporting suspicious activity on their accounts.” Marszalek followed up by tweeting that “no customer funds were lost” — a statement some commentators interpreted as meaning that the exchange would take the financial hit rather than passing it on to customers. Shortly afterward, security company PeckShield posted a tweet claiming that, in reality, Crypto.com’s losses amounted to around $15 million in ETH and were being sent to Tornado Cash to be “washed.”