LightBasin collects user data from the telecommunications infrastructure. Consent by contract. A convicted UPMC hacker. Ransomware hits a candy business.



In one look.

  • The LightBasin business cluster looks like a SIGINT compromising telecommunications.
  • The Irish draft DPC ruling would allow Facebook to obtain user consent by contract.
  • UPMC hacker gets seven years for conspiracy to defraud the US government and aggravated identity theft.
  • Ransomware disrupts production at Ferrara Candy.

The LightBasin spy operation threatens the telecommunications industry.

CrowdStrike researchers have uncovered a surveillance activity, dubbed LightBasin (linked to China but not officially attributed) that has infiltrated the global telecommunications industry since 2016. The operation showcases impressive industry knowledge, emulating protocols of telecommunications in order to develop a personalized infiltration. techniques for collecting subscriber information and call metadata, information that may be of interest to signals intelligence organizations. Although the researchers do not directly attribute the operation to China, clues in the code of the tools indicate that the group has knowledge of the Chinese language. CyberScoop notes that the report follows efforts by the U.S. Central Intelligence Agency to focus on China’s capabilities in light of growing geopolitical competition. Adam Meyers, senior vice president of intelligence at CrowdStrike, points out how this operation could render traditional malware attacks useless: “They don’t need to deploy the malware on your phone if they have the network on it. which your phone is running. ”

Facebook has given permission to bypass user consent.

The Irish Data Protection Commissioner (DPC) has drafted a ruling that allows Facebook to effectively circumvent the General Data Protection Regulation (GDPR) by allowing the social media giant to process the data of EU users without obtaining user consent. It’s well known that consent is a central requirement of GDPR, but Security Week explains how Facebook uses its terms of service to circumvent this stipulation. By adding data processing specifications to its terms and conditions, which each user must agree to in order to use the platform, Facebook is effectively entering into a contract with each user. The Terms of Use statement details a list of “Master Data Uses”, including “to transfer, transmit, store or process your data outside of the EEA, including the United States and others. country “. In other words, by allowing this the Irish Data Protection Authority implies that Facebook does not have to adhere to the GDPR definition of user consent or the European Court’s Schrems II decision, which declares that the transfer of European PII to the United States is illegal. under the Privacy Shield.

UPMC tax evasion hacker convicted.

Justin Sean Johnson, the hacker responsible for stealing the private data of more than 65,000 employees at the University of Pittsburgh Medical Center (UPMC), located in the state of Pennsylvania, was sentenced to seven years in prison for conspiring to ‘defrauding the United States and aggravated identity theft. As Security Week explains, the breach fueled a tax evasion operation in which cybercriminals, Mr Johnson’s clients, demanded hundreds of thousands of dollars in illicit refunds. Johnson (also known as TheDearthStar or Dearthy Star) is also responsible for the theft of an additional 90,000 sets of tax data from other sources that generated nearly $ 2 million in fraudulent tax returns.

More stuff than candy.

Sweetcorn, universally considered the worst of all Halloween candy, is it unattractive enough to inspire a cybercrime operation just to shut down its production? DarkReading reports that corn candy maker Ferrara Candy Co. suffered a ransomware attack earlier this month that shut down some of its systems and halt manufacturing at some factories. However, fans of the waxy and tricolor tailoring don’t have to worry about All Saints’ Day; As most of the expeditions were completed before the attack, Ferrara says the attack should not impact the supply of Halloween candy. And the disruption seemed to affect production; there is no report of loss of personal data.

As it stands, the effects of a ransomware attack are worth considering. Alex Pezold, CEO of TokenEx, wrote:

“Being locked out of your systems by ransomware can have immediate and disastrous consequences for any organization. Whether it disrupts supply chain management or prevents you from processing transactions, every second that your systems are down costs you money.

“It’s clear that ransomware attacks and other attempted data store breaches are more frequent than ever before, so every organization needs to have a plan for what data to protect and how to protect it. As experts continue to investigate and we learn more about the specific attack methods used by hackers, we must also consider more effective defenses. Specifically, we must work to strengthen the resiliency of corporate systems and implement appropriate disaster recovery protocols so that these systems can be “rebooted” if necessary. “

Danny Lopez, CEO of Glasswall, sees the seasonal angle:

“It’s probably no coincidence that attackers hit a candy company’s supply chain just before Halloween – knowing full well that the urgency and demand at this time of year will increase the likelihood that they get the payment they want Ferrara, however, is not alone Ransomware attacks in all industries are on the rise.

“Organizations must adopt robust processes for the onboarding and offshoring of employees and affiliates who may have access to key information systems. It is essential to control privileged access and monitor those who have this administrator privilege. Ensuring that multi-factor authentication is enforced wherever possible is a vital defense when user credentials end up in the public domain. This will help limit the explosion radius and in most cases defeat the data breach.

“Even though all procedures and policies are executed well, there is no denying that adversaries are constantly looking to probe for vulnerabilities and insert malware into the environment, often with the help of everyday business documents that we all use. It is vital that critical infrastructure organizations invest in cyber protection services that stay ahead of attackers by eliminating threats while allowing employees to do their vital jobs.

“Attacks like these demonstrate that a traditional approach to network security leaves organizations at risk. Zero trust security sees the world differently. No one is trustworthy by default, whether inside or outside a network. In a world where data can be held between multiple cloud providers, it is crucial to strengthen all processes related to access verification.

And, finally, Egnyte’s cybersecurity evangelist Neil Jones believes the latest incident should make ransomware preparedness urgent:

“The recent Ferrara Candy ransomware attack, along with the JBS and Colonial Pipeline cyber attacks that preceded it, demonstrate that your organization needs to make cybersecurity a priority for conference rooms, if it isn’t already. For years, cybercriminals have attacked financial gain goals, but we are now seeing an alarming pattern of debilitating attacks on our power supply, critical infrastructure and our IP supply chain, which can have a crippling impact on the economy. American. to implement proactive data hygiene and protection behaviors, such as patching your CVEs and hardening your databases now. It could save your life. “


Previous 5G Accelerates Verizon Postpaid User Additions and Helps Increase Profit Visibility
Next The fiber optic market will grow at a significant rate until 2027

No Comment

Leave a reply

Your email address will not be published.