Bjarteblogg

https://www.nrk.no/norge/stortinget-utsett-for-nytt-dataangrep-1.15411279

Andreassen seier det er snakk om såkalla 0-dags sårbarheiter. Det vil seie svakheiter som leverandøren ikkje har vore klar over, og som aktørar kan utnytte.

– Stortinget kunne difor ikkje ha hindra dette angrepet, og vi er heller ikkje aleine, seier ho.

Andreassen forklarer tidslinja for korleis angrepet blei oppdaga slik: – 2. mars: Microsoft orienterer om sårbarheitene i programmet – 3. mars: Sikkerheitsoppdateringa blei gjort tilgjengeleg. Systema på Stortinget blei oppdatert. – 5. mars: Stortinget fekk varsel frå NSM om uvanleg trafikk inn mot systema på Stortinget. NSM orienterte offentleg om svakheitene ved Microsoft Exchange. – 8. mars: Stortinget fekk stadfesta at data var henta ut frå systemet.

Stortinget vil ikkje seie kva type informasjon som er henta ut, men Andreassen seier dei samarbeider tett med NSM om å avdekke omfanget og avgjere kva tiltak som skal settast inn.

– Vi har sett i gang passordskifte for alle tilsette og representantar.

https://www.aftenposten.no/norge/i/PRnGRX/stortinget-utsatt-for-it-angrep-et-angrep-paa-vaart-demokrati

Jøsang er professor i digital sikkerhet ved Universitetet i Oslo. Han sier sikkerhetshullet til Microsoft er en gullgruve for spionasje.

– Potensielt kan angriperne ha stjålet alle e-poster, alle adresselister og alle kalendere til stortingsrepresentanter. Det er temmelig sjokkerende. Det er uvisst om angrepet er så stort.

Angrepet har vært muliggjort av et sikkerhetshull hos Microsoft Exchange. Jøsang sier at det derfor er for mye å forlange at Stortinget skulle forhindre dette.

https://www.bloomberg.com/news/articles/2021-03-09/hackers-expose-tesla-jails-in-breach-of-150-000-security-cams

A group of hackers say they breached a massive trove of security-camera data collected by Silicon Valley startup Verkada Inc., gaining access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons and schools.

Some of the cameras, including in hospitals, use facial-recognition technology to identify and categorize people captured on the footage. The hackers say they also have access to the full video archive of all Verkada customers.

https://www.bt.no/nyheter/innenriks/i/BlkXR7/data-hentet-ut-i-nytt-it-angrep-mot-stortinget

Angrepet er knyttet til sårbarheter hos Microsoft Exchange, som flere virksomheter er rammet av.

Nasjonal sikkerhetsmyndighet (NSM) ba tidligere i mars alle brukere om å oppdatere Microsoft Exchange. Flere tusen selskaper og myndigheter har blitt rammet av cyberangrep mot Microsoft Exchange, ifølge Reuters.

https://e24.no/teknologi/i/wenm8M/avinor-forretningskritisk-informasjon-kan-ha-kommet-paa-avveie

Avinor har avdekket innbrudd i e-postkontoen til en av sine ansatte. Analyser viser at data har blitt hentet ut av kontoen, skriver Avinor i en pressemelding.

«Angrepet innebærer at en inntrenger har kopiert informasjon fra den ansattes e-postkonto. Forretningskritisk og personsensitiv informasjon kan derfor ha kommet på avveie,» skriver Avinor.

Selskapet understreker at det ikke finnes indikasjoner på at Avinors operative systemer er berørt, «flysikkerheten er derfor ikke påvirket av hendelsen».

https://nrkbeta.no/2021/03/09/microsoft-exchange-la-igjen-bakdor-hos-trondersk-kollektivselskap/

Norske virksomheter har den siste uken jobbet mot klokka med å installere en kritisk sikkerhetsoppdatering. De som ikke er raske nok kan bli ofre for spionasje og løsepengevirus. Norsk sikkerhetsmyndighet (NSM) advarer om at en mye brukt Microsoft-løsning for e-post bør anses som «mulig kompromittert» om nødvendige sikkerhetsoppdateringer ikke ble gjort innen onsdag i forrige uke.

Søndag kveld viste undersøkelser gjort av sikkerhetsselskapet Defendable at minst 269 Microsoft-servere i Norge fortsatt manglet disse oppdateringene.

https://www.nrk.no/trondelag/dataangrep-mot-hurtigruten_-sensitive-opplysninger-om-ansatte-i-hurtigruten-er-publisert-pa-dark-web-1.15404764

Opplysninger fra fem skip har havnet på avveie. Hurtigruten har sendt brev til gjester og ansatte som er rammet av dataangrepet.

[D]e som brøt seg inn fikk tilgang til fullt navn, fødselsnumre og info om ansettelsesforhold til medlemmer av besetningen.

Det inkluderer arbeidsavtaler, sykemeldinger, dokumentasjon til Nav og andre HR-relaterte forhold.

Informasjonen var lagret på servere om bord på skipet.

https://digitstodollars.com/2021/03/05/youre-on-allocation/

The current shortage is driven by two things: Covid and manufacturing is hard. Last year, factories in China started shutting down early in the year. By the time they started re-opening later in the year, factories everywhere else had shut down, or at least drastically scaled back. So many Chinese factories did not scale production up in a hurry. The result was reduced output everywhere. Then early this year it became clear that pandemic was under control in China and vaccines were coming soon everywhere, and that demand for many electronic devices was stronger than ever. Companies across the supply chain suddenly had to race to catch up, but often found their suppliers were not back to producing at full scale. This caused wrinkles to spread across the industry. Finally, it appears now that shipping has become a bottleneck with air freight prices sky high (pun intended) and US ports still dealing with scaled back working conditions. You could probably also throw in the US-China Trade War, but let’s not go down that particular rabbit hole now, just chalk it up to further complicating the situation.

The best example of this, and one we commonly hear, is the proverbial $2 electric motor which prevents completion of a $50,000 car. Now multiply this by 10,000 companies all hindered in their ability to ship because of some shortage from someone else’s factory.

https://www.jwnenergy.com/article/2021/3/5/gates-backs-icelandic-startup-that-turns-carbon-di/

Reykjavik-based Carbfix captures and dissolves CO₂ in water, then injects it into the ground where it turns into stone in less than two years.

https://www.bbc.com/news/technology-56321567

The European Banking Authority’s email servers have been compromised in a global Microsoft Exchange cyber-attack.

The EU body said personal data may have been accessed from its servers. And it had pulled its entire email system offline while it assessed the damage.

https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/

At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that’s focused on stealing email from victim organizations, multiple sources tell KrebsOnSecurity. The espionage group is exploiting four newly-discovered flaws in Microsoft Exchange Server email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems.

By all accounts, rooting out these intruders is going to require an unprecedented and urgent nationwide clean-up effort. Adair and others say they’re worried that the longer it takes for victims to remove the backdoors, the more likely it is that the intruders will follow up by installing additional backdoors, and perhaps broadening the attack to include other portions of the victim’s network infrastructure.

KrebsOnSecurity has seen portions of a victim list compiled by running such a tool, and it is not a pretty picture. The backdoor web shell is verifiably present on the networks of thousands of U.S. organizations, including banks, credit unions, non-profits, telecommunications providers, public utilities and police, fire and rescue units.

“It’s police departments, hospitals, tons of city and state governments and credit unions,” said one source who’s working closely with federal officials on the matter. “Just about everyone who’s running self-hosted Outlook Web Access and wasn’t patched as of a few days ago got hit with a zero-day attack.”

https://www.eff.org/deeplinks/2021/03/googles-floc-terrible-idea

Google can choose to dismantle the old scaffolding for surveillance without replacing it with something new and uniquely harmful.

We emphatically reject the future of FLoC. That is not the world we want, nor the one users deserve. Google needs to learn the correct lessons from the era of third-party tracking and design its browser to work for users, not for advertisers.

https://academictimes.com/first-vaccine-to-fully-immunize-against-malaria-builds-on-pandemic-driven-rna-tech/

Consistently ranked as one of the leading causes of death around the world, malaria doesn’t have an effective vaccine yet. But researchers have invented a promising new blueprint for one — with properties akin to the novel RNA-based vaccine for COVID-19.

https://arstechnica.com/tech-policy/2021/02/citibank-just-got-a-500-million-lesson-in-the-importance-of-ui-design/

Citibank was trying to make $7.8M in interest payments. It sent $900M instead.

https://www.drammen.kommune.no/om-kommunen/aktuelt/hackerangrep/

Drammen kommune har vært utsatt for et hackerangrep på en mindre del av infrastrukturen for vann og avløp. Kommunen har kontroll på situasjonen, og alle vann- og avløpssystemer fungerer som normalt. Ingen av kommunens innbyggere er berørt av situasjonen, og ingen personopplysninger er på avveie.

https://astralcodexten.substack.com/p/list-of-fictional-cryptocurrencies

https://www.nrk.no/innlandet/kan-ta-et-halvt-ar-for-ostre-toten-a-rette-opp-dataangrep-1.15364106

Den første uka var mange helt uten e-post.

Sosialhjelpsmottakere måtte skrive søknader på nytt.

Alle PC-er måtte formateres og få lagt til ny programvare.

Det er stor fare for at sensitive data er kommet på avveie.

Også sikkerhetskopier ble slettet av angriperne.

Ansatte måtte jobbe med penn og papir i starten.

Angrepet vil trolig koste minst 10 millioner kroner.

https://www.nytimes.com/2021/02/08/us/oldsmar-florida-water-supply-hack.html

Hackers remotely accessed the water treatment plant of a small Florida city last week and briefly changed the levels of lye in the drinking water, in the kind of critical infrastructure intrusion that cybersecurity experts have long warned about.

the level of sodium hydroxide — the main ingredient in drain cleaner — was changed from 100 parts per million to 11,100 parts per million, dangerous levels that could have badly sickened residents if it had reached their homes.

https://www.theverge.com/2021/1/12/22226792/whatsapp-privacy-policy-response-signal-telegram-controversy-clarification

The company is trying to contain fallout over a privacy policy update

the change is designed to outline how businesses who use WhatsApp for customer service may store logs of its chats on Facebook servers.

https://www.nytimes.com/2021/01/09/magazine/trump-coup.html

A historian of fascism and political atrocity on Trump, the mob and what comes next.