Buffalo massacre suspect signaled plans on Discord for months
The gunman behind 10 deaths and 3 injuries at a supermarket in Buffalo, New York, this past weekend had posted about his planned attack on Discord since December. According to logs from the popular chat app, he made reference to his plans to commit a terrorist act at least 17 times in December alone to draw attention to his Twitch stream, where he broadcast the attack live. Logs also reveal that since November, he made 31 references to a similar deadly attack 3 years ago in Christchurch, New Zealand, while using the word “gun” 200 times, the word “shoot” 119 times, and the word “attack” over 200 times. He also abundantly used racist, anti-Semitic, and extremist language and phrases. While Discord has expressed condolences to families of the victims, experts point out that Discord is popular among extremists due to the platform’s large-scale content monitoring and enforcement issues.
Google faces litigation for unauthorised use of medical records
Google is facing a class-action lawsuit for the unlawful use of confidential medical records belonging to 1.6 million patients, without their knowledge or consent. The claim stems from a 2015 arrangement, whereby Google’s subsidiary DeepMind received patient data from the Royal Free London NHS Foundation Trust, for clinical safety testing of an app called ‘Streams’, which was developed to detect acute kidney injuries. The app was subsequently used by the Royal Free on a discount basis. The UK’s Information Commissioner’s Office (ICO) subsequently ruled that, while providing its patient data, Royal Free had not complied with requirements of the Data Protection Act.
Venezuelan doctor accused of developing and distributing ransomware
US authorities have accused 55-year-old Venezuelan cardiologist, Moises Luis Zagala Gonzalez (Zagala), of developing, selling and renting out ransomware to cyber-criminals worldwide. Zagala, who used the aliases “Nosophoros,” “Aesculapius” and “Nebuchadnezzar,” is accused of developing the Jigsaw v2 variant, which features a “Doomsday” counter that completely erases a victim’s hard drive after too many failed attempts to remove the malware. Additionally, Zagala has been linked to the ransomware-as-a-service (RaaS) operation that serves up Thanos. It’s unclear if Zagala is still at large, but the Department of Justice (DoJ) indicates that, if convicted, he faces ten years’ imprisonment for computer intrusion-related crimes.
Hackers may be able to steal your Tesla using new Bluetooth attack
Bluetooth Low Energy (BLE) technology is used in a wide spectrum of electronics from laptops and mobile phones to access control systems for cars, including that which is used in Tesla’s Model 3 and Model Y. While BLE has built-in relay attack defenses that kick in when a signal is repeated beyond the maximum tolerance of 30ms, researchers at the NCC Group have developed a tool that operates with a latency of just 8ms, allowing an attacker within close proximity to relay the signal at will to unlock and start the cars. Tesla has indicated, “that relay attacks are a known limitation of the passive entry system.” While options to defend against the attack are limited, Tesla owners are encouraged to use the ‘PIN to Drive’ feature, so even if their car is unlocked, an attacker won’t be able to drive away with it.
Thank you today’s episode sponsor, Torq
Debunked. While enterprises with thousands of endpoints and sprawling teams certainly need automation, businesses of all sizes face challenges related to other forms of scale when it comes to security. For instance, there are about 1 billion known types of malware in existence, and they imperil businesses of all sizes equally. To learn more about the realities of automation, head to torq.io.
93% of orgs have suffered a data-related business disruption
The 2022 State of Ransomware and Disaster Preparedness survey from the International Data Corporation (IDC), found that, last year, 60% medium and large organizations in North America and Western Europe suffered irrecoverable data loss, up from 43% the previous year. Seventy-nine percent of organizations indicated they activated a disaster recovery response over the last twelve months, with nearly two thirds (61%) attributing these incidents to ransomware or other malware. Respondents reported an average of 19.3 attacks (all types) and 2.3 ransomware attacks in the past year, with 93% of organizations suffering a data-related business disruption over the same period.
iPhones are vulnerable to attack even when turned off
A team of researchers from Germany’s Technical University of Darmstadt discovered that iPhone features including Bluetooth, Near Field Communication (NFC) and Ultra-wideband (UWB) technologies, which have access to sensitive info via iPhone’s Secure Element (SE), stay on via low power mode (LPM), even when modern iPhones are powered down. Researchers assert this could potentially allow an attacker to load malware to the device and access secure data such as a user’s credit card info, banking details or even digital car keys. While Apple has not responded to the findings, researchers say one potential solution would be to add a hardware-based switch which disconnects the battery while an iPhone is powered down.
SIA opens Women in Security scholarship applications
The Security Industry Association (SIA) has opened applications for the 2022 SIA Women in Security Forum Scholarship, a program that will offer multiple $10,000 scholarships that SIA members and students can use toward professional development and education.Scholarship funds may be used toward student loan debt, webinar registration, and information security related education and certification programs. Eligible scholarship applicants have until July 1 to apply.
(ISC)² to offer thousands of free entry-level certification exams in UK
(ISC)² unveiled its 100K in the UK program which will provide its new, entry-level cybersecurity certification exam and related materials for free to 100,000 UK residents who have recently graduated or are looking to move into cyber security from another profession. The exam evaluates candidates across five domains, including Security Principles, Business Continuity (BC), Disaster Recovery (DR) and Incident Response, Access Control, Network Security, and Security Operations. The multi-year, multi-million-pound program aims to upskill the UK’s cybersecurity workforce.