Hippogriff is available to fill the demand of exponential technological growth; a need for Cyber Security services is paramount. Too many companies are unaware of the dangerous that await them as they navigate the global economy. Most organizations at this time are infected at different levels of their network infrastructure. Most organizations employ an ill-equipped internal IT department or outsourced IT services that DO NOT specialize in the areas that Hippogriff is currently assisting in. The future will be even more hectic than things are now. Make sure your organization's systems are prepared to deal with emerging threats and changes to infrastructure.
Cryptocurrency Mining Attacks Using Leaked NSA Hacking Tools Are Still Highly Active a Year Later
It’s been over a year since highly classified exploits built by the National Security Agency were stolen and published online. One of the tools, dubbed EternalBlue, can covertly break into almost any Windows machine around the world. It didn’t take long for hackers to start using the exploits to run ransomware on thousands of computers, grinding hospitals and businesses to a halt. Two separate attacks in as many months used WannaCry and NotPetya ransomware, which spread like wildfire. Once a single computer in a network was infected, the malware would also target other devices on the network. The recovery was slow and cost companies hundreds of millions in damages.
Yet, more than a year since Microsoft released patches that slammed the backdoor shut, almost a million computers and networks are still unpatched and vulnerable to attack. Although WannaCry infections have slowed, hackers are still using the publicly accessible NSA exploits to infect computers to mine cryptocurrency.
Government Mass Surveillance Breached Human Rights, says European Court
Mass surveillance and data collection programs used by the U.K. government breached privacy and don't meet the necessary legal requirements to guarantee rights will be upheld, the European Court of Human Rights (ECHR) has ruled.
The court has concluded that the U.K.'s mass interception programs breached the European Convention on Human Rights.The case of 'Big Brother Watch and Others vs. the United Kingdom' was launched by privacy and civil liberties groups in the aftermath of the Edward Snowden revelations, which saw the former U.S. National Security Agency contractor blow the whistle on surveillance and intelligence sharing programs run by intelligence services in the United States and the United Kingdom .
In what represents its first ruling on U.K. surveillance programs, the judgement by the EctHR ruled that the GCHQ bulk interception regime violated Article 8 of the Convention of Human Rights — the right to respect for private and family/life communications — by five votes to two.
The justification for the ruling states there's "insufficient" oversight on the filtering, search and selection of intercepted communications for examination and that the safeguards government the communications were "inadequate." The ruling also states that UK's regime for authorizing bulk interception was incapable of keeping the "interference" to what is "necessary in a democratic society."
Brave Browser Files GDPR Breach Complaints Against Google in the E.U.
The team behind the Brave internet browser have filed a complaint with authorities in Ireland and the U.K. regarding privacy violations perpetrated by Google and other "ad tech" companies under the E.U.'s new European General Data Protection Regulation (GDPR).
The Brave team, represented by Chief Policy Officer Dr. Johnny Ryan, claims that Google and other advertising companies expose user data during a process called "bid request." A bid request occurs when a user visits a site that runs a special category of ads — called "behavioral ads" — from Google or another advertising firm.
Brave says the code for these ad slots gathers a large amount of user data and broadcasts it back to the advertising platform, exposing the site visitor's data to potential ad buyers who'd like to show an ad to that specific user — in a process known as real-time bidding (RTB).
UIDAI's Aadhaar Software Hacked, ID Database Compromised, Experts Confirm
The authenticity of the data stored in India's controversial Aadhaar identity database, which contains the biometrics and personal information of over 1 billion Indians, has been compromised by a software patch that disables critical security features of the software used to enroll new Aadhaar users, a three month-long investigation by HuffPost India reveals.
The patch — freely available for as little as Rs 2,500 (around $35) — allows unauthorized persons, based anywhere in the world, to generate Aadhaar numbers at will, and is still in widespread use. This has significant implications for national security at a time when the Indian government has sought to make Aadhaar numbers the gold standard for citizen identification, and mandatory for everything from using a mobile phone to accessing a bank account.
Bengaluru-based cyber security analyst and software developer Anand Venkatanarayanan, who also analyzed the software for HuffPost India and shared his findings with the NCIIPC government authority, said the patch was assembled by grafting code from older versions of the Aadhaar enrollment software — which had fewer security features — on to newer versions of the software.