Decade-old healthcare security SNAFU settled for 11M•TheRegister−HealthNetFederalServices(HNFS)anditsparentcompanyCenteneCorporation,werefoundliableoflyingonsecurityattestationsandignoring3rdpartyauditsoftheirenvironmentfrom2015−2018.Fineamountsto0.0067163Bn).
Thousands of trafficked scammers await return to Thailand • The Register - Prime Minister Shinawatra said around 7,000 individuals are awaiting transfer to Thailand after being rescued from call centers in Myanmar.
Meta confirms ‘Project Waterworth,’ a global subsea cable project spanning 50,000 kilometers | TechCrunch - Meta will string a cable from the US, Brazil, India, South Africa, and elsewhere. The US Gov’t has committed to the Indian government to assist in this project. Meta-owned Facebook and Insta currently account for 10% of all fixed-internet traffic, and 22% of all mobile traffic.
Valve removes Steam game that contained malware | TechCrunch - Constant vigilance.
Beware of DDoSes from Mirai-based botnet of Mitel phones • The Register - Mitel, the phone thats sat on hundreds of desks across the world may have default credentials, and may have been roped into a Mirai botnet as part of the new Aquabotv3. Just a reminder to patch everything. Everywhere. All the time.
Lazarus Group’s latest heist hits hundreds globally • The Register - Phantom Circuit, planted backdoors in clones of legitimate software packages and open source tools so that developers and others specifically in the cryptocurrency industry would accidentally use them, compromising their machines.
Sweden seizes vessel after another undersea cable damaged • The Register - Trans-Baltic cables between Latvia and Sweden were attacked the 26th. This makes the third cable in 2 months in the Baltics. The first being a Between Finland-and-Estonia and Finland-and-Sweden.
China and frieds say they’re hurting cyber-slave scam camps • The Register - China and other Asian nations (Cambodia, Laos, Myanmar, Thailand, Vietnam) are concentrating on cyber-scam slave camps. Many tech-support and romance scams are staffed by human slaves in border regions in Myanmar, Laos, Cambodia, and Thailand.
ChatGPT crawler flaw opens door to DDoS, prompt injection • The Register - OpenAI’s web crawler has been weaponized by researches creating 20 - 5k requests per single API call to the crawler.
GM settles charges it shared driver location data • The Register - GM collected up to the second GPS data of vehicles, then sold it to Insurance companies to justify raising their premiums
Fortinet: FortiGate config leaks are genuine but misleading • The Register - 15k Fortinet routers hacked, downloads of the Fortinet config, as well as credentials for the VPN users were also made available.
Scams & Breaches Scammers file first — Get your IRS Identity Protection PIN now - Get signed up for a IP PIN for the IRS, before someone else does your taxes.
FCC chief urges auction to fund ‘Rip and Replace’ program • The Register - To fund the removal of Huawei and ZTE equipment from American networks, the FCC is considering a spectrum fire sale. The last sale of Advanced Wireless Services spectrum (for mobile operators) saw AT&T, Verizon, and T-Mobile, among others raise $45bn.
Intro This book was recommended to me by one of the most intentional managers I’ve ever had the pleasure of working with. Matt R. brought me in as a Senior Cybersecurity Engineer at Cradlepoint and oversaw my transition to Manager of that same engineering team. Throughout my time with Matt, he worked diligently to hold me to the tenets laid about by Ms. Fournier in this book and to encourage me to be a better leader for my team.
Apple Apple offers 95MsettlementinSiriprivacylawsuit•TheRegister−SomethingassimpleasazipperoranindividualraisingtheirarmswouldcauseSiritostartrecording.Lopez,etalv.AppleIncwillbesettledfor95 million if the N. California District Court approves. Apple CEO Tim Cook had previously told Congress that Siri’s recording features required a “clear, unambiguous trigger”, i.e.; “Hey Siri” Siri-enabled Apple users from 2011-to an unknown date will likely be eligible diluting individual payouts.
GeoPolitics China’s Volt Typhoon breached Singtel, reports say • The Register - Volt Typhoon reportedly breached Singapore Telecom over the summer. Highlighting why Cyber Threat Intelligence can at times be beneficial for more advanced orgs.
N Korea may receive tech in exchange for military support • The Register - DPRK has provided around 10,000 troops to Putin’s war in Ukraine. After DPRK successfully conducted a 90 minute missile flight the US and its allies are starting to wonder exactly what Pyongyang got in exchange for those troops.