<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>hackers Archives - The Hemet &amp; San Jacinto Chronicle</title>
	<atom:link href="https://hsjchronicle.com/tag/hackers/feed/" rel="self" type="application/rss+xml" />
	<link>https://hsjchronicle.com/tag/hackers/</link>
	<description>The Hemet &#38; San Jacinto Chronicle</description>
	<lastBuildDate>Thu, 11 Mar 2021 01:35:16 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=7.0</generator>

<image>
	<url>https://hsjchronicle.com/wp-content/uploads/2019/06/HSJC_favicon_49px.jpg</url>
	<title>hackers Archives - The Hemet &amp; San Jacinto Chronicle</title>
	<link>https://hsjchronicle.com/tag/hackers/</link>
	<width>32</width>
	<height>32</height>
</image> 
<site xmlns="com-wordpress:feed-additions:1">254957898</site>	<item>
		<title>Security camera hack exposes hospitals, workplaces, schools</title>
		<link>https://hsjchronicle.com/security-camera-hack-exposes-hospitals-workplaces-schools/</link>
					<comments>https://hsjchronicle.com/security-camera-hack-exposes-hospitals-workplaces-schools/#respond</comments>
		
		<dc:creator><![CDATA[Associated Press]]></dc:creator>
		<pubDate>Fri, 12 Mar 2021 02:00:00 +0000</pubDate>
				<category><![CDATA[Government]]></category>
		<category><![CDATA[hackers]]></category>
		<category><![CDATA[Security Camera]]></category>
		<category><![CDATA[Verkada]]></category>
		<guid isPermaLink="false">https://hsjchronicle.com/?p=35201</guid>

					<description><![CDATA[<p>Hackers aiming to call attention to the dangers of mass surveillance said they were able to peer into hospitals, schools, factories, jails and corporate offices after they broke into the systems of a security-camera startup.</p>
<p>The post <a href="https://hsjchronicle.com/security-camera-hack-exposes-hospitals-workplaces-schools/">Security camera hack exposes hospitals, workplaces, schools</a> appeared first on <a href="https://hsjchronicle.com">The Hemet &amp; San Jacinto Chronicle</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">By MATT O&#8217;BRIEN and FRANK BAJAK Associated Press</p>



<p class="wp-block-paragraph">Hackers aiming to call attention to the dangers of mass surveillance said they were able to peer into hospitals, schools, factories, jails and corporate offices after they broke into the systems of a security-camera startup.</p>



<p class="wp-block-paragraph">That California startup, Verkada, said Wednesday it is investigating the scope of the breach, first reported by Bloomberg, and has notified law enforcement and its customers.</p>



<p class="wp-block-paragraph">Swiss hacker Tillie Kottmann, a member of the group that calls itself APT-69420 Arson Cats, described it in an online chat with The Associated Press as a small collective of “primarily queer hackers, not backed by any nations or capital but instead backed by the desire for fun, being gay and a better world.”</p>



<p class="wp-block-paragraph">They were able to gain access to a Verkada “super&#8221; administrator account using valid credentials found online, Kottmann said. Verkada said in a statement that it has since disabled all internal administrator accounts to prevent any unauthorized access.</p>



<p class="wp-block-paragraph">But for two days, the hackers said, they were able to peer unhindered into live feeds from potentially tens of thousands of cameras, including many that were watching sensitive locations such as hospitals and schools. Kottmann said that included outdoor and indoor cameras at Sandy Hook Elementary School in Newtown, Connecticut, where 26 first-grade students and six educators were killed in 2012 by a gunman in one of the deadliest school shootings in U.S. history.</p>



<p class="wp-block-paragraph">The school district&#8217;s superintendent didn&#8217;t return calls or emailed requests for comment Wednesday.</p>



<p class="wp-block-paragraph">One of <a href="https://www.verkada.com/">Verkada</a>&#8216;s affected customers, the San Francisco web infrastructure and security company <a href="https://www.cloudflare.com/es-es/">Cloudflare</a>, said the compromised Verkada cameras were watching entrances and main thoroughfares to some of its offices that have been closed for nearly a year due to the pandemic.</p>



<p class="wp-block-paragraph">“As soon as we became aware of the compromise, we disabled the cameras and disconnected them from office networks,” said spokesperson Laurel Toney. “No customer data or processes have been impacted by this incident.”</p>



<p class="wp-block-paragraph">Another San Francisco tech company, <a href="https://www.okta.com/">Okta</a>, said five cameras it placed at office entrances were compromised, though there&#8217;s no evidence anyone viewed the live streams.</p>



<p class="wp-block-paragraph">Twitter said it permanently suspended Kottmann&#8217;s account, which posted materials gathered in the hack, for violating its rules against ban evasion, which typically happens when users start a new account to circumvent an earlier suspension. Kottmann had earlier received a message from Twitter suspending the account for violating its rules against the distribution of hacked material, the hacker said.</p>



<p class="wp-block-paragraph">The Verkada footage captured and shared by hackers included a Tesla facility in China and the Madison County Jail in Huntsville, Alabama. Madison County Sheriff Kevin Turner said in a statement Wednesday the jail has taken the cameras offline, adding “we are confident that this unauthorized release did not and will not impact the safety of staff or inmates.&#8221; Tesla didn&#8217;t respond to requests for comment.</p>



<p class="wp-block-paragraph">Verkada, based in San Mateo, California, has pitched its cloud-based surveillance service as part of the next generation of workplace security. Its software detects when people are in the camera&#8217;s view, and a “Person History” feature enables customers to recognize and track individual faces and other attributes, such as clothing color and likely gender. Not all customers use the facial recognition feature.</p>



<p class="wp-block-paragraph">The company attracted negative attention last year when video surveillance industry news site IPVM reported that Verkada employees had passed around photos of female coworkers collected by the company’s own in-office cameras and made sexually explicit comments about them.</p>



<p class="wp-block-paragraph">Cybersecurity expert Elisa Costante said it&#8217;s worrisome that this week&#8217;s hack wasn&#8217;t sophisticated and simply involved using valid credentials to access a huge trove of data stored on a cloud server.</p>



<p class="wp-block-paragraph">“What is disturbing is to see how much real-life data can go into the wrong hands and how easy it can be,” said Costante, vice president of research at Forescout. “It’s a wake up call to make sure that whenever you are collecting this much data we need to have basic security hygiene.”</p>



<p class="wp-block-paragraph">Kottmann said the hacker collective, active since 2020, doesn&#8217;t set out after specific targets. Instead, it scans organizations on the internet for known vulnerabilities and then works to “just narrow down and dig in on interesting targets.”</p>



<p class="wp-block-paragraph">Find your latest news here at <a href="https://hsjchronicle.com/">the Hemet &amp; San Jacinto Chronicle</a> </p>
<p>The post <a href="https://hsjchronicle.com/security-camera-hack-exposes-hospitals-workplaces-schools/">Security camera hack exposes hospitals, workplaces, schools</a> appeared first on <a href="https://hsjchronicle.com">The Hemet &amp; San Jacinto Chronicle</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://hsjchronicle.com/security-camera-hack-exposes-hospitals-workplaces-schools/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
		<post-id xmlns="com-wordpress:feed-additions:1">35201</post-id>	</item>
		<item>
		<title>US agencies, companies secure networks after huge hack</title>
		<link>https://hsjchronicle.com/us-agencies-companies-secure-networks-after-huge-hack/</link>
					<comments>https://hsjchronicle.com/us-agencies-companies-secure-networks-after-huge-hack/#respond</comments>
		
		<dc:creator><![CDATA[Associated Press]]></dc:creator>
		<pubDate>Wed, 16 Dec 2020 05:00:00 +0000</pubDate>
				<category><![CDATA[Government]]></category>
		<category><![CDATA[Department of Homeland Security]]></category>
		<category><![CDATA[hackers]]></category>
		<guid isPermaLink="false">https://hsjchronicle.com/?p=33045</guid>

					<description><![CDATA[<p>U.S. government agencies and private companies rushed Monday to secure their computer networks following the disclosure of a sophisticated and long-running cyber-espionage intrusion suspected of being carried out by Russian hackers.</p>
<p>The post <a href="https://hsjchronicle.com/us-agencies-companies-secure-networks-after-huge-hack/">US agencies, companies secure networks after huge hack</a> appeared first on <a href="https://hsjchronicle.com">The Hemet &amp; San Jacinto Chronicle</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">By BEN FOX and FRANK BAJAK Associated Press</p>



<p class="wp-block-paragraph">WASHINGTON (AP) — U.S. government agencies and private companies rushed Monday to secure their computer networks following the disclosure of a sophisticated and long-running cyber-espionage intrusion suspected of being carried out by Russian hackers.</p>



<p class="wp-block-paragraph">The full extent of the damage is not yet clear. But the potential threat was significant enough that the <a href="https://www.dhs.gov/">Department of Homeland Security</a>’s cybersecurity unit directed all federal agencies to remove compromised network management software and thousands of companies were expected to do the same.</p>



<p class="wp-block-paragraph">What was striking about the operation was its potential scope as well as the manner in which the perpetrators managed to pierce cyber defenses and gain access to email and internal files at the Treasury and Commerce departments and potentially elsewhere.</p>



<p class="wp-block-paragraph">The intrusion was stark evidence of the vulnerability of even supposedly secure government networks, even after well-known previous attacks.</p>



<p class="wp-block-paragraph">“It’s a reminder that offense is easier than defense and we still have a lot of work to do,” said Suzanne Spaulding, a former U.S. cybersecurity official who is now a senior adviser at the <a href="https://www.csis.org/">Center for Strategic and International Studies</a>.</p>



<p class="wp-block-paragraph">The identity of the perpetrator remained unclear. A U.S. official, speaking on condition of anonymity because of an ongoing investigation, told The Associated Press on Monday that Russian hackers are suspected.</p>



<p class="wp-block-paragraph">The Washington Post, citing unnamed sources, said the attack was carried out by Russian government hackers who go by the nicknames APT29 or Cozy Bear and are part of that nation’s foreign intelligence service.</p>



<p class="wp-block-paragraph">The intrusion came to light after a prominent cybersecurity firm, FireEye, learned it had been breached and alerted that foreign governments and major corporations were also compromised. The company did not say who it suspected, though many experts believed Russia was responsible given the level of skill involved.</p>



<p class="wp-block-paragraph">U.S. authorities acknowledged that federal agencies were affected by the breach on Sunday, providing few details. The <a href="https://www.cisa.gov/">Cybersecurity and Infrastructure Security Agency</a>, known as CISA, said in an unusual directive that the widely used network software SolarWinds had been compromised and should be removed from any system using it.</p>



<p class="wp-block-paragraph">The national cybersecurity agencies of Britain and Ireland issued similar alerts.</p>



<p class="wp-block-paragraph">SolarWinds is used by hundreds of thousands of organizations around the world, including most Fortune 500 companies and multiple U.S. federal agencies. The perpetrators were able to embed malware in a security update issued by the company, based in Austin, Texas. Once inside, they could impersonate system administrators and have total access to the infected networks, experts said.</p>



<p class="wp-block-paragraph">“Quite honestly, my heart sank when I saw some of the details, just the amount of information they could potentially have if they are reading everyone’s emails and they are accessing sensitive files within places like Treasury or Commerce,” said Ben Johnson, a former National Security Agency cyber-engineer who is now chief technology officer of software security firm Obsidian.</p>



<p class="wp-block-paragraph"><a href="https://www.whitehouse.gov/nsc/">National Security Council</a> spokesman John Ullyot said Monday that the Trump administration was working with CISA, U.S. intelligence agencies, the FBI and government departments affected by the intrusion to coordinate a response.</p>



<p class="wp-block-paragraph">“It’s obviously incredibly significant and widespread,” said Chris Painter, who coordinated cyber-policy at the State Department during the Obama administration. “How much was compromised? How much was exfiltrated? There are lots of open questions now.”</p>



<p class="wp-block-paragraph">Kremlin spokesman Dmitry Peskov said Monday that Russia had “nothing to do with” the hack.</p>



<p class="wp-block-paragraph">“Once again, I can reject these accusations,” Peskov told reporters. “If for many months the Americans couldn’t do anything about it, then, probably, one shouldn’t unfoundedly blame the Russians for everything.”</p>



<p class="wp-block-paragraph">Federal agencies have long been attractive targets for foreign hackers looking to gain insight into American government personnel and policymaking.</p>



<p class="wp-block-paragraph">Hackers linked to Russia, for instance, were able to break into the State Department’s email system in 2014, infecting it so thoroughly that it had to be cut off from the internet while experts worked to eliminate the infestation. A year later, a hack at the U.S. government’s personnel office blamed on China compromised the personal information of some 22 million current, former and prospective federal employees, including highly sensitive data such as background investigations.</p>



<p class="wp-block-paragraph">Cybersecurity experts said the nature and level of tradecraft involved in this latest effort suggest a foreign nation. Many have pointed out that the goal of the months-long effort appeared to be espionage and not information that could be quickly used for profit or to simply inflict damage. Russia was the most likely culprit, though China and perhaps others are potential candidates.</p>



<p class="wp-block-paragraph">In terms of scale alone, the operation seems similar to the Office of Personnel Management hack that authorities suspect was carried out by the Chinese government, said Ben Buchanan, a Georgetown University cyber-espionage expert.</p>



<p class="wp-block-paragraph">“The operational tradecraft — how the hack was carried out — seems to have been extremely good. These operators are experienced and capable, adept at finding a systemic weakness and then exploiting it quietly for months,” said Buchanan, author of “The Hacker and The State.”</p>



<p class="wp-block-paragraph">Members of Congress were pressing the government for more information. “If reports are true and state-sponsored hackers successfully snuck malware-riddled software into scores of federal government systems, our country has suffered a massive national security failure that could have ramifications for years to come,” said Sen. Ron Wyden, an Oregon Democrat who is a prominent voice on cyber issues.</p>



<p class="wp-block-paragraph">If it was carried out by a foreign government, and the U.S. has the proof, then it becomes a question of what to do about it.</p>



<p class="wp-block-paragraph">Some obvious options would include expelling diplomats of the offending country, imposing sanctions or filing criminal charges for cyber-espionage, steps that Washington and the European Union have taken against Russia in the past.</p>



<p class="wp-block-paragraph">“I’m sure that the departments like <a href="https://www.nsa.gov/">NSA</a> and Cyber Command are coming up with options, that the Treasury Department is looking at sanction options, that the State Department is looking for how they will send a strong signal,” Spaulding said. &#8220;Whether they will get approval for all these things from the White House remains to be seen.”</p>



<p class="wp-block-paragraph">In the meantime, SolarWinds and its many private-sector clients were working to close any breaches and repair the damage.</p>



<p class="wp-block-paragraph">The company said in a financial filing that it believed that an unknown number of customers, though fewer than 18,000, had installed the compromised product update earlier this year. SolarWinds has said its customers include all five branches of the U.S. military, the Pentagon, the State Department, NASA, the National Security Agency, the Department of Justice and the White House, along with the top U.S. telecommunications and accounting firms, though it hasn’t identified which of its customers were using the compromised product.</p>



<p class="wp-block-paragraph">“We anticipate this will be a very large event when all the information comes to light,” said John Hultquist, director of threat analysis at FireEye.</p>



<p class="wp-block-paragraph">Find your latest news here at the <a href="https://hsjchronicle.com/">Hemet &amp; San Jacinto Chronicle </a></p>
<p>The post <a href="https://hsjchronicle.com/us-agencies-companies-secure-networks-after-huge-hack/">US agencies, companies secure networks after huge hack</a> appeared first on <a href="https://hsjchronicle.com">The Hemet &amp; San Jacinto Chronicle</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://hsjchronicle.com/us-agencies-companies-secure-networks-after-huge-hack/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
		<post-id xmlns="com-wordpress:feed-additions:1">33045</post-id>	</item>
		<item>
		<title>Beware of criminals pretending to be WHO</title>
		<link>https://hsjchronicle.com/beware-of-criminals-pretending-to-be-who/</link>
					<comments>https://hsjchronicle.com/beware-of-criminals-pretending-to-be-who/#respond</comments>
		
		<dc:creator><![CDATA[Contributed]]></dc:creator>
		<pubDate>Tue, 19 May 2020 19:12:21 +0000</pubDate>
				<category><![CDATA[Crime & Incidents]]></category>
		<category><![CDATA[Government]]></category>
		<category><![CDATA[coronavirus]]></category>
		<category><![CDATA[cyberattack]]></category>
		<category><![CDATA[fraudulent]]></category>
		<category><![CDATA[hackers]]></category>
		<category><![CDATA[scammers]]></category>
		<category><![CDATA[WHO]]></category>
		<guid isPermaLink="false">https://hsjchronicle.com/?p=27610</guid>

					<description><![CDATA[<p>Hackers and cyber scammers are taking advantage of the coronavirus disease (COVID-19) pandemic by sending fraudulent email and WhatsApp messages that attempt to trick you into clicking on malicious links or opening attachments.</p>
<p>The post <a href="https://hsjchronicle.com/beware-of-criminals-pretending-to-be-who/">Beware of criminals pretending to be WHO</a> appeared first on <a href="https://hsjchronicle.com">The Hemet &amp; San Jacinto Chronicle</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">Hackers and cyber scammers are taking advantage of the coronavirus disease (COVID-19) pandemic by sending fraudulent email and WhatsApp messages that attempt to trick you into clicking on malicious links or opening attachments.</p>



<p class="wp-block-paragraph">These actions can reveal your user name and password, which can be used to steal money or sensitive information.</p>



<p class="wp-block-paragraph">If you are contacted by a person or organization that appears to be WHO, verify their authenticity before responding.</p>



<p class="wp-block-paragraph">The World Health Organization will:</p>



<ul class="wp-block-list"><li><strong>never</strong>&nbsp;ask for your username or password to access safety information</li><li><strong>never</strong>&nbsp;email attachments you didn’t ask for</li><li><strong>never</strong>&nbsp;charge money to apply for a job, register for a conference, or reserve a hotel</li><li><strong>never</strong>&nbsp;conduct lotteries or offer prizes, grants, certificates or funding through email.</li></ul>



<p class="wp-block-paragraph">Be on alert when you receive an email with any link or attachments containing any reference to WHO. It might be a cyberattack.</p>



<p class="wp-block-paragraph">The only call for donations WHO has issued is the COVID-19 Solidarity Response Fund, which is linked to below.&nbsp; Any other appeal for funding or donations that appears to be from WHO is a scam.&nbsp;&nbsp;</p>



<ul class="wp-block-list"><li><a target="_blank" href="https://www.who.int/emergencies/diseases/novel-coronavirus-2019/donate" rel="noreferrer noopener"><strong>COVID-19 Solidarity Response Fund</strong></a></li></ul>



<p class="wp-block-paragraph">Beware that criminals use email, websites, phone calls, text messages, and even fax messages for their scams. You can verify if communication is legit by contacting WHO directly.</p>



<ul class="wp-block-list"><li><strong><a href="https://www.who.int/about/who-we-are/contact-us">Contact WHO</a></strong></li><li><a href="https://web-prod.who.int/about/report_scam/en/"></a><strong><a href="https://www.who.int/about">Report a scam</a></strong>&nbsp;</li></ul>



<p class="wp-block-paragraph"><strong>Phishing: malicious emails and messages appearing to be from WHO</strong>WHO is aware of suspicious email messages attempting to take advantage of the COVID-19 emergency. This fraudulent action is called phishing.<br>These “Phishing” emails appear to be from WHO, and will ask you to:</p>



<ul class="wp-block-list"><li>give sensitive information, such as usernames or passwords</li><li>click a malicious link</li><li>open a malicious attachment.</li></ul>



<p class="wp-block-paragraph">Using this method, criminals can install malware or steal sensitive information.</p>



<h3 class="wp-block-heading">How to prevent phishing:</h3>



<ol class="wp-block-list"><li><strong>Check their email address.</strong><br><br>Make sure the sender has an email address such as ‘person@who.int’<br><br>If there is anything other than ‘who.int’ after the ‘@’ symbol, this sender is not from WHO.  For example, WHO does not send email from addresses ending in ‘@who.com’ , ‘@who.org’ or ‘@who-safety.org’<br><br>Beware, however, that even an email address with the correct domain name may not be from WHO.  Criminals can forge the &#8220;From&#8221; address on email messages to make them appear to be from ‘@who.int’. Please follow the steps from 2 to 6 below to prevent phishing.<br><br>WHO is implementing a new email security control called Domain-based Message Authentication, Reporting, and Conformance (DMARC) to prevent this type of impersonation.<br><br>.</li><li><strong>Check the link before you click.  </strong><br><br>Make sure the link starts with ‘https://www.who.int’.  Better still, navigate to the WHO website directly, by typing ‘https://www.who.int’ into your browser.<br><br></li><li><strong>Be careful when providing personal information. </strong><br><br>Always consider why someone wants your information and if it is appropriate. There is no reason someone would need your username &amp; password to access public information.<br><br></li><li><strong>Do not rush or feel under pressure. </strong><br><br>Cybercriminals use emergencies such as the coronavirus disease (COVID-19) pandemic to get people to make decisions quickly. Always take time to think about a request for your personal information, and whether the request is appropriate.<br><br></li><li><strong>If you gave sensitive information, don’t panic.  </strong><br><br>If you believe you have given data such as your username or passwords to cybercriminals, immediately change your credentials on each site where you have used them.<br><br></li><li><strong>If you see a scam, report it.  </strong><br><br>If you see a scam, tell the WHO about it.  </li></ol>



<ul class="wp-block-list"><li><strong><a href="https://www.who.int/about">Report a scam&nbsp;</a></strong></li></ul>
<p>The post <a href="https://hsjchronicle.com/beware-of-criminals-pretending-to-be-who/">Beware of criminals pretending to be WHO</a> appeared first on <a href="https://hsjchronicle.com">The Hemet &amp; San Jacinto Chronicle</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://hsjchronicle.com/beware-of-criminals-pretending-to-be-who/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
		<post-id xmlns="com-wordpress:feed-additions:1">27610</post-id>	</item>
	</channel>
</rss>
