Mastodawn

Dov Lerner May 18, 2023

In a case study looking into underground exposure of patient data, we discovered access to 1,241 patient glucose monitors accounts for sale on underground log and bot markets over the last year.

To stress, this does not show that these accounts or their underlying software were “hacked,” nor does it reveal any vulnerabilities in the devices or account software. Rather, it highlights the complex attack surface of PHI. #HIPAA #PHI #threatintel

https://cybersixgill.com/news/articles/underground-markets-are-enabling-attackers-to-access-confidential-patient-data

Underground Markets are Enabling Attackers to Access Confidential Patient Data

In a case study, we found access to over 1,200 accounts associated with glucose monitors for sale on underground markets in the last year

Show thread

Dov Lerner Apr 23, 2023

@brett What's the question? They already have a policy for government-run accounts.

Dov Lerner Feb 23, 2023

#Ukrainian civilians learning about where to find humanitarian assistance and consuming vital updates about the #war and fighting? #Telegram.

#Russian #soldiers seeking info about border crossings so they can flee mobilization? Telegram.

Nationalistic #hacking groups on both sides rallying supporters and sharing target lists and successes? Telegram.

As we are about to mark one year since Russia invaded Ukraine, it's vital to understand how central this app has been for people on both sides of the conflict.

https://news.cybersixgill.com/telegram-russia-ukraine-cyberwar/

#cyberwar #cybercrime #deepweb #threatintelligence

How Telegram became the battlefront of the Russia-Ukraine cyberwar

Telegram is a vital communication lifeline for the Ukrainian resistance, Russian hackers, and profiteering cybercriminals who seem resilient to war.

Cybersixgill News

Show thread

Dov Lerner Jan 19, 2023

@JigenD Thanks!

Dov Lerner Jan 18, 2023

A lot of people are worried that #artificialintelligence such as #chatgpt will take their jobs. Should #hackers also fear being replaced by a machine? And should the rest of us be concerned about #autonomous #AI launching devastating #cyberattacks?

Putting aside the hype, if we really understand AI's capabilities and limitations, we can analyze the risks. For several reasons, I don't think that AI can carry out fully autonomous attacks. It will not give a script kiddie #APT-level capabilities. Instead, those with the greatest understanding of systems, processes, and networks will be able to direct and wield AI to the greatest effect.

Specifically, threat actors can use AI to produce better reconnaissance, more convincing social engineering attempts, and tailored #malware, enabling attacks to be better targeted and more effective. And if AI can successfully discover #vulnerabilities better than a human researcher, we might experience a torrent of critical #zerodays, destabilizing systems worldwide.

We must follow technological developments and understand to what extent AI becomes a part of the threat actor toolbox of tactics, techniques, and procedures. We must continuously assess the risks and prepare our defenses accordingly.

https://news.cybersixgill.com/artificial-intelligence-creating-new-hacking-tools/

#cybersecurity #cybercrime