US Government Breached

erek

erek

[H]F Junkie
Joined
Dec 19, 2005
Messages
11,005
Hmmm 🤔 🧐 is this a big deal 👀

“Johns Hopkins University in Baltimore and the university’s renowned health system said in a statement this week that “sensitive personal and financial information,” including health billing records may have been stolen in the hack.

Meanwhile, Georgia’s state-wide university system – which spans the 40,000-student University of Georgia along with over a dozen other state colleges and universities – confirmed it was investigating the “scope and severity” of the hack.”

Source: https://www.cnn.com/2023/06/15/politics/us-government-hit-cybeattack/index.html
 
erek said:
Hmmm 🤔 🧐 is this a big deal 👀

US Government Breached

“Johns Hopkins University in Baltimore and the university’s renowned health system said in a statement this week that “sensitive personal and financial information,” including health billing records may have been stolen in the hack.

Meanwhile, Georgia’s state-wide university system – which spans the 40,000-student University of Georgia along with over a dozen other state colleges and universities – confirmed it was investigating the “scope and severity” of the hack.”

Source: https://www.cnn.com/2023/06/15/politics/us-government-hit-cybeattack/index.html
Click to expand...
John Hopkins is the us government?
 
GoldenTiger said:
:)
Click to expand...

Mandiant Says China-backed Hackers Exploited Barracuda Zero-Day To Spy on Governments

msmash 4 hours ago		18
Security researchers at Mandiant say China-backed hackers are likely behind the mass-exploitation of a recently discovered security flaw in Barracuda Networks' email security gear, which prompted a warning to customers to remove and replace affected devices. From a report: Mandiant, which was called in to run Barracuda's incident response, said the hackers exploited the flaw to compromise hundreds of organizations likely as part of an espionage campaign in support of the Chinese government. Almost a third of the targeted organizations are government agencies, Mandiant said in a report published Thursday.

Last month, Barracuda discovered the security flaw affecting its Email Security Gateway (ESG) appliances, which sit on a company's network and filter email traffic for malicious content. Barracuda issued patches and warned that hackers had been exploiting the flaw since October 2022. But the company later recommended customers remove and replace affected ESG appliances, regardless of patch level, suggesting the patches failed or were unable to block the hacker's access. In its latest guidance, Mandiant also warned customers to replace affected gear after finding evidence that the China-backed hackers gained deeper access to networks of affected organizations.
 
I'll never understand WHY they put it in a vulnerable position in the first place. "It is sensitive data so what protections should we use?"...... "Lets connect it to the internet!"
 
samduhman said:
I'll never understand WHY they put it in a vulnerable position in the first place. "It is sensitive data so what protections should we use?"...... "Lets connect it to the internet!"
Click to expand...
A lot of data needs to be accessible in many places. How feasible is it to build a private, segregated, nationwide network that is not connected to the internet anywhere?
 
  • Like
Reactions: erek
like this
Last edited:
drklu said:
Be sure to freeze your credit with all 3 agencies if you haven't already.
Click to expand...
1686937810021.png
 
Some of us did it from the last batch of BS like this...
 
  • Like
Reactions: erek
like this
This is hugely irresponsible. This zero day was known last month and these agencies should have shut it down until the patch was installed. Our company had to do the same thing as we also use moveit. We just did it as soon as the exploit was made public. It's a SQL injection attack that gives the hacker full access to your DB.
 
You must log in or register to reply here.
Back
Top