Iran-Affiliated Hackers Attack Water Authorities Across Multiple US States

A small western Pennsylvania water authority was just one of many breached organizations in the United States by Iran-affiliated hackers. These hackers targeted a specific industrial control device because it is Israeli-made, U.S. and Israeli authorities say.

“The victims span multiple U.S. states,” the FBI, Environmental Protection Agency, Cybersecurity and Infrastructure Security Agency (CISA), and Israel’s National Cyber Directorate said in a joint advisory emailed to The Associated Press late Friday. The statement did not say how many organizations were hacked.

Matthew Mottes, the chairman of the Municipal Water Authority of Aliquippa, announced Thursday that federal officials had told him the same group also breached four other utilities and an aquarium.

Cybersecurity experts say that while there is no evidence of Iranian involvement in the Oct. 7 attack by Hamas, they expected state-backed Iranian hackers and pro-Palestinian hacktivists to step up cyberattacks on Israel and its allies.

The multi agency advisory explained that other industries outside water and water-treatment facilities use Vision Series programmable logic controllers made by Unitronics, and were thus also potentially vulnerable.
Those industries include “energy, healthcare, and food and beverage manufacturing,” according to the advisory. The devices regulate processes including pressure, temperature, and fluid flow.

The advisory notes that Unitronics devices ship with a default password, a practice experts discourage as it makes them more vulnerable to hacking. Best practices call for devices to require a unique password to be created out of the box. It says the hackers likely accessed affected devices by “exploiting cybersecurity weaknesses, including poor password security and exposure to the internet.”

Read: https://themessenger.com/news/breaches-by-iran-affiliated-hackers-spanned-multiple-us-states-feds-say

US State Department Faces Lawsuit Over Accusations of Funding Censorship Technology

A lawsuit has been filed against the US State Department by Texas, The Daily Wire, and The Federalist. The lawsuit claims that the department funded technology that censors and financially harms domestic media outlets expressing political views that are not favored. The Global Engagement Center (GEC), initially established to counter foreign terrorist propaganda, is accused of being used against Americans allegedly spreading “disinformation.”

The GEC is said to have funded and promoted censorship entities like NewsGuard and the Global Disinformation Index (GDI), which aim to eliminate ad revenue for conservative outlets. GDI’s main product is a “Dynamic Exclusion List” of media outlets that it labels as presenting a “high risk for disinformation.” This list is then licensed to advertisers, who use it to steer clear of boycotts from the left.

NewsGuard, another entity that received funding from the State Department, aims to “cut off revenues to fake news sites” through a whitelist that endorses only ‘legitimate’ news outlets. NewsGuard’s largest investor is Pfizer’s partner. Critics argue that such ratings are entirely subjective, with independent news outlets with an anti-establishment stance receiving particularly low ratings from NewsGuard.

The lawsuit alleges that the “State Department Defendants’ active intervention in the news media market to make disfavored media unprofitable thus had devastating consequences to Media Plaintiffs.”

Read:
https://www.zerohedge.com/political/texas-daily-wire-and-federalist-sue-us-state-department-conspiring-newsguard-censor

23andMe confirms Hackers Stole Nearly Half of its Customer Data

On Friday, the genetic testing company 23andMe announced that the personal data of 0.1% of customers, or about 14,000 individuals, had been compromised in a hacker attack. The company also said that by accessing those accounts, hackers were also able to access “a significant number of files containing profile information about other users’ ancestry.” The company would not, however, say how many “other users” were impacted by the breach, which was initially disclosed in early October.

In an email sent to TechCrunch late on Saturday, 23andMe spokesperson Katie Watson confirmed that hackers accessed the personal information of about 5.5 million people who opted-in to 23andMe’s DNA Relatives feature, which allows customers to automatically share some of their data with others. The stolen data included the person’s name, birth year, relationship labels, the percentage of DNA shared with relatives, ancestry reports, and self-reported location.

23andMe also confirmed that another group of about 1.4 million people who opted-in to DNA Relatives also “had their Family Tree profile information accessed,” which includes display names, relationship labels, birth year, self-reported location and whether the user decided to share their information, the spokesperson said. (23andMe declared part of its email as “on background,” which requires that both parties agree to the terms in advance. TechCrunch is printing the reply as we were given no opportunity to reject the terms.)

Considering the new numbers, in reality, the data breach is known to affect roughly half of 23andMe’s total reported 14 million customers.

Read: https://techcrunch.com/2023/12/04/23andme-confirms-hackers-stole-ancestry-data-on-6-9-million-users/

Israeli Hospital Data Breach: Iran-Linked Hackers Purportedly Leak Massive Trove of Information

During a cyberattack targeting Ziv Medical Center located in the city of Safed, near the Syrian and Lebanese borders, the hackers asserted that they successfully infiltrated and obtained 500GB of data spanning from 2022. Among this sizable dataset are approximately 700,000 documents purportedly encompassing personal and medical details of patients, including information about specific diseases and prescribed medications.

A statement assures that the incident has been promptly recognized and effectively managed, with no significant disruption or impact on the medical center’s operations and systems. As a precaution, the hospital temporarily disconnected its email server and certain computer systems.

Amid the Israel-Hamas conflict, cyberattacks have intensified. Suspected Iranian-linked hackers have targeted Israeli organizations, including recent attacks by the group MuddyWater. Concerns have been raised about Iran’s substantial digital capabilities being deployed in the conflict, highlighting the need for increased vigilance against cyber threats.

Read: https://therecord.media/ziv-hospital-israel-hackers-claim-to-leak-data

Controversial Blocking of Chronological Feeds: Upholding Censorship Control

According to available data, a significant percentage of initial Threads users, estimated to be around 80 percent, have seemingly forgotten about the app over time. Recent statements made by a top executive at Instagram provide potential justification for those who have not yet abandoned the app to consider doing so.

Adam Mosseri, the Instagram executive, holds the belief that enabling Threads users to customize their search result filters is an unfavorable notion. Critics interpret this perspective as an introduction to further subtle forms of censorship.

Despite not meeting the criteria for removal based on its own rules and guidelines, Meta, including its major platforms like Facebook and Instagram, and smaller platforms like Threads, continues to engage in censorship by selectively filtering content. This longstanding policy extends beyond recent times.

Read: https://reclaimthenet.org/threads-to-block-chronological-feeds-to-maintain-censorship-control

Elsewhere Online:

CISA Warns of Adobe ColdFusion Vulnerability Exploitation
Read: https://www.cisa.gov/news-events/alerts/2023/12/05/cisa-releases-advisory-threat-actors-exploiting-cve-2023-26360-vulnerability-adobe-coldfusion

Unveiling the Latest Threat Landscape: TrickMo Banking Trojan Resurfaces with Advanced Features
Read: https://thecyberexpress.com/trickmo-banking-trojan-resurfaces-new-features/

Previously on #AxisOfEasy