Canadian Teen Arrested for SIM Swap That Looted $36 Million | efani SAFE?

Canadian police say the incident is ‘currently the biggest cryptocurrency theft reported from one person.

Police in Canada arrested a local teenager for stealing US$36 million in cryptocurrency from a single victim through a SIM-swapping attack.

On Tuesday, the Hamilton Police Service in Ontario reported it had arrested the unnamed “youth” following a joint investigation with the FBI and the US Secret Service.

“This is currently the biggest cryptocurrency theft reported from one person,” Hamilton police said. (Earlier this year, police in Europe arrested 10 suspects for collectively stealing $100 million in cryptocurrency through SIM-swapping attacks.)

The Canadian teen allegedly targeted a victim in the US. Details about the SIM swap attack were not revealed, but they often involve tricking a cellular provider into handing over access to the victim’s cell phone number. To pull this off, the attacker will first try to learn personal details about the victim’s background—such as ID numbers, address, and birthdate—and then try to impersonate them.

If the cellular provider falls for the trick, it’ll then duplicate a new SIM card registered to the victim’s phone number, which can be plugged into a smartphone. The attack can be particularly devastating because mobile phone numbers are often used to receive one-time passcodes to log in or reset the password for an online account.

In this case, the Canadian teen used the SIM-swap attack to do just that by intercepting the two-factor authentication codes used to log into the victim’s cryptocurrency accounts.

Hamilton Police said they began investigating the crime with US authorities in March 2020. Investigators then noticed some of the cryptocurrency stolen in the attack was used to buy “an online username that was considered to be rare in the gaming community,” which led them to identify the alleged culprit. As part of the arrest, Canadian police also seized US$5.5 million in cryptocurrency assets.

Unfortunately, traditional cell phone companies are not doing much to protect you. But it is not all bad news, there is a cellular phone company named efani that has stepped up and made it more difficult for hackers.

Replace your existing mobile service plan with a secure efani SAFE plan today, No Contract! efani is a secure mobile service with an encrypted SIM Card that secures your mobile account from potential SIM Swap vulnerabilities, your personal information, as well as $5M insurance coverage per individual in the event of loss as a result of a SIMSwap.

The SAFE plan comes with a 100% money-back guarantee for 60-days includes:

You’re protected up to $5 million for financial losses resulting from a SIM hack. (includes: Crypto, Banking, Brokerage & Other Losses)

Most Secure Mobile Phone Service Private Secure Phone Service Prevent Eavesdropping Remote Access & Location Tracking SAFE Encrypted Secure Your Identity & Phone NOW efani TheNFG.com

MNG Kargo Hacked: User Information Stolen | efani SAFE?

MNG Cargo, which has a wide transportation network in our country, announced that some of its corporate customers were attacked by cyber attacks as a result of their user names and passwords being seized. Notifying the Personal Data Protection Authority, the company announced that the names, surnames, addresses, and phone numbers of the cargo recipients were seized.

The company, which was able to detect the leak that started on August 15, on August 23, stated that the number of people affected by this situation is uncertain, and that there is no flaw in the system, and that the situation that caused the leak was due to the seizure of corporate customer accounts.

efani.net News | 500,000 Utahns’ sensitive information possibly hacked

More than 500,000 Utahns’ sensitive information was possibly hacked

More than 500,000 Utahns may have had their information hacked through a data breach reported to the federal government.

Utah Imaging Associates, Inc. (UIA), a Farmington-based radiology medical practice, learned that a hacker gained access to sensitive personal information of former and current patients. A hacker may have gained unauthorized access to the personal information of UIA’s patients.

Under privacy laws, the U.S. Department of Health and Human Services’ Office of Civil Rights must post any breach of health information affecting more than 500 people. According to their website, the Utah breach potentially affected 583,643 Utahns.

UIA first detected a network security incident on Sept. 4, 2021. They secured, remediated the network, and launched a forensic investigation. The investigation showed that some files with sensitive data were available to the hacker during the security breach.

Utahns possibly hacked, UIA responds

In a press release, UIA explained steps they have taken in response to the incident. UIA notified Utahns who may have been hacked via mail on Thursday, Nov. 18. In the notice to possible victims of the breach, UIA offered details about the incident, steps they are taking in response, and resources available to help protect against potential misuse of personal information.

According to the news release, UIA plans to offer anyone affected complimentary credit monitoring and identity theft restoration services through IDX.

UIA encourages anyone impacted to call (833) 525-2720 Monday through Friday, during the hours of 8 a.m. and 8 p.m. MST.

Twitter NASDAQ: (TWTR) CEO Jack Dorsey targeted by SIM swap | efani

How Twitter attacks probably happened

One day in 2019, Jack Dorsey started sending out a string of bizarre tweets. Jack’s followers knew his account had been compromised. What was less obvious to more than 4 million followers was how attackers took control of the Twitter CEO’s account for almost 20 minutes.

Twitter reported hackers had gained access to Dorsey’s profile by effectively stealing his mobile phone number. Jack’s number was compromised due to a “security oversight” by the carrier. While Twitter did not use the phrase “SIM swapping” in its statement, security experts attributed the attack to the popular tactic. Days later, the same thing happened to actress Chloe Moretz, who has over 3 million followers.

A scammer who knows your phone number and other personal information will call your wireless carrier pretending to be you. The scammer then requests that your number be transferred to a new SIM card they control. If successful with the impersonation the scammers gain control over your phone which then leads to your data and finances. Scammers use personal info like your birth date or your mother’s maiden name. With this vital info, the scammer can start logging into various services, like Twitter, & changing passwords.

Having taken control over your phone number, the attacker will receive messages with one-time passwords, negating the effectiveness of two-factor authentication.

Chuckling Squad claimed responsibility for the two attacks. Victims included Dorsey and Moretz along with other internet personalities like James Charles and Shane Dawson.

Twitter suffered the most high-profile attacks, Facebook, Snap, Microsoft’s LinkedIn, and Pinterest have also been attacked. These social media services rely on similar security measures, leaving their sites open to SIM hijackers. Scammers sometimes want to wreak havoc, other times they plan more nefarious intentions, such as accessing your banking credentials.

Jack Dorsey became a high-profile victim of SIM swappers in Sept 2019. Scammers are increasingly using SIM swapping to take over phones and going after online accounts. Internet companies are taking a lot of the blame, but the phone carriers are also at fault.

For Twitter, SMS hijacking is uniquely problematic because it has a feature that allows users to tweet by sending a text to the service.

efani.net | Twitter NASDAQ: (TWTR) CEO Jack Dorsey targeted by SIM swap

Unfortunately, traditional cell phone companies are not doing much to protect you. But it is not all bad news, there is a cellular phone company named efani that has stepped up and made it more difficult for hackers. efani offers the nation’s most secure mobile service and claims a 100% success rate.

Replace your existing mobile service plan with a secure efani SAFE plan today, No Contract! efani is a secure mobile service with an encrypted SIM Card that secures your mobile account from potential SIM Swap vulnerabilities, your personal information, as well as $5M insurance coverage per individual in the event of loss as a result of a SIMSwap.

The SAFE plan comes with a 100% money-back guarantee for 60-days includes:

$5 Million in insurance coverage
You’re protected up to $5 million for financial losses resulting from a SIM hack. (includes: Crypto, Banking, Brokerage & Other Losses)

As reported by CNBC in Sept 2019

 

Nvidia Inc. NASDAQ NVDA CEO Omniverse | efani SAFE?

Jensen Huang, Nvidia’s CEO, believes virtual 3-D worlds will be commonplace in the next phase of the internet and, as a result, drive major demand for the chipmaker’s new Omniverse software and its GPUs. ‘Hopefully one of these days — we’ll try to realize it as fast as we can — every transaction that goes into the internet touches a GPU,’ he said during Nvidia’s earnings call for the third quarter of its 2022 fiscal year.

Nvidia CEO Jensen Huang said the company’s Omniverse suite of software presents “one of the largest graphics opportunities” for the chipmaker yet as he expects virtual 3-D worlds will represent the next stage of the internet and drive greater demand for the company’s GPUs.

“Instead of just querying information, we would query and interact with people and avatars and things and places, and all of these things are in 3-D, so hopefully one of these days — we’ll try to realize it as fast as we can — every transaction that goes into the internet touches a GPU,” Huang said during the Wednesday earnings call for the third quarter of Nvidia’s 2022 fiscal year. “Today, that’s a very small percentage, but hopefully, one of these days will be a very, very high percentage.”

Do you know where your data sleeps at night? | efani SAFE?

The key steps to securing your data and giving it a new home on-premise.

Any business that has been around for more than a few years will have generated quite a lot of data. And as the business grows, so too does the number of different devices and applications that are storing data, including personal devices, cloud services, and on-premises hardware.

With each new device or service, the business’s data becomes spread across more and more locations and becomes increasingly fragmented.

This creates problems on two fronts.

Firstly, data that isn’t readily accessible can’t be put to good use. That means important information about customers’ actions and preferences can’t be used to boost sales.

Secondly, data that can’t be easily located and managed can’t be properly protected. And that could leave the business open to falling victim to the actions of cybercriminals.

The risks of poor data management

Cybercrime activity has increased dramatically in recent years. In September the Australian Cyber Security Centre (ACSC) found that total cyber incident reports had increased by approximately 13 percent during the 2021 financial year, to over 67,500, resulting in self-reported financial losses totaling more than $33 billion.

These losses come in many forms, including disruption to business operations, and from businesses having their data encrypted and held hostage by criminals who demand a ransom to return it. Then there is also the commercial damage from customers who no longer want to deal with an organization that has not protected their data.

Governments around the world are also raising their expectations for how businesses protect data, especially personally identifiable information (PII). One example is the Australian government’s Notifiable Data Breach scheme, which requires any business with an annual turnover of more than $3 million to notify affected individuals and the Office of the Australian Information Commissioner (OAIC) if it has experienced a data breach that is likely to seriously harm an individual.

The steps to securing data

It is hard for any business to know if it is protecting data and following regulations if it doesn’t know where its data is.

This makes finding and consolidating data an important first step in ensuring it is protected, by hunting down every data repository, be it in active use, archived on a storage device, or saved in a cloud service.

Once you know what data you have and where it is, you can then classify it based on its importance and sensitivity, and by the level of protection that it requires.

Consolidating your data also provides the opportunity to cut storage costs by eliminating older devices or expensive cloud-based services.

Giving your data a new home

For many businesses, the best solution is to store your data onsite using a secure and reliable data storage solution, such as IBM’s FlashSystem family.

These devices offer a range of price points to suit businesses of all sizes and combine the latest encryption and ransomware protection technologies with an easy-to-use interface that makes managing and securing data relatively simple.

This makes consolidating data a smart opportunity to reduce costs, improve security, and reduce the likelihood of a breach.

 

efani | Fortinet Hack Microsoft NASDAQ: MSFT Vulnerabilities

US, UK warn of Iranian hackers exploiting Microsoft Exchange, Fortinet

US, UK, and Australian cybersecurity agencies warned today of ongoing exploitation of Microsoft Exchange ProxyShell and Fortinet vulnerabilities linked to an Iranian-backed hacking group.

The warning was issued as a joint advisory released by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC).

“FBI and CISA have observed this Iranian government-sponsored APT group exploit Fortinet vulnerabilities since at least March 2021 and a Microsoft Exchange ProxyShell vulnerability since at least October 2021 to gain initial access to systems in advance of follow-on operations, which include deploying ransomware,” CISA said.

efani.net News | Rittenhouse lawyers ask judge for mistrial 3rd time

Kyle Rittenhouse’s attorneys asked the judge to declare a mistrial even as the jury in the murder case was deliberating Wednesday, saying the defense received an inferior copy of a potentially crucial video from prosecutors.

Judge Bruce Schroeder did not immediately rule on the request, the second mistrial motion from the defense in a week. The jury deliberated a second full day without reaching a verdict and will return in the morning.

At issue was a piece of drone video that prosecutors showed to the jury in closing arguments in a bid to undermine Rittenhouse‘s self-defense claim and portray him as the instigator of the bloodshed in Kenosha in the summer of 2020. Prosecutors said the footage showed him pointing his rifle at protesters before the shooting erupted.

Rittenhouse attorney Corey Chirafisi said the defense initially received a compressed version of a video and didn’t get the higher-quality one used by the prosecution until the evidence portion of the case was over.

He said that the defense would have approached things differently if it had received the superior footage earlier and that it is now asking for “a level, fair playing field.”

He said the mistrial request would be made “without prejudice,” meaning prosecutors could still retry Rittenhouse.

NASDAQ: CPKI California Pizza Kitchen Data Breach | efani SAFE?

California Pizza Kitchen Data Breach Exposes Personal Information: Murphy Law Firm Investigates Victims’ Legal Claims

Murphy Law Firm announces its investigation into claims on behalf of individuals whose information was compromised in the California Pizza Kitchen data breach. On or about September 15, 2021, California Pizza Kitchen discovered suspicious activity on its computer systems. By October 4, 2021, a forensic investigation confirmed that cybercriminals had infiltrated California Pizza Kitchen’s computer systems and gained unauthorized access to certain files. Following additional investigation, California Pizza Kitchen concluded that the cybercriminals may have accessed the personal information of more than 103,000 individuals, including their:

– Names
– Social Security Numbers
– Other identifying information

As a result of this data breach, these individuals’ personally identifiable information may be in the hands of cybercriminals who will place the information for sale on the dark web or who are using the information to perpetrate identity fraud.

If you received notice of the data breach or if you have determined that your personal information was compromised in the breach, please visit http://www.murphylegalfirm.com/cases/CaliforniaPizzaKitchen/ or email abm@murphylegalfirm.com to learn how to participate in a class-action lawsuit to recover damages as a result of the data breach.

Join Class Action: http://www.murphylegalfirm.com/cases/CaliforniaPizzaKitchen/

A. Brooke Murphy
Murphy Law Firm
abm@murphylegalfirm.com

TikTok $92M data breach settlement | efani SAFE?

TikTok agrees to $92M data breach settlement: Users are in for a payday

Millions of TikTok users may be eligible for a payout after TikTok agreed to a $92 million settlement in light of lawsuits over user privacy.

TikTok users may be eligible for a share of $92 million after the social media company agreed to a class-action settlement.

The settlement stems from 21 separate lawsuits accusing TikTok of violating federal and state law by collecting and using the personal data of users without “sufficient notice and consent.”

The company has denied any wrongdoing, but has agreed to settle the suits in order to avoid going to trial, NBC reports.

“While we disagree with the assertions, rather than go through lengthy litigation, we’d like to focus our efforts on building a safe and joyful experience for the TikTok community,” the company said in a statement.

On Monday, TikTok released a notice in its app, directing affected users to TikTokDataPrivacySettlement.com.

According to that website, all persons who reside in the United States and used TikTok prior to Sept. 30 of this year may be entitled to a part of the payment.

Users who live in Illinois may be entitled to six times as much money as non-Illinois residents because the state is the only one in the nation that “allows people to sue companies for violating biometric privacy