A U.S. government website designed to inform the public about vaccines has been defaced and now hosts apparently AI-generated spam.
The domain, which belongs to the U.S. Department of Health and Human Services (HHS), appears to have been hosting the same kind of content — mostly gay-themed and LGBTQ+ posts — since at least May 12, according to an archived version of the site. It’s unclear who is responsible for it, or what is the purpose of this defacement other than pushing AI-generated slop spam. Websites hosted on official U.S. government domains have been hijacked in the past to host scam ads and hacking services.
Read more…
Source: TechCrunch News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- CISA Binding Operational Directive 22-01 – Reducing the Significant Risk of Known Exploited Vulnerabilities
November 3, 2021
A binding operational directive is a compulsory direction to federal, executive branch, departments and agencies for purposes of safeguarding federal information and information systems. Section 3553(b)(2) of title 44, U.S. Code, authorizes the Secretary of the Department of Homeland Security (DHS) to develop and oversee the implementation of binding operational directives. Federal agencies are required to comply ...
- US sanctions NSO Group, Israeli spyware company at centre of Pegasus Papers
November 3, 2021
The US is sanctioning an Israeli spyware company that it accused of supplying technology to foreign governments “to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers”. NSO Group had been accused of assisting despotic regimes in targeting journalists, political dissidents, and human rights activists in reports earlier this year. The company responded at the ...
- ‘Tortilla’ Wraps Exchange Servers in ProxyShell Attacks
November 3, 2021
A new-ish threat actor sometimes known as “Tortilla” is launching a fresh round of ProxyShell attacks on Microsoft Exchange servers, this time with the aim of inflicting vulnerable servers with variants of the Babuk ransomware. Cisco Talos researchers said in a Wednesday report that they spotted the malicious campaign a few weeks ago, on Oct. 12. Tortilla, ...
- Medical school exposes personal data of thousands of students
November 3, 2021
A US medical training school exposed the personally identifiable information (PII) of thousands of students. On Wednesday, vpnMentor published a report on the security incident, in which an unsecured bucket was left exposed online. The server, which did not have authentication controls in place and was, therefore, accessible by anyone to view, contained 157GB of data, or ...
- New White House Cyber Director Wants to Fight Like Cobra Kai
November 1, 2021
The first U.S. National Cyber Director wants the government to take a tougher, more proactive approach to those who threaten America’s networks: degrade their capabilities and demonstrate how they would suffer should they attack. John “Chris” Inglis’ vision for his brand-new office somewhat resembles the match-day strategy employed by the Cobra Kai dojo in the original ...
- TrickBot malware dev extradited to U.S. faces 60 years in prison
October 29, 2021
A Russian national believed to be a member of the TrickBot malware development team has been extradited to the U.S. and is currently facing charges that could get him 60 years in prison. 38-year old Vladimir Dunaev, also known as FFX, was a malware developer that supervised the creation of TrickBot’s browser injection module, the indictment ...