More than 25% of children of this age group in Vermont, Massachusetts, Maine, and Rhode Island have at least had their first shot. Idaho does not have available vaccination data for kids this age.
On December 1, the Supreme Court heard arguments on Dobbs v. Jackson Women's Health Organization regarding Mississippi's 15-week abortion ban. The case is pending a decision from the court. In the meantime, USAFacts has data on reported abortions for context on the issue
Some states do not report abortion data, but numbers from the Centers for Disease Control and Prevention show a drop in the procedure since 2006.
Since 2013, most abortion patients have been white, non-Hispanic people. The only exception was in 2016 when Black, non-Hispanic people had the largest percentage of abortions by race.
People between the ages of 20–24 had the most reported abortions for much of the 2010s. However, that changed in 2018 and now 25–29-year-olds have the most reported abortions of any group.
The government has several programs to fight food insecurity, but need has grown during the pandemic. Get the facts on just what food insecurity is and how the government combats it in this new article.
A monthly average of 42 million people have participated in SNAP in 2021 thus far.
Black families and Hispanic families experienced higher rates of food insecurity in 2020. More than 21% of Black households and 17% of Hispanic households were food insecure.
Last year, 55% of food-insecure households participated in one or more of the three largest federal nutrition assistance programs: the Supplemental Nutrition Assistance Program (also known as food stamps), the Special Supplemental Nutrition Program for Women, Infants, and Children, and the National School Lunch Program.
One last fact
Non-store retailers — primarily online shops that don't have brick-and-mortar stores — were not as affected by the pandemic as physical stores. But like most physical stores, they too had a sales bump during the holiday shopping season. Here's a comparison of the first year of the pandemic to 2019.
That's better than doing nothing - Even a minimal amount of thwarting of nefarious doings is welcome in a world where the powerful go unpunished and unchecked far too often
"Apple's announcement that it was suing Israeli malware purveyor NSO Group for targeting iPhone users was coupled with another, equally dismaying (I mean, for NSO…) announcement:
Apple’s legal complaint provides new information on NSO Group’s FORCEDENTRY, an exploit for a now-patched vulnerability previously used to break into a victim’s Apple device and install the latest version of NSO Group’s spyware product, Pegasus. . .
> Apple’s lawsuit seeks to ban NSO Group from further harming individuals by using Apple’s products and services.
> The lawsuit also seeks redress for NSO Group’s flagrant violations of US federal and state law, arising out of its efforts to target and attack Apple and its users.)
> Actually, this may be more of a concern for NSO's customers. After all, they're still paying the same licensing fees even if their targets are being warned of hacking attempts. It can't make them happy and -- since it appears many of NSO's customers like to target non-terrorists and non-criminals -- there's really nothing they can do about it. Local entities may be sworn to secrecy with court orders (if those are even obtained) but there's nothing preventing Apple from alerting users that malware might be present on their phones.
Given the long list of seemingly inappropriate targets for NSO's Pegasus spyware -- which includes journalists, activists, dissidents, government critics, political figures, religious leaders, lawyers, ex-wives, etc. -- Apple's policy is the Right Thing To Do. NSO's customers agree to use the spyware to target terrorists and dangerous criminals.
If NSO won't stop them (and it won't [until very recently]), this is one way to mitigate the damage. And so the disclosures have flowed. . .
[...] Fortunately, there's another entity watching these people's backs.
Prior to Apple's notification program, it took in-depth research by entities like Canada's Citizen Lab to discover the source of hacking and properly attribute it to NSO malware. Apple presumably can make these determinations much faster, heading off future interception and eavesdropping.
If NSO doesn't like it, it can suck it. It chose to sell to governments with long histories of targeting critics and violating human rights. Its customers can likewise suck it. They've given themselves an infinite amount of leash and NSO's exploits have let them take full advantage of this. Even a minimal amount of thwarting of nefarious doings is welcome in a world where the powerful go unpunished and unchecked far too often. >
A lawsuit that is a genuine step forward for drawing attention to the spyware market and the need for stricter regulation of private surveillance companies like NSO. Pegasus is a spyware that can be installed on devices running certain versions of iOS, Apple's mobile operating system, developed by the Israeli cyberarms firm, NSO Group
"Facebook is under fierce scrutiny for its decisions about political advertisements and consumer privacy, and its foray into developing a new cryptocurrency. So it makes sense that the company would try to drum up a little positive publicity and remind people that there are tech firms out there that pose much greater threats to privacy, democracy and civil liberties.
As for surveillance, let’s be clear:
We’re talking total surveillance
"Whatever you may think of Facebook, the Israeli spyware company known as the NSO Group — whose products have been used to compromise devices belonging to lawyers, dissidents, journalists and diplomats around the world — is inarguablyworse. . ."
Apple iPhone and iPad users usually believe they are safe. There’s no malware for iOS, they say. Apple does little to discourage the impression — the “fruit company” doesn’t even allow antivirus solutions in its App Store, because, you know, allegedly they’re not needed.
FROM KASPERSKY LABS Link > https://www.kaspersky.com/blog/pegasus-spyware The keyword here is allegedly. There actually is malware in the wild that targets iOS users — it’s been proved a number of times, and in August 2016 researchers proved it again byrevealing the existence of Pegasus, spyware capable of hacking any iPad or iPhone, harvesting data about the victim, and establishing surveillance on them. That discovery made the whole cybersecurity world… uneasy. At our Security Analyst Summit, researchers from Lookout revealed that Pegasus exists not only for iOS, but for Android as well. The Android version is different in some ways from its iOS predecessor. Let’s shed some light on Pegasus and explain why we use the word “ultimate” to describe it.
Pegasus: The beginning
Pegasus was discovered thanks to Ahmed Mansoor, a UAE human rights activist, who happened to be one of its targets. It was a spear-phishing attack: He received several SMS messages that contained what he thought were malicious links, so he sent those messages to security experts from Citizen Lab, and they brought another cybersecurity firm, Lookout, to the investigation. . .
Pegasus has been attributed to the NSO Group, an Israeli company whose bread and butter is developing spyware.
That means the malware is commercial — it’s sold to whoever is willing to pay for it.
Let's get ahead of the story > The Guardian and its media partners will be revealing the identities of people whose number appeared on the list in the coming days. They include hundreds of business executives, religious figures, academics, NGO employees, union officials and government officials, including cabinet ministers, presidents and prime ministers. . .
The disclosures begin on Sunday, with the revelation that the numbers of more than 180 journalists are listed in the data, including reporters, editors and executives at the Financial Times, CNN, the New York Times, France 24, the Economist, Associated Press and Reuters.
". . . Human rights activists, journalists and lawyers across the world have been targeted by authoritarian governments using hacking software sold by the Israeli surveillance company NSO Group, according to an investigation into a massive data leak.
The investigation by the Guardian and 16 other media organisations suggests widespread and continuing abuse of NSO’s hacking spyware, Pegasus, which the company insists is only intended for use against criminals and terrorists.
Pegasus is a malware that infects iPhones and Android devices to enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones.
The leak contains a list of more than 50,000 phone numbers that, it is believed, have been identified as those of people of interest by clients of NSO since 2016.
Forbidden Stories, a Paris-based nonprofit media organisation, and Amnesty International initially had access to the leaked list and shared access with media partners as part of the Pegasus project, a reporting consortium. . .Through its lawyers, NSO said the consortium had made “incorrect assumptions” about which clients use the company’s technology. It said the 50,000 number was “exaggerated” and the list could not be a list of numbers “targeted by governments using Pegasus”.
The lawyers said NSO had reason to believe the list accessed by the consortium “is not a list of numbers targeted by governments using Pegasus, but instead, may be part of a larger list of numbers that might have been used by NSO Group customers for other purposes”. After further questions, the lawyers said the consortium was basing its findings “on misleading interpretation of leaked data from accessible and overt basic information, such as HLR Lookup services, which have no bearing on the list of the customers' targets of Pegasus or any other NSO products ...
> Claudio Guarnieri, who runs Amnesty International’s Security Lab, said once a phone was infected with Pegasus, a client of NSO could in effect take control of a phone, enabling them to extract a person’s messages, calls, photos and emails, secretly activate cameras or microphones, and read the contents of encrypted messaging apps such as WhatsApp, Telegram and Signal. . . By accessing GPS and hardware sensors in the phone, he added, NSO’s clients could also secure a log of a person’s past movements and track their location in real time with pinpoint accuracy, for example by establishing the direction and speed a car was travelling in.
The latest advances in NSO’s technology enable it to penetrate phones with “zero-click” attacks, meaning a user does not even need to click on a malicious link for their phone to be infected.
Amnesty, research groups map out global reach of Israeli NSO Group’s spyware
Pegasus software ‘has been used in some of the most insidious digital attacks on human rights defenders,’ Amnesty International charges; NSO says claims are ‘recycled,’ inaccurate
The ‘Digital Violence: How the NSO Group Enables State Terror’ platform that details the operations of Israeli startup NSO Group (Courtesy
"The ‘Digital Violence: How the NSO Group Enables State Terror’ platform that details the operations of Israeli startup NSO Group (Courtesy)
An interactive online platform created by research agency Forensic Architecture, and supported by Amnesty International and the internet watchdog group Citizen Lab, has mapped the global spread of the spyware Pegasus, made by Israeli cybersecurity firm NSO Group.
Titled “Digital Violence: How the NSO Group Enables State Terror,” the website shows, for what is said to be the first time, geographic areas in which Pegasus spyware has been deployed worldwide, and interviews lawyers, activists and other civil society figures about their experiences.
Forensic Architecture, based in the University of London, investigates human rights violations by states, police forces and corporations.
“The company’s Pegasus spyware has been used in some of the most insidious digital attacks on human rights defenders,” Amnesty International said on its website. “When Pegasus is surreptitiously installed on a person’s phone, an attacker has complete access to a phone’s messages, emails, media, microphone, camera, calls and contacts.”
“The investigation reveals the extent to which the digital domain we inhabit has become the new frontier of human rights violations, a site of state surveillance and intimidation that enables physical violations in real space,” said Forensic Architecture researcher Shourideh Molavi in the Amnesty statement.
Guarnieri has identified evidence NSO has been exploiting vulnerabilities associated with iMessage, which comes installed on all iPhones, and has been able to penetrate even the most up-to-date iPhone running the latest version of iOS. His team’s forensic analysis discovered successful and attempted Pegasus infections of phones as recently as this month. . ."
When 'the two-channel summit' opens on Thursday, it is probably fair to predict that Americans who do not live and die for politics, as well as other such folk around the globe, will stick to their regularly scheduled programming.
Political junkies will certainly have plenty to watch.
One of the summit’s two Zoom channels will offer a continuous U.N.-like drone of speeches by heads of state, while the other, potentially more absorbing, will host meetings that will bring together leaders, Biden cabinet members, civil society groups and human rights activists who have braved authoritarian regimes.
zzzzz
Inside Joe Biden’s 2-Day Zoom Plan to Rescue Democracy
The president went from skeptic to evangelist on global democracy. But over the past year, his ambitions have collided repeatedly—and uncomfortably—with reality.
[...] "The language of “American exceptionalism” now has a nostalgic ring, because the United States is arguably no longer either the world’s most powerful country or its most effective democracy. Indeed, one stated premise of the summit, too plainly true to be dismissed as mere rhetoric, is that America has as much to gain from the experience of other countries as they do from that of the United States. . ."
[ The Biden team hopes to encourage states to stand up to Russia and China on issues like electoral interference and targeting dissidents. | Ding Lin/Xinhua via AP ]
". . .Erosion inside the world’s democracies requires a very different, and yet more urgent, endeavor from the one first articulated by Woodrow Wilson when he promised a new order after World War I that would make the world "safe for democracy.” That crusade now feels like a luxury. Biden, by contrast, hopes to protect or preserve democracy where it already exists. He has frequently cast his ambitious domestic agenda as proof that democracies can “deliver” prosperity and security in a way that autocracies cannot. This is no easy argument to make at a time when China has achieved sustained economic growth at a rate unprecedented in modern history. It is by no means obvious that democracies work better than non-democracies.
[...]
Nevertheless, what looked a year ago like a democratic jamboree now resembles a C-SPAN marathon. Given the high hopes that the prospect of a democracy summit once kindled, the whole affair may be an exercise in anti-climax.
In the course of my conversation with Blinken, I asked what he thought the United States could get out of the summit. "There is a call-to-action aspect of this that also is part of our summoning of our better angels," he said, "which the President strongly believes continues to resonate powerfully with most Americans. Things have gotten lost along the way. This is a moment to try to refocus our fellow citizens on what makes us exceptional. It does speak to something that continues to unite us, and that people aspire to, even despite the frustrations."
I wonder if this is the language of noble aspiration or of nostalgic yearning. . ."
In a concerning development, the notorious Emotet malware now installs Cobalt Strike beacons directly, giving immediate network access to threat actors and making ransomware attacks imminent.
Emotet is a malware infection that spreads through spam emails containing malicious Word or Excel documents. These documents utilize macros to download and install the Emotet Trojan on a victim's computer, which is then used to steal email and deploy further malware on the device.
Historically, Emotet would install the TrickBot or Qbot trojans on infected devices. These Trojans would eventually deploy Cobalt Strike on an infected device or perform other malicious behavior.
Cobalt Strike is a legitimate penetration testing toolkit that allows attackers to deploy "beacons" on compromised devices to perform remote network surveillance or execute further commands.
However, Cobalt Strike is very popular among threat actors who use cracked versions as part of their network breaches and is commonly used in ransomware attacks.
Emotet changes its tactics
Today, Emotet research group Cryptolaemus warned that Emotet is now skipping their primary malware payload of TrickBot or Qbot and directly installing Cobalt Strike beacons on infected devices.
WARNING We have confirmed that #Emotet is dropping CS Beacons on E5 Bots and we have observed the following as of 10:00EST/15:00UTC. The following beacon was dropped: https://t.co/imJDQTGqxV Note the traffic to lartmana[.]com. This is an active CS Teams Server. 1/x
A Flash Alert shared with BleepingComputer by email security firm Cofense explained that a limited number of Emotet infections installed Cobalt Strike, attempted to contact a remote domain, and then was uninstalled. . ." READ MORE
Here's one...
27 flaws in USB-over-network SDK affect millions of cloud users
"Researchers have discovered 27 vulnerabilities in Eltima SDK, a library used by numerous cloud providers to remotely mount a local USB device.
Due to the pandemic and the rising trend of working from home, organizations have begun to rely heavily on cloud-based services. This necessity also increased cloud providers utilizing Eltima's SDK that allow employees to mount local USB mass storage devices for use on their cloud-based virtual desktops.
USB over Ethernet Source: Eltima
However, as cloud desktop providers, including Amazon Workspaces, rely on tools like Eltima, SentinelOne warned that millions of users worldwide have become exposed to the discovered vulnerabilities.
The implications of exploiting the flaws are significant as they could allow remote threat actors to gain elevated access on a cloud desktop to run code in kernel mode.
"These vulnerabilities allow attackers to escalate privileges enabling them to disable security products, overwrite system components, corrupt the operating system, or perform malicious operations unimpeded," explained a new report by Sentinel Labs.
This elevated access could allow malware to steal credentials that threat actors can use to breach an organization's internal network.
In total, there are 27 vulnerabilities discovered by SentinelOne, with the CVE IDs listed below:
These vulnerabilities have been responsibly disclosed to Eltima, who has already released fixes for affected versions. However, it is now up to cloud services to upgrade their software to utilize the updated Eltima SDK.
According to SentinelOne, the affected software and cloud platforms are:
Amazon AppStream client version below: 1.1.304, 2021/08/02
NoMachine [all products for Windows], above v4.0.346 below v.7.7.4 (v.6.x is being updated as well)
Accops HyWorks Client for Windows: version v3.2.8.180 or older
Accops HyWorks DVM Tools for Windows: version 3.3.1.102 or lower (Part of Accops HyWorks product earlier than v3.3 R3)
Eltima USB Network Gate below 9.2.2420 above 7.0.1370
Amzetta zPortal Windows zClient
Amzetta zPortal DVM Tools
FlexiHub below 5.2.14094 (latest) above 3.3.11481
Donglify below 1.7.14110 (latest) above 1.0.12309
It is important to note that Sentinel Labs hasn’t looked into all possible products that could incorporate the vulnerable Eltima SDK, so there could be more products affected by the set of flaws.
Also, some services are vulnerable on the client-side, others on the server-side, and a few on both, depending on code-sharing policies
In a concerning development, the notorious Emotet malware now installs Cobalt Strike beacons directly, giving immediate network access to threat actors and making ransomware attacks imminent.
Open-source analytics and interactive visualization solution Grafana received an emergency update today to fix a high-severity, zero-day vulnerability that enabled remote access to local files.
Amazon AWS in the US-EAST-1 Region is suffering an outage that affected numerous online services, including Ring, Netflix, and Amazon Prime Video, and Roku.
A 31-year old Canadian national has been charged in connection to ransomware attacks against organizations in the United States and Canada, a federal indictment unsealed today shows.
US universities are being targeted in multiple phishing attacks designed to impersonate college login portals to steal valuable Office 365 credentials.
The Essential Windows 11 Course provides an easy way to learn your way around, with 5½ hours of video tutorials. It's normally priced at $75, but you can get it today for only $19.99,
Cerber ransomware is back, as a new ransomware family adopts the old name and targets Atlassian Confluence and GitLab servers using remote code execution vulnerabilities.
Google announced today that it has taken action to disrupt the Glupteba botnet that now controls more than 1 million Windows PCs around the world, growing by thousands of new infected devices each day.
QNAP warned customers today of ongoing attacks targeting their NAS (network-attached storage) devices with cryptomining malware, urging them to take measures to protect them immediately.
Scammers monitor every tweet containing requests for support on MetaMask, TrustWallet, and other popular crypto wallets, and respond to them with scam links in just seconds.
Nordic Choice Hotels has now confirmed a cyber attack on its systems from the Conti ransomware group. Although there is no indication of card or payment information being affected, information pertaining to guest bookings was potentially leaked.
"Apple's announcement that it was suing Israeli malware purveyor NSO Group for targeting iPhone users was coupled with another, equally dismaying (I mean, for NSO…) announcement: 
An Opinion Piece in the New York Times caught your MesaZona blogger's eye today.
FROM KASPERSKY LABS Link > https://www.kaspersky.com/blog/pegasus-spyware
0
Flash News: Ukraine Intercepts Russian Kh-59 Cruise Missile Using US VAMPIRE Air Defense System Mounted on Boat. Ukrainian forces have made ...
