AJ Vicens – Page 40 – WindowsTechs.com

Cloudflare not fully backing out of Russia, company says, as tech firms are forced to weigh in

Posted on March 7, 2022 by AJ Vicens

Cloudflare, a major web infrastructure firm that keeps websites online by protecting them from distributed denial-of-service attacks, said Monday that it will continue to provide some services within Russia despite several calls to pull out, stating that “Russia needs more Internet access, not less.” The statement is just the latest example of internet infrastructure firms having to explain how they are approaching business in Russia as that country’s government continues its brutal assault on Ukraine, and the government of Ukraine seeks to isolate Russia from the internet by publicly calling out major tech and web firms with business interests there. In a statement, Cloudflare CEO Matthew Prince said the company has seen a “dramatic increase in requests from Russian networks to worldwide media, reflecting a desire by ordinary Russian citizens to see world news beyond that provided within Russia.” The statement detailed the various steps the company has taken to […]

The post Cloudflare not fully backing out of Russia, company says, as tech firms are forced to weigh in appeared first on CyberScoop.

Continue reading Cloudflare not fully backing out of Russia, company says, as tech firms are forced to weigh in→

Putin’s government lists IPs and domains allegedly aiming DDoS traffic at Russia

Posted on March 3, 2022 by AJ Vicens

The Russian government on Wednesday published a list of more than 17,500 IP addresses and 174 internet domains it says are involved in ongoing distributed denial-of-service attacks on Russian domestic targets. The list include the FBI and CIA’s home pages, and other sites with top-level domain (TLD) extensions denoting they are registered through countries such as Belarus, Germany, Ukraine and Georgia, as well as the European Union. The Russian government did not publish any proof or evidence backing up its claims about the IP addresses or domains on its list. Russia’s National Computer Incident Response & Coordination Center posted the data in a notice that includes 20 recommendations to ward off attacks, such as robust logging, using Russia-based DNS servers, conducting “an unscheduled change of passwords” and disabling external plugins for websites, according to a Google translation. DDoS attacks — which render websites inaccessible by flooding them with traffic — […]

The post Putin’s government lists IPs and domains allegedly aiming DDoS traffic at Russia appeared first on CyberScoop.

Continue reading Putin’s government lists IPs and domains allegedly aiming DDoS traffic at Russia→

NATO countries’ refugee management may have been targeted by Belarus-linked hackers

Posted on March 2, 2022 by AJ Vicens

A hacking group with a history of phishing attacks and disinformation against NATO nations may be using compromised Ukrainian armed service member emails to target European officials tasked with managing logistics around refugees fleeing Ukraine, according to findings published Monday. Researchers with cybersecurity firm Proofpoint report they detected an email Feb. 24 that carried a subject referencing the Feb. 24 emergency meeting of NATO on the day the Russian government began its military attack on Ukraine. The email included an attached Microsoft Excel spreadsheet titled “list of persons.xlsx” that the researchers later determined included malware that, if installed, sought to gather information and intelligence from target computers. The social engineering lure used in this campaign was timely, the researchers said, given the NATO meeting and “a news story about a Russian government ‘kill list’ targeting Ukrainians that began circulating in Western media outlets” Feb. 21. Proofpoint did not definitively attribute […]

The post NATO countries’ refugee management may have been targeted by Belarus-linked hackers appeared first on CyberScoop.

Continue reading NATO countries’ refugee management may have been targeted by Belarus-linked hackers→

Belarusian hackers launch another attack, adding to chaotic hacktivist activity around Ukraine

Posted on February 28, 2022 by AJ Vicens

A group of Belarusian hackers and IT specialists claimed Sunday that they’d attacked the Belarusian Railways in an attempt to “slow down the transfer of occupying forces and give the Ukrainians more time to repel the attack,” according to a Google translation of the message posted to the group’s Telegram channel. The hackers — who call themselves the Cyber Partisans and have targeted Belarus’ autocratic government and its leader, Alexander Lukashenko, dating back to September 2020 — said Sunday their hack “paralyzed” some railway operations in the Belarusian capital of Minsk and in Orsha, an eastern Belarusian city between Moscow and Misk. Some railway operations were switched to manual mode, the group said, “which will significantly slow down the movement of trains, but will NOT create accidents.” “The internal network will be disconnected until the Russian troops leave the territory of Belarus and the participation of the Belarusian military forces […]

The post Belarusian hackers launch another attack, adding to chaotic hacktivist activity around Ukraine appeared first on CyberScoop.

Continue reading Belarusian hackers launch another attack, adding to chaotic hacktivist activity around Ukraine→

Conti ransomware group announces support of Russia, threatens to attack critical infrastructure

Posted on February 25, 2022 by AJ Vicens

An infamous ransomware group with potential ties to Russian intelligence and known for attacking health care providers and hundreds of other targets posted a warning Friday saying it was “officially announcing a full support of Russian government.” The gang said that it would use “all possible resources to strike back at the critical infrastructures” of any entity that organizes a cyberattack “or any war activities against Russia.” The message appeared Friday on the dark website used by ransomware group Conti to post its victims’ data and threats. Security researchers believe the gang to be Russia-based. Conti ransomware was part of more than 400 attacks against mostly U.S. targets between spring 2020 and spring 2021, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the FBI reported in September. In May 2021 the FBI warned that Conti was involved in at least 16 ransomware attacks targeting U.S. health […]

The post Conti ransomware group announces support of Russia, threatens to attack critical infrastructure appeared first on CyberScoop.

Continue reading Conti ransomware group announces support of Russia, threatens to attack critical infrastructure→

Putin’s government warns Russian critical infrastructure of potential cyberattacks

Posted on February 24, 2022 by AJ Vicens

The Russian government warned its domestic critical infrastructure operators Thursday of the “threat of an increase in the intensity of computer attacks,” and said that any failure in the operation of critical infrastructure that doesn’t have a “reliably established” cause should be considered “the result of a computer attack.” The warning, issued through Russia’s National Computer Incident Response & Coordination Center, comes as the Russian military carries out a widespread attack on Ukraine, and after the Ukrainian government accused the Russians of launching a series of distributed denial-of-service attacks and the deployment of wiper malware on Ukrainian government systems ahead of the invasion. “Attacks can be aimed at disrupting the functioning of information resources and services, causing reputational damage, including for political purposes,” the warning read, according to a Google translation. “In addition, in the future, it is possible to carry out harmful influences from the Russian information space to […]

The post Putin’s government warns Russian critical infrastructure of potential cyberattacks appeared first on CyberScoop.

Continue reading Putin’s government warns Russian critical infrastructure of potential cyberattacks→

DOJ drops Trump-era ‘China Initiative’ but remains focused on nation-state threats

Posted on February 23, 2022 by AJ Vicens

The U.S. Department of Justice is closing down its controversial “China Initiative,” instead launching a broader strategy toward countering multiple threats from several countries, a senior department official said Wednesday. The new “Strategy for Countering Nation-State Threats” will focus the department’s resources on multiple concurrent threats from China, Russia, Iran and North Korea, such as transnational repression, foreign malign influence and cyberthreats, said Assistant Attorney General Matthew Olsen in remarks at George Mason University. “We see nations such as China, Russia, Iran and North Korea becoming more aggressive and more capable in their activity than ever before,” Olsen said, adding that the new strategy “is threat driven,” and an attempt to counter malign activity from multiple countries, not just China. The China Initiative — launched during the Trump administration to group espionage, intellectual property theft and cybecrime cases involving Chinese suspects under one effort — was criticized for alleged racial […]

The post DOJ drops Trump-era ‘China Initiative’ but remains focused on nation-state threats appeared first on CyberScoop.

Continue reading DOJ drops Trump-era ‘China Initiative’ but remains focused on nation-state threats→

As Russia invades, Ukrainian government networks suffer high-profile DDoS disruption

Posted on February 23, 2022 by AJ Vicens

A series of Ukrainian government websites were inaccessible Wednesday after what a government official described as a “mass DDoS attack,” marking the second apparent distributed denial-of-service disruption to hit government sites there in the last eight days. The websites for the country’s Ministry of Foreign Affairs, Ministry of Defense, Ministry of Internal Affairs, the Security Service of Ukraine and the Cabinet of Ministers suffered network disruptions in an incident that “appears consistent with recent DDOS attacks,” according to NetBlocks, a London-based organization that tracks internet access. DDoS attacks knock sites offline by flooding them with phony traffic. Mykhailo Fedorov, Ukraine’s Minister of Digital Transformation, said the country was experiencing another DDoS attack that also targeted Ukrainian banks, the Kyiv Independent reported shortly after observers around the world began noticing the disruptions. In a subsequent message posted to Telegram Fedorov said a “mass DDoS attack” began at about 4 p.m. local […]

The post As Russia invades, Ukrainian government networks suffer high-profile DDoS disruption appeared first on CyberScoop.

Continue reading As Russia invades, Ukrainian government networks suffer high-profile DDoS disruption→

Deep dive into hack against Iranian state TV yields wiper malware, other custom tools

Posted on February 18, 2022 by AJ Vicens

The Jan. 27 hack of Iranian state broadcaster IRIB — which ran a message of support for opposition leaders and called for the assassination of Iran’s supreme leader — came with previously unidentified wiper malware, according to research that suggests the incident was more destructive than initially assumed. Researchers with Check Point, a Tel Aviv-based cybersecurity company, published the findings Friday based on what it said were files and other forensic evidence connected to the hack. Iranian officials acknowledged the attack at the time, saying that “disruptions” also occurred on another television channel and two radio stations, and called the hack “complex.” The breach occurred the day before Iran began its multi-day celebration of the 1979 revolution. “We could not find any evidence that these tools were used previously, or attribute them to a specific threat actor,” the researchers wrote. The files found and analyzed by Check Point include the […]

The post Deep dive into hack against Iranian state TV yields wiper malware, other custom tools appeared first on CyberScoop.

Continue reading Deep dive into hack against Iranian state TV yields wiper malware, other custom tools→

DOJ beefs up efforts to combat criminal use of cryptocurrencies

Posted on February 17, 2022 by AJ Vicens

The U.S. government is intensifying efforts to combat the criminal use of cryptocurrencies as federal prosecutors continue to target the business models and logistics of cybercrimes such as ransomware, Deputy Attorney General Lisa Monaco said Thursday. Speaking at the Munich Cyber Security Conference to announce several key developments in the government’s approach, Monaco said that the National Cryptocurrency Enforcement Team (NCET) — unveiled in October as part of an overall U.S. government to focus its resources on combatting ransomware operators — is getting its first director: Eun Young Choi. Choi is a seasoned federal cybersecurity prosecutor who most recently led the prosecution of Andrei Tyurin, a Russian national convicted of computer intrusion, wire fraud and other charges related to the theft of personal data from over 100 million customers of major U.S. financial firms. He was sentenced to 12 years in prison in January 2021. “Ransomware and digital extortion — […]

The post DOJ beefs up efforts to combat criminal use of cryptocurrencies appeared first on CyberScoop.

Continue reading DOJ beefs up efforts to combat criminal use of cryptocurrencies→