Chris Bing – Page 16 – WindowsTechs.com

Hackers linked to Chinese government used mobile malware to spy on ethnic minority

Posted on October 20, 2017 by Chris Bing

Security researchers say a hacking group likely linked to the Chinese government is conducting targeted surveillance against a Chinese ethnic minority, known as the Uyghurs, through the deployment of sophisticated mobile malware, according to new evidence published Friday by U.S. cybersecurity firm Lookout. The attackers are associated with a known Chinese threat actor previously codenamed “Scarlet Mimic” by security researchers with Palo Alto Networks, according to Michael Flossman, a senior security researcher with Lookout. Based on separate research by Palo Alto Networks and ThreatConnect, Scarlet Mimic’s past operations have followed closely with the interests of the Communist Party of China. The party remains worried about the potential for rebellion in the highly contested Xinjiang region, where the majority of the Uyghur population lives. Lookout found a series of booby trapped Android applications designed for Chinese users — a SIM Card Management, “Phone Guardian” and Google Searcher program — which carried the same […]

The post Hackers linked to Chinese government used mobile malware to spy on ethnic minority appeared first on Cyberscoop.

Continue reading Hackers linked to Chinese government used mobile malware to spy on ethnic minority→

Senator questions DHS’s handling of Kaspersky software ban in federal agencies

Posted on October 19, 2017 by Chris Bing

A senior U.S. official pushed back against a Democratic senator’s criticism Thursday concerning the 90-day timeframe provided by the Department of Homeland Security for federal agencies to uninstall Kaspersky Lab products after the technology was linked to Russian intelligence efforts. In an open congressional hearing Thursday, Missouri Sen. Claire McCaskill questioned why the Homeland Security Department would offer such a grace period when the threat of foreign espionage is apparently evident. She implied that the Kremlin, if found in a similar situation, would be handling the situation much more rapidly. “You’re giving them a long time,” said McCaskill. “Do you think if this happened in Russia, if they found a system of ours was looking at all their stuff, that they would give their government 90 days to remove it? Seriously? The point I am making I mean is that why don’t you just say you have to remove it […]

The post Senator questions DHS’s handling of Kaspersky software ban in federal agencies appeared first on Cyberscoop.

Continue reading Senator questions DHS’s handling of Kaspersky software ban in federal agencies→

FBI’s recruitment strategy for cybersecurity pros starts early, focuses on high school

Posted on October 18, 2017 by Chris Bing

The FBI’s longterm strategy for hiring proficient cybersecurity professionals involves reaching into high schools, helping foster STEM education and perhaps most importantly, encouraging students to enroll in Scholarship for Service programs that eventually guide them toward Quantico, said Howard Marshall, deputy assistant director of the bureau’s cybersecurity division. “[Cyber workforce recruitment] is a huge challenge for us, maybe one of our biggest,” Marshall said Wednesday at CyberTalks in Washington, D.C. “We have a significant portion of our agents and investigators that are not equipped, what you could probably call not tech-savvy, that are not going to be much help when it comes to the technical side of an investigation.” Marshall said the FBI currently has a nationwide pilot program in which agents are working to encourage the study and development of science, technology, engineering and mathematics courses in high school. The idea is to get students engaged in exercises and other activities that […]

The post FBI’s recruitment strategy for cybersecurity pros starts early, focuses on high school appeared first on Cyberscoop.

Continue reading FBI’s recruitment strategy for cybersecurity pros starts early, focuses on high school→

Researchers say hackers responsible for 2013 Microsoft, Facebook breaches have disappeared

Posted on October 18, 2017 by Chris Bing

A mercenary hacker group has been linked to a newly disclosed 2013 breach at Microsoft in which the attackers accessed a highly sensitive internal database that held information about software flaws in company products, according to Reuters and prior research conducted by a cohort of cybersecurity experts. The latest revelations about Microsoft are all the more concerning because the hacker group responsible, dubbed by security researchers as “Wild Neutron,” “ButterFly” or “Zero Wing,” have become virtually untraceable since September 2015. Although experts say that Wild Neutron likely remains active, recent evidence of their exploits is lacking. “It’s kind of scary to think we haven’t even seen them in a while,” said Brian Bartholomew, a senior security researcher with Kaspersky Lab. “They just sort of fell off the radar … that could be due to a significant change in tactics or tools or just a lull in activity … It’s anyone’s guess.” […]

The post Researchers say hackers responsible for 2013 Microsoft, Facebook breaches have disappeared appeared first on Cyberscoop.

Continue reading Researchers say hackers responsible for 2013 Microsoft, Facebook breaches have disappeared→

Middle Eastern hacking group is using FinFisher malware to conduct international espionage

Posted on October 16, 2017 by Chris Bing

A well-funded, highly active group of Middle Eastern hackers was caught, yet again, using a lucrative zero-day exploit in the wild to break into computers and infect them with powerful spyware developed by an infamous cyberweapons dealer named Gamma Group. The incident, as described by security researchers with Moscow-based cybersecurity firm Kaspersky Lab, shines a rare light on the opaque although apparently vibrant market for software exploits and spyware, which in this case appears to have been purchased by a nation-state. The Middle Eastern hacker group in this case is codenamed “BlackOasis.” Kaspersky found the group was exploiting a Adobe Flash Player zero-day vulnerability (CVE-2016-4117) to remotely deliver the latest version of “FinSpy” malware, according to a new blog post published Monday. Adobe issued a fix Monday to its users in the form of a software update. FinSpy, a final-stage payload that allows for an attacker to covertly learn what a target is talking […]

The post Middle Eastern hacking group is using FinFisher malware to conduct international espionage appeared first on Cyberscoop.

Continue reading Middle Eastern hacking group is using FinFisher malware to conduct international espionage→

White House Cybersecurity Coordinator takes on additional role in Trump administration

Posted on October 13, 2017 by Chris Bing

Rob Joyce, the White House’s Cybersecurity Coordinator, is ascending through the ranks at 1600 Pennsylvania Avenue. CyberScoop has learned that Joyce will take on a new position starting Monday as Acting Deputy Homeland Security Adviser to the President, a position that was vacated by John Daly in recent days and Amy Pope before him in January. Joyce is a well respected intelligence professional and one of the leading cybersecurity experts in the federal government. Prior to the White House, he worked in the National Security Agency, leading the spy agency’s elite hacking unit known as Tailored Access Operations. The March appointment of Joyce as White House cybersecurity coordinator was heralded by both Republican and Democratic lawmakers. Joyce will continue in his role as the nation’s cybersecurity czar in addition to the new position. His current duties include coordinating, communicating with and effectively leading the individual cybersecurity efforts of each federal agency, […]

The post White House Cybersecurity Coordinator takes on additional role in Trump administration appeared first on Cyberscoop.

Continue reading White House Cybersecurity Coordinator takes on additional role in Trump administration→

Massive supply chain cyberattack on the horizon in Ukraine, according to police

Posted on October 13, 2017 by Chris Bing

Ukrainian government authorities are warning of a “large-scale” cyberattack against local government agencies and private companies through the deployment of another booby-trapped software update, according to a cryptic press release published Thursday by the Secret Service of Ukraine (SBU). “SBU notifies about preparing of a new wave of large-scale attack against the state institutions and private companies,” the release notes. “The SBU experts received data that the attack can be conducted with the use of software updating, including public applied software. The mechanism of its realization will be similar to cyber-attack of June 2017.” The use of the word “realization” in the SBU’s statement has led some security researchers to believe the government is likely preparing, once again, for a destructive-style attack. The SBU did not respond to a request for comment. The ambiguous warning comes four months after a Russian hacking group, dubbed “Telebots” or “Sandworm Group” by security researchers, […]

The post Massive supply chain cyberattack on the horizon in Ukraine, according to police appeared first on Cyberscoop.

Continue reading Massive supply chain cyberattack on the horizon in Ukraine, according to police→

Former U.S. spies say anti-virus software makes for a perfect espionage platform

Posted on October 13, 2017 by Chris Bing

Popular anti-virus software companies are a prime target for intelligence agencies because they have direct, continuous access into their clients’ networks and collect large quantities of data about them, former U.S. intelligence officials and cybersecurity experts say. Although the targeting of anti-virus (AV) companies by government-backed hackers only recently became well-known, experts say sophisticated intelligence agencies have long understood the inherent value of infiltrating these firms to gather information and in some cases, spread malware. “As cybersecurity companies centralize information and maintain access to their customers, securing the cloud-based infrastructure of those cyber companies becomes paramount,” said Ben Johnson, a former NSA computer scientist. “These organizations have become prime targets for intelligence agencies, militaries, and sophisticated cyber organizations looking for ways into corporate and government institutions.” Because most anti-virus vendors have designed their products to autonomously search for computer viruses on users’ systems by directly scanning files and then sending that data back […]

The post Former U.S. spies say anti-virus software makes for a perfect espionage platform appeared first on Cyberscoop.

Continue reading Former U.S. spies say anti-virus software makes for a perfect espionage platform→

Cybercriminals hijacked a government server to send sophisticated malware to U.S. companies

Posted on October 11, 2017 by Chris Bing

A Eastern European hacking group hijacked U.S. state government servers to dispense malware through phishing emails that were designed to appear like they had come from the Securities and Exchange Commission, according to research by Cisco’s Talos team and an analysis by other cybersecurity experts familiar with the activity. The technical findings connect a known advanced persistent threat (APT) group, codenamed FIN7 by U.S. cybersecurity firm FireEye, to a sophisticated intrusion technique that was detected in a recent wave of spoofed emails that mimicked the SEC’s domain. The messages carried malware-laden Microsoft Word documents mentioning financial disclosure information from the EDGAR system. FIN7 is believed to represent a eastern European criminal enterprise that speaks Russian and operates internationally. Emails tied to this campaign were “highly targeted” and only sent to a small, select group of U.S. businesses in several different industry sectors, including finance, insurance and information technology, said Craig Williams, a senior […]

The post Cybercriminals hijacked a government server to send sophisticated malware to U.S. companies appeared first on Cyberscoop.

Continue reading Cybercriminals hijacked a government server to send sophisticated malware to U.S. companies→

A top DOJ official is calling for ‘responsible’ encryption from Silicon Valley

Posted on October 11, 2017 by Chris Bing

The Justice Department’s Deputy Attorney General Rod Rosenstein is calling on Silicon Valley to provide a avenue for law enforcement to access encrypted digital evidence that is stored and transferred by private technology companies. Rosenstein described this avenue as “responsible encryption.” He vaguely defined it as encryption that is able to “protect privacy and promote security without forfeiting access for legitimate law enforcement needs supported by judicial approval.” Privacy and security advocates say that making such a compromise would effectively weaken encryption technology writ large because it would require creating an inherent vulnerability in the process. Rosenstein, like his predecessors, believes this arrangement wouldn’t have a negative consequence on cybersecurity significant enough to warrant a different strategy. “When encryption is designed with no means of lawful access, it allows terrorists, drug dealers, child molesters, fraudsters, and other criminals to hide incriminating evidence,” Rosenstein said. “Mass-market products and services incorporating warrant-proof encryption […]

The post A top DOJ official is calling for ‘responsible’ encryption from Silicon Valley appeared first on Cyberscoop.

Continue reading A top DOJ official is calling for ‘responsible’ encryption from Silicon Valley→