Chris Bing – Page 20 – WindowsTechs.com

Researchers uncover latest version of Chinese spyware used to target dissidents

Posted on September 1, 2017 by Chris Bing

Security researchers believe a newly discovered variant of mobile malware, dubbed xRAT, represents the latest iteration of a sophisticated cyber-espionage tool previously used by the Chinese government against dissidents, according to evidence published by cybersecurity firm LookOut. The first sample of xRAT appeared in April, said Michael Flossman, a security researcher with LookOut, and since then more than 60 unique samples belonging to this same remote access trojan family have been found. RAT is short for remote access trojan, a kind of malicious software program that installs a back door on a device so the attacker can take administrative control. “Initially when we started investigating [xRAT] our attribution suggested the actor behind it was likely Chinese, due to a combination of comments in the code, the types of apps being trojanized, and the location and whois details of command and control infrastructure,” explained Flossman. “Further analysis revealed a strong connection to […]

The post Researchers uncover latest version of Chinese spyware used to target dissidents appeared first on Cyberscoop.

Continue reading Researchers uncover latest version of Chinese spyware used to target dissidents→

Report: New ransomware found in targeted attacks against health care industry

Posted on September 1, 2017 by Chris Bing

A unique variant of ransomware that appears to have been designed for and used against health care companies was recently uncovered by a researcher at cybersecurity firm Proofpoint. While most ransomware is sent out in waves to as many people as possible, Proofpoint’s findings instead show that a hacker is carefully developing specially tailored ransomware attacks for hospitals and doctor’s offices. The company has labeled the malware Defray. “At this point, all attacks into which we have visibility have been targeted,” said Kevin Epstein, vice president of threat operations at Proofpoint. “It appears that this ransomware is not for sale, suggesting that it is a personal project.” Proofpoint found only two samples of the Defray ransomware in August. Those samples, however, are likely just a subsegment of all incidents involving this computer virus. Defray has been spread through a small email phishing campaign. The emails contain booby-trapped Microsoft Word documents […]

The post Report: New ransomware found in targeted attacks against health care industry appeared first on Cyberscoop.

Continue reading Report: New ransomware found in targeted attacks against health care industry→

Arrest of Chinese malware suspect highlights DOJ’s strategy against foreign hackers

Posted on August 31, 2017 by Chris Bing

The recent arrest of a Chinese national in connection with the development of high-profile malware serves to highlight the Justice Department’s modern and expansive efforts to prosecute foreign hackers in spite of extradition challenges, former U.S. officials told CyberScoop. “I see this indictment as part of trend by DOJ to indict foreign actors that are aligned with governments,” said Joe Whitley, a former senior Justice Department official. “The issuance of warrants of arrest on these individuals can have a huge impact on alleged criminals who may find international travel and money transfers no longer available. Plus, there is a certain stigma that accompanies indictment.” The Justice Department last week publicly released a criminal complaint alleging that Yu Pingan of Shanghai was involved in the creation and distribution of malware used to hack into multiple U.S. companies. The unique malware is known as “Sakula.” CNN reported that this same code was used […]

The post Arrest of Chinese malware suspect highlights DOJ’s strategy against foreign hackers appeared first on Cyberscoop.

Continue reading Arrest of Chinese malware suspect highlights DOJ’s strategy against foreign hackers→

Kaspersky exposes apparent Russian cyber-espionage operation amid U.S. criticism

Posted on August 30, 2017 by Chris Bing

In the face of allegations that Kaspersky Lab works hand-in-hand with Russian intelligence, the Moscow-based cybersecurity published a detailed report Wednesday exposing a complex and expansive cyber-espionage operation orchestrated by what appears to be a Russia-based hacking group. The research, authored by Kaspersky’s high-level GReAT team, reveals some of the techniques, processes and tools used by an attacker with similarities to two known hacking groups, Sofacy and Turla. Both of these groups are considered advanced persistent threats (APTs) and have been linked to the Russian government by U.S. cybersecurity firms CrowdStrike and FireEye. Kaspersky rarely attributes hacking groups to particular governments. This latest activity revealed by Kaspersky is codenamed “WhiteBear,” as it resembles but doesn’t match up entirely with known Sofacy or Turla operations. WhiteBear is likely a subgroup within or campaign of Turla group, the firm says. Based on a technical analysis by Kaspersky, WhiteBear’s recent activity appears to represent […]

The post Kaspersky exposes apparent Russian cyber-espionage operation amid U.S. criticism appeared first on Cyberscoop.

Continue reading Kaspersky exposes apparent Russian cyber-espionage operation amid U.S. criticism→

Researchers uncover maze of hidden backdoors in European embassy and ministry systems

Posted on August 30, 2017 by Chris Bing

A series of covert backdoor implants were secretly installed over the last year on dozens of computers used by embassies and foreign ministries across Southeast Europe and former Soviet states, according to new research published by cybersecurity firm ESET. The malicious software was sent to victims through targeted phishing emails and allowed for a skilled group of hackers to remotely spy on foreign government officials and collect intelligence. Some cybersecurity firms believe the hacking group exposed by ESET, known as Turla, is connected to Russian intelligence services. The backdoor used by Turla has been codenamed Gazer. ESET describes Gazer as a stealthy and complex hacking tool that is difficult to detect. The implant receives encrypted code from an external server, which can execute commands either directly through the infected machine or via another computer on a shared network. In addition, ESET found evidence that Turla leverages a virtual file system […]

The post Researchers uncover maze of hidden backdoors in European embassy and ministry systems appeared first on Cyberscoop.

Continue reading Researchers uncover maze of hidden backdoors in European embassy and ministry systems→

Rapidly growing bug bounty company Bugcrowd names new CEO

Posted on August 28, 2017 by Chris Bing

The operator of one of the leading bug bounty platforms, California-based Bugcrowd, announced Monday that it will be taking a new direction with a leadership change. Chief Executive Officer Casey Ellis is stepping down to become chairman and chief technology officer of the company, which he helped launch in 2012 and now employs more than 100 people. Bugcrowd has experienced rapid growth over the last several years, having secured a number of contracts with the U.S. government and multiple Fortune 500 companies. Bug bounty companies pool the services of independent security researchers. Under the niche industry’s unique crowdsourcing model, those freelance hackers are paid for finding bugs in clients’ systems. In an interview with CyberScoop, Ellis said he made the decision to bring in a experienced and successful businessman in Ashish Gupta, a former chief marketing officer and executive vice president with cybersecurity firm Infoblox, to run day-to-day operations because he believed that […]

The post Rapidly growing bug bounty company Bugcrowd names new CEO appeared first on Cyberscoop.

Continue reading Rapidly growing bug bounty company Bugcrowd names new CEO→

Trump’s decision to elevate Cyber Command will be a boon for defense contractors

Posted on August 27, 2017 by Chris Bing

With President Donald Trump’s move to elevate U.S. Cyber Command to a unified combatant command, the Fort Meade-based outfit is on track for additional funding dollars and a bump in acquisition authorities, which experts believe will translate into the development of new programs and therefore a cadre of opportunities for private defense contractors. It’s not so much that Cyber Command has been poorly funded in the past, explained Michael Sulmeyer, a former senior U.S. defense official during the Obama administration, but rather that the Combatant Command designation and continued maturation of the organization will position it with an “equal seat at the table” to vie for future funding dollars and pursue innovative technologies. “I think it’s interesting that Trump’s statement mentioned funding, because I am not aware of any budgetary shortfalls faced by the cyber mission. Cyber Command will continue to receive the resources it needs,” said Sulmeyer. “The Defense […]

The post Trump’s decision to elevate Cyber Command will be a boon for defense contractors appeared first on Cyberscoop.

Continue reading Trump’s decision to elevate Cyber Command will be a boon for defense contractors→

Senators want spies to disclose more about secret zero-day policy

Posted on August 24, 2017 by Chris Bing

The Senate Intelligence Committee hopes to learn more about how American spies handle the disclosure of software vulnerabilities continuously discovered by the U.S.’ 16 spy agencies, which are occasionally used as a weak point to hack into computer networks, according to the recently released 2018 Intelligence Authorization Act. While the law calls for greater transparency, former senior U.S. officials say it begs the wrong questions. The specific provision, which is just one part of the Senate committee’s annual legislative agenda, comes in the aftermath of multiple leaks of classified information; providing in some cases the computer code behind a toolbox of outdated NSA and CIA hacking capabilities. These exposures have already led to the adoption of several different, U.S. government-linked hacking tools by cyber criminals and foreign spy powers. The proliferation of this code was responsible for a recent, global outbreak of ransomware that subsequently caused millions of dollars in […]

The post Senators want spies to disclose more about secret zero-day policy appeared first on Cyberscoop.

Continue reading Senators want spies to disclose more about secret zero-day policy→

Canadian allegedly paid by FSB officers to breach Yahoo will be extradited to U.S.

Posted on August 18, 2017 by Chris Bing

A Canadian man charged with hacking into Yahoo! under the order of Russian intelligence officers waived his right to an extradition hearing and will now be transported to U.S. custody. Karim Baratov, 22, was arrested in March by Toronto police for allegedly breaching personal accounts tied to Yahoo! and other email providers between 2014 and 2016. Authorities said Beratov served as a contractor for Russia’s Federal Security Services (FSB). He faces 10 counts, including wire fraud and computer hacking. Baratov’s lawyer has said he may consider a plea deal in return for less chargers. The Justice Department has said that Baratov conducted cyber-espionage under the order of two FSB officers, Dmitry Dokuchaev and Igor Sushchin. Federal prosecutors estimate that the scheme led to upwards 500 million compromised Yahoo! accounts. CBC first reported the extradition agreement. When “a target of interest had accounts at webmail providers other than Yahoo, including through […]

The post Canadian allegedly paid by FSB officers to breach Yahoo will be extradited to U.S. appeared first on Cyberscoop.

Continue reading Canadian allegedly paid by FSB officers to breach Yahoo will be extradited to U.S.→

Trump orders that U.S. Cyber Command receive new authority to conduct cyberwarfare

Posted on August 18, 2017 by Chris Bing

President Donald Trump announced Friday that U.S. Cyber Command will be elevated to a unified combatant command, making it the 10th such organization with the operational authority to conduct military operations abroad under the purview of the secretary of Defense and the White House. Trump’s decision to elevate Cyber Command now requires that Secretary of Defense James Mattis conduct a review to determine whether Cyber Command should be separated from its Fort Meade neighbor and partner organization, the National Security Agency. Cyber Command is currently led by NSA Director Adm. Mike Rogers. While in that dual-hat role as the leader of both forces, he has consistently advocated for the elevation of Cyber Command. There’s bipartisan support on Capitol Hill to provide Cyber Command with greater operational authority and additional resources, but the question of whether the organization should be divided from NSA remains more difficult for Congress to answer. Until now, the […]

The post Trump orders that U.S. Cyber Command receive new authority to conduct cyberwarfare appeared first on Cyberscoop.

Continue reading Trump orders that U.S. Cyber Command receive new authority to conduct cyberwarfare→