Chris Bing – Page 23 – WindowsTechs.com

Energy sector hacking campaign targeted more than 15 U.S. firms

Posted on July 17, 2017 by Chris Bing

More than 15 different U.S. energy companies received phishing emails as part of a recently uncovered hacking operation, based on a list of targeted organizations provided to CyberScoop by a person familiar with the ongoing investigation. While evidence exists that ties these attackers to similar, past intrusion attempts against energy firms in Ireland and Turkey, the most recent wave of phishing emails — which began around early May — appears to have only been sent to U.S. companies, cybersecurity researchers and one government official told CyberScoop. As this story was being published, there were reports of a fresh attack in Ireland that had similarities to what happened in the U.S. Sources told CyberScoop that approximately 18 companies had received the phishing emails, with other incidents being investigated for ties to the same attackers. The number of facilities affected is currently unclear, as the targeted email accounts could be tied to […]

The post Energy sector hacking campaign targeted more than 15 U.S. firms appeared first on Cyberscoop.

Continue reading Energy sector hacking campaign targeted more than 15 U.S. firms→

Here are the cybersecurity amendments added to the House’s defense bill

Posted on July 13, 2017 by Chris Bing

Lawmakers attached several cybersecurity-focused amendments to the fiscal 2018 National Defense Authorization Act in a last-minute effort Wednesday to change how the federal government defends itself from cyberattacks and how the military conducts offensive cyber-operations. The House was still working on the bill as of Thursday afternoon. The provisions added Wednesday joined an already lengthy list of items related to government cybersecurity initiatives. Because the NDAA is a policy bill and not a spending bill, congressional rules leave it more open to amendments. It’s common for lawmakers to use it as a vehicle for a wide range of legislative priorities. Most of the amendments added Wednesday have a military component, though. A total of five cybersecurity amendments were added Wednesday to the House’s version of the bill, which still faces a conference committee with the Senate version. Reps. Mike Johnson, R-La., Dan Lipinski, D-Ill., Gregg Harper, R-Miss., Robert Brady, D-Pa., Jose Correa, […]

The post Here are the cybersecurity amendments added to the House’s defense bill appeared first on Cyberscoop.

Continue reading Here are the cybersecurity amendments added to the House’s defense bill→

An old foe’s footprints muddle the mystery around group responsible for energy sector hacks

Posted on July 12, 2017 by Chris Bing

Though leading cybersecurity firms are closing in on the hackers responsible for a recent email phishing campaign and watering hole scheme designed to target U.S. energy companies, the available evidence points to an amorphous group that hasn’t been active for three years. It’s yet another mystery within an already complex case. The leading suspect behind this incident, according to cybersecurity experts and former U.S. intelligence officials, is a group associated with past operations tied to Russia. Known as “Energetic Bear,” “Koala Team” or “Crouching Yeti” to the information security community, the unit has a long history of targeting the energy sector and exploiting outdated vulnerabilities in Microsoft Word and Adobe Flash. “Koala Team is a prolific cyber espionage actor that has affected a comprehensive set of verticals using a combination of opportunistic and targeted tactics since at least 2011,” Cristiana Brafman Kittner, a senior analyst with U.S. cybersecurity firm FireEye, told CyberScoop. […]

The post An old foe’s footprints muddle the mystery around group responsible for energy sector hacks appeared first on Cyberscoop.

Continue reading An old foe’s footprints muddle the mystery around group responsible for energy sector hacks→

Russian hacker group ‘CyberBerkut’ returns to public light with allegations against Clinton

Posted on July 12, 2017 by Chris Bing

A Twitter account tied to a group that the Defense Intelligence Agency recently described as “Russian hackers … supporting Russia’s military operations” returned to the spotlight Wednesday by posting a message that alleges multiple Ukrainian government officials are “sponsored” by Hillary Clinton. These allegations, a vague and loosely defined set of financial connections documented only in a single graphic, could not be confirmed. No other supporting documents were provided. An attempt to contact the group went unanswered. Украинцы спонсировали Хиллари Клинтон за счет кредитов от МВФhttps://t.co/qTMAF0hLud#КиберБеркут #США #Украина pic.twitter.com/4nP3cZYjTL — КиберБеркут (@cyberberkut2) July 12, 2017 The Tweet posted Wednesday by this “CyberBerkut” group is the first such message posted publicly since January after the account shared an image of a redacted email it claims revealed plans by the U.S. government to doctor evidence to suggest that Russian hackers had interfered in the 2016 U.S. election. США планируют сфабриковать доказательства причастности […]

The post Russian hacker group ‘CyberBerkut’ returns to public light with allegations against Clinton appeared first on Cyberscoop.

Continue reading Russian hacker group ‘CyberBerkut’ returns to public light with allegations against Clinton→

Lawmakers soundly reject the idea of a U.S.-Russia cybersecurity unit

Posted on July 10, 2017 by Chris Bing

Capitol Hill wants no part of President Donald Trump’s plan to create a cybersecurity working group with the Russian government; an idea that was first revealed following a private meeting with Russian President Vladimir Putin at the 2017 G20 Summit. The backlash comes following Trump’s participation in the G20 summit last week, where he met with Putin on a number of issues. Sunday morning, Trump tweeted that the two countries discussed forming an “impenetrable Cyber Security unit.” Putin & I discussed forming an impenetrable Cyber Security unit so that election hacking, & many other negative things, will be guarded.. — Donald J. Trump (@realDonaldTrump) July 9, 2017 Rep. Don Beyer, D-Va., filed an amendment to the National Defense Authorization Act Monday that would block Trump from creating such a diplomatic unit. Separately, Rep. Brendan Boyle, D-Pa., introduced a standalone bill Monday that “prohibit[s] the United States from participating in any type […]

The post Lawmakers soundly reject the idea of a U.S.-Russia cybersecurity unit appeared first on Cyberscoop.

Continue reading Lawmakers soundly reject the idea of a U.S.-Russia cybersecurity unit→

Spearphishing attacks on energy firms tied to years-long global hacking operation

Posted on July 7, 2017 by Chris Bing

A recent barrage of well-crafted phishing emails aimed at employees at U.S. energy companies, including one nuclear facility, is tied to a years-long international campaign to steal user credentials and gather intelligence from the world’s largest energy firms. The New York Times and Bloomberg reported Thursday that the FBI and Department of Homeland Security had recently warned several U.S. energy companies about the threat of hackers attempting to break into their networks by using specially tailored spearphishing emails and watering hole-style attacks. John Hultquist, who leads U.S. cybersecurity firm FireEye’s cyberespionage analysis division, said that he’s been independently tracking this same operation and that FireEye customers were warned about it roughly five weeks ago. “We’ve tied this recent operation to a campaign that started all the way back in 2015, which extends beyond the U.S., and has targeted companies in the Middle East and Western Europe … specifically in Turkey […]

The post Spearphishing attacks on energy firms tied to years-long global hacking operation appeared first on Cyberscoop.

Continue reading Spearphishing attacks on energy firms tied to years-long global hacking operation→

Ahead of Trump-Putin meeting, Russian Embassy protests arrest of hacker

Posted on July 6, 2017 by Chris Bing

Russia’s foreign ministry on Wednesday accused the U.S. of “kidnapping” Yury Martyshev, a Latvian man with Russian citizenship who is accused of committing cybercrime. Former U.S. law enforcement officials, however, say that what Russia considers kidnapping is in reality a legitimate and legal effort to arrest a criminal. Martyshev was arrested overseas and extradited to the U.S. late last month to face charges in a Virginia court. He is accused of helping run one of “the largest” hacking marketplaces on the dark web, where customers could trade and purchase illegal penetration, vulnerability and malware testing tools, according to unsealed court documents. He was originally indicted in October 2016. Some experts believe Martyshev was behind the infamous Scan4You service, which went down earlier this year. In a statement posted to the Russian Embassy’s Facebook page, a spokesperson called for the U.S. to return Martyshev, who is also known as Jurijs Martisevs, in order to recognize the “legitimate rights […]

The post Ahead of Trump-Putin meeting, Russian Embassy protests arrest of hacker appeared first on Cyberscoop.

Continue reading Ahead of Trump-Putin meeting, Russian Embassy protests arrest of hacker→

Amid Kaspersky controversy, Russia considers pushing out foreign competitors

Posted on July 5, 2017 by Chris Bing

As U.S. lawmakers continue to cast doubt on the independence of Russia-based cybersecurity firm Kaspersky Lab, the Kremlin is considering plans that would cut off foreign anti-virus vendors from the Russian market. The newly announced plan, first reported by Russian news outlet Meduza, will be reportedly presented Wednesday to Russian President Vladimir Putin. At the moment, a Russian advisory body for strategic projects is reviewing a draft copy of the bill. If enacted, the proposed law would become effective in mid-2019, according to Meduza. As it’s currently written, it will become mandatory for any computer that is imported or produced within the Eurasian Economic Union to carry anti-virus software that’s made by a country considered to be a “domestic technology company.” The Eurasian Economic Union is comprised by five member states, including Armenia, Belarus, Kazakhstan, Kyrgyzstan and Russia. American cybersecurity firms only hold a small percentage of market share among those countries. The anti-virus […]

The post Amid Kaspersky controversy, Russia considers pushing out foreign competitors appeared first on Cyberscoop.

Continue reading Amid Kaspersky controversy, Russia considers pushing out foreign competitors→

‘Patient zero’ of global ransomware incident was warned and owned before outbreak

Posted on July 5, 2017 by Chris Bing

A Ukrainian software company at the center of an international ransomware outbreak was reportedly warned about its insufficient digital security multiple times, and new evidence shows it had been compromised by hackers before last week’s incident. M.E.Doc, a Ukrainian software firm that develops accounting software that is mandated by the country’s government, is widely considered to be the “patient zero” behind ExPetr, a unique ransomware variant that first appeared on June 27 with the capability of spreading quickly across local networks and deleting data. Cybersecurity researchers with Czech security firm ESET published evidence Tuesday that hackers were able to successfully penetrate M.E.Doc in the months preceding the major attack and had installed a series of backdoors. These implants would allow a hacker to remotely execute numerous commands and upload other malicious code. Such a backdoor may have been originally leveraged to launch ExPetr. It’s also possible that the attacker had […]

The post ‘Patient zero’ of global ransomware incident was warned and owned before outbreak appeared first on Cyberscoop.

Continue reading ‘Patient zero’ of global ransomware incident was warned and owned before outbreak→

Early indications point to Sandworm hacking group for global ransomware attack

Posted on June 30, 2017 by Chris Bing

The main suspect behind the recent global ransomware attack is a hacking group with suspected ties to Russia and a history of launching destructive computer viruses, according to research conducted by Czech cybersecurity firm ESET. The company has pegged the attack to a group known as Telebots or Sandworm. “The TeleBots group continues to evolve in order to conduct disruptive attacks against Ukraine. Instead of spearphishing emails with documents containing malicious macros, they used a more sophisticated scheme known as a supply-chain attack,” writes Anton Cherepanov, a senior malware researcher with ESET, in a blog post. “The latest outbreak was directed against businesses in Ukraine, but they apparently underestimated the malware’ spreading capabilities.” While the spread of so-called PetrWrap or NotPetya turned into global news as thousands of computers were locked down by the virus, the incident plays into a larger and already established narrative of hackers repeatedly using wiper malware and defunct ransomware, […]

The post Early indications point to Sandworm hacking group for global ransomware attack appeared first on Cyberscoop.

Continue reading Early indications point to Sandworm hacking group for global ransomware attack→