Chris Bing – Page 26 – WindowsTechs.com

What we know (and don’t know) about a rash of Middle East mystery hacks

Posted on June 6, 2017 by Chris Bing

A spate of apparent security breaches has intensified what was already a tense geopolitical situation among the Persian Gulf states. Over the last two weeks, the following incidents have allegedly occurred: a Qatari government media outlet was supposedly hacked to plant bogus quotes attributed to current Qatari Emir Sheikh Tamim; damaging emails belonging to UAE’s ambassador to the U.S. Yousef Al-Otaiba were leaked, and someone hacked the Twitter account of Bahrain’s Foreign Minister Khalid Al Khalifa to post propaganda associated with a Shiite militant group. Evidence is lacking for some of those claims, and the degree to which the events are related is not clear, but hackers are taking the blame, and the allegations alone have been enough to amplify tensions. All three storylines have been prominent in regional press outlets and are now being used as supporting evidence for the breakdown of relations between Qatar and the other Gulf Cooperation Council (GCC) nations. […]

The post What we know (and don’t know) about a rash of Middle East mystery hacks appeared first on Cyberscoop.

Continue reading What we know (and don’t know) about a rash of Middle East mystery hacks→

Software vulnerabilities used to spread WannaCry are favorites for hackers, FireEye says

Posted on June 2, 2017 by Chris Bing

The same Microsoft Windows’ software vulnerabilities that allowed the WannaCry ransomware to spread globally are now being used by a wide array of hackers to infect computers with remote access trojans, according to new research by U.S. cybersecurity firm FireEye. The research serves to show just how widespread the use of “EternalBlue,” otherwise known as the MS017-010 exploit, continues to be. Although Microsoft previously issued several different software security updates for older versions of Windows, many computers remain unpatched and therefore vulnerable. The addition of the EternalBlue exploit to Metasploit, software made for penetration testing but which is also used for illegal hacking, “has made it easy for threat actors to exploit these vulnerabilities,” a FireEye blog post reads. “In the coming weeks and months, we expect to see more attackers leveraging these vulnerabilities and to spread such infections with different payloads,” the post says. According to FireEye researchers, well-known malware payloads like […]

The post Software vulnerabilities used to spread WannaCry are favorites for hackers, FireEye says appeared first on Cyberscoop.

Continue reading Software vulnerabilities used to spread WannaCry are favorites for hackers, FireEye says→

Vietnamese hackers appear to be researching an NSA backdoor tool

Posted on June 1, 2017 by Chris Bing

A hacker group with suspected ties to the Vietnamese government appears to be researching a leaked National Security Agency tool codenamed ODDJOB, based on documents uploaded to the repository VirusTotal and tied to a source already identified as OceanLotus group, otherwise known as APT32. A classified user manual for ODDJOB was originally published on April 14 by a mysterious group, known for sharing NSA documents, named the Shadow Brokers. A copy of this same document was then uploaded April 17 to VirusTotal along with other malicious email attachments by OceanLotus. Multiple U.S. cybersecurity firms say OceanLotus is aligned with the interests of the Vietnamese government. The specific version of the manual uploaded by OceanLotus was not weaponized, meaning it didn’t carry malware that could be used to convert the harmless PDF to a phishing lure. ODDJOB is a high-quality, masterfully engineered digital weapon believed to have been once used to help […]

The post Vietnamese hackers appear to be researching an NSA backdoor tool appeared first on Cyberscoop.

Continue reading Vietnamese hackers appear to be researching an NSA backdoor tool→

A stolen Trump-Duterte transcript appears to be just one part of a larger hacking story

Posted on May 31, 2017 by Chris Bing

A leaked transcript of a phone conversation between President Donald Trump and his Philippine counterpart was available online for weeks before surfacing in news reports, and it now appears to be just one of a series of sensitive Philippine government documents acquired by a hacker group with suspected ties to the Vietnamese government, according to research conducted by multiple cybersecurity experts and evidence gathered by CyberScoop. On May 15, eight days before either The Intercept or the Washington Post reported about the transcript of Trump’s call with President Rodrigo Duterte, someone uploaded what appears to be the same document to the repository VirusTotal along with malicious email attachments. How The Intercept and the Post originally obtained their own copies of the Trump-Duterte transcript — which unnamed U.S. officials confirmed as authentic — remains unclear. The leak appears to be bigger than just one document. Included in the dump were notes regarding a conversation between Duterte […]

The post A stolen Trump-Duterte transcript appears to be just one part of a larger hacking story appeared first on Cyberscoop.

Continue reading A stolen Trump-Duterte transcript appears to be just one part of a larger hacking story→

Google takes swift action to kill massive ad fraud campaign in Play store

Posted on May 26, 2017 by Chris Bing

Google killed a massive ad fraud operation evident in the Google Play Store just one day after a security firm publicly revealed the malicious campaign. A total of 41 individual smartphone applications, which were available for download on Android devices earlier this week, have been removed in the last 24 hours. Each of those applications were connected to a larger scheme uncovered Thursday by U.S. cybersecurity firm Check Point. Forbes magazine was first to notice the swift action on the part of Google. Check Point discovered and published technical details of the scheme, perpetrated by South Korean software company Kiniwini, which involved bobby-trapped apps with rogue code causing devices to open webpages in the background and click on banners. The result was a spike in revenue for the company, which sold banner ads to clients valued in relation to engagement. Most of these maligned apps were free games. A Google spokesperson did […]

The post Google takes swift action to kill massive ad fraud campaign in Play store appeared first on Cyberscoop.

Continue reading Google takes swift action to kill massive ad fraud campaign in Play store→

Proposed bill would make DOD tell Congress when ‘special cyber operations’ are taking place

Posted on May 26, 2017 by Chris Bing

There’s an oversight bill in the works that would compel the Defense Department to notify Congress when the military is engaged in sensitive cyber operations. The bipartisan legislation, as it’s currently written, would require congressional notification when the Defense Department takes action in cyberspace under U.S. Code Title 10, which supervises operations led by Army, Navy, Air Force, Marine Corps, and Coast Guard, as well as the Reserves. Title 10 is unrelated to the U.S. government’s intelligence gathering mission set, which is led by federal organizations like the National Security Agency. Sponsored by top House Armed Service Committee Reps. Elise Stefanik, D-N.Y., Mac Thornberry, R-Texas, Jim Langevin, D-R.I., and Adam Smith, D-Wash., the bill does not provide Congress with any additional authorization authority, but rather codifies an informal disclosure process that exists between the Defense Department and relevant congressional committees. There is no mention of a public disclosure element in […]

The post Proposed bill would make DOD tell Congress when ‘special cyber operations’ are taking place appeared first on Cyberscoop.

Continue reading Proposed bill would make DOD tell Congress when ‘special cyber operations’ are taking place→

How phishing emails sent by Russian hackers produce propaganda

Posted on May 25, 2017 by Chris Bing

In late 2015, former Director of National Intelligence James Clapper famously warned of a future where adversaries will often “change or manipulate electronic information in order to compromise its integrity” rather than simply steal data. Since then, the world has watched the Kremlin carry out Clapper’s prediction, interfering in democratic processes around the world. A new report released Thursday, authored by the Citizen Lab at the University of Toronto’s Munk School of Global Affairs, shows how Russia has made Clapper’s prediction a reality. The research gives a new view on how hackers with suspected ties to the Russian government play a vital part in international disinformation campaigns aimed to discredit enemies of the state and sow discord. The report, “Tainted Leaks: Disinformation and Phishing With a Russian Nexus,” underscores how offensive cybersecurity operations have become a critical tool used by governments to weaponize information and affect public opinion. Hackers acting in […]

The post How phishing emails sent by Russian hackers produce propaganda appeared first on Cyberscoop.

Continue reading How phishing emails sent by Russian hackers produce propaganda→

The leaked NSA hacking tool that will wreak havoc for years to come

Posted on May 24, 2017 by Chris Bing

A powerful hacking tool original used by the National Security Agency and subsequently leaked in April by the Shadow Brokers will give defenders problems for years to come as hackers continue to adopt and repurpose the malicious computer code, experts and former U.S. intelligence officials tell CyberScoop. The tool, codenamed EternalBlue, effectively leverages two different coding flaws in older versions of Microsoft Windows to propagate malware on a targeted computer network. In practice, this exploit breaks a network file sharing protocol known as the server message block, or SMB. Although Microsoft promptly released several software updates for affected versions of Windows in March, and then again most recently in May, millions of systems remain unpatched and therefore vulnerable to hackers using EternalBlue. Experts believe that the high-quality exploit will be used in the coming years by both amateurish hackers and sophisticated threat actors to steal information. “EternalBlue will exist and […]

The post The leaked NSA hacking tool that will wreak havoc for years to come appeared first on Cyberscoop.

Continue reading The leaked NSA hacking tool that will wreak havoc for years to come→

U.S. cyber warriors are getting better at fighting ISIS online, says top general

Posted on May 23, 2017 by Chris Bing

The U.S. military has gotten better at countering ISIS’ digital operations over the last six months, according to Lieutenant General Paul Nakasone, commanding general of Army Cyber Command. “I think what we are learning is in terms of being able to counter a message, being able to attack a brand — in this case the brand of ISIS — and then, the other thing is, how do we do this with the speed and accuracy that is able to get at an adversary that six months ago was moving uncontested in cyberspace,” Nakasone said during a Senate Armed Services subcommittee hearing. “I think we’ve learned those things over the last six months. I think we as a department have done much better.” ISIS shares propaganda, communicates with allies and spreads other messaging via the internet. In the past, the group’s successful use of social media has been linked to terrorist […]

The post U.S. cyber warriors are getting better at fighting ISIS online, says top general appeared first on Cyberscoop.

Continue reading U.S. cyber warriors are getting better at fighting ISIS online, says top general→

Target pays out $18.5M to victims of infamous 2013 data breach

Posted on May 23, 2017 by Chris Bing

Target Corp. reached an $18.5 million settlement Tuesday concerning an infamous 2013 data breach that affected upwards of 100 million customers, New York Attorney General Eric Schneiderman announced Tuesday. The deal involved 47 states and is described as the largest multi-state breach agreement in U.S. history. The settlement requires that Target maintain cybersecurity safeguards that were installed after the breach was first disclosed and implement appropriate encryption policies where possible. Over the last several years, Target executives have worked with state authorities to address hundreds of claims related to the 2013 Christmas data breach — which caused the franchise’s then CEO Gregg Steinhafel to resign. A statement by a company spokesperson provided to the Associated Press reads: “we’re pleased to bring this issue to a resolution for everyone involved.” @Target Our settlement requires @Target to implement a comprehensive program to protect consumers’ private data & help protect against future hacks. — Eric Schneiderman […]

The post Target pays out $18.5M to victims of infamous 2013 data breach appeared first on Cyberscoop.

Continue reading Target pays out $18.5M to victims of infamous 2013 data breach→