Chris Bing – Page 30 – WindowsTechs.com

Software flaw that allowed Stuxnet virus to spread was the most exploited in 2016

Posted on April 21, 2017 by Chris Bing

Software updates might strengthen cybersecurity, but they’re hardly the full picture when it comes to digital hygiene. One of the most famous Windows vulnerabilities in history — a coding flaw that was originally discovered in 2010 and had a role in the elaborate Pentagon mission to handicap Iran’s nuclear enrichment program — was the most widely exploited software bug in both 2015 and 2016, according to new research by antivirus provider Kaspersky Lab, even though Microsoft rolled out a patch in August 2010. “The life of an exploit doesn’t end with the release of a security patch designed to fix the vulnerability being exploited,” Kaspersky Lab researchers wrote in a blog post Thursday sourcing proprietary and open-source intelligence reports. “Once made public, a vulnerability can become even more dangerous: grabbed and repurposed by big threat actors within hours.” Kaspersky Lab found that 27 percent of its user base had at one point encountered the “CVE-2010-2568” Microsoft exploit between […]

The post Software flaw that allowed Stuxnet virus to spread was the most exploited in 2016 appeared first on Cyberscoop.

Continue reading Software flaw that allowed Stuxnet virus to spread was the most exploited in 2016→

Oracle databases at risk because of a leaked NSA hacking tool, researcher says

Posted on April 20, 2017 by Chris Bing

The recent leak of NSA hacking tools designed to compromise SWIFT Service Alliance servers comes with a key to pry open thousands of Oracle databases around the globe, new research suggests. While most of the hacking tools revealed April 14 by the group known as the Shadow Brokers target vulnerabilities in outdated versions of Microsoft Windows operating systems, the release also contained an implant and two scripts apparently engineered by the NSA to breach and exfiltrate data from Oracle databases. Those tools were part of an expansive U.S. espionage operation aimed at hacking into Middle Eastern SWIFT service bureaus. SWIFT is an international computer network that acts as a ledger and enables financial institutions to send and receive information about financial transactions. Some banks rely on service bureaus to effectively access SWIFT’s architecture. Service bureaus in the Middle East commonly host and manage transaction data from regional banks on Oracle databases. These Oracle […]

The post Oracle databases at risk because of a leaked NSA hacking tool, researcher says appeared first on Cyberscoop.

Continue reading Oracle databases at risk because of a leaked NSA hacking tool, researcher says→

Leaked NSA hacking tools are a hit on the dark web

Posted on April 20, 2017 by Chris Bing

A shadowy cast of random hackers are now sharing, promoting and working to adopt executable computer code evident in NSA documents that were published last week by the Shadow Brokers, private sector intelligence analysts tell CyberScoop. Underground hacking communities began developing and uploading tutorials on how to utilize some of the tools the same day the NSA documents were originally published, according to researchers at Israel-based dark web intelligence firm SenseCy. Forum members have shown a particular interest in a leaked framework similar to Metasploit that’s unique to the NSA called Fuzzbunch. SenseCy, a firm focused on the dark web staffed by former intelligence officials, identified a series of conversations occurring in a hidden Russian cybercrime forum discussing how members could exploit a bug in Windows Server Message Block, a network file sharing protocol. “Hackers [have] shared the leaked [NSA] information on various platforms, including explanations [for how to use the tools] published by Russian-language […]

The post Leaked NSA hacking tools are a hit on the dark web appeared first on Cyberscoop.

Continue reading Leaked NSA hacking tools are a hit on the dark web→

Investors drop $20M on startup CyberGRX’s platform for auditing supply-chain cyber risks

Posted on April 18, 2017 by Chris Bing

Silicon Valley venture capitalists are betting $20 million on a cybersecurity startup that launched in March and is staffed with former NSA and CIA talent. Denver-based CyberGRX on Tuesday announced it had successfully raised funding to help develop and expand its main product, a software tool that is used to gauge security risks associated with a wide array of different third-party vendors. “As enterprises’ dependence on their partner ecosystems grows, so does their exposure to breaches from these key vendors, partners and customers,” explained CyberGRX CEO Fred Kneip, “the combination of outsourcing, globalization and the digitization of business has created new security and resiliency risks that many businesses are just starting to address [and understand].” Founded by former Blackstone executives, CyberGRX describes its platform — called the “third party global cyber risk exchange” — as a sort of rating agency like Standard & Poor’s or Moody’s. CyberGRX has now raised $29 million total. […]

The post Investors drop $20M on startup CyberGRX’s platform for auditing supply-chain cyber risks appeared first on Cyberscoop.

Continue reading Investors drop $20M on startup CyberGRX’s platform for auditing supply-chain cyber risks→

Shadow Brokers leaks show U.S. spies successfully hacked Russian, Iranian targets

Posted on April 18, 2017 by Chris Bing

The leaked NSA documents and tools published in recent months by the mysterious Shadow Brokers group have provided rare insight into the clandestine digital espionage operations pursued by the spy agency over the past few years, including information on operations aimed at Iran and Russia. Last Friday the rogue group released a new package of NSA files, this time detailing numerous tools designed to break into older versions of Microsoft Windows and a campaign to compromise banking networks in the Middle East. Additional targets were also mentioned one week prior in a separate archive that was largely ignored by most media outlets. Yet the document cache published April 8 provides evidence that the NSA had once launched a series of successful computer-based intrusions against multiple high-profile foreign targets, including the Office of the President of Iran and the Russian Federal Nuclear Center, said two former intelligence officials who spoke to CyberScoop on the condition of […]

The post Shadow Brokers leaks show U.S. spies successfully hacked Russian, Iranian targets appeared first on Cyberscoop.

Continue reading Shadow Brokers leaks show U.S. spies successfully hacked Russian, Iranian targets→

University of Maryland, Baltimore County wins national cybersecurity championships

Posted on April 17, 2017 by Chris Bing

The University of Maryland, Baltimore County won the 2017 National Collegiate Cyber Defense Competition over the weekend, beating out nine other teams in the final round from universities based across the country, including the renown Rochester Institute of Technology. Students competed against one another last week in San Antonio, Texas, in a constructed digital battlefield where each team was scored on their ability to defend a network infrastructure that was designed to mirror systems currently used in the commercial sector. Competitors were tasked with guarding the model network, which included point-of-sale and inventory technologies, while ensuring that it remained useable and reliable for end users. An in-house red team of ethical hackers employed by the event’s sponsors played the part of attacker, launching a range of different cyberattacks at the students. Over the last several years, a series of separate challenges have also been added to the competition to specifically […]

The post University of Maryland, Baltimore County wins national cybersecurity championships appeared first on Cyberscoop.

Continue reading University of Maryland, Baltimore County wins national cybersecurity championships→

Shadow Brokers leak NSA documents that may reveal operation aimed at Middle Eastern banks

Posted on April 14, 2017 by Chris Bing

The Shadow Brokers published a cache Friday of supposed NSA documents, 23 executable hacking tools targeting Windows and perhaps most notably, evidence showing the secretive agency compromised offices connected to a global banking transaction system in order to spy on Middle Eastern banks. The cache holds authentic NSA documents and contains legitimate information, according to former intelligence officials who spoke on condition of anonymity. “TheShadowBrokers showing you cards theshadowbrokers wanting you to be seeing. Sometime peoples not being target audience. Follow the links for new dumps. Windows. Swift. Oddjob. Oh you thought that was it? Some of you peoples is needing reading comprehension,” a message written by the group reads. After publishing and promoting leaked documents for several months, Friday’s release by the mysterious group is the first to contain NSA Powerpoint presentation slides — prior to today, only files released by NSA whistleblower Edward Snowden offered such material. Security researchers […]

The post Shadow Brokers leak NSA documents that may reveal operation aimed at Middle Eastern banks appeared first on Cyberscoop.

Continue reading Shadow Brokers leak NSA documents that may reveal operation aimed at Middle Eastern banks→

‘Amateurish’ espionage campaign launched with leaked Hacking Team tools

Posted on April 13, 2017 by Chris Bing

A mysterious group appears to be relying on hacking tools that were originally stolen from Italian surveillance company Hacking Team — and leaked online two years ago — to spy on European government officials, think tanks and journalists, according to new research published Thursday by cybersecurity firm F-Secure. Dubbed the “Callisto Group,” the hackers were first discovered by F-Secure after they sent a wave of phishing emails to a wide array of different targets that were all similarly involved in either discussing or reporting on government policies related to foreign affairs and national security. The BBC reported Thursday that one of those targets was the UK’s Foreign and Commonwealth Office. Several F-Secure contacts received the suspicious phishing emails and sent samples to the Finnish company. The final payload for the malware-laden attachments contained, according to F-Secure, an outdated variant of the Hacking Team’s “Scout” tool, which is typically sold as part […]

The post ‘Amateurish’ espionage campaign launched with leaked Hacking Team tools appeared first on Cyberscoop.

Continue reading ‘Amateurish’ espionage campaign launched with leaked Hacking Team tools→

How the FBI relies on dark web intel firms as frontline investigators

Posted on April 13, 2017 by Chris Bing

A cadre of former intelligence officers is lurking on the dark recesses of the internet on behalf of government and a shortlist of wealthy clients. U.S. law enforcement officials regularly rely on a complex network of relationships they’ve formed with a select group of private intelligence firms to monitor the vast, opaque expanses of the dark web, former FBI officials, company executives and defense contractors tell CyberScoop. Insiders say the relationships are especially distinct because the companies operate in a hazardous legal environment where they must constantly balance operational risks and client interests while maintaining law enforcement’s trust. “Generally, private sector companies want to help law enforcement catch bad guys, but they don’t want to be dragged into diverting time and other resources to assist in the prosecution process,” said Levi Gundert, vice president of intelligence and strategy for threat-intel firm Recorded Future. “The business needs to focus on serving customers, not […]

The post How the FBI relies on dark web intel firms as frontline investigators appeared first on Cyberscoop.

Continue reading How the FBI relies on dark web intel firms as frontline investigators→

Inside the NSA’s CDX, a high-tech competition pitting cadets against elite attackers

Posted on April 13, 2017 by Chris Bing

Professional hackers from the NSA, U.S. Cyber Command and foreign militaries are launching a barrage of simulated cyberattacks this week as part of a training exercise to help teach students at the service academies for the Navy, Army, Coast Guard, U.S. Merchant Marine and Canadian Royal Military how to better defend sensitive computer networks. The annual NSA-led event, named the Cybersecurity Defense Exercise, or CDX, brings together rising talent with seasoned cyber-warriors in a simulated war games environment, where the undergraduates must monitor, identify and ultimately defend against a wide array of remote computer intrusions. The intrusions themselves are engineered with open-source, commercially available exploits and other hacking tools. “We don’t use anything homegrown,” said CDX Technical Lead James Titcomb, a full-time NSA employee in the spy agency’s information assurance directorate. “We don’t hit them with anything on the level of a nation-state,” Titcomb said. “The idea is that they should […]

The post Inside the NSA’s CDX, a high-tech competition pitting cadets against elite attackers appeared first on Cyberscoop.

Continue reading Inside the NSA’s CDX, a high-tech competition pitting cadets against elite attackers→