Author Archives: cyber_admin

ADVANCED PERSISTENT ADWARE: ANALYSIS OF NATION-STATE LEVEL TACTICS

Posted on by

Abstract The Booz Allen Dark Labs’ Advanced Threat Hunt team discovered a unique form of adware lurking on networks that evades all traditional forms of cyber defense. The adware is a previously known threat that is commonly used to inject advertisements into a user’s browser and covertly collect information about the user’s browsing activity. This adware employs advanced techniques commonly seen in Nation-State-level APTs to evade detection, maintain persistence, and connect to Command and Control (C2) servers to initiate a stage 2 attack. Dark Labs Advance Hunt team identifies adware with Nation State APT behavior – evasion, persistence and C2 connection points The Booz Allen Dark Labs’ Advanced Threat Hunt team recently discovered a unique form of adware lurking on networks that evades all traditional forms of cyber defenses. The adware is a previously known threat that is commonly used to inject advertisements into a user’s browser and covertly collect information about […]

The post ADVANCED PERSISTENT ADWARE: ANALYSIS OF NATION-STATE LEVEL TACTICS appeared first on Cyberscoop.

Continue reading ADVANCED PERSISTENT ADWARE: ANALYSIS OF NATION-STATE LEVEL TACTICS

Cybersecurity policymaking is out of focus. Bureaucracy hackers can help.

Posted on by

The cybersecurity industry is in desperate need of more “bureaucracy hackers” — individuals within federal and state governments who are authorities on the intricacies of policy creation and the nature of today’s rapidly-evolving technology and threat landscapes. To understand why, look no further than Georgia State Bill 315: Introduced in the Georgia state senate earlier this month, the bill has the entire cybersecurity community shaking its head in disbelief. In short, the bill is modeled after the highly-controversial Computer Fraud and Abuse Act, which makes accessing a network or computer without authorization illegal – even if there is no theft or damage. While many parts of the U.S. government are advancing cybersecurity by adopting industry’s best practices, such as allowing security researchers to identify and disclose vulnerabilities that make us all safer, Georgia is closing the door to these folks. Sen. Mark Warner’s IOT Improvement Act is another clear example: Drafted […]

The post Cybersecurity policymaking is out of focus. Bureaucracy hackers can help. appeared first on Cyberscoop.

Continue reading Cybersecurity policymaking is out of focus. Bureaucracy hackers can help.

FireEye acquires X15 software to boost big data capabilities

Posted on by

U.S. cybersecurity firm FireEye has acquired Sunnyvale, California, software company X15 in order to integrate big data capabilities into its security products. The software will allow organizations using FireEye products to better adapt to threats as they continue to manage security in cloud, on-premise and hybrid network enterprises, the company said. “Organizations today are overwhelmed by alerts, the number of tools required to manage their security operations, and the challenge of unifying access to the large volumes of data that matter,” said John Laliberte, senior vice president of engineering at FireEye, in a release. “The X15 Software team built an incredibly versatile, enterprise-grade big data platform that enables distributed, real-time access and ingestion of data at scale within a unified data model and modular query language. X15 Software technology will accelerate our strategy of delivering an innovative, next-gen security platform.” Under the terms of the acquisition agreement, FireEye will pay approximately $15 million in equity and $5 million in cash. […]

The post FireEye acquires X15 software to boost big data capabilities appeared first on Cyberscoop.

Continue reading FireEye acquires X15 software to boost big data capabilities

Experts: Time is running short to meet GDPR requirements

Posted on by

U.S. companies have a lot of work do before May 2018, according to Justin Antonipillai, Founder and CEO of WireWheel and former Acting Undersecretary of the Department of Commerce, at the Wall Street Journal’s Cybersecurity Executive Forum in New York. In May, the General Data Protection Regulation (GDPR) will go into effect in Europe, mandating much stricter controls on how data can be collected, analyzed and used. The GDPR has been heralded as a monumental shift towards protecting and valuing customer data privacy, and Europe considers it a huge win for strengthening citizen’s rights. The privacy conversation is one that had been rapidly ascending into boardrooms and security operations centers, Antonipillai said. “Privacy is no longer a vitamin, or something you’ll see at the low end of a priority chain. It’s becoming an issue of trade and market, and a critical part of security portfolios.” Ajay Arora, CEO and co-founder […]

The post Experts: Time is running short to meet GDPR requirements appeared first on Cyberscoop.

Continue reading Experts: Time is running short to meet GDPR requirements

How Verizon delicately handled the Yahoo breach

Posted on by

While the tech world was left spinning in late 2016 when it was discovered that Yahoo suffered a massive breach, Verizon stayed calm. In the 72 hours immediately following the disclosure, the telecommunications giant which was moving to acquire Yahoo, reportedly made no snap judgments or assumptions, said Craig Silliman, Verizon’s EVP of Public Policy and General Counsel. After aligning their strategic interests with Yahoo, Silliman said that his first question was to ask about “the effect on the reason [Verizon] was buying this asset in the first place.” “We bought Yahoo for user and user engagement,” he said at the Wall Street Journal’s Cybersecurity Executive Forum in New York Wednesday. “So when you have a breach on the user, how that company reacts is important.” Silliman said he spent countless hours talking to C-suite level executives from both Verizon and Yahoo in the wake of the breach. During and […]

The post How Verizon delicately handled the Yahoo breach appeared first on Cyberscoop.

Continue reading How Verizon delicately handled the Yahoo breach

‘Grey’s Anatomy’ attempts to bring ransomware attacks to a public audience

Posted on by

In the winter finale of the popular television show “Grey’s Anatomy,” there was an unexpected guest star: ransomware. After years of dealing with natural disasters, surgical regulations, human error, lawsuits and medical accidents, the staff at Grey Sloan Memorial Hospital was forced to confront one of today’s most prominent and worrying threats to the health care industry. In the episode, the hospital’s electronic equipment fizzled out, causing life-saving patient information and diagnostic tools to stop working while the hospital’s staff was dealing with a slew of patients. Doctors received a message on their monitors — “We own your servers. We own your systems. We own your patients’ medical records.” — demanding 4,932 bitcoin (worth $20 million when the episode taped, around $40 million as of this article’s publish date) if they wished to have their systems restored to normal. While computers sputtering and loudly shutting off isn’t necessarily a true depiction of […]

The post ‘Grey’s Anatomy’ attempts to bring ransomware attacks to a public audience appeared first on Cyberscoop.

Continue reading ‘Grey’s Anatomy’ attempts to bring ransomware attacks to a public audience

Private sector task force wants more ‘leverage’ for cybersecurity defenses

Posted on by

The key to making cyberspace safe is giving defense-oriented security professionals “leverage over attackers at the lowest cost and the greatest scale”, according to a new report released Thursday by the New York Cyber Task Force (NYCTF). Comprised of principals from major firms – Goldman Sachs, JP Morgan, PwC, McKinsey, and more – the NYCTF came together one year ago to identify “frictionless areas” for private sector cybersecurity improvements, explained Merit Janow, Dean of Columbia University’s School of International and Public Affairs (SIPA) and a Co-Chair of the NYCTF. “It was important for us to have New York in the title,” said Jason Healey, Senior Research Scholar at Columbia University’s School of International and Public Affairs and executive director of the report. “When talking about cybersecurity, Washington D.C. can get caught up in pessimistic views, and Silicon Valley can get caught up in techno enthusiasm. New York had a unique voice […]

The post Private sector task force wants more ‘leverage’ for cybersecurity defenses appeared first on Cyberscoop.

Continue reading Private sector task force wants more ‘leverage’ for cybersecurity defenses

The FTC is officially investigating the Equifax breach

Posted on by

The Federal Trade Commission (FTC) announced on Thursday it has launched an investigation into Equifax’s massive data breach, where hackers gained access to the personal information of approximately 143 million U.S. consumers. In an email statement Thursday, FTC spokesman Peter Kaplan said “The FTC typically does not comment on ongoing investigations. However, in light of the intense public interest and the potential impact of this matter, I can confirm that FTC staff is investigating the Equifax data breach.” It’s highly unusual for the FTC to publicly comment on the existence or status of an ongoing investigation. CyberScoop first reported Wednesday that government investigators believed an Apache Struts vulnerability was the entry way for hackers looking to breach Equifax’s servers. The company confirmed that an outdated version of the web application was in fact responsible in a statement published late Wednesday night. This specific vulnerability was originally disclosed in March but had remained […]

The post The FTC is officially investigating the Equifax breach appeared first on Cyberscoop.

Continue reading The FTC is officially investigating the Equifax breach

Why Twitter’s bot problem is a looming security challenge

Posted on by

The persons or groups behind Twitter’s thousands of bot accounts have realized they can attack people without triggering Twitter’s protective security policies, presenting a rapidly evolving information security challenge for the social media network. Late last month, bot researchers at ProPublica and the Atlantic Council were attacked by a campaign of Twitter bots, which spammed the victim accounts with thousands of retweets and likes, causing Twitter to temporarily suspend certain accounts for unusually high activity. Ben Nimmo, Information Defense Fellow at the Atlantic Council’s Digital Forensic Research Lab, was personally targeted by the bot campaign and live-tweeted his analysis of the attacks, which included impersonations of Atlantic Council user accounts that tweeted fake content, like a message alleging that Nimmo had died. “They certainly wanted to intimidate me by faking those accounts. That was about scaring me, rather than me getting blocked,” Nimmo told Cyberscoop. Nimmo noted that he was easily […]

The post Why Twitter’s bot problem is a looming security challenge appeared first on Cyberscoop.

Continue reading Why Twitter’s bot problem is a looming security challenge

Former NSA official: A joint U.S.-Russia cyber unit isn’t (totally) absurd

Posted on by

A former deputy director at the National Security Agency said that the idea of a joint U.S.-Russian cyber security unit is not as ridiculous as it sounds, as long as the U.S. side isn’t gullible enough to believe everything the Russians say. “I don’t think it’s absurd, but if you expect the Russians are going to deal with that transparently, and then we’ll get answers that you can take at face value, I think that’s naive,” former NSA Deputy Director Chris Inglis said in an interview. Inglis, who left the NSA in 2014, said it might be worth entertaining the idea of a joint unit just “to see how far they’re willing to go.” “What are you willing to put on the table, Russia? If you don’t ask, you’re not going to get,” Inglis said. “But we should hedge our bets. We should have very low expectations about what you […]

The post Former NSA official: A joint U.S.-Russia cyber unit isn’t (totally) absurd appeared first on Cyberscoop.

Continue reading Former NSA official: A joint U.S.-Russia cyber unit isn’t (totally) absurd