Mark Satter – WindowsTechs.com

DoD unveils ‘Hack the Marine Corps’ bounty program

Posted on August 13, 2018 by Mark Satter

A new bug bounty program intended to find vulnerabilities in the Marine Corps’ public-facing websites was unveiled in Las Vegas Monday. The Hack the Marine Corps program, which was jointly created by the Department of Defense (DoD) and vulnerability disclosure platform company HackerOne, was announced on August 12 with a live hacking event. Hackers discovered 75 unique vulnerabilities during the event and were awarded over $80,000. During the event, nearly 100 “hand-selected” hackers worked for 9 hours to expose vulnerabilities in the Marine Corps’ websites and public services. The hackers were split into offensive and defensive teams, and worked alongside Marines from the U.S. Marine Corps Cyberspace Command (MARFORCYBER). The bug bounty program will run until August 26. “Success in cybersecurity is about harnessing human ingenuity,” said HackerOne CEO Marten Mickos. “There is no tool, scanner, or software that detects critical security vulnerabilities faster or more completely than hackers. The Marine […]

The post DoD unveils ‘Hack the Marine Corps’ bounty program appeared first on Cyberscoop.

Continue reading DoD unveils ‘Hack the Marine Corps’ bounty program→

Malware campaign that targeted Tibet’s diaspora linked to wider operation

Posted on August 8, 2018 by Mark Satter

A malware campaign earlier this year against members of Tibet’s diaspora was part of a wider operation that also targeted governments and industries in the Asia-Pacific region, according to a new report released Wednesday by Citizen Lab. The malware campaign, active from January into March, targeted Tibetan activists and journalists, members of the Tibetan Parliament in exile and the India-based Central Tibetan Administration, according to Citizen Lab. Relying heavily on low-cost spearphishing techniques, the anonymous attackers disguised malicious PowerPoint and Microsoft Rich Text Format documents as links from human rights NGOs. According to the report, the Tibetan malware targets, wary of unsolicited emails, forwarded the messages to Citizen Lab, a University of Toronto-based interdisciplinary laboratory that specializes in human rights and security. The attacks are similar to a 2016 malware campaign nicknamed the “Parliamentary Campaign” by Citizen Lab. It also targeted parliamentarians. The number of Tibetans in exile is estimated at more than […]

The post Malware campaign that targeted Tibet’s diaspora linked to wider operation appeared first on Cyberscoop.

Continue reading Malware campaign that targeted Tibet’s diaspora linked to wider operation→

User data and private messages exposed in Reddit breach

Posted on August 1, 2018 by Mark Satter

Reddit, one of the world’s most popular websites and the self-proclaimed “front page of the internet,” was hacked in June, exposing some user data, internal logs, source code and other files, according to a post published to the platform Wednesday. Chief Technology Officer Christopher Slowe wrote on Reddit’s front page that an attacker compromised the accounts of several employees between June 14 and June 18 using an SMS intercept. The technique involves intercepting the two-factor authentication code that a website or app texts to a user when that person is logging on. “Already having our primary access points for code and infrastructure behind strong authentication requiring two factor authentication (2FA), we learned that SMS-based authentication is not nearly as secure as we would hope,” read the post from Slowe, who goes by the username u/KeyserSosa. “We point this out to encourage everyone here to move to token-based 2FA.” With SMS codes and passwords […]

The post User data and private messages exposed in Reddit breach appeared first on Cyberscoop.

Continue reading User data and private messages exposed in Reddit breach→

Phishing attack exposes data of more than a million patients across Midwest

Posted on July 31, 2018 by Mark Satter

Nearly 1.4 million people across the U.S. Midwest may have had their personal information exposed in a data breach at one of the region’s largest health care networks. UnityPoint Health, a network of hospitals, clinics, and home care services in Iowa, Illinois, and Wisconsin, said this week that multiple internal email accounts were compromised between March 14 and April 3, following a series of phishing attacks. The phishing emails were disguised to appear to have originated from a “trusted executive” within UnityPoint Health. The stolen data included patient names, addresses, dates of birth, extensive medical records including surgical information and lab results, insurance information and, in some cases, Social Security, bank account, and driver’s license numbers. According to UnityPoint Health’s press release, the attack was likely financially motivated, rather than focused on obtaining patient information, as the hackers tried to use the company’s email system to divert payroll or vendor payments. Stolen personal […]

The post Phishing attack exposes data of more than a million patients across Midwest appeared first on Cyberscoop.

Continue reading Phishing attack exposes data of more than a million patients across Midwest→

VirusTotal launches Monitor tool to fight false positives

Posted on June 19, 2018 by Mark Satter

Popular malware aggregation repository VirusTotal has launched its Monitor tool, intended to mitigate the process by which legitimate files as labeled as malicious. Created in 2004, and now owned by Chronicle, a subsidiary of Alphabet Inc., VirusTotal works by aggregating over 70 antivirus scanners that can detect and flag malicious files that users upload. But the scanners are not always accurate, and some software developers have had their creations mistakenly flagged as malware, creating what is known as a false positive. According to VirusTotal, false positives can lead to reputation damage for the antivirus vendor, a loss of access and trust for end users, and a drop in revenue for software publishers. VirusTotal’s Monitor tool was created to combat these issues. It works by allowing developers to upload their software to a private cloud, the contents of which are scrutinized by VirusTotal’s dozens of scanners. If a file is flagged as […]

The post VirusTotal launches Monitor tool to fight false positives appeared first on Cyberscoop.

Continue reading VirusTotal launches Monitor tool to fight false positives→

Apple reports spike in U.S. national security requests amid promises of more transparency

Posted on May 29, 2018 by Mark Satter

The number of U.S. national security-related data requests by the government to Apple Inc. more than doubled last year, according to a biannual transparency report released by the consumer tech giant Friday. Apple received 16,249 national security requests across 8,249 accounts between July 1 – December 31, 2017, almost three times higher than the amount of requests received during the same period in 2016, when the company saw just 5,999 such requests, according to Reuters. “The national security requests demand that Apple provide information in response to U.S. National Security legal authorities…Though we would like to be more specific, by law this is the most precise information we are currently allowed to disclose,” Apple’s privacy policy reads. Other major tech firms also saw jumps in national security requests between the end of 2016 and the first half of 2017, Reuters reports. Facebook saw such requests nearly double, and Google reported […]

The post Apple reports spike in U.S. national security requests amid promises of more transparency appeared first on Cyberscoop.

Continue reading Apple reports spike in U.S. national security requests amid promises of more transparency→

A software vulnerability could have been used to siphon over $15 million from Mexican banks

Posted on May 15, 2018 by Mark Satter

Over $15 million was stolen from Mexican banks this month by thieves who created fake money orders and phony accounts to withdraw funds from dozens of branches, according to media reports. The criminals sent hundreds of fake money orders to move hundreds of thousands of pesos between at least five of Mexico’s biggest banks, whereafter accomplices quickly withdrew cash, Reuters reports. A vulnerability in software that was used to connect payment systems between the banks is thought to have been exploited by the thieves, allowing them to create the fake orders, Lorenza Martinez, head of operations for Mexico’s central bank told Reuters. Though initial estimates said that 300 million pesos ($15.2 million) had been stolen, other estimates have the amount closer to 400 million pesos ($20.3 million). “There’s no evidence that would allow us to say with certainty that this is over,” said Mexico’s central bank Governor Alejandro Diaz de […]

The post A software vulnerability could have been used to siphon over $15 million from Mexican banks appeared first on Cyberscoop.

Continue reading A software vulnerability could have been used to siphon over $15 million from Mexican banks→

Dutch ditch Kaspersky on fears of Russian government influence

Posted on May 15, 2018 by Mark Satter

The Dutch government announced Monday that it will end use of Kaspersky Lab’s anti-virus software, citing the Moscow-based cybersecurity firm’s alleged ties to the Russian government. The Russian government has an “offensive cyber program that targets among others the Netherlands and Dutch interests,” wrote Justice Minister Ferdinand Grapperhaus in a letter to parliament that outlined the decision. Grapperhaus explained that because Kaspersky Lab is headquartered in Moscow, it is subject to Russian laws and the could be forced to comply with state interests. Cybersecurity experts and U.S. intelligence officials have previously said the same, fearing that Russian intelligence could use the company’s anti-virus program as a platform for targeted espionage. All U.S. federal agencies were ordered by the Department of Homeland Security to stop using Kaspersky products in December 2017. That same month, the United Kingdom’s National Cyber Security Centre warned government agencies to avoid Russian anti-virus software. In April, […]

The post Dutch ditch Kaspersky on fears of Russian government influence appeared first on Cyberscoop.

Continue reading Dutch ditch Kaspersky on fears of Russian government influence→

European Central Bank proposes framework to strengthen financial system’s defenses

Posted on May 7, 2018 by Mark Satter

The European Central Bank (ECB) has published a framework for testing the preparedness of Europe’s financial systems for cyber attacks. The European Framework for Threat Intelligence-based Ethical Red Teaming (TIBER-EU), released on May 2, is the first Europe-wide plan for strengthening the cyber defenses of the European Union’s banks, stock exchanges and other financial institutions. In practice, TIBER-EU-based tests would employ teams of external hackers to find and exploit weaknesses in the cyber defenses of the organizations being tests. This method, known as penetration testing, is widely used in the private sector. Determining if and when a TIBER-EU-based test will be performed is up to the “relevant authorities,” the ECB said in a press release. “Tests will be tailor-made and will not result in a pass or fail – rather they will provide the tested entity with insight into its strengths and weaknesses, and enable it to learn and evolve […]

The post European Central Bank proposes framework to strengthen financial system’s defenses appeared first on Cyberscoop.

Continue reading European Central Bank proposes framework to strengthen financial system’s defenses→

Over 10,000 companies downloading software vulnerable to Equifax hack

Posted on May 7, 2018 by Mark Satter

Even after the massive data breach allowed hackers to steal the personal information of 148 million Equifax customers, thousands of companies are still using the software that made the breach possible. According to Fortune, Maryland-based cybersecurity firm Sonatype identified as many as 10,801 organizations that have downloaded an old version of Apache Struts — the same free, open-source software that hackers exploited to swipe the names, social security numbers, birthdays, addresses, and other identifiers from Equifax’s databases. Of the organizations that downloaded the vulnerable version of the software, seven of the businesses were Fortune Global 100 tech companies, eight were Fortune Global 100 automakers, and 15 were Fortune Global 100 financial services or insurance firms, according to Fortune. The Apache Software Foundation has released seven patched versions of the software since March 2017. Apache Struts is used as an app building tool, and usually as a framework for online payment systems. […]

The post Over 10,000 companies downloading software vulnerable to Equifax hack appeared first on Cyberscoop.

Continue reading Over 10,000 companies downloading software vulnerable to Equifax hack→