Sean Lyngaas – Page 11 – WindowsTechs.com

Online testing firm agrees to security audit after inquiry from senator

Posted on April 9, 2021 by Sean Lyngaas

A company whose software has been widely used to administer law school entrance exams during the coronavirus pandemic has agreed to an independent audit of the software after a U.S. senator raised cybersecurity concerns about the product. Alabama-based ProctorU’s web-browser extension software has allowed people across the U.S. to take the LSAT exam from home during the pandemic. But Sen. Ron Wyden, D-Ore., worried that that same accessibility, if left unsecured, could give cybercriminals a foothold onto test-takers’ devices. And so, after inquiries from Wyden, ProctorU has hired outside security experts to review its software and the tool it uses for remote troubleshooting, according to the Law School Admissions Council (LSAC), which administers the LSAT. More than 145,000 LSAT exams were administered online from May 2020 to February 2021, and ProctorU appears to be the main contractor for doing so. It’s another case of privacy and security risks emerging in […]

The post Online testing firm agrees to security audit after inquiry from senator appeared first on CyberScoop.

Continue reading Online testing firm agrees to security audit after inquiry from senator→

Ransomware disrupted production at two manufacturing sites in Italy, investigators say

Posted on April 7, 2021 by Sean Lyngaas

A ransomware incident earlier this year temporarily shut down production for two days at a pair of manufacturing facilities in Italy, incident responders at security firm Kaspersky said Wednesday. Kaspersky did not publicly identify the victim organization. But Vyacheslav Kopeytsev, a researcher with the firm’s ICS-CERT unit, said in an email that the victim was a multinational firm headquartered in Germany that has factories in Italy. “The servers with the databases required for production were encrypted,” he added. The hackers disguised a nascent strain of ransomware called Cring as the victim organization’s anti-virus product before encrypting the computer servers that would cause the organization the greatest damage, Kopeytsev and his colleagues said in a report. The attackers catered their hacking tools to the victim’s infrastructure, the researchers said. It is only the latest example of how ransomware incidents are increasingly affecting the operations of industrial suppliers. Of 500 manufacturing sector […]

The post Ransomware disrupted production at two manufacturing sites in Italy, investigators say appeared first on CyberScoop.

Continue reading Ransomware disrupted production at two manufacturing sites in Italy, investigators say→

EU investigating ‘IT security incident’ involving multiple agencies

Posted on April 6, 2021 by Sean Lyngaas

Cybersecurity experts at the European Union are investigating an “IT security incident” involving multiple institutions, though “no major information breach” has been detected, EU officials said Tuesday. The scope and nature of the incident were not immediately clear, but a spokesperson for the European Commission, the EU’s executive branch, said the commission had set up a “24/7 monitoring service” in response to the incident. “The European Commission and other EU institutions, bodies or agencies have experienced an IT security incident in their IT infrastructure,” the commission spokesperson said in an email. A spokesperson for the European Parliament said the parliament and other EU bodies had “received an alert on [a] possible vulnerability in its IT infrastructure.” The parliament “took immediate measures to check and protect its servers against this vulnerability,” the spokesperson said. As a 27-country bloc that affects trade and foreign policy on the continent, EU institutions are natural […]

The post EU investigating ‘IT security incident’ involving multiple agencies appeared first on CyberScoop.

Continue reading EU investigating ‘IT security incident’ involving multiple agencies→

Crooks are getting smarter about exploiting SAP software, study finds

Posted on April 6, 2021 by Sean Lyngaas

Security researchers on Tuesday warned of the unrelenting interest that cybercriminals have in exploiting applications made by software giant SAP to defraud or disrupt big businesses that rely on SAP products. A months-long study by Boston-based security firm Onapsis found that malicious hackers are growing more knowledgeable of SAP software and the potential impact that compromises could have on customers. In one case, an unidentified attacker managed to chain together multiple software exploits to target an SAP “credential store,” which stores login details for an organization’s high-value SAP users. Access to the credential store could give a hacker the ability to exploit other applications that interact with those credentials. SAP has 400,000 customers worldwide, including more than half of NATO members. A big swath of the world’ largest public companies use the software to manage their business processes. A critical bug in SAP software could be a ticket for a […]

The post Crooks are getting smarter about exploiting SAP software, study finds appeared first on CyberScoop.

Continue reading Crooks are getting smarter about exploiting SAP software, study finds→

Suspected Chinese spies cover tracks in efforts to breach Vietnamese government

Posted on April 5, 2021 by Sean Lyngaas

A previously undocumented group of Chinese-speaking spies conducted a months-long campaign to infect the computers of government agencies in Vietnam and other Asian countries, researchers from the antivirus firm Kaspersky said Monday. The findings point to how alleged Chinese hacking groups overlap — and may collaborate — in their longstanding efforts to infiltrate the Southeast Asian governments with which China quarrels over territory. For example, the hackers’ techniques bear some similarities to that of a Chinese-speaking group called Cycldek that has been around eight years. But they’re also notably more advanced than Cycldek, leaving the Kaspersky researchers struggling to trace the specific origins of the group. The attackers executed code capable of taking full control of target computers, but they also stripped the code of digital clues that would make them easier to track. “One hypothesis we have is that one or several former Cycldek operators could have joined another […]

The post Suspected Chinese spies cover tracks in efforts to breach Vietnamese government appeared first on CyberScoop.

Continue reading Suspected Chinese spies cover tracks in efforts to breach Vietnamese government→

As ransomware stalks the manufacturing sector, victims are still keeping quiet

Posted on April 2, 2021 by Sean Lyngaas

Halvor Molland was asleep on a brisk night in Oslo, Norway’s capital, two years ago when his phone rang around 3 a.m. The computer servers of Norsk Hydro, the global aluminum producer where Molland is senior vice president for communications, had seized up as a crippling ransomware infection spread through the company’s networks. “The feeling is: You really don’t believe it,” Molland recalled in a recent interview. “There was a decision then to shut down the network altogether, because at some point there was nothing left to isolate.” The ransomware attack would cost Norsk Hydro, which employs 35,000 people and has roughly 200 factories around the world, between $90 million and $110 million as production in some factories halted for weeks. Yet Molland and his team did something unusual for a large industrial organization disrupted by hackers: They told the public what happened in vivid detail, releasing video interviews in […]

The post As ransomware stalks the manufacturing sector, victims are still keeping quiet appeared first on CyberScoop.

Continue reading As ransomware stalks the manufacturing sector, victims are still keeping quiet→

Advanced hackers use Fortinet flaws in likely attempt to breach government networks, feds warn

Posted on April 2, 2021 by Sean Lyngaas

Advanced hackers are exploiting old flaws in popular enterprise software made by Fortinet in a possible attempt to access networks in multiple critical infrastructure sectors, the FBI and Department of Homeland Security warned on Friday. “Advanced persistent threat” actors — a term that usually refers to state-linked groups — are likely using the software flaws to breach “multiple government, commercial, and technology services networks,” states the advisory from the FBI and DHS’s Cybersecurity and Infrastructure Security Agency. The agencies said that the attackers, whom they did not identify, could be using the bugs in Fortinet software to access “key networks as pre-positioning for follow-on data exfiltration or data encryption attacks.” The three vulnerabilities are in FortiOS, security software that government agencies and big corporations use to manage their networks. Hackers could exploit the bugs to intercept sensitive data on networks. Fortinet disclosed the vulnerabilities in 2018, 2019 and 2020 and […]

The post Advanced hackers use Fortinet flaws in likely attempt to breach government networks, feds warn appeared first on CyberScoop.

Continue reading Advanced hackers use Fortinet flaws in likely attempt to breach government networks, feds warn→

Kansas man indicted in connection with 2019 hack at water utility

Posted on April 1, 2021 by Sean Lyngaas

A U.S. grand jury has indicted a 22-year-old man for allegedly hacking the computer system of a rural water utility in Kansas and shutting down processes that affect procedures for cleaning and disinfecting water. Federal prosecutors allege in an indictment unsealed Wednesday that Wyatt Travnichek logged into Ellsworth County Rural Water District’s computer system in 2019 as part of an “unauthorized remote intrusion” that resulted “in the shut-down of the facility’s processes.” Travnichek is accused of tampering with a water system, and causing “reckless damage to a protected computer.” The charges carry maximum prison sentences of 20 years and five years, respectively. Angela Naegele, a customer service specialist at the water utility who answered the phone Thursday, said the 2019 incident had no impact on customers’ drinking water. The utility continuously monitors its water quality and safety, Naegele added. The facility serves Ellsworth County, a county of about 6,100 people […]

The post Kansas man indicted in connection with 2019 hack at water utility appeared first on CyberScoop.

Continue reading Kansas man indicted in connection with 2019 hack at water utility→

Mayorkas pledges to modernize US cyber-defenses after their failure to detect alleged Russian spies

Posted on March 31, 2021 by Sean Lyngaas

A suspected Russian hacking campaign exposed glaring shortcomings in the U.S. government’s approach to cybersecurity, Homeland Security Secretary Alejandro Mayorkas said Wednesday while promising to harness federal resources to improve public and private-sector defenses. Mayorkas pledged to improve nearly every major facet of DHS’s cybersecurity work, from helping federal agencies recover from hacks to thwarting them in the first place. Part of that will come through an executive order President Joe Biden is expected to release soon to tighten security requirements for federal agencies and the software vendors that supply them. “Our government got hacked last year and we didn’t know about it for months,” Mayorkas said at an event hosted by security firm RSA. “This incident is one of many that underscores the need for the federal government to modernize cybersecurity defenses and deepen our partnerships,” Mayorkas said, referring to the alleged Russian spying operation exploiting contractor SolarWinds and […]

The post Mayorkas pledges to modernize US cyber-defenses after their failure to detect alleged Russian spies appeared first on CyberScoop.

Continue reading Mayorkas pledges to modernize US cyber-defenses after their failure to detect alleged Russian spies→

US to publish details on suspected Russian hacking tools used in SolarWinds espionage

Posted on March 31, 2021 by Sean Lyngaas

U.S. military and security officials are preparing to publish one of their most detailed analyses yet of the hacking tools used by suspected Russian spies in a campaign that the Biden administration has labeled a national security threat. The “malware analysis report” from U.S. Cyber Command and the Department of Homeland Security, which CyberScoop obtained, spotlights 18 pieces of malicious code allegedly used by Russian hackers, who exploited software made by the federal contractor SolarWinds and other vendors on their way to infiltrating nine U.S. government agencies and 100 companies. The report, slated for public release Wednesday afternoon, sheds light on a historic espionage campaign that U.S. officials have, at times, been cautious to publicly detail. It’s an analysis from U.S. government cybersecurity specialists of how the alleged Russian operatives moved from network to network, and builds on private sector reporting. Cyber Command and DHS’s Cybersecurity and Infrastructure Security Agency […]

The post US to publish details on suspected Russian hacking tools used in SolarWinds espionage appeared first on CyberScoop.

Continue reading US to publish details on suspected Russian hacking tools used in SolarWinds espionage→