Sean Lyngaas – Page 23 – WindowsTechs.com

Trump fires CISA chief Chris Krebs, who guarded the 2020 election from interference and domestic misinformation

Posted on November 18, 2020 by Sean Lyngaas

President Donald Trump on Tuesday said he has fired Chris Krebs, a widely respected Department of Homeland Security official who helped protect the 2020 election from hacking and disinformation, the latest in a series of purges of officials deemed insufficiently loyal to the president. As head of DHS’s Cybersecurity and Infrastructure Security Agency, Krebs has repeatedly debunked baseless claims from Trump and his allies of widespread electoral fraud while generally avoiding mentioning the president by name. CISA’s “rumor control” public website, which refuted conspiracy theories about stolen votes or dead people voting, reportedly angered the White House. Trump tweeted Tuesday evening that he fired Krebs because his agency issued a “highly inaccurate” statement that the 2020 election was secure. That statement, which was signed by numerous election officials across the country, and backed up by independent security experts, said the election was the most secure in U.S. history. A former Microsoft executive whom […]

The post Trump fires CISA chief Chris Krebs, who guarded the 2020 election from interference and domestic misinformation appeared first on CyberScoop.

Continue reading Trump fires CISA chief Chris Krebs, who guarded the 2020 election from interference and domestic misinformation→

Symantec implicates APT10 in sweeping hacking campaign against Japanese firms

Posted on November 17, 2020 by Sean Lyngaas

A Chinese government-linked hacking group whose operatives have been indicted by the U.S. and sanctioned by the European Union is suspected in a year-long effort to steal sensitive data from numerous Japanese companies and their subsidiaries, security researchers said Tuesday. The attackers, known as APT10 or Cicada, have been burrowing into the networks of companies in the automotive, pharmaceutical and engineering sectors, according to researchers from antivirus provider Symantec. They have sometimes lingered for months before trying to extract data and have targeted domain controllers, the servers that act as gatekeepers for organizations’ network traffic. While Symantec did not identify specific targets, the company said many of the organizations have links to Japan, or Japanese companies. China and Japan are, respectively, the second and third biggest economies in the world. The two Asian countries have long had territorial disputes, and Japanese organizations have been a frequent target of alleged Chinese cyber-espionage. […]

The post Symantec implicates APT10 in sweeping hacking campaign against Japanese firms appeared first on CyberScoop.

Continue reading Symantec implicates APT10 in sweeping hacking campaign against Japanese firms→

Microsoft’s new ‘Pluton’ security processor gets buy-in from Intel, AMD

Posted on November 17, 2020 by Sean Lyngaas

Microsoft and three major computing vendors — AMD, Intel and Qualcomm Technologies — on Tuesday said they would produce security chips designed to keep attackers from stealing critical data such as encryption keys and credentials from computing systems. The goal is to guard against a relatively new breed of attack techniques, made famous by the 2018 Spectre and Meltdown vulnerabilities, that pry data from a computer’s most sensitive enclaves. To do this, Microsoft said it will store critical data on the chip itself, isolating it from the rest of the system. Advocates of the new security chip, known as Pluton, say it will cut off a key vector for data-stealing attacks: a communication channel between a computing system’s central processing unit (CPU) and another piece of hardware known as the trusted platform module (TPM). In one example of that type of attack, researchers from security company NCC Group in 2018 […]

The post Microsoft’s new ‘Pluton’ security processor gets buy-in from Intel, AMD appeared first on CyberScoop.

Continue reading Microsoft’s new ‘Pluton’ security processor gets buy-in from Intel, AMD→

59 security experts reject Trump’s election fraud claims as ‘incoherent’

Posted on November 16, 2020 by Sean Lyngaas

A group of 59 computer scientists, researchers and cybersecurity experts on Monday released a letter rejecting President Donald Trump’s claims of widespread electoral fraud as “technically incoherent” and “unsubstantiated” in the latest rebuke of Trump’s campaign to undermine public confidence in the election results. “We are aware of alarming assertions being made that the 2020 election was ‘rigged’ by exploiting technical vulnerabilities,” wrote the group of experts, which included Matt Blaze, a cryptologist and professor at Georgetown University, and Alex Stamos, the former security chief at Facebook. “However, in every case of which we are aware, these claims either have been unsubstantiated or are technically incoherent.” Since multiple media outlets, including Fox News and the Associated Press, on Nov. 7 projected Joe Biden as the winner of the presidential election, Trump and his allies have continuously made false claims of election fraud. The director of the Department of Homeland Security’s […]

The post 59 security experts reject Trump’s election fraud claims as ‘incoherent’ appeared first on CyberScoop.

Continue reading 59 security experts reject Trump’s election fraud claims as ‘incoherent’→

Twitter hires influential hacker Peiter ‘Mudge’ Zatko as security boss

Posted on November 16, 2020 by Sean Lyngaas

Facing some of the most persistent security challenges of its 14-year existence, Twitter has turned to Peiter “Mudge” Zatko, a renowned computer security expert, and given him a broad mandate to bolster security at the social media platform. Zatko is the company’s new “head of security,” reporting directly to CEO Jack Dorsey, Reuters first reported Monday. The news comes after Twitter said in September it had hired Rinki Sethi as chief information security officer. Zatko gained recognition in the cybersecurity industry as a member of L0pht, a flamboyant Massachusetts-based hacking collective that famously warned Congress in 1998 about the insecurities of the internet. Zatko also oversaw high-profile cybersecurity projects at the Pentagon’s Defense Advanced Research and Projects Agency, and did stints at Google and an independent lab for testing software integrity. Looks like the cat is out of the bag. I’m very excited to be joining the executive team at Twitter! I […]

The post Twitter hires influential hacker Peiter ‘Mudge’ Zatko as security boss appeared first on CyberScoop.

Continue reading Twitter hires influential hacker Peiter ‘Mudge’ Zatko as security boss→

Lawmakers back CISA chief Krebs after report that he expects to be fired

Posted on November 12, 2020 by Sean Lyngaas

Multiple Democratic U.S. lawmakers on Thursday reacted with concern to a media report that a senior Department of Homeland Security cybersecurity official has told associates that he expects to be fired by the White House. Rep. Jim Langevin, D-R.I., and Sen. Mark Warner, D-Va, the ranking member of the Senate Intelligence Committee, were among those who hailed the work of Cybersecurity and Infrastructure Security Director Chris Krebs, who has been at the forefront of federal agencies’ efforts to protect the 2020 election from hacking and disinformation. “It would not be a surprise [but] would disappoint me profoundly if he were to be fired,” Langevin, who is co-founder of the Congressional Cybersecurity Caucus, said in an interview. “I think Chris Krebs has served in his role as director of CISA with great professionalism, with passion, in a nonpartisan way. He’s someone who is respected on both sides of the aisle.” Krebs, […]

The post Lawmakers back CISA chief Krebs after report that he expects to be fired appeared first on CyberScoop.

Continue reading Lawmakers back CISA chief Krebs after report that he expects to be fired→

Senior DHS cybersecurity official Bryan Ware to step down

Posted on November 12, 2020 by Sean Lyngaas

Bryan S. Ware, who took the reins as the senior most Department of Homeland Security official focused exclusively on cybersecurity in January, is stepping down from his post and heading to the private sector. A former technology entrepreneur, Ware has helped lead DHS’s Cybersecurity and Infrastructure Security Agency efforts to protect health care and pharmaceutical industry from criminal and state-sponsored hacking. He has also made a point of getting better data, with the help of software tools, into the hands of CISA analysts for tracking hacking campaigns. Ware’s last day on the job will be Friday. He told CyberScoop he is looking to start a new technology company. “I’m very proud of the work that CISA has done this year,” Ware told CyberScoop. “And I think against significant odds, the work we did on [protecting] elections is really a testament to what this agency can do.” Ware declined to comment […]

The post Senior DHS cybersecurity official Bryan Ware to step down appeared first on CyberScoop.

Continue reading Senior DHS cybersecurity official Bryan Ware to step down→

Ransomware incidents in manufacturing grow as transparency, and attack options, increase

Posted on November 12, 2020 by Sean Lyngaas

The number of publicly documented ransomware incidents at manufacturing organizations has jumped considerably in 2020 as attackers have found ways to disrupt facilities’ operations by affecting both traditional IT networks and software that supports industrial processes, according to research published Thursday. Industrial security company Dragos found that ransomware incidents in the manufacturing sector had more than “tripled” this year compared to 2019, though the company did not specify the number of incidents. Two things help explain the report’s findings: Companies are being more transparent about reporting incidents; and manufacturing, like other sectors such as health care, has endured a rise in opportunistic attacks from criminals who know how bring an organization to its knees. “Companies that rely on availability of their operations [are] being targeted and held for ransom to be able to restart those processes,” said Selena Larson, a senior cyberthreat analyst at Dragos. Among the Dragos tally were reported ransomware […]

The post Ransomware incidents in manufacturing grow as transparency, and attack options, increase appeared first on CyberScoop.

Continue reading Ransomware incidents in manufacturing grow as transparency, and attack options, increase→

Flaw in Philippines’ contact-tracing app served up data on 30K health care providers, research finds

Posted on November 11, 2020 by Sean Lyngaas

A web and mobile phone application that the Philippines government uses to track coronavirus cases contained a flaw that could have allowed access to the names of tens of thousands of health care providers that use the app in that country, according to new research. The flaw has been fixed, but it stands out as another cautionary tale of how software tools used to combat the pandemic can open up new fronts in data insecurity. Multinational company Dure Technologies and officials from the World Health Organization and the Philippines Department of Health developed the app to efficiently report COVID-19 cases and help with contact tracing, and released it in June. But when researchers from the University of Toronto’s Citizen Lab investigated the app’s code, they found pressing security issues. A web version of the app, which is known as COVID-KAYA, had a flaw in its authentication logic that revealed the […]

The post Flaw in Philippines’ contact-tracing app served up data on 30K health care providers, research finds appeared first on CyberScoop.

Continue reading Flaw in Philippines’ contact-tracing app served up data on 30K health care providers, research finds→

Former DOJ officials slam Barr’s new policy on election investigations

Posted on November 10, 2020 by Sean Lyngaas

Former Justice Department officials on Tuesday sharply criticized Attorney General William Barr for reportedly reversing a longstanding department policy and clearing federal prosecutors to investigate alleged voting irregularities before election results have been certified. “The voters decide the winner in an election, not the president, and not the attorney general,” reads the statement from the Bipartisan Advisory Board of the Voter Protection Program, a nonpartisan election security initiative. The advisory board includes former Justice Department officials who served under Republican and Democratic administrations. “Thanks to a bipartisan group of experienced officials and poll workers across this country, the states, once again, ran fair and secure elections,” the statement continued. “We have seen absolutely no evidence of anything that should get in the way of certification of the results, which is something the states handle, not the federal government.” The criticism follows multiple media reports Monday that Barr gave Justice Department prosecutors the go-ahead to […]

The post Former DOJ officials slam Barr’s new policy on election investigations appeared first on CyberScoop.

Continue reading Former DOJ officials slam Barr’s new policy on election investigations→