Sean Lyngaas – Page 30 – WindowsTechs.com

Multibillion-dollar Equinix is the latest data-center firm to face ransomware incident

Posted on September 10, 2020 by Sean Lyngaas

Equinix, a multibillion-dollar data center company, is grappling with a ransomware incident affecting its internal computer systems, the company announced late Wednesday. The California-based company, which claims nearly 10,000 clients and has offices around the world, said the incident hadn’t impacted its support for customers, and that its data centers “remain fully operational.” Law enforcement officials are investigating the Equinix incident, the company said without elaborating. Data-hosting firms are a recurring target for ransomware gangs that figure the threat to customer data helps their chances of a payout. In December, Texas-based data center company CyrusOne said that at least six of its customers were affected by a ransomware attack. There is much at stake for Equinix in guarding its data centers. The company reported $5.5 billion in revenue last year, and recently announced the acquisition of two big data centers in India for $161 million. Central to Equinix’s response to the […]

The post Multibillion-dollar Equinix is the latest data-center firm to face ransomware incident appeared first on CyberScoop.

Continue reading Multibillion-dollar Equinix is the latest data-center firm to face ransomware incident→

PAN-OS vulnerabilities add to a torrid year for enterprise software bugs

Posted on September 10, 2020 by Sean Lyngaas

Cybersecurity researchers on Wednesday revealed four new vulnerabilities in enterprise software used by thousands of companies around the world that, if exploited, could be used to steal data from internal networks. The bugs in the PAN operating system (PAN-OS) made by Palo Alto Networks add to a growing list of vulnerabilities in widely used corporate software that researchers have uncovered in 2020. Some of those vulnerabilities, such as a flaw in software made by Citrix, have been used in espionage and other hacking operations. In the case of the PAN-OS flaws, which security firm Positive Technologies found, CyberScoop has not seen evidence that hackers have successfully exploited them. Palo Alto Networks released fixes for all of the vulnerabilities and told customers to apply them. One of the more critical vulnerabilities could allow a hacker who first accesses the software’s management interface to plant malicious code in the operating system and obtain […]

The post PAN-OS vulnerabilities add to a torrid year for enterprise software bugs appeared first on CyberScoop.

Continue reading PAN-OS vulnerabilities add to a torrid year for enterprise software bugs→

DHS intel official alleges he was ordered to halt Russia reporting because it made Trump ‘look bad’

Posted on September 9, 2020 by Sean Lyngaas

In a whistleblower complaint made public Wednesday, a senior Department of Homeland Security official accused the department’s acting secretary of directing him to refrain from distributing an intelligence report on Russian election interference because it would make President Donald Trump “look bad.” The allegation from Brian Murphy, who until August was principal deputy undersecretary in DHS’s intelligence office, will add to criticism from Democratic lawmakers that intelligence has been politicized under acting DHS secretary Chad Wolf. According to the complaint, Murphy was instructed in July first by the DHS chief of staff and then by Wolf himself to hold off on distributing an intelligence memo on Russian disinformation because it was unflattering for Trump. That followed a directive in May from Wolf to Murphy, the complaint alleges, to stop providing intelligence assessments on Russian interference threats and to begin reporting on threats from China and Iran. “Mr. Wolf stated that […]

The post DHS intel official alleges he was ordered to halt Russia reporting because it made Trump ‘look bad’ appeared first on CyberScoop.

Continue reading DHS intel official alleges he was ordered to halt Russia reporting because it made Trump ‘look bad’→

Hartford Public Schools delay reopening amid ransomware attack

Posted on September 8, 2020 by Sean Lyngaas

U.S. school administrators have spent months mapping out how the coronavirus would disrupt the start of the school year. But officials in Hartford, Conn., are dealing with another, unexpected challenge now that a ransomware attack has forced the city’s public schools to postpone classes. The file-locking malware “caused an outage of critical systems and the restoration of those systems [is] not complete,” Hartford Public School officials said in a statement. “This includes the system that communicates our transportation routes to our bus company and it is preventing our ability to operate schools on Tuesday.” “Everyone at Hartford Public Schools was ready to welcome back our beautiful and capable students in person and remotely,” the statement said. Schools and universities were already facing a barrage of ransomware threats before the COVD-19 pandemic forced administrators to shift classes online, potentially opening up new avenues for attack. An incident in April shut down computer servers at a community college in […]

The post Hartford Public Schools delay reopening amid ransomware attack appeared first on CyberScoop.

Continue reading Hartford Public Schools delay reopening amid ransomware attack→

Ransomware hits two state-run organizations in the Middle East and North Africa

Posted on September 4, 2020 by Sean Lyngaas

A strain of ransomware designed to disrupt computers’ booting processes hit government-run organizations in the Middle East and North Africa in July, researchers said Friday, in the latest example of data-wiping tools being aimed at key organizations in the region. The ransomware attacks used Thanos, a type of malware that surfaced earlier this year and has gained traction on underground forums, according to analysts at Palo Alto Networks. In an increasingly popular tactic among ransomware gangs, Thanos is sold “as a service” to other hackers interested in deploying it. That can make the attacks harder to trace, and allow users to develop their own custom features. The motives behind the attacks are mysterious. A hacker interested in getting paid typically doesn’t disrupt a machine to make it harder for a victim to hand over the ransom. Yet that’s exactly what the perpetrators of the July attacks attempted to do: Their […]

The post Ransomware hits two state-run organizations in the Middle East and North Africa appeared first on CyberScoop.

Continue reading Ransomware hits two state-run organizations in the Middle East and North Africa→

As Trump rails against mail-in voting, DHS warns Russia is doing the same

Posted on September 3, 2020 by Sean Lyngaas

The Russian government will continue to use its media mouthpieces to attack mail-in voting and sow divisions among voters just weeks before the U.S. election, the Department of Homeland Security warned state and local election officials on Thursday. “We assess that Russia is likely to continue amplifying criticism of vote-by-mail and shifting voting processes amidst the COVID-19 pandemic to undermine public trust in the electoral process,” reads a DHS bulletin, which CyberScoop reviewed. “Since at least March 2020, Russian malign influence actors have been amplifying allegations of election integrity issues in new voting processes and vote-by-mail programs,” the memo says. Moscow’s reported denigration of the vote-by-mail process mirrors the criticisms leveled by President Donald Trump, who for weeks has baselessly claimed that mail-in voting can lead to widespread fraud. In reality, mail-in ballot fraud is exceptionally rare. On Wednesday, Trump suggested that voters should try voting twice in North Carolina, […]

The post As Trump rails against mail-in voting, DHS warns Russia is doing the same appeared first on CyberScoop.

Continue reading As Trump rails against mail-in voting, DHS warns Russia is doing the same→

CISA orders agencies to set up vulnerability disclosure programs

Posted on September 2, 2020 by Sean Lyngaas

Out of scores of federal civilian agencies, only a handful of them have official programs to work with outside security researchers to find and fix software bugs — a process that is commonplace in the private sector. Now, to put an end to the feet-dragging, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency is giving agencies six months to set up the programs, known as vulnerability disclosure policies (VDPs). CISA on Wednesday issued a directive requiring agencies to establish VDPs that foreswear legal action against researchers who act in good faith, allow participants to submit vulnerability reports anonymously and cover at least one internet-accessible system or service. It’s the latest sign that federal officials are warming to white-hat hackers from various walks of life. “We believe that better security of government computer systems can only be realized when the people are given the opportunity to help,” CISA Assistant Director […]

The post CISA orders agencies to set up vulnerability disclosure programs appeared first on CyberScoop.

Continue reading CISA orders agencies to set up vulnerability disclosure programs→

Router vendor has patched some zero-days, but leaves others wide open

Posted on September 2, 2020 by Sean Lyngaas

In April, security researcher Rich Mirch got a text from a friend who had just switched to a new wireless router and was raving about its high-speed internet. You have to try it, the friend told Mirch. Curious, Mirch downloaded the router’s firmware and started picking it apart. He found that the device, made by an obscure Canada-based company called MoFi Network, had multiple password-related vulnerabilities packed into its code. But Mirch wanted to delve deeper. So the senior adversarial engineer at Texas-based security firm CriticalStart ordered the router online and rolled up his sleeves. He ended up finding 10 previously undisclosed vulnerabilities in the device that, if exploited, could allow attackers to steal passwords and data from networks running the vulnerable routers, including VPN credentials and API keys. “Some of these vulnerabilities have probably existed since 2015,” said Mirch, who published his findings on Wednesday. The research points to a longstanding […]

The post Router vendor has patched some zero-days, but leaves others wide open appeared first on CyberScoop.

Continue reading Router vendor has patched some zero-days, but leaves others wide open→

No, Michigan voter data wasn’t hacked by the Russians

Posted on September 1, 2020 by Sean Lyngaas

Michigan’s secretary of state on Tuesday refuted a news report asserting that the state’s voter registration database had been compromised in an example of how election officials are combatting misinformation weeks before the presidential election. The statement came in response to a report in Russian media outlet Kommersant claiming that recently purloined data on American voters was available on a hacking forum. It turns out that data was already publicly available, and it appears to have been repackaged by whoever was advertising it. “Our system has not been hacked,” Michigan Secretary of State Jocelyn Benson’s office said in a statement. “We encourage all Michigan voters to be wary of attempts to ‘hack’ their minds, however, by questioning the sources of information and advertisements they encounter and seeking out trusted sources, including their local election clerk and our office.” “Public voter information in Michigan and elsewhere is accessible to anyone through a […]

The post No, Michigan voter data wasn’t hacked by the Russians appeared first on CyberScoop.

Continue reading No, Michigan voter data wasn’t hacked by the Russians→

Norway is investigating a cyberattack on its parliament

Posted on September 1, 2020 by Sean Lyngaas

Hackers have struck at the Norwegian parliament, compromising a limited number of email accounts of lawmakers and employees, the parliament’s administrator said Tuesday. Attackers downloaded an unspecified amount of data in the breach, Marianne Andreassen, the administrator, said in a statement. Mitigations put in place to counter the digital intrusion had an “immediate effect,” Andreassen said. Among the victims were members of the opposition Labour Party and the Centre Party, Norwegian broadcaster NRK reported. Andreassen did not identify who was responsible. A police and national security investigation is ongoing, and Andreassen said investigators are still gathering a full picture of the impact of the hack. The Norwegian National Security Authority (NSM), a government cybersecurity agency, “has contributed with incident response, analysis and other measures during the cyber incident against the Norwegian parliament,” said Trond Øvstedal, a spokesman for the agency. NSM “will provide technical support in the investigation,” he added. National legislatures are […]

The post Norway is investigating a cyberattack on its parliament appeared first on CyberScoop.

Continue reading Norway is investigating a cyberattack on its parliament→