Author Archives: Sean Lyngaas

Cisco says it will issue patch ‘as soon as possible’ for bugs hackers are trying to exploit

Posted on by

Unidentified hackers are trying to exploit critical vulnerabilities in router software made by Cisco while the networking giant scrambles to address the issues. The bugs, which Cisco revealed Saturday, could allow an attacker to remotely break into a device running the software and exhaust the memory on the device. That, in turn, could destabilize “interior and exterior routing protocols” on an affected network, Cisco said in an advisory. It’s unclear when a patch will be ready; “as soon as possible” is all a Cisco spokesperson would say. The company made recommendations for mitigating the vulnerability until a patch is available. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency encouraged users to check for “indicators of compromise’ or signs of malicious cyber activity. It’s unclear who is attempting to exploit the vulnerability. With the advisory out, cybersecurity incident responders will be watching for any additional hacking. Justin Elze, a […]

The post Cisco says it will issue patch ‘as soon as possible’ for bugs hackers are trying to exploit appeared first on CyberScoop.

Continue reading Cisco says it will issue patch ‘as soon as possible’ for bugs hackers are trying to exploit

Democrats furious after intelligence officials cancel in-person election security briefings

Posted on by

The Office of the Director of National Intelligence on Friday said it would provide election-security information to Congress through written materials rather than in-person briefings, sparking outrage among Democrats just two months before the presidential election. In letters to the House and Senate intelligence committees, among others, Director of National Intelligence John Ratcliffe said his office would provide lawmakers with “written finished intelligence products” on foreign threats to the election to prevent leaks of classified information and ensure the materials aren’t “misunderstood” or “politicized.” The move highlights the partisan fight over election security material as U.S. officials warn that Russia is once again interfering in the electoral process for the benefit of President Donald Trump. After one routine election-security briefing for lawmakers in February in which an intelligence official said Russia had a preference for Trump, the president was reportedly irate that Democrats received the information before he did. Trump […]

The post Democrats furious after intelligence officials cancel in-person election security briefings appeared first on CyberScoop.

Continue reading Democrats furious after intelligence officials cancel in-person election security briefings

Everything you need to know about voting by mail

Posted on by

State and local governments, those running for office and the American electorate are facing an unprecedented election process this year in which mail-in ballots will play a large part in how voters pick their elected officials during a once-in-a-century pandemic. In doing so, they have to navigate a U.S. Postal Service that has warned of tardy ballot deliveries, cut through the din of misinformation coming from President Donald Trump, and overcome a process that can be confusing on a number of different levels. While mail-in voting and cybersecurity don’t seem to go hand-in-hand, security officials are heavily involved in making sure the entire operation can be trusted once it’s complete. Here’s what you need to know about mail-in balloting and how it will play a greater role in this presidential election: How long has voting by mail been going on, and how is it used today? Mail-in voting is not […]

The post Everything you need to know about voting by mail appeared first on CyberScoop.

Continue reading Everything you need to know about voting by mail

John Felker, former head of DHS’s cyberthreat center, to retire from the department in September

Posted on by

John Felker, who helped expand the Department of Homeland Security’s cyberthreat-sharing efforts with the private sector, announced Monday that he would retire on Sept. 25 after spending five years at DHS and more than three decades in the federal government. Felker was best known at DHS for heading the National Cybersecurity and Communications Integration Center (NCCIC), the department’s 24/7 watch floor and threat-sharing hub for hacking threats, from 2015 to 2019. For the last year, Felker has led a division at the department’s Cybersecurity and Infrastructure Security Agency (CISA) that oversees the agency’s field offices across the country. The NCCIC, which includes a vast room of monitoring screens at a DHS building in Arlington, Virginia, is one of the better known federal initiatives to warn companies of malicious cyber activity. Following the formal creation of CISA in 2018, the NCCIC was rebranded and its functions split between two divisions. Felker’s Integrated Operations Division […]

The post John Felker, former head of DHS’s cyberthreat center, to retire from the department in September appeared first on CyberScoop.

Continue reading John Felker, former head of DHS’s cyberthreat center, to retire from the department in September

Feds warn election officials of potentially malicious ‘typosquatting’ websites

Posted on by

The Department of Homeland Security last week told election officials to be wary of suspicious websites that impersonate federal and state election domains and could be used for phishing or influence operations. The Aug. 11 bulletin distributed by DHS’s Office of Intelligence and Analysis, which CyberScoop reviewed, listed roughly 50 suspicious domains that were purporting to offer information related to voting and elections. “These suspicious typo-squatting domains may be used for advertising, credential harvesting and other malicious purposes, such as phishing and influence operations,” the advisory says. “Users should pay close attention to the spelling of web addresses or websites that look trustworthy but may be close imitations of legitimate U.S. election websites.” Typosquatting is an issue that litters the internet and affects every sector because it is cheap and easy for anyone to set up a website that mimics the spelling of a legitimate one. A 2018 study found […]

The post Feds warn election officials of potentially malicious ‘typosquatting’ websites appeared first on CyberScoop.

Continue reading Feds warn election officials of potentially malicious ‘typosquatting’ websites

FBI, CISA warn of ‘voice phishing’ campaigns

Posted on by

The FBI and the U.S. Cybersecurity and Infrastructure Security Agency on Thursday warned the private sector of a “voice phishing” campaign in which cybercriminals call up corporate employees to get them to hand over login credentials. In a campaign that began in mid-July, unidentified attackers used stolen credentials to scour corporate databases for personal information they can monetize and use in other attacks, the FBI and CISA alert said. In some cases, the attackers “posed as members of the victim company’s IT help desk, using their knowledge of the employee’s personally identifiable information…to gain the trust of the targeted employee,” the advisory says. The warning caps a month in which cybercriminals have been rampantly employing “vishing,” as the voice phishing technique is known, to try to steal money from big corporations. The attackers who took over celebrity Twitter accounts in July to mine bitcoin did so through “vishing.” Florida police […]

The post FBI, CISA warn of ‘voice phishing’ campaigns appeared first on CyberScoop.

Continue reading FBI, CISA warn of ‘voice phishing’ campaigns

No hacking needed: Someone duped Experian into handing over data in breach affecting 24 million South Africans

Posted on by

For fraudsters looking to swindle big corporations, sometimes it’s just a matter of asking. Earlier this week, the South African division of credit reporting giant Experian revealed that someone posing as a client had tricked the firm into coughing up personal information on an untold amount of South African consumers. The South African Banking Risk Information Centre (SABRIC), an association of banks focused on combating crime, put a number on the breach: up to 24 million people, and nearly 794,000 “business entities,” could be affected. Investigators have been working with banks to figure out which of their customers may have had their personal data exposed, according to SABRIC. It’s a reminder of the reams of personal data that credit monitoring firms like Experian and Equifax are sitting on, and the high stakes those firms face in protecting it. A social engineering trick, or an unpatched software flaw, can open the […]

The post No hacking needed: Someone duped Experian into handing over data in breach affecting 24 million South Africans appeared first on CyberScoop.

Continue reading No hacking needed: Someone duped Experian into handing over data in breach affecting 24 million South Africans

Weeks after malware disruption, New York hospital is getting back online

Posted on by

For three weeks, a 290-bed medical facility in upstate New York has been grappling with a cybersecurity incident that prevented doctors from accessing patients’ electronic medical records (EMRs). The EMRs and payroll and accounting systems are now back online, the Samaritan Medical Center said in a statement Wednesday, but restoring the entire computer network will still take time. The not-for-profit Watertown, New York, institution — which says it generates $395 million annually in activity — blamed a “malware attack” for the disruption. There was no evidence that patient data had been compromised. It was unclear who was responsible for the attack. A facility spokesperson did not respond to multiple requests for comment. The incident highlights how malicious cyber-activity has continued to disrupt IT systems in the health sector as it fights a global pandemic. Multiple ransomware attacks have hit pharmaceutical or biomedical firms working on coronavirus treatments, while health care providers in Europe […]

The post Weeks after malware disruption, New York hospital is getting back online appeared first on CyberScoop.

Continue reading Weeks after malware disruption, New York hospital is getting back online

CISA infrastructure security official Brian Harrell steps down

Posted on by

Brian Harrell, a senior official in charge of physical infrastructure protection at the Department of Homeland Security’s cybersecurity agency, resigned his post on Thursday and is headed to the private sector. “During my time at [the Cybersecurity and Infrastructure Security Agency], we have responded to hurricanes and historic floods, provided expertise after mass-shootings, engaged thousands of critical infrastructure owners and operators, and we are now providing the private sector assistance during COVID-19,” Harrell wrote in a resignation letter to President Donald Trump. Harrell, a former security executive in the electric sector, Harrell joined DHS in December 2018. He has helped organize cybersecurity drills for critical infrastructure companies, including the recently completed “Cyber Storm” exercise, which drew 2,000 participants. Harrell also helped run CISA’s security team for the last two Super Bowls. It is unclear who will replace Harrell. A CISA spokesperson did not immediately respond to a request for comment. In […]

The post CISA infrastructure security official Brian Harrell steps down appeared first on CyberScoop.

Continue reading CISA infrastructure security official Brian Harrell steps down

Taiwan accuses Chinese hackers of aggressive attacks on government agencies

Posted on by

The Taiwanese government on Wednesday accused Chinese government-linked hackers of targeting 10 Taiwanese government agencies and 6,000 email accounts of officials in an escalation of Beijing’s long-running espionage on the island. Over the course of two years, Chinese hackers have infiltrated a variety of Taiwanese government offices in an effort to steal sensitive documents, Liu Chia-zung, an official in the Taiwan Investigation Bureau’s Cyber Security Investigation Office, said at a press conference. Liu conceded that with the breach of key IT infrastructure, at least some data may have been exposed. It is only the latest in a wave of suspected Chinese hacking campaigns to hit Taiwan, which China considers its territory. The Taiwanese semiconductor industry, a centerpiece of the global supply chain for smartphones, has also come under sustained assault from hackers that appear to be based in China, private researchers said earlier this month. And in May, Taiwan suggested that a broad […]

The post Taiwan accuses Chinese hackers of aggressive attacks on government agencies appeared first on CyberScoop.

Continue reading Taiwan accuses Chinese hackers of aggressive attacks on government agencies