Sean Lyngaas – Page 32 – WindowsTechs.com

Grant Schneider steps down as federal CISO, heads to private sector

Posted on August 18, 2020 by Sean Lyngaas

Grant Schneider, who has spent nearly three decades in the federal government, is leaving his post as the Trump administration’s chief information security officer for the private sector. Schneider is joining the Washington, D.C., office of law firm Venable as a senior director of cybersecurity services, the firm said in a statement Tuesday. Ari Schwartz, a Venable executive who worked in the Obama administration, lauded Schneider’s work as a federal official on supply chain security and encryption. Schneider spent more than 20 years at the Defense Intelligence Agency, the Pentagon’s spying arm, culminating in a multi-year tenure as chief information officer. He was also a senior official at the Office of Personnel Management in 2015 and 2016 as the agency continued to cope with the fallout of its massive 2014 data breach. At the National Security Council, Schneider was influential in cybersecurity policymaking. He headed the Vulnerabilities Equities Process, the […]

The post Grant Schneider steps down as federal CISO, heads to private sector appeared first on CyberScoop.

Continue reading Grant Schneider steps down as federal CISO, heads to private sector→

Cruise operator Carnival hit by ransomware

Posted on August 17, 2020 by Sean Lyngaas

Carnival, the world’s biggest cruise line operator, suffered a ransomware attack on Saturday that exposed personal data on customers and employees, the company said in a Securities and Exchange Commission filing.
The intrusion, which hit the IT system … Continue reading Cruise operator Carnival hit by ransomware→

How a new federal policy for telling election officials about cyber-intrusions got put to use

Posted on August 17, 2020 by Sean Lyngaas

In early 2020, federal officials changed how they communicated with states about cyber-intrusions affecting election infrastructure. The Department of Homeland Security’s cybersecurity agency and the FBI would now inform senior state officials, and not just IT personnel, of election-related hacking incidents in a given state. Some state officials, who had criticized the federal government for being too slow and not specific enough in sharing data on Russian hacking in 2016, welcomed the new policy as another guardrail against foreign interference in 2020. And in March, at the height of the primary season, the policy was put into action. An unidentified hacker spoofed the email account of a voting-equipment vendor and sent a phishing email to a local election official in Missouri, according to multiple people familiar with the incident who spoke on the condition of anonymity. The official took the bait — a document purporting to be an “election funding report” but which really redirected the official to […]

The post How a new federal policy for telling election officials about cyber-intrusions got put to use appeared first on CyberScoop.

Continue reading How a new federal policy for telling election officials about cyber-intrusions got put to use→

‘Cyber Storm’ drill for critical infrastructure focuses on corruption of key IT services

Posted on August 14, 2020 by Sean Lyngaas

In a drill this week that drew some 2,000 participants, the Department of Homeland Security tested the ability of companies in the health care, manufacturing and other key sectors to withstand hypothetical hacking campaigns that compromise the trust users place in key internet services. The seventh iteration of Cyber Storm, as the biannual exercise is called, focused on what could go wrong when some of the pillars of the internet are corrupted. It is the subtle manipulation of these IT services that advanced hacking campaigns often exploit in the real world. The simulation featured compromised certificate authorities, which deem software trustworthy, attacks on the Border Gateway Protocol, the internet’s basic routing mechanism, and the subversion of domain name system (DNS) records, which help send a user to a website that is not malicious. “Many organizations do not have a full understanding of their reliance on third-party services,” said Brian Harrell, assistant […]

The post ‘Cyber Storm’ drill for critical infrastructure focuses on corruption of key IT services appeared first on CyberScoop.

Continue reading ‘Cyber Storm’ drill for critical infrastructure focuses on corruption of key IT services→

Ex-DHS officials urge department to double down on its cybersecurity work

Posted on August 13, 2020 by Sean Lyngaas

The Department of Homeland Security has been the face of some of the Trump administration’s most fiercely criticized policies, from aggressively rounding up migrants to detaining protesters. A new bipartisan report from former DHS officials suggests the department cut ties with some of the “most partisan” aspects of its work, and redouble its efforts to protect the country from cyberthreats and infectious diseases. “For the defense of American democracy to succeed, the secretary of homeland security and DHS generally will need to be, to the greatest extent possible, ‘above politics,’” states the report, which the Atlantic Council released Thursday. The report’s authors — Caitlin Durkovich, a former assistant DHS secretary under President Barack Obama, and Thomas Warrick, who was a DHS counterterrorism official until June 2019 — propose giving some controversial elements of DHS’s portfolio, such as setting the number of immigrant visas, to the White House or another part of the federal […]

The post Ex-DHS officials urge department to double down on its cybersecurity work appeared first on CyberScoop.

Continue reading Ex-DHS officials urge department to double down on its cybersecurity work→

TikTok users ‘voluntarily’ giving their data to China, Justice official says

Posted on August 12, 2020 by Sean Lyngaas

U.S. officials have repeatedly expressed concern that China could use the 2014 and 2015 hacks of the Office of Personnel Management and health care insurer Anthem to build data profiles on Americans for intelligence recruitment (allegations Beijing denies). But TikTok, the popular video-sharing application, is a different type of data collection opportunity for China because Americans are willingly handing the information over, a senior Department of Justice official alleged Wednesday. “[Y]ou have an instance of Americans voluntarily signing onto this product as opposed to the Chinese stealing the data or the Chinese buying the data,” said John Demers, the assistant attorney general for national security. “And that’s what the recent executive order was meant to address,” Demers said, referring to the Aug. 6 directive from President Donald Trump that will ban transactions with ByteDance, TikTok’s Chinese parent company, and Tencent, another Chinese tech firm, starting Sept. 20. TikTok, which is […]

The post TikTok users ‘voluntarily’ giving their data to China, Justice official says appeared first on CyberScoop.

Continue reading TikTok users ‘voluntarily’ giving their data to China, Justice official says→

SANS Institute, which drills cyber professionals in defense, suffers data breach

Posted on August 12, 2020 by Sean Lyngaas

The SANS Institute, which trains cybersecurity professionals around the world, was hacked, resulting in the compromise of 28,000 records of personally identifiable information, the organization said Tuesday. The Maryland-based research and educational outfit said the breach was the result of a single phishing email sent to a SANS employee, which led to more than 500 of the organization’s emails being forwarded. The breached data included names, email addresses, and physical addresses — information submitted by attendees of a recent SANS virtual training event. After discovering the breach on Aug. 6, SANS said it “quickly stopped any further release of information” from the compromised email account, which was forwarding the data to an “unknown external email address.” The institute did not identify who was responsible for the hack. “We are investigating this incident with the support of some of the world’s top forensic experts to be certain that we understand the complete […]

The post SANS Institute, which drills cyber professionals in defense, suffers data breach appeared first on CyberScoop.

Continue reading SANS Institute, which drills cyber professionals in defense, suffers data breach→

Citrix releases fix for software bug that hackers ‘will move quickly to exploit’

Posted on August 11, 2020 by Sean Lyngaas

A newly revealed set of vulnerabilities in popular software made by Citrix, whose clients include Fortune 500 companies, could let hackers who exploit the bugs gain control of a mobile server and steal sensitive data. The Florida-based company, which has dealt with multiple critical vulnerabilities this year, has released fixes for the new round of bugs and urged customers to apply them. “While there are no known exploits as of this writing, we do anticipate malicious actors will move quickly to exploit,” Citrix CISO Fermin J. Serna wrote in a blog post Tuesday. The bugs are in a software product known as Citrix Endpoint Management or XenMobile, which allows clients to remotely connect to corporate networks with their mobile devices. Exploiting one of the bugs could let a hacker steal domain account credentials for a corporate network, according to Andrey Medov, a security researcher at Positive Technologies, which found the […]

The post Citrix releases fix for software bug that hackers ‘will move quickly to exploit’ appeared first on CyberScoop.

Continue reading Citrix releases fix for software bug that hackers ‘will move quickly to exploit’→

Hackers exploited Tor exit relays to generate bitcoin: research

Posted on August 11, 2020 by Sean Lyngaas

At one point this spring, a single set of money-hungry hackers controlled nearly a quarter of the endpoint infrastructure through which the anonymizing internet browser Tor routed traffic, a researcher who tracks Tor claimed this week. The unidentified attacker likely used those Tor “exit relays” — the IP addresses through which Tor traffic passes — to manipulate the traffic and mine cryptocurrency, said the researcher, who goes by nusenu. How much bitcoin the attackers were able to generate, if any, remains unclear. It’s the latest example of how malicious hackers can subvert parts of Tor’s infrastructure for their own gain, and follows another set of malicious Tor activity documented by the same researcher last year. Users ranging from human rights workers in repressive countries to U.S. drug dealers rely on Tor to try to maintain their anonymity online. “So far, 2020 is probably the worst year in terms of malicious Tor exit relay activity since I started monitoring it about […]

The post Hackers exploited Tor exit relays to generate bitcoin: research appeared first on CyberScoop.

Continue reading Hackers exploited Tor exit relays to generate bitcoin: research→

Ohio becomes first state to release vulnerability policy for election-related websites

Posted on August 7, 2020 by Sean Lyngaas

Ohio’s secretary of state has established guidelines for security experts to find and help fix software flaws in the state’s election-related websites, the first such move by a state as the 2020 election approaches. The vulnerability disclosure policy (VDP) covers registration websites for Ohio residents and overseas and military voters, among other sites, and provides legal liability protections for researchers. The program will bolster the efforts of Ohio Secretary of State Frank LaRose’s security team at a time when threats to election infrastructure “have never been greater,” the policy states. Under the policy, researchers are required to wait four months after reporting a vulnerability to Ohio officials before going public with it. “We believe that public disclosure of vulnerabilities is an essential part of the vulnerability disclosure process, and that one of the best ways to make software better is to enable everyone to learn from each other’s mistakes,” the […]

The post Ohio becomes first state to release vulnerability policy for election-related websites appeared first on CyberScoop.

Continue reading Ohio becomes first state to release vulnerability policy for election-related websites→