Sean Lyngaas – Page 38 – WindowsTechs.com

‘Ripple’ effect: Flaws found in protocols impact everything from printers to infusion pumps

Posted on June 16, 2020 by Sean Lyngaas

Treck Inc. may be one of the most important software companies you’ve never heard of. Engineers at the Cincinnati-based company build networking protocols that end up in everything from HP printers to medical devices made by Baxter International, a Fortune 500 company. That core software, however, contains no less than 19 vulnerabilities, at least two of which could let hackers remotely commandeer devices running the code. That was the verdict made public on Tuesday by researchers from Jerusalem-based security company JSOF after months of studying Treck’s code. The discovery highlights how obscure companies can have an outsize impact on the supply chain security of software products around the world. It also shows how painstaking the act of locating and patching vulnerable devices can be. The further that JSOF researchers dug, the more devices they found running the Treck software. The footprint of devices grew so big that JSOF called in Forescout […]

The post ‘Ripple’ effect: Flaws found in protocols impact everything from printers to infusion pumps appeared first on CyberScoop.

Continue reading ‘Ripple’ effect: Flaws found in protocols impact everything from printers to infusion pumps→

‘Vendetta’ hackers are posing as Taiwan’s CDC in data-theft campaign

Posted on June 15, 2020 by Sean Lyngaas

A mysterious hacking group has been posing as Taiwan’s top infection-disease official in an attempt to steal sensitive data from Taiwanese users, researchers said Monday. The hackers sent meticulously written spearphishing emails to a select group of targets, which may have included Taiwan’s Centers for Disease Control employees, according to ElevenPaths, the cybersecurity unit of Spanish telecommunications firm Telefónica Group, which uncovered the activity. It’s a reminder of the lengths to which hacking groups have gone to impersonate public health authorities and break into computer networks during the COVID-19 pandemic. Over the course of a week in early May, the hackers sent emails to certain Taiwanese users urging them to get novel coronavirus tests. Attached to the email was a remote hacking tool capable of stealing login credentials and hijacking webcams. “The type of tools and the targets selected indicate that they are looking for intelligence, mainly governmental,” Miguel Ángel […]

The post ‘Vendetta’ hackers are posing as Taiwan’s CDC in data-theft campaign appeared first on CyberScoop.

Continue reading ‘Vendetta’ hackers are posing as Taiwan’s CDC in data-theft campaign→

Zoom apologizes for disabling US accounts commemorating Tiananmen Square anniversary

Posted on June 12, 2020 by Sean Lyngaas

Video conferencing service Zoom has apologized for yielding to Chinese government pressure and suspending U.S.-based user accounts that commemorated the anniversary of the Tiananmen Square massacre in China. The apology comes after an uproar from human rights activists and U.S. lawmakers for Zoom’s role in suppressing dissent outside of mainland China. At the request of the Chinese government, Zoom shut down three video meetings marking the anniversary. Some of the meeting organizers were based in the U.S. and in Hong Kong. “Recent articles in the media about adverse actions we took toward [those commemorating Tiananmen] have some calling into question our commitment to being a platform for an open exchange of ideas and conversations,” Zoom said in a blog post Thursday. “Going forward Zoom will not allow requests from the Chinese government to impact anyone outside of mainland China.” The Zoom users were marking 31 years since Chinese troops fired on pro-democracy […]

The post Zoom apologizes for disabling US accounts commemorating Tiananmen Square anniversary appeared first on CyberScoop.

Continue reading Zoom apologizes for disabling US accounts commemorating Tiananmen Square anniversary→

Gamaredon, a hacking group with a fixation on Ukraine, deploys new email compromise tools

Posted on June 11, 2020 by Sean Lyngaas

A Russian-speaking espionage group has been using new email hacking tools in a multi-month campaign intended to infiltrate unidentified government organizations, according to new research. The group, known as Gamaredon, has spent the last six months inundating the organizations with spearphishing emails and not bothering to cover their tracks, the Slovak anti-virus company ESET said Thursday. The researchers declined to name the government targeted. But historically, Gamaredon is one of multiple Russia-linked groups that has spied on Ukrainian government and corporate officials. And they are one of the more conspicuous ones. “They make no effort to stay under the radar,” Jean-Ian Boutin, ESET’s head of threat research, told CyberScoop. “One hypothesis is that they are doing that to create a state of constant dread in their targets.” One of the hacking tools uses a victim’s Microsoft Outlook account to send spearphishing messages to people in their contact address book. Another tool injects malicious code into Microsoft Office documents. The […]

The post Gamaredon, a hacking group with a fixation on Ukraine, deploys new email compromise tools appeared first on CyberScoop.

Continue reading Gamaredon, a hacking group with a fixation on Ukraine, deploys new email compromise tools→

DHS’s cyber wing pledges to invest more in industrial control systems security

Posted on June 9, 2020 by Sean Lyngaas

The Department of Homeland Security’s cybersecurity division on Tuesday unveiled a strategy to help protect industrial control systems that support energy, transportation, and other critical sectors from being hacked. The goal is to use data analytics, enhanced training, and better technology to help guard U.S. critical infrastructure operators from foreign hacking groups that have shown a steady interest in their networks. “We’re going to ask more of the ICS community, but we’re also going to deliver more to you,” Chris Krebs, head of DHS’s Cybersecurity and Infrastructure Security Agency, said at a virtual meeting of the ICS Joint Working Group, a government-industry organization. A better understanding of cyber-risk in the industrial space can lead to “being out in front of the adversary…putting friction into their plans so that they have to go off and they have to develop new capabilities,” Krebs said. “We’re going to develop deep data capabilities to […]

The post DHS’s cyber wing pledges to invest more in industrial control systems security appeared first on CyberScoop.

Continue reading DHS’s cyber wing pledges to invest more in industrial control systems security→

Computer network ‘disruption’ forces Honda to cancel some production

Posted on June 9, 2020 by Sean Lyngaas

A “disruption” to Japanese carmaker Honda’s computer network forced the company to cancel some production operations on Monday, according to a company spokesperson. The incident occurred Sunday and Honda’s IT personnel are still responding to the situation, Honda spokesman Chris Abbruzzese told CyberScoop. He declined to answer questions on the cause of the incident or where it was affecting the company geographically. But another statement from Honda to the BBC said the incident has “also [had] an impact on production systems outside of Japan.” Cybersecurity researchers said that malicious software samples associated with the incident suggested a ransomware attack had occurred. Vitali Kremez, a strategic adviser to cybersecurity company SentinelOne, said he suspected a strain of ransomware known as Snake or EKANS was the cause of the incident. The ransomware appears to have been coded to check that it was on Honda’s networks before executing, Kremez said. EKANS ransomware emerged last […]

The post Computer network ‘disruption’ forces Honda to cancel some production appeared first on CyberScoop.

Continue reading Computer network ‘disruption’ forces Honda to cancel some production→

DARPA invites hackers to break hardware to make it more secure

Posted on June 8, 2020 by Sean Lyngaas

For more than two years, the Pentagon’s research arm has been working with engineers to beef up the security of computer chips before they get deployed in weapons systems or other critical technologies. Now, the research arm — the Defense Advanced Research Projects Agency (DARPA) — is turning the hardware over to elite white-hat hackers who can earn up to $25,000 for bugs they find. The goal is to throw an array of attacks at the hardware so its foundations are more secure before production. “We need the researchers to really roll their sleeves up and dig into what we’re doing and try to break it,” said Keith Rebello, a DARPA program manager. Hardware hacks often involve identifying vulnerabilities in how a computer chip handles information, like the flaw uncovered in Intel microprocessors in March that could have allowed attackers to run malicious code early in the boot process. While software bug bounties are ubiquitous in […]

The post DARPA invites hackers to break hardware to make it more secure appeared first on CyberScoop.

Continue reading DARPA invites hackers to break hardware to make it more secure→

Coronavirus conspiracy theorists threaten 5G cell towers, DHS memo warns

Posted on June 8, 2020 by Sean Lyngaas

Telecommunications providers should have robust security measures in place at 5G cell towers following a series of physical attacks from conspiracy theorists and other extremists, the Department of Homeland Security advised industry executives in a confidential memo last week. The advisory from DHS’s Cybersecurity and Infrastructure Security Agency (CISA) comes after a spate of attacks on cell towers in Europe, and as agency officials reckon with other COVID-19-related threats, ranging from data theft to fraud. “While the U.S. has not seen similar levels of attacks against 5G infrastructure linked to the pandemic, the tactics used in Western Europe [have] begun to migrate to the U.S,” says the memo, obtained by CyberScoop. Conspiracy theorists erroneously claim that 5G networking equipment weakens the immune system, or spreads coronavirus. The anti-5G fervor has perhaps been at its most destructive in the United Kingdom, where people have damaged more than 70 cell towers since the coronavirus outbreak. But multiple incidents in the U.S. […]

The post Coronavirus conspiracy theorists threaten 5G cell towers, DHS memo warns appeared first on CyberScoop.

Continue reading Coronavirus conspiracy theorists threaten 5G cell towers, DHS memo warns→

Hackers target senior executives at German company procuring PPE

Posted on June 8, 2020 by Sean Lyngaas

On March 30, as the novel coronavirus swept through Germany, the country’s government tasked nine multinational companies, including pharmaceutical giant Bayer and automaker Volkswagen, with procuring personal protective equipment to make up for a lack of gear. The same day, unidentified hackers began an intensive phishing campaign to infiltrate at least one of those nine firms, according to research published Monday by IBM. The findings show how multiple aspects of societies’ response to the coronavirus — from testing facilities to vaccine research to PPE procurement — have been targeted by hackers of various stripes. The phishing attempts against the unnamed German company, which are ongoing, have extended to more than 100 senior management and procurement executives at the company and its suppliers in multiple sectors, according to IBM. It is unclear if the hacking has been successful, or who is responsible (IBM researchers weren’t sure). What is clear is that […]

The post Hackers target senior executives at German company procuring PPE appeared first on CyberScoop.

Continue reading Hackers target senior executives at German company procuring PPE→

Ransomware crooks attack Conduent, another large IT provider

Posted on June 5, 2020 by Sean Lyngaas

A ransomware attack disrupted IT services company Conduent’s work with its clients last week, another example of digital extortionists targeting key technology suppliers. Conduent, which reported $4.5 billion in revenue last year and provides IT services in sectors such as health care and banking, had its European operations temporarily hampered, spokesman Sean Collins said. The incident occurred on May 29. Most systems were functioning nine hours later on that same day, and all have since been restored, he said. It was unclear which Conduent clients were affected by the disruption. Collins did not respond to a question on which clients were affected. The notorious set of hackers behind the Maze ransomware variant claimed responsibility. Like a lot of crooks involved in ransomware, the Russian-speaking Maze affiliates are not one group, but several distinct teams that specialize in writing code or breaching networks. If confirmed, it would be at least the second […]

The post Ransomware crooks attack Conduent, another large IT provider appeared first on CyberScoop.

Continue reading Ransomware crooks attack Conduent, another large IT provider→