Sean Lyngaas – Page 42 – WindowsTechs.com

State-linked hacking continues amid race for coronavirus treatments, US and UK agencies warn

Posted on May 5, 2020 by Sean Lyngaas

Hackers linked with foreign governments continue to target multiple global health care organizations and pharmaceutical companies in a possible bid to gather intelligence or steal research related to the coronavirus pandemic, American and British cybersecurity agencies said Tuesday. The U.S. Department of Homeland Security’s cybersecurity division and the U.K.’s National Cyber Security Centre (NCSC) “are currently investigating a number of incidents in which threat actors are targeting pharmaceutical companies, medical research organizations, and universities,” the agencies said in a joint advisory. They did not point the finger at particular governments. Advanced persistent threat (APT) groups, as state-linked hackers are known, have been scanning public websites of target companies looking for insecure software to exploit, said DHS’s Cybersecurity and Infrastructure Security Agency (CISA) and the NCSC. Hackers have also been using a technique called password spraying, which throws common passwords at targets until one of them works, to attack health care organizations in the U.S., […]

The post State-linked hacking continues amid race for coronavirus treatments, US and UK agencies warn appeared first on CyberScoop.

Continue reading State-linked hacking continues amid race for coronavirus treatments, US and UK agencies warn→

Hackers seize on software flaw to breach two victims, despite patch availability

Posted on May 4, 2020 by Sean Lyngaas

Days after researchers warned of critical vulnerabilities in popular data-management software, hackers have exploited the flaws to breach two organizations which rely on the technology. LineageOS, a free Android-based operating system, and Ghost, a nonprofit behind widely used blogging software, reported Sunday that unidentified hackers had breached their infrastructure in separate incidents. The disruptions are an example of how bugs found in widely used code often end up being exploited maliciously — even when software updates are available. Both LineageOS and Ghost rely on a tool for managing data centers and cloud-computing networks known as the Salt management framework. Cybersecurity company F-Secure reported two vulnerabilities in Salt last week which could enable attackers to execute code remotely and manipulate data. “Both of these vulnerabilities are exploitable by a remote, unauthenticated attacker,” said Rody Quinlan, a researcher at another security vendor, Tenable. Ghost said it was rebuilding its network. Customer data […]

The post Hackers seize on software flaw to breach two victims, despite patch availability appeared first on CyberScoop.

Continue reading Hackers seize on software flaw to breach two victims, despite patch availability→

Citing hacking threats, Trump limits foreign-sourced equipment in U.S. electric sector

Posted on May 1, 2020 by Sean Lyngaas

President Donald Trump on Friday issued an executive order barring federal agencies and companies under U.S. jurisdiction from installing foreign-owned equipment in the electric sector that might pose “an unacceptable risk to national security.” The sweeping directive authorizes Trump’s energy secretary, Dan Brouillette, to work with U.S. national security agencies and the energy industry to vet equipment before it gets installed, and to identify vulnerable gear already in place. It is the latest move by the administration to clamp down on foreign-sourced software and hardware, following an order last year covering U.S. companies’ procurement of telecommunications gear. The new executive order covers equipment procured and installed in the “bulk-power system” — or infrastructure used in electricity generation and transmission, and generally not distribution. “Foreign adversaries are increasingly creating and exploiting vulnerabilities” in that system, including through “malicious cyber activities,” Trump said in the order. One of the more notable hacking operations to target the U.S. […]

The post Citing hacking threats, Trump limits foreign-sourced equipment in U.S. electric sector appeared first on CyberScoop.

Continue reading Citing hacking threats, Trump limits foreign-sourced equipment in U.S. electric sector→

Facebook claims NSO Group’s lawyers have conflict of interest in WhatsApp case

Posted on April 30, 2020 by Sean Lyngaas

In the ongoing legal battle between Facebook and software surveillance company NSO Group, the social media giant is trying to get NSO Group’s legal counsel dismissed because of an alleged conflict of interest. In a court filing made public this week, Facebook asked a federal judge to disqualify law firm King & Spalding from representing NSO Group because the firm previously represented Facebook-owned WhatsApp in a different sealed case that is “substantially related” to the NSO Group one. King & Spalding, an Atlanta-based firm with a range of big corporate clients, has denied there is a conflict of interest, according to the filing. It is the latest twist in a legal tussle that began in October, when Facebook sued NSO Group, alleging that the Israeli company violated a federal anti-hacking law when its malware was used to infect some 1,400 mobile devices, including those of human rights advocates. NSO Group denies the […]

The post Facebook claims NSO Group’s lawyers have conflict of interest in WhatsApp case appeared first on CyberScoop.

Continue reading Facebook claims NSO Group’s lawyers have conflict of interest in WhatsApp case→

‘EventBot’ comes online amidst flurry of regularly-updated banking trojans

Posted on April 30, 2020 by Sean Lyngaas

Over the last several weeks, a group of unidentified hackers have been methodically testing a new piece of code designed to steal credentials people use to log into banks and other financial institutions. Like many a product developer, the hackers have been fine-tuning the malicious software to make it more effective in siphoning off data from a mobile phone. Perhaps unbeknownst to the hackers, a team of researchers have been watching and taking notes. On Thursday, the researchers, from Boston-based security company Cybereason, published their findings in an effort to preempt attacks on banking customers. It’s one of a wave of recent malicious applications designed to steal users’ banking data. In the last month, security researchers have reported malware targeting banking customers in Brazil and Spain. As an even greater number of people around the world use mobile banking, the impetus for criminals to compromise those transactions has grown. The […]

The post ‘EventBot’ comes online amidst flurry of regularly-updated banking trojans appeared first on CyberScoop.

Continue reading ‘EventBot’ comes online amidst flurry of regularly-updated banking trojans→

Privacy groups are still trying to get documents unsealed in Facebook encryption case

Posted on April 28, 2020 by Sean Lyngaas

Civil liberties groups on Tuesday asked an appeals court to unseal a federal judge’s ruling that rejected a U.S. government effort to force Facebook to decrypt voice calls. The American Civil Liberties Union and the Electronic Frontier Foundation argue that the public has a right to know about how U.S. prosecutors tried to force Facebook to decrypt the calls in a 2018 investigation of the MS-13 gang, and why a judge rejected the prosecutors’ effort. The Department of Justice is urging the court to keep the ruling sealed, arguing that making it public could compromise ongoing criminal investigations. It is the latest front in a broader standoff between privacy advocates and law enforcement over access to encrypted communications. Law enforcement officials have for years lamented that strong encryption has hampered investigations into terrorists and criminals. But many technologists say any software especially designed for law enforcement access risks weakening security […]

The post Privacy groups are still trying to get documents unsealed in Facebook encryption case appeared first on CyberScoop.

Continue reading Privacy groups are still trying to get documents unsealed in Facebook encryption case→

The latest in FBI impersonation: An extortion scheme involving mobile ransomware

Posted on April 28, 2020 by Sean Lyngaas

The FBI has done a lot to crack down on illicit online activity in recent years, from installing cyber investigators in field offices across the country to scouring the dark web for suspects. But those efforts, needless to say, do not include locking a suspect’s phone and demanding a fee to get the data back. It’s the latest twist on a scheme that cybercriminals have been using online for years: Make people think they’re in trouble with the feds, and shake them down for cash. Cybersecurity company Check Point said Tuesday that this time the crooks are encrypting the data on Android phones, accusing the victims of possessing illegal pornographic material and claiming that their personal details have been sent to an FBI data center. Victims are told to pay $500 to escape the situation. Older versions of the scheme involve fake FBI warnings that arrive via email or web browsers. Using the tactic with mobile ransomware is much less […]

The post The latest in FBI impersonation: An extortion scheme involving mobile ransomware appeared first on CyberScoop.

Continue reading The latest in FBI impersonation: An extortion scheme involving mobile ransomware→

Hackers spoof SBA to try to compromise companies’ computers

Posted on April 27, 2020 by Sean Lyngaas

With the U.S. Small Business Administration continuing to play a high-profile role in getting cash to companies that are struggling because of the coronavirus pandemic, cybercriminals are stepping up their efforts to steal money from those very firms. Research published Monday by IBM’s incident response team shows that attackers are spoofing the SBA in emails to try to install a remote hacking tool capable of stealing passwords and accessing webcams. They are exploiting attention on a nascent SBA program that offers up to $10 million in lending per business. If an unsuspecting recipient opens the emails found by IBM, a data-stealing remote access trojan (RAT) known as Remcos can take control of the person’s computer. It is another example of how, as U.S. agencies have opened their spigots to provide hundreds of billion of dollars in relief to American businesses during the pandemic, cybercriminals have looked to pounce. The hackers are “exploiting the […]

The post Hackers spoof SBA to try to compromise companies’ computers appeared first on CyberScoop.

Continue reading Hackers spoof SBA to try to compromise companies’ computers→

Internal EU report on coronavirus disinformation was harsher on China than public release

Posted on April 24, 2020 by Sean Lyngaas

A publicly-released European Union report on disinformation campaigns related to the novel coronavirus is watered down and less detailed in describing Chinese government activity compared to an internal assessment, according to a copy of the document obtained by CyberScoop. The internal assessment from the European External Action Service (EEAS), the EU’s diplomatic service, was more direct in describing Chinese efforts to manipulate public perceptions of the pandemic. The document, which also covers Russian and Iranian disinformation efforts, singled out “official Chinese sources” for making a “continued and coordinated push” to deflect blame for the virus’s spread. It pointed to reports that China was running “a global disinformation campaign” to both shield itself from criticism and “improve its international image.” But the public report that the EEAS posted online Friday had muted criticism for Beijing, and said that “other actors,” in addition to China, were deflecting blame. The New York Times reported earlier Friday that some EU officials had softened the report, and […]

The post Internal EU report on coronavirus disinformation was harsher on China than public release appeared first on CyberScoop.

Continue reading Internal EU report on coronavirus disinformation was harsher on China than public release→

Poland implicates Russia in cyberattack, info op aimed at undercutting U.S. relations

Posted on April 24, 2020 by Sean Lyngaas

Polish security services on Thursday suggested the Russian government could be behind a cyberattack against an elite Polish military academy and an ensuing effort to undermine U.S.-Polish relations. Stanislaw Zaryn, a spokesman for Minister-Special Services Coordinator, which oversees Polish security agencies, announced that hackers had breached the website of Poland’s War Studies University. The attack was followed by a disinformation campaign, Zaryn said, in which attackers posted a letter where the head of the university purportedly described the U.S. troop presence in Poland as an “American occupation.” The fake letter was picked up by at least three Polish websites, one with a history of pushing disinformation, Polish officials said. Poland’s government did not conclusively blame the Russian government for the information operation. However, Zaryn said the effort, apparently meant to sow discord between the U.S. and a key ally in Central Europe, would be “congruent with disinformation activities carried out by the Russian Federation against Poland.” “Poland’s special services are […]

The post Poland implicates Russia in cyberattack, info op aimed at undercutting U.S. relations appeared first on CyberScoop.

Continue reading Poland implicates Russia in cyberattack, info op aimed at undercutting U.S. relations→