Sean Lyngaas – Page 51 – WindowsTechs.com

Boing Boing says hacker got around 2FA in breaching its content management system

Posted on January 13, 2020 by Sean Lyngaas

Boing Boing, a popular blog and news aggregator with deep roots on the internet, said Monday that an unknown attacker had used a hacked account of one of its team members to spread malicious code. The hacker was able to get around two-factor authentication — an extra security measure — to log into the Boing Boing content management system (CMS) software. From there, the attacker installed a widget that redirected Boing Boing visitors to a malicious web page, the publication said in a statement under the tagline, “We Wuz Hacked.” Founded three decades ago as a zine, Boing Boing is an irreverent and wide-ranging news site that embraced blogging long before it became popular. Contributors to the self-styled “Directory of Wonderful Things” have long promoted sound security practices. In May 2019, for example, co-editor Cory Doctorow blogged about a Google study touting the benefits of 2FA. Boing Boing said the breach occurred around midday Friday and that, once the issue […]

The post Boing Boing says hacker got around 2FA in breaching its content management system appeared first on CyberScoop.

Continue reading Boing Boing says hacker got around 2FA in breaching its content management system→

Experts urge organizations to address festering critical Citrix flaw

Posted on January 10, 2020 by Sean Lyngaas

It’s been more than two weeks since researchers went public with a critical vulnerability in products made by corporate VPN service provider Citrix that could give a hacker free rein over the many enterprise networks that use the software. Now, with no sign of a complete patch for the vulnerability, cybersecurity experts are exhorting organizations to address the issue. “It’s extremely important to apply the mitigation steps and recognize that there is no patch for this,” said Dave Kennedy, founder of cybersecurity company TrustedSec, adding that he has already seen attackers scanning for vulnerable systems. “We have a working exploit, and it took us under a day to develop it,” Kennedy told CyberScoop. “Attackers have the same capabilities.” The flaw, discovered by cybersecurity company Positive Technologies, is in a Citrix cloud-based application delivery tool, as well as a product that allows remote access to the company’s applications. Based on the […]

The post Experts urge organizations to address festering critical Citrix flaw appeared first on CyberScoop.

Continue reading Experts urge organizations to address festering critical Citrix flaw→

FBI says Iranian hackers have done reconnaissance since Soleimani killing

Posted on January 10, 2020 by Sean Lyngaas

The FBI has told U.S. companies that Iranian hackers have stepped up their probing and reconnaissance activity in the days since the U.S. military killed Iranian Maj. Gen. Qassem Soleimani. In an advisory to industry this week obtained by CyberScoop, the FBI warned that Iranian hackers could target cleared defense contractors, government agencies, academia and nongovernmental organizations focused on Iran issues. The FBI assesses that Iranian hackers could use “a range of computer network operations against U.S.-based networks in retaliation for last week’s strikes against Iranian military leadership,” says the memo, which is labeled “TLP White,” meaning its recipients can distribute it liberally. The Jan. 9 alert did not elaborate on the nature of the Iranian “cyber reconnaissance activity” that the FBI says has occurred since Soleimani’s killing, nor did it mention any Iranian breaches of networks as part of that activity. FBI alert follows others The FBI joins a chorus […]

The post FBI says Iranian hackers have done reconnaissance since Soleimani killing appeared first on CyberScoop.

Continue reading FBI says Iranian hackers have done reconnaissance since Soleimani killing→

Google researcher beefs up iMessage security by demonstrating clickless exploit

Posted on January 9, 2020 by Sean Lyngaas

Software exploits that don’t require a victim to click a link to be compromised are an intriguing and growing area of research for white-hat hackers. So it is no surprise that Google’s elite team of hackers, Project Zero, has dug into this stealthy mode of attack in recent months. On Thursday, Samuel Gross laid out how, armed with only a target’s Apple ID, he could remotely compromise an iPhone within minutes to steal passwords, text messages and emails, and activate the camera and microphone. The attack, which exploited an iOS 12.4 vulnerability for which Apple issued a patch in last August, shows how “small design decisions can have significant security consequences,” Gross wrote in a blog post. Gross poked holes in some conventional wisdom around security features used in the iPhone operating system. A data-randomizing security feature known as ASLR meant to guard against exploits “is not as strong in practice,” he […]

The post Google researcher beefs up iMessage security by demonstrating clickless exploit appeared first on CyberScoop.

Continue reading Google researcher beefs up iMessage security by demonstrating clickless exploit→

In letter to senators, Amazon’s Ring defends cybersecurity policies

Posted on January 8, 2020 by Sean Lyngaas

After a series of security incidents involving products made by Amazon-owned Ring, the home security company is making the case to U.S. senators that its cybersecurity policies are robust. In a letter to lawmakers this week, which CyberScoop obtained, Ring said it regularly does penetration testing and source code reviews of its products, and that it encrypts the video captured by its cameras. “Like any rapidly growing company, we recognize that we must continually evolve and enhance our data and security practices to block efforts by bad actors,” Brian Huseman, Amazon’s vice president of public policy, wrote in the letter to five Senate Democrats. The company said it now “proactively monitors” for customer credentials sucked up in third-party breaches, and recently began prompting users to set up two-factor authentication on their accounts to make it harder for hackers to compromise them. The senators — Chris Coons of Connecticut; Ed Markey of […]

The post In letter to senators, Amazon’s Ring defends cybersecurity policies appeared first on CyberScoop.

Continue reading In letter to senators, Amazon’s Ring defends cybersecurity policies→

Saudi cyber authority uncovers new data-wiping malware, and experts suspect Iran is behind it

Posted on January 8, 2020 by Sean Lyngaas

Around the time that tensions between the U.S. and Iran started mounting last month, authorities in Saudi Arabia discovered a new variant of data-wiping malware that cybersecurity analysts suspect originated with Iranian hackers. The attackers deployed the malware against an unnamed target on Dec. 29 with “urgency,” rushing to execute their malware and in the process leaving clues behind on the victim network, according to a technical report from Saudi Arabia’s National Cybersecurity Authority (NCA) obtained by CyberScoop. “Signs of compromise of the network dating back a few months before destructive payload was detonated,” says the memo, which was distributed to cybersecurity specialists who protect critical infrastructure. While the advisory doesn’t identify the culprit suspected in the attack, it does suggest the work of state-sponsored hackers. Analysts familiar with the attack told CyberScoop that the activity bore technical similarities to previous hacking out of Iran. This advisory, first reported by Yahoo News, […]

The post Saudi cyber authority uncovers new data-wiping malware, and experts suspect Iran is behind it appeared first on CyberScoop.

Continue reading Saudi cyber authority uncovers new data-wiping malware, and experts suspect Iran is behind it→

DHS tells U.S. organizations to clamp down on cybersecurity in wake of Soleimani killing

Posted on January 7, 2020 by Sean Lyngaas

The Department of Homeland Security on Monday issued guidance to U.S. companies and government agencies on securing their computer networks following the killing last week of a top Iranian general. The advisory from DHS’s Cybersecurity and Infrastructure Security Agency acknowledges the considerable capabilities at Iran’s disposal should the Islamic Republic choose to retaliate in cyberspace, and urges organizations to consider whether they make an attractive target for Tehran’s hackers. Iran and its proxies have a history of “disruptive and destructive cyber operations against strategic targets, including finance, energy, and telecommunications organizations, and an increased interest in industrial control systems and operational technology,” the advisory says. Iranian operatives could also steal intellectual property or conduct cyber-espionage “to enable a better understanding of our strategic direction and policy-making,” according to CISA. “Review your organization from an outside perspective and ask the tough questions—are you attractive to Iran and its proxies because of your business model, who your […]

The post DHS tells U.S. organizations to clamp down on cybersecurity in wake of Soleimani killing appeared first on CyberScoop.

Continue reading DHS tells U.S. organizations to clamp down on cybersecurity in wake of Soleimani killing→

After U.S. kills Iranian general, analysts warn of Tehran’s ability to retaliate in cyberspace

Posted on January 3, 2020 by Sean Lyngaas

After the U.S. military said it killed Qassem Soleimani, the chief of Iran’s Quds Force, in an airstrike early Friday in Baghdad, Iran’s supreme leader vowed to exact revenge on the United States. Of prime concern will be Iran’s ability to carry out violent physical attacks on U.S. interests or its allies throughout the Middle East. But Iran could also leverage its considerable hacking capabilities to disrupt U.S. organizations. The U.S. attack, ordered by President Donald Trump, was carried out in response to Soleimani’s “actively developing plans to attack American diplomats and service members in Iraq and throughout the region,” the Pentagon said in a statement. Iran has previously retaliated against the U.S. through distributed denial-of-service attacks on banks’ websites in 2012 and 2013, reportedly in response to U.S. sanctions. Since then, Iranian hackers have gotten more advanced — and shown a penchant for data-destroying hacks. Shamoon and more The country’s attackers allegedly used the infamous Shamoon […]

The post After U.S. kills Iranian general, analysts warn of Tehran’s ability to retaliate in cyberspace appeared first on CyberScoop.

Continue reading After U.S. kills Iranian general, analysts warn of Tehran’s ability to retaliate in cyberspace→

FBI warns U.S. companies about Maze ransomware, appeals for victim data

Posted on January 2, 2020 by Sean Lyngaas

The FBI is warning U.S. companies about a series of recent ransomware attacks in which the perpetrator, sometimes posing as a government agency, steals data and then encrypts it to further extort victims. In an advisory to the private sector last week, the FBI called for vigilance to combat the so-called Maze ransomware, which the bureau said began hitting U.S. organizations in November. “From its initial observation, Maze used multiple methods for intrusion, including the creation of malicious look-a-like cryptocurrency sites and malspam campaigns impersonating government agencies and well-known security vendors,” states the advisory obtained by CyberScoop. “In a late November 2019 attack, Maze actors threatened to publicly release confidential and sensitive files from a US-based victim in an effort to ensure ransom payment,” the advisory says, without naming the victim. Maze is but one of an array of different strains of ransomware to emerge in recent years, a scourge with which companies and […]

The post FBI warns U.S. companies about Maze ransomware, appeals for victim data appeared first on CyberScoop.

Continue reading FBI warns U.S. companies about Maze ransomware, appeals for victim data→