Sean Lyngaas – Page 52 – WindowsTechs.com

Blunt phone call shows state officials are unhappy with rollout of election security framework

Posted on December 20, 2019 by Sean Lyngaas

Mac Warner needed to get something off his chest. The secretary of state of West Virginia had patiently listened to federal officials explain their updated process for notifying state officials and the public of foreign attempts to interfere in U.S. elections. As the Nov. 8 phone call with election officials across the country came to a close, Warner said he wouldn’t mince words the way one of his “silver-tongued” colleagues had done while offering feedback on the updated process. “The analogy that came to me is the realigning of the deck chairs on the Titanic,” Warner said, according to a call transcript obtained by CyberScoop. “I think this is a straightening up of the chairs: It feels good and so forth, but you’re not getting to the substance.” It was one of multiple blunt exchanges about the new threat-notification framework, which is meant to give U.S. officials a consistent process for alerting state personnel, the private sector, Congress, and […]

The post Blunt phone call shows state officials are unhappy with rollout of election security framework appeared first on CyberScoop.

Continue reading Blunt phone call shows state officials are unhappy with rollout of election security framework→

The anatomy of the MyKings botnet, and why it matters for security

Posted on December 18, 2019 by Sean Lyngaas

Deconstructing a zombie army of comprised computers — commonly known as a botnet — can tell you a lot about the security weaknesses over a range of digital infrastructure. The unpatched machines the botnet preys on, the protocols it uses, and the malicious code it distributes come into sharp focus. A new study of the MyKings botnet — a notorious horde of computers that has netted crooks some $3 million — by antivirus firm Sophos highlights how Windows servers are vulnerable to a range of attacks from the botnet. The MyKings botnet, also known as Smominru, is like a mash-up of recent security trends: it has been used to mine cryptocurrency, it has taken advantage of users’ failure to patch their systems, and it has employed a software exploit released by the Shadow Brokers. MyKings’ authors have also started experimenting with steganography — an increasingly popular technique in which hackers hide […]

The post The anatomy of the MyKings botnet, and why it matters for security appeared first on CyberScoop.

Continue reading The anatomy of the MyKings botnet, and why it matters for security→

This China-linked espionage group keeps trying to hack the Cambodian government

Posted on December 17, 2019 by Sean Lyngaas

There is no shortage of malware that government-backed hackers can get from the public domain, saving them the trouble of developing their own code. But to meet their intelligence-gathering needs, plenty of groups still roll up their sleeves and build their own kits. A Chinese espionage outfit known as Rancor has been particularly active on that front. New findings from Palo Alto Networks’ Unit 42 research unit, shared exclusively with CyberScoop, show how, over the past year, the group has tried to break into the network of an unnamed Cambodian government organization and deploy their custom malware. First, the group laced a Microsoft Excel document with previously undocumented malware in an attempted breach of the Cambodian organization in December 2018 and January 2019, Unit 42 said. When that didn’t work, Rancor packed a computer script with a bunch of potentially infectious code, Unit 42 researchers discovered in July. The research […]

The post This China-linked espionage group keeps trying to hack the Cambodian government appeared first on CyberScoop.

Continue reading This China-linked espionage group keeps trying to hack the Cambodian government→

DHS’s Jeanette Manfra to join Google’s cloud division

Posted on December 11, 2019 by Sean Lyngaas

One of the U.S. government’s most influential cybersecurity officials is heading to Google. Jeanette Manfra will take a job at the tech giant’s cloud division in January after leaving her post as assistant director for cybersecurity at the Department of Homeland Security. Manfra will be global director of security and compliance as part of a new security team at Google Cloud, the company said in a statement to CyberScoop. She will help lead a new “Office of the CISO” initiative at Google Cloud to bolster security with Cloud customers, the company said. “She will lend her considerable experience in cybersecurity toward helping our customers, particularly those in regulated industries, build and maintain the highest levels of security and trust into their technical infrastructure and services,” a Google Cloud spokesperson said. Manfra could not be reached for comment. With its cloud division, Google has looked to establish more of a foothold in the federal cybersecurity […]

The post DHS’s Jeanette Manfra to join Google’s cloud division appeared first on CyberScoop.

Continue reading DHS’s Jeanette Manfra to join Google’s cloud division→

Another Amazon-owned camera has a multitude of flaws

Posted on December 10, 2019 by Sean Lyngaas

Researchers have found no less than seven vulnerabilities in a popular Amazon-owned security camera that, if exploited, would turn the device into a playground for malicious hackers. An attacker who took advantage of one or more of the flaws found by cybersecurity company Tenable could obtain audio or video from the camera or conscript the device into a botnet to conduct denial-of-service attacks, Tenable said. The camera in question is the Blink XT2, a popular consumer device that comes with cloud storage. By picking apart the camera’s application programming interface, the researchers figured out how that system controls the device, and how it can be abused. The vulnerabilities, for which Amazon has issued fixes, vary in severity and the likelihood that they will be exploited. One flaw requires physical access to the camera to exploit. Regardless, the amount of bugs this one study has uncovered points to a larger issue […]

The post Another Amazon-owned camera has a multitude of flaws appeared first on CyberScoop.

Continue reading Another Amazon-owned camera has a multitude of flaws→

DHS chooses Bryan Ware, former AI entrepreneur, as assistant director for cybersecurity

Posted on December 9, 2019 by Sean Lyngaas

Department of Homeland Security officials have selected Bryan S. Ware, a tech-savvy entrepreneur and holder of multiple patents, to be the department’s most senior official focused exclusively on cybersecurity, according to multiple people familiar with the matter. For the last 10 months, Ware has been a DHS assistant secretary working on policies to make critical infrastructure more resilient to hacking threats. Now, pending White House approval, Ware is set to have an even more pronounced impact on DHS’s cybersecurity work. Ware would replace Jeanette Manfra, who is leaving for the private sector at the end of the year, as assistant director for cybersecurity at DHS’s Cybersecurity and Infrastructure Security Agency (CISA). It is a crucial job as CISA continues to mature as a federal agency charged with combatting cyberthreats to election systems and other critical infrastructure. Sources familiar with Ware’s selection said the White House’s approval process is underway and that nothing is final. […]

The post DHS chooses Bryan Ware, former AI entrepreneur, as assistant director for cybersecurity appeared first on CyberScoop.

Continue reading DHS chooses Bryan Ware, former AI entrepreneur, as assistant director for cybersecurity→

Senior FBI cyber official Amy Hess to take security position at City of Louisville

Posted on December 6, 2019 by Sean Lyngaas

Amy Hess has spent nearly three decades at the FBI, rising to become the highest-ranking woman in the bureau and head of the Criminal, Cyber, Response, and Services Branch. Now, she’s heading to Louisville, Kentucky, where, starting in February, she will be chief of public services, overseeing things like emergency services and public works. Mayor Greg Fischer announced Hess’s appointment last month in a statement picked up by local media but little noticed inside the Beltway. It is a homecoming of sorts for Hess, who previously served as special agent in charge in the FBI’s Louisville field office. It was not immediately clear who would replace Hess as head of the Criminal, Cyber, Response, and Services Branch. CyberScoop has requested comment from the FBI. As a senior FBI cybersecurity official, Hess has spoken out about hacking threats from the Chinese and Russian governments, but also about how the FBI is working […]

The post Senior FBI cyber official Amy Hess to take security position at City of Louisville appeared first on CyberScoop.

Continue reading Senior FBI cyber official Amy Hess to take security position at City of Louisville→

Facebook accuses two Chinese nationals of using hacked accounts to spread ads

Posted on December 5, 2019 by Sean Lyngaas

Facebook is taking action against two Chinese nationals and a Hong Kong advertising firm for allegedly using the social media platform to distribute malware, then push misleading advertisements to try to make money. The lawsuit filed Thursday in the Northern District of California accuses ILikeAd Media International Company Ltd. and two individuals, Chen Xiao Cong and Huang Tao, of involvement with a scheme to dupe users into downloading malware. Then, the suit states, conspirators would use hacked accounts to advertise counterfeit goods and diet pills. Since April, Facebook has been notifying hundreds of thousands of users that their accounts may have been compromised by the scheme and instructing them to change their passwords, according to the complaint. Facebook has paid more than $4 million to reimburse victims for the fraudulent ads, per the complaint. The social media giant now is asking the court for injunctive relief to stop the defendants’ use […]

The post Facebook accuses two Chinese nationals of using hacked accounts to spread ads appeared first on CyberScoop.

Continue reading Facebook accuses two Chinese nationals of using hacked accounts to spread ads→

DHS official briefs senators on state ransomware threats in classified meeting

Posted on December 4, 2019 by Sean Lyngaas

The head of the Department of Homeland Security’s cybersecurity division on Wednesday provided senators with a classified briefing on ransomware attacks, the latest indication of the threat the file-locking malware poses to state and local governments. Chris Krebs, director of DHS’s Cybersecurity and Infrastructure Security Agency (CISA), briefed the Senate Cybersecurity Caucus, a bipartisan group of lawmakers led by Sens. Mark Warner, D-Va., and Cory Gardner, R-Colo. The newest member of the caucus, Sen. Maggie Hassan, D-N.H., confirmed the briefing in a statement. “From ransomware attacks on local hospitals to a hack of federal government records, cyberattacks pose a serious threat to our communities and national security,” Hassan said. In the last few years, poorly secured U.S. businesses, schools, and local governments have lost millions of dollars after ransomware infections. Over 100 public-sector ransomware attacks have been reported in 2019 alone, double the amount in 2018. This classified briefing followed an unprecedented, closed-door summit held by […]

The post DHS official briefs senators on state ransomware threats in classified meeting appeared first on CyberScoop.

Continue reading DHS official briefs senators on state ransomware threats in classified meeting→

IBM sounds alarm about more data-wiping malware from Iran

Posted on December 4, 2019 by Sean Lyngaas

IBM’s security experts said Wednesday they have uncovered previously unknown malware developed by Iranian hackers that was used in a data-wiping attack against unnamed energy and industrial organizations the Middle East. The newfound malware, dubbed ZeroCleare, “spread to numerous devices on the affected network, sowing the seeds of a destructive attack that could affect thousands of devices and cause disruption that could take months to fully recover from,” Limor Kessem, an Israel-based analyst with IBM’s X-Force incident response team, wrote in a blog post. The discovery adds to years of evidence that hackers linked to the Iranian government have developed and deployed data-destroying code against multiple targets in the Middle East. Security analysts have warned that Iran could step up its use of cyberattacks amid heightened tensions with Saudi Arabia and the United States. IBM analysts believe APT34 — a hacking group linked with the Iranian government — and at least one […]

The post IBM sounds alarm about more data-wiping malware from Iran appeared first on CyberScoop.

Continue reading IBM sounds alarm about more data-wiping malware from Iran→