Sean Lyngaas – Page 53 – WindowsTechs.com

Candidate in UK’s Labour Party says he was targeted by Russian hackers

Posted on December 4, 2019 by Sean Lyngaas

A candidate for office from the United Kingdom’s Labour Party says Russian hackers sent him malware-laced email in what he deemed a “sophisticated” attack. Ben Bradshaw, who has spoken up about Russian interference in British politics, revealed Tuesday that he had received a suspicious email purporting to be from a Russian whistleblower. Cyber & security experts I consulted found a mysterious email I received from a Kremlin “whistleblower” last week contained sophisticated malware. Reported to the @NCSC. Still waiting for publication of that #RussiaReport, Johnson. #ReleaseTheRussianReport https://t.co/U3O3Bdp38l — Ben Bradshaw (@BenPBradshaw) December 3, 2019 The email included a ruse that used the signature of a Russian envoy and PowerPoint slide purportedly produced by Russia’s FSB intelligence agency, The Guardian reported. Bradshaw did not immediately respond to CyberScoop’s request for him to elaborate on the incident. The National Cyber Security Centre (NCSC), one of the UK’s main cybersecurity agencies, is investigating […]

The post Candidate in UK’s Labour Party says he was targeted by Russian hackers appeared first on CyberScoop.

Continue reading Candidate in UK’s Labour Party says he was targeted by Russian hackers→

Justice Department faces different threat profile because of its investigative work, CISO says

Posted on December 3, 2019 by Sean Lyngaas

The Department of Justice faces a different combination of hacking threats from criminals and foreign governments than other U.S. federal organizations because of the department’s dual law enforcement and counterintelligence missions, the department’s top cybersecurity official said Tuesday. The “threat profile” facing the Justice Department stems from the sensitive case work department officials pursue against criminal hackers and foreign spies, according to Nickolous Ward, the department’s chief information security officer. “That’s where organized crime might be more interested in us, when we’re going after cybercrimes,” Ward told CyberScoop at the Security Transformation Summit presented by Fortinet and produced by FedScoop and StateScoop. “Or, from the counterintelligence aspect, if we’re looking at nation-states, they’re certainly interested in if we’re investigating them,” Ward added. In the last 18 months, the department has unsealed a number of hacking charges in federal court, whether for alleged state-sponsored cyber espionage or lone criminal activity. Last […]

The post Justice Department faces different threat profile because of its investigative work, CISO says appeared first on CyberScoop.

Continue reading Justice Department faces different threat profile because of its investigative work, CISO says→

Australian and European police shut down access to popular criminal hacking tool

Posted on December 2, 2019 by Sean Lyngaas

Australian and European law enforcement officials say they have taken down a remote-access hacking tool that had been sold to 14,500 buyers in 124 countries. The demise of the so-called Imminent Monitor Remote Access Trojan’s (IM-RAT), which officials said had been used to steal personal data from tens of thousands of victims, is a major victory for law enforcement officials in Australia and Europol, the European Union’s law enforcement agency. The invasive RAT gave anyone willing to pay $25 full access to a victim’s machine to steal photographs, passwords, and video footage. Months of investigative work culminated last month in the dismantling of IM-RAT’s infrastructure, and the arrest of 13 of its most prolific users. Where exactly the suspects were arrested was not immediately clear. None were arrested in Australia. “The offenses enabled by IM-RAT are often a precursor to more insidious forms of data theft and victim manipulation, which […]

The post Australian and European police shut down access to popular criminal hacking tool appeared first on CyberScoop.

Continue reading Australian and European police shut down access to popular criminal hacking tool→

For criminal hackers, Brazilian hotel networks appear to be easy targets

Posted on December 2, 2019 by Sean Lyngaas

Cybercriminals have gone on a spree in Brazil’s hospitality industry, infecting the networks of hotels and tourism companies with malware that steals credit card data, according to researchers at Kaspersky. All told, the hackers have struck hospitality organizations in eight states across Brazil, and 20 hotels in that country and others around the world, Kaspersky said last week. Active since 2015, the hackers have stepped up their activity this year. They are brazenly selling access to hotel networks they’ve breached to whoever is buying. Some Brazilian criminals tout the extracted credit card data “as high quality and reliable” because it came from a hotel administration system, the researchers wrote in a blog post. The breaches often begin with spearphishing emails in fluent Portuguese to hotel employees. Once clicked, the emails open up malware capable of capturing data that flows downstream during the reservation process from popular sites like Booking.com. The findings underscore Brazil’s longstanding struggles […]

The post For criminal hackers, Brazilian hotel networks appear to be easy targets appeared first on CyberScoop.

Continue reading For criminal hackers, Brazilian hotel networks appear to be easy targets→

Preaching blockchain in North Korea gets an American in trouble at home

Posted on December 2, 2019 by Sean Lyngaas

An American man has been arrested for allegedly trying to help the North Korean government evade U.S. economic sanctions by using blockchain technology. Virgil Griffith, 36, is accused of traveling to North Korea against the advice of U.S. officials to deliver a presentation on blockchain and cryptocurrency at the DPRK Cryptocurrency Conference in April. There, U.S. officials allege, Griffith interacted with attendees who apparently worked for the North Korean government. The North Koreans allegedly quizzed Griffith about the technical aspects of blockchain, the distributed ledger technology that creates a secure record of transactions and is the backbone of cryptocurrencies such as bitcoin. The American also allegedly discussed how cryptocurrencies could be used to launder money, a keen interest of the North Korean government. Griffith is accused of violating the International Emergency Economic Powers Act (IEEPA), which bars U.S. citizens from exporting goods, services, or technology to North Korea without a license from […]

The post Preaching blockchain in North Korea gets an American in trouble at home appeared first on CyberScoop.

Continue reading Preaching blockchain in North Korea gets an American in trouble at home→

Splunk tells users to patch ‘Y2K-style’ flaw

Posted on November 27, 2019 by Sean Lyngaas

Data analytics platform Splunk has told users to patch a flaw in the company’s platform that, starting next year, would cause all sorts of problems for people trying to read and search data. The problem lies in how the data is timestamped on Splunk, which ingests information from a variety of sources.Starting Jan. 1, unpatched “instances” of the Spunk platform won’t recognize data that is stamped with a two-digit year. The issue, which affects all iterations of the Splunk platform on any operating system, would mean that users won’t get accurate results when they query threat data for key information. “As this is a critical update, there is no option to defer it,” the San Francisco-based company said in an advisory released this week. To prevent those data problems, Users can download an updated version of the file that helps the platform process timestamps, tweak the file itself, or upgrade their platform altogether. […]

The post Splunk tells users to patch ‘Y2K-style’ flaw appeared first on CyberScoop.

Continue reading Splunk tells users to patch ‘Y2K-style’ flaw→

DHS issues draft order to require vulnerability disclosure policies at civilian agencies

Posted on November 27, 2019 by Sean Lyngaas

The Department of Homeland Security’s cybersecurity division is trying something new. Instead of simply ordering civilian agencies to take a specific action to shore up their cybersecurity, it is asking the public to weigh in on the order first. On Wednesday, DHS’ Cybersecurity and Infrastructure Security Agency issued a draft Binding Operational Directive (BOD) that compels civilian agencies to establish programs to work with outside security researchers to find and fix software flaws in agency websites and applications. The appeal for public input is in the collaborative spirit of vulnerability disclosure policies (VDP), which crowdsource an organization’s security by asking ethical hackers to improve it. VDPs are common in the private sector, but much too rare in government for DHS’s taste. When CyberScoop first reported last month that CISA had prepared the directive, officials estimated that, out of scores of civilian agencies, just 10 had VDPs in place. “[I]t’s the public […]

The post DHS issues draft order to require vulnerability disclosure policies at civilian agencies appeared first on CyberScoop.

Continue reading DHS issues draft order to require vulnerability disclosure policies at civilian agencies→

NSO employees take Facebook to Israeli court to unblock accounts

Posted on November 26, 2019 by Sean Lyngaas

The plot has thickened in a legal battle between social media giant Facebook and NSO Group, a surveillance software vendor accused of abetting human rights abuses. After Facebook sued the Israeli company last month for allegedly violating a federal anti-hacking law, NSO Group employees have filed their own motion in Israeli court, claiming that Facebook unfairly blocked their personal accounts in retaliation. The petition from several NSO Group employees asks the court to order Facebook to lift a block on their Facebook and Instagram accounts, arguing that Facebook cut access to their accounts without notice and in violation of the company’s policies. The motion is a smaller-scale response to Facebook’s landmark lawsuit against NSO Group. The suit, brought in a federal court in California, alleges that the vendor violated the Computer Fraud and Abuse Act when NSO’s custom malware was deployed on some 1,400 mobile devices with WhatsApp installed during […]

The post NSO employees take Facebook to Israeli court to unblock accounts appeared first on CyberScoop.

Continue reading NSO employees take Facebook to Israeli court to unblock accounts→

Commerce Department proposes rules for implementing Trump’s supply-chain security order

Posted on November 26, 2019 by Sean Lyngaas

The Department of Commerce on Tuesday outlined how it might implement a White House order that gives the department broad leeway to ban foreign parts in U.S. IT and communications supply chains because of security concerns. Secretary of Commerce Wilbur Ross will “adopt a case-by-case” approach to determining what components will be banned, drawing on assessments from the Department of Homeland Security and the Office of the Director of National Intelligence, the department said in a statement. Under the proposal, before making a final decision to exclude a foreign company from U.S. digital supply chains, the Commerce Secretary would notify the company, giving it the opportunity to address security concerns and avoid a ban. The secretary would send an unclassified ruling to the parties explaining the decision and make that public when appropriate. The proposal is a key step toward making a more stringent national policy governing U.S. supply chains a […]

The post Commerce Department proposes rules for implementing Trump’s supply-chain security order appeared first on CyberScoop.

Continue reading Commerce Department proposes rules for implementing Trump’s supply-chain security order→

APT33 has shifted targeting to industrial control systems software, Microsoft says

Posted on November 22, 2019 by Sean Lyngaas

In the last two months, an aggressive hacking group linked with the Iranian government has made a troubling shift in its targeting, security researchers at Microsoft say. Instead of simply probing IT networks, the hackers have gone after a series of industrial control system (ICS) products used in the energy sector. Given that the group, known as APT33, has been linked with data-wiping hacks in the past, the new activity has analysts’ full attention. It fits a broader trend in state-linked activity in which attackers have been increasingly willing to probe industrial software to achieve their objectives. “You have an actor that has been linked to deployment of destructive payloads in the past,” said Microsoft security researcher Ned Moran, laying out his concerns. “You have an actor that’s really interested in the energy industry,” including important infrastructure such as pipelines, refineries and power plants. What APT33’s objectives are in its latest activity […]

The post APT33 has shifted targeting to industrial control systems software, Microsoft says appeared first on CyberScoop.

Continue reading APT33 has shifted targeting to industrial control systems software, Microsoft says→