Sean Lyngaas – Page 55 – WindowsTechs.com

Ransomware infects popular web-hosting provider SmarterASP

Posted on November 11, 2019 by Sean Lyngaas

A ransomware attack has hit SmarterASP.NET, a popular web-hosting provider, forcing the websites of an unspecified number of customers offline. “Your hosting account was under attack and hackers have encrypted all your data,” SmarterASP.NET, which claims over 440,000 customers, said Monday in a message on its website. “We are now working with security experts to try to decrypt your data and also to make sure this would never happen again.” For relatively cheap, SmarterASP.NET lets organizations or individuals host an unlimited number of websites per month. That makes SmarterASP.NET an attractive target for a ransomware-slinging attacker looking to hit a range of victims. The ransomware attack was an unwelcome disruption for a company that markets itself on keeping sites online. Throughout the day Monday, SmarterASP.NET posted updates to its Facebook page saying that customer accounts locked by the ransomware were gradually being decrypted and restored. Some customers thanked SmarterASP.NET for […]

The post Ransomware infects popular web-hosting provider SmarterASP appeared first on CyberScoop.

Continue reading Ransomware infects popular web-hosting provider SmarterASP→

U.S. officials release framework for notifying public of foreign interference in elections

Posted on November 8, 2019 by Sean Lyngaas

The Trump administration on Friday released a framework describing the process by which it would notify Congress, state and local officials, the private sector, and the public about foreign interference in U.S. elections. The framework supplements existing laws, under which the FBI and the Department of Homeland Security alert victims of cyber intrusions and other malicious activity. The document is recognition that, in cases of foreign attempts to disrupt the electoral process, more communication with the public is needed. One key factor in the notification process, according to a one-page summary released by the Office of the Director of National Intelligence, is whether public disclosure of a foreign interference operation will deter the activity and protect the public, or instead re-amplify the adversary’s message. If DHS’s cybersecurity agency or a member of the intelligence community wants to disclose foreign interference activity beyond what is required by law, an interagency group of intelligence officials will […]

The post U.S. officials release framework for notifying public of foreign interference in elections appeared first on CyberScoop.

Continue reading U.S. officials release framework for notifying public of foreign interference in elections→

New York company charged with selling vulnerable Chinese-made equipment to U.S. military

Posted on November 7, 2019 by Sean Lyngaas

U.S. prosecutors on Thursday announced charges against a New York company and seven of its current and former employees for allegedly selling Chinese-made surveillance equipment with known cybersecurity flaws while falsely claiming the technology was made in the U.S. Aventura Technologies, which makes security equipment like metal detectors and surveillance cameras, is accused of lying to customers, including the U.S. military, for over a decade by claiming to make their equipment in Long Island while surreptitiously importing it from China. In doing so, Aventura exposed its customers to “serious, known cybersecurity risks, and created a channel by which hostile foreign governments could have accessed some of the government’s most sensitive facilities,” the Justice Department said in a press release. The U.S. Air Force, Navy, and the Department of Energy were among Aventura’s clients. Jack Cabasso, the company’s de facto owner, his wife, Frances, and other senior company executives were charged with […]

The post New York company charged with selling vulnerable Chinese-made equipment to U.S. military appeared first on CyberScoop.

Continue reading New York company charged with selling vulnerable Chinese-made equipment to U.S. military→

Google asks mobile security vendors to help keep hackers out of the Play Store

Posted on November 6, 2019 by Sean Lyngaas

Google announced Wednesday it would work with multiple cybersecurity companies to better secure the Google Play Store, which hackers have repeatedly used to distribute malicious software. Google’s decision to collaborate with ESET, Lookout, and Zimperium is an acknowledgement of the challenges of securing the Play Store and the countless devices that interact with it. Each company has distinguished itself by releasing research detailing how hackers are using mobile apps to spread nefarious code. Google will integrate its Google Play malware detection systems with each of those companies’ anti-virus scanning engines. That will allow the companies to do an extra layer of vetting before an app appears in the Play Store. In announcing the App Defense Alliance, as the partnership is known, Google acknowledged that the current processes for reporting malicious apps in and out of the Play Store “aren’t designed to scale.” With over 2.5 billion Android devices in use, the scale […]

The post Google asks mobile security vendors to help keep hackers out of the Play Store appeared first on CyberScoop.

Continue reading Google asks mobile security vendors to help keep hackers out of the Play Store→

Inside the FBI’s quiet ‘ransomware summit’

Posted on November 6, 2019 by Sean Lyngaas

In March, officials in sparsely populated Jackson County, Georgia, made a painful decision. Rather than rebuild their networks from scratch, they paid $400,000 to hackers to get the county’s data back. The six-figure amount — eclipsed by a nearly $600,000 payment made by a Florida city in June — is symptomatic of a much larger problem. Across the U.S., poorly secured businesses, local governments, and schools have lost millions of dollars to attackers who can cheaply buy access to ransomware-as-a-service kits on underground forums. The problem is by some measures growing more acute: Over 100 public-sector ransomware attacks have been reported in 2019 alone, double the amount in 2018. To help stem the tide of file-locking attacks, the FBI quietly convened the country’s top ransomware experts in an unprecedented, closed-door conference in September. The briefings, which occurred over two days, were a recognition by law enforcement officials that their ability to […]

The post Inside the FBI’s quiet ‘ransomware summit’ appeared first on CyberScoop.

Continue reading Inside the FBI’s quiet ‘ransomware summit’→

Election security drill pits a red team of university students against DHS, FBI and police

Posted on November 5, 2019 by Sean Lyngaas

A year from the 2020 election, sophisticated exercises to help secure the vote are kicking into high gear. On Tuesday, executives from the Boston-based firm Cybereason will conduct an all-day tabletop exercise testing the resolve of officials from the Department of Homeland Security, FBI, and the police department of Arlington County, Virginia, among other organizations. The fictional scenario will involve attackers from an unnamed foreign government laying siege to a key city in a U.S. swing state. Hacking, physical attacks and disinformation via social media will be on the table as the attackers seek to flip the vote to their preferred candidate — or sow enough doubt among voters to undermine the result. One of the objectives of the red team — a group of George Washington University students and others — is voter suppression. That is exactly what Russian operatives aimed to achieve in 2016 and what, according to U.S. officials, […]

The post Election security drill pits a red team of university students against DHS, FBI and police appeared first on CyberScoop.

Continue reading Election security drill pits a red team of university students against DHS, FBI and police→

BlueKeep is back. For now, attackers are just using it for cryptomining

Posted on November 4, 2019 by Sean Lyngaas

For months, cybersecurity analysts have sounded the alarm about a serious vulnerability in old Microsoft operating systems that, if exploited, could infect computers around the world. The hacking has finally begun, and so far, it’s gone off with a whimper, not a bang. Over the weekend, a security researcher who maintains “honeypots,” or simulated environments to trap malicious activity, reported a spike in attacks exploiting the Remote Desktop Protocol vulnerability, known as BlueKeep. But rather than anything “wormable” that can spread from machine to machine, this appears to be a case of opportunists scanning the internet to infect computers for monetary gain. Researchers had warned that BlueKeep could enable outsiders to execute remote code on a compromised machine. Kevin Beaumont, the researcher who gave BlueKeep its name, reported that nearly all of his honeypots had been hit by attackers exploiting the vulnerability. Hackers appear to be using the exploit to try to install […]

The post BlueKeep is back. For now, attackers are just using it for cryptomining appeared first on CyberScoop.

Continue reading BlueKeep is back. For now, attackers are just using it for cryptomining→

Utah renewables company was hit by rare cyberattack in March

Posted on October 31, 2019 by Sean Lyngaas

A Utah-based renewable energy company was the victim of a rare cyberattack that temporarily disrupted communications with several solar and wind installations in March, according to documents obtained under the Freedom of Information Act. The attack left operators at the company, sPower, unable to communicate with a dozen generation sites for five-minute intervals over the course of several hours on March 5. It is believed to be the first cybersecurity incident on record that caused a “disruption” in the U.S. power industry, as defined by the Department of Energy. DOE defines a “cyber event” as a disruption to electrical or communication systems caused by unauthorized access to hardware, software or communications networks. Utilities have to promptly report any such incidents to DOE. The attack did not affect sPower’s more critical control systems and did not impact its power generation, the company said. But it nevertheless highlights how generic software vulnerabilities […]

The post Utah renewables company was hit by rare cyberattack in March appeared first on CyberScoop.

Continue reading Utah renewables company was hit by rare cyberattack in March→

How would MITRE’s popular cyberattack framework apply to industrial control systems?

Posted on October 30, 2019 by Sean Lyngaas

A document that cybersecurity professionals consult in analyzing hacking groups will soon expand to include attack techniques used against industrial control systems, a recognition of the growing number of adversaries that target critical infrastructure. The goal is to help organizations understand and defend against disruptive cyberattacks like the one that cut power for some 225,000 people in Ukraine in 2015. That means filling in gaps in the cybersecurity community’s knowledge base of the hacking methods that are unique to industrial environments as well as those that also apply to IT networks. The document, known as the “ATT&CK” framework, should account for the “full gamut of adversary behavior,” said Otis Alexander, one of the lead cybersecurity engineers who helps maintain it at MITRE Corp., a federally funded not-for-profit organization. The updated framework could be available to network defenders as soon as December. It will cover attacks against ICS protocols and ways in which hackers might hinder incident response, Alexander said at MITRE’s ATT&CKcon conference […]

The post How would MITRE’s popular cyberattack framework apply to industrial control systems? appeared first on CyberScoop.

Continue reading How would MITRE’s popular cyberattack framework apply to industrial control systems?→

Voting Village brings equipment to lawmakers to boost urgency on election security

Posted on October 29, 2019 by Sean Lyngaas

A year from the 2020 election and with a new round of election security funding stalled in Congress, the DEF CON Voting Village organizers have again taken to Capitol Hill to raise awareness about software vulnerabilities in voting equipment. This time, they brought the equipment with them to drive home their point. “If we’re going to meaningfully introduce funding or introduce new technologies for 2020, time is rapidly running out to be able to do that,” Matt Blaze, a professor at Georgetown University and co-organizer of the Voting Village, told CyberScoop. “We need to act pretty fast.” A handful of House Democrats and their staffers sauntered up to equipment on display, including a ballot-marking device and an electronic voting machine, to ask the researchers about the software bugs they found. “This is really helpful in understanding that these aren’t just abstract problems, that these are real things,” Blaze, an expert […]

The post Voting Village brings equipment to lawmakers to boost urgency on election security appeared first on CyberScoop.

Continue reading Voting Village brings equipment to lawmakers to boost urgency on election security→