Sean Lyngaas – Page 67 – WindowsTechs.com

Cisco router vulnerabilities could future prevent software updates

Posted on May 14, 2019 by Sean Lyngaas

A pair of vulnerabilities in Cisco routers could, when exploited in tandem, allow hackers to prevent software updates and defeat the “Secure Boot” process that verifies the code running on the hardware, researchers have discovered. The discovery, made by Red Balloon Security, affects Cisco’s 1001-X router, which the company markets to managed service providers and other businesses. But Red Balloon researchers say they believe it could affect a number of other systems that rely on Cisco’s Trust Anchor module – the feature that helps ensure the code running on hardware is unmodified and authentic. Trust Anchor is also used in Cisco routers and switches. “This is a significant security weakness which potentially exposes a large number of corporate, government and even military networks to remote attacks,” said Ang Cui, Red Balloon’s founder and chief scientist. The first of the vulnerabilities, dubbed “Thrangrycat,” would let an attacker bypass the Cisco Trust Anchor and manipulate […]

The post Cisco router vulnerabilities could future prevent software updates appeared first on CyberScoop.

Continue reading Cisco router vulnerabilities could future prevent software updates→

Human rights groups to ask Israeli court to revoke NSO Group’s export license

Posted on May 13, 2019 by Sean Lyngaas

Human rights advocates, including Amnesty International, plan to file a petition Tuesday in Israeli court to revoke mobile spyware vendor NSO Group’s export license, citing alleged abuses stemming from the vendor’s technology. The legal action is an escalation in the confrontation between civil society groups and NSO Group, and comes after the company’s Pegasus surveillance software was reportedly used to track an Amnesty International researcher. Pegasus is so potent in its ability to compromise a mobile phone that it requires a license from the Israeli defense ministry to export. Where NSO Group’s spyware has been reportedly been misused, “we’re going to keep looking for accountability on a case-by-case basis,” said Amnesty’s Danna Ingleton, who will submit an affidavit as part of the court filing. “In the meantime, there has to be enough evidence to revoke the export license.” The legal motion, to be submitted in the District Court of Tel […]

The post Human rights groups to ask Israeli court to revoke NSO Group’s export license appeared first on CyberScoop.

Continue reading Human rights groups to ask Israeli court to revoke NSO Group’s export license→

Chinese national indicted for 2015 Anthem breach

Posted on May 9, 2019 by Sean Lyngaas

A federal grand jury has indicted a Chinese national for being part of an “extremely sophisticated hacking group” that breached U.S. businesses, including the seminal 2015 hack of health insurer Anthem that exposed personal information on nearly 79 million people. The indictment unsealed Thursday alleges that 32-year-old Fujie Wang breached Anthem and three other unnamed U.S. businesses, scoping out personally identifiable information (PII) and confidential business data. Another person identified only as John Doe was also indicted. The two defendants were charged with conspiracy to commit fraud and “related activity in relation to computers and identity theft,” along with conspiracy to commit wire fraud and “two substantive counts of intentional damage to a protected computer,” the Department of Justice announced. The Anthem breach compromised sensitive personal data, including Social Security numbers, and prompted a record $16 million settlement with the U.S. government over potential Health Insurance Portability and Accountability Act […]

The post Chinese national indicted for 2015 Anthem breach appeared first on CyberScoop.

Continue reading Chinese national indicted for 2015 Anthem breach→

Election commission names new lead for testing and certifying voting systems

Posted on May 9, 2019 by Sean Lyngaas

The federal Election Assistance Commission has appointed Jerome Lovato, a former Colorado state election official, as head of the commission’s program for testing and certifying voting systems, according to a commission email obtained by CyberScoop. Lovato replaces Ryan Macias, who was filling the role in an acting capacity and will step down this month. The crucial EAC program works with the country’s top voting equipment vendors to certify and decertify voting system hardware and software. Lovato’s appointment, which was first reported by Politico, comes as the commission prepares to help secure the 2020 election, a vote that U.S. officials have warned will be targeted by foreign adversaries. Senators are expected to raise those issues next week at an EAC oversight hearing next week. Some lawmakers have pushed for an increase in EAC funding to hire more tech and cybersecurity experts. Whether or not that money comes, the commission intends on hiring more technical personnel, […]

The post Election commission names new lead for testing and certifying voting systems appeared first on CyberScoop.

Continue reading Election commission names new lead for testing and certifying voting systems→

Microsoft SharePoint vulnerability allows hackers to sift through servers, Saudi authorities warn

Posted on May 9, 2019 by Sean Lyngaas

Hackers are exploiting a remote code execution vulnerability in Microsoft SharePoint to conduct reconnaissance on the networks of target organizations, a Saudi government cybersecurity agency said Thursday. In activity that private-sector researchers are also tracking, the unnamed hackers are gathering information on Microsoft Exchange and SQL servers in a sign “the attack is still in its first stages,” Saudi Arabia’s National Cybersecurity Authority (NCA) said in an advisory. The alert did not offer further information on the victims. The attacks are an example of how a file-sharing service can be abused to gather valuable information on a target. The vulnerability applies to older versions of SharePoint, an application organizations use to share and store documents. With a foothold on a network, the attackers have deployed a web shell script that can be used to manipulate data on a server, according to the NCA. The Saudi agency “observed a spike in scanning activities […]

The post Microsoft SharePoint vulnerability allows hackers to sift through servers, Saudi authorities warn appeared first on CyberScoop.

Continue reading Microsoft SharePoint vulnerability allows hackers to sift through servers, Saudi authorities warn→

Election Assistance Commission loses key tech expert ahead of 2020

Posted on May 8, 2019 by Sean Lyngaas

The top official responsible for certifying voting systems at the federal Election Assistance Commission is stepping down, multiple sources confirmed to CyberScoop. The departure of Ryan Macias, the EAC’s acting director of testing and certification, comes as the commission prepares for the 2020 election and continues to mull an important update to voting system security guidelines – a process that Macias has overseen. The commission’s Voluntary Voting System Guidelines are a key set of principles that technical experts can use to evaluate the security of their systems. In February, the commission released the proposed new guidelines, known as VVSG 2.0 for public comment. The result could be the most thorough update to the guidelines since 2005. Macias also manages EAC’s program that works with the country’s top voting equipment vendors to certify and decertify voting system hardware and software, and accredits labs for testing equipment. Multiple people familiar with the matter told CyberScoop that Macias […]

The post Election Assistance Commission loses key tech expert ahead of 2020 appeared first on CyberScoop.

Continue reading Election Assistance Commission loses key tech expert ahead of 2020→

Microsoft pushes open-source software kit to election agencies, voting-tech vendors

Posted on May 6, 2019 by Sean Lyngaas

Election officials around the U.S. could soon have access to an open-source software development kit from Microsoft that is intended to make voting more secure and transparent. The software kit, called ElectionGuard, will allow third parties to validate election results and voters to ensure their ballots were correctly counted, according to Microsoft. Each voter would get a unique code to track the encrypted version of his or her vote to confirm that it was not altered. “It will not be possible to ‘hack’ the vote without detection,” Tom Burt, a Microsoft corporate vice president, asserted in a blog post Monday. He touted the kit’s use of homomorphic encryption, which will allow votes to be counted without decrypting the data, as a feature that will protect votes individually and collectively. The software, which will be available starting this summer to election agencies and vendors, is meant to supplement, rather than replace, paper ballots. Its code […]

The post Microsoft pushes open-source software kit to election agencies, voting-tech vendors appeared first on CyberScoop.

Continue reading Microsoft pushes open-source software kit to election agencies, voting-tech vendors→

Jolted by Meltdown and Spectre, Intel aims to accelerate patching process

Posted on May 3, 2019 by Sean Lyngaas

For years, software, not hardware, has dominated the cybersecurity industry’s efforts to develop a coordinated way of disclosing technology flaws. Software bugs are reported in much greater numbers, and there are far fewer researchers who specialize in hardware security. But hardware was thrust into the limelight in January 2018, when Spectre and Meltdown, two vulnerabilities that affected virtually all modern computer chips, were made public. The flaws could have allowed hackers to infiltrate a computer’s memory and steal sensitive data, or trick applications into spilling information without a user’s knowledge. While there’s no evidence either has been exploited, the revelation that they exist, and the complex patching process that followed, sparked industry-wide awareness about serious security flaws that might come embedded in otherwise trusted technology. Now, more than a year later, the vendors, researchers, and manufacturers involved are still trying to cut down on the time it takes to get hardware-related patches […]

The post Jolted by Meltdown and Spectre, Intel aims to accelerate patching process appeared first on CyberScoop.

Continue reading Jolted by Meltdown and Spectre, Intel aims to accelerate patching process→

MITRE asks vendors to do more to detect stealthy hacks

Posted on May 1, 2019 by Sean Lyngaas

As hackers continue to use native programming tools to blend into target networks, Mitre Corp. is beginning to test vendors’ ability to detect those techniques. The federally-funded, not-for-profit organization announced Wednesday it would throw the stealthy tactics of an infamous hacking group, the Russian-government-linked APT29, at several threat-detection products. But the evaluation is about more than one set of adversaries. The “living off the land” techniques, such as hiding in PowerShell scripts, that will be tested are increasingly popular with a variety of hacking groups. “A lot of these techniques are going to be implemented in similar ways from different adversaries,” said Frank Duff, Mitre’s lead for evaluations that use the organization’s ATT&CK framework. “PowerShell monitoring is that next thing that everyone recognizes is absolutely necessary,” he added. Mitre’s last round of testing focused on advanced persistent threats, mimicking the tactics of APT3, a China-based group known for using internet-browser exploits. But […]

The post MITRE asks vendors to do more to detect stealthy hacks appeared first on CyberScoop.

Continue reading MITRE asks vendors to do more to detect stealthy hacks→

New DHS order pushes agencies to quickly patch vulnerabilities

Posted on April 30, 2019 by Sean Lyngaas

The Department of Homeland Security has ordered federal civilian agencies to more swiftly plug the vulnerabilities found on their networks, citing evidence that hackers are getting quicker at exploiting such bugs. In a Binding Operational Directive (BOD) dated April 29, DHS’s Cybersecurity and Infrastructure Security Agency gives agencies 15 days after discovery to fix vulnerabilities deemed critical – as opposed to the 30 days that agencies previously had to address those flaws. “Recent reports from government and industry partners indicate that the average time between discovery and exploitation of a vulnerability is decreasing as today’s adversaries are more skilled, persistent, and able to exploit known vulnerabilities,” reads the memo from CISA Director Chris Krebs. The new directive also gives agencies 30 days to fix vulnerabilities labeled “high” in severity, which are a step below critical. That is another change from a 2015 order, now revoked, which did not provide a […]

The post New DHS order pushes agencies to quickly patch vulnerabilities appeared first on CyberScoop.

Continue reading New DHS order pushes agencies to quickly patch vulnerabilities→