Author Archives: Sean Lyngaas

Kaspersky Lab looks to combat ‘stalkerware’ with new Android feature

Posted on by

A surge in commercial spyware is one of the more pernicious cybersecurity threats affecting technology users worldwide. Once installed on a phone, this kind of malicious software can access a victim’s text messages, geolocation, and social media information, along with other data. So-called stalkerware is cheap and readily available online. It allows, for example, jilted lovers to snoop on former partners, and has been linked with domestic abuse. To put a dent in this scourge, cybersecurity company Kaspersky Lab has added a feature to its Android antivirus app that alerts users if their data is being tracked by known spyware. The warning flags a file on the user’s phone and offers to delete or “quarantine” it. And there are a lot of invasive apps to flag: Kaspersky Lab said its products detected stalkerware programs on more than 58,000 different mobile devices in 2018, including 26,619 “unique samples” of programs. “We believe users have a right to know if […]

The post Kaspersky Lab looks to combat ‘stalkerware’ with new Android feature appeared first on CyberScoop.

Continue reading Kaspersky Lab looks to combat ‘stalkerware’ with new Android feature

Kaspersky Lab appeals to court of public opinion with ‘unbiased’ assessment of Russian law

Posted on by

The legal battle between Russian antivirus maker Kaspersky Lab and the U.S. government has quieted, but the court of public opinion is still open for arguments. Countering U.S. officials and critics who say otherwise, Kaspersky Lab on Tuesday released an analysis arguing that, under Russian law, the company would not be subject to certain demands from authorities for data. The analysis, done by Swedish law professor Kaj Hober, contends that Kaspersky Lab does not meet the Russian legal definition of an organization that disseminates information on the internet. Under Russian law, such organizations are required to grant authorities’ requests for metadata. Hober also contended that because Kaspersky Lab does not make software for the purpose of “receiving, transmitting, delivering or processing electronic messages” between internet users, the company would not be obligated to build technical features into products at the requests of Russian authorities. Kaspersky Lab had asked Hober to […]

The post Kaspersky Lab appeals to court of public opinion with ‘unbiased’ assessment of Russian law appeared first on CyberScoop.

Continue reading Kaspersky Lab appeals to court of public opinion with ‘unbiased’ assessment of Russian law

Toyota data breach affects up to 3.1 million customers

Posted on by

Automotive maker Toyota said Friday that a data breach had hit its sales offices in Japan, exposing information on up to 3.1 million customers. The breach affected Toyota Tokyo Sales Holding Inc. and its affiliated enterprises, and possibly three other independent dealers in Japan, according to Toyota Motor Corp.’s statement, which described “unauthorized access” to the company’s network. “We take this situation seriously, and will thoroughly implement information security measures at dealers and the entire Toyota Group,” the statement said. It was the second cybersecurity incident affecting Toyota in as many months. In February, Toyota’s Australia branch announced it had been “the victim of an attempted cyberattack.” The company’s security woes come in the wake of reports that a Vietnamese hacking group, APT32, had last month launched a spearphishing campaign against multinational car companies. The Southeast Asian country is trying to develop its domestic car industry, and data stolen by […]

The post Toyota data breach affects up to 3.1 million customers appeared first on CyberScoop.

Continue reading Toyota data breach affects up to 3.1 million customers

Cyber specialists will be watching — and learning from — Ukraine’s election

Posted on by

From power outages to the crippling NotPetya wiper worm, Ukraine has been ground zero for disruptive cyber-operations linked to Russia in recent years. The weeks leading up to Ukraine’s presidential election have only reinforced that narrative. The country’s president accused the Russian government of conducting a denial-of-service attack on the country’s election commission. Only Moscow took issue with that claim. With that context in mind, the eyes of cybersecurity practitioners around the world – from officials in allied governments to security specialists – will be on Kiev on Sunday as millions of Ukrainians go to the polls to pick a president. The Atlantic Council, a Washington, D.C.-based think tank, has assembled a team of analysts in Ukraine and the U.S. to watch for any signs of foul play on election day. “There is always a strong correlation between malware propagation and geopolitics,” said Kenneth Geers, a senior fellow at the council […]

The post Cyber specialists will be watching — and learning from — Ukraine’s election appeared first on CyberScoop.

Continue reading Cyber specialists will be watching — and learning from — Ukraine’s election

Ex-NSA contractor pleads guilty to vast classified data leak, faces 9 years in prison

Posted on by

A former National Security Agency contractor accused of one of the largest breaches of classified data in U.S. history pleaded guilty Thursday to one felony count and faces over six more years in federal prison. Appearing solemn and weary in federal court in Baltimore, Harold T. Martin III, 54, seemed to embrace his fate, telling the judge more than once, “It’s time [to] close Pandora’s Box.” Martin, who worked as an intelligence contractor for multiple firms for over two decades, allegedly stole some 50 terabytes of data that included details of sensitive NSA policies and cyber operations. Prosecutors said he stashed numerous computers and storage devices with classified data on his Maryland property. Under the plea deal, Martin, a former Navy lieutenant, faces nine years in prison and another three years of supervised release. He will be credited for the more than two years he has already served in custody […]

The post Ex-NSA contractor pleads guilty to vast classified data leak, faces 9 years in prison appeared first on CyberScoop.

Continue reading Ex-NSA contractor pleads guilty to vast classified data leak, faces 9 years in prison

Microsoft uses court order to shut down APT35 websites

Posted on by

Microsoft has used a court order to wrest control of 99 websites from suspected Iranian hackers that were using them to conduct cyberattacks, court documents unsealed Wednesday show. The tech giant last week took down websites that were “core to [the] operations” of an Iranian hacking group known as APT35 or Phosphorus, Tom Burt, a Microsoft vice president, wrote in a blog post. APT35, also known as Charming Kitten, used spoofed websites of well-known companies, including Microsoft and Yahoo, to conduct their malicious activity, he said. But the court order will force the group to recreate some of that infrastructure. The hackers have sought to steal sensitive information from businesses and government agencies, Burt wrote, though he did not specify the targets by name. APT35 also has a penchant for targeting journalists and activists who focus on Iran. Multiple years of tracking the group allowed Microsoft to build a “decisive legal […]

The post Microsoft uses court order to shut down APT35 websites appeared first on CyberScoop.

Continue reading Microsoft uses court order to shut down APT35 websites

Elfin espionage group is focused on Saudi, U.S. organizations, Symantec says

Posted on by

In the last three years, a suspected Iranian cyber-espionage group has targeted organizations in Saudi Arabia and the United States in attacks spanning several sectors, researchers from cybersecurity company Symantec said Wednesday. The researchers described a hacking group that “has compromised a wide range of targets, including governments along with organizations in the research, chemical, engineering, manufacturing, consulting, finance, telecoms, and several other sectors.” Some three-quarters of the 50 organizations hit by the group that Symantec calls Elfin and that others label APT33 are based in Saudi Arabia and the U.S., the researchers said. FireEye, another cybersecurity company, previously has concluded that APT33 “works at the behest of the Iranian government,” and that it has taken a particularly close interest in the aviation sector. The tally of American targets includes “a number of Fortune 500 companies,” according to Symantec. “Elfin’s goal appears to be sabotage,” Jon DiMaggio, senior threat intelligence analyst at Symantec, told […]

The post Elfin espionage group is focused on Saudi, U.S. organizations, Symantec says appeared first on CyberScoop.

Continue reading Elfin espionage group is focused on Saudi, U.S. organizations, Symantec says

In issuing 5G recommendations, E.U. spurns U.S. hardline on Huawei

Posted on by

European Union officials on Tuesday released recommendations for member countries to manage cybersecurity risk stemming from 5G communications networks, declining to embrace a U.S.-led effort to ditch gear made by Chinese telecom giant Huawei. The EU’s executive body instead asked each member state to conduct a “national risk assessment” of 5G infrastructure by the end of June, and made suggestions “to protect our economies, societies and democratic systems.” The commission wants suppliers and operators of 5G networks to tighten security protocols, and member states to work to develop “EU-wide certification schemes related to 5G.” 5G networks, which Europe has lagged behind the U.S. and China in deploying, promise faster data transfers and greater connectivity. But experts warn they could also introduce greater cybersecurity risk. “Any vulnerability in 5G networks or a cyber-attack targeting the future networks in one Member State would affect the Union as a whole,” the European Commission […]

The post In issuing 5G recommendations, E.U. spurns U.S. hardline on Huawei appeared first on CyberScoop.

Continue reading In issuing 5G recommendations, E.U. spurns U.S. hardline on Huawei

ASUS issues patch, downplays scope of APT hack of its supply chain

Posted on by

Taiwanese hardware manufacturer ASUS on Tuesday announced a software update in response to a nation-state-linked hack and downplayed the scale of the compromise of its supply chain. “Only a very small number of [a] specific user group were found to have been targeted by this attack and as such it is extremely unlikely that your device has been targeted,” ASUS said in a press release. The statement contrasted with the findings of Kaspersky Lab researchers, who described the breach as perhaps “one of the biggest supply-chain incidents ever.” The attackers compromised an ASUS server to send malicious updates that affected about 1 million computer users between June and November 2018, according to the researchers, though only 600 appeared to be targeted for attack. ASUS accounted for 6 percent of global PC shipments in the third quarter of 2018, according to Gartner. The company also makes mobile phones, smart home devices, and other […]

The post ASUS issues patch, downplays scope of APT hack of its supply chain appeared first on CyberScoop.

Continue reading ASUS issues patch, downplays scope of APT hack of its supply chain

Lazarus rises in Israel with attempted hack of defense company, researchers say

Posted on by

A notorious hacking group experts have tied to the North Korean government has targeted an Israeli defense company, according to new research outlining what appears to be one of the group’s first attacks on an Israeli entity. The unnamed company makes products used in the military and aerospace industries, and the hackers could have been after commercial secrets or more traditional espionage, according to ClearSky, the cybersecurity firm that exposed the operation. The suspected culprit is Lazarus Group, an industry term for a broad set of hackers associated with Pyongyang. “We cannot be sure what the objective of the attackers [was],”  Eyal Sela, head of threat intelligence at ClearSky, told CyberScoop in an email. “[It] could be industrial/commercial espionage but could be military espionage, for example.” North Korean dictator Kim Jim Un has set ambitious economic goals, and some cybersecurity analysts have predicted he will unleash the Pyongyang-affiliated hackers to meet those deadlines by targeting multinational companies’ trade […]

The post Lazarus rises in Israel with attempted hack of defense company, researchers say appeared first on CyberScoop.

Continue reading Lazarus rises in Israel with attempted hack of defense company, researchers say