White House announces federal cyber strategy, vows to go on offensive

The White House announced a new national cybersecurity strategy Thursday in an effort raise federal network defenses and more aggressively deter foreign adversaries from threatening U.S. interests. “We’re going to do a lot of things offensively and I think our adversaries need to know that,” White House national security adviser John Bolton told reporters. Defensive measures are central to the document, but Bolton’s call with reporters emphasized offense. “We will identify, counter, disrupt, degrade, and deter behavior in cyberspace that is destabilizing and contrary to national interests, while preserving the United States’ overmatch in and through cyberspace,” Bolton said. The strategy is a template through which federal agencies can carry out their own cybersecurity mandates, according to Bolton. “I’m satisfied that this allows us the comprehensive look at strategy across the entire government,” he said. “Each agency knows its lane and is pursuing it vigorously. That’s true in the unclassified world; it’s […]

The post White House announces federal cyber strategy, vows to go on offensive appeared first on Cyberscoop.

Continue reading White House announces federal cyber strategy, vows to go on offensive

Wyden: Tech company has told multiple senators of foreign hacking attempts

A major tech company has informed “a number of senators and Senate staff members” that foreign government hackers have targeted their personal email accounts, according to Sen. Ron Wyden. In a Sept. 19 letter to Senate leadership, Wyden, D-Ore., did not name the company or identify the foreign hackers, but he did warn that the publicly reported activity of a Russian government-linked hacking group may be just “the tip of the iceberg” when it comes to advanced cyberthreats to lawmakers. The group, often referred to as Fancy Bear, breached the IT networks of the Democratic National Committee in 2016 as part of a coordinated hack-and-leak operation that the U.S. intelligence community attributed to Moscow. “The November election grows ever closer, Russia continues its attacks on our democracy, and the Senate simply does not have the luxury of further delays” in shoring up its cybersecurity, Wyden wrote to Senate Majority Leader Mitch […]

The post Wyden: Tech company has told multiple senators of foreign hacking attempts appeared first on Cyberscoop.

Continue reading Wyden: Tech company has told multiple senators of foreign hacking attempts

Sen. Rubio wants answers from Apple on privacy-violating app

Earlier this month, news broke that one of Apple’s most popular paid applications had been surreptitiously collecting user data and browser history and sending it to a server in China. On Wednesday, Sen. Marco Rubio wrote to Apple demanding answers on why it reportedly took the tech giant weeks to address the issue. “For a company that prides itself on prioritizing user privacy and security, this delayed response is extremely disconcerting,” Rubio, R-Fla., wrote to Apple CEO Tim Cook. The application in question is Adware Doctor, a scanning tool that offers to remove adware from Mac computers. After security researchers published evidence on Sept. 7 that Adware Doctor was violating Apple’s data collection and storage rules, the company pulled it from the Mac App Store. But that was nearly a month after researcher @privacyis1st said he alerted Apple to the issue. Rubio, who has repeatedly raised national security concerns about technology […]

The post Sen. Rubio wants answers from Apple on privacy-violating app appeared first on Cyberscoop.

Continue reading Sen. Rubio wants answers from Apple on privacy-violating app

NSS Labs files antitrust suit against multiple cybersecurity vendors

Security-testing company NSS Labs has filed an antitrust lawsuit against multiple prominent cybersecurity vendors, alleging that they conspired to restrict testing of their products. The suit, filed Tuesday in a U.S. district court in Northern California, claims NSS Labs has already “suffered substantial damages” from the alleged antitrust actions of CrowdStrike, Symantec and ESET, along with the Anti-Malware Testing Standards Organization (AMTSO). Unless an injunction is issued against the alleged conspiracy, the complaint says, “NSS Labs will suffer further injury, including irreparable injury such as permanent loss of market share.” The complaint alleges that the vendors used the AMTSO, a California-based forum for considering anti-malware testing methods, to violate U.S. and California antitrust laws. Specifically, the complaint holds, the defendants threatened not to do business with product testers that voted against the AMTSO standard, which NSS Labs opposed. CrowdStrike, ESET, NSS Labs, and Symantec are all AMTSO members. NSS Labs […]

The post NSS Labs files antitrust suit against multiple cybersecurity vendors appeared first on Cyberscoop.

Continue reading NSS Labs files antitrust suit against multiple cybersecurity vendors

Pegasus spyware active in 45 countries, Citizen Lab says

An infamous brand of mobile spyware may be operating in 45 countries as part of a sprawling footprint that could enable human rights abuses, according to a new report. The Pegasus spyware made by Israeli surveillance company NSO Group correlated with more than a thousand IP addresses over a two year-study conducted by The Citizen Lab, a research and development organization at the University of Toronto. The Pegasus spyware attempts to lure targets into clinking on links and then delivers zero-day exploits to breach the defenses of iPhones and Android phones. Several of the countries where the researchers detected Pegasus have poor human rights records, such as Bahrain, Kazakhstan, and Saudi Arabia. “Our findings paint a bleak picture of the human rights risks of NSO’s global proliferation,” the report states. At least 10 operators of the spyware “appear to be actively engaged in cross-border surveillance,” according to Citizen Lab, pointing to the geopolitical […]

The post Pegasus spyware active in 45 countries, Citizen Lab says appeared first on Cyberscoop.

Continue reading Pegasus spyware active in 45 countries, Citizen Lab says

Symantec offers political campaigns service to guard against website spoofing

Symantec on Tuesday became the latest cybersecurity giant to offer free election security services to political campaigns and election officials ahead of the 2018 midterm vote. The California-based company’s AI-fueled service is designed to thwart malicious websites that spoof legitimate ones to steal personal information. That threat is a prime concern given the numerous political candidates that are running websites with limited budgets. “Symantec has been focused on election security for many years, but given the gravity of the current security landscape, we are compelled to raise awareness and make it easy for relevant parties to participate in ensuring the integrity of the upcoming election,” Symantec CEO Greg Clark said in a statement. The Symantec service, which is also available to state election commissions, essentially takes a screenshot of a legitimate website it’s protecting and then alerts the page’s owner to any attempt to impersonate it, explained Eric Chien, technical […]

The post Symantec offers political campaigns service to guard against website spoofing appeared first on Cyberscoop.

Continue reading Symantec offers political campaigns service to guard against website spoofing

State cybersecurity authorities issue warning over Hurricane Florence scams

As Hurricane Florence rips through North and South Carolina, scammers and hackers will very likely look to exploit the storm for financial gain or other malicious purposes, an inter-state cybersecurity organization has warned. Florence’s landfall — and the storms that follow — are expected to “propel the emergence of new and recycled scams involving financial fraud and malware,” the Multi-State Information Sharing and Analysis Center (MS-ISAC) said in an advisory Friday. Hurricane Florence made landfall in North Carolina Friday morning. Though downgraded to a Category 1 storm, Florence has brought flash flood warnings and already caused more than 600,000 power outages in North Carolina, according to the state’s department of public safety. In recent days there have been a marked increase in registered domains related to Hurricane Florence with words like “compensation” and “funds,” indicating possible fraud, MS-ISAC said. Thirteen domains associated with Florence were registered on Monday, and that number jumped […]

The post State cybersecurity authorities issue warning over Hurricane Florence scams appeared first on Cyberscoop.

Continue reading State cybersecurity authorities issue warning over Hurricane Florence scams

Lawmakers ask intelligence community for ‘deepfakes’ assessment

The intelligence community should assess how foreign governments could use so-called “deepfake” technology to harm U.S. national security interests, a bipartisan trio of lawmakers says. Reps. Adam Schiff, D-Calif., Stephanie Murphy, D-Fla., and Carlos Curbelo, R-Fla., wrote to the director of national intelligence Thursday, asking about technologies federal agencies or private companies could use to combat use of the content. Examples of it — including doctored videos involving famous people — have caught the public’s attention recently. “You have repeatedly raised the alarm about disinformation campaigns in our elections and other efforts to exacerbate political and social divisions in our society to weaken our nation,” the lawmakers wrote toDirector of National Intelligence Dan Coats. “We are deeply concerned that deep fake technology could soon be deployed by malicious foreign actors.” The rise of increasingly realistic deepfakes — video, audio, and images fueled by machine-learning algorithms and other tools — has prompted a conversation […]

The post Lawmakers ask intelligence community for ‘deepfakes’ assessment appeared first on Cyberscoop.

Continue reading Lawmakers ask intelligence community for ‘deepfakes’ assessment

Trump’s executive order designed to ‘counter the visuals of Helsinki’

A top State Department official says President Donald Trump’s new executive order to combat foreign election-meddling is an inter-agency check on the optics of the Helsinki Summit in July, where Trump questioned whether the Russian government interfered in the 2016 U.S. election. “The president can always decide ‘no,’” – meaning sanctions won’t be imposed — “but [the executive order] is designed to have these assessments come up from the bottom and be presented with the notion that there should in fact be a consequence to bad behavior,” Michele Markoff, the State Department’s deputy coordinator for cyber issues, said Wednesday at an Atlantic Council panel discussion in Washington, D.C. The executive order, signed by Trump Wednesday, allows for “automatic sanctions” to kick in when U.S. officials find evidence of foreign interference in the electoral process. That automaticity “was designed to counter the visuals of Helsinki,” Markoff said. “All policy is going […]

The post Trump’s executive order designed to ‘counter the visuals of Helsinki’ appeared first on Cyberscoop.

Continue reading Trump’s executive order designed to ‘counter the visuals of Helsinki’

Researchers implicate online card-skimming group in British Airways hack

The recent hack of the British Airways website and mobile app, which affected some 380,000 card payments, was carried out by a criminal group known for collecting online payment data en masse, according to new research. After the airline said last week that the theft occurred between Aug. 21 and Sept. 5, threat intelligence company RiskIQ reviewed breach-related data and pinned the hack on Magecart. The group is fond of online “card skimming” – or using malicious scripts to siphon off insecure payment data. Magecart allegedly breached the British website of Ticketmaster, the global entertainment ticketing service, a hack disclosed in June. Whereas the Ticketmaster UK breach was through a third-party, Magecart customized this attack to the British Airways website’s “unique structure and functionality,” according to RiskIQ. The British Airways hack “is a highly targeted approach compared to what we’ve seen in the past with the Magecart skimmer,” said Yonathan Klijnsma, […]

The post Researchers implicate online card-skimming group in British Airways hack appeared first on Cyberscoop.

Continue reading Researchers implicate online card-skimming group in British Airways hack