Shannon Vavra – WindowsTechs.com

NSA cyber director explains why US missed suspected Russian espionage operation

Posted on June 16, 2021 by Shannon Vavra

When Russia’s Foreign Intelligence Service staged a sweeping espionage campaign targeting hundreds of U.S. companies and federal government agencies last year, it was a private sector cybersecurity firm that first uncovered the operation, not the U.S. government. Lawmakers have asked in recent weeks why the U.S. intelligence community appears to have gaps in its visibility into foreign hacking, and whether the National Security Agency needs new surveillance authorities. But the NSA’s cybersecurity director, Rob Joyce, suggested that that may not be the best solution. “Inside the U.S. you would expect us to have the best tools and capabilities, but instead what we’re finding — in General Nakasone’s words — is we don’t even see the dots, let alone connect the dots,” Joyce said at CyberTalks, a summit presented by CyberScoop. The NSA Cybersecurity Directorate, which Joyce leads, is responsible for preventing and eradicating threats from foreign hackers targeting U.S. entities. […]

The post NSA cyber director explains why US missed suspected Russian espionage operation appeared first on CyberScoop.

Continue reading NSA cyber director explains why US missed suspected Russian espionage operation→

Hackers target Japanese government, transportation entities

Posted on May 27, 2021 by Shannon Vavra

Hackers have been going after Japanese government departments and transportation entities in recent days, according to local reporting. The hackers reportedly infiltrated Fujitsu’s software-as-a-service platform, ProjectWEB. Approximately 76,000 email addresses from the land, infrastructure and transport ministry have leaked, according to the Japanese Broadcasting Corporation (NHK). The hackers also reportedly obtained data on the ministry’s internal mail and internet settings. The hackers have targeted the software at the Narita Airport to steal air traffic control data, NHK reported. Japan’s Embassy in the U.S. did not immediately return request for comment. Fujitsu said in an announcement it suspended its service to probe further into the “unauthorized access from a third party.” Chief Cabinet Secretary Kato Katsunobu said that the cybersecurity center’s operations are not compromised, according to NHK. The incident comes just months before Japan prepares to host the Summer Olympics, which are a perennial hacking target. Hackers working at the […]

The post Hackers target Japanese government, transportation entities appeared first on CyberScoop.

Continue reading Hackers target Japanese government, transportation entities→

Operator of Deer.io, a hosting platform for cybercriminal services, is sentenced to 2.5 years

Posted on May 26, 2021 by Shannon Vavra

A Russian man was sentenced to 30 months in prison for running a website that sold stolen credit card data and other personal information to cybercriminals, according to a Department of Justice announcement. The Russian man, Kirill Victorovich Firsov, was first arrested last year, and pleaded guilty to hacking-related charges in January. Firsov was accused of having run the site, Deer.io, which hosted other cybercriminals’ shops, since 2013. Users could create accounts on Deer.io, using the platform as a foundation for their own sales. Deer.io raked in $17 million worth of sales and sold at least $1.2 million in U.S.-based stolen information, according to the Department of Justice. Many of transactions involved Americans’ names, current addresses, telephone numbers, and Social Security numbers. The Department of Justice acknowledged that U.S. law enforcement had some difficulty gaining a foothold into the site given that it was run out of Russia, but Suzanne […]

The post Operator of Deer.io, a hosting platform for cybercriminal services, is sentenced to 2.5 years appeared first on CyberScoop.

Continue reading Operator of Deer.io, a hosting platform for cybercriminal services, is sentenced to 2.5 years→

Court rules encrypted email provider Tutanota must monitor messages in blackmail case

Posted on May 24, 2021 by Shannon Vavra

The Federal Court of Justice (BGH) in Germany has ruled that encrypted email provider Tutanota must monitor for three months the messages of accounts implicated in a blackmail case. The decision, which impacts two accounts in all, comes months after the Regional Court of Cologne ruled that Tutanota must provide said emails. Tutanota had asked BGH to re-examine that decision given that Tutanota does not consider itself a telecommunications service and therefore should not be required to monitor them under German law. The Cologne decision also appeared to contradict an earlier ruling from the Hanover Regional Court, which affirmed Tutanota did not provide telecommunications services, according to Tutanota. BGH ruled late last month that the Tutanota request was admissible, but unfounded. BGH found that providers like Tutanota that provide “over-the-top” services are also considered to be providing telecommunications services under the Code of Criminal Procedure. The ruling only surfaced in […]

The post Court rules encrypted email provider Tutanota must monitor messages in blackmail case appeared first on CyberScoop.

Continue reading Court rules encrypted email provider Tutanota must monitor messages in blackmail case→

FBI employee indicted for stealing classified info on FBI cybersecurity work

Posted on May 21, 2021 by Shannon Vavra

A federal grand jury has charged an FBI employee for stealing classified documents and keeping them in her home between 2004 and 2017, the FBI announced Friday. The employee, Kendra Kingsley, allegedly took documents that detailed the FBI’s sources and methods the FBI uses to counter cyber threats, as well as those it uses in its counterterrorism and counterintelligence work, according to the indictment. Some of the documents detail specifics of investigations in multiple field offices, details on human sources and gaps in intelligence about foreign intelligence services, according to the indictment. The documents also detail technical capabilities the FBI uses in counterintelligence and counterterrorism work. In some cases, the documents contained information on al Qaeda members and emerging terrorism threats in Africa, as well as a suspected associate of Osama bin Laden, the FBI said. Kingsley worked for the FBI’s Kansas City division as an intelligence analyst, but was […]

The post FBI employee indicted for stealing classified info on FBI cybersecurity work appeared first on CyberScoop.

Continue reading FBI employee indicted for stealing classified info on FBI cybersecurity work→

Misinformation on Israel-Gaza violence prompts Facebook 24-hour tracking program

Posted on May 19, 2021 by Shannon Vavra

Amid rampant misinformation spreading on social media about Israel’s attacks against targets in the Gaza Strip, Facebook has stood up a 24-hour operations center to address the lies spreading on its platform, Facebook said Wednesday. Israel’s escalating assault on targets in the Gaza Strip continued Wednesday and at least nine people died there Wednesday, according to The Associated Press. Israeli airstrikes have killed dozens of civilians in recent days, and in one of its deadliest bombardments yet, Israel killed 42 people on Sunday, according to Palestinian medics, CBS News reported. Hamas has launched missiles over Israel as well, killing numerous civilians. In all, 227 Palestinians have been killed, according to the Gaza Health Ministry. Twelve people have been killed in Israel, according to The Associated Press. But in recent days misinformation and disinformation has tainted the discourse around the violence. Lies about the conflict that have spread online include misinformation […]

The post Misinformation on Israel-Gaza violence prompts Facebook 24-hour tracking program appeared first on CyberScoop.

Continue reading Misinformation on Israel-Gaza violence prompts Facebook 24-hour tracking program→

Stalkers using surveillance software on partners are exposing their own data, research finds

Posted on May 18, 2021 by Shannon Vavra

Stalkerware applications, which domestic abusers rely on to monitor their romantic partners’ devices without their consent, often fail to secure the personal information collected during their use, according to ESET research published Monday. Stalkerware, which is frequently advertised as benign parental controls or employee monitoring software, can surveil targets’ geolocation, texts, phone calls, cameras and more, all without obtaining targets’ consent. ESET examined 86 stalkerware applications, only to identify 158 serious security and privacy issues, according to findings presented at the virtual RSA Conference this week. The most common security issue affecting the applications was the insecure transmission of stalkers’ and targets’ personally identifiable information from devices to app servers. This vulnerability could allow outsiders to intercept text messages, call logs, contact lists, keystrokes, browsing histories, recorded phone calls, pictures and screenshots, according to ESET. Other issues included applications storing sensitive information on external media, and exposing data like Facebook […]

The post Stalkers using surveillance software on partners are exposing their own data, research finds appeared first on CyberScoop.

Continue reading Stalkers using surveillance software on partners are exposing their own data, research finds→

Lawmakers want DOD to share more info with Americans on deterring hacks

Posted on May 14, 2021 by Shannon Vavra

Lawmakers on Capitol Hill are clamoring for the U.S. government to better communicate what it’s doing to fend off foreign hackers, a concern that has come front and center in recent days as Americans have queued up at gas stations following a ransomware attack against a major U.S. pipeline company. Colonial Pipeline, the largest pipeline in the country, temporarily had to shut down operations earlier this month in response to a ransomware attack impacting its IT networks. The company shut down operations to prevent the malicious software from spreading to its operational networks. The incident has raised questions about the fragility of U.S. critical infrastructure cybersecurity, and Rep. Elissa Slotkin, D-Mich., indicated Friday she wants the U.S. government to tell the American people more about what it’s doing to try to prevent these kinds of attacks in the first place. ”It is so hard to explain to the American public […]

The post Lawmakers want DOD to share more info with Americans on deterring hacks appeared first on CyberScoop.

Continue reading Lawmakers want DOD to share more info with Americans on deterring hacks→

US government plans to disrupt hackers behind Colonial Pipeline ransomware, Biden says

Posted on May 13, 2021 by Shannon Vavra

President Joe Biden suggested the U.S. intends to pursue hackers who last week infected the largest pipeline in the country with ransomware. The incident led Colonial Pipeline to shut down operations for days in an effort to prevent the ransomware, which the FBI has traced back to criminal operators known as DarkSide, from spreading to its operational technology. Now, following a spike in demand for fuel, the U.S. government is going to disrupt the hackers, who are believed to reside in Russia, Biden said. “We have been in direct communication with Moscow for the imperative for responsible countries to take decisive action against these ransomware networks,” Biden said in remarks Thursday. “We’re also going to pursue a measure to disrupt their ability to operate.” The president did not rule out carrying out a retaliatory cyberattack targeting the criminals, clarifying that the U.S. does not believe the Russian government was behind […]

The post US government plans to disrupt hackers behind Colonial Pipeline ransomware, Biden says appeared first on CyberScoop.

Continue reading US government plans to disrupt hackers behind Colonial Pipeline ransomware, Biden says→

Amid ransomware fallout, Energy Secretary asks Americans to avoid panic buying fuel

Posted on May 12, 2021 by Shannon Vavra

If Americans are starting to feel the cascading effects of a recent ransomware incident affecting Colonial Pipeline, they should resist the temptation to buy more gasoline than they need, U.S. officials say. Energy Secretary Jennifer Granholm said Tuesday several states will likely feel effects on their fuel supplies in the coming days as a result of Colonial Pipeline shutting down operations last Friday following a ransomware attack. Colonial Pipeline, which supplies 45% of the East Coast’s transportation fuels, normally supplies 100 million gallons of gas from Texas to New York daily. Secretary Granholm said that after speaking with the CEO of the firm, she expects Colonial Pipeline to restore service by the end of the week. There is not a shortage of gasoline, Granholm said. The issue is that deliveries are held up as a result of the company shuttering some operations after the ransomware incident. “The [supply] crunch is in […]

The post Amid ransomware fallout, Energy Secretary asks Americans to avoid panic buying fuel appeared first on CyberScoop.

Continue reading Amid ransomware fallout, Energy Secretary asks Americans to avoid panic buying fuel→