Shannon Vavra – Page 11 – WindowsTechs.com

White House to release maritime cybersecurity update

Posted on January 5, 2021 by Shannon Vavra

The National Security Council is planning to issue a cybersecurity update to the U.S. government’s national maritime security strategy Tuesday, multiple senior administration officials tell CyberScoop. The update, which administration officials first teased last September, will prompt federal agencies to develop more streamlined cybersecurity standards for organizations in the maritime transportation system (MTS), which includes seaports, vessel owners and operators and terminal operators, according to administration strategy documents obtained by CyberScoop. The update from the White House also is aimed at promoting more information-sharing on maritime cyberthreats with the private sector, streamlining the information-sharing process and prompting the U.S. government to establish maritime cybersecurity-focused workforce programs. The NSC is releasing the National Maritime Cybersecurity Plan as part of a recognition that there are gaps in U.S. maritime security, officials said. A chief concern is that disruptions to ports and shipping could send shockwaves through the U.S. economy. More directly for […]

The post White House to release maritime cybersecurity update appeared first on CyberScoop.

Continue reading White House to release maritime cybersecurity update→

Finnish lawmakers’ emails hacked in suspected espionage incident

Posted on December 28, 2020 by Shannon Vavra

Hackers gained access to the Finnish Parliament’s IT system in recent months in an incident that allowed them to access to some emails belonging to members of Parliament, the Finnish Central Criminal Police announced Monday. The perpetrators “have been able to obtain information either to benefit a foreign state or to harm Finland” in an apparent espionage operation, the chief inspector at the National Bureau of Investigation, Tero Muurman, said in a statement. Police did not identify any suspects. The attackers targeted multiple people in the incident, which law enforcement started investigating in autumn of 2020. The police are working with international partners to identify the attackers, Muurman said. Exactly how many lawmakers were affected remains unclear. The Speaker of Finland’s Parliament, Anu Vehviläinen, described the incident as an attack on Finland’s democracy. “We cannot accept any kind of hostile cyber activity, whether committed by a governmental or non-governmental entity,” […]

The post Finnish lawmakers’ emails hacked in suspected espionage incident appeared first on CyberScoop.

Continue reading Finnish lawmakers’ emails hacked in suspected espionage incident→

Microsoft alerts CrowdStrike of hackers’ attempted break-in

Posted on December 24, 2020 by Shannon Vavra

During the course of investigating the SolarWinds breach, CrowdStrike says Microsoft uncovered an attempt from unidentified hackers to read emails linked with the company. The hackers failed in their attempt to breach CrowdStrike, Chief Technology Officer Michael Sentonas said in a blog post Wednesday. Microsoft researchers first found the attempt, Sentonas said. Microsoft told CrowdStrike that “several months ago,” the Microsoft Azure account of a Microsoft reseller was making “abnormal calls” to Microsoft cloud application programming interfaces (APIs). The account managed Microsoft Office licenses for CrowdStrike. The attackers tried to access emails, but, “as part of our secure IT architecture, CrowdStrike does not use Office 365 email,” Sentonas said. “We have conducted an extensive review of our production and internal environments and found no impact,” Sentonas said. “CrowdStrike conducted a thorough review into not only our Azure environment, but all of our infrastructure for the indicators shared by Microsoft.” It […]

The post Microsoft alerts CrowdStrike of hackers’ attempted break-in appeared first on CyberScoop.

Continue reading Microsoft alerts CrowdStrike of hackers’ attempted break-in→

Lawmakers want more transparency on SolarWinds breach from State, VA

Posted on December 23, 2020 by Shannon Vavra

Two Democratic senators are calling on the departments of State and Veterans Affairs to brief lawmakers on how their agencies have been impacted by the SolarWinds breach. The breach, in which suspected Russian government-backed hackers backdoored a network management product called SolarWinds Orion, could have infected thousands of federal government agencies and private sector entities with malware, according to SolarWinds. And although the State Department has reportedly been compromised during the course of the supply-chain espionage operation, the department has not been forthcoming about the extent of the damage, according to Sen. Bob Menendez, D-N.J. “While several other cabinet agencies that are victims of this cybersecurity breach have publicly acknowledged having been attacked, to date the Department of State has been silent on whether its computer, communication and information technology systems were compromised,” Menendez wrote in a letter he sent Wednesday to Secretary of State Mike Pompeo. The Department of […]

The post Lawmakers want more transparency on SolarWinds breach from State, VA appeared first on CyberScoop.

Continue reading Lawmakers want more transparency on SolarWinds breach from State, VA→

Pyongyang hackers eye more coronavirus research, Kaspersky says

Posted on December 23, 2020 by Shannon Vavra

North Korean-government linked hackers are continuing their effort to break into entities working on coronavirus-related research. In their latest antics, the hackers, suspected to be part of the government-backed hacking team known as Lazarus Group, have zeroed in on a pharmaceutical company and a government health-focused entity, according to Kaspersky research published Wednesday. Kaspersky attribute the hacking spree to Lazarus Group with “high confidence.” Kaspersky did not identify the targeted entities and did not reveal where the pharmaceutical company or the government entity are located. The activity appears to be just the latest of Pyongyang’s campaigns targeting coronavirus-related work. In recent months, North Korean hackers have reportedly gone after Johnson & Johnson and Novavax, both U.S.-based firms working on potential coronavirus vaccines. North Korean hackers have also reportedly targeted three South Korean-based firms and U.K.-based AstraZeneca. The hackers used malware known as “Bookcode” to target the unidentified pharmaceutical entity in […]

The post Pyongyang hackers eye more coronavirus research, Kaspersky says appeared first on CyberScoop.

Continue reading Pyongyang hackers eye more coronavirus research, Kaspersky says→

Tech titans throw weight behind WhatsApp allegations in NSO surveillance lawsuit

Posted on December 22, 2020 by Shannon Vavra

Facebook’s lawsuit against Israeli software surveillance firm NSO Group just got a big boost from tech titans across the U.S. Microsoft, alongside Google, Cisco, GitHub, LinkedIn, VMWare and the Internet Association, filed an amicus brief Monday to join the lawsuit, which alleges that NSO Group exploited a vulnerability in WhatsApp last year to spy on thousands of users, such as journalists, dissidents and human rights activists. More filings from other companies and organizations are expected in the coming days. Access Now, Amnesty International, the Committee to Protect Journalists, Internet Freedom Foundation, Paradigm Initiative, Privacy International, Reporters Without Borders and Red en Defensa de los Derechos Digitales (R3D), are expected to file another amicus brief in support of WhatsApp on Wednesday, CyberScoop has learned. The suit, which Facebook’s WhatsApp filed last year, is currently under appeal in U.S. Court of Appeals for the Ninth Circuit. The Israeli firm’s lawyers have argued […]

The post Tech titans throw weight behind WhatsApp allegations in NSO surveillance lawsuit appeared first on CyberScoop.

Continue reading Tech titans throw weight behind WhatsApp allegations in NSO surveillance lawsuit→

Lawmakers throw cold water on splitting Cyber Command from NSA

Posted on December 21, 2020 by Shannon Vavra

Although Pentagon officials have suggested in recent days that the nation’s offensive cyber arm should split away from the National Security Agency, Cyber Command is a long way from being ready to stand on its own, according to a bipartisan group of lawmakers. The proposal, which some DOD officials have been entertaining in the last several days, would separate out the command from the Department of Defense’s foreign signals intelligence agency, which it has been co-located with for 10 years in order to help it find its footing. Both the NSA and Cyber Command are currently run by the same leader, Gen. Paul Nakasone, and some critics say the Trump administration has been interested in separating the two in order to carve out a leadership spot for a political ally at the helm of the NSA before his time in the Oval Office expires, according to The Washington Post. But […]

The post Lawmakers throw cold water on splitting Cyber Command from NSA appeared first on CyberScoop.

Continue reading Lawmakers throw cold water on splitting Cyber Command from NSA→

Zero-click iPhone exploit, NSO Group spyware used to target Mideast journalists, Citizen Lab says

Posted on December 21, 2020 by Shannon Vavra

Hackers suspected to work for the governments of Saudi Arabia and the United Arab Emirates breached 36 devices belonging to Al Jazeera journalists in recent months by using a zero-click iPhone exploit and NSO Group spyware, according to new Citizen Lab research published Sunday. The suspected government hackers behind the operations had a particularly pernicious tactic for accessing their targets — an iPhone iMessage that requires zero interaction from the target to work, according to the researchers. Citizen Lab is based at the Munk School of Global Affairs and Public Policy at the University of Toronto. The hacking operations, which researchers attribute to the governments of Saudi Arabia and the UAE with “medium confidence,” could have allowed the operators to record audio, take pictures, track device location and access passwords or stored credentials on compromised phones, the researchers said. Qatar, where Al Jazeera is based, historically has a fraught relationship with […]

The post Zero-click iPhone exploit, NSO Group spyware used to target Mideast journalists, Citizen Lab says appeared first on CyberScoop.

Continue reading Zero-click iPhone exploit, NSO Group spyware used to target Mideast journalists, Citizen Lab says→

Pentagon officials float possible NSA, Cyber Command split

Posted on December 20, 2020 by Shannon Vavra

Officials at the Department of Defense have floated a proposal in recent days that could sever the dual-hatted relationship between the National Security Agency and Cyber Command, according to a U.S. official. The NSA, the Defense Department’s foreign signals intelligence agency, and Cyber Command, the department’s offensive cyber arm, are currently both led by Gen. Paul Nakasone in an arrangement that allows them to share resources and coordinate on priorities, such as protecting U.S. elections against foreign meddling. A proposal to end that arrangement was circulated among Pentagon officials in recent days, according to The Wall Street Journal. DefenseOne first reported the news Saturday. Whether Defense Department officials intend to follow through on the idea remains unclear. Separating Cyber Command from the NSA is something lawmakers, the military and the intelligence community have mulled since the creation of Cyber Command a decade ago. Some, including Gen. Nakasone, have said they […]

The post Pentagon officials float possible NSA, Cyber Command split appeared first on CyberScoop.

Continue reading Pentagon officials float possible NSA, Cyber Command split→

NSA warns defense contractors of potential SolarWinds fallout

Posted on December 18, 2020 by Shannon Vavra

It’s been widely reported that the suspected hacking team behind the massive and rapidly snowballing SolarWinds breach is linked with the Russian government. But the U.S. has not publicly named any one culprit behind the espionage operation, in which hackers concealed malware in SolarWinds network management tool updates, possibly infecting thousands of organizations across the U.S. federal government and the private sector. The National Security Agency, the U.S. Department of Defense’s foreign signals intelligence agency, on Thursday warned about an ongoing Russian state-sponsored hacking campaign that could by exacerbated by the SolarWinds breach. The NSA issued an alert warning defense contractors and Pentagon IT staff that the SolarWinds Orion compromise could be used in concert with a previously identified Russian state-sponsored hacking effort to access contractors’ data. The NSA did not claim that Russian hackers, who have been exploiting a VMWare flaw to access data, are involved in the SolarWinds […]

The post NSA warns defense contractors of potential SolarWinds fallout appeared first on CyberScoop.

Continue reading NSA warns defense contractors of potential SolarWinds fallout→