Author Archives: Shannon Vavra

North Korean hackers ramp up coronavirus vaccine targeting

Posted on by

North Korean hackers have been on a bit of a coronavirus vaccine hacking spree. An espionage shop with suspected ties to the North Korean government has been working to breach multiple pharmaceutical companies working on coronavirus treatments in the U.S. and South Korea over the last several months, according to The Wall Street Journal. Johnson & Johnson and Novavax — both U.S.-based firms working on COVID-19 vaccines — have reportedly been targeted, as have South Korea-based Genexine, Shin Poong Pharmaceutical and Celltrion. It was unclear if the attempts have been successful. The attackers, which are believed to be part of the hacking group known as Kimsuky, have historically targeted South Korean think tanks and targets linked with sanctions and nuclear topics. But in recent months Kimsuky has expanded its targeting and turned its attention to pharmaceutical and research entities focused on the coronavirus, according to research from cybersecurity firm Cybereason. […]

The post North Korean hackers ramp up coronavirus vaccine targeting appeared first on CyberScoop.

Continue reading North Korean hackers ramp up coronavirus vaccine targeting

US alert urges think tanks to be on guard for foreign hacking activity

Posted on by

Think tanks should be on high alert for nation-state hacking attempts in the coming days, the FBI and Department of Homeland Security warned in a joint report issued Tuesday. The alert, which comes just as President-Elect Joe Biden carves out his national security team — many of whom are currently employed at prominent non-governmental organizations and think tanks in D.C. — notes that foreign state-linked hacking groups are primarily going after think tank employees that focus on national security and foreign policy. “Given the importance that think tanks can have in shaping U.S. policy, CISA and FBI urge individuals and organizations in the international affairs and national security sectors to immediately adopt a heightened state of awareness and implement the critical steps listed in the Mitigations section of this Advisory,” the bulletin states. U.S.-based think tanks and non-profit organizations are a perennial target of nation-state hackers. Foreign espionage groups have long targeted […]

The post US alert urges think tanks to be on guard for foreign hacking activity appeared first on CyberScoop.

Continue reading US alert urges think tanks to be on guard for foreign hacking activity

Senators warn YouTube to buck up on misinformation

Posted on by

YouTube has found itself in the crosshairs of a group of Democratic senators who want the Alphabet-owned video platform to take down misinformation about elections, false claims of voter fraud and content that could fuel civil unrest. In the buildup to the 2020 U.S. presidential elections, YouTube chose to not take down content that promotes false claims about the election or that challenges the credibility of election’s results. That policy is not enough to curb misinformation, the senators warned in a letter they sent Tuesday to YouTube CEO Susan Wojcicki. “[T]he platform is now home to an ‘onslaught of videos aiming to undermine the legitimacy of the election,’” wrote senators Bob Menendez of New Jersey, Mazie Hirono of Hawaii, Gary Peters of Michigan and Amy Klobuchar of Minnesota. “These videos seek to undermine our democracy and cast doubt on the legitimacy of President-elect Biden’s incoming administration. Moreover, because the current president has […]

The post Senators warn YouTube to buck up on misinformation appeared first on CyberScoop.

Continue reading Senators warn YouTube to buck up on misinformation

Baidu apps in Google Play Store left users vulnerable to tracking, Palo Alto finds

Posted on by

A pair of Baidu applications on the Google Play Store were recently leaking users’ sensitive data that could be used to track users’ location, according to Palo Alto Networks’ Unit 42 research published Tuesday. Through reverse-engineering, the researchers at Unit 42, the research arm at Palo Alto Networks, found that both the Baidu Search Box and Baidu Maps applications used a software development kit (SDK) that would collect users’ MAC address, carrier information and international mobile subscriber identity (IMSI) number. It’s the kind of data that, if it were to fall into the wrong hands, could be used to stalk, monitor, or even harass an individual. IMSI numbers, for instance, could allow cybercriminals or state-linked actors to track someone, even if they switch to a new device, as IMSI numbers can be used to uniquely identify a user. Snoops using IMSI catchers, which imitate cell towers to capture a user’s location, have been known […]

The post Baidu apps in Google Play Store left users vulnerable to tracking, Palo Alto finds appeared first on CyberScoop.

Continue reading Baidu apps in Google Play Store left users vulnerable to tracking, Palo Alto finds

Suspected Chinese hackers impersonate Catholic news outlets to gather intel about Vatican diplomacy

Posted on by

After months of public reporting on a suspected Chinese hacking campaign targeting entities linked with diplomacy between the the Vatican and Beijing, the hackers are still trying their luck. Researchers at the security firm Recorded Future first called out hackers affiliated with a group called Mustang Panda in July for their efforts to conduct espionage against targets involved in negotiations about the operations of the Catholic Church in China, a historically fraught topic. After Recorded Future published its research on the hacking spree, attackers briefly paused their activity only to resume two weeks later with the same toolset. Now the same group is back at it, with an effort to evade detection, according to Proofpoint research published Monday. This time, attackers updated their technique to deliver malware in order to avoid being noticed, according to Proofpoint researchers. While earlier this year the hackers targeted the diplomatic entities using a remote access trojan, a PlugX variant […]

The post Suspected Chinese hackers impersonate Catholic news outlets to gather intel about Vatican diplomacy appeared first on CyberScoop.

Continue reading Suspected Chinese hackers impersonate Catholic news outlets to gather intel about Vatican diplomacy

UK formally unveils GCHQ’s offensive cyber-operation shop

Posted on by

The U.K. has drummed up an offensive cyber-operations unit dedicated to disrupting British adversaries in cyberspace, British Prime Minister Boris Johnson announced Thursday. The unit, known as the National Cyber Force (NCF), is capable of launching targeted campaigns against adversaries, from those that interfere with terrorists’ communications devices and cellphones to those that support British military operations, according to the announcement. The British government has been developing the force for approximately two years. The NCF, which is expected to grow to 3,000 strong in the coming years, consists of personnel from the country’s signals intelligence agency, the Government Communications Headquarters (GCHQ), as well as the Ministry of Defense, the country’s Secret Intelligence Service (MI6) and the Defence Science and Technology Laboratory. The force, which operates alongside GCHQ’s defensive cyber unit — the National Cyber Security Centre — currently only has a couple hundred staff. The announcement coincides with efforts from British […]

The post UK formally unveils GCHQ’s offensive cyber-operation shop appeared first on CyberScoop.

Continue reading UK formally unveils GCHQ’s offensive cyber-operation shop

End-to-end encryption coming to Android phones, along with RCS messaging update

Posted on by

Android users will soon be able to take advantage of end-to-end encrypted messaging, Google said in an announcement Thursday. The updated data protection protocol, which will render Android users’ messages only readable by the sender and recipient, will initially be available in beta this month, and those interested in participating in testing will have to sign up, Google said. Once end-to-end encryption is available more broadly for Android users, Google will implement it by default, according to The Verge. The move could bring trustworthy encryption to billions of Android phone users, safeguarding their data in a way that makes it inaccessible to Google, phone carriers and most snoops trying to intercept their communication with traditional forms of surveillance. Russia and China wil be exempt from encryption. “We recognize that your conversations are private and it’s our responsibility to keep your personal information safe,” Drew Rowny, Google’s Product Lead for Messages said in a blog. “We’re continually […]

The post End-to-end encryption coming to Android phones, along with RCS messaging update appeared first on CyberScoop.

Continue reading End-to-end encryption coming to Android phones, along with RCS messaging update

Would social media collaboration kneecap abusive content? One startup thinks so.

Posted on by

Social media companies need to band together more to limit the spread of abusive and harmful content online, according to John Redgrave, the co-founder and CEO of abuse detection software company Sentropy. Social media companies can work all they want to root out harmful content, but if they’re working in silos and not sharing lessons learned, some harmful content will continue to spread unabated, Redgrave said during FedTalks, a virtual event produced by FedScoop. “Facebook, after the Christchurch shooting did, what I would view as a technologist, an admirable job of yanking down the video on their platform. But I can still find the video online,” Redgrave said, referring to the shooting in New Zealand which was live-streamed on social media last year. “This is not a Facebook problem, this is not a Twitter problem — this is an internet problem,” Redgrave said. “What we need to see is increased collaboration.” […]

The post Would social media collaboration kneecap abusive content? One startup thinks so. appeared first on CyberScoop.

Continue reading Would social media collaboration kneecap abusive content? One startup thinks so.

How the Pentagon is trolling Russian, Chinese hackers with cartoons

Posted on by

There’s little that Russian hackers hate more than being seen as soft. So when U.S. military hackers saw a way to publicly portray them as bumbling and unthreatening in recent weeks, they seized the moment. It all began when Cyber Command, the U.S. Department of Defense’s offensive cyber arm, started working with a graphics company to illustrate foreign government hackers. The military realized it could punch up the reports it releases on foreign hacking operations by adding illustrations, and try to embarrass or infuriate the foreign hacking shops along the way, one U.S. official told CyberScoop. In one case, when Cyber Command started making plans to expose some state-sponsored espionage operations tied to Russia’s Federal Security Service (FSB), the country’s KGB successor, they turned to the graphics company to develop images that would goad the Russians, the official said. “Russia hates to be seen as cuddly or cozy so we want to tick them off,” said the official, who was not authorized […]

The post How the Pentagon is trolling Russian, Chinese hackers with cartoons appeared first on CyberScoop.

Continue reading How the Pentagon is trolling Russian, Chinese hackers with cartoons

Hacker-for-hire group targeting South Asian organizations, research says

Posted on by

There’s a new cyber mercenary group on the block, and they’re going after targets in more than a dozen countries around the globe, according to BlackBerry research published Thursday. The hack-for-hire shop, which BlackBerry is calling “CostaRicto,” has largely gone after targets in South Asia, especially in India, Bangladesh and Singapore, according to BlackBerry. Some of its targeting has also been located in Africa, the Americas, Australia and Europe, including in Austria, the Bahamas, France, Mozambique, the Netherlands and Portugal, the researchers write in a blog on the group. It isn’t exactly clear who the hackers-for-hire are, but given that their targets tend to be focused in South Asia, BlackBerry researchers suggest they may be based in that region. The disparate targeting and characteristics of their toolset suggest they are working on behalf of clients, BlackBerry reachers write. CostaRicto targets victims with a custom backdoor that appeared last October, but has […]

The post Hacker-for-hire group targeting South Asian organizations, research says appeared first on CyberScoop.

Continue reading Hacker-for-hire group targeting South Asian organizations, research says