Author Archives: Shannon Vavra

Lame-duck versions of TikTok and WeChat are definitely a problem, security experts say

Posted on by

Cybersecurity experts and privacy advocates said Friday that TikTok and WeChat users should probably stop using the applications in the coming days, given that the Trump administration’s new ban on them will effectively block users from downloading updates. Updates, of course, provide security fixes and not just new features. In just the last year, TikTok has had to issue multiple patches for vulnerabilities that could allow hackers to capture users’ data without their permission or send them malicious links, for instance. WeChat has also had to address several flaws in the last year. “The order … harms the privacy and security of millions of existing TikTok and WeChat users in the United States by blocking software updates, which can fix vulnerabilities and make the apps more secure,” the Director of the American Civil Liberties Union’s National Security Project, Hina Shamsi, said in a statement. After Sunday, when some of the restrictions are […]

The post Lame-duck versions of TikTok and WeChat are definitely a problem, security experts say appeared first on CyberScoop.

Continue reading Lame-duck versions of TikTok and WeChat are definitely a problem, security experts say

Co-founder of cyber fraud prevention startup arrested for alleged fraud

Posted on by

The co-founder of a cyber fraud prevention company was arrested Thursday and charged with leading an alleged scheme to trick investors into sinking hundreds of millions of dollars into the startup, the Department of Justice and the Securities and Exchange Commission (SEC) announced Thursday. Investors were shown falsified financial documents as part of the pitch for the software-as-a-service provider, Las Vegas-based NS8, the SEC and FBI said. Adam Rogas, the co-founder and former CEO of the startup, touted bank statements showing payments from NS8 customers that never happened, according to the SEC. “As alleged in our complaint, Rogas falsely presented NS8 as a successful business by fabricating revenue figures and providing them to investors,” said Kurt L. Gottschall, Director of the SEC’s Denver Regional Office. “Investors are entitled to accurate information about a company’s financial condition and the SEC is committed to holding accountable corporate executives who deceive investors.” Rogas is also alleged to have pocketed at least […]

The post Co-founder of cyber fraud prevention startup arrested for alleged fraud appeared first on CyberScoop.

Continue reading Co-founder of cyber fraud prevention startup arrested for alleged fraud

NSA director ranks influence operations as a top concern

Posted on by

Foreign influence operations are “the next great disruptor” in the U.S. intelligence community, the director of the National Security Agency said Wednesday. Gen. Paul Nakasone, who also serves as the head of Cyber Command, the Pentagon’s offensive cyber outfit, said he thinks influence efforts have the potential to shape the U.S. intelligence community’s operational environment for years to come. Planting misinformation and spreading disinformation are attractive ways for American adversaries to spread confusion in the U.S., in part because they can be inexpensive and they allow the opportunity to spread discord while operating below the level of armed conflict, Nakasone said. Disinformation specialists have said weaponized misinformation and baseless conspiracy theories already are having an effect on American life, in part because so many social media users spread sensational falsehoods, thinking they’re acting in good faith. “We’ve seen it now in our democratic processes,” Nakasone said during remarks at the virtual Intelligence and National Security […]

The post NSA director ranks influence operations as a top concern appeared first on CyberScoop.

Continue reading NSA director ranks influence operations as a top concern

Alleged Iranian hackers balanced espionage with personal cybercrime, US indictment says

Posted on by

Two Iranian nationals have been charged for their alleged involvement in a government-linked hacking operation that has targeted entities in the U.S., Europe, and the Middle East as well as Iranian dissidents and human rights activists, the U.S. Department of Justice said Wednesday. The hackers’ operations, which prosecutors say began as early as 2013, are alleged to have targeted American and foreign universities, a Washington, D.C.-based think tank, non-governmental organizations and nonprofits, as well as a U.S. defense contractor. The two men charged, Hooman Heidarian and Mehdi Farhadi, are alleged to have stolen hundreds of terabytes from victims, including information about national security, foreign policy, intelligence, nuclear information, and the aerospace sector, according to the Justice Department. Attackers allegedly operated at the behest of the Iranian government at times, including instances in which they are accusing of stealing data about opposition leaders, perceived political dissidents, and human rights activists. The hackers are also alleged to have […]

The post Alleged Iranian hackers balanced espionage with personal cybercrime, US indictment says appeared first on CyberScoop.

Continue reading Alleged Iranian hackers balanced espionage with personal cybercrime, US indictment says

Five Chinese nationals, two Malaysians charged in connection with global hacking campaign

Posted on by

Five Chinese nationals working as part of a well-resourced hacking group and two Malaysian nationals have been charged in connection with a global hacking campaign that hit hundreds of targets in the U.S. and around the world in multiple industries, the Department of Justice announced Wednesday. The accused Chinese hackers allegedly compromised technology providers and installed software backdoors in their networks, giving themselves a portal to collect information. The operation is linked to an advanced persistent threat group known as APT41, which private security firms have tied to the Chinese government. U.S. indictments unsealed Wednesday alleged that the activity is tied to China’s Ministry of State Security (MSS), a civilian intelligence agency. The suspects are alleged to have targeted software development companies, computer hardware manufacturers, telecommunications entities, social media companies, as well as non-profit organizations, universities and think tanks. They are also accused of targeting foreign governments, and pro-democracy politicians and activists in Hong Kong. Prosecutors say the hackers […]

The post Five Chinese nationals, two Malaysians charged in connection with global hacking campaign appeared first on CyberScoop.

Continue reading Five Chinese nationals, two Malaysians charged in connection with global hacking campaign

Public disclosure didn’t stop suspected Chinese hackers from targeting the Vatican

Posted on by

Hackers with suspected ties to the Chinese government kept up their operations in the weeks after they were caught targeting the Vatican, according to Recorded Future findings published Tuesday. Recorded Future researchers first called out the hacking group’s focus on the Vatican and Hong Kong’s Catholic Diocese in July, after which the hackers appeared to briefly pause their activity, in a likely effort to evade detection. But within two weeks, the hackers, known as RedDelta, had resumed their activities, aiming to infiltrate mail servers of the Vatican and the Hong Kong Catholic Diocese, researchers said. “This is indicative of RedDelta’s persistence in maintaining access to these environments for gathering intelligence, in addition to the group’s aforementioned high risk tolerance,” the researchers write in a blog post on the matter. China has long had an interest in collecting intelligence on religious groups in the region, and in particular on Catholics, ever since the Vatican […]

The post Public disclosure didn’t stop suspected Chinese hackers from targeting the Vatican appeared first on CyberScoop.

Continue reading Public disclosure didn’t stop suspected Chinese hackers from targeting the Vatican

Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says

Posted on by

Six suspected Chinese hacking groups have zeroed-in on entities in the telecommunications sector in the first half of this year, according to CrowdStrike research published Tuesday. While CrowdStrike did not identify the groups by name, attackers have likely been running their hacking operations in an effort to steal sensitive data about targets, or to conduct intellectual property theft, researchers at the threat intelligence firm determined. The telecommunications sector was among the top most-targeted sectors in the first half of 2020, the company said, alluding to behavior that aligns with previous espionage patterns from hackers with suspected ties to Beijing. Publication of the report coincides with a fresh warning from the U.S. Department of Homeland Security that a Chinese intelligence agency is exploiting known software flaws to gather information from U.S. federal agencies, and amid an ongoing U.S. government effort to safeguard research into a COVID-19 vaccine, which Chinese hackers are alleged to have […]

The post Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says appeared first on CyberScoop.

Continue reading Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says

Chinese intelligence-linked hackers are exploiting known flaws to target Washington, US says

Posted on by

Hackers connected to a Chinese intelligence agency have infiltrated U.S. government and the private sector entities in recent months by exploiting a series of common vulnerabilities, the FBI and Department of Homeland Security’s cybersecurity agency announced Monday. Attackers tied to China’s civilian intelligence and counterintelligence service, the Ministry of State Security (MSS), have been using phishing emails with malicious links to infiltrate victim organizations, according to the alert. By including malicious software in those messages, hackers are exploiting software flaws in commercial technologies and open-source tools, including services with known fixes. F5 Networks’ Big-IP Traffic Management User Interface, Citrix VPN Appliances, Pulse Secure VPN appliances, and Microsoft Exchange Server are among those affected, says the report from the FBI and DHS’ Cybersecurity and Infrastructure Security Agency (CISA). All of these are tools are open source and commercially available, making potentially high value espionage targets in the U.S. government relatively easy and low-cost for state-sponsored hackers […]

The post Chinese intelligence-linked hackers are exploiting known flaws to target Washington, US says appeared first on CyberScoop.

Continue reading Chinese intelligence-linked hackers are exploiting known flaws to target Washington, US says

NSA’s Cybersecurity Directorate is still figuring out how to measure success

Posted on by

Since the National Security Agency established a new directorate focused on cybersecurity, the organization once knows as “No Such Agency” has engaged in some behavior that would have seemed revolutionary a decade ago: publicly sharing information about several large-scale hacking threats, including Russian hacking incidents, as well as information about a critical Microsoft vulnerability. How successful the agency considers that behavior is still something it’s examining. The NSA’s Cybersecurity Directorate, which was established last October in part to share more threat intelligence with the public and the private sector, has been examining the impact of its Cybersecurity Advisories in a variety of ways, the NSA’s Executive Director, Wendy Noble, said during a virtual Billington CyberSecurity Summit Wednesday. “The more important thing to track is how [CSD information gets] used, the operational outcome,” Noble said. “We are working to develop those metrics to make sure we understand the value proposition … […]

The post NSA’s Cybersecurity Directorate is still figuring out how to measure success appeared first on CyberScoop.

Continue reading NSA’s Cybersecurity Directorate is still figuring out how to measure success

US sanctions Russian agent for 2020 election interference efforts, alleged IRA trolls

Posted on by

The Trump administration sanctioned four Russia-linked individuals for their efforts to interfere in the 2020 U.S. elections, the Treasury Department announced Thursday. The Treasury’s Office of Foreign Assets Control (OFAC) is specifically sanctioning Andriy Derkach, a Ukrainian politician who has been an “active Russian agent for over a decade,” for his efforts to interfere in the 2020 U.S. presidential elections in the U.S., it said in a release. Derkach waged a covert influence campaign that relied on edited audio taps and other materials meant to discredit U.S. officials, and sway public opinion, prior to Election Day, according to the Treasury Department. “Derkach has directly or indirectly engaged in, sponsored, concealed, or otherwise been complicit in foreign interference in an attempt to undermine the upcoming 2020 U.S. presidential election,” OFAC said in the release. OFAC is also sanctioning three members of the Russian government’s social media troll farm, the Internet Research Agency, […]

The post US sanctions Russian agent for 2020 election interference efforts, alleged IRA trolls appeared first on CyberScoop.

Continue reading US sanctions Russian agent for 2020 election interference efforts, alleged IRA trolls