Shannon Vavra – Page 21 – WindowsTechs.com

Republican momentum builds for bills requiring encryption circumvention

Posted on July 31, 2020 by Shannon Vavra

Republican legislators are pushing more legislation on Capitol Hill that would require technology companies give law enforcement access to encrypted devices and services. Rep. Ann Wagner, R-Mo., introduced a bill on Thursday (H.R. 7891) to serve as a companion to a Senate bill that would require manufacturers of encrypted devices and service providers to be able to decrypt data after a court issues a warrant for user communications. Sens. Lindsey Graham, R-S.C., Marsha Blackburn, R-Tenn., and Tom Cotton, R-Ark., co-sponsored the Senate version of the bill, which they have touted as a way to stop child abusers and terrorists who seek to evade law enforcement attention through using encrypted services and devices. It’s just the latest series of GOP-backed bills introduced in the last year on Capitol Hill, including the EARN IT Act, that could degrade encryption’s security and privacy benefits at the peril of all users, for the benefit of some […]

The post Republican momentum builds for bills requiring encryption circumvention appeared first on CyberScoop.

Continue reading Republican momentum builds for bills requiring encryption circumvention→

Suspected Chinese hackers targeting Vatican in advance of Beijing negotiations

Posted on July 29, 2020 by Shannon Vavra

Over the course of the last three months, hackers with suspected linked to the Chinese government have been targeting the Vatican, according to research from security firm Recorded Future. The targeting, which was delivered in a series of spearphishing emails with malware-laden documents imitating legitimate Vatican correspondence and news about Hong Kong’s national security law, appears to have begun in May of this year, Recorded Future researchers said. The suspected Chinese government hackers have also targeted mail servers of other Catholic entities, including an international missionary center in Italy and the Catholic Diocese of Hong Kong. The hacking group appears to be linked with the China-based hacking group Mustang Panda, given several overlaps in techniques, infrastructure, and tooling, including a method for delivering malware that both groups employ as well as a method for obfuscating their attacks, the researchers said in a blog. However, given several different encryption mechanisms used […]

The post Suspected Chinese hackers targeting Vatican in advance of Beijing negotiations appeared first on CyberScoop.

Continue reading Suspected Chinese hackers targeting Vatican in advance of Beijing negotiations→

Here’s how Army Cyber Command plans to take on information warfare

Posted on July 29, 2020 by Shannon Vavra

Amid burgeoning Russian, Chinese, and Iranian influence operations aimed at manipulating U.S. politics and Americans’ understanding of the coronavirus pandemic, the Army’s top cybersecurity official has released a ten-year plan to reform his command into a more capable information warfare unit. The plan, which Lt. Gen. Stephen Fogarty outlined this week in Cyber Defense Review, a publication from the Army Cyber Institute, is meant to reorganize Army Cyber Command into a series of units that can work to counter adversaries’ efforts to destabilize the U.S., including by influencing adversaries’ behavior and decision-making through jamming up their signals, or by messaging and running social media information operations to control the narrative, for instance. In some cases, the reformulated Army Cyber Command (ARCYBER) will focus on “skillfully communicating (or obscuring), the location, capability, and intent of Army forces,” Fogarty said. The final goal of the ten-year plan is to get ARCYBER to be able to outsmart and outmaneuver adversaries in the information space — in concert with other […]

The post Here’s how Army Cyber Command plans to take on information warfare appeared first on CyberScoop.

Continue reading Here’s how Army Cyber Command plans to take on information warfare→

US files superseding indictment against former Twitter employees accused of spying for Saudi Arabia

Posted on July 29, 2020 by Shannon Vavra

U.S. prosecutors have filed a superseding indictment in federal court against two former Twitter employees for allegedly spying on dissidents on behalf of Saudi Arabia. The Department of Justice had alleged last year that a Saudi national with ties to the royal family had recruited two former Twitter employees, Ahmad Abouammo and Ali Alzabarah, to abuse their access to Twitter to collect sensitive information about Saudi dissidents, including location data, email addresses, and phone numbers. The former Twitter employees allegedly targeted a close associate of American journalist Jamal Khashoggi, who was murdered in 2018 at the behest of Saudi Crown Prince Mohammed bin Salman, according to the CIA. A grand jury has now charged Abouammo, Alzabarah, and Ahmed Almutairi, their alleged intermediary with the Saudi Kingdom, with acting as agents of a foreign government, wire fraud, and money laundering, among other charges. Abouammo is also accused of falsifying records in an effort to obstruct the investigation. Abouammo previously worked as Twitter’s head of […]

The post US files superseding indictment against former Twitter employees accused of spying for Saudi Arabia appeared first on CyberScoop.

Continue reading US files superseding indictment against former Twitter employees accused of spying for Saudi Arabia→

North Korean hackers are stepping up their ransomware game, Kaspersky finds

Posted on July 28, 2020 by Shannon Vavra

While cybercriminals have been ramping up their ransomware attacks against businesses, schools, and governments, rarely have state-backed hackers relied on ransomware to make a buck. But in recent months it appears that government hackers from North Korea want a piece of the pie, too, according to Kaspersky research. In two incidents earlier this year affecting two businesses — one in France and one in Asia — hackers tied to the Lazarus Group deployed a little-known ransomware strain called VHD, which is designed to steal money from victims. A few characteristics tipped off Kaspersky researchers to Lazarus Group’s operations — Kaspersky found few public references and samples of VHD ransomware in their telemetry, indicating the strain was likely not the work of a cybercriminal. Additionally, in one of the intrusions, the researchers noted a spreading utility — which would allow it to proliferate within victim networks — was compiled with credentials specific to the […]

The post North Korean hackers are stepping up their ransomware game, Kaspersky finds appeared first on CyberScoop.

Continue reading North Korean hackers are stepping up their ransomware game, Kaspersky finds→

Garmin mobile app down amid possible ransomware attack

Posted on July 23, 2020 by Shannon Vavra

Garmin’s mobile application and services are currently experiencing outages amid reports that the smartwatch and wearables company is suffering from a ransomware attack. Garmin confirmed on Twitter and its website that its mobile app is down and that it also can’t receive calls, emails, or online chats. Garmin also sent announcements to staff in its Taiwan factories announcing two days of “planned” maintenance for this upcoming weekend, according to reports from iThome, a Taiwanese outlet. Phil Stokes, a threat researcher at SentinelOne, said the announcement appears to coincide with a WastedLocker ransomware attack against the company. Several Garmin employees likewise alleged that WastedLocker — a custom ransomware deployed by Evil Corp, a Russian group of criminals known for its Dridex and BitPaymer attacks — was behind the incident, ZDNet reported. The ransom demands associated with WastedLocker have typically been expensive, according to Malwarebytes, although it was unclear if any demands had been […]

The post Garmin mobile app down amid possible ransomware attack appeared first on CyberScoop.

Continue reading Garmin mobile app down amid possible ransomware attack→

App for Chinese DJI drones could give hackers full control of users’ phones, researchers say

Posted on July 23, 2020 by Shannon Vavra

The Android application used to operate drones manufactured by DJI contains a number of features that could allow attackers to target users with malicious applications or gain full control of users’ phones, according to recent research by France-based Synacktiv and U.S.-based GRIMM. Researchers found that the DJI GO 4 application can force updates on users without routing them through the Google Play Store. Given the access the application has — including users’ contacts, microphone, camera, geolocation — it could give DJI or third parties nearly full control of users’ phones, Synacktiv and GRIMM found. It’s also the kind of update that could place the company in violation of the store’s guidelines. The application also may install arbitrary applications through the Weibo software development kit, without gaining users’ approval first and bypassing Google once again, according to GRIMM researchers. In so doing, the application shares users’ personal information with Weibo and […]

The post App for Chinese DJI drones could give hackers full control of users’ phones, researchers say appeared first on CyberScoop.

Continue reading App for Chinese DJI drones could give hackers full control of users’ phones, researchers say→

Apple’s long-awaited security device research program makes its debut

Posted on July 22, 2020 by Shannon Vavra

In order to make it easier for security researchers to find vulnerabilities in iPhones, Apple is launching an iPhone Research Device Program that will provide certain hackers with special devices to conduct security research, the company announced Wednesday. Beyond enhancing security for iOS users and making it easier to unearth flaws in iPhones, the program also aims to improve the efficiency of ongoing security research on iOS, Apple said. The launch comes several months after Apple initially teased out the plans for the security device program last year at the Black Hat conference in Las Vegas. For a company normally reluctant to allowing security researchers to find flaws in its code, Apple’s move could mark a step forward in its willingness to work with the broader information security community to expose and root out vulnerabilities in Apple platforms. Security researchers in recent years found it so difficult to access the inner workings […]

The post Apple’s long-awaited security device research program makes its debut appeared first on CyberScoop.

Continue reading Apple’s long-awaited security device research program makes its debut→

What’s new for North Korean hackers? Kaspersky says they’re polishing tools, finding new targets

Posted on July 22, 2020 by Shannon Vavra

North Korean government-linked hackers have refined their malware tools and expanded their target lists over the past two years, according to new research from Kaspersky, which says the attackers have devoted “significant resources” to improving their capabilities. In particular, the hackers have aggressively deployed a multi-stage malware framework — which Kaspersky calls MATA — to target Windows, Linux, and macOS operating systems. The framework is capable of deploying more than 15 malware components and has exhibited signs that it allows attackers to move laterally once they have compromised a target network, according to the research. So far, the attackers have used MATA against a software development firm, an e-commerce company and an internet service provider, Kaspersky said. The list of affected countries includes Poland, Germany, Turkey, Japan and India, the researchers said. Based on an analysis of the framework’s filenames and configuration, Kaspersky assesses that the scheme is linked with Lazarus Group, a hacking organization the U.S. government has […]

The post What’s new for North Korean hackers? Kaspersky says they’re polishing tools, finding new targets appeared first on CyberScoop.

Continue reading What’s new for North Korean hackers? Kaspersky says they’re polishing tools, finding new targets→

WhatsApp lawsuit against NSO Group spying can proceed, judge rules

Posted on July 17, 2020 by Shannon Vavra

A federal judge in California ruled Thursday evening that Facebook’s lawsuit alleging that NSO Group technology was used to spy on thousands of WhatsApp users can move forward. Facebook, which filed the suit last year, alleged NSO Group had exploited a vulnerability in WhatsApp to deploy its malware against human rights activists, journalists, and political dissidents. The decision marks a blow for the Israeli software surveillance company, which has vigorously denied the allegations and fought to get the suit thrown out of court. In allowing the case to move forward, the judge threw cold water on several of NSO Group’s arguments, leaving open the possibility the firm would have to reveal information about its clients and their spying targets. A WhatsApp spokesperson applauded the decision. “We are pleased with the Court’s decision permitting us to move ahead with our claims that NSO engaged in unlawful conduct. The decision also confirms that WhatsApp […]

The post WhatsApp lawsuit against NSO Group spying can proceed, judge rules appeared first on CyberScoop.

Continue reading WhatsApp lawsuit against NSO Group spying can proceed, judge rules→