Shannon Vavra – Page 24 – WindowsTechs.com

Palo Alto Networks reveals D-Link home router vulnerabilities

Posted on June 12, 2020 by Shannon Vavra

Taiwanese consumer technology manufacturer D-Link has issued security fixes for a series of bugs that, if exploited, could have enabled hackers to steal passwords and other sensitive data from home internet routers during the coronavirus pandemic. If used in concert, the vulnerabilities would have allowed attackers to scan network traffic to steal session cookies, and upload or download sensitive files, Palo Alto Networks’ Unit 42 researchers said in findings published Friday. In some cases, the vulnerabilities could have helped attackers to conduct denial of service attacks. While D-Link has released a security update for the flaws in question, the advisory offers a reminder that home internet routers represent targets for hackers aiming to take advantage of the increased number of people around the world teleworking as a result of the coronavirus. Hackers seized the moment early during the coronavirus pandemic, messing with Domain Name System settings in home routers in the U.S. and in multiple European […]

The post Palo Alto Networks reveals D-Link home router vulnerabilities appeared first on CyberScoop.

Continue reading Palo Alto Networks reveals D-Link home router vulnerabilities→

Senate Intelligence Committee wants DNI to investigate commercial spyware threats

Posted on June 11, 2020 by Shannon Vavra

The Senate Intelligence Committee quietly approved a measure last week that would require the Director of National Intelligence to submit a report to Congress on the threats posed by foreign governments’ and entities’ use of commercially available surveillance software. The DNI’s report, which would be sent to Congress 180 days after the Intelligence Authorization Act for 2021 passes, would include information on how the U.S. — and other countries — can work to reduce the threats of commercial spyware, including through export controls, diplomatic pressure, trade agreements, and work with the technology and telecommunications sectors to better secure consumers’ software. The committee wants the DNI to specifically address the threat posed to U.S. citizens, in addition to those living abroad or employed by the U.S. government. The report request comes nearly one year after the United Nations Special Rapporteur David Kaye called for a moratorium on the creation and sale of […]

The post Senate Intelligence Committee wants DNI to investigate commercial spyware threats appeared first on CyberScoop.

Continue reading Senate Intelligence Committee wants DNI to investigate commercial spyware threats→

Shoddy US government review of Chinese telcos endangered national security, Senate panel finds

Posted on June 9, 2020 by Shannon Vavra

For decades, the U.S. government’s process for reviewing the cybersecurity risks of Chinese telecommunications companies operating in the U.S. has been so haphazard that it has “endangered our national security,” a bipartisan Senate review released Tuesday found. The Senate Permanent Subcommittee on Investigations said that the group responsible for these kinds of reviews, made up of national security officials from the Departments of Defense, Homeland Security, and Justice, largely failed to rein in Chinese telecommunications companies because of an “informal” process, insufficient resourcing, and a lack of statutory authority. Federal Communications Commission commissioners have likened the group’s review to an “inextricable black hole,” the report said. As a result of minimal oversight from the group, known as “Team Telecom,” Chinese state-owned telecommunications companies have been able to operate with relative impunity, even as concerns have mounted that Chinese state-owned companies could be enabling espionage backed by the Chinese government within the […]

The post Shoddy US government review of Chinese telcos endangered national security, Senate panel finds appeared first on CyberScoop.

Continue reading Shoddy US government review of Chinese telcos endangered national security, Senate panel finds→

GAO: Cyber Command is overspending on data tools

Posted on June 5, 2020 by Shannon Vavra

One of the major initiatives that U.S. Cyber Command has been working on for two years is going to cost five times more than what military officials originally estimated, according to a Government Accountability Office report. The program, a software platform called Unified Platform (UP), is meant to help forces and military services working with Cyber Command to reduce the amount of data silos, and to streamline data processing, storage, queries, and information-sharing to enhance overall mission effectiveness. One of the main contributing factors to the miscalculation is that the overall cost of UP was not based on any independent analysis, GAO found. “UP did not have several key elements of its business case approved at the time of program initiation, such as approved requirements, a cost estimate informed by independent analysis, or a formal schedule risk assessment,” the GAO said. “Our prior work has shown that this type of […]

The post GAO: Cyber Command is overspending on data tools appeared first on CyberScoop.

Continue reading GAO: Cyber Command is overspending on data tools→

Google: Biden and Trump campaigns targeted by separate spearphishing campaigns

Posted on June 4, 2020 by Shannon Vavra

Hackers linked with China and Iran have been sending malicious spearphishing emails to staff on Joe Biden and President Donald Trump’s campaigns respectively, according to a researcher with Google’s Threat Analysis Group. Chinese government-linked hackers have been targeting Biden’s staffers, whereas Iranian government-linked hackers have been targeting Trump’s campaign, according to Shane Huntley, the Director of Google’s Threat Analysis Group. There is no evidence that the hacking attempts have resulted in compromises, Huntley said. This is just the latest warning from security researchers and the U.S. intelligence community that foreign government-backed hackers are interested in targeting various U.S. presidential campaigns during the 2020 election cycle, in what is turning out to be a tumultuous year for American citizens amid economic turmoil, the coronavirus pandemic, and mass protests about racism. “We have known from the beginning of our campaign that we would be subject to such attacks and we are prepared for […]

The post Google: Biden and Trump campaigns targeted by separate spearphishing campaigns appeared first on CyberScoop.

Continue reading Google: Biden and Trump campaigns targeted by separate spearphishing campaigns→

There’s a new Java ransomware family on the block

Posted on June 4, 2020 by Shannon Vavra

BlackBerry and KPMG’s UK Cyber Response Services uncovered a new ransomware strain that uses an obscure file format to avoid detection, according to new research published Thursday. After researchers conducted forensic investigations at a European educational institution, they uncovered that attackers had gained access to the unnamed institution through an internet-connected remote desktop server, according to the Blackberry Research and Intelligence Team. The ransomware, which Blackberry has dubbed Tycoon, uses a little known Java image format to avoid detection and then encrypts file servers, locking administrators out unless they pay a ransom. Tycoon is highly targeted and has affected only approximately a dozen victims, BlackBerry’s Vice President of GUARD Services and Director of GUARD Threat Hunting & Intelligence, Eric Milam and Claudiu Teodorescu, told CyberScoop. The ransomware has generally targeted small- and medium-sized education and software entities so far. And although the new ransomware has only affected a limited number of victims, Tycoon is a reminder that even […]

The post There’s a new Java ransomware family on the block appeared first on CyberScoop.

Continue reading There’s a new Java ransomware family on the block→

Zoom has partially fixed two new flaws, with other security hurdles ahead

Posted on June 3, 2020 by Shannon Vavra

Cisco Talos researchers recently uncovered two new flaws in Zoom that could allow attackers to execute arbitrary code on users’ computers, according to research published Wednesday. Zoom has partially fixed the vulnerabilities, according to Cisco Talos. The cybersecurity company said it worked with Zoom on addressing the flaws. It’s the latest set of security bugs discovered in Zoom, a teleconferencing company whose software has come under heightened scrutiny in recent months as the coronavirus pandemic forced people around the world to telework and rely on videoconference platforms. Competitors include Cisco WebEx, Microsoft Teams, and GoToMeeting. Zoom fixed one of the issues, dubbed TALOS-2020-1056, in May. And while Zoom addressed the other flaw, dubbed TALOS-2020-1055, in a server-side update, Cisco Talos’ Jon Munshaw said in a blog he believes that a client-side update will be necessary to fully mitigate any risk. The first flaw, TALOS-2020-1056, affecting Zoom Client version 4.6.10, relates to how Zoom processes messages. […]

The post Zoom has partially fixed two new flaws, with other security hurdles ahead appeared first on CyberScoop.

Continue reading Zoom has partially fixed two new flaws, with other security hurdles ahead→

The governor’s office says the NSA isn’t involved in the response to Minnesota’s protests. But here’s how it could be.

Posted on June 1, 2020 by Shannon Vavra

The office of Minnesota Gov. Tim Walz says the National Security Agency did not provide the state with signals intelligence as its law enforcement agencies responded to protests against the killing of George Floyd. For awhile this weekend, though, the governor stirred up some confusion about whether the intelligence agency could do so. “No NSA involvement,” a Walz spokesperson told CyberScoop. The Democratic governor was mistaken in suggesting Saturday during a press conference that the U.S. military had provided the state with signals intelligence collected by the NSA, the spokesperson said. CyberScoop could not independently verify the spokesman’s comment. The NSA deferred comment to the governor’s office. Generally speaking, the NSA, the Pentagon’s foreign signals intelligence agency, does not target U.S. citizens to collect electronic communications information. But there are specific times when it can. Walz’s comments — combined with speculation about how those legal circumstances might apply to the protests — were enough to fuel questions about the NSA’s involvement. Walz said Saturday that he had […]

The post The governor’s office says the NSA isn’t involved in the response to Minnesota’s protests. But here’s how it could be. appeared first on CyberScoop.

Continue reading The governor’s office says the NSA isn’t involved in the response to Minnesota’s protests. But here’s how it could be.→

Rod Rosenstein is working with NSO Group, the Israeli firm accused of spying on dissidents

Posted on June 1, 2020 by Shannon Vavra

Rod Rosenstein, a former deputy attorney general at the Department of Justice, has been providing counsel on cybersecurity and national security to NSO Group, the Israeli software surveillance firm accused of spying on human rights activists and journalists, according to court documents obtained by CyberScoop. Rosenstein’s work with NSO Group was revealed in court documents in relation to a lawsuit WhatsApp filed against the company, accusing them of surveilling over 1,000 WhatsApp users. “I have counseled NSO about cyber and national security issues and assisted the defense team” in the WhatsApp v. NSO Group case, Rosenstein said in the signed declaration. Rosenstein has been employed King & Spalding, the firm representing NSO Group, since January of this year. He previously served as deputy attorney general from 2017 through May 2019. The filing is an attempt to rebut WhatsApp’s claims that King & Spalding has a conflict of interest in the case because it has represented […]

The post Rod Rosenstein is working with NSO Group, the Israeli firm accused of spying on dissidents appeared first on CyberScoop.

Continue reading Rod Rosenstein is working with NSO Group, the Israeli firm accused of spying on dissidents→

NSA calls out Russian military hackers targeting mail relay software

Posted on May 28, 2020 by Shannon Vavra

Hackers working for Russia’s intelligence agency have been exploiting a vulnerability in a mail relay software since August of last year, according to an alert issued Thursday by by the National Security Agency. The NSA publicly attributes the actions to the Russian military’s Main Center for Special Technologies (GTsST). That group is more commonly known as Sandworm, the hacking group believed to be responsible for Ukraine grid disruptions. The alert comes amid a broader agency effort to publicly share more unclassified threat intelligence. The NSA established a cybersecurity directorate last year to take the reins on providing real-time information in the hopes to prevent digital intrusions against U.S. networks. The Exim Mail Transfer Agent (MTA) vulnerability exploited in this case, CVE-2019-10149, allows the threat actors to execute commands and code remotely. When Sandworm exploits the vulnerability, victim machines download and execute a shell script from a Sandworm-controlled domain, according to […]

The post NSA calls out Russian military hackers targeting mail relay software appeared first on CyberScoop.

Continue reading NSA calls out Russian military hackers targeting mail relay software→