Shannon Vavra – Page 29 – WindowsTechs.com

Cybercriminals, nation-states increasingly tailoring coronavirus spearphishing campaigns

Posted on March 12, 2020 by Shannon Vavra

Cybercriminals and nation-state actors continue to exploit fears about the novel coronavirus, sending emails that look to be from legitimate health authorities to try delivering malware to victims, according to researchers at several different cybersecurity companies. The campaigns are part of a growing trend of hackers taking advantage of the virus’s spread. While nefarious actors have been sending coronavirus-related lures for weeks, hackers are starting to tailor their forgery emails in order to better trick victims. The lures, for instance, are increasingly borrowing from country-specific health authorities’ branding, according to Recorded Future research set to be published later Thursday, such as the Public Health Center of the Ministry of Health of Ukraine and China’s Ministry of Health. There have also been lures that come from senders that look to be working for the U.S. Centers for Disease Control and Prevention (CDC) and the U.S. State Department, or imitating the Mongolian Ministry […]

The post Cybercriminals, nation-states increasingly tailoring coronavirus spearphishing campaigns appeared first on CyberScoop.

Continue reading Cybercriminals, nation-states increasingly tailoring coronavirus spearphishing campaigns→

What to expect from the Cybersecurity Solarium Commission report

Posted on March 11, 2020 by Shannon Vavra

A bipartisan congressional committee is urging the federal government to enact a sweeping set of cybersecurity upgrades in order to modernize American defenses on issues ranging from 5G security to stopping intellectual property theft and mitigating ransomware attacks. The Cybersecurity Solarium Commission on Wednesday will release 75 recommendations that calla for changes in the way that Congress and the Trump administration oversee crucial security issues that, if unaddressed, may jeopardize U.S. national and economic security. It remains to be seen whether some of the proposals will become a reality. In an interview with CyberScoop, Sen. Angus King, I-Maine, a co-chair of the commission, would not preview what elements of the proposal would appear in forthcoming legislation, but said between 40-50 percent of them could be seen in the 2021 National Defense Authorization Act. King says there is urgency to taking action on each of the 75 recommendations. “We want this to be […]

The post What to expect from the Cybersecurity Solarium Commission report appeared first on CyberScoop.

Continue reading What to expect from the Cybersecurity Solarium Commission report→

NSO Group works to explain no-show in court for WhatsApp suit, plots defense

Posted on March 9, 2020 by Shannon Vavra

The Israeli surveillance software firm accused of exploiting WhatsApp to run surveillance operations against users has asked the court for a 120-day extension to reply to WhatsApp’s lawsuit. NSO Group alleges that Facebook, WhatsApp’s parent company, lied in a recent procedural filing about whether it had properly served NSO Group under The Hague Convention, according to court documents filed with the U.S. District Court for the Northern District of California obtained by CyberScoop. “Facebook lied to the court in its February 27 application for default, saying that service was complete,” NSO Group said in a statement shared with CyberScoop. “In fact, Facebook and its lawyers had been told two days earlier (February 25) by the Government of Israel that service under the Hague Convention was not complete — a fact Facebook concealed from the court.” It’s the latest logistics squabble in the case, which alleges NSO Group’s custom malware was […]

The post NSO Group works to explain no-show in court for WhatsApp suit, plots defense appeared first on CyberScoop.

Continue reading NSO Group works to explain no-show in court for WhatsApp suit, plots defense→

Cyber Command was worried that WikiLeaks dump would burn Operation Aurora intel, document shows

Posted on March 9, 2020 by Shannon Vavra

When WikiLeaks released a trove of diplomatic cables in 2010 on everything from terrorism to Russian President Vladimir Putin to computer intrusions, it set off shockwaves through the Department of Defense and intelligence community over the knowledge being dumped into the public domain. Now we know that unauthorized release even impacted U.S. Cyber Command. A document obtained through a Freedom of Information Act request details Cyber Command’s knowledge of what was revealed in the infamous WikiLeaks dump. The document, a Cyber Command fusion cell situational awareness report, suggests the Pentagon knew who was behind a broad cyber-espionage operation known as Operation Aurora and was worried about that information becoming public, and what adversaries could learn about sensitive U.S. cyber-operations as a result The document, which was obtained by George Washington University’s National Security Archive and shared with CyberScoop, is a rare look into how Cyber Command, the DOD, and the intelligence community tracks adversaries in cyberspace and […]

The post Cyber Command was worried that WikiLeaks dump would burn Operation Aurora intel, document shows appeared first on CyberScoop.

Continue reading Cyber Command was worried that WikiLeaks dump would burn Operation Aurora intel, document shows→

Hackers seize on coronavirus fears for fodder in spearphishing, misinformation schemes

Posted on March 6, 2020 by Shannon Vavra

As coronavirus infections surge globally, hackers and nation-state actors are weaponizing information about the COVID-19 virus to spread malware and disinformation, according to security researchers and the State Department. Russian actors, linked with Moscow through “state proxy websites,” for instance, have been using “swarms of online, false personas” to spread misinformation about the new coronavirus online, according to the Global Engagement Center, the State Department section meant to combat information operations around the world. Some of the fake narratives have allegedly been propagated by official state media, Lea Gabrielle, the center’s special envoy and coordinator, told lawmakers Thursday. Threat actors have also begun sending messages laced with malicious software to targets in Italy, where coronavirus infections have surged in recent weeks, according to new research unveiled this week from security firm Sophos. The attackers have been sending messages with a Microsoft Word document that appears to contain recommendations for preventing […]

The post Hackers seize on coronavirus fears for fodder in spearphishing, misinformation schemes appeared first on CyberScoop.

Continue reading Hackers seize on coronavirus fears for fodder in spearphishing, misinformation schemes→

Former Buttigieg CISO urges DNC to coordinate information sharing between campaigns

Posted on March 5, 2020 by Shannon Vavra

Over the last year, Democratic presidential campaigns have had difficulty sharing threat data between one another, according to the former security boss for Pete Buttigieg’s campaign, raising concerns about the party’s ability to fend off possible interference ahead of the November elections. Mick Baccio, who spent roughly five months working for the now-defunct Buttigieg campaign, told CyberScoop that his team tried sharing information with other campaigns that could have helped officials protect themselves from hackers. The effort was hampered, he said, by a shortage of qualified security staffers on other campaigns, and the lack of a formal information sharing process. Baccio resigned from the campaign in January over philosophical differences. “It’s not that there’s not a want to share. It’s ‘I don’t know who to talk to,’” he said during an interview Wednesday at the Splunk Government Summit in Washington, D.C.. “I don’t know of a formal mechanism; whether it’s through the DNC, DCCC, […]

The post Former Buttigieg CISO urges DNC to coordinate information sharing between campaigns appeared first on CyberScoop.

Continue reading Former Buttigieg CISO urges DNC to coordinate information sharing between campaigns→

Huawei execs admit they don’t know whether their tech is used for surveillance

Posted on March 4, 2020 by Shannon Vavra

Huawei has had a lot to deal with over the last few years. Primarily, U.S. government officials have warned that the Chinese technology firm could be used as a tool for government surveillance or other intelligence operations, specifically via backdoors in its mobile networks. The Trump administration has banned Huawei technologies’ use in the federal government and made it difficult for the company to do business in the U.S. In recent months, the Department of Justice has alleged a Huawei subsidiary, has helped Iran run surveillance operations. Huawei technicians have also been accused of helping surveil targets in Africa. In order to answer to each and every accusation, Huawei sent two of its top cybersecurity officials — Chief Security Officer Andy Purdy and Vice President of Risk Management and Partner Relations Tim Danks — to the RSA Conference in San Francisco last week. In an interview with CyberScoop, the company’s executives continued toeing the […]

The post Huawei execs admit they don’t know whether their tech is used for surveillance appeared first on CyberScoop.

Continue reading Huawei execs admit they don’t know whether their tech is used for surveillance→

Verisign, Amazon patch zero-day vulnerability that utilized homoglyph characters

Posted on March 4, 2020 by Shannon Vavra

Verisign has fixed an issue that could have allowed attackers to register bogus domains by using homoglyphs in place of more common characters, due to research from California-based security firm Soluble. Matt Hamilton, principal security researcher at Soluble, discovered the flaw when he attempted to register an Amazon Web Services S3 bucket with Unicode emoji characters. “It was possible to register Latin homoglyph characters, specifically Unicode Latin IPA Extension homoglyphs,” he wrote in a blog released Wednesday. “I then checked if it was possible to register domains with these homoglyph characters. Ruh-roh, it was.” Hamilton called out the abuse of the following characters: The “ɡ” (Voiced Velar Stop) The “ɑ” (Latin Alpha) The “ɩ” (Latin Iota) For years, domain providers have been aware of homoglyph attacks and have put in place restrictions to prevent their exploitation, such as barring the use of both Latin and Cyrillic characters at once. Verisign, which operates […]

The post Verisign, Amazon patch zero-day vulnerability that utilized homoglyph characters appeared first on CyberScoop.

Continue reading Verisign, Amazon patch zero-day vulnerability that utilized homoglyph characters→

Facebook takes down inauthentic accounts from India, Egypt

Posted on March 2, 2020 by Shannon Vavra

Facebook has removed hundreds of accounts, pages, groups and Instagram accounts originating from India and Egypt for violating Facebook’s policy against foreign or government interference. Accounts emanating from India focused on the Gulf region, U.S., UK, and Canada while the Egyptian activity aimed at countries in the Middle East and North Africa. Facebook said one marketing firm in India, “aRep Global,” and two marketing firms in Egypt, “Waves” and “Flexell,” are responsible for the activity. The announcement Monday comes as part of Facebook’s efforts to be more transparent about how it roots out inauthentic behavior on its platforms (this is the first in what executives said will be a series of monthly reports). The social media company in recent months has identified separate campaigns associated with a Russian tycoon, the United Arab Emirates, Africa and the Middle East. But this is not the first time Waves and Flexell, the Egyptian firms, have been caught running questionable campaigns on Facebook. Facebook removed […]

The post Facebook takes down inauthentic accounts from India, Egypt appeared first on CyberScoop.

Continue reading Facebook takes down inauthentic accounts from India, Egypt→