Shannon Vavra – Page 3 – WindowsTechs.com

Law enforcement delivers final blow to Emotet

Posted on April 26, 2021 by Shannon Vavra

Law enforcement officials are taking another stab at taking down Emotet. For years cybercriminals have used Emotet, a botnet or a network of infected computers, to spread ransomware such as Ryuk and other malware around the world. The activity has caught the attention of law enforcement officials around the world who have helped countless victims respond to these kinds of infections. But over the weekend authorities sent a specially crafted file to infected devices that is meant to make it so Emotet is no longer run automatically on infected machines. The action is intended to make it so Emotet’s persistence mechanism is removed and disrupt any existing infections, according to security researchers at Malwarebytes. It’s the last step of an operation targeting Emotet that law enforcement authorities from around the world launched earlier this year. U.S. and European authorities said in January they had taken control of the botnet’s computing […]

The post Law enforcement delivers final blow to Emotet appeared first on CyberScoop.

Continue reading Law enforcement delivers final blow to Emotet→

Google releases update to fix another zero-day flaw in Chrome browser

Posted on April 21, 2021 by Shannon Vavra

Google released an updated version of the Chrome browser on Tuesday that included seven security fixes, including a patch for a zero-day flaw that hackers may have actively been exploiting, Google said. Google has been dealing with several serious flaws in recent days. The update details four other vulnerabilities and fixes Google had to roll out this week. Google previously fixed another zero-day flaw on April 12, as well. If the zero-day flaw, classified as CVE-2021-21224, was exploited in concert with another vulnerability, hackers would have been able to execute arbitrary code on victims’ systems. VerSprite Inc’s Jose Martinez reported the vulnerability, which Google describes as a Type Confusion in V8, several days ago, linking it to a proof-of-concept exploit that took advantage of the bug. That proof-of-concept code was available on Twitter, and thus accessible to the public, though there were no reports of attackers leveraging the bug in […]

The post Google releases update to fix another zero-day flaw in Chrome browser appeared first on CyberScoop.

Continue reading Google releases update to fix another zero-day flaw in Chrome browser→

House green lights new State Department cyber bureau

Posted on April 21, 2021 by Shannon Vavra

The House of Representatives passed a bill Tuesday that would carve out a top cyber diplomacy office at the State Department to help the U.S. better influence global cyberspace norms. The so-called Cyber Diplomacy Act would require the State Department to develop a strategy for promoting norms in cyberspace around what behavior is acceptable in cyberspace. The proposal would also create an ambassador role for cyber diplomacy as well as a centralized bureau, the Bureau of International Cyberspace Policy, to push democratic norms in cyberspace and advise the Secretary of State on cyber issues. “In an increasingly connected world, we must have the proper structures in place to promote our values and interests in cyberspace,” Wisconsin Republican Rep. Mike Gallagher, who co-led the bill’s introduction, said in a statement. Added co-sponsor Jim Langevin, D-R.I.: “As the United States confronts increasingly bold challenges from adversaries in cyberspace, designing and implementing a […]

The post House green lights new State Department cyber bureau appeared first on CyberScoop.

Continue reading House green lights new State Department cyber bureau→

Biden administration unveils plan to defend electric sector from cyberattacks

Posted on April 20, 2021 by Shannon Vavra

The Biden administration is buckling down on cyber threats to U.S. power infrastructure. The Department of Energy (DOE) announced a 100-day plan to help shore up the U.S. electric power system against cyber threats Tuesday. The plan, rolled out with the private sector and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), is meant to help owners and operators develop more comprehensive approaches to detection, mitigation and forensic capabilities, according to the National Security Council. As part of the plan, the DOE’s Office of Cybersecurity, Energy Security, and Emergency Response, will focus on getting industrial control system (ICS) owners and operators to select and use technologies that will help gain real-time awareness of cyber threats, and response capabilities, according to a release. The DOE will also be encouraging the deployment of technologies that boost visibility into threats in both ICS and operational technology networks. “The United States […]

The post Biden administration unveils plan to defend electric sector from cyberattacks appeared first on CyberScoop.

Continue reading Biden administration unveils plan to defend electric sector from cyberattacks→

NATO tests its hand defending against blended cyber-disinformation attacks

Posted on April 19, 2021 by Shannon Vavra

Member nations of the North Atlantic Treaty Organization have banded together in recent days to confront an apparent cyberattack carried out against a NATO member’s critical infrastructure, according to the alliance. NATO is also working to battle a stream of disinformation about the attack against island state Berylia that has flooded social media, the alliance said. While many world leaders have faced off with blended cyber and disinformation operations in recent years, the NATO members in this case are not in fact facing a real threat. NATO crafted the scenario, which was carried out by a fabricated non-NATO nation-state “Crimsonia,” as part of an annual simulation exercise. Known as Locked Shields, it’s designed to test leaders’ readiness to deal with live cyberthreats. Berylia, the target of the fake attack and disinformation, is also an imagined state. The exercise — which had Crimsonia target Berylia’s financial services sector, mobile networks and […]

The post NATO tests its hand defending against blended cyber-disinformation attacks appeared first on CyberScoop.

Continue reading NATO tests its hand defending against blended cyber-disinformation attacks→

Codecov dev tool hit in another supply chain hack

Posted on April 16, 2021 by Shannon Vavra

There’s another supply chain hack on the block. Starting in January, attackers began altering Codecov’s Bash Uploader script and accessing Codecov customers’ information, the firm announced Thursday. Codecov, a platform that provides customers with reviews of code, found out about the unauthorized access and meddling on April 1. Bash Uploader is a tool that customers use to share code reports with Codecov. The incident could impact Codecov customers’ credentials, tokens or keys passed through users’ continuous integration environments, as well as any services or datastores that could be accessed with those credentials or keys, the firm said in a blog. The incident may also have impacted the Codecov-actions uploader for Github, the Codecov CircleCl Orb and the Codecov Bitrise Step, the firm warned. Codecov customers include Atlassian, Mozilla, Sweetgreen, Tile and The Washington Post, according to Codecov’s website. Codecov has 29,000 customers in all, Codecov said. Codecov is just the […]

The post Codecov dev tool hit in another supply chain hack appeared first on CyberScoop.

Continue reading Codecov dev tool hit in another supply chain hack→

U.S. government accuses Russian companies of recruiting spies, hacking for Moscow

Posted on April 15, 2021 by Shannon Vavra

The Biden Administration took a sideswipe at the Russian government’s network of companies it allegedly relies on to conduct intelligence and military hacking Thursday — part of a broader effort to beat back Russian government hacking and information operations targeting Americans, the U.S. private sector and the federal government. In one of the most striking actions the Biden administration took Thursday, the U.S. Treasury Department sanctioned Positive Technologies, a cybersecurity firm headquartered in Moscow. According to the Treasury Department, Positive Technologies may appear to be a regular IT firm, but it actually supports Russian government clients, including the Federal Security Service. The firm also “hosts large-scale conventions that are used as recruiting events for the FSB and GRU,” the Treasury Department said, referring to the Federal Security Service (FSB) and Russia’s Main Intelligence Directorate (GRU). U.S. intelligence documents show that the company has gone even further at times and has […]

The post U.S. government accuses Russian companies of recruiting spies, hacking for Moscow appeared first on CyberScoop.

Continue reading U.S. government accuses Russian companies of recruiting spies, hacking for Moscow→

NSA, FBI, DHS expose Russian intelligence hacking tradecraft

Posted on April 15, 2021 by Shannon Vavra

The U.S. government warned the private sector Thursday that Russian government hackers working for Russia’s Foreign Intelligence Service (SVR) are actively exploiting five known vulnerabilities to target U.S. companies and the defense industrial base. The National Security Agency, the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) urged system administrators to patch immediately against the vulnerabilities the hackers, also known at APT29 or Cozy Bear, are exploiting. The SVR hackers are specifically actively exploiting vulnerabilities in Fortinet FortiGate VPN, Synacor Zimbra Collaboration Suite, Pulse Secure Pulse Connect Secure VPN, Citrix Application Delivery Controller and Gateway and VMware Workspace ONE Access to gain initial footholds into networks, the government said in its alert. The hackers have been using these initial footholds to collect victims’ authentication credentials to burrow further into networks. The announcement coincides with the U.S. intelligence community’s formal attribution of the supply chain hack […]

The post NSA, FBI, DHS expose Russian intelligence hacking tradecraft appeared first on CyberScoop.

Continue reading NSA, FBI, DHS expose Russian intelligence hacking tradecraft→

Lawmakers press spy leaders on lagging efforts to block foreign hackers, deterrence

Posted on April 14, 2021 by Shannon Vavra

When companies become aware they have been targeted by criminal or nation-state hackers, they need to fess up and come to the U.S. government with information to help feds get a better handle on foreign nation-state hacking, FBI Director Chris Wray emphasized during testimony on Capitol Hill Wednesday. Wray noted that companies coming forward when they are impacted in cyberattacks is a crucial part of developing a sort of early-warning system for foreign hackers working to conduct sweeping cyber-operations against multiple American companies and government entities. “We need that first company [impacted]. Someday you’re going to be the first company, if you’re the CEO and someday you’re going to be the second, third or fourth company,” Wray told the Senate Intelligence Committee during the intelligence community’s global threats briefing. “We need in every instance those companies to be stepping forward promptly and reaching out to government so that we can […]

The post Lawmakers press spy leaders on lagging efforts to block foreign hackers, deterrence appeared first on CyberScoop.

Continue reading Lawmakers press spy leaders on lagging efforts to block foreign hackers, deterrence→

Unpatched Microsoft Exchange Servers hit with cryptojacking

Posted on April 14, 2021 by Shannon Vavra

Hackers are hitting Microsoft Exchange Servers with a Monero cryptominer, according to Sophos research published Tuesday. The attackers, which Sophos did not identify, began their apparently financially-motivated campaign shortly after Microsoft announced four zero-day vulnerabilities, according to Sophos. The attacker has lost several of the servers it has compromised to steal Monero — a kind of cryptocurrency — from victims, an indication that those with vulnerable machines are applying patches and hunting for compromise. But over the past month, the hackers have tackled new vulnerable servers to exploit, indicating some are still not paying attention to patching notices, Sophos warned. There were fewer than 10,000 vulnerable systems in the U.S. as of March 22, according to the National Security Council, compared with 120,000 entities that were vulnerable when the vulnerabilities were discovered. As of late March over 92% of affected servers were patched or mitigated, according to Microsoft. This particular […]

The post Unpatched Microsoft Exchange Servers hit with cryptojacking appeared first on CyberScoop.

Continue reading Unpatched Microsoft Exchange Servers hit with cryptojacking→