Shannon Vavra – Page 30 – WindowsTechs.com

Treasury sanctions two Chinese nationals for helping North Korean hackers

Posted on March 2, 2020 by Shannon Vavra

The U.S. Treasury Department sanctioned two Chinese nationals Monday for laundering stolen money obtained through a North Korean government-backed hack of a cryptocurrency exchange in 2018. Specifically, the Treasury Department sanctioned Tian Yinyin and Li Jiadong for “having materially assisted, sponsored, or provided financial, material, or technological support for, or goods or services to or in support of” Lazarus Group, a hacking group the U.S. government has previously linked with the North Korean government, according to the Treasury Department release. The two also provided that support to a “malicious cyber-enabled activity.” The Treasury Department has previously singled out Lazarus Group for its heists. Last September, the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Lazarus Group and two sub-groups for their activities targeting Society for Worldwide Interbank Financial Telecommunication (SWIFT) and stealing cash and customer information from ATMs. This is the first time the U.S. government is formally sanctioning Chinese nationals with […]

The post Treasury sanctions two Chinese nationals for helping North Korean hackers appeared first on CyberScoop.

Continue reading Treasury sanctions two Chinese nationals for helping North Korean hackers→

Ethical hackers submitted more bugs to the Pentagon than ever last year

Posted on March 2, 2020 by Shannon Vavra

Outside security researchers alerted the Pentagon about more software vulnerabilities in its networks than ever before, according to statistics released by a Department of Defense unit focused on cyber operations. The Defense Department’s Cyber Crime Center (DC3) on Friday released its annual the numbers from the Vulnerability Disclosure Program (VDP), in which the Pentagon asks ethical hackers, known as “white hats,” to probe its networks for weaknesses, then tell the government what they found. In all, the VDP processed 4,013 vulnerability reports, 2,836 of which led to mitigation activities, the DC3’s Executive Director, Jeffrey Specht, said in the report. Eight percent of the submitted reports were critical or high severity, according to a statement. “It was our busiest year to date with a staggering 21.7% increase of submitted reports from 2017,” the DOD Cyber Crime Center (DC3) report says. The department has been working to uncover vulnerabilities with the help of white hat hackers for […]

The post Ethical hackers submitted more bugs to the Pentagon than ever last year appeared first on CyberScoop.

Continue reading Ethical hackers submitted more bugs to the Pentagon than ever last year→

DNC tells campaigns to be wary of contact from fake Sanders team account

Posted on February 27, 2020 by Shannon Vavra

The Democratic National Committee is warning presidential campaigns that someone has been impersonating a Bernie Sanders staffer through a domain registered in a foreign country, with the intention of contacting at least two other campaigns. The chief security officer for the DNC, Bob Lord, said in an email obtained by CyberScoop that adversaries could use the fake personas to set up phone calls or meetings with presidential campaign staffers. “They may impersonate people in the hopes that you will download suspicious files, or click on a link to a phishing site. Sometimes they seek to set up a call or an in-person meeting with the intent to record and publish the interaction,” Lord wrote Wednesday. It wasn’t clear if the actor or actors behind the impersonation successfully interacted with staffers at the campaigns they contacted. “If you receive any emails from a domain that you do not recognize or think is suspicious, please […]

The post DNC tells campaigns to be wary of contact from fake Sanders team account appeared first on CyberScoop.

Continue reading DNC tells campaigns to be wary of contact from fake Sanders team account→

Cyber-espionage campaign in Middle East, Europe picked up speed after Soleimani killing

Posted on February 26, 2020 by Shannon Vavra

Iran-linked hackers have been running spearphishing email campaigns against governmental organizations in Turkey, Jordan and Iraq in recent months in a likely effort to gather intelligence, according to research published Wednesday by Dell Secureworks. Most of the targeting, which Secureworks assesses to be focused on espionage, began before the U.S. military killed Qassem Soleimani, the leader of the Iran’s Quds Force, in Baghdad early January. But Alex Tilley, a senior researcher for Secureworks, told CyberScoop the spearphishing activity has increased since the killing. The research appears to align with information the FBI shared with industry in January, when it warned of an increase in Iranian “cyber reconnaissance activity.” The alert highlighted that Iranian hackers could be zeroing in on the defense industrial base, government agencies, academia and nongovernmental organizations. The campaign Secureworks’ Counter Threat Unit (CTU) has observed, with activity from mid-2019 to mid-January of 2020, has also targeted intergovernmental organizations and unknown entities in […]

The post Cyber-espionage campaign in Middle East, Europe picked up speed after Soleimani killing appeared first on CyberScoop.

Continue reading Cyber-espionage campaign in Middle East, Europe picked up speed after Soleimani killing→

Russian interference in 2016 election allowed for better information sharing, top DHS cyber official says

Posted on February 25, 2020 by Shannon Vavra

There was a time when the National Security Agency and the Department of Homeland Security primarily kept to themselves when it came to information sharing. That time is in the past. Two top government cybersecurity officials — Director of DHS’s Cybersecurity and Infrastructure Security Agency (CISA), Chris Krebs, and Anne Neuberger, the director of the NSA’s Cybersecurity Directorate — said Monday that information sharing and collaboration on cybersecurity issues has dramatically improved in recent years. “I really honestly think four-to-five years ago having a CISA … or NSA person sitting next to each other talking about how great things are — you would think you were in a really bizarre time,” Krebs said while speaking at San Francisco CyberTalks, an event produced by CyberScoop. “I don’t think we really had as close a partnership as it could have been.” Why has the relationship improved? Krebs said he attributes the bolstered collaboration between […]

The post Russian interference in 2016 election allowed for better information sharing, top DHS cyber official says appeared first on CyberScoop.

Continue reading Russian interference in 2016 election allowed for better information sharing, top DHS cyber official says→

Sanders informed that Russia is trying to help his campaign

Posted on February 21, 2020 by Shannon Vavra

U.S. officials have informed Sen. Bernie Sanders, I-Vt., that Russia is trying to boost his presidential campaign as part of a broader effort to interfere in the 2020 presidential elections and the crowded Democratic field. It was not clear what the assistance, first reported by The Washington Post, entailed. Sanders confirmed the news Friday, telling reporters in Nevada he had learned about Russian interference in his campaign approximately one month ago. “I don’t care, frankly, who Putin wants to be president. My message to Putin is clear: stay out of American elections, and as president I will make sure that you do,” Sanders said in a statement emailed to CyberScoop. “Unlike Donald Trump, I do not consider Vladimir Putin a good friend. He is an autocratic thug who is attempting to destroy democracy and crush dissent in Russia. Let’s be clear, the Russians want to undermine American democracy by dividing us up […]

The post Sanders informed that Russia is trying to help his campaign appeared first on CyberScoop.

Continue reading Sanders informed that Russia is trying to help his campaign→

Russia is planning to interfere in 2020 presidential election: report

Posted on February 21, 2020 by Shannon Vavra

Russia is working to interfere in the 2020 presidential election in an effort to get President Donald Trump re-elected, according to a briefing delivered to the House Intelligence Committee last week. According to a report in the The New York Times, the briefing detailed evidence that Moscow is trying to duplicate its efforts during the 2016 presidential elections, where Russia developed a “clear preference” for Trump and sought to “denigrate” the candidacy of the potential Democratic nominee. The briefing, delivered by the Office of the Director of National Intelligence’s election security lead Shelby Pierson, reportedly upset Trump because he suspected Democratic committee members would use the information against him, according to the Times and The Washington Post. Trump mistakenly thought that the information was supplied exclusively to Rep. Adam Schiff, D-Calif., despite the fact that multiple committee members from both parties were briefed. Trump was so infuriated by the briefing […]

The post Russia is planning to interfere in 2020 presidential election: report appeared first on CyberScoop.

Continue reading Russia is planning to interfere in 2020 presidential election: report→

In rare move, State Department calls out Russia for attacks on Georgia last year

Posted on February 20, 2020 by Shannon Vavra

In a rare public announcement, the State Department is formally blaming Russian intelligence for a cyber incident that disrupted thousands of websites in Georgia last year. The incident, carried out by the Russian General Staff Main Intelligence Directorate (GRU) last October, according to Secretary of State Mike Pompeo, disrupted and defaced thousands of Georgian government websites and the broadcast of two television stations. “This action contradicts Russia’s attempts to claim it is a responsible actor in cyberspace and demonstrates a continuing pattern of reckless Russian GRU cyber operations against a number of countries,” Pompeo said in a statement Thursday. “These operations aim to sow division, create insecurity, and undermine democratic institutions.” Thursday’s announcement was the first time the U.S. government connected the GRU to the hacking group known as Sandworm. The U.S. government has previously said Sandworm was responsible for the NotPetya worm and Olympic Destroyer attacks. The rare reprimand […]

The post In rare move, State Department calls out Russia for attacks on Georgia last year appeared first on CyberScoop.

Continue reading In rare move, State Department calls out Russia for attacks on Georgia last year→

CrowdStrike’s co-founder steps down to launch nonprofit

Posted on February 19, 2020 by Shannon Vavra

Dmitri Alperovitch, CrowdStrike’s chief technology officer and co-founder, has left the company to launch a nonprofit. The organization will be a nonpartisan “policy accelerator,” Alperovitch said in a tweet Wednesday. Under Alperovitch’s leadership, CrowdStrike has gained notoriety for attributing the 2016 Democratic National Committee breach to two Russian APT groups, known as Cozy Bear and Fancy Bear. In recent months, the company has dealt with accusations from President Donald Trump that CrowdStrike had participated in a coverup of the breach. That theory, which has been debunked, came to light last year when a memorandum about a phone call between Trump and Ukrainian president Volodymyr Zelenskiy became public. That call would later become central to the House of Representatives impeachment of Trump in December 2019. The company, which provides endpoint protection, incident response, and conducts threat intelligence research, went public on the Nasdaq last year. Since then, stock prices have been near flat, although CrowdStrike shares lost […]

The post CrowdStrike’s co-founder steps down to launch nonprofit appeared first on CyberScoop.

Continue reading CrowdStrike’s co-founder steps down to launch nonprofit→

Chinese-linked hacking group using Windows backdoors to go after gambling industry targets

Posted on February 18, 2020 by Shannon Vavra

A nation-state actor that has links with Chinese hackers is exploiting two new backdoors to run a cyber-espionage campaign against gambling entities in Southeast Asia, according to Trend Micro research. The new activity, which is also reportedly occurring in Europe and the Middle East, was first unearthed last year when cybersecurity consultancy Talent-Jump Technologies found a Microsoft Windows backdoor and contacted Trend Micro while conducting incident response for a company based in the Philippines. Upon further investigation, it wasn’t immediately clear if the group itself, which Trend Micro has dubbed “DRBControl,” is a newcomer, according to Trend Micro researchers Daniel Lunghi, Cedric Pernet, Kenney Lu, and Jamz Yaneza. Based on DRBControl’s techniques and malware, there are some connections with Chinese-linked APT 27. That threat group is known for its targeting in the aerospace, government, defense, technology, and energy industries. DRBControl may also be tied to Winnti group, according to Trend Micro’s […]

The post Chinese-linked hacking group using Windows backdoors to go after gambling industry targets appeared first on CyberScoop.

Continue reading Chinese-linked hacking group using Windows backdoors to go after gambling industry targets→