Shannon Vavra – Page 37 – WindowsTechs.com

NSA director rebukes Beijing for ‘weaponizing’ disinformation in Hong Kong protests

Posted on October 9, 2019 by Shannon Vavra

The National Security Agency’s director issued a rebuke Wednesday of the Chinese government’s recent efforts to spread disinformation online about protests in Hong Kong focused on a controversial Chinese law. “The Chinese government has subverted pro-Democratic demonstrators with fake social media posts, providing us a snapshot of how Beijing weaponizes information,” Gen. Paul Nakasone said while delivering remarks at FireEye’s Cyber Defense Summit in Washington, D.C. As Hong Kong protesters have taken to the streets in recent months to protest proposals on Hong Kong’s extradition laws, China’s government has waged an information campaign on social media platforms to try shaping the narrative in favor of the police. In one instance, Beijing’s state press arm bought ads on Twitter critical of the protests. Twitter then said there was “reliable evidence” that the Chinese government was behind nearly 1,000 Twitter accounts trying to insert political discord about the protests. That same month, […]

The post NSA director rebukes Beijing for ‘weaponizing’ disinformation in Hong Kong protests appeared first on CyberScoop.

Continue reading NSA director rebukes Beijing for ‘weaponizing’ disinformation in Hong Kong protests→

Trump administration looks to throttle Chinese surveillance companies’ business with U.S.

Posted on October 8, 2019 by Shannon Vavra

The U.S. Commerce Department made moves Monday to limit the activities of eight Chinese companies in the U.S., citing human rights abuses and surveillance against Uighurs and other Chinese Muslim minorities. The department said it is adding the companies to its Entity List, which identifies people, businesses or other organizations for “engaging in activities contrary to U.S. national security and/or foreign policy interests.” Although the department names human rights abuses as the primary concern in its latest action, some of the eight companies have also come under federal scrutiny in recent months for security issues. Just two months ago the Trump administration issued a rule to bar federal purchases of telecommunications equipment from two of the companies added to the list this week, Hangzhou Hikvision Digital Technology Co. Ltd., a former Chinese government research arm, and Dahua Technology. Those earlier moves were done in accordance with the 2019 National Defense Authorization Act. Another company added to the Entity List this week, Xiamen […]

The post Trump administration looks to throttle Chinese surveillance companies’ business with U.S. appeared first on CyberScoop.

Continue reading Trump administration looks to throttle Chinese surveillance companies’ business with U.S.→

U.S., UK, Australia to ask Facebook to delay message encryption

Posted on October 3, 2019 by Shannon Vavra

The fight between law enforcement and tech companies over encryption is about to enter another round. The U.S. government, along with the support of Australia and the U.K., has written a letter asking Facebook CEO Mark Zuckerberg to delay adding encryption to its messaging services until the company can ensure that the security feature won’t be a detriment to public safety. The letter, a copy of which has been seen by CyberScoop, is signed by U.S. Attorney General William Barr and U.S. Secretary of Homeland Security Kevin McAleenan. U.K. Home Secretary Priti Patel and Australian Minister for Home Affairs Peter Dutton have also reportedly signed the letter. The letter, dated Oct. 4, states that if Facebook adds encryption by default to its messaging services, it will hinder law enforcement’s ability to find illegal activity that takes place on the services. BuzzFeed News was the first to report on the letter’s […]

The post U.S., UK, Australia to ask Facebook to delay message encryption appeared first on CyberScoop.

Continue reading U.S., UK, Australia to ask Facebook to delay message encryption→

Chinese-linked hacking group gets crafty to avoid detection

Posted on October 2, 2019 by Shannon Vavra

Over the last several months, Chinese-linked hackers have been targeting a Southeast Asian government using simple spearphishing emails and hundreds of malicious documents with a focus on consistently changing their tactics to avoid detection, according to Check Point research. The most noteworthy part of the hackers’ months-long campaign is their perpetually changing tactics, according to Michael Abramzon, the cyber research team lead at Check Point. While watching the group over the last seven months, it has been consistently able to install PowerShell-based backdoors onto victim machines via spearphishing emails laced with malicious documents. The group, known as Rancor group, used different delivery methods and payloads in order to do so every couple of months. In December, the group was sending documents to victims containing a macro code that eventually downloaded a malicious installer (an MSI payload) from the group’s server, which then installed a PowerShell script. But between January and March, […]

The post Chinese-linked hacking group gets crafty to avoid detection appeared first on CyberScoop.

Continue reading Chinese-linked hacking group gets crafty to avoid detection→

NSA’s reverse engineering tool Ghidra impacted by a bug — but there’s no need to panic

Posted on October 1, 2019 by Shannon Vavra

The National Security Agency’s open source reverse engineering tool, Ghidra, is impacted by a vulnerability, but security experts — including those at the NSA familiar with Ghidra — tell CyberScoop it would be pretty difficult to be attacked via the vulnerability if you know how to reverse engineer malware. The vulnerability, CVE-2019-16941, would allow hackers to compromise exposed systems when Ghidra’s experimental mode is running, according to the bug announcement from the National Institute of Standards and Technology. In theory, this vulnerability would allow arbitrary code to be executed against a Ghidra user if a malicious XML document — a plain text file often used to store data — is introduced. But that introduction is unlikely to happen because running these kinds of files through Ghidra would be pretty unusual, researchers told CyberScoop. “These files are not normally shared among users and not normally part of the distribution,” the NSA […]

The post NSA’s reverse engineering tool Ghidra impacted by a bug — but there’s no need to panic appeared first on CyberScoop.

Continue reading NSA’s reverse engineering tool Ghidra impacted by a bug — but there’s no need to panic→

U.S. Treasury sanctions Russian financier for 2018 election interference attempt

Posted on September 30, 2019 by Shannon Vavra

The U.S. Treasury announced Monday it is sanctioning Yevgeniy Prigozhin, the Russian financier and six Russian operatives behind the Russian troll farm Internet Research Agency that sought to interfere in both the 2016 and 2018 elections. “Treasury is targeting the private planes, yacht, and associated front companies of Yevgeniy Prigozhin, the Russian financier behind the Internet Research Agency and its attempts to subvert American democratic processes,” Treasury Secretary Steve Mnuchin said in a statement. “Free and fair elections are the cornerstone of American democracy, and we will use our authorities against anyone seeking to undermine our processes and subversively influence voters.” Specifically, the Treasury Office of Foreign Assets Control is sanctioning three aircraft and four entities associated with Prigozhin. It is also designating six IRA members, Dzheykhun Nasimi Ogly Aslanov, Mikhail Leonidovich Burchik, Vadim Vladimirovich Podkopaev , Vladimir Dmitriyevich Venkov, Igor Vladimirovich Nesterov, and Denis Igorevich Kuzmin, four of whom […]

The post U.S. Treasury sanctions Russian financier for 2018 election interference attempt appeared first on CyberScoop.

Continue reading U.S. Treasury sanctions Russian financier for 2018 election interference attempt→

Former U.S. Army contractor sentenced to prison for destroying IT system

Posted on September 27, 2019 by Shannon Vavra

A federal contractor who worked on a U.S. Army IT system was sentenced to two years in prison on Friday for illegally accessing his employer’s network, stealing servers and proprietary information, and causing damage that resulted in more than $1 million in losses. Barrence Anthony, 40, worked for Federated IT, a federal contractor that provides IT services to government agencies. In this case, Federated IT provided services to the Office of the Army‘s Chaplain Corps, according to an affidavit obtained by CyberScoop. Federated IT was specifically working on building and managing a SharePoint instance for the corps hosted on Amazon Web Services. According to the affidavit, Anthony accessed the AWS instance on which the corps system was located after his employment was terminated on Dec. 8, 2016. Shortly thereafter, Anthony made backup versions of the system and moved the duplicates to his own AWS account. Later that night, Anthony logged back into […]

The post Former U.S. Army contractor sentenced to prison for destroying IT system appeared first on CyberScoop.

Continue reading Former U.S. Army contractor sentenced to prison for destroying IT system→

Research outs poorly constructed disinfo campaign aimed at Hong Kong protests

Posted on September 26, 2019 by Shannon Vavra

Hackers that appear to be acting in the interest of China’s government have been hijacking and using fake accounts on Facebook, Twitter, and YouTube to push narratives denigrating the Hong Kong protests, according to research from Graphika. Named “Spamouflage Dragon,” the people behind the campaign attempted to avoid detection algorithms by posting a small amount of political content interspersed with higher volumes of spam, such as cats, TikTok videos, pictures of landscapes, or sports. Twitter and Facebook accounts in the spam network have also been interspersing political posting with inspirational quotes, food, and travel. The sweeping, cross-platform campaign, which Graphika assesses is still active and which tends to focus on promoting YouTube videos, appears to have been in operation for years, although it largely went silent in 2017. In June as the Hong Kong protests against China’s controversial extradition law gained traction, the spam network started up again, with accounts, […]

The post Research outs poorly constructed disinfo campaign aimed at Hong Kong protests appeared first on CyberScoop.

Continue reading Research outs poorly constructed disinfo campaign aimed at Hong Kong protests→

Why did President Trump mention CrowdStrike to the Ukrainian president?

Posted on September 25, 2019 by Shannon Vavra

During a controversial phone call between President Donald Trump and Ukrainian President Volodymyr Zelenskiy in July, Trump asked Zelensky for a “favor” to help locate a “server” linked with security company CrowdStrike, according to an unclassified transcript of the call released Wednesday. “I would like you to do us a favor though because our country has been through a lot and Ukraine knows a lot about it. I would like you to find out what happened with this whole situation with Ukraine, they say Crowdstrike … I guess you have one of your wealthy people … The server, they say Ukraine has it,” Trump said, according the document released by the White House. “I think you’re surrounding yourself with some of the same people. I would like to have the [U.S.] Attorney General [William Barr] call you or your people and I would like you to get to the bottom […]

The post Why did President Trump mention CrowdStrike to the Ukrainian president? appeared first on CyberScoop.

Continue reading Why did President Trump mention CrowdStrike to the Ukrainian president?→

World powers are pushing to build their own brand of cyber norms

Posted on September 24, 2019 by Shannon Vavra

The race to establish what states can and can’t do in cyberspace — an effort that has been largely stalled for the past couple of years — is back on. The United States and 26 other nations on Monday kicked off the United Nations General Assembly in New York by issuing a statement that called out both state and non-state actors for targeting critical infrastructure during peacetime, interfering in politics, and conducting intellectual property theft. They also called for costs to be imposed on those that seek to undermine established cyber norms. “State and non-state actors are using cyberspace increasingly as a platform for irresponsible behavior from which to target critical infrastructure and our citizens, undermine democracies and international institutions and organizations, and undercut fair competition in our global economy by stealing ideas when they cannot create them,” reads the joint statement. “We call on all states to support the […]

The post World powers are pushing to build their own brand of cyber norms appeared first on CyberScoop.

Continue reading World powers are pushing to build their own brand of cyber norms→