Shannon Vavra – Page 43 – WindowsTechs.com

FEC considers whether its legal for campaigns to accept discounted anti-spearphishing services

Posted on June 7, 2019 by Shannon Vavra

In its latest effort to provide cybersecurity companies clarity on whether they can lawfully provide cybersecurity protection to political campaigns for free or at a low-cost, the Federal Election Commission indicated this week it could be close to greenlighting anti-spearphishing services in a case currently before the commission. That tentative conclusion, not guaranteed until the FEC issues a formal advisory opinion, was reached Thursday during a commissioners’ meeting on a request from anti-spearphishing company Area 1 Security. It marked a shift from how the FEC appeared to be leaning on the issue earlier this week. The FEC’s legal team on Monday issued two draft opinions which both recommended blocking Area 1 from providing anti-spearphishing services at a discounted rate over concerns the lower rates would effectively serve as an in-kind contribution that could curry political favor with politicians in the future. Existing campaign finance law bars corporate contributions to campaigns, an issue that has given campaigns reason to pause on signing up […]

The post FEC considers whether its legal for campaigns to accept discounted anti-spearphishing services appeared first on CyberScoop.

Continue reading FEC considers whether its legal for campaigns to accept discounted anti-spearphishing services→

Eyeing IPO, SentinelOne raises $120 million in Series D funding

Posted on June 5, 2019 by Shannon Vavra

SentinelOne announced Wednesday it has raised $120 million in a Series D funding round led by Insight Partners. Samsung Venture Investment Corporation and NextEquity also participated in the round, along with Third Point Ventures, Redpoint Ventures, and Data Collective. The total funding to date for SentinelOne, an endpoint protection company founded in 2013, is now more than $230 million. This news follows last week’s announcement that Insight Partners had acquired threat intelligence firm Recorded Future for $780 million, the highest price ever announced for a company doing threat intelligence work for clients. Insight Partners also had invested in Cylance before it was acquired by Blackberry for $1.4 billion. SentinelOne aims to help companies detect and respond to attacks, and at RSA this year it unveiled an internet of things (IoT) security product, Ranger, which will be shipping later this year to address the growing threats in the IoT space. SentinelOne’s Chief Operating Officer, Nicholas Warner, tells CyberScoop that Insight […]

The post Eyeing IPO, SentinelOne raises $120 million in Series D funding appeared first on CyberScoop.

Continue reading Eyeing IPO, SentinelOne raises $120 million in Series D funding→

Sen. Van Hollen: Government sees no EternalBlue in Baltimore ransomware attack

Posted on June 4, 2019 by Shannon Vavra

A second lawmaker from Maryland now says it doesn’t appear that the ransomware attack in Baltimore relied on a stolen National Security Agency exploit, EternalBlue. “It’s the federal government’s view that EternalBlue was not involved in the ransomware attack in Baltimore City,” Democratic Sen. Chris Van Hollen told CyberScoop on Monday following a briefing on Capitol Hill from NSA officials. The briefing was organized following requests from officials who sought details on whether the government’s own exploit, which was exposed in a 2017 leak from the NSA, had been used in an attack that hobbled Baltimore for weeks. The New York Times reported May 25 that EternalBlue was used to spread the ransomware, known as RobbinHood, across networks in Baltimore and in several other American cities. Van Hollen joined Democratic Rep. Dutch Ruppersberger in his assessment, which was based on a separate briefing from the NSA last week, that the government has determined EternalBlue was not […]

The post Sen. Van Hollen: Government sees no EternalBlue in Baltimore ransomware attack appeared first on CyberScoop.

Continue reading Sen. Van Hollen: Government sees no EternalBlue in Baltimore ransomware attack→

Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack

Posted on May 31, 2019 by Shannon Vavra

Senior National Security Agency officials have no evidence a tool developed by the NSA “played a role” in the ransomware attack on Baltimore, Rep. Dutch Ruppersperger said Friday following a briefing at the agency’s headquarters. Ruppersberger, D-Md., and other officials requested briefings with the agency following a report from The New York Times that the exploit, known as EternalBlue, was used to help spread the RobbinHood ransomware variant across the city’s IT infrastructure. “I have been told that there is no evidence at this time that EternalBlue played a role in the ransomware attack currently affecting Baltimore City,” Ruppersberger said in a statement. “I’m told it was not used to gain access nor to propagate further activity within the network.” A followup briefing with other members of Maryland’s congressional delegation is expected to be held Monday. “It is important that discussions regarding the use of government cyber tools, and subsequent […]

The post Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack appeared first on CyberScoop.

Continue reading Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack→

NSA points to two-year patching window in remarks about Baltimore incident

Posted on May 30, 2019 by Shannon Vavra

In the wake of the Baltimore ransomware attack, a senior adviser at the National Security Agency said Thursday there is no “indefensible” nation-state-built tool that is responsible for the spread of ransomware and network administrators have a responsibility to patch their systems, especially when patches have been released for critical flaws. The comments come after The New York Times reported this past week that RobbinHood, the ransomware strain behind the Baltimore ransomware attack, was able to spread on the city IT infrastructure partly due to its use of a leaked NSA tool known as EternalBlue. The Times report, which cites security experts briefed on the matter, states EternalBlue was discovered as incident response teams fixed the issues that had crippled a number of the city’s online services. “The characterization that there is an indefensible nation-state tool propagating ransomware is simply untrue,” Rob Joyce, a senior adviser at the NSA, said Thursday […]

The post NSA points to two-year patching window in remarks about Baltimore incident appeared first on CyberScoop.

Continue reading NSA points to two-year patching window in remarks about Baltimore incident→

U.S. Cyber Command selects new top deputy for Gen. Nakasone

Posted on May 30, 2019 by Shannon Vavra

Gen. Paul Nakasone, head of U.S. Cyber Command, has selected the organization’s chief of staff as his top deputy, a decision that coincides with an ongoing effort to fortify digital readiness before the next election. Rear Adm. Ross Myers, who began his role as the command’s chief of staff last May, was confirmed by the Senate last week and is now a Vice Admiral and a three-star Deputy Commander. Nakasone, who is both the commander of Cyber Command and the Director of the National Security Agency, promoted Myers on Memorial Day. Myers has previously served as director of plans and policy at Cyber Command. He also served in several roles for the Joint Chiefs of Staff, including as assistant deputy director for Global Operations and executive assistant to vice chairman of the Joint Chiefs of Staff. He also is a career naval aviator. The number two position has been open since earlier this year, […]

The post U.S. Cyber Command selects new top deputy for Gen. Nakasone appeared first on CyberScoop.

Continue reading U.S. Cyber Command selects new top deputy for Gen. Nakasone→

Latest Snowden dump reveals NSA discussed Russian civil targets

Posted on May 30, 2019 by Shannon Vavra

The National Security Agency discussed Russian civil targets, including Russia’s gas and oil sectors, with the Norwegian Intelligence Service (NIS) in 2005, according to the latest release from The Intercept’s SIDToday project. The project, an archive that details some of the documents leaked by former NSA contractor Edward Snowden, reveals that during their annual policy conference that April, the NSA and NIS came to a decision to work on nonmilitary Russian targets. “One highlight of the conference was a decision to begin, in earnest, cooperation on Russian civil targets,” the newsletter, dated June of 2005, reads. “Much of the first day of the [conference] focused on the Russia target, with briefings on the Russian Ministry of Foreign Affairs, Oil and Gas Developments, Leadership, and Strategic Highlights form the Northern Region.” A month prior to the conference, then-NSA Director Gen. Mike Hayden, had provided Norwegian spies details on U.S. capabilities in targeting […]

The post Latest Snowden dump reveals NSA discussed Russian civil targets appeared first on CyberScoop.

Continue reading Latest Snowden dump reveals NSA discussed Russian civil targets→

Middle East-linked social media accounts impersonated U.S. candidates before 2018 elections

Posted on May 28, 2019 by Shannon Vavra

Social media users with ties to Iran are shifting their disinformation efforts by imitating real people, including U.S. congressional candidates, according to research published Tuesday. FireEye’s Threat Intelligence team said it had uncovered Twitter accounts that impersonated Republican congressional candidates in the buildup to the 2018 midterm elections, posting on politics and other topics. In some cases, FireEye suspects the actors were also able to have materials published in U.S. and Israeli media outlets. In a related announcement Tuesday, Facebook announced a takedown of fake accounts on Facebook and Instagram emanating from Iran that appeared to focus on outreach to policymakers. Facebook said the accounts and linked personas at times imitated legitimate news organizations in the Middle East and at other times purported to be journalists. Neither company attributed the information operations directly to the Iranian government, though FireEye said the actors appeared to be advocating for Iranian interests while Facebook and Twitter both […]

The post Middle East-linked social media accounts impersonated U.S. candidates before 2018 elections appeared first on CyberScoop.

Continue reading Middle East-linked social media accounts impersonated U.S. candidates before 2018 elections→

Julian Assange charged with 17 new criminal counts under Espionage Act

Posted on May 23, 2019 by Shannon Vavra

WikiLeaks co-founder Julian Assange has been charged with 17 new criminal counts under the Espionage Act for “unlawfully obtaining” and disclosing national defense information. The indictment, which was issued in the U.S. District Court for the Eastern District of Virginia, concerns documents that he and Wikileaks helped to disclose that former Army Intelligence analyst Chelsea Manning stole from the Department of Defense. Assange was “complicit” and “conspired with” Manning, according a Department of Justice Official, CNBC reports. Some of what WikiLeaks published included names of foreigners, including sources in the Middle East, who were helping U.S. military overseas, which “is alleged to have created imminent risks to the life and liberty,” per the DOJ. The U.S. government unsealed an indictment in April revealing that Assange had been charged for conspiracy to commit computer intrusion in his alleged efforts to help Manning crack a password on a U.S. government computer. Assange, […]

The post Julian Assange charged with 17 new criminal counts under Espionage Act appeared first on CyberScoop.

Continue reading Julian Assange charged with 17 new criminal counts under Espionage Act→

FEC allows Harvard nonprofit to provide free cybersecurity services to campaigns

Posted on May 23, 2019 by Shannon Vavra

The Federal Election Commission has decided that Harvard’s Defending Digital Democracy Project’s non-profit, “Defending Digital Campaigns,” may provide free and low-cost cybersecurity services to political campaigns without violating campaign finance laws, given the fact that there is a “highly unusual and serious threat” posed to U.S. elections by foreign adversaries. The driving force behind the FEC’s advisory opinion, which FEC Chair Ellen Weintraub issued Tuesday, is the fact that there is a “demonstrated, currently enhanced threat of foreign cyberattacks against party and candidate committees,” she writes in the advisory. In the ruling. Weintraub notes the FEC’s decision in partly due to the other efforts by the government, primarily to expose and prosecuting foreign adversaries, has not done enough to protect campaigns and political parties. “[F]oreign cyberattacks, in which the attackers may not have any spending or physical presence in the United States, may present unique challenges to both criminal prosecution and […]

The post FEC allows Harvard nonprofit to provide free cybersecurity services to campaigns appeared first on CyberScoop.

Continue reading FEC allows Harvard nonprofit to provide free cybersecurity services to campaigns→