Tim Starks – Page 37 – WindowsTechs.com

Treasury sanctions Ukrainian officials over operations for Russian FSB

Posted on January 20, 2022 by Tim Starks

The U.S. Treasury Department on Thursday sanctioned four current and former Ukrainian government officials for allegedly supporting Russian influence operations to destabilize Ukraine, including one who gathered information on Ukraine’s critical infrastructure, a frequent target of Kremlin cyberattacks. Taras Kozak and Oleh Voloshyn — two active members of parliament — acted at the behest of the Russian Federal Security Service (FSB), Treasury said, as did former Ukrainian officials Vladimir Sivkovich and Volodymyr Oliynyk. “In 2021, Oliynyk worked at the direction of the FSB to gather information about Ukrainian critical infrastructure,” the department explained. “As in previous Russian incursions into Ukraine, repeated cyber operations against Ukraine’s critical infrastructure are part of Russia’s hybrid tactics to threaten Ukraine.” Ukrainian officials are already in the midst of blaming Russia for cyberattacks last week on its government agencies. While Treasury delivered the sanctions one day after President Joe Biden predicted Russia would invade Ukraine, […]

The post Treasury sanctions Ukrainian officials over operations for Russian FSB appeared first on CyberScoop.

Continue reading Treasury sanctions Ukrainian officials over operations for Russian FSB→

Congressional cyber heavyweights Langevin, Katko won’t seek reelection

Posted on January 18, 2022 by Tim Starks

In the span of a few days, two House members who have concentrated much of their energy on cybersecurity — and perhaps just as importantly, on working across the aisle on the issue — have announced their plans to depart Congress. Rep. Jim Langevin, D-R.I., said on Tuesday that he would not run for reelection in 2022. Rep. John Katko, R-N.Y., made his own announcement on Friday. Matt Masterson, a former election security official at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, called the exit of Langevin and Katko “tough” and “a big loss.” “These are two members of Congress that have both employed staff and taken the time themselves to understand the technical challenges and nuances that are part of this conversation about cybersecurity,” said Masterson, now a nonresident policy fellow with the Stanford Internet Observatory. “You have a Republican and a Democrat, both who recognized […]

The post Congressional cyber heavyweights Langevin, Katko won’t seek reelection appeared first on CyberScoop.

Continue reading Congressional cyber heavyweights Langevin, Katko won’t seek reelection→

Cyberattacks on Ukrainian websites come into clearer focus as Russia tensions escalate

Posted on January 18, 2022 by Tim Starks

Cybersecurity researchers shed additional light over the weekend on the cyberattacks that disabled Ukrainian government websites, as Kyiv pointed to Russia as the culprit. Microsoft and ESET both shared details on the nature of the malware that took the Ukrainian sites down. Microsoft “assesses that the malware, which is designed to look like ransomware but lacking a ransom recovery mechanism, is intended to be destructive and designed to render targeted devices inoperable rather than to obtain a ransom,” the company wrote in a blog post Saturday. However, Microsoft said it couldn’t yet attribute who was behind the malware, labeled WhisperGate. The Department of Homeland Security’s Cybersecurity and Infrastructure Agency recommended that network defenders review the Microsoft blog post, suggesting the possibility that the attacks could spread to include other targets. ESET on Sunday elaborated further, saying that the malware the attackers contained code “commonly used by commodity e-crime malware.” “It […]

The post Cyberattacks on Ukrainian websites come into clearer focus as Russia tensions escalate appeared first on CyberScoop.

Continue reading Cyberattacks on Ukrainian websites come into clearer focus as Russia tensions escalate→

Ransomware isn’t always about gangs making money. Sometimes it’s about nations manufacturing mayhem.

Posted on January 18, 2022 by Tim Starks

Ransomware is fundamentally about reaping massive profits from victims — payments were on pace to cross the billion-dollar threshold in 2021, according to the U.S. government — but there are signs foreign government-connected groups are increasingly moving into a territory dominated by criminal gangs, and for an entirely different motive: namely, causing chaos. Research that Microsoft and cybersecurity company CrowdStrike recently publicized separately concluded that Iranian hackers tied to Tehran had been conducting ransomware attacks that weren’t about making money, but instead disrupting their enemies. It echoed research from last spring and summer by FlashPoint and SentinelOne, respectively. When disruptive ransomware pays off, those who have studied the phenomenon say, it can embarrass victims. It can be used to steal data and leak sensitive information the public. It can lock up systems, disabling targets. And given the prominence of ransomware, it’s another method that foreign intelligence and military agencies can use […]

The post Ransomware isn’t always about gangs making money. Sometimes it’s about nations manufacturing mayhem. appeared first on CyberScoop.

Continue reading Ransomware isn’t always about gangs making money. Sometimes it’s about nations manufacturing mayhem.→

FBI shifting cybercrime focus from arrests, indictments to payment seizures, incident response

Posted on January 13, 2022 by Tim Starks

In 2022, the FBI is looking to approach cybercrime differently. During separate public appearances on Thursday, two FBI officials said the bureau was going to change up how it deals with computer intrusions. “The FBI specifically is moving away from an indictment- and arrest-first model into the totality of imposing costs on our adversaries, and we’re making tremendous progress there,” said Bryan Vorndran, assistant director of the FBI’s cyber division. “There is a right time for indictments and arrests and certainly one of our goals to take players off the field. But at the end of the day, we’re a team member first before we’re prioritizing our own authorities.” Vorndran, speaking at an event hosted by the Silverado Policy Accelerator, touted the FBI’s workforce around the country and the skills they can bring to bear. “That decentralized workforce is a huge strength for our government, especially given the FBI statutory […]

The post FBI shifting cybercrime focus from arrests, indictments to payment seizures, incident response appeared first on CyberScoop.

Continue reading FBI shifting cybercrime focus from arrests, indictments to payment seizures, incident response→

Belarus: Cyber upstart, or Russian staging ground?

Posted on January 13, 2022 by Tim Starks

As the prospect of further Russian aggression in Ukraine looms, the Biden administration is concerned about Russian cyber operations against the U.S. and its allies. Yet as the White House engages with Moscow and builds out plans around these risks, it must watch an overlooked development in Russia’s near-abroad: growing cyber integration between Belarus and the Kremlin. In November 2021, Mandiant published a report assessing with “high confidence” that the UNC1151 cyber group, which assisted the longstanding “Ghostwriter” campaign — stealing government credentials and spreading disinformation in Europe — is linked to the Belarusian government. It also assessed with “moderate confidence” that Belarus “is also likely at least partially responsible for the Ghostwriter campaign.” Significantly, the report’s authors added: “We cannot rule out Russian contributions to either UNC1151 or Ghostwriter.” The report raises the prospect that Belarus is engaged in cyber-enabled influence operations abroad, and the authors explicitly say that Moscow’s […]

The post Belarus: Cyber upstart, or Russian staging ground? appeared first on CyberScoop.

Continue reading Belarus: Cyber upstart, or Russian staging ground?→

White House hosts open-source software security summit in light of expansive Log4j flaw

Posted on January 13, 2022 by Tim Starks

Tech giants and federal agencies will meet at the White House on Thursday to discuss open-source software security, a response to the widespread Log4j vulnerability that’s worrying industry and cyber leaders. Among the attendees are companies like Apple, Facebook and Google, as well as the Apache Software Foundation, which builds Log4j, a ubiquitous open-source logging framework for websites. “Building on the Log4j incident, the objective of this meeting is to facilitate an important discussion to improve the security of open source software — and to brainstorm how new collaboration could rapidly drive improvements,” a senior administration official said in advance of the meeting. The huddle convenes in light of a vulnerability discovered last month known as Log4Shell that could affect up to hundreds of millions of devices, and as federal officials, businesses and security researchers race to contain the potential fallout. It’s the latest of several Biden White House summits […]

The post White House hosts open-source software security summit in light of expansive Log4j flaw appeared first on CyberScoop.

Continue reading White House hosts open-source software security summit in light of expansive Log4j flaw→

If hackers are exploiting the Log4j flaw, CISA says we might not know yet

Posted on January 10, 2022 by Tim Starks

Federal officials cautioned Monday that, while the widespread Log4j vulnerability hasn’t led to any major known intrusions in the U.S., there could be a “lag” between when the flaw became known, and when attackers exploit it. Cybersecurity and Infrastructure Security Agency Director Jen Easterly said that there were months between the discovery of the vulnerability that led to the 2017 Equifax breach, which exposed the personal information of nearly 150 million Americans, and word of the breach itself, invoking one of the most notable hacks in history. “We do expect Log4j to be used in intrusions well into the future,” Easterly said on a call with reporters. “There may be a lag between when this vulnerability is being used and when it is being actively deployed.” Apache Struts, an open-source tool, was at the center of the Equifax breach, and Apache’s Log4j is a ubiquitous open-source logging tool. Easterly said […]

The post If hackers are exploiting the Log4j flaw, CISA says we might not know yet appeared first on CyberScoop.

Continue reading If hackers are exploiting the Log4j flaw, CISA says we might not know yet→

French privacy regulator slaps Facebook, Google with fines totaling nearly $240M

Posted on January 6, 2022 by Tim Starks

France’s privacy watchdog fined Google nearly $170 million and Facebook almost $70 million on Thursday for making it harder for users to refuse cookies — which store user information — than to accept them. The National Commission on Informatics and Liberty, or CNIL, also ordered Google and Facebook to fix that issue within three months or face daily fines of more than $100,000 from the restricted committee, the CNIL body that handles sanctions. “The restricted committee considered that this process affects the freedom of consent: since, on the Internet, the user expects to be able to quickly consult a website, the fact that they cannot refuse the cookies as easily as they can accept them influences their choice in favor of consent,” the CNIL wrote. That puts the two companies in violation of the French Data Protection Act, the commission said. On Facebook, YouTube and Google sites, one click can […]

The post French privacy regulator slaps Facebook, Google with fines totaling nearly $240M appeared first on CyberScoop.

Continue reading French privacy regulator slaps Facebook, Google with fines totaling nearly $240M→

Portuguese media empire struck in the latest cyberattack on news outlets

Posted on January 4, 2022 by Tim Starks

The websites of the top newspaper and TV station in Portugal remained down Tuesday after a cyberattack that began over the weekend, following in a string of recent attacks on media organizations. Impresa Group said its Expresso newspaper and SIC TV stations were the victim of a computer attack. A ransomware group suspected as the culprit, known as Lapsus$, initially defaced the websites with a ransom demand. The outfit also sent tweets from Expresso’s Twitter account to declare itself the president of Portugal, and sent text messages to the news organizations’ customers hyping its success in an apparent bid to pressure its victims into paying. “For safety reasons, we ask that you do not access or forward any of the various communications that are being sent on behalf of the Impresa group brands,” the company said in a Facebook post on Monday. “We continue to take necessary actions and measures […]

The post Portuguese media empire struck in the latest cyberattack on news outlets appeared first on CyberScoop.

Continue reading Portuguese media empire struck in the latest cyberattack on news outlets→