Tim Starks – Page 42 – WindowsTechs.com

OMB orders federal agencies to let CISA access defenses of devices, servers

Posted on October 11, 2021 by Tim Starks

The White House is directing agencies to let the Cybersecurity and Infrastructure Security Agency work with them on their efforts to protect endpoints, such as computer workstations and servers — an area where officials have said the federal government fell short in the SolarWinds hack. The Office of Management and Budget issued a memo on Friday that sets a 90-day deadline for CISA, the main cyber wing of the Department of Homeland Security, to access agencies’ current endpoint detection and response deployments. It then spells out timelines for other steps to improve their endpoint defenses. OMB says the goal is to establish “improved agency capabilities for early detection, response, and remediation of cybersecurity incidents on their networks, using advanced technologies and leading practices.” The memo is an outgrowth of President Joe Biden’s cybersecurity executive order from May. And the focus on endpoints reflects one of the main takeaways from a […]

The post OMB orders federal agencies to let CISA access defenses of devices, servers appeared first on CyberScoop.

Continue reading OMB orders federal agencies to let CISA access defenses of devices, servers→

Emergent ransomware gang FIN12 strikes hospitals, moves quickly against big targets

Posted on October 7, 2021 by Tim Starks

A Russian-speaking ransomware gang in recent months has aggressively targeted North American organizations with more than $300 million in revenue, with a ruthless focus on the health care sector amid the COVID-19 pandemic, according to new findings. The threat intelligence firm Mandiant published details Thursday about a group it calls FIN12, a gang that moves quickly and uses an array of established hacking tools to infiltrate its targets. Over the past year, hackers have kept investigators busy, accounting for 20% of the ransomware incidents that Mandiant has responded to, with the next highest attackers at 5%, according to Kimberly Goody, the company’s director of cyber crime analysis. “They have a significantly higher cadence of attacks from our perspective,” she said. “We also see that, unlike other threat actors, this group has also aggressively pursued victims in critical sectors like health care, even during the pandemic, which had resulted in several actors saying that […]

The post Emergent ransomware gang FIN12 strikes hospitals, moves quickly against big targets appeared first on CyberScoop.

Continue reading Emergent ransomware gang FIN12 strikes hospitals, moves quickly against big targets→

US to increase scrutiny on cryptocurrency, federal contractors in effort to slow hacking

Posted on October 6, 2021 by Tim Starks

U.S. officials unveiled a suite of cybersecurity initiatives Wednesday, from cracking down on illicit cryptocurrency usages to increasing transparency about data breaches, as part of an ongoing White House effort to slow rampant cybercrime. The Justice Department signaled it will increase its focus on illicit use of virtual money, which is frequently used in ransomware attacks, and move to punish federal contractors that hide security incidents. In a separate plan, the Transportation Security Administration this year will require top air and rail transportation companies to report cyberattacks to the government, name an internal cyber chief capable of corresponding about cyber incidents and develop a plan for recovering from attacks. Deputy Attorney General Lisa Monaco unveiled two initiatives: a national cryptocurrency enforcement team and a civil cyber fraud initiative. Ransomware and cryptocurrency are “inexorably linked” because of the anonymity that cryptocurrency payments help afford, Monaco said at the Aspen Cyber Summit. […]

The post US to increase scrutiny on cryptocurrency, federal contractors in effort to slow hacking appeared first on CyberScoop.

Continue reading US to increase scrutiny on cryptocurrency, federal contractors in effort to slow hacking→

Suspected Chinese hackers masqueraded as Indian government to send COVID-19 phishing emails

Posted on October 5, 2021 by Tim Starks

An increasingly active Chinese government-linked hacking group impersonated Indian government agencies with phishing lures related to COVID-19 statistics and tax legislation, researchers say. It was the continuation of a campaign that dates to the earliest days of the pandemic, Blackberry said in a blog post Tuesday. The company tied together several threads of operations by APT41, a joint cyber-espionage and cybercrime organization that investigators have repeatedly tied to Beijing and that Blackberry said was responsible for the India-themed phishing lures. The permutation targeting India preyed on the same fears that hacking groups began seizing on in after the coronavirus outbreak. BlackBerry on Monday didn’t answer questions about the timeframe in which APT41 sent the India-themed lures, what its possible motives were and what industries the emails targeted. “The image we uncovered was that of a state-sponsored campaign that plays on people’s hopes for a swift end to the pandemic as […]

The post Suspected Chinese hackers masqueraded as Indian government to send COVID-19 phishing emails appeared first on CyberScoop.

Continue reading Suspected Chinese hackers masqueraded as Indian government to send COVID-19 phishing emails→

Rep. Katko introduces bill that would prioritize security for key US critical infrastructure

Posted on October 5, 2021 by Tim Starks

The top Republican on the House Homeland Security Committee introduced legislation Tuesday directing the Homeland Security Department’s cyber wing to identify U.S. digital infrastructure that, if attacked, would severely debilitate national security, economic security or public safety. Under the legislation from Rep. John Katko, R-N.Y., DHS’ Cybersecurity and Infrastructure Security Agency would designate the nation’s “systemically important critical infrastructure” (or “SICI”). The legislation also would make it a priority for CISA to lend its protective services, such as continuous monitoring and detection of cybersecurity risks, to the identified owners and operators. It’s an attempt, Katko said, identify which of the 16 sectors currently labeled as critical infrastructure are truly essential. “To mitigate risks to our economic and national security going forward, we need a clear process for identifying which infrastructure constitutes systemically important critical infrastructure,” Katko said in announcing the legislation. “Disruption to this infrastructure — ranging from pipelines to […]

The post Rep. Katko introduces bill that would prioritize security for key US critical infrastructure appeared first on CyberScoop.

Continue reading Rep. Katko introduces bill that would prioritize security for key US critical infrastructure→

Google pushes emergency update for Chrome zero-days, the latest in a hectic year for vulnerabilities

Posted on October 1, 2021 by Tim Starks

Google Chrome has issued emergency updates for two zero-day flaws that attackers are exploiting, the second pair for the browser in a month. It’s been a record year for such flaws, which previously unknown to the vendor. Chrome itself has caught 12 zero-days to date in 2021 compared to eight in all of 2020, according to Google’s Project Zero “0day in the Wild” database, which tracks zero-days. By many measurements, Chrome is the world’s most popular browser, with one report putting its user count at nearly 3.3 billion. That makes it a lucrative target for hackers. There doesn’t appear to be just one answer for the rise in zero-days in 2021, even as more people seem to invest in hacking techniques. Defenders are also improving their own detection skills. “Google is aware the exploits” for the two flaws “exist in the wild,” the company wrote on Thursday. Google otherwise didn’t […]

The post Google pushes emergency update for Chrome zero-days, the latest in a hectic year for vulnerabilities appeared first on CyberScoop.

Continue reading Google pushes emergency update for Chrome zero-days, the latest in a hectic year for vulnerabilities→

‘Almost every nation’ now has cyber vulnerability exploitation program, NSA official says

Posted on September 29, 2021 by Tim Starks

Nearly every country on the planet now has a program to exploit digital vulnerabilities, a top National Security Agency cyber official said Wednesday, and while most are focused on espionage, more are beginning to experiment with more aggressive techniques. Rob Joyce, director of cybersecurity at the NSA, said there’s a lot of focus on China, Iran, North Korea and Russia, but those countries, which he described as the “big four,” are not the only nations weaponizing technology. “Almost every nation in the world now has a cyber exploitation program. The vast majority of those are used for espionage and intelligence purposes,” Joyce said at the Aspen Cyber Summit. “There is interest in dabbling in offensive cyber and outcomes.” Even some smaller nations have proven to be advanced, Joyce said. It’s just that they’re usually more confined in how they pursue their national interests, by things like the amount of money […]

The post ‘Almost every nation’ now has cyber vulnerability exploitation program, NSA official says appeared first on CyberScoop.

Continue reading ‘Almost every nation’ now has cyber vulnerability exploitation program, NSA official says→

NSA, CISA share guidelines for securing VPNs as hacking groups keep busy

Posted on September 28, 2021 by Tim Starks

Cautioning that foreign government-backed hackers are actively exploiting vulnerabilities in virtual private network devices, the National Security Agency and the Department of Homeland Security’s cyber wing on Tuesday published guidelines for securing VPNs. While the advice is broad, the NSA and DHS’ Cybersecurity and Infrastructure Security Agency specifically said it would help protect the Defense Department, national security systems and defense contractors against such advanced persistent threat groups, a term that typically refers to state-sponsored hacking groups. The NSA has specifically warned in the past about Chinese hackers exploiting VPN vulnerabilities, as has CISA, but the history of advanced groups seizing on VPN vulnerabilities is far broader and lengthier. “VPN servers are entry points into protected networks, making them attractive targets,” Rob Joyce, director of cybersecurity at the NSA, said on Twitter. “APT actors have and will exploit VPNs.” In one case, the FBI warned in May about hackers leveraging […]

The post NSA, CISA share guidelines for securing VPNs as hacking groups keep busy appeared first on CyberScoop.

Continue reading NSA, CISA share guidelines for securing VPNs as hacking groups keep busy→

Newly-formed international alliances vow to improve cybersecurity, in moves China sees as affront

Posted on September 27, 2021 by Tim Starks

A coalition of four nations — Australia, India, Japan and the U.S. — has committed to promoting cybersecurity standards and practices as one of their chief goals, in one of several recent moves from countries widely viewed as a counter to China in cyberspace and elsewhere. The group, which calls itself the Quad, held its first in-person gathering on Friday. when President Joe Biden hosted Prime Minister Scott Morrison of Australia, Prime Minister Narendra Modi of India and Prime Minister Yoshihide Suga of Japan at the White House. “Today, we begin new cooperation in cyberspace and pledge to work together to combat cyber threats, promote resilience and secure our critical infrastructure,” the group said in a joint statement. The group will hold more meetings between its leaders and collaborate with industry on improving in areas like the development of secure software, and building up cybersecurity workforces, according to a fact […]

The post Newly-formed international alliances vow to improve cybersecurity, in moves China sees as affront appeared first on CyberScoop.

Continue reading Newly-formed international alliances vow to improve cybersecurity, in moves China sees as affront→

EU takes aim at Russia over ‘Ghostwriter’ hacking campaign against politicians, government officials

Posted on September 24, 2021 by Tim Starks

The European Union formally blamed Russia on Friday, just ahead of this weekend’s German elections, for a hacking campaign targeting EU government officials and politicians. And the EU is threatening to take unspecified action. “The European Union will revert to this issue in upcoming meetings and consider taking further steps,” reads a statement from the high representative of the EU. Known as Ghostwriter, the campaign drawing the EU’s ire has previously taken aim at NATO and launched disinformation efforts as well, according to researchers who have tied its goals to Russian interests but not attributed it to the government. “The European Union and its Member States strongly denounce these malicious cyber activities, which all involved must put to an end immediately,” the EU statement reads. “We urge the Russian Federation to adhere to the norms of responsible state behaviour in cyberspace.” The EU says that Ghostwriter targets in its member […]

The post EU takes aim at Russia over ‘Ghostwriter’ hacking campaign against politicians, government officials appeared first on CyberScoop.

Continue reading EU takes aim at Russia over ‘Ghostwriter’ hacking campaign against politicians, government officials→