Tim Starks – Page 54 – WindowsTechs.com

Hacking group exploited SonicWall zero-day for ransomware attacks, FireEye says

Posted on April 29, 2021 by Tim Starks

A hacking group exploited a SonicWall zero-day software flaw before a fix was available in order to deploy a previously unreported ransomware strain, FireEye researchers said Thursday. The disclosure of the ransomware comes one week after FireEye revealed three previously unknown vulnerabilities in SonicWall’s email security software. But the latest hacking tool emerges from an earlier zero-day found in SonicWall’s mobile networking gear. Mandiant, FireEye’s incident response unit, dubbed the malware FiveHands, which bears similarities to another hacking tool, dubbed HelloKitty, that attackers deployed against a video game company. The security firm linked it to a group they call UNC2447. “UNC2447 monetizes intrusions by extorting their victims first with FIVEHANDS ransomware followed by aggressively applying pressure through threats of media attention and offering victim data for sale on hacker forums,” reads a blog post from the company. “UNC2447 has been observed targeting organizations in Europe and North America and has […]

The post Hacking group exploited SonicWall zero-day for ransomware attacks, FireEye says appeared first on CyberScoop.

Continue reading Hacking group exploited SonicWall zero-day for ransomware attacks, FireEye says→

Deepfakes advertised on underground markets, signaling possible shift, Recorded Future says

Posted on April 29, 2021 by Tim Starks

Malicious use of manipulated visual and audio files — technology known as deepfakes — is swiftly migrating toward crime and influence operations, according to findings published Thursday. Threat intelligence company Recorded Future pointed to a recent surge in such activities and a burgeoning underground marketplace that could spell trouble for individuals and companies that use tools like facial identification technology as part of multi-factor authentication. The report mirrors similar conclusions from an FBI alert last month warning that nation-backed hackers would themselves begin using deepfakes more frequently for cyber operations as well as misinformation and disinformation. “We believe that threat actors have begun to advertise customized deepfake services that are directed at threat actors interested in bypassing security measures and to facilitate fraudulent activities, specifically fake voices and facial recognition,” the company’s Insikt Group wrote in a blog post. Recorded Future’s work focuses more on that development in the criminal […]

The post Deepfakes advertised on underground markets, signaling possible shift, Recorded Future says appeared first on CyberScoop.

Continue reading Deepfakes advertised on underground markets, signaling possible shift, Recorded Future says→

Do credit monitoring and ID protection services do much for breach victims?

Posted on April 27, 2021 by Tim Starks

It has become a staple for companies that are hit by big data breaches: extending free crediting monitoring and identity protection services to customers whose sensitive personal information is at risk. There’s nothing wrong with companies doing that, say consumer advocates — but those advocacy groups also say breached companies can do much, much better. The latest company to get hit by hackers and then offer credit monitoring or identity protection services, Geico, last week outlined a package that’s a little improved above the usual versions, one advocate said. These existing services seem to offer help, yet in some cases that benefit is limited and in others it’s difficult to measure their effectiveness. But overall, there’s little incentive for companies to offer improved redress, consumer advocacy groups contend. “Most breached entities go with credit monitoring because it’s a relatively inexpensive thing for someone to contract with to provide,” said Susan […]

The post Do credit monitoring and ID protection services do much for breach victims? appeared first on CyberScoop.

Continue reading Do credit monitoring and ID protection services do much for breach victims?→

Turnabout: It looks like phone-cracking company Cellebrite had its own vulnerabilities exposed

Posted on April 21, 2021 by Tim Starks

“Snoop onto them… as they’d snoop onto us.” Moxie Marlinspike, founder of the encrypted messaging app Signal, revealed on Wednesday what he said were vulnerabilities in software that the company Cellebrite uses to break into encrypted phones. To accompany a blog post on what Marlinspike and his team of researchers learned, Signal produced a demonstration video featuring the above line of dialogue from the movie “Hackers.” In a blog post evidently dripping with sarcasm, Marlinspike detailed how he obtained the latest version of the company’s software, named UFED and Physical Analyzer, when he saw a small package fall off the back of a truck, prompting some digital probing. The vulnerabilities would amount to an ironic turn for Cellebrite, which makes its money hacking into smartphones. Its customer base includes the U.S. government and some authoritarian regimes, although the Israeli company recently announced it would stop doing business with Russia or […]

The post Turnabout: It looks like phone-cracking company Cellebrite had its own vulnerabilities exposed appeared first on CyberScoop.

Continue reading Turnabout: It looks like phone-cracking company Cellebrite had its own vulnerabilities exposed→

Facebook tackles hacking groups with apparent ties to Palestine, Hamas

Posted on April 21, 2021 by Tim Starks

Facebook on Wednesday detailed steps it took to counter two groups of alleged Palestinian hackers, one with suspected ties to the Palestinian state and another reportedly linked to the Hamas militant group. The hackers linked to Preventive Security Service (PSS), the Palestinian Authority’s internal intelligence organization, targeted victims primarily in the Palestinian territories and Syria, Facebook said. To a lesser degree, they targeted Turkey, Iraq, Lebanon and Libya. Those attackers went after groups and individuals seemingly viewed as a threat to the Fatah-led government, including journalists, dissidents and human rights activists. They also also aimed at military organizations such as the Syrian opposition and Iraqi military, Facebook said. The alleged Hamas-linked hackers, dubbed Arid Viper, by contrast, targeted victims associated with the Palestinian Authority, government organizations and backers of the Fatah-led government, Facebook said. Facebook periodically conducts takedowns of hacking-related activity, most recently related to a campaign that targeted Uighurs […]

The post Facebook tackles hacking groups with apparent ties to Palestine, Hamas appeared first on CyberScoop.

Continue reading Facebook tackles hacking groups with apparent ties to Palestine, Hamas→

‘Gamaredon’ hackers target Ukrainian officials amid rising Russian tensions

Posted on April 19, 2021 by Tim Starks

Russian hackers have a long history of going after organizations in Ukraine, but one group especially has tunnel vision for the former Soviet republic. And recently, it looks like those hackers returned with a new campaign targeting Ukrainian government officials, threat researchers say. Gamaredon — also known as Primitive Bear — is behind the malicious cyber activity, Anomali concluded with “high confidence” in research shared with CyberScoop in advance of its publication. The campaign first appeared in January and ran through at least mid-March, Anomali said. Publication of the research coincides with escalating tensions between the two nations, with a Russian troop buildup along the Ukrainian border. “This one is interesting because the alignment of real world events is just another indication of potential hybrid warfare that Russia is known to engage in,” said Gage Mele, lead cyber threat intelligence analyst at Anomali. It caps a busy period for Gamaredon, […]

The post ‘Gamaredon’ hackers target Ukrainian officials amid rising Russian tensions appeared first on CyberScoop.

Continue reading ‘Gamaredon’ hackers target Ukrainian officials amid rising Russian tensions→

A push for cybersecurity philanthropic giving launches

Posted on April 16, 2021 by Tim Starks

Over nearly a decade, cybersecurity-related philanthropic giving has constituted a fraction of one percent of the billions of dollars devoted to peace and security causes. An open letter Friday signed by trade associations, non-profits, charitable foundations, think tanks and well-known cybersecurity professionals aims to change that trend as part of what could be a series of future steps. “We believe that private philanthropy is ideally suited to support the development of an emerging field of theorists and practitioners across cybersecurity domains,” reads the letter. “Anyone who cares about national security, innovation, economic development, personal privacy, or civil liberties should care about cybersecurity. Private philanthropy is a critical missing piece to meet this urgent need.” The William Flora and Hewlett Foundation, Craig Newmark Philanthropies, and Gula Tech Foundation led the effort to organize the letter, signed by 30 different organizations and individuals. They include former White House cyber coordinator and current […]

The post A push for cybersecurity philanthropic giving launches appeared first on CyberScoop.

Continue reading A push for cybersecurity philanthropic giving launches→

Banking organizations dub proposed US cyber notification regulation ‘burdensome’

Posted on April 13, 2021 by Tim Starks

Banking groups have objected to elements of a proposed U.S. cyber incident notification rule, saying that its threshold for mandatory disclosure of such events to regulators is overly broad and would lead to over-reporting of incidents. Under the proposed regulation from the Treasury Department and other regulators, banks would have to notify their regulators within 36 hours of certain kinds of attacks, and bank service providers would have to notify their customers of particularly damaging incidents as well. “While we support the policy goals of the proposed rule, we believe that, as currently drafted, the proposed rule calls for notification of incidents well below the intended threshold of critical cybersecurity incidents,” wrote the American Bankers Association, Bank Policy Institute, Institute of International Bankers, and the Securities Industry and Financial Markets Association. “As a result, the proposed rule would lead to significant and burdensome over-reporting to the Agencies, contrary to its […]

The post Banking organizations dub proposed US cyber notification regulation ‘burdensome’ appeared first on CyberScoop.

Continue reading Banking organizations dub proposed US cyber notification regulation ‘burdensome’→