Tim Starks – Page 55 – WindowsTechs.com

Is Congress finally ready to pass meaningful ransomware legislation?

Posted on March 9, 2021 by Tim Starks

During the entire last two-year session of Congress, lawmakers only signed one bill law that mentioned the word “ransomware.” With the epidemic of digital extortion showing no signs of abating, though, and as ransomware attacks claim ever more victims across all parts of the U.S., evidence is mounting that the next two years could bring a more concerted push for legitlation. “I think it will be a focus because essentially every congressional district has had some kind of ransomware incident, whether public or not,” said Michael Garcia, a senior policy adviser in the national security program at Third Way, a center-left think tank. “Just look at the number of hospitals getting hit, of schools being hit.” In one recent incident, a Mississippi public school system revealed it had paid $300,000 to ransomware attacks, while a U.S. medical company, Universal Health Services, said it lost $67 million as a result of […]

The post Is Congress finally ready to pass meaningful ransomware legislation? appeared first on CyberScoop.

Continue reading Is Congress finally ready to pass meaningful ransomware legislation?→

Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk

Posted on March 8, 2021 by Tim Starks

The Accellion hack has claimed another victim, this time a financial firm that boasts it’s the second-largest savings bank in the United States. Michigan-based Flagstar Bank recently began notifying affected customers that on Jan. 22, Accellion, an IT provider, relayed that a vulnerability in its file sharing platform had affacted Flagstar. The software flaw has led to breaches at firms around the world, with hackers exploiting the Accellion vulnerability to victimize grocery chain Kroger, cybersecurity company Qualys, the Reserve Bank of New Zealand, the state of Washington, prominent law firm Jones Day (which counts former President Donald Trump among its clients) and perhaps others. “Unfortunately, we have learned that the unauthorized party was able to access some of Flagstar’s information on the Accellion platform and that we are one of numerous Accellion clients who were impacted,” Flagstar said in a notice on its website. The Clop ransomware gang, alternately known […]

The post Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk appeared first on CyberScoop.

Continue reading Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk→

Suspected Iranian hackers snooping on Middle Eastern targets anew

Posted on March 5, 2021 by Tim Starks

Hackers connected to Iran are on the loose again in the Middle East, instigating an apparent espionage campaign in five countries, Trend Micro said on Friday. The company concluded with moderate confidence that the MuddyWater hacking group, whose interests tend to align with the Iranian government’s, is behind the campaign. It’s an ongoing spearphishing effort aimed at government agencies, academia and the tourism industry in Azerbaijan, Bahrain, Israel, Saudi Arabia and the United Arab Emirates, according to Trend Micro. The research confirms research from Anomali in February, and expands the range of named targets. MuddyWater has a history of going after Middle Eastern government agencies and academia along with a range of industries, and it has a reputation for persistent spy work. What’s different about this campaign, though, is that it doesn’t exhibit the usual competence MuddyWater has demonstrated, Trend Micro said. “While it possesses remote access capabilities, the attackers […]

The post Suspected Iranian hackers snooping on Middle Eastern targets anew appeared first on CyberScoop.

Continue reading Suspected Iranian hackers snooping on Middle Eastern targets anew→

Researchers uncover three more malware strains linked to SolarWinds hackers

Posted on March 4, 2021 by Tim Starks

It looks like the SolarWinds hackers had even more tricks up their sleeve. Microsoft and FireEye on Thursday revealed three more malware strains associated with the suspected Russian perpetrators who breached SolarWinds’ Orion software and used its update to infect federal agencies and major companies. FireEye named one strain Sunshuttle in a blog post. In a separate blog post, Microsoft dubbed two more strains GoldFinder and Sibot, and labeled the strain FireEye called Sunshuttle as GoldMax. Microsoft said the strains join the previously known SolarWinds hacker tools Sunburst and Teardrop. The traits the new malware strains exhibit are yet more evidence that the hackers behind that breach are, in fact, notably sophisticated — a term often affixed to virtually any hacking group by their victims. “They are tailor-made for specific networks and are assessed to be introduced after the actor has gained access through compromised credentials or the SolarWinds binary […]

The post Researchers uncover three more malware strains linked to SolarWinds hackers appeared first on CyberScoop.

Continue reading Researchers uncover three more malware strains linked to SolarWinds hackers→

Scammers exploit COVID-19 vaccine confusion for fraud efforts

Posted on March 4, 2021 by Tim Starks

A confusing, chaotic rush to deliver COVID-19 vaccinations is making cyberspace a more fertile place for pandemic-related scams. Researchers at Barracuda Networks said on Thursday that vaccine-related spearphishing emails rose 26% from October to the end of January. That roughly coincides with the time Pfizer and Moderna announced vaccine availability, and represents a 12% uptick from up from the one-month period of October to November. “We hope it’s the last phase of the lifecycle of this pandemic” for vaccine-related spearphishing attacks, said Fleming Shi, chief technology officer at Barracuda. ” These are just as potent as the ones earlier in the pandemic, probably even more so, because there’s an urgency for people. They’re racing for the openings.” Also Wednesday, Check Point Research said that vaccine-related domain registrations rose by 300% over the past eight months, with a large spike beginning in November and continuing through January. Of those Check Point […]

The post Scammers exploit COVID-19 vaccine confusion for fraud efforts appeared first on CyberScoop.

Continue reading Scammers exploit COVID-19 vaccine confusion for fraud efforts→

Robocalls keep spamming Americans, in part because of their cyber tools

Posted on March 1, 2021 by Tim Starks

After a surprising lull at the onset of the COVID-19 pandemic, phone scammers are back, and showing signs of overlapping more and more with text messages and cyber elements. Scammers are combining phone calls with tricks to circumvent two-factor authentication, using information they obtain online to make more targeted calls and, in some cases, mimicking the attack methods of hackers, government and industry officials say. Phone scams that merge with other methods are growing more frequent and difficult to contend with, said Connecticut Attorney General William Tong. “I think it’s common and it’s dangerous, particularly the way that they’re able to cloak themselves or convince you that you need to respond to a particular call or email,” he said. Internet technology has helped fuel a record number of robocalls thanks to the advent of voice-over IP, a tool that made mass calling convenient and more affordable. Estimates vary, but most […]

The post Robocalls keep spamming Americans, in part because of their cyber tools appeared first on CyberScoop.

Continue reading Robocalls keep spamming Americans, in part because of their cyber tools→

Biden signs executive order demanding supply chain security review

Posted on February 24, 2021 by Tim Starks

President Joe Biden signed an executive order on Wednesday directing federal agencies to conduct a review of supply chain security risks in industries including information technology. While a significant goal of the order is to address shortages of a wide assortment of critical imported components such as electric batteries and pharmaceuticals, it does include a mandated review of the information and communications technology sector. A prominent justification for the review is a desire to rely less on semiconductors manufactured overseas. Biden, at a news conference to herald his signing of the executive order, said “we need to make sure these supply chains are secure and reliable.” It’s an issue, he said, “of both concern for economic security as well as our national security.” Espionage remains a significant concern, as well, after hackers leveraged access in a federal contractor to gather sensitive from throughout the U.S. government. The supply chain danger […]

The post Biden signs executive order demanding supply chain security review appeared first on CyberScoop.

Continue reading Biden signs executive order demanding supply chain security review→

Election Assistance Commission loses another key staffer, Jerome Lovato

Posted on February 24, 2021 by Tim Starks

Another top official is exiting the staff of the Election Assistance Commission, the third in recent months for the small agency that plays an outsized role in U.S. election security. Jerome Lovato, the testing and certification director for voting system certification at the EAC, is leaving that position next month, two sources told CyberScoop. And the commission began advertising the opening for the job he holds last week. His departure follows Josh Franklin leaving his job as EAC chief technology officer in December, and in November, Maurice Turner leaving as senior adviser to the executive director of the commission. The exits come at a sensitive time for the commission. The EAC this month voted to approve a long-awaited update to its widely-used voluntary voting system guidelines, nicknamed VVSG 2.0, and a perhaps years-long implementation period will follow. Those guidelines emphasize the value of risk-limiting audits that help verify election results, […]

The post Election Assistance Commission loses another key staffer, Jerome Lovato appeared first on CyberScoop.

Continue reading Election Assistance Commission loses another key staffer, Jerome Lovato→

Senate hearing on SolarWinds hack lays bare US shortcomings, remaining mysteries

Posted on February 23, 2021 by Tim Starks

A host of federal government policy failures contributed to the rippling damage of the SolarWinds hack, leaders of cyber firms told a Senate panel on Tuesday, with even lawmakers saying Congress must do more to prevent a repeat. More than two months after the hack became public, the wide-ranging Senate Select Committee on Intelligence hearing committee demonstrated that the U.S. government, the private sector and digital incident responders still are wrestling with the ramifications of an suspected Russian espionage campaign that leveraged the federal contractor SolarWinds. A number of big questions remain: SolarWinds still hasn’t determined how the hackers originally got into its systems, nobody has fully settled debates on whether the incident amount to espionage, or something worse, and suspicions abound that more victims remain unrevealed. “It has become clear that there is much more to learn about this incident, its causes, its scope and scale, and where we […]

The post Senate hearing on SolarWinds hack lays bare US shortcomings, remaining mysteries appeared first on CyberScoop.

Continue reading Senate hearing on SolarWinds hack lays bare US shortcomings, remaining mysteries→

SolarWinds CEO talks hack, remaining questions before Capitol Hill hearings

Posted on February 22, 2021 by Tim Starks

The chief executive of SolarWinds on Monday said his company is still seeking a fuller understanding of the scope of the hack on its Orion software — and laying the groundwork for what SolarWinds, as well as the federal government, should be doing next. “What we are… still learning is the breadth and depth of the sophistication of the attackers, number one,” Sudhakar Ramakrishna said at a Center for Strategic and International Studies online event where he noted that the company’s investigation into what happened is ongoing. “Number two is the patience with which they carried out these attacks, and obviously the persistence,” he said, citing as an example that the hackers appeared to use earlier versions of Orion code as a test bed for their eventual attack. Ramakrishna took over as CEO weeks after news about the hack of SolarWinds’ updates to its Orion software had become public. The […]

The post SolarWinds CEO talks hack, remaining questions before Capitol Hill hearings appeared first on CyberScoop.

Continue reading SolarWinds CEO talks hack, remaining questions before Capitol Hill hearings→