Zaid Shoorbajee – Page 22 – WindowsTechs.com

Spooked by election hacking, states are moving to paper ballots

Posted on March 12, 2018 by Zaid Shoorbajee

Paper ballots may at first seem like an antiquated voting practice, but hacking fears are now pushing an increasing number of states toward a return to the basics. State legislatures and election directors are heeding warnings from Washington that hackers may tamper with electronic voting systems in the 2018 midterm elections. The U.S. intelligence community has said that Russian President Vladimir Putin launched a campaign to interfere with the 2016 presidential election and that the Kremlin will try to do so again. On the national level, lawmakers have made several attempts to push legislation aiming to strengthen election cybersecurity through grants to upgrade equipment and to increase cooperation between the federal government and lower jurisdictions. So far, no such legislation has passed either house in Congress. Amid all this national attention, a number of states have started to act on their own bolster the integrity of elections they run. With these […]

The post Spooked by election hacking, states are moving to paper ballots appeared first on Cyberscoop.

Continue reading Spooked by election hacking, states are moving to paper ballots→

Kaspersky uncovers sophisticated cyber-espionage operation across Africa and Middle East

Posted on March 12, 2018 by Zaid Shoorbajee

Researchers have uncovered new malware that has apparently been used to spy on victims in the Middle East and Africa for six years undetected. A Friday report from Moscow-based Kaspersky Lab details how a threat it’s calling “Slingshot” has been infecting victims, collecting a wide variety of data and exfiltrating it in a covert fashion. The company says the threat is likely the work of a resource-rich government. “Slingshot is very complex and the developers behind it have clearly spent a great deal of time and money on its creation. Its infection vector is remarkable – and, to the best of our knowledge, unique,” the researchers write. Kaspersky says the APT has been active as far back as 2012 and was still active as of their analysis in February this year. Slingshot is apparently so sophisticated that Kaspersky has labeled it an advanced persistent threat (APT). The researchers say that Slingshot’s infection vector […]

The post Kaspersky uncovers sophisticated cyber-espionage operation across Africa and Middle East appeared first on Cyberscoop.

Continue reading Kaspersky uncovers sophisticated cyber-espionage operation across Africa and Middle East→

Senate panel gives go-ahead to bill that would hit reset on DHS

Posted on March 8, 2018 by Zaid Shoorbajee

Congress is moving forward with a plan to reauthorize the Department of Homeland Security for the first time since its 2002 creation and establish a permanent, dedicated cyber office within the agency. The Senate Committee on Homeland Security and Government Affairs approved the legislation Wednesday. The current bill is a version of what the House passed in July. If it passes in the full Senate, it would still need to see action in the House, even though that side of Congress already passed two attempts to reauthorize DHS last year. The Senate bill would reorganize DHS’s National Protection and Programs Directorate into a dedicated cyber agency, called the Cybersecurity and Infrastructure Security Agency. NPPD was established in 2007 by DHS and therefore isn’t officially deputized by Congress. The new office would be headed by an department undersecretary. “Passing the Department of Homeland Security Authorization Act is an important step to strengthen DHS and to establish a process […]

The post Senate panel gives go-ahead to bill that would hit reset on DHS appeared first on Cyberscoop.

Continue reading Senate panel gives go-ahead to bill that would hit reset on DHS→

Open source security platform Snyk raises $7 million in Series A funding round

Posted on March 6, 2018 by Zaid Shoorbajee

Snyk, a London-based startup that provides security for open source libraries, has raised $7 million in its Series A funding round, the company announced on Tuesday. The company bills itself as a “developer-first security solution that helps you use open source code and stay secure.” Snyk runs a vulnerability database that it uses to protect its customers who use open source code. “Security controls must adapt to the new pace open source and cloud dictate. Failing to do so is what led to the recent breaches at Equifax, Uber, and the Tesla cloud breach. We’re relying on strangers’ code to run the most sensitive aspect of our business, and do so at neck-breaking speed,” said Guy Podjarny, Snyk’s CEO and co-founder. “Traditional security solutions simply cannot keep up.” Snyk says it will use leverage the new funding to “deploy additional product offerings that improve the secure usage of open source for developers.” […]

The post Open source security platform Snyk raises $7 million in Series A funding round appeared first on Cyberscoop.

Continue reading Open source security platform Snyk raises $7 million in Series A funding round→

Arbor Networks reports record-breaking 1.7Tbps DDoS attack

Posted on March 6, 2018 by Zaid Shoorbajee

The record for the largest recorded denial of service attack appears to have been broken less than a week after it was set. Arbor Networks reported on Monday in a blog post that a 1.7 -terabit-per-second attack took place targeting the customer of a U.S. based internet service provider. Arbor Networks did not specify the victim beyond that description, but said that the ISP had proper defenses in place and that no outages were reported. “It’s a testament to the defense capabilities that this Service Provider had in place to defend against an attack of this nature that no outages were reported because of this,” the company wrote. The attack used the same technique that was used in the 1.35Tbps attack on GitHub on Feb. 28, Arbor Networks said. In both cases, attackers used memcached servers to amplify the requests they were sending to their targets. Arbor Networks says more large attacks using the memcached tactic […]

The post Arbor Networks reports record-breaking 1.7Tbps DDoS attack appeared first on Cyberscoop.

Continue reading Arbor Networks reports record-breaking 1.7Tbps DDoS attack→

Researchers uncover 4G LTE exploits that can be used to spy, spoof and cause panic

Posted on March 5, 2018 by Zaid Shoorbajee

Vulnerabilities in a common wireless telecommunications standard could allow hackers to send a fake emergency alert message to almost anyone’s smartphone. Researchers from Purdue University and the University of Iowa say they’ve discovered 10 new vulnerabilities in the 4G LTE protocol that can disrupt victims’ devices in several ways. They present the new findings in a paper published last month that showcases a tool they developed in order to detect such vulnerabilities. Among the new attacks, the researchers highlight an authentication relay attack, which they say allows an attacker to connect to an LTE network while spoofing another existing device’s identity and location. This is done without having legitimate credentials. “Through this attack the adversary can poison the location of the victim device in the core networks, thus allowing setting up a false alibi or planting fake evidence during a criminal investigation,” the paper says. The researchers explain that the 4G LTE protocol […]

The post Researchers uncover 4G LTE exploits that can be used to spy, spoof and cause panic appeared first on Cyberscoop.

Continue reading Researchers uncover 4G LTE exploits that can be used to spy, spoof and cause panic→

Enemies of U.S. continue cyberattacks without fear of reprisal, NSA director nominee says

Posted on March 1, 2018 by Zaid Shoorbajee

Russia and China continue to hack into U.S. companies and government agencies because they aren’t afraid of a potential response, senior U.S. officials say. The Army general expected to be confirmed as the next head of the NSA and U.S. Cyber Command told senators at a congressional hearing on Thursday that he doesn’t believe U.S. adversaries in cyberspace fear any repercussions for conducting hacking campaigns and cyber-espionage. Lt. Gen. Paul Nakasone’s bleak assessment at at a Senate Armed Services Committee hearing comes two days after the the same committee grilled the outgoing Adm. Mike Rogers, who Nakasone would replace, for indicating that the U.S. does not have offensive plans in motion to retaliate against cyberattacks. Responding to a line of questioning from Sen. Dan Sullivan, R-Alaska., who called the U.S. “the cyber punching bag of the world”, Nakasone said that countries known to target the U.S. in cyberattacks are not deterred […]

The post Enemies of U.S. continue cyberattacks without fear of reprisal, NSA director nominee says appeared first on Cyberscoop.

Continue reading Enemies of U.S. continue cyberattacks without fear of reprisal, NSA director nominee says→

Enemies of U.S. continue cyberattacks without fear of reprisal, NSA director nominee says

Posted on March 1, 2018 by Zaid Shoorbajee

The post Enemies of U.S. continue cyberattacks without fear of reprisal, NSA director nominee says appeared first on Cyberscoop.

Continue reading Enemies of U.S. continue cyberattacks without fear of reprisal, NSA director nominee says→

Bugcrowd raises $26 million in latest funding round

Posted on March 1, 2018 by Zaid Shoorbajee

The expansion of the bug-bounty industry continues as Bugcrowd announced Thursday that it is bringing in $26 million in its latest round of venture capital funding. The San Francisco-based company has seen consistent growth since its inception in 2012. It says that in the last quarter alone, it grew its base of commercial and Fortune 500 customers, opened new offices in London and Sydney and added to its leadership team. Bugcrowd has now raised about $50 million in venture capital funding. The Series C funding was led by Triangle Peak Partners, a venture capital firm that focuses on software and security. Triangle Peak’s president and co-founder, Dain DeGroff, will also be joining Bugcrowd’s board of directors. “Bugcrowd has built a successful business model addressing a growing and critical need,” DeGroff said in a press release. “Their deep relationships with the researcher community and expertise managing crowdsourced programs make Bugcrowd a strategic asset […]

The post Bugcrowd raises $26 million in latest funding round appeared first on Cyberscoop.

Continue reading Bugcrowd raises $26 million in latest funding round→

Report: APT28 breached German foreign and defense ministries

Posted on February 28, 2018 by Zaid Shoorbajee

Hackers believed to be tied to the Russian government successfully compromised the networks of the German defense and foreign ministries in at attack that may have lasted for a year, German news agency Deutsche Presse-Agentur reported Wednesday. Citing unnamed officials, the news agency reported that APT28 used malware to steal data from the government agencies, but the extent of the impact is unclear. Another German outlet, Deutsche Welle, reports that the hackers infiltrated a specially designed network used by the government to keep communications secure and separate. German press claim that that the BSI and BfV intelligence agencies are investigating the breach. APT28, commonly known as FancyBear, has been blamed by both private cybersecurity companies and U.S. intelligence agencies for carrying out attacks that target governments and political entities. Most notably, the group is known for obtaining and then leaking private information from Democratic National Commission in the 2016 U.S. election. More recently, the […]

The post Report: APT28 breached German foreign and defense ministries appeared first on Cyberscoop.

Continue reading Report: APT28 breached German foreign and defense ministries→