Zaid Shoorbajee – Page 8 – WindowsTechs.com

Two bills seek transparency in ownership of election vendors

Posted on October 12, 2018 by Zaid Shoorbajee

Senators introduced a pair of bills Thursday that would crack down on foreign ownership of election systems in the U.S., as the government continues to try to mitigate supply chain risk. Sen. Chris Van Hollen, D-Md., announced the Protect Our Elections Act and the Election Systems Integrity Act, both of which would set restrictions and reporting requirements around foreign ownership and operation of election systems. The former has bipartisan backing, with co-sponsorships from Susan Collins, R-Maine, and Ben Cardin D-Md. The latter is also backed by Cardin and Sen. Amy Klobuchar, D-Minn. The two bills overlap significantly in scope. Asked why they’re separate, a spokesperson for Van Hollen said that one deals with disclosure while the other would issue a ban. The Protect Our Elections Act would outlaw foreign ownership of election systems, specifically ones that deal with voting, tabulation, voter registration and communication systems for election agency. The bill would […]

The post Two bills seek transparency in ownership of election vendors appeared first on Cyberscoop.

Continue reading Two bills seek transparency in ownership of election vendors→

Talos: Android trojan resembling Play Store installs sophisticated spyware

Posted on October 11, 2018 by Zaid Shoorbajee

A newly uncovered Android trojan can install advanced spyware on unsuspecting users’ phones under the guise that it’s just part of the operating system, according to research from Cisco Talos out Thursday. Talos says that the malware’s sophistication is “of an uncommonly high level, making it a dangerous threat.” Vitor Ventura, who authored the Talos report, told CyberScoop by email that it “appears to be a new family of malware.” After being installed and going through some onboarding procedures, the “GPlayed” trojan has a broad range of spying capabilities. It can exfiltrate information like texts and contacts, track geolocation, change the lockscreen password and collect payment credentials. Beyond that, the trojan has the built-in ability to adapt after being installed, Talos says. It load new plugins remotely, inject new scripts and compile new code. “This means that the authors or the operators can add capabilities without the need to recompile and […]

The post Talos: Android trojan resembling Play Store installs sophisticated spyware appeared first on Cyberscoop.

Continue reading Talos: Android trojan resembling Play Store installs sophisticated spyware→

U.S. officials say supply-chain threat is ‘very real’ regardless of Bloomberg story accuracy

Posted on October 10, 2018 by Zaid Shoorbajee

FBI and Department of Homeland Security officials continued to push back Wednesday against a recent news story that described a devastating supply-chain attack on major U.S. technology companies, but their testimony in a Senate hearing also emphasized that such threats do remain “very real” in general. “This is a particularly pernicious threat … because it’s very difficult for the average citizen, company or government entity to understand every component that was put into a piece of equipment or network that they’ve purchased,” Homeland Security Secretary Kirstjen Nielsen said in a Homeland Security and Governmental Affairs Committee hearing that also featured FBI Director Christopher Wray. Bloomberg Businessweek reported last week that Chinese operatives had used rice grain-sized chips to compromise motherboards sold by Super Micro Computer (Supermicro), placing a backdoor into many companies, including Apple and Amazon Web Services. The attack, in theory, entails devastating consequences for information security at those companies and beyond. Companies mentioned in the article have issued strongly […]

The post U.S. officials say supply-chain threat is ‘very real’ regardless of Bloomberg story accuracy appeared first on Cyberscoop.

Continue reading U.S. officials say supply-chain threat is ‘very real’ regardless of Bloomberg story accuracy→

Magecart group compromises customer ratings tool, affecting ‘hundreds’ of online stores

Posted on October 9, 2018 by Zaid Shoorbajee

Researchers with RiskIQ say they have uncovered and helped resolve a credit card-skimming threat that targeted a third-party web app that manages customer reviews. The company attributes the threat to Magecart, a loosely associated set of hacking groups that exploit vulnerabilities in widely used third-party scripts. Magecart has been linked to similar payment data breaches with Ticketmaster UK, Newegg, British Airways and others. But Yonathan Klijnsma, head researcher at RiskIQ, explained to CyberScoop that Magecart is more of an umbrella term to describe the independent groups that exchange and imitate other groups’ procedures. In this case, RiskIQ says that a tool made by e-commerce software company Shopper Approved was compromised by Magecart threat actors, giving them the ability to skim payment information from the checkout pages of “a few hundred” online stores using the tool. RiskIQ labels this Magecart group “Group 5” and says it’s the same one that targeted Ticketmaster. The tool […]

The post Magecart group compromises customer ratings tool, affecting ‘hundreds’ of online stores appeared first on Cyberscoop.

Continue reading Magecart group compromises customer ratings tool, affecting ‘hundreds’ of online stores→

Randori enters automated red-teaming scene with $9.75 million seed investment

Posted on October 5, 2018 by Zaid Shoorbajee

“Nation-state” hacking is a phrase often used to talk about the the scariest cyberthreats out there, but cybersecurity startup Randori is using it to market its platform. The company announced on Thursday that it secured $9.75 million in seed funding for its automated red-teaming services. The Boston-based company says that its platform lets customers launch “nation-state caliber” attacks on their own systems in order to assess their risks and vulnerabilities. Randori stresses that its platform carries out real attacks, not ones in simulated environments, in combination with “continuous reconnaissance.” “Despite massive investments of time and capital, organizations often don’t know where they’re vulnerable until after they’re hit. Simulated environments can’t account for the changing tactics of today’s attacker,” said CEO Brian Hazzard in a press release. Hazzard is a former vice president and founding employee of Carbon Black, an endpoint security company that went public earlier this year. Randori company […]

The post Randori enters automated red-teaming scene with $9.75 million seed investment appeared first on Cyberscoop.

Continue reading Randori enters automated red-teaming scene with $9.75 million seed investment→

DHS’s top cyber office is about to get a name that reflects its mission

Posted on October 4, 2018 by Zaid Shoorbajee

The point office on cybersecurity in the Department of Homeland Security is on track for a rebrand. The Senate on Wednesday passed the Cybersecurity and Infrastructure Security Agency Act, which would both codify the office into law and give it a more relevant name. Under the bill, DHS’s National Protection and Programs Directorate (NPPD) would become the Cybersecurity and Infrastructure Security Agency (CISA). DHS established the NPPD in 2007; the legislation is essentially Congress’ official seal of approval. The House is expected to hold a final vote soon, sending the bill to President Donald Trump. NPPD leads the U.S. government’s efforts to secure federal networks and critical infrastructure. The office has also been spearheading the federal government’s election security efforts since the threats that became apparent in 2016. The office coordinates with state and local election offices on information sharing and cybersecurity best practices. “It is ridiculous that DHS needs an act of […]

The post DHS’s top cyber office is about to get a name that reflects its mission appeared first on Cyberscoop.

Continue reading DHS’s top cyber office is about to get a name that reflects its mission→

Election security experts wonder what lies beyond 2018

Posted on October 4, 2018 by Zaid Shoorbajee

With just over a month until the midterms, election officials from across the country say they’re more prepared to fend off election security threats thanks to increased partnerships with the federal government and financial assistance from Congress. But without legislation to solidify these newfound intergovernmental relationships, it’s unclear if the developments will hold beyond 2018. At a Wednesday summit on election preparedness hosted by the Election Assistance Commission, election officials from the local, state and federal levels touted the various ways they’ve boosted their security posture. Election offices have been devoting resources toward updating election software and equipment, securing voter registration systems, assessing their vulnerabilities, preparing for ballot audits and other practices. Some of that work has been made possible by a $380 million grant that Congress appropriated earlier this year, under the Help America Vote Act (HAVA). Officials pointed to that as a good start, but some noted the need for […]

The post Election security experts wonder what lies beyond 2018 appeared first on Cyberscoop.

Continue reading Election security experts wonder what lies beyond 2018→

Case involving ‘AlfabetoVirtual’ website defacements ends in guilty plea

Posted on October 2, 2018 by Zaid Shoorbajee

A California man accused by federal prosecutors of defacing thousands of websites belonging to the U.S. government pleaded guilty on Tuesday to two felony counts of computer fraud, the Department of Justice announced. The DOJ says that Billy Anderson, 41, admitted to more than 11,000 instances of hacking into and defacing websites belonging to the military and government, as well as businesses. Anderson allegedly conducted these operations under the alias “AlfabetoVirtual,” which would appear on the defaced websites. “This case demonstrates that those who seek to commit cyber intrusions of government websites will be prosecuted to the fullest extent of the law,” said Geoffrey Berman, U.S. Attorney for the Southern District of New York, in a statement. While the DOJ says he “took responsibility for” thousands of defacements, Anderson’s plea is for two counts in particular. In July 2015, prosecutors say he gained access to a website run by the […]

The post Case involving ‘AlfabetoVirtual’ website defacements ends in guilty plea appeared first on Cyberscoop.

Continue reading Case involving ‘AlfabetoVirtual’ website defacements ends in guilty plea→

Tanium claims $6.5 billion valuation with $200 million investment

Posted on October 2, 2018 by Zaid Shoorbajee

Endpoint security company Tanium announced Tuesday that it earned $200 million in investor funding, claiming a valuation of $6.5 billion. That figure is compared to a reported $5 billion valuation just five months ago when the company brought in a $175 million investment. Founded in 2007, Tanium is easily one of the most well funded privately owned cybersecurity companies in the U.S. The company claims it’s had great success throughout 2018, with cash flow, billings and revenue on a growth trend, despite rapid expansion. In the endpoint security space, Tanium competes with other big and growing players like Crowdstrike, Carbon Black, Cylance and others. Observers have expected Tanium to go public, and CEO Orion Hindawi has hinted at such a move. However, Reuters reported that the company has not made any decisions. The round was led by Wellington Management, with participation from Baillie Gifford & Company and Adage Capital Management. “We are thrilled […]

The post Tanium claims $6.5 billion valuation with $200 million investment appeared first on Cyberscoop.

Continue reading Tanium claims $6.5 billion valuation with $200 million investment→

Report: Zoho’s domain regularly exploited to move keylogger data

Posted on October 2, 2018 by Zaid Shoorbajee

After a messy domain takedown last week in response to phishing complaints, new research suggests that an Indian IT company’s domain is being exploited to exfiltrate the bulk of keylogger data collected by malicious programs. Zoho, an Indian company that provides office tools and IT management platforms, had its domain taken down temporarily last week as a result of complaints about phishing abuse. Domain registrar TierraNet told ZDNet that it took down the domain after repeatedly asking Zoho to mitigate the phishing issues. Zoho’s domain has since been brought back online, but anyone using Zoho was out of luck while it was down. A report released Tuesday by Cofense, a company that provides phishing protection services, suggests that the complaints of abuse were not unfounded. Cofense says that, based on an analysis of keylogger data theft where email is used for to exfiltrate the data, domains owned by Zoho account for moving […]

The post Report: Zoho’s domain regularly exploited to move keylogger data appeared first on Cyberscoop.

Continue reading Report: Zoho’s domain regularly exploited to move keylogger data→