Category Archives: intelligence

Young Israelis increasingly opt for cyber service and contribute to combat troop shortage

Posted on by

The Israeli military’s cyber units have a reputation as some of the world’s most effective. All of a sudden, that’s a problem. A reported shortage of combat troops is being exacerbated by Israeli draftees opting more and more for the IDF’s cybersecurity efforts instead of combat roles, the Israeli newspaper Haaretz reported on Friday. The IDF’s cyber roles are safe, prestigious postings that have been boosted by a deliberate and long-running public relations campaign from the government. “The IDF may need many more cyberexperts, but not in the numbers that the education system producing,” a senior officer in the Manpower Directorate told Haaretz. “We don’t need so many mathematicians and not every one of them has the characteristics that meet the needs of the intelligence branch, which often looks for other personal characteristics among the draftees for its units. Israeli society is struggling to accept this, and the army is portrayed as being deaf, […]

The post Young Israelis increasingly opt for cyber service and contribute to combat troop shortage appeared first on Cyberscoop.

Continue reading Young Israelis increasingly opt for cyber service and contribute to combat troop shortage

Time is running out to approve state officials to receive cybersecurity intel ahead of elections

Posted on by

With just about a month left before the polls open in New Jersey and Virginia for gubernatorial elections, the Department of Homeland Security is racing to vet state officials who have applied for the ability to receive classified briefings and other information related to potential cyber-intrusions into election systems, people familiar with the matter tell CyberScoop. In August, the DHS began reaching out to chief election officials in every state to begin the process of obtaining clearances. While the nominees for these clearances are usually the secretary of state or similar high-ranking office-holders, some supporting staff have also sought clearances. The processing for each of these applications varies by person and as a result, there’s no average wait time. Over the last several months, however, DHS has been able to issue “interim” clearances when necessary within 30 days of an application, officials told CyberScoop. Final clearance approvals are taking much longer, the officials said. People […]

The post Time is running out to approve state officials to receive cybersecurity intel ahead of elections appeared first on Cyberscoop.

Continue reading Time is running out to approve state officials to receive cybersecurity intel ahead of elections

[SANS ISC] Getting some intelligence from malspam

Posted on by

I published the following diary on isc.sans.org: “Getting some intelligence from malspam“. Many of us are receiving a lot of malspam every day. By “malspam”, I mean spam messages that contain a malicious document. This is one of the classic infection vectors today and aggressive campaigns are started every week.

[The post [SANS ISC] Getting some intelligence from malspam has been first published on /dev/random]

Continue reading [SANS ISC] Getting some intelligence from malspam

Eugene Kaspersky speaks out, defends company over espionage allegations

Posted on by

Just twenty four hours before the Department of Homeland Security banned the use of Kaspersky Lab products in the federal government, company founder Eugene Kaspersky gave his first public remarks to claims made by U.S. officials that Kaspersky acts as an intelligence gathering tool for the Kremlin. Kaspersky was speaking at security conference in Sao Paulo, Brazil Tuesday when a U.S. security researcher asked him about recent press reports that alleged the company represented a looming privacy and security concern for private sector companies and government agencies. Watch Eugene’s response here, which was provided to CyberScoop and posted publicly by an attendee of the Brazil-based conference:   Here’s a full transcript of the exchange: Q: I’m from the United States, and the question that is, of course, being asked there is whether your product is being used by Russian politic services. Can you address that? Eugene Kaspersky: Yes, there are […]

The post Eugene Kaspersky speaks out, defends company over espionage allegations appeared first on Cyberscoop.

Continue reading Eugene Kaspersky speaks out, defends company over espionage allegations

In the face of government pressure, Kaspersky pledges to open new U.S. offices

Posted on by

Moscow-based cybersecurity firm Kaspersky Lab announced plans Tuesday to open three new offices in the U.S. next year in order to expand business with American companies. The move comes as U.S. law enforcement and intelligence officials continue to discourage private businesses from relying on Kaspersky products to stop hackers due to reported security and privacy concerns. Chief executive Eugene Kaspersky confirmed the decision on social media after Reuters reported Tuesday morning that the anti-virus maker had plans to potentially close its Washington, D.C.-area office and instead open several other locations across the U.S. The D.C.-area office — in Arlington, Virginia — had been previously focused on serving U.S. government clients. In a Twitter post, Kaspersky said the company had already secured leases for offices in Los Angeles, Chicago and Toronto. Hi Chris, locations secured – Chicago, LA, Toronto — Eugene Kaspersky (@e_kaspersky) September 12, 2017 A statement provided to CyberScoop […]

The post In the face of government pressure, Kaspersky pledges to open new U.S. offices appeared first on Cyberscoop.

Continue reading In the face of government pressure, Kaspersky pledges to open new U.S. offices

Amid U.S. effort to exclude Kaspersky, Putin backs plan to force out foreign software

Posted on by

Russian President Vladimir Putin voiced his support last Friday for a plan to compel Russian companies to purchase and deploy software that is created only by Russian technology firms rather than foreign competitors. The move comes as the FBI is privately counseling U.S. businesses to uninstall products that are created and sold by Moscow-based cybersecurity giant Kaspersky Lab due to reported privacy and security concerns. Although Kaspersky’s anti-virus software is not widely used in federal agencies, some companies continue to rely on it for protection against hackers. The FBI has yet to publicly provide evidence to support the accusation that Kaspersky acts as an extension of Russian intelligence services. Putin told Russian news agency Interfax that Russian companies looking to secure government contracts should comply with the regulatory directive — which by nature, appears to reward organizations that invest in domestic alternatives if and when they exist. “In terms of security, there are things that […]

The post Amid U.S. effort to exclude Kaspersky, Putin backs plan to force out foreign software appeared first on Cyberscoop.

Continue reading Amid U.S. effort to exclude Kaspersky, Putin backs plan to force out foreign software

Trump adviser proposes broader cybersecurity oversight for private-sector critical infrastructure

Posted on by

A top White House official says the U.S. government may have a more extensive role to play in defending computer networks associated with American critical infrastructure, even though most are owned and operated by the private sector. Thomas Bossert, assistant to the president for homeland security and counterterrorism, told an audience of former intelligence and defense officials Wednesday in Washington, D.C., that there are certain narrowly defined cases where the Defense Department could be more closely connected to companies and organizations that handle what the Department of Homeland Security labels as critical infrastructure. The designation applies to 16 different U.S. business sectors, including manufacturing, emergency services, energy and financial markets. There are a number of different federal agencies that are currently involved in defending the private sector from computer intrusions: the NSA, FBI, DHS and the military’s U.S. Cyber Command. Some former intelligence officials, like ex-NSA Director Keith Alexander, believe, however, that this multi-agency approach […]

The post Trump adviser proposes broader cybersecurity oversight for private-sector critical infrastructure appeared first on Cyberscoop.

Continue reading Trump adviser proposes broader cybersecurity oversight for private-sector critical infrastructure

Researchers uncover latest version of Chinese spyware used to target dissidents

Posted on by

Security researchers believe a newly discovered variant of mobile malware, dubbed xRAT, represents the latest iteration of a sophisticated cyber-espionage tool previously used by the Chinese government against dissidents, according to evidence published by cybersecurity firm LookOut. The first sample of xRAT appeared in April, said Michael Flossman, a security researcher with LookOut, and since then more than 60 unique samples belonging to this same remote access trojan family have been found. RAT is short for remote access trojan, a kind of malicious software program that installs a back door on a device so the attacker can take administrative control. “Initially when we started investigating [xRAT] our attribution suggested the actor behind it was likely Chinese, due to a combination of comments in the code, the types of apps being trojanized, and the location and whois details of command and control infrastructure,” explained Flossman. “Further analysis revealed a strong connection to […]

The post Researchers uncover latest version of Chinese spyware used to target dissidents appeared first on Cyberscoop.

Continue reading Researchers uncover latest version of Chinese spyware used to target dissidents

Kaspersky exposes apparent Russian cyber-espionage operation amid U.S. criticism

Posted on by

In the face of allegations that Kaspersky Lab works hand-in-hand with Russian intelligence, the Moscow-based cybersecurity published a detailed report Wednesday exposing a complex and expansive cyber-espionage operation orchestrated by what appears to be a Russia-based hacking group. The research, authored by Kaspersky’s high-level GReAT team, reveals some of the techniques, processes and tools used by an attacker with similarities to two known hacking groups, Sofacy and Turla. Both of these groups are considered advanced persistent threats (APTs) and have been linked to the Russian government by U.S. cybersecurity firms CrowdStrike and FireEye. Kaspersky rarely attributes hacking groups to particular governments. This latest activity revealed by Kaspersky is codenamed “WhiteBear,” as it resembles but doesn’t match up entirely with known Sofacy or Turla operations. WhiteBear is likely a subgroup within or campaign of Turla group, the firm says. Based on a technical analysis by Kaspersky, WhiteBear’s recent activity appears to represent […]

The post Kaspersky exposes apparent Russian cyber-espionage operation amid U.S. criticism appeared first on Cyberscoop.

Continue reading Kaspersky exposes apparent Russian cyber-espionage operation amid U.S. criticism

The NSA’s 2014 Media Engagement and Outreach Plan

Posted on by

Interesting post-Snowden reading, just declassified. (U) External Communication will address at least one of "fresh look" narratives: (U) NSA does not access everything. (U) NSA does not collect indiscriminately on U.S. Persons and foreign nationals. (U) NSA does not weaken encryption. (U) NSA has value to the nation. There’s lots more…. Continue reading The NSA’s 2014 Media Engagement and Outreach Plan