US Cyber Command warns nation-state hackers are exploiting old Microsoft Outlook bug. Make sure you’re patched!

US Cyber Command has issued a warning about an unnamed foreign country’s attempt to spread malware through the exploitation of a vulnerability in Microsoft Outlook. The alert, posted on Twitter, refers to CVE-2017-11774, a vulnerability in Outloo… Continue reading US Cyber Command warns nation-state hackers are exploiting old Microsoft Outlook bug. Make sure you’re patched!

Ongoing state-sponsored DNS hijacking campaign has compromised 40 entities

Hackers backed by a nation-state have successfully hijacked Domain Name System records to steal credentials from approximately 40 public and private entities across 13 countries in an attack that’s lasted for about two years, which Cisco’s Talos research team has dubbed “Sea Turtle” in research published Wednesday. The ongoing attack targets intelligence agencies, military organizations, and energy firms, as well as foreign ministries, telecommunications companies, and internet service providers. Cisco’s researchers characterize the attackers as “highly capable” and “unusually brazen,” but don’t go so far as to identify what country may be behind the attack. FireEye has indicated Iran is likely responsible for an attack that appears similar, but which Cisco claims is distinct from this new campaign. DNS hijacking allows hackers to gain credentials from victim entities in order to control the target’s DNS records — without flagging to the victims that they’re under attack. Using the DNS records, attackers are capable of […]

The post Ongoing state-sponsored DNS hijacking campaign has compromised 40 entities appeared first on CyberScoop.

Continue reading Ongoing state-sponsored DNS hijacking campaign has compromised 40 entities

ASUS issues patch, downplays scope of APT hack of its supply chain

Taiwanese hardware manufacturer ASUS on Tuesday announced a software update in response to a nation-state-linked hack and downplayed the scale of the compromise of its supply chain. “Only a very small number of [a] specific user group were found to have been targeted by this attack and as such it is extremely unlikely that your device has been targeted,” ASUS said in a press release. The statement contrasted with the findings of Kaspersky Lab researchers, who described the breach as perhaps “one of the biggest supply-chain incidents ever.” The attackers compromised an ASUS server to send malicious updates that affected about 1 million computer users between June and November 2018, according to the researchers, though only 600 appeared to be targeted for attack. ASUS accounted for 6 percent of global PC shipments in the third quarter of 2018, according to Gartner. The company also makes mobile phones, smart home devices, and other […]

The post ASUS issues patch, downplays scope of APT hack of its supply chain appeared first on CyberScoop.

Continue reading ASUS issues patch, downplays scope of APT hack of its supply chain

To prepare for 2020, DNC security chief tries to make hackers’ lives harder

The Democratic National Committee is striving to “make it more expensive for attackers to do their work” as it prepares for a 2020 election, Bob Lord, the committee’s chief security officer, told CyberScoop. It is a simple but proven principle of cybersecurity: Make it harder for hackers to succeed by implementing time-tested basics like two-factor authentication. The question for the DNC is: How do you aggressively broaden adoption of such practices for campaigns and state parties scattered across the country, many which have very limited budgets? That far-flung apparatus is not the chain of command that Lord was used to when he was a cybersecurity executive at companies like Yahoo and Rapid7. “Because we’re a decentralized ecosystem, it presents a number of interesting challenges,” he said in an interview. “I don’t have the ability to order people to do things. Nor can I practically manage all of their systems. But what I can do […]

The post To prepare for 2020, DNC security chief tries to make hackers’ lives harder appeared first on CyberScoop.

Continue reading To prepare for 2020, DNC security chief tries to make hackers’ lives harder

NSA’s Joyce outlines how U.S. can disrupt and deter foreign hacking

The United States will do more to disrupt the malicious cyber-activity that foreign adversaries are aggressively using to advance their interests, a National Security Agency official said Thursday. “We have to impose costs in a visible way to start deterrence,” said Rob Joyce, senior cybersecurity adviser at NSA. “We have to go out and try to make those operations less successful and harder to do.” Speaking to an industry association in Hanover, Maryland, Joyce cited the 2017 WannaCry and NotPetya malware outbreaks — and Russia’s use of information operations in the 2016 U.S. election — as examples of nation-states moving from “exploitation to disruption” to impose their will in cyberspace. Washington has blamed North Korea and Russia, respectively, for the devastating WannaCry and NotPetya attacks, which cost billions of dollars in economic damage. Some foreign governments have less legal constraints on their activities in cyberspace than the U.S., Joyce told a local […]

The post NSA’s Joyce outlines how U.S. can disrupt and deter foreign hacking appeared first on CyberScoop.

Continue reading NSA’s Joyce outlines how U.S. can disrupt and deter foreign hacking

Cyberthreats rise to the top at Senate hearing on worldwide dangers for U.S.

In yet another sign that the hacking abilities of Russia, China, Iran and North Korea are drawing intense scrutiny from U.S. spy agencies and law enforcement, top federal officials focused on cyberspace Tuesday as part of a broader hearing on the global threats facing the United States. The digital tools and techniques deployed by U.S. adversaries and competitors are “growing in potency and severity,” Director of National Intelligence Dan Coats told the Senate Intelligence Committee. “As the world becomes increasingly interconnected, we expect these actors and others to rely more and more on cyber capabilities” to advance their interests, Coats said. FBI Director Christopher Wray told lawmakers that nation-states are increasingly collaborating with criminal hackers in a “form of outsourcing that makes it even more of a menace.” The annual hearing gives the public a snapshot of the threats at the forefront of U.S. intelligence chiefs’ minds, and hacking allegedly backed by […]

The post Cyberthreats rise to the top at Senate hearing on worldwide dangers for U.S. appeared first on CyberScoop.

Continue reading Cyberthreats rise to the top at Senate hearing on worldwide dangers for U.S.

U.S. indicts China-linked group over wide-ranging hacking operations

The Justice Department on Thursday unsealed charges against two hackers linked with China’s civilian intelligence agency for a lengthy campaign to break into global technology service providers in efforts to steal intellectual property. The campaign targeted more than 45 companies in a dozen countries, including sectors ranging from aviation to pharmaceuticals, along with U.S. Navy, a Department of Energy laboratory, and NASA, prosecutors alleged. The defendants also stole the Social Security numbers and other personal information of over 100,000 Navy personnel, U.S. officials said. “The list of victim companies reads like a who’s who of the global economy,” FBI Director Christopher Wray said while announcing the charges. Other companies targeted included those in manufacturing, oil and gas, and maritime technology, U.S officials said. The pair of hackers – Zhu Hua and Zhang Shilong – are accused of being part of a Chinese hacking group known as APT10 or Cloudhopper. Industry […]

The post U.S. indicts China-linked group over wide-ranging hacking operations appeared first on CyberScoop.

Continue reading U.S. indicts China-linked group over wide-ranging hacking operations

Twitter detects possible state-sponsored activity from China, Saudi Arabia

Twitter says there has been suspicious activity on its platform that may have involved state-sponsored hackers from China and Saudi Arabia seeking information about specific users. The social media company says it detected an “issue” on Nov. 15 related to one of its support forums, where users contact Twitter to report any problems with an account. Outsiders potentially could view the country code users associated with their accounts and could assess whether an account was locked for violating Twitter’s rules, the company said in an announcement late Monday. “Specifically, we observed a large number of inquiries coming from individual IP addresses located in China and Saudi Arabia,” Twitter said. “While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors.” The issue was fixed within one day and Twitter has notified the affected users, the company said. No personal information […]

The post Twitter detects possible state-sponsored activity from China, Saudi Arabia appeared first on CyberScoop.

Continue reading Twitter detects possible state-sponsored activity from China, Saudi Arabia

Why you shouldn’t be afraid of nation-state hackers

When talking about information security, nation-state backed hackers are set up as the ultimate threat. The countries have brilliant hackers, unlimited resources, endless exploits, and they are all after you! Fortunately for us, there are also many more nation state hackers who are not that skilled, on a tight budget, and forced to use off-the-shelf tools. Just because your organization might be of interest to foreign services does not mean that you should just give up. Before we go much further, it’s important to acknowledge that some nation-state adversaries are, in fact, your worst nightmare. However, there is ample evidence of hacker “B-teams” amongst even the most sophisticated nation-state groups. Looking at the Russian attacks against the DNC, many simple mistakes are immediately apparent, including how easy it was to discover their origin. The group forgot to deploy anonymity tools, reused email and IP addresses for different parts of the […]

The post Why you shouldn’t be afraid of nation-state hackers appeared first on Cyberscoop.

Continue reading Why you shouldn’t be afraid of nation-state hackers

U.S. tech giants back French call for global cooperation in cyberspace

A multifaceted framework for lessening aggression in global cyberspace was unveiled by the French government on Monday, drawing support from tech giants and digital rights groups. Announced on the 100-year anniversary of the end of World War I, The Paris Call for Trust and Security in Cyberspace condemns “malicious cyber activities in peacetime,” affirms the applicability of international law to nation-state behavior in cyberspace, and aims to keep private companies from hacking back. The document pledges to strengthen the ability of government and private-sector organizations to combat interference in electoral processes through malicious cyber activities. Like the U.S. 2016 presidential election, France’s 2017 presidential election was reportedly the target of Russian hack-and-leak operations. Previous cyber norms initiatives have been confined to governments or industry, but the Paris Call aims to be the first multi-stakeholder initiative backed by governments, industry, academia, and civil society, according to Klara Jordan, head of the Atlantic […]

The post U.S. tech giants back French call for global cooperation in cyberspace appeared first on Cyberscoop.

Continue reading U.S. tech giants back French call for global cooperation in cyberspace