Hackaday Links: March 10, 2024
We all know that we’re living in a surveillance state that would make Orwell himself shake his head, but it looks like at least one company in this space has …read more Continue reading Hackaday Links: March 10, 2024
Category Archives: National Security Agency
Satellite hack on eve of Ukraine war was a coordinated, multi-pronged assault
The satellite hack that took the world by storm was more complex than initially thought, according to a Viasat executive.
The post Satellite hack on eve of Ukraine war was a coordinated, multi-pronged assault appeared first on CyberScoop.
Continue reading Satellite hack on eve of Ukraine war was a coordinated, multi-pronged assault
‘Wormable’ Flaw Leads January 2022 Patch Tuesday
Microsoft today released updates to plug nearly 120 security holes in Windows and supported software. Six of the vulnerabilities were publicly detailed already, potentially giving attackers a head start in figuring out how to exploit them in unpatched systems. More concerning, Microsoft warns that one of the flaws fixed this month is “wormable,” meaning no human interaction would be required for an attack to spread from one vulnerable Windows box to another. Continue reading ‘Wormable’ Flaw Leads January 2022 Patch Tuesday
Enterprise security attackers are one password away from your worst day
IT organizations must shift their enterprise security strategy to detect credential-based attacks before they become a problem. Continue reading Enterprise security attackers are one password away from your worst day
Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?
On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. An analysis of the malicious file and other submissions by the same VirusTotal user suggest the account that initially flagged the backdoor as suspicious belongs to IT personnel at the National Telecommunications and Information Administration (NTIA), a division of the U.S. Commerce Department that handles telecommunications and Internet policy. Continue reading Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?
Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?
On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. An analysis of the malicious file and other submissions by the same VirusTotal user suggest the account that initially flagged the backdoor as suspicious belongs to IT personnel at the National Telecommunications and Information Administration (NTIA), a division of the U.S. Commerce Department that handles telecommunications and Internet policy. Continue reading Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?
Feds Pinpoint Russia as ‘Likely’ Culprit Behind SolarWinds Attack
The widespread compromise affecting key government agencies is ongoing, according to the U.S. government. Continue reading Feds Pinpoint Russia as ‘Likely’ Culprit Behind SolarWinds Attack
NSA warns defense contractors of potential SolarWinds fallout
It’s been widely reported that the suspected hacking team behind the massive and rapidly snowballing SolarWinds breach is linked with the Russian government. But the U.S. has not publicly named any one culprit behind the espionage operation, in which hackers concealed malware in SolarWinds network management tool updates, possibly infecting thousands of organizations across the U.S. federal government and the private sector. The National Security Agency, the U.S. Department of Defense’s foreign signals intelligence agency, on Thursday warned about an ongoing Russian state-sponsored hacking campaign that could by exacerbated by the SolarWinds breach. The NSA issued an alert warning defense contractors and Pentagon IT staff that the SolarWinds Orion compromise could be used in concert with a previously identified Russian state-sponsored hacking effort to access contractors’ data. The NSA did not claim that Russian hackers, who have been exploiting a VMWare flaw to access data, are involved in the SolarWinds […]
The post NSA warns defense contractors of potential SolarWinds fallout appeared first on CyberScoop.
Continue reading NSA warns defense contractors of potential SolarWinds fallout
Report: U.S. Cyber Command Behind Trickbot Tricks
A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet, a malware crime machine that has infected millions of computers and is often used to spread ransomware. A new report Friday says the coordinated attack was part of an operation carried out by the U.S. military’s Cyber Command. Continue reading Report: U.S. Cyber Command Behind Trickbot Tricks
NSA Mass Surveillance Program Illegal, U.S. Court Rules
The NSA argued its mass surveillance program stopped terrorist attacks – but a new U.S. court ruling found that this is not, and may have even been unconstitutional. Continue reading NSA Mass Surveillance Program Illegal, U.S. Court Rules