National Security Agency – Page 2

Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

Posted on April 16, 2021 by BrianKrebs

On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. An analysis of the malicious file and other submissions by the same VirusTotal user suggest the account that initially flagged the backdoor as suspicious belongs to IT personnel at the National Telecommunications and Information Administration (NTIA), a division of the U.S. Commerce Department that handles telecommunications and Internet policy. Continue reading Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?→

Feds Pinpoint Russia as ‘Likely’ Culprit Behind SolarWinds Attack

Posted on January 6, 2021 by Elizabeth Montalbano

The widespread compromise affecting key government agencies is ongoing, according to the U.S. government. Continue reading Feds Pinpoint Russia as ‘Likely’ Culprit Behind SolarWinds Attack→

NSA warns defense contractors of potential SolarWinds fallout

Posted on December 18, 2020 by Shannon Vavra

It’s been widely reported that the suspected hacking team behind the massive and rapidly snowballing SolarWinds breach is linked with the Russian government. But the U.S. has not publicly named any one culprit behind the espionage operation, in which hackers concealed malware in SolarWinds network management tool updates, possibly infecting thousands of organizations across the U.S. federal government and the private sector. The National Security Agency, the U.S. Department of Defense’s foreign signals intelligence agency, on Thursday warned about an ongoing Russian state-sponsored hacking campaign that could by exacerbated by the SolarWinds breach. The NSA issued an alert warning defense contractors and Pentagon IT staff that the SolarWinds Orion compromise could be used in concert with a previously identified Russian state-sponsored hacking effort to access contractors’ data. The NSA did not claim that Russian hackers, who have been exploiting a VMWare flaw to access data, are involved in the SolarWinds […]

The post NSA warns defense contractors of potential SolarWinds fallout appeared first on CyberScoop.

Continue reading NSA warns defense contractors of potential SolarWinds fallout→

Report: U.S. Cyber Command Behind Trickbot Tricks

Posted on October 10, 2020 by BrianKrebs

A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet, a malware crime machine that has infected millions of computers and is often used to spread ransomware. A new report Friday says the coordinated attack was part of an operation carried out by the U.S. military’s Cyber Command. Continue reading Report: U.S. Cyber Command Behind Trickbot Tricks→

NSA Mass Surveillance Program Illegal, U.S. Court Rules

Posted on September 3, 2020 by Lindsey O'Donnell

The NSA argued its mass surveillance program stopped terrorist attacks – but a new U.S. court ruling found that this is not, and may have even been unconstitutional. Continue reading NSA Mass Surveillance Program Illegal, U.S. Court Rules→

NSA Warns Smartphones Leak Location Data

Posted on August 5, 2020 by Elizabeth Montalbano

The agency known for its own questionable surveillance activity advised how mobile users can limit others’ ability to track where they are. Continue reading NSA Warns Smartphones Leak Location Data→

Someone is trying to catfish women by pretending to be Paul Nakasone

Posted on May 15, 2020 by Jeff Stone

Gen. Paul Nakasone, the director of the National Security Agency and head of U.S. Cyber Command, is a busy man. He oversees vast, technical surveillance efforts in the U.S. and abroad, while also commanding a military outfit charged with launching cyberattacks. Emailing random women from an outpost in Syria is probably not on his to-do list. So when, Susan, a woman from the New York City area, started receiving correspondence from a “Paul Nakasone” this week, she wondered why the self-proclaimed “head of U.S. Army Cyber Command” was trying to flirt with her. “I Googled this guy and I’m like, ‘Are you kidding me?’” Susan, who asked to be identified by only her first name, told CyberScoop. “And it was very flirtatious, but I’m a married woman.” Susan ultimately realized, that, no, she was not talking to the real Paul Nakasone. She and her friend were actually dealing with scammers who were posing as top […]

The post Someone is trying to catfish women by pretending to be Paul Nakasone appeared first on CyberScoop.

Continue reading Someone is trying to catfish women by pretending to be Paul Nakasone→

New Bill Proposes NSA Surveillance Reforms

Posted on January 24, 2020 by Lindsey O'Donnell

The newly-introduced bill targets the Patriot Act’s Section 215, previously used by the U.S. government to collect telephone data from millions of Americans. Continue reading New Bill Proposes NSA Surveillance Reforms→

Microsoft Patches Major Crypto Spoofing Bug

Posted on January 14, 2020 by Tom Spring

January Patch Tuesday tackles 50 bugs, with eight rated critical, all as it pushes out its last regular Windows 7 patches. Continue reading Microsoft Patches Major Crypto Spoofing Bug→

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Posted on January 13, 2020 by BrianKrebs

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to branches of the U.S. military and to other high-value customers/targets that manage key Internet infrastructure, and that those organizations have been asked to sign agreements preventing them from disclosing details of the flaw prior to Jan. 14, the first Patch Tuesday of 2020. Continue reading Cryptic Rumblings Ahead of First 2020 Patch Tuesday→