Microsoft Patches Major Crypto Spoofing Bug
January Patch Tuesday tackles 50 bugs, with eight rated critical, all as it pushes out its last regular Windows 7 patches. Continue reading Microsoft Patches Major Crypto Spoofing Bug
Category Archives: National Security Agency
Cryptic Rumblings Ahead of First 2020 Patch Tuesday
Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to branches of the U.S. military and to other high-value customers/targets that manage key Internet infrastructure, and that those organizations have been asked to sign agreements preventing them from disclosing details of the flaw prior to Jan. 14, the first Patch Tuesday of 2020. Continue reading Cryptic Rumblings Ahead of First 2020 Patch Tuesday
New Bug Found in NSA’s Ghidra Tool
Flaw in National Security Agency’s Ghidra reverse-engineering tools allows hackers to execute code in vulnerable systems. Continue reading New Bug Found in NSA’s Ghidra Tool
Cybereason raises $200 million for its enterprise security platform
Cybereason, which uses machine learning to increase the number of endpoints a single analyst can manage across a network of distributed resources, has raised $200 million in new financing from SoftBank Group and its affiliates. It’s a sign of the belief that SoftBank has in the technology, since the Japanese investment firm is basically doubling […] Continue reading Cybereason raises $200 million for its enterprise security platform
The NSA is experimenting with machine learning concepts its workforce will trust
As the U.S. National Security Agency incorporates machine learning and artificial intelligence into its defensive cyber operations, officials are weighing whether cyber operators will have confidence in the algorithms underpinning those emerging technologies. NSA operators want to say, “is my AI or ML system explainable?” Neal Ziring, NSA’s Technical Director for Capabilities, told CyberScoop Thursday. “Contexts where the AI is recommending an action is where that will be most important.” The intelligence agency still is exploring how machine learning, an automated method of data analysis, might be used to detect threats and protect new Internet of Things technology. Given the amount of information that agency employees need to sort through, machine learning could help prioritize tasks and decrease the amount of time employees spend on triage. The NSA aims to use machine learning and artificial intelligence, in which computers make their own decisions, to more efficiently stop threats, and eventually leverage those tools in offensive operations. But, if NSA workers don’t trust the […]
The post The NSA is experimenting with machine learning concepts its workforce will trust appeared first on CyberScoop.
Continue reading The NSA is experimenting with machine learning concepts its workforce will trust
After remote-code test, DHS sounds the alarm on BlueKeep
The Department of Homeland Security has added its voice to a chorus of government and corporate cybersecurity professionals urging users to patch their systems for BlueKeep, a critical vulnerability recently reported in old Microsoft Windows operating systems. DHS’s Cybersecurity and Infrastructure Security Agency said Monday said it had used the BlueKeep vulnerability to execute remote code on a test machine operating Windows 2000. The agency released an advisory reiterating that, like the famed WannaCry ransomware, BlueKeep is “wormable,” in that malware exploiting the vulnerability could spread to other systems. The BlueKeep vulnerability, for which Microsoft published an advisory on May 14, could allow a hacker to abuse the popular Remote Desktop Protocol, which grants remote access to computers for administrative purposes, to delete data or install new programs on a system. When it was disclosed, security experts immediately warned of BlueKeep’s severity, and as of last week, close to 1 million internet-exposed machines were still vulnerable […]
The post After remote-code test, DHS sounds the alarm on BlueKeep appeared first on CyberScoop.
Continue reading After remote-code test, DHS sounds the alarm on BlueKeep
Criminal campaign uses leaked NSA tools to set up cryptomining scheme, Trend Micro says
Since March, criminals have been using hacking tools that were reportedly stolen from the National Security Agency in targeting companies around the world as part of a cryptomining campaign, researchers with cybersecurity company Trend Micro said Thursday. The broad-brush campaign has hit organizations in the banking, manufacturing and education sectors, among others, Trend Micro says. The criminals are essentially hijacking corporate computing power to harvest the cryptocurrency Monero. It’s hardly a new concept, but in this case it’s a reminder that tools deployed by state-sponsored hackers can also be used by relatively unskilled crooks more interested in making money than in spying. “Entry-level cybercriminals are gaining easy access to what we can consider ‘military-grade’ tools — and are using them for seemingly ordinary cybercrime activity,” Trend Micro researchers wrote in a blog post. The attacks are exploiting old versions of Microsoft Windows using a variant of a backdoor based on the EternalBlue exploit, Trend Micro said. EternalBlue is code reportedly […]
The post Criminal campaign uses leaked NSA tools to set up cryptomining scheme, Trend Micro says appeared first on CyberScoop.
Congress to take another stab at hack back legislation
The concept of “hacking back” — which has often been referred to as “the worst idea in cybersecurity” — has resurfaced again in Washington. Rep. Tom Graves, R-Ga., is reintroducing a bill Thursday that would allow companies to go outside of their own networks to identify their attackers and possibly disrupt their activities. While Graves has made previous attempts to legalize the practice, “hacking back” would currently be a violation of the Computer Fraud and Abuse Act. The CFAA, enacted in 1986, makes it illegal to access computers without authorization. Graves told CyberScoop the bill is necessary in part because companies are left without recourse when they are attacked. “Where do they turn — can they call 911? What do they do?” Graves said. “They have nowhere to turn.” The incentive to pass this bill, Graves says, also stems in part from the fact that there are no guidelines right now for companies that […]
The post Congress to take another stab at hack back legislation appeared first on CyberScoop.
Continue reading Congress to take another stab at hack back legislation
Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware
For almost the past month, key computer systems serving the government of Baltimore, Md. have been held hostage by a ransomware strain known as “Robbinhood.” Media publications have cited sources saying the Robbinhood version that hit Baltimore city computers was powered by “Eternal Blue,” a hacking tool developed by the U.S. National Security Agency (NSA) and leaked online in 2017. But new analysis suggests that while Eternal Blue could have been used to spread the infection, the Robbinhood malware itself contains no traces of it. Continue reading Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware
Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack
Senior National Security Agency officials have no evidence a tool developed by the NSA “played a role” in the ransomware attack on Baltimore, Rep. Dutch Ruppersperger said Friday following a briefing at the agency’s headquarters. Ruppersberger, D-Md., and other officials requested briefings with the agency following a report from The New York Times that the exploit, known as EternalBlue, was used to help spread the RobbinHood ransomware variant across the city’s IT infrastructure. “I have been told that there is no evidence at this time that EternalBlue played a role in the ransomware attack currently affecting Baltimore City,” Ruppersberger said in a statement. “I’m told it was not used to gain access nor to propagate further activity within the network.” A followup briefing with other members of Maryland’s congressional delegation is expected to be held Monday. “It is important that discussions regarding the use of government cyber tools, and subsequent […]
The post Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack appeared first on CyberScoop.
Continue reading Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack