Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. An analysis of the malicious file and other submissions by the same VirusTotal user suggest the account that initially flagged the backdoor as suspicious belongs to IT personnel at the National Telecommunications and Information Administration (NTIA), a division of the U.S. Commerce Department that handles telecommunications and Internet policy. Continue reading Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. An analysis of the malicious file and other submissions by the same VirusTotal user suggest the account that initially flagged the backdoor as suspicious belongs to IT personnel at the National Telecommunications and Information Administration (NTIA), a division of the U.S. Commerce Department that handles telecommunications and Internet policy. Continue reading Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

Commerce Department breached as Treasury, others reportedly victimized by suspected Russian hackers

Hackers breached the Commerce Department, and reportedly have infiltrated the Treasury Department and other U.S. agencies, in incidents that government security officials said on Sunday that they were fighting to contain. “We can confirm there has been a breach in one of our bureaus,” a Commerce Department spokesperson said. The spokesperson added that Commerce has asked the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency “and the FBI to investigate, and we cannot comment further at this time.” Reuters reported that foreign nation-backed hackers have been monitoring email traffic at the Treasury Department and Commerce Department’s National Telecommunications and Information Administration, and the attackers apparently used similar tools to breach other agencies. “The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” said John Ullyot, a spokesman for the White House’s National […]

The post Commerce Department breached as Treasury, others reportedly victimized by suspected Russian hackers appeared first on CyberScoop.

Continue reading Commerce Department breached as Treasury, others reportedly victimized by suspected Russian hackers

U.S. poised to deny China Mobile access to American market due to spying fears

On Monday, the Trump administration moved to block a large Chinese telecommunications company from entering the U.S. market, recommending that its application be rejected on national security grounds. China Mobile, the world’s largest mobile operator, had sought to move into the U.S. cell phone and communication services space. In 2011, the company filed an application to U.S. regulators at the Federal Communications Commission for a license to do business in the United States. In a statement released Monday, the National Telecommunications and Information Administration (NTIA) announced that the Federal Communications Commission (FCC) should deny China Mobile’s application. “After significant engagement with China Mobile, concerns about increased risks to US law enforcement and national security interests were unable to be resolved,” David Redl, the assistant secretary for communications and information at the Commerce Department, said in NTIA’s statement. The NTIA is an arm of the Commerce Department that advises the White House […]

The post U.S. poised to deny China Mobile access to American market due to spying fears appeared first on Cyberscoop.

Continue reading U.S. poised to deny China Mobile access to American market due to spying fears

The small government agency creating a policy to stop botnets

When White House officials were drafting the cybersecurity executive order that President Donald Trump signed last May, they faced a problem: Making the internet more secure against massive botnet attacks  while taking coordinated action between a bewildering variety of stakeholders from a dozen different industries. Action was essential: The threat from huge automated attacks — like the one that brought the stopped internet traffic it its tracks in October 2016 — was growing exponentially as the “Internet of Things” connected billions of insecure devices to the larger global network. But forcing industry to act through regulation was off the table in an administration committed to cutting red tape. Instead, officials approached a small agency within the Commerce Department, the National Telecommunications and Information Administration, which was acquiring a reputation for addressing complex cybersecurity problems using a new model of policymaking. NTIA’s multi-stakeholder process “was generating a lot of interest” early […]

The post The small government agency creating a policy to stop botnets appeared first on Cyberscoop.

Continue reading The small government agency creating a policy to stop botnets

Bug Hunters Prefer Communication Over Compensation

Results of a NTIA survey published today show that researchers prefer open communication with vendors over financial compensation when it comes to vulnerability disclosure. Continue reading Bug Hunters Prefer Communication Over Compensation

The Time Has Come to Hack the Planet

In this Threatpost Op-Ed, Katie Moussouris explains the significance of the newly free availability of ISO Standard 29147 Vulnerability disclosure, and why it keeps an important dialogue open between hackers and industry. Continue reading The Time Has Come to Hack the Planet