Collaborate Disseminate
The report analyzes the security properties of a popular biometric access control terminal made by ZkTeco and describes vulnerabilities found in it. Continue reading QR code SQL injection and other vulnerabilities in a popular biometric terminal
This is the first part of the research, devoted to null session vulnerability, unauthorized MS-RPC interface and domain user enumeration. Continue reading A journey into forgotten Null Session and MS-RPC interfaces
As we work through the first quarter of 2024, various sectors are continuously adapting to increasingly complex cybersecurity threats. Sectors like healthcare, finance, energy and transportation are all regularly widening their digital infrastructure, resulting in larger attack surfaces and greater risk exposure. Kaspersky just released their ICS CERT Predictions for this year, outlining the key […]
The post ICS CERT predictions for 2024: What you need to know appeared first on Security Intelligence.
Continue reading ICS CERT predictions for 2024: What you need to know
Kaspersky experts make their predictions about ICS and OT threats: specifically, ransomware and hacktivist attacks, threats to logistics and transportation, etc. Continue reading ICS and OT threat predictions for 2024
Lawmakers on Capitol Hill are clamoring for the U.S. government to better communicate what it’s doing to fend off foreign hackers, a concern that has come front and center in recent days as Americans have queued up at gas stations following a ransomware attack against a major U.S. pipeline company. Colonial Pipeline, the largest pipeline in the country, temporarily had to shut down operations earlier this month in response to a ransomware attack impacting its IT networks. The company shut down operations to prevent the malicious software from spreading to its operational networks. The incident has raised questions about the fragility of U.S. critical infrastructure cybersecurity, and Rep. Elissa Slotkin, D-Mich., indicated Friday she wants the U.S. government to tell the American people more about what it’s doing to try to prevent these kinds of attacks in the first place. ”It is so hard to explain to the American public […]
The post Lawmakers want DOD to share more info with Americans on deterring hacks appeared first on CyberScoop.
Continue reading Lawmakers want DOD to share more info with Americans on deterring hacks
President Joe Biden suggested the U.S. intends to pursue hackers who last week infected the largest pipeline in the country with ransomware. The incident led Colonial Pipeline to shut down operations for days in an effort to prevent the ransomware, which the FBI has traced back to criminal operators known as DarkSide, from spreading to its operational technology. Now, following a spike in demand for fuel, the U.S. government is going to disrupt the hackers, who are believed to reside in Russia, Biden said. “We have been in direct communication with Moscow for the imperative for responsible countries to take decisive action against these ransomware networks,” Biden said in remarks Thursday. “We’re also going to pursue a measure to disrupt their ability to operate.” The president did not rule out carrying out a retaliatory cyberattack targeting the criminals, clarifying that the U.S. does not believe the Russian government was behind […]
The post US government plans to disrupt hackers behind Colonial Pipeline ransomware, Biden says appeared first on CyberScoop.
The Biden Administration took a sideswipe at the Russian government’s network of companies it allegedly relies on to conduct intelligence and military hacking Thursday — part of a broader effort to beat back Russian government hacking and information operations targeting Americans, the U.S. private sector and the federal government. In one of the most striking actions the Biden administration took Thursday, the U.S. Treasury Department sanctioned Positive Technologies, a cybersecurity firm headquartered in Moscow. According to the Treasury Department, Positive Technologies may appear to be a regular IT firm, but it actually supports Russian government clients, including the Federal Security Service. The firm also “hosts large-scale conventions that are used as recruiting events for the FSB and GRU,” the Treasury Department said, referring to the Federal Security Service (FSB) and Russia’s Main Intelligence Directorate (GRU). U.S. intelligence documents show that the company has gone even further at times and has […]
The post U.S. government accuses Russian companies of recruiting spies, hacking for Moscow appeared first on CyberScoop.
Continue reading U.S. government accuses Russian companies of recruiting spies, hacking for Moscow
Over the course of the next 20 years, nation-states will see a rise in targeted offensive cyber-operations and disinformation in an increasingly “volatile and confrontational” global security landscape, according to a new U.S. intelligence assessment. The U.S. intelligence community’s Global Trends report, issued on Thursday, notes many of theses offensive cyber-operations will likely target civilian and military infrastructure. Nation-states will likely increasingly favor tools that allow them to operate below the level of armed conflict in order to avoid the geopolitical and resource costs that come with violence and traditional warfare, the report adds. Countries also will leverage proxies such as hackers or military contractors to disrupt their adversaries, according to the assessment, which is issued by the National Intelligence Council, which reports to the Director of National Intelligence. “Proxies and private companies can reduce the cost of training, equipping, and retaining specialized units and provide manpower for countries with […]
The post US intelligence report warns of increased offensive cyber, disinformation around the world appeared first on CyberScoop.
The U.K. has drummed up an offensive cyber-operations unit dedicated to disrupting British adversaries in cyberspace, British Prime Minister Boris Johnson announced Thursday. The unit, known as the National Cyber Force (NCF), is capable of launching targeted campaigns against adversaries, from those that interfere with terrorists’ communications devices and cellphones to those that support British military operations, according to the announcement. The British government has been developing the force for approximately two years. The NCF, which is expected to grow to 3,000 strong in the coming years, consists of personnel from the country’s signals intelligence agency, the Government Communications Headquarters (GCHQ), as well as the Ministry of Defense, the country’s Secret Intelligence Service (MI6) and the Defence Science and Technology Laboratory. The force, which operates alongside GCHQ’s defensive cyber unit — the National Cyber Security Centre — currently only has a couple hundred staff. The announcement coincides with efforts from British […]
The post UK formally unveils GCHQ’s offensive cyber-operation shop appeared first on CyberScoop.
Continue reading UK formally unveils GCHQ’s offensive cyber-operation shop
Last week saw a flurry of U.S. indictments of alleged Chinese and Iranian hackers as part of a multi-agency crackdown on foreign intelligence services. The Department of Treasury issued sanctions, the Department of Homeland Security advised companies on how to fend off hackers and U.S. intelligence agencies likely kept a close eye on possible reactions from Beijing and Tehran. At the center of the coordinated crackdowns, though, were the FBI agents who tracked the computer infrastructure used by the suspects. The series of events was one of the first examples of the FBI’s new cybersecurity strategy in action. The goal of the effort, which officials revealed this month, is simple: impose harsher consequences on America’s digital adversaries by working more closely with intelligence agencies and data-rich private companies. For the FBI, that could mean trying to put a suspect in handcuffs, burning their identity through an indictment or opting to provide targeting […]
The post FBI hopes a more aggressive cyber strategy will disrupt foreign hackers appeared first on CyberScoop.
Continue reading FBI hopes a more aggressive cyber strategy will disrupt foreign hackers