Collaborate Disseminate
The attack is targeting financial regulators and embassy staff– but probably isn’t the work of an APT. Continue reading Evil TeamViewer Attacks Under the Guise of the U.S. State Department
Prominent House members are again seeking to create a high-level position within the State Department dedicated to advancing U.S. cybersecurity interests worldwide. The Cyber Diplomacy Act would require the department to open an Office of International Cyberspace Policy, whose top official would report directly to the secretary of State or deputy secretary of State. The office’s primary goals would be to advocate democratic ideals for cyberspace and push back against Russian and Chinese effects to “extort more control and censorship over the internet,” say the bill’s sponsors, House Foreign Affairs Chairman Eliot Engel, D-N.Y., and Michael McCaul, R-Texas, the panel’s ranking member. The legislation closely resembles a bill passed by the House and approved by the Senate Foreign Relations Committee in 2018. That version only specified that the head of the new office should be designated an assistant secretary of State. It also called for the office to have a broader purview that included the “digital economy.” The proposals surfaced last Congress after then-Secretary […]
The post Congress again wants the State Department to pay more attention to the internet appeared first on CyberScoop.
Continue reading Congress again wants the State Department to pay more attention to the internet
Recruiting people to work in the federal government, especially in cybersecurity, has been a challenge for as long as the term “cybersecurity” has existed. It’s why the government created vehicles like the CyberCorps: Scholarship for Service. If you are a college student who would like to devote your skills to the government, the United States will cut you a check — probably in the five-figure range — to study up on whatever tech-based track you’d like. In return, you’re obligated to work for Uncle Sam for the length of the scholarship issued, up to four years. In an ideal setting, this arrangement seems fair. Yet, clearly, when it comes to the government, these are not ideal times. The government shutdown has exacerbated this already fraught issue, with essential cybersecurity personnel at agencies like the Department of Homeland Security and National Institute of Standards and Technology either legally unable to continue […]
The post Want to work in cybersecurity for the government? Curb your enthusiasm. appeared first on CyberScoop.
Continue reading Want to work in cybersecurity for the government? Curb your enthusiasm.
When U.S. officials return from international conferences this week they can be thankful for bolstered cybersecurity alliances with two Southeast Asian countries. The government has struck separate deals with Indonesia and Singapore to strengthen bilateral cooperation on fighting international cybercrime. Deputy Attorney General Rod Rosenstein and Indonesia’s police chief on Monday reached an agreement to increase U.S. training of Indonesian law enforcement officials to combat cyberattacks such as ransomware and to better use digital forensics, according to Straits Times newspaper. The State Department meanwhile signed a declaration of intent with Singapore’s Cybersecurity Agency to increase training and the sharing of technical information, ZDNet reported. Both Singapore and Indonesia are members of the Association of Southeast Asian Nations (ASEAN), an intergovernmental organization made up of members that increasingly have been targeted by hackers, researchers warned this year. Singapore in July said it had been victimized in its largest-ever cyberattack, in which suspected nation-state […]
The post U.S. cybercrime-fighters enter agreements with Indonesia, Singapore appeared first on Cyberscoop.
Continue reading U.S. cybercrime-fighters enter agreements with Indonesia, Singapore
A multifaceted framework for lessening aggression in global cyberspace was unveiled by the French government on Monday, drawing support from tech giants and digital rights groups. Announced on the 100-year anniversary of the end of World War I, The Paris Call for Trust and Security in Cyberspace condemns “malicious cyber activities in peacetime,” affirms the applicability of international law to nation-state behavior in cyberspace, and aims to keep private companies from hacking back. The document pledges to strengthen the ability of government and private-sector organizations to combat interference in electoral processes through malicious cyber activities. Like the U.S. 2016 presidential election, France’s 2017 presidential election was reportedly the target of Russian hack-and-leak operations. Previous cyber norms initiatives have been confined to governments or industry, but the Paris Call aims to be the first multi-stakeholder initiative backed by governments, industry, academia, and civil society, according to Klara Jordan, head of the Atlantic […]
The post U.S. tech giants back French call for global cooperation in cyberspace appeared first on Cyberscoop.
Continue reading U.S. tech giants back French call for global cooperation in cyberspace
Fresh off the release of its national cybersecurity strategy, the Trump administration gauged interest at the United Nations in restarting talks on global cybersecurity norms. The negotiations, which collapsed last year amid reported acrimony among the U.S., Russia and others, aim to set limits on government-backed hacking at a time when offensive operations are abundant. At a meeting Friday with representatives of more than 20 countries, Deputy Secretary of State John J. Sullivan raised the prospect of restarting the norms dialogue at the U.N. Group of Governmental Experts (GGE), according to a State Department statement. Sullivan told reporters the department hopes to reconvene the GGE “to define norms of behavior that states will abide by and, if they don’t, to impose consequences.” “[N]onbinding norms of responsible behavior during peacetime provides important guidance to states, and we’re looking to develop those,” Sullivan said, echoing language in the administration’s new cyber strategy. Furthermore, he […]
The post U.S. looks to restart talks on global cyber norms appeared first on Cyberscoop.
Continue reading U.S. looks to restart talks on global cyber norms
In the Application Security News, Hackers stole customer credit cards in Newegg data breach, John Hancock now requires monitoring bracelets to buy insurance, the man who broke Ticketmaster, new security settings available in iOS 12, State Department co… Continue reading Newegg, Ticketmaster, & iOS 12 – Application Security Weekly #33
The U.S. State Department said that some employees’ information might have been exposed in a recent security incident. In a notice shared by Politico, the State Department disclosed that “activity of concern” on an email system might … Continue reading State Department Says Some Employee Info Possibly Exposed in Security Incident
The US Department of State has confirmed that it has suffered a data breach which exposed the personally identifiable information of some employees.
Continue reading US Dept of State says attack on email system exposed employees’ personal data
A top State Department official says President Donald Trump’s new executive order to combat foreign election-meddling is an inter-agency check on the optics of the Helsinki Summit in July, where Trump questioned whether the Russian government interfered in the 2016 U.S. election. “The president can always decide ‘no,’” – meaning sanctions won’t be imposed — “but [the executive order] is designed to have these assessments come up from the bottom and be presented with the notion that there should in fact be a consequence to bad behavior,” Michele Markoff, the State Department’s deputy coordinator for cyber issues, said Wednesday at an Atlantic Council panel discussion in Washington, D.C. The executive order, signed by Trump Wednesday, allows for “automatic sanctions” to kick in when U.S. officials find evidence of foreign interference in the electoral process. That automaticity “was designed to counter the visuals of Helsinki,” Markoff said. “All policy is going […]
The post Trump’s executive order designed to ‘counter the visuals of Helsinki’ appeared first on Cyberscoop.
Continue reading Trump’s executive order designed to ‘counter the visuals of Helsinki’