SolarWinds Threat Actors Behind New Email Attack Campaign

The threat actors behind last year’s SolarWinds supply chain attack have launched a new email attack campaign aimed at organizations around the world. This attack wave attracted the attention of the Microsoft Threat Intelligence Center (MSTIC) on … Continue reading SolarWinds Threat Actors Behind New Email Attack Campaign

Google stops pushing scam ads on Americans searching for how to vote

No US entity charges citizens for registering to vote, but plenty of Google ads were happy to do so – and to grab your PII in the process. Continue reading Google stops pushing scam ads on Americans searching for how to vote

Can’t hack? You can buy the tools on the dark web instead

You don’t have to be a hacker to hack. Much like legitimate businesses must pay for the various inputs that make up their offerings, cybercriminals rely on products and services — some legitimate and some purchased on the dark web — to conduct their operations. A report published Friday by Deloitte, titled “Black Market Ecosystem: Estimating the Cost of ‘Pwnership,’” paints a picture of an underground economy of tools for cybercriminals and assesses how actors in this space adapt and innovate much like legitimate businesses would invest in their own services. “The underground economy is a diverse but interrelated ecosystem where nearly all criminal enterprises incorporate a mixed assortment of tools and services,” the report says. “This same concept is reflected in legitimate markets where businesses and economies focus their effort on the production of a limited scope of products or services to achieve productive efficiencies, increase quality, and reduce […]

The post Can’t hack? You can buy the tools on the dark web instead appeared first on CyberScoop.

Continue reading Can’t hack? You can buy the tools on the dark web instead

Why Eugene Kaspersky keeps talking about ‘Project Sauron’

Kaspersky Lab founder and CEO Eugene Kaspersky says he’s figured out why the U.S. government hates his company. According to Kaspersky, his company’s research into a sophisticated, international cyber espionage operation that targeted government entities in Russia, Iran and Rwanda represents why the Russian anti-virus maker has become a bogeyman for the U.S. government. This reasoning came during public comments Kaspersky made Tuesday during a small event in London. His comments are the most detailed effort among Kaspersky’s multiple attempts to defend his company from allegations the Moscow-based company acts as an intelligence collection tool for Russian spies. Kaspersky talked about his company’s discovery of U.S. intelligence related hacking operations, including those of the NSA-linked “Equation Group” and CIA-linked “Lamberts,” being the reason for the recent firestorm. He specifically emphasized the unveiling of one particular campaign — known as ProjectSauron or Strider — as a driving factor while also implying U.S. involvement with […]

The post Why Eugene Kaspersky keeps talking about ‘Project Sauron’ appeared first on Cyberscoop.

Continue reading Why Eugene Kaspersky keeps talking about ‘Project Sauron’

DHS cyber incubator graduates malware ‘playback’ tech

A software package that records and “replays” the operation of malware is the latest technology to graduate from a Department of Homeland Security cybersecurity incubator. The technology, REnigma, allows network defenders to quickly see exactly how an attack unfolded and work out how best to recover, DHS official Nadia Carlsten told CyberScoop. “It’s all about getting the analysts the facts as fast as possible — and as accurately as possible,” she said. The software was developed at the John Hopkins University Applied Physics Laboratory and will be licensed to Deterministic Security LLC — a startup founded by the two scientists who wrote it. The Oregon-based company becomes the 15th successful graduate from the DHS Transition To Practice (TTP) incubator, said Carlsten, the program’s manager. “The developers wanted to take their technology into the marketplace themselves,” she said. Run in the Cyber Security Division of DHS’s Science and Technology Directorate, TTP selects candidate technologies from federal laboratories […]

The post DHS cyber incubator graduates malware ‘playback’ tech appeared first on Cyberscoop.

Continue reading DHS cyber incubator graduates malware ‘playback’ tech

Malware sniffer is latest cyber technology to get DHS push toward marketplace

A new form of malware detection software that analyzes computer code to predict malicious behavior — but without actually running it — has been exclusively licensed to a Virginia startup from the Oak Ridge National Laboratory under a Department of Homeland Security program that helps get federally developed technology to the marketplace. Hyperion, as the software is called, was one of the first technologies selected for DHS’s Transition to Practice, or TTP, program — back in 2012 when it was launched. It was licensed to Manassas, Virginia-based Lenvio this month after the company was spun off from R&K Cyber last year. Hyperion had previously been non-exclusively licensed to R&K. “Obtaining an exclusive technology license … helps us secure a more competitive position to commercialize Hyperion as we grow our company,” said B.K. Gogia, Lenvio’s chief executive officer, in a statement. Conventional malware consists of a file that a user is tricked into downloading and running on their […]

The post Malware sniffer is latest cyber technology to get DHS push toward marketplace appeared first on Cyberscoop.

Continue reading Malware sniffer is latest cyber technology to get DHS push toward marketplace