Agencies warn about Russian government hackers going after unpatched vulnerabilities

The SVR is conducting its targeting both specifically and broadly, the U.S. and U.K. cyber agencies said.

The post Agencies warn about Russian government hackers going after unpatched vulnerabilities appeared first on CyberScoop.

Continue reading Agencies warn about Russian government hackers going after unpatched vulnerabilities

U.K. election admin agency breach exposed personal information of tens of millions voters

The voter registries were accessed over a period of more than a year, the agency said.

The post U.K. election admin agency breach exposed personal information of tens of millions voters appeared first on CyberScoop.

Continue reading U.K. election admin agency breach exposed personal information of tens of millions voters

FBI, CISA, Cyber Command take aim at cyber-espionage by Iran’s MuddyWater group

U.S. and U.K. government agencies called out Iranian government-affiliated hackers Thursday, accusing them of being behind cyber-espionage targeting the defense, local government, oil and natural gas and telecommunications sectors across the globe. The joint alert points a finger at MuddyWater, which the U.S. government for the first time last month attributed directly to Tehran. In the latest warning, the government agencies said that they have observed MuddyWater on the move in Africa, Asia, Europe and North America since 2018. “MuddyWater actors are positioned both to provide stolen data and accesses to the Iranian government and to share these with other malicious cyber actors,” reads the alert. The bulletin is the joint work of the the FBI, Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the U.S. Cyber Command Cyber National Mission Force and the U.K.’s National Cyber Security Centre. MuddyWater has a long history of allegedly spying on primarily […]

The post FBI, CISA, Cyber Command take aim at cyber-espionage by Iran’s MuddyWater group appeared first on CyberScoop.

Continue reading FBI, CISA, Cyber Command take aim at cyber-espionage by Iran’s MuddyWater group

U.K’s National Cyber Security Centre Releases Its Annual Report – An Analysis

U.K’s National Cyber Security Centre has just released its 2021 annual report which includes some pretty interesting findings from what appears to be a pretty modern and relevant fraud report infrastructure in the U.K where users can report cyber fraud… Continue reading U.K’s National Cyber Security Centre Releases Its Annual Report – An Analysis

Ransomware fueled record year for UK cyber response

The U.K. National Cyber Security Centre fought a record number of digital intrusions in the past year, the agency reported, driven by a surge in ransomware and hackers targeting the health care sector during the COVID-19 pandemic. Over a 12-month period ending in September, the agency responded to 777 incidents, a more than 7% increase, the center said in its Nov. 17 annual report. Ransomware kept the center busy, with officials handling the same number of incidents in the first four months of 2021 that it did in all of 2020, itself triple the number of incidents in 2019. That made ransomware the “most significant cyber threat facing the U.K. this year,” the report states. Still, businesses aren’t taking it seriously enough, National Cyber Security Centre CEO Lindy Cameron wrote. “In my view it is now the most immediate cyber security threat to U.K. businesses and one that I think […]

The post Ransomware fueled record year for UK cyber response appeared first on CyberScoop.

Continue reading Ransomware fueled record year for UK cyber response

US, UK accuse Russian military hackers of battering-ram password attacks against hundreds of targets

For two years, Russian military hackers have been bombarding hundreds of targets worldwide with passwords to gain access to their networks, making use of a popular open-source tool for managing application workloads, U.S. and U.K. agencies warned in an advisory Thursday. The Russian agency deploys a Kubernetes cluster — a set of worker machines — to conduct their brute force “password spray” attacks that guess commonly-used passwords to get into target networks, according to the advisory from the National Security Agency, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the FBI and the U.K.’s National Cyber Security Centre. It’s the alleged handiwork of Russia’s General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center, military unit 26165. The hackers, often described as Fancy Bear or APT28, have beeen blamed for a number of high profile intrustions, most prominently for interference in the 2016 U.S. presidential election. The […]

The post US, UK accuse Russian military hackers of battering-ram password attacks against hundreds of targets appeared first on CyberScoop.

Continue reading US, UK accuse Russian military hackers of battering-ram password attacks against hundreds of targets

UK bill proposes stiff fines for companies that violate Huawei ban

The U.K. government is proposing big penalties for companies that fail to comply with telecommunications security requirements aimed at keeping technology from Huawei out of the country’s new high-speed networks. Legislation proposed Tuesday by Prime Minister Boris Johnson’s government would levy fines of as much as 100,000 pounds ($134,000) per day if companies don’t meet deadlines for new security requirements. The bill essentially would codify a decision by Johnson this summer to ban Huawei from the U.K.’s 5G and fiber optics networks because of security concerns. The U.S. had pressured Britain to block Huawei over its alleged ties to the Chinese state. The Trump administration has continued to expand restrictions on the company as the U.S. and China continue to battle over trade rules, internet policy and other tech issues. Huawei has denied it spies on customers at the behest of the Chinese government. The legislation clarifies what is expected […]

The post UK bill proposes stiff fines for companies that violate Huawei ban appeared first on CyberScoop.

Continue reading UK bill proposes stiff fines for companies that violate Huawei ban

After hackers nearly stole $1M from soccer team, UK agency warns of sporting sector’s vulnerabilities

As one of the most popular soccer leagues on the planet, the English Premier League rakes in billions of dollars every year, in part by attracting star players through a cutthroat transfer market. The multimillion-dollar negotiations can make or break a season. Suffice to say that sending more than a $1 million to a fake team for a player they don’t have would be a setback. That’s nearly what happened to one of the league’s teams, though, after scammers hacked into the email account of the club’s managing director, according to a report released Thursday by the U.K.’s National Cyber Security Centre. The only thing that stopped the money transfer from going through was a fraud marker on the crooks’ bank account. Government officials did not specify which team was targeted. It is one of a handful of security incidents in a report that U.K. cybersecurity experts are using to highlight how various […]

The post After hackers nearly stole $1M from soccer team, UK agency warns of sporting sector’s vulnerabilities appeared first on CyberScoop.

Continue reading After hackers nearly stole $1M from soccer team, UK agency warns of sporting sector’s vulnerabilities

U.S., U.K. authorities warn of state-linked and criminal hacking exploiting coronavirus pandemic

American and British cybersecurity authorities on Wednesday issued a fresh warning that “a growing number of cyber criminals and other malicious groups” are exploiting the coronavirus pandemic, adding to a chorus of public and private-sector advisories intended to blunt COVID-19-related hacking. Criminals have been scanning for vulnerabilities in remote access software as people around the world stay home, while state-linked hackers, known as Advanced Persistent Threats (APTs), are impersonating trusted organizations to further their cyber-operations, U.S. and U.K. officials said. “Both APT groups and cybercriminals are likely to continue to exploit the COVID-19 pandemic over the coming weeks and months,” says the advisory from the U.S. Department of Homeland Security’s cybersecurity division and the U.K.’s National Cyber Security Centre (NCSC). Overall levels of cybercrime haven’t increased, the agencies said, but the use of COVID-19-related hacking lures has grown. The NCSC pointed to a text-message-based phishing scam purporting to offer Britons financial relief […]

The post U.S., U.K. authorities warn of state-linked and criminal hacking exploiting coronavirus pandemic appeared first on CyberScoop.

Continue reading U.S., U.K. authorities warn of state-linked and criminal hacking exploiting coronavirus pandemic

UK won’t ban Huawei in British 5G technology, defying U.S. warnings

U.K. officials won’t prohibit Chinese telecommunication giant Huawei from providing equipment when the country constructs its 5G wireless network, a decision that comes after the Trump administration spent more than a year urging Britain to ban the company  over security concerns. The U.K.’s National Cyber Security Centre said Tuesday it will keep Huawei away from providing “sensitive functions” to “core” areas of the network. The government also will prevent organizations that oversee equipment networks from purchasing more than 35% of their networking infrastructure from a “high risk vendor” like Huawei, a move that the National Cyber Security Centre that will prevent Britain’s new, high-speed internet from becoming “nationally dependent” on technology that could be problematic. Allowing Huawei into Britain’s upcoming internet infrastructure with stipulations effectively is a compromise between the Chinese company and Western intelligence agencies that have warned Huawei beholden to China’s government, and thus presents a national security […]

The post UK won’t ban Huawei in British 5G technology, defying U.S. warnings appeared first on CyberScoop.

Continue reading UK won’t ban Huawei in British 5G technology, defying U.S. warnings