Tag Archives: cyber warfare

SEC gang shot-caller faces questions from Congress after data breach

Source: US News & World Report

“The chairman of the Securities and Exchange Commission is likely to face an especially tough hearing in front of Congress on Tuesday, after the agency acknowledged that it also was a victim to a hack. News about the breach of an SEC network that delivers company news and data to investors follows the disclosure of the massive data breach from credit company Equifax that allowed hackers to access or steal the personal information of 143 million Americans. Jay Clayton, who has been at the head of the SEC since May, is not likely to face calls for his removal since the breach happened a year ago, before he was sworn in. But he may be questioned about whether the SEC — the federal government’s main arm for enforcing rules and regulations on Wall Street — is up to the task of keeping data secure.” (09/26/17)


Feds recruit 21 states to help keep up “Russian election meddling” scare

Source: CBS News

“The federal government on Friday told election officials in 21 states that hackers targeted their systems last year, although in most cases the systems were not breached. The government told The Associated Press last year that more than 20 states were targeted by hackers believed to be Russian agents before the 2016 elections. But for many states, the calls Friday from the Department of Homeland Security were the first official confirmation of whether their states were on the list. … The government did not say who was behind the hacking attempts or provide details about what had been sought. But election officials in three states said Friday the attempts could be linked to Russia.” (09/22/17)


Hackers hid backdoor in CCleaner security app with two billion downloads — 2.3 million infected

Source: Forbes

“Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool. The tainted application allows for download of further malware, be it ransomware or keyloggers, with fears millions are affected. According to Avast’s own figures, 2.27 million ran the affected software, though the company said users should not panic. The affected app, CCleaner, is a maintenance and file clean-up software run by a subsidiary of anti-virus giant Avast.” (09/18/17)


Startup that sells zero-days to governments is offering $1 million for Tor hacks

Source: Motherboard

“A notorious startup is offering up to $1 million in rewards to security researchers who can find bugs and develop techniques to exploit the anonymous web surfing tool the Tor Browser. On Wednesday, Zerodium, a US-based company that buys exploits from researchers and sells them exclusively to government customers, announced the new bounty.” [editor’s note: This firm has openly declared war on humanity in service to various regimes. A crowd-funded counter-bounty on its directors’ heads seems appropriate – TLK] (09/13/17)


Equifax hit with multibillion dollar class action lawsuit after massive hack

Source: International Business Times

“Less than 24 hours after Equifax confirmed that it was affected by a massive data breach that saw hackers steal social security numbers and other personal information of nearly 143 million people, the firm now faces a multibillion dollar class action lawsuit. Two victims in Oregon, affected by the breach — Mary McHill from Portland, and Brook Reinhard from Eugene — have filed a national class action lawsuit. ‘Plaintiffs file this complaint as a national class action on behalf of over 140 million consumers across the country harmed by Equifax’s failure to adequately protect their credit and personal information,’ the complaint reads, Cyberscoop reported.” (09/09/17)


“Ourmine” group uses DNS cache poisoning to pretend it hacked WikiLeaks

Source: Gizmodo

“If you tried visiting WikiLeaks late Wednesday evening, you might’ve gotten the impression that the website was hacked. For now at least, that doesn’t appear to be the case. For some users, wikileaks.org appeared to be defaced. The phrase ‘OURMINE’ was just suddenly there, splashed across a blackground in red and white letters. Above it read, ‘Hacked by OurMine,’ while below the self-described hackers left a message mocking both Julian Assange and Anonymous. But it doesn’t appear that WikiLeaks itself was actually hacked at all — neither the website nor Assange’s servers containing an endless trove of classified US government documents seem to be compromised. … The illusion was accomplished through what’s called DNS hijacking, an attack on the domain name server used to translates a user friendly URL like ‘wikileaks.org‘ into its corresponding IP address.” (08/31/17)


711 million email accounts susceptible to new spambot

The Verge

Source: The Verge

“A new spambot called Onliner has been discovered which can bypass spam filters and target 711 million email addresses, as noted by ZDNet. Onliner is used to send the banking malware Ursnif to vulnerable Windows computers. The trojan then steals passwords, credit card details, and other personal information by tricking a user into open[ing] an attachment on the email which causes the malware to download, infecting the computer. The emails can been seen disguised as invoices from government bodies, hotel reservation details, and DHL notifications.” (08/31/17)


Google removes 300 apps used to launch DDoS attacks From Play Store

Source: Gizmodo

“Google has removed roughly 300 apps from its Play Store after security researchers from several internet infrastructure companies discovered that the seemingly harmless apps — offering video players and ringtones, among other features — were secretly hijacking Android devices to provide traffic for large-scale distributed denial of service (DDoS) attacks. The botnet, nicknamed WireX, caught the attention of security researchers at the content delivery network Akamai when it was used to attack one of its clients earlier this month. Akamai’s client, a multinational hospitality company, was hit with traffic from hundreds of thousands of IP addresses.” (08/28/17)


Cyberwar on Iran won’t work. Here’s why.

Source: Cato Institute
by John Glaser

“The Trump administration has limited options on its Iran policy outside of the JCPOA. Whether or not the president makes good on his threats to effectively abrogate the deal, one thing is for sure: a renewed covert cyber war is unlikely to produce any benefits worth the trouble.” (08/21/17)


Trump lifts Cyber Command status

Source: New York Daily News

“President Donald Trump said on Friday he was elevating the status of the Pentagon’s U.S. Cyber Command to help spur development of cyber weapons to deter attacks and punish intruders. In a statement, Trump said the unit would be ranked at the level of Unified Combatant Command focused on cyberspace operations. … Cyber Command had been subordinate to the U.S. Strategic Command, which is also responsible for military space operations, nuclear weapons and missile defense. Once elevated, Cyber Command would have the same status as U.S. Strategic Command and eight other unified commands that control U.s. military forces and are composed of personnel from multiple branches of the armed services. … Trump also said the defense secretary was also considering separating the U.S. Cyber Command from the National Security Agency (NSA).” [editor’s note: Not sure of the full implications yet, but I’m betting they’re not good – TLK] (08/18/17)