now browsing by tag



Cisco Systems, Inc. (NASDAQ:CSCO) is trading lower today, after the company announced that a group of hackers have compromised more than 500,000 routers and other devices in several countries. Cisco suspects this was the work of the Russian government, and its ultimate plan was to launch a major cyber attack on Ukraine. Shares of CSCO have shed 0.8% on the news, last seen at $43.28, falling back below the 80-day moving average and pacing for their lowest close since April 13. This trendline, a previous level of support, was brought back into play by the stock’s post-earnings bear gap last Thursday.

Longer term, the networks specialist has been strong on the charts, up 36.4% over the last year. This technical success has earned the stock almost exclusively bullish attention from analysts, with 18 of the 20 in coverage saying to buy the shares. Also, the average one-year price target from this group is $49.74, which prices in upside of almost 15%.

Options traders across the International Securities Exchange (ISE), Chicago Board Options Exchange (CBOE), and NASDAQ OMX PHLX (PHLX) have been bullish, too. CSCO sports a 10-day call/put volume ratio of 3.07 across these exchanges, a number that ranks in the top quartile of its annual range. So not only has call buying tripled put buying, but such a preference for calls over puts is pretty rare.

It’s a similar setup in today’s trading, despite the pullback, with call volume tripling put volume, and the July 44 call coming in as the most popular. But considering Cisco has a Schaeffer’s Volatility Index (SVI) of 18%, which ranks in the low 12th annual percentile, even put buyers can at least rest assured they’re getting relatively low volatility premiums at the moment.


The post CISCO #STOCK #DIPS ON POSSIBLE #RUSSIAN #HACKING appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Russian #hackers could #instantly cut #off the #internet for #half a #million people

Russian hackers have infected more than half a million routers across 54 countries with sophisticated malware that contains a killswitch to instantly cut internet access to users, security researchers have revealed.

The VPNFilter malware also allows attackers to monitor the web activity of anyone using the routers, including the their passwords, potentially opening up the possibility of further hacks.

“Both the scale and capability of this operation are concerning,” William Largent, a researcher at the cybersecurity firm Talos, said in a blogpost describing the vulnerability.

“The destructive capability particularly concerns us. This shows that the actor is willing to burn users’ devices to cover up their tracks, going much further than simply removing traces of the malware.”

The malware has been attributed to a group of Russian hackers, who are variously known as Sofacy Group, Fancy Bear and Apt28. The group has been in operation since the mid-2000s and has previously been blamed for attacks ranging from the Ukrainian military to the 2017 French elections.

Security researchers tell The Independent that the discovery of the malware highlights a broader issue of how vulnerable internet-connected infrastructure is to cyber attacks.

“No longer can we afford to keep our critical infrastructure connected to, and therefore directly accessible to, the internet,” said Eric Trexler, vice president of global governments and critical infrastructure at cybersecurity firm Forcepoint.

“VPNFilter proves that time tested military techniques such as network segregation not only makes sense, but is required if we expect industrial services to remain resilient in the face of sophisticated and persistent attacks.”

Routers found to be vulnerable to the VPNFilter malware include Linksys, MikroTik, Netgear and TP-Link, all of which are often used in homes or small offices. The researchers say they have not yet completed their research but they are making it public now to draw attention to it.

“Defending against this threat is extremely difficult due to the nature of the affected devices,” Mr Largent said.

“The majority of them are connected directly to the internet, with no security devices or services between them and the potential attackers.”

The FBI responded to the revelations by granting court permission to seize a web domain believed to be in control of the Russian hackers.

“This operation is the first step in the disruption of a botnet that provides the Sofacy actors with an array of capabilities that could be used for a variety of malicious purposes, including intelligence gathering, theft of valuable information, destructive or disruptive attacks, and the misattribution of such activities,” Assistant Attorney General for National Security John Demers said in a statement on Wednesday.


FBI Special Agent Bob Johnson added: “Although there is still much to be learned about how this particular threat initially compromises infected routers and other devices, we encourage citizens and businesses to keep their network equipment updates and to change default passwords.

The post Russian #hackers could #instantly cut #off the #internet for #half a #million people appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Norway and #US #Busted #Hacking Russian #Networks to #Gain #Data on #Leadership

This is the first time Norwegian hacking efforts to obtain intelligence information on Russia have been documented. According to formerly classified documents, Norway and the US have been pooling their spying efforts since 2011.

Norwegian and US intelligence services have collaborated on hacking Russian networks in order to retrieve information on Russia’s political leadership and energy policy, as proceeds from the formerly classified documents by the National Security Agency (NSA) published by The Intercept.

Previously, only a small part of the three-page document was available, but now the document has been made available in its entirety.

It was in September 2011 that Norway’s Intelligence Service (NIS) first informed the NSA that they were running espionage programs in computer networks, whereupon an agreement on data-sharing was reached. The NSA would then expand and strengthen cooperation with Norway, focusing on targets in the Russian political leadership and Russia’s management of natural and energy resources.

An annual planning meeting between the NSA and the NIS was held on March 7, 2013. Some of the topics discussed were Norway’s access to data cables, data processing and external data storage, as well as obtaining information from commercial satellites.

Read More….


The post Norway and #US #Busted #Hacking Russian #Networks to #Gain #Data on #Leadership appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Russian group #hacked German #government’s secure #computer #networks

Source: National Cyber Security News

A Russian-backed hacker group known for many high-level cyber attacks was able to infiltrate the German government’s secure computer networks, the dpa news agency reported Wednesday.

Dpa cited unidentified security sources saying the group APT28 hacked into Germany’s foreign and defence ministries and managed to steal data.

The attack was noticed in December and may have lasted a year, dpa reported.

The Interior Ministry said in a statement that “within the federal administration the attack was isolated and brought under control.” The ministry said it was investigating.

A spokesman wouldn’t give further details, citing the ongoing analysis and security measures being taken.

“This case is being worked on with the highest priority and considerable resources,” the ministry statement said.

APT28, which has been linked to Russian military intelligence, has previously been identified as the likely source of an attack on the German Parliament in 2015, as well as on NATO and governments in eastern Europe.

Also known by other names including “Fancy Bear,” APT28 has also been blamed for hacks of the U.S. election campaign, anti-doping agencies and other targets.

Read More….


View full post on National Cyber Security Ventures

Prague #appeals court allows #Russian #hacker extradition to #US

Source: National Cyber Security – Produced By Gregory Evans

A Prague appeals court on Friday upheld a lower court ruling that a Russian man who faces charges of hacking computers at American companies can be extradited to the United States.

Czech authorities arrested Yevgeniy Nikulin in Prague in cooperation with the FBI in October last year. He is accused by U.S. prosecutors of penetrating computers at Silicon Valley firms including LinkedIn and Dropbox in 2012.

Moscow also wants him extradited on a separate charge of internet theft in 2009.

Prague’s Municipal Court ruled in May that both extradition requests meet the necessary legal conditions.

Nikulin appealed his extradition to both countries but later withdrew an appeal against his extradition to Russia.

Following the ruling by Prague’s High Court, it is now up to the justice minister to approve or dismiss the extradition. It is not clear when a decision can be expected.

Nikulin’s defense attorney said he was “surprised, astonished and disappointed.”

“I don’t share the legal opinion of the High Court and I will take the steps I can to reverse it,” Martin Sadilek said.

State Prosecutor Marcela Kratochvilova welcomed the ruling.

“There are no reasons to prevent extradition,” she said.

Nikulin denied he was a hacker and claimed he’s a car lover. He ran a popular Instagram account devoted to sports cars and socialized with the children of the Kremlin’s elite, including the daughter of Russian Defense Minister Sergei Shoigu.

Sadilek suggested again Friday that the case was politically motivated. He had previously said U.S. authorities appeared to be using Nikulin as a pawn in the investigation into alleged Russian hacking in the U.S. election.

Nikulin previously claimed he was twice approached by U.S. authorities while in detention, in the absence of his previous lawyer. He said they urged him to falsely testify that he cooperated in the hacking attack on the Democratic National Committee ordered by Russian authorities. He said U.S. authorities would, in exchange, give him money and a life in the United States, which he refused.

The U.S. has accused Russia of coordinating the theft and disclosure of emails from the Democratic National Committee and other institutions and individuals in the U.S. to influence the outcome of the 2016 presidential election. Russia has vigorously denied that.

There is no indication that Nikulin’s case is connected to the DNC hacking accusation.

Judge Karel Semik said Friday what what Nikulin is accused of is a normal criminal act and not a politically motivated criminal activity. Semik stressed it is not a task for the Czech court to decide whether he’s guilty but whether the extradition request meets all necessary legal conditions.

The hearing took place in the presence of heavily armed police officers. Nikulin was transported from a nearby prison to the court room via an underground tunnel.

Copyright 2017 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.


The post Prague #appeals court allows #Russian #hacker extradition to #US appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Fancy #Bear returns: #Russian #hackers target #US cyber conference with #booby-trapped file

Source: National Cyber Security – Produced By Gregory Evans

Fancy #Bear returns: #Russian #hackers target #US cyber conference with #booby-trapped file

In early October, the Russian hacking group, infamous for infiltrating the computer networks of the Democratic National Committee (DNC) last year, launched a new operation targeting potential attendees of an upcoming US cybersecurity conference, research suggests.

The Kremlin-linked unit, known as APT28 or Fancy Bear, weaponised a real Word document titled “Conference_on_Cyber_Conflict.doc” with a reconnaissance malware known as “Seduploader” to target delegates from Washington DC-based Cyber Conflict US, or CyCon.

The two-page file, lifted from the conference’s website, was created on 4 October and threat researchers from Cisco Talos, who first spotted the malware, said that attacks peaked three days later.

“Due to the nature of the document, we assume that the targeted people are linked or interested by the cybersecurity landscape,” three Talos experts wrote in a joint report (22 October).

High profile speakers billed to talk at CyCon, which is set to take place on 7-8 November, includes former US National Security Agency director Keith Alexander and current commanding general of the US Army’s Cyber Command, Paul Nakasone.

The Fancy Bear hackers, known to Talos as “Group 74”, has been linked to the Seduploader in the past and regularly uses real-world events as the launch pad for attacks.

Multiple cybersecurity analysts believe the hackers are associated with Russian intelligence.

“In this case, Group 74 did not use an exploit or any 0-day but simply used scripting language embedded within the Microsoft Office document,” Talos said.

Zero-day exploits are typically used in sophisticated attacks and exploit a gap in security previously unknown to anyone, including vendors and manufacturers.

“We could suggest that they did not want to utilise any exploits to ensure they remained viable for any other operations,” the team continued.

“Actors will often not use exploits due to the fact that researchers can find and eventually patch [fix] these which renders the actors’ weaponised platforms defunct.”

If the Fancy Bear cyberattack was successful, the team would attempt to siphon any secretive data from victims’ computers. In one of its most famous attacks, it exfiltrated tens of thousands of emails from the DNC network, which were later leaked online for the world to see.

A US military spokesperson told The Daily Beast that it was aware of the attempted hacks and had launched an investigation. “We will publish details as appropriate,” he added.

News of the Fancy Bear operation was published in the wake of a report from US-Cert, a division of homeland security, which said officials had observed attempted hacks on “government entities and organisations in the energy, nuclear, water, aviation, and critical manufacturing sectors”.

These were also linked, at least on first analysis, to Russian cyber-espionage operatives.

The post Fancy #Bear returns: #Russian #hackers target #US cyber conference with #booby-trapped file appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Russian government hackers used antivirus software to steal U.S. cyber capabilities

Source: National Cyber Security – Produced By Gregory Evans

Russian government hackers lifted details of U.S. cyber capabilities from a National Security Agency employee who was running Russian antivirus software on his computer, according to several individuals familiar with the matter. The employee had taken classified material home to work on it on his computer, and his use of…

The post Russian government hackers used antivirus software to steal U.S. cyber capabilities appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Russian hacker wanted by U.S. tells court he worked for Putin’s party

Source: National Cyber Security – Produced By Gregory Evans

A Russian hacker arrested in Spain on a U.S. warrant said on Thursday he previously worked for President Vladimir Putin’s United Russia party and feared he would be tortured and killed if extradited, RIA news agency reported. Peter Levashov was arrested while on holiday in Barcelona in April. U.S. prosecutors…

The post Russian hacker wanted by U.S. tells court he worked for Putin’s party appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Russian Hackers Tried to Access California Election System

Source: National Cyber Security – Produced By Gregory Evans

California Secretary of State Alex Padilla said he was informed “for the first time” by the DHS on Friday of last year’s attempt, in which Russian hackers “scanned” the website with the intent to “identify weaknesses in a computer or network – akin to a burglar looking for unlocked doors…

The post Russian Hackers Tried to Access California Election System appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Russian cyber hacker pleads guilty in identity theft case

Source: National Cyber Security – Produced By Gregory Evans

A Russian cybercriminal identified as a leader of a $50 million identity theft and credit card fraud ring has pleaded guilty in Atlanta to helping to steal millions of debit card numbers and swiftly loot accounts in cities around the world, federal authorities said. Roman Valeryevich Seleznev pleaded guilty Thursday…

The post Russian cyber hacker pleads guilty in identity theft case appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures