U.S.

now browsing by tag

 
 

NSA #hacking #code lifted from a #personal #computer in #U.S

Source: National Cyber Security – Produced By Gregory Evans

NSA #hacking #code lifted from a #personal #computer in #U.S

Moscow-based multinational cybersecurity firm Kaspersky Lab on October 25 said that it obtained suspected National Security Agency (NSA) hacking code from a personal computer in the U.S. During the review of file’s contents, a Kaspersky analyst discovered it contained the source code for a hacking tool later attributed to what it calls the Equation Group.

Kaspersky said it assumed the 2014 source code episode was connected to the NSA’s loss of files. The antivirus software-maker spokeswoman Sarah Kitsos was quoted saying as “we deleted the archive because we don’t need the source code to improve our protection technologies and because of concerns regarding the handling of classified materials”.

Another spokeswoman Yuliya Shlychkova told Reuters that removals of such uninfected material happen “extremely rarely.”

Meanwhile, Democratic Senator Jeanne Shaheen sent a letter to the Department of Homeland Security (DHS) acting Secretary Elaine Duke and Director of National Intelligence Dan Coats, urging the U.S. government to declassify information about Kaspersky products.

In October this year, the U.S. NSA contractor came under scanner, whose personal computer was equipped with Kaspersky anti-virus software and confidential details were shared with the Russian company. The unidentified NSA contractor had reportedly downloaded a cache of classified information from his workplace, even though he was aware of the consequences that moving such a classified and confidential data without approval is not only against NSA policy, but it also falls under criminal offence.

Kaspersky Lab repeatedly denied that it has any unethical ties to any government and said it would not help a government with cyber espionage or offensive cyber efforts. It also highlighted that more than 85% of its revenue comes from outside Russia. It maintains that it has no connection with Russian intelligence but it is registered with the Federal Security Service.

To restore people’s and government’s trust again, Kaspersky on October 23 allowed to have his company’s source code audited independently by internationally recognized independent authorities in the first quarter of 2018. As part of comprehensive transparency initiative, the firm plans to open three transparency centers across the U.S., Europe and Asia by 2020.

According to Wall Street Journal, it was reported earlier this month that hackers working for the Russian government appeared to have targeted an NSA worker by using Kaspersky software to identify classified files in 2015.

The New York Times reported on October 10 that Israeli officials reported the operation to the United States after they hacked into Kaspersky’s network.

Following allegations Russian hackers interfered in 2016 U.S. elections, the DHS had banned the Kaspersky Lab software in September 2017, citing concerns the company may be linked to the Kremlin and Russian spy agencies.

The post NSA #hacking #code lifted from a #personal #computer in #U.S appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers #targeting #NATO and #U.S. military #cyber-experts

Source: National Cyber Security – Produced By Gregory Evans

Hackers #targeting #NATO and #U.S. military #cyber-experts

Hackers backed by the military intelligence agency of Russia are apparently targeting security researchers with their latest campaign, which uses a document advertising a cybersecurity conference in Washington D.C. as the lure.

Security researchers are being sent a document titled ‘Conference_on_Cyber_Conflict.doc’, containing information about the upcoming 2017 International Conference on Cyber Conflict U.S. (CyCon U.S.). While the conference is real, the document is not, reports ZD Net.

The real conference is being hosted by the US Army and NATO Cooperative Cyber Defence Centre of Excellence and will run from November 7 through 8 this year at the Ronald Reagan Building in Washington D.C. CyCon U.S. is a collaborative effort between the Army Cyber Institute at the United States Military Academy and the NATO Cooperative Cyber Defence Centre of Excellence.

APT28 or Fancy Bear linked to Russia
Over the weekend, security researchers at Cisco Talos revealed that an operation called Group 74, or APT28 aka Fancy Bear (that was also responsible for the DNC hack last year), has “weaponized” a real Word document titled “Conference_on_Cyber_Conflict.doc” with malware.

The hackers used a variant of a malware called Setuploader, commonly used in espionage. “This is clearly an attempt to exploit the credibility of Army Cyber Institute and NATO CCDCOE in order to target high-ranking officials and experts of cybersecurity,” said a CCDCOE spokesperson.

Setuploader has the ability to take screenshots, extract data, execute code and download additional fake files, and more, according to the researchers. This points to the hackers wanting to steal information with the goal of espionage. One thing is different about this particular document – It doesn’t contain an Office exploit or a zero-day.

Instead, it uses a malicious Visual Basic for Applications (VBA) macro, designed to run code within the selected application — in this case, Microsoft Word. This shows the extent that some groups will go to in extracting information from a particular group, in this case, cybersecurity experts.

The Sunday report comes just a few days after Proofpoint’s report had suggested APT28 was actively leveraging a security exploit that was patched by Adobe last week, in hopes of infecting as many targets in government departments and aerospace companies as it could before the breach was discovered.

 

The post Hackers #targeting #NATO and #U.S. military #cyber-experts appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers are #targeting schools, #U.S. Department of Education warns

Source: National Cyber Security – Produced By Gregory Evans

Hackers are #targeting schools, #U.S. Department of Education warns

When Superintendent Steve Bradshaw first received a threatening text message in mid-September, he didn’t know it was coming from a hacker trying to exploit his Montana school district.
But soon, students and other schools around Flathead County were receiving threatening messages, too. More than 30 schools in the district shutdown for three days.
“The messages weren’t pleasant messages,” Bradshaw said. “They were ‘splatter kids’ blood in the hallways,’ and things like that.”
The U.S. Department of Education is now warning teachers, parents, and K-12 education staff of a cyberthreat targeting school districts across the country.
So far, at least three states have been targeted by the extortion attempt from hackers asking schools to give them money or the group will release stolen private records, according to the department.

“In some cases, this has included threats of violence, shaming, or bullying the children unless payment is received,” the department wrote in an advisory this week.
Bradshaw, the superintendent of schools in Columbia Falls, Montana said a hacking group broke into multiple school servers and stole personal information on students and possibly staff. He said after the threatening messages came, hackers asked for ransom.
In a ransom note sent to a number of Columbia Falls school district members and released by the county’s sheriff’s department, the hacking group called the Dark Overlord threatened the district and demanded up to $150,000 in bitcoin to destroy the stolen private data.
The threatening letter talked about use of force, mentioned the name “Sandy Hook,” the elementary school in Connecticut where 20 small children and six adults were shot dead, and said victims would suffer financial and reputational damage.
Law enforcement said they did not believe the threats and determined the attackers were located outside of the U.S.
“We feel this is important to allow our community to understand that the threats were not real, and were simply a tactic used by the cyber extortionists to facilitate their demand for money,” the Flathead County Sheriff’s Office said in a Facebook post last month.
Bradshaw said the district is not paying the ransom, and he is still receiving threatening messages.

The same hackers also targeted the Johnson Community School District in Iowa earlier this month, and the district canceled all classes on October 3. According to local media reports, the hackers also sent threatening text messages to children and their parents.
The hacking group previously attempted to extort Netflix (NFLX, Tech30) after hacking its production studio, Larson Studios. The group released episodes of Orange is the New Black online last spring.
It’s unclear why the Dark Overlord began targeting schools but someone from the hacking group told the Daily Beast they are “escalating the intensity of our strategy in response to the FBI’s persistence in persuading clients away from us.”
The Department of Education says the hackers are probably targeting districts “with weak data security, or well-known vulnerabilities that enable the attackers to gain access to sensitive data.” It advises districts to conduct security audits and patch vulnerable systems, train staff on data security best practices, and review sensitive data to make sure no outside actors can access it.
According to Mary Kavaney, the chief operating officer of the Global Cyber Alliance, school environments often don’t have a lot of technology resources dedicated to security, but have some of the richest personal information on people, including social security numbers, birth dates, and, potentially, medical and financial information.
“If bad actors can access student [personal data], that information can be exploited for the purpose of fraud and committing crimes for years before it is detected,” Kavaney says. “It’s often only upon application for a job, or application for financial aid to attend college that students find out that their social security number has been used fraudulently — they may have poor credit due to false applications against their history, or worse, find that crime has been committed in their name.”
Bradshaw says the ordeal has been stressful and troubling. Because the district hasn’t paid the hackers, they’re still threatening to release the data online. But, he said, the response from law enforcement and the Flathead County community has been positive.
“We still got people in this country that believe in one another, and it’s been easier to get through than you would have thought,” Bradshaw said. “People care about people in this state.”

The post Hackers are #targeting schools, #U.S. Department of Education warns appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

China, U.S. Reaffirm Cybersecurity Consensus

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans China and the United States will continue to cooperate on cybersecurity issues as outlined in the 2015 consensus by the nations’ two presidents. Attorney General Jeff Sessions and Acting Secretary of Homeland Security Elaine Duke co-chaired the first U.S.-China Law Enforcement and Cybersecurity Dialogue (LECD) on […] View full post on AmIHackerProof.com | Can You Be Hacked?

Russian government hackers used antivirus software to steal U.S. cyber capabilities

Source: National Cyber Security – Produced By Gregory Evans

Russian government hackers lifted details of U.S. cyber capabilities from a National Security Agency employee who was running Russian antivirus software on his computer, according to several individuals familiar with the matter. The employee had taken classified material home to work on it on his computer, and his use of…

The post Russian government hackers used antivirus software to steal U.S. cyber capabilities appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Russian hacker wanted by U.S. tells court he worked for Putin’s party

Source: National Cyber Security – Produced By Gregory Evans

A Russian hacker arrested in Spain on a U.S. warrant said on Thursday he previously worked for President Vladimir Putin’s United Russia party and feared he would be tortured and killed if extradited, RIA news agency reported. Peter Levashov was arrested while on holiday in Barcelona in April. U.S. prosecutors…

The post Russian hacker wanted by U.S. tells court he worked for Putin’s party appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

U.S. asks China not to enforce cyber security law

Source: National Cyber Security – Produced By Gregory Evans

The United States has asked China not to implement its new cyber security law over concerns it could damage global trade in services, a U.S. document published by the World Trade Organization showed on Tuesday. China ushered in a tough new cyber security law in June, following years of fierce…

The post U.S. asks China not to enforce cyber security law appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

REMINDER: U.S. NUCLEAR SYSTEM RUNS ON EARLY COMPUTERS AND 8-INCH FLOPPY DISKS

Source: National Cyber Security – Produced By Gregory Evans

With concern over North Korea’s nuclear capabilities growing, President Donald Trump tweeted on Wednesday, “My first order as President was to renovate and modernize our nuclear arsenal. It is now far stronger and more powerful than ever before.” As Newsweek has reported, Trump’s first executive order was actually about Obamacare,…

The post REMINDER: U.S. NUCLEAR SYSTEM RUNS ON EARLY COMPUTERS AND 8-INCH FLOPPY DISKS appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

DATA BREACHES IN U.S. ALLEGEDLY INCREASING AT RECORD PACE

Source: National Cyber Security – Produced By Gregory Evans

There are some things in the world that seem to be on a perpetually-increasing track such as price of rent in big cities. Now, this list may include the number of data breaches in the U.S., according to a recent report. According to non-profit organization Identity Theft Resource Center (ITRC)…

The post DATA BREACHES IN U.S. ALLEGEDLY INCREASING AT RECORD PACE appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Two charged with running hacking service used in ‘major computer intrusions’ of U.S. businesses

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Source: National Cyber Security – Produced By Gregory Evans Two men from Latvia ran a malware service that has been in operation for more than a decade and used in major …

The post Two charged with running hacking service used in ‘major computer intrusions’ of U.S. businesses appeared first on Become007.com.

View full post on Become007.com