Sen. Ron Wyden, D-Ore., pressed new Director of National Intelligence John Ratcliffe to detail security measures taken to safeguard sensitive intelligence after an internal CIA report said “woefully lax security” at the Center for Cyber Intelligence led to the “largest data loss in CIA history” – the leak of hacking tools to WikiLeaks. Wyden had…
Researchers at Lucy Security recently discovered that a Russian hacker named m1x breached a Mexican government web portal and three days later once the government refused to pay a ransom, publicly-released some 14,000 Mexican taxpayer ID numbers. Colin Bastable, CEO of Lucy Security, said the researchers discovered the case on a hacking forum on the dark web…
The Gamaredon threat group has built a post-compromise tool arsenal that includes remote template injectors for Word and Excel documents as well as a unique Outlook mass-mailing macro, researchers recently discovered. The tools, previously undocumented, boast a VBA macro aimed at Outlook that sends spearphishing emails to a victim’s Microsoft address book contacts, according to…
After the Supreme Court last month temporarily stopped a D.C. Circuit Court of Appeal order for the Justice Department to hand over redacted Mueller grand jury information to House Democrats, the department is asking SCOTUS to overturn the lower court’s ruling. “In light of the national prominence of this grand-jury investigation, the separation-of-powers concerns raised…
The U.S. National Security Agency on Thursday issued an advisory alleging that hackers from Russia’s Main Intelligence Directorate (GRU) have been actively exploiting a remote code execution vulnerability in Exim Mail Transfer Agent (MTA) software, found in Unix-based systems. Researchers and analysts reacting to the agency’s warning say the announcement is an important reminder that…
Following a month of cyberattacks involving Iran and Israel, experts are reluctant to predict all-out digital warfare between the nation states, despite the obvious recent tit for tat that underscores age-old, religion-based tensions. The latest possible salvo came May 21, when approximately 1,000 corporate and manufacturing targets within Israel were afflicted with defacements and denial…
A suspected Chinese APT group used a newly discovered modular backdoor to infect at least one video game developer’s build orchestration server and at least one other company’s game servers, researchers have reported. Although these attacks appear to have taken place prior to March, such incidents are now more important than ever to detect and…
Attorney General William Barr slammed Apple for not helping the FBI cracking the encryption on iPhones belonging to a Saudi airman who waged an attack on the Pensacola Naval Station last year and was discovered to be connected to al Qaeda. “Apple has made a business and marketing decision to design its phones in a…
Air-gapped networks aren’t easily compromised, but they don’t offer perfectly air-tight security either. Leveraging insider threats, infecting flash drives and other removable media, and conducting side-channel attacks are all techniques malicious actors can employ to spread malware to isolated systems. Indeed, researchers at ESET are reporting the discovery of a new cyber espionage framework designed…
The Cybersecurity and Infrastructure Security Agency (CISA) and two other federal agencies issued malware analysis reports (MAR) for three North Korean-government operated APTs and trojans. The malware analyzed by CISA, the Department of Defense and the FBI are code-named Copperhedge, Taintedscribe and Pebbledash, all three of which are believed to be operated by the North…
