Government/Defense | SC Media


APT34 hacked back by Lab Dookhtegan


A hacking group going by the name Lab Dookhtegan has posted the tools used by the infamous Iranian APT34 cyberespionage group. APT34, also known as HelixKitten and OilRig has purportedly been behind many attacks, but this time was victimized when a data dump of tools was posted on a Telegram channel, reported Bleeping Computer. The…

Kaspersky Labs

European Commission: No evidence Kaspersky software is malicious


The European Commission yesterday acknowledged in a public document that it possesses no evidence to support the notion that software from Russia-based Kaspersky Lab software is malicious. The admission comes about 10 months after the European Parliament passed a resolution calling for the European Union to ban dangerous software, naming Kaspersky products as specific example.…

'Havex' malware strikes industrial sector via watering hole attacks

Second Triton/Trisis critical infrastructure attack spotted


A second attack against a critical infrastructure target has been launched using the Triton/Trisis custom attack framework. FireEye researchers were able to attribute a second attack to the Russian group it fingered as being behind the initial 2017 attack that hit a petrochemical plant in Saudi Arabia through its industrial control system. Although details such…

Microsoft researchers find NSA-style backdoor in Huawei laptops


The Microsoft Defender Advanced Threat Protection (ATP) service featured in Windows 10 version 1809 alerted researchers to an NSA-inspired backdoor vulnerability in Huawei laptops. The PCManager software included in some Huawei’s Matebook systems allows unprivileged users to create processes with superuser privileges, according to a March 25 Microsoft security post. Upon investigation, researchers found a…

Microsoft grabs APT35/Charming Kitten websites in court ordered take down


Working under a court order Microsoft seized control of 99 websites allegedly controlled by the Iranian hacker group APT 35. Charming Kitten has been associated with Iran. Microsoft obtained clearance to take action against APT35 (aka Phosphorus, Charming Kitten, Ajax Security Team) by the U.S. District Court for Washington, D.C. after the company took legal…

Former NSA Director: Public and private sectors must unite to prevail against advanced cyberattacks


At a public appearance this week in San Francisco, former NSA Director Mike Rogers called for the public and private sectors to form a united front against cybersecurity threats, noting that corporate and government cultures still “do not understand each other.” The former commander of the U.S. Cyber Command, Admiral Rogers is now an advisory…

Data breaches are becoming more common - and costly.

Dow Jones database holding 2.4 million records of politically exposed persons


A cybersecurity researcher found the Down Jones Watchlist residing in an open Elasticsearch database containing 2.4 million records of politicians, criminals and national and international sanction lists. Independent researcher Bob Diachenko reported on his Security Discovery blog that he came across the 4.4GB dataset on February 22. The files were not secured and could be…

DHS issues emergency directive to protect federal domains from DNS hijacking campaign


The Department of Homeland Security’s newly created Cybersecurity and Infrastructure Security Agency (CISA) issued its first-ever emergency directive on Tuesday, instructing federal government agencies to take preventative measures against an ongoing DNS hijacking campaign that has recently affected several executive branch domains. Cisco Systems’ Talos research unit first reported on the DNS infrastructure tampering in November…

Automatic license plate reader

Ransomware attacks take down Sammamish city hall and Salisbury PD


Two municipalities were hit with ransomware attacks that effectively shut down large portions of their computer networks, restricting access to many records. The affected entities are the City of Sammamish, Wash., and the Salisbury, Md. Police Department. Sammamish city officials deemed the attack, which hit on Jan. 23, severe enough to declare an emergency, which…

Huawei fires company exec arrested in Poland for spying


Chinese telecom manufacturer Huawei has fired a company executive who had been arrested in Poland on charges of spying for China. Weijing Wang, a Chinese citizen, was a director of sales for Huawei. The company said he was fired for bringing disrespect to Huawei, CNN reported. Poland’s counterintelligence agency arrested Wang along with a Polish…

Next post in Security News