Security News

A Chinese businessman has been accused by the US government of trying to steal silicon secrets from General Electric. The duo planned to use the stolen trade secrets to set up a competitor in China, it's claimed.

The Feds are warning that cybercriminals are bypassing multi-factor authentication and successfully attacking cloud services at various U.S. organizations. "These types of attacks frequently occurred when victim organizations' employees worked remotely and used a mixture of corporate laptops and personal devices to access their respective cloud services," the alert outlined.

The White House has released cybersecurity guidance for securing the Maritime Transportation System, which operates along 25,000 miles of coastal and inland waterways in the United States. The document points out that the MTS encompasses "361 ports, 124 shipyards, more than 3,500 maritime facilities, 20,000 bridges, 50,000 Federal aids to navigation, and 95,000 miles of shoreline that interconnect with critical highways, railways, airports and pipelines." In addition, there are more than 20 Federal government organizations that currently have a role in maritime security of all stripes, ranging from vessel and personnel safety to transportation standards and logistics.

The U.S. government has identified Russia as the "Likely" culprit behind the widespread SolarWinds cyberattack that has so far affected multiple federal agencies and private-sector companies. Cyberespionage is cited as the motivation behind the attack, which the feds characterized as ongoing.

Ransomware is not the only problem, though - CISA and the FBI said that trojan malwares, distributed denial-of-service attacks, phishing and credential theft, account hacking, network compromises and more have all been on the rise since the beginning of the school year. "Whether as collateral for ransomware attacks or to sell on the dark web, cyber-actors may seek to exploit the data-rich environment of student information in schools and education technology services," according to the joint advisory [PDF], issued Thursday.

The feds have seized its largest stash ever of Bitcoin, originating from the notorious Silk Road underground marketplace. In 2014, the FBI auctioned off 30,000 Bitcoins that the government seized in the initial takedown, which were housed in wallet files stored on Silk Road servers.

Two senior eBay executives who have refused to join their colleagues and plead guilty to charges of cyberstalking have been hit with a string of fresh charges. James Baugh, 45, was eBay senior director of safety and security, and David Harville, 48, was its director of global resiliency when they were arrested back in June, along with four other eBay employees accused of stalking and intimidating a married couple who published a newsletter for the ecommerce industry that was critical of eBay.

UPDATE. Two more hospitals were hit with ransomware attacks this week as a growing number of criminals target healthcare facilities during the COVID-19 pandemic. The troubling trend prompted federal law enforcement and health officials, on Wednesday, to sound the alarm and issue a dire warning of more attacks to come.

The North Korean advanced persistent threat group known as Kimsuky is actively attacking commercial-sector businesses, often by posing as South Korean reporters, according to an alert from the U.S. Cybersecurity and Infrastructure Security Agency. Kimsuky has been operating as a cyberespionage group since 2012 under the auspices of the regime in Pyongyang.

Federal officials claim that Iranian threat actors are behind two separate email campaigns that assailed Democratic voters this week with threats to "Vote for Trump or else." The campaigns claimed to be from violent extremist group Proud Boys. Two specific email campaigns - one on Tuesday Oct. 20 and one on Wednesday, Oct. 21 - threatened Democratic voters in Alaska, Arizona and Florida that attackers accessed "All of your information." They warned that there would be dire repercussions if voters didn't cast their ballot for President Trump in the upcoming election, according to a Wednesday Proofpoint report.