Security News
Russia has taken the unusual step of posting a proposal for a new information security collaboration with the United States of America, including a no-hack pact applied to electoral affairs. The document, titled "Statement by President of Russia Vladimir Putin on a comprehensive program of measures for restoring the Russia - US cooperation in the filed [sic] of international information security", opens by saying "One of today's major strategic challenges is the risk of a large-scale confrontation in the digital field" before adding: "A special responsibility for its prevention lies on the key players in the field of ensuring international information security."
A Maryland man was sentenced to 12 months and one day in prison for hacking into and damaging the computers of his former employer. Employed at the company's Washington office, Stafford provided IT technical support to the organization's Washington, McLean, Virginia, and Baltimore offices.
The New York Times wrote about a still-unreleased report from Chckpoint and the Miaan Group: The reports, which were reviewed by The New York Times in advance of their release, say that the...
As ransomware attacks against critical infrastructure continue to spike in recent months, cybersecurity researchers have uncovered a new entrant that has been actively trying to conduct multistage attacks on large corporate networks of medical labs, banks, manufacturers, and software developers in Russia. The ransomware gang, codenamed "OldGremlin" and believed to be a Russian-speaking threat actor, has been linked to a series of campaigns at least since March, including a successful attack against a clinical diagnostics laboratory that occurred last month on August 11.
German authorities probing a cyber attack on a hospital's IT system that led to a fatal delay in treatment for a critically ill woman believe the software used can be traced back to Russian hackers. In an update to lawmakers published on Tuesday, prosecutors wrote that hackers used malware known as "Doppelpaymer" to disable computers at Duesseldorf University Hospital on September 10, aiming to encrypt data and then demand payment to unlock it again.
The phones in trees seem to serve as master devices that dispatch routes to multiple nearby drivers in on the plot, according to drivers who have observed the process. They believe an unidentified person or entity is acting as an intermediary between Amazon and the drivers and charging drivers to secure more routes, which is against Amazon's policies.
The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors. According to the U.S. Treasury and the Federal Bureau of Investigation, the sanctions target Rana Intelligence Computing Company, which the agencies said operated as a front for the threat group APT39, Iranian cyber espionage hacking collective active since 2014 known for its attacks on companies in the U.S. and the Middle East with an aim to pilfer personal information and advance Iran's national security objectives.
As you can probably tell from the name, it involves Windows - everyone else talks about logging in, but on Windows you've always very definitely logged on - and it is an authentication bypass, because it lets you get away with using a zero-length password. On a Windows network, the secret component is the domain password of the computer you're connecting from.
APT41 is known for nation-state-backed cyber-espionage activity as well as financial cybercrime. "Their activity traces back to 2012, when individual members of APT41 conducted primarily financially motivated operations focused on the video-game industry, before expanding into traditional espionage, most likely directed by the state. APT41's ability to successfully blend their criminal and espionage operations is remarkable."
Two people have been arrested in Malaysia as part of America's crackdown on the Chinese government's hackers. The two men, both Malaysian nationals, are not accused of breaking into computer networks.