Security News

A specialized CIA unit that developed hacking tools and cyber weapons didn't do enough to protect its own operations and wasn't prepared to respond when its secrets were exposed, according to an internal report prepared after the worst data loss in the intelligence agency's history. Sen. Ron Wyden, D-Ore., a senior member of the Senate Intelligence Committee, obtained the redacted report from the Justice Department after it was introduced as evidence in a court case this year involving stolen CIA hacking tools.

An overwhelming majority of organizations prioritize software quality over speed, yet still experience customer-impacting issues regularly, according to OverOps. The report, based on a survey of over 600 software development and delivery professionals, revealed that the current level of DevOps investment is not sufficient for ensuring software reliability.

IAR Systems, the future-proof supplier of software tools and services for embedded development, announces that its extensive product portfolio of embedded development tools is now extended with build tools supporting implementation in Linux-based frameworks for automated application build and test processes. This flexibility is now extended to the build environment as the well-known build tools in IAR Embedded Workbench now support Linux.

The Turla APT group has been spotted using an updated version of the ComRAT remote-access trojan to attack governmental targets. According to ESET researchers, ComRAT is one of Turla's oldest weapons, released in 2007 - but the firm found that Turla used an updated version in attacks against at least three targets earlier this year: Two Ministries of Foreign Affairs and a national parliament.

In December 2018, the Australian government passed the Telecommunications Access and Assistance Act, which allows the Australian government to compel cooperation and surveillance assistance from companies. Local use of the Wickr Pro/business platform increased by 200%. In Russia, in May 2019 when the sovereign internet law was signed, tightening Moscow's grip on internet communications, use of Wickr again increased by 200%. It seems likely from these figures that the primary motivation for adopting secure collaboration platforms is concern over government interference in privacy.

GhostDNS is used to compromise a wide range of routers to facilitate phishing - perhaps more accurately, pharming - for banking credentials. Malvertising allows the EK to directly attack the router from a computer that uses the router.

Swimlane, an industry leader in security orchestration, automation and response announced the launch of the Swimlane Analyst Hub as a way to aggregate its open-source and developer tools and content for security analysts. Swimlane's Deep Dive team will continue to enhance and add additional open-source tools on the Analyst Hub.

The U.S. Department of Homeland Security and Federal Bureau of Investigation have exposed what they say are hacking tools used by the North Korean-sponsored APT group Hidden Cobra. The tools included in the documentation allow Hidden Cobra to perform nefarious tasks such as remotely take over systems and steal information as well as install spyware on targeted systems to perform espionage activities.

The success of contact tracing apps will then depend on the overall active uptake by users, and whether the big data analysts have got their figures right. "Numerous vulnerabilities have been discovered like BlueFrag, which affected IOS and Android." He also warns, "Contact tracing apps need to be regularly tested for vulnerabilities and critical updates must be deployed immediately. These apps must also be prohibited from activating smart assistants. People must limit the location settings to run only when approved and when in use."

Cyber attackers are increasingly leveraging web shell malware to get persistent access to compromised networks, the US National Security Agency and the Australian Signals Directorate warn. Attackers usually manage to deploy web shells by exploiting web application vulnerabilities, weak server security configuration, or by uploading to otherwise compromised systems.