Security News
U.S. authorities are still working to unravel the full scope of the likely Russian hack that gave the "Sophisticated" actor behind the breach complete access to files and email from at least nine government agencies and about 100 private companies, the top White House cybersecurity official said Wednesday. Anne Neuberger, the newly appointed deputy national security adviser for cyber and emerging technology, also warned that the danger has not passed because the hackers breached networks of technology companies whose products could be used to launch additional intrusions.
The U.S. Department of Justice has charged three North Koreans for stealing $1.3 billion in money and cryptocurrency in attacks on banks, the entertainment industry, cryptocurrency companies, and more. The defendants are state-sponsored North Korean hackers and members of Reconnaissance General Bureau units, a North Korean military intelligence agency that has engaged in criminal hacking operations.
Kia Motors USA is experiencing a nationwide outage affecting IT servers, self-payment phone services, dealer platforms, and phone support. The outage started Saturday when the Kia Owners Portal went offline and began displaying an error message stating that Kia was "Experiencing an IT service outage that has impacted some internal networks."
The US Cyber Command has released a series of ten Valentine’s Day “Cryptography Challenge Puzzles.” Slashdot thread. Reddit thread. (And here’s the archived link, in case Cyber Command takes the...
Senators are now demanding more information about the attacker's infiltration of the US court system, which has already been forced to make changes in how documents are filed as a result of the attack. "Highly sensitive documents should be stored in a secure paper filing system or a secure standalone computer system that is not connected to any network, particularly the internet. The AO will provide courts with model language for a standing or general order as well as advice and guidance on how to establish and securely maintain a standalone computer system if a court chooses that option."
The Internal Revenue Service has warned US tax professionals of identity thieves actively targeting them in a series of phishing attacks attempting to steal Electronic Filing Identification Numbers. Scammers started this ongoing phishing campaign right before the US tax season with the end goal of stealing both client data and tax preparers' identities.
Google has revealed earlier this week that Gmail users from the United States are the most popular target for email-based phishing and malware attacks. After inspecting phishing and malware campaigns blocked by Gmail within five months, Google found that 42% of all targets were from the US, with the next two most targeted users being from the UK and Japan.
Election systems in the U.S. are vulnerable to cyber intrusions similar to the one that hit federal agencies and numerous businesses last year and remain a potential target for foreign hacking, according to a report released Wednesday. The report by the Center for Internet Security, a nonprofit that partners with the federal government on election security initiatives, focuses on how hardware and software components can provide potential entryways for hackers.
President Joe Biden's administration has asked a US federal court to pause proceedings aimed at banning TikTok to allow for a fresh review of the national security threat from the popular Chinese-owned video app. The Trump administration move to ban downloads of TikTok and its presence on online networks had been stalled amid legal challenges.
Image: USCG. The U.S. Coast Guard has ordered MTSA-regulated facilities and vessels using SolarWinds software for critical functions to report security breaches in case of suspicions of being affected by the SolarWinds supply-chain attack. "Reporting malicious cyber activity enhances maritime domain awareness and allows us all to be better postured to prevent and respond to cyber incidents that could disrupt commerce or jeopardize national security."