Security News

CISOs report to CEOs, CIOs, CTOs and more, and the skills needed depend on the nature of the business and who they report to. Reporting lines do not dictate power or the value of a role, but when most CISOs are still reporting to a technical leader - this limits the ability to be strategic and dilutes value.

A two-year campaign by state-sponsored Russian entities to siphon information from US defense contractors worked, it is claimed. CISA's announcement and an accompanying report [PDF] state that it, the FBI, and the NSA have all spotted "Regular targeting" of contractors that serve the US Department of Defense, intelligence agencies, and all branches of the US military other than the Coast Guard.

Russian-backed hackers have been targeting and compromising U.S. cleared defense contractors since at least January 2020 to gain access to and steal sensitive info that gives insight into U.S. defense and intelligence programs and capabilities. Since January 2020, Russian hacking groups have breached multiple CDC networks and, in some cases, have maintained persistence for at least six months, regularly exfiltrating hundreds of documents, emails, and other data.

Russian-backed hackers have been targeting and compromising U.S. cleared defense contractors since at least January 2020 to gain access to and steal sensitive info that gives insight into U.S. defense and intelligence programs and capabilities. Since January 2020, Russian hacking groups have breached multiple CDC networks and, in some cases, have maintained persistence for at least six months, regularly exfiltrating hundreds of documents, emails, and other data.

The public preview for the Android apps for Windows 11 is now live in the US, allowing users to run Android apps natively on the Windows desktop. The feature relies on a new platform called Windows Subsystem for Android that runs Android apps in a virtual machine to provide compatibility with the Android Open Source Project and hardware input devices.

The San Francisco 49ers were recently kneecapped by a BlackByte ransomware attack that temporarily discombobulated the NFL team's corporate IT network on the Big Buffalo Wing-Snarfing Day itself: Superbowl Sunday. Joseph Carson, chief security scientist and advisory CISO at provider of privileged access management solutions provider Delinea, suggested to Threatpost that it's likely that an affiliate hacked the 49ers, as opposed to the authors behind the ransomware, given that BlackByte is an RaaS. BlackByte recently posted some files purportedly stolen from the team on a dark web site in a file marked "2020 Invoices." The gang hasn't made its ransom demands public.

The US Federal Bureau of Investigation revealed that the BlackByte ransomware group has breached the networks of at least three organizations from US critical infrastructure sectors in the last three months. "As of November 2021, BlackByte ransomware had compromised multiple US and foreign businesses, including entities in at least three US critical infrastructure sectors.," the federal law enforcement agency said [PDF].

The US government has added 15 vulns under active attack to a little-known but very useful public database: its Known Exploited Vulnerabilities catalogue. Building on numerous advisory notes over the past few years warning of currently exploited tools, the Cybersecurity and Infrastructure Security Agency now maintains a public list of vulnerabilities that are, or have been, actively exploited.

Democratic Senators Ron Wyden and Martin Heinrich, of Oregon and New Mexico respectively, on Thursday announced that in April 2021 they sent a co-signed letter [PDF] to director of national intelligence Avril Haines and CIA director William Burns, seeking expedited declassification of the Privacy and Civil Liberties Oversight Board's review of two CIA counterterrorism programs - named "Deep Dive I" and "Deep Dive II". The Deep Dives were made possible by Executive Order 12333 - a Reagan-era order that allows widespread data collection, and data-sharing with the CIA, in the name of national security. The senators wanted a review of the documents' status because they felt the CIA had conducted a bulk information collection effort that harvested data on US citizens - probably illegally.

Democratic Senators Ron Wyden and Martin Heinrich, of Oregon and New Mexico respectively, on Thursday announced that in April 2021 they sent a co-signed letter [PDF] to director of national intelligence Avril Haines and CIA director William Burns, seeking expedited declassification of the Privacy and Civil Liberties Oversight Board's review of two CIA counterterrorism programs - named "Deep Dive I" and "Deep Dive II". The Deep Dives were made possible by Executive Order 12333 - a Reagan-era order that allows widespread data collection, and data-sharing with the CIA, in the name of national security. The Senators wanted a review of the documents' status because they felt the CIA had conducted a bulk information collection effort that harvested data on US citizens - probably illegally.