Security News

The new configuration file pushed on Sept. 22 told all systems infected with Trickbot that their new malware control server had the address 127.0.0.1, which is a "Localhost" address that is not reachable over the public Internet, according to an analysis by cyber intelligence firm Intel 471. U.S. Cyber Command's campaign against the Trickbot botnet, an army of at least 1 million hijacked computers run by Russian-speaking criminals, is not expected to permanently dismantle the network, said four U.S. officials, who spoke on the condition of anonymity because of the matter's sensitivity.

US Cyber Command warns Microsoft customers to immediately patch their systems against the critical and remotely exploitable CVE-2020-16898 vulnerability addressed during this month's Patch Tuesday. "Update your Microsoft software now so your system isn't exploited: CVE-2020-16898 in particular should be patched or mitigated immediately, as vulnerable systems could be compromised remotely," US Cyber Command said in a tweet earlier today,.

Palo Alto Networks revealed on Monday that it has patched a critical authentication bypass vulnerability in its PAN-OS firewall operating system, and U.S. Cyber Command believes foreign APTs will likely attempt to exploit it soon. "When Security Assertion Markup Language authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled, improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources. The attacker must have network access to the vulnerable server to exploit this vulnerability," Palo Alto Networks explained in an advisory.

The U.S. Cyber Command's campaign to hack ISIS and disrupt its media operations faced some challenges, including a lack of data storage, but ultimately proved successful, according to government documents from 2016 that were made public Tuesday. The heavily-redacted documents published by the National Security Archive, a not-for-profit research organization, show that U.S. Cyber Command was not prepared to handle the amount of information it collected when it hacked ISIS. The command, which is part of the U.S. Defense Department and includes units from all military branches, also faced problems with interagency coordination and the lengthy process of vetting ISIS cyber targets.

Government-backed campaign going after bug that was patched in 2017 An ongoing Iranian government-backed hacking campaign is now trying to exploit a Microsoft Outlook flaw from 2017.…

Researchers Say Attackers Could Have Ties to Iranian-Backed APT GroupThe U.S. Cyber Command has issued a warning that attackers are attempting to exploit an older vulnerability in Microsoft...

Really interesting article by and interview with Paul M. Nakasone (Commander of U.S. Cyber Command, Director of the National Security Agency, and Chief of the Central Security Service) in the...

In the wake of news that 12 additional Russians have been indicted for conspiring to interfere with the 2016 presidential election, a key question emerges: What will President Trump say when he...

The ISMG Security Report leads with views on a novel way to fund the growth of the United States military's Cyber Command by seizing assets such as digital currencies from hackers and other...

Last week, US President Donald Trump announced that the United States Cyber Command, which is currently a division of the NSA, will be elevated to the status of a Unified Combatant Command focused...