Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 157

Jan 15, 2020

‘We want to win the next war’: US Army will revamp cyber operations to counter Russia and China

Posted by in categories: cybercrime/malcode, energy, military

As warfare continues to enter the digital realm, the Army plans to transform its cyber operations branch into a full-scale information warfare command, according to a top U.S. general.

The service will convert Cyber Command into the Army Information Warfare Command, Army Chief of Staff Gen. James McConville said at a panel on Tuesday. It’s one of the several modernization efforts the Army is taking on to counter “great power” opponents like Russia and China.

“We’re recognizing the importance of information operations, so our Cyber Command is going to become an information warfare command,” McConville said.

Jan 15, 2020

City of Las Vegas detects and deters major cyberattack

Posted by in category: cybercrime/malcode

Security breach took place on January 7, but the city said it detected the intrusion in time to prevent any damage.

Jan 15, 2020

Microsoft, NSA say security bug affects millions of Windows 10 computers

Posted by in categories: cybercrime/malcode, privacy

Microsoft has released a security patch for a dangerous vulnerability affecting hundreds of millions of computers running Windows 10.

The vulnerability is found in a decades-old Windows cryptographic component, known as CryptoAPI. The component has a range of functions, one of which allows developers to digitally sign their software, proving that the software has not been tampered with. But the bug may allow attackers to spoof legitimate software, potentially making it easier to run malicious software — like ransomware — on a vulnerable computer.

“The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider,” Microsoft said.

Jan 13, 2020

Exploit that gives remote access affects ~200 million cable modems

Posted by in category: cybercrime/malcode

Cable Haunt lets attackers take complete control when targets visit booby-trapped sites.

Jan 13, 2020

U.S. Government Issues Powerful Security Alert: Upgrade VPN Or Expect Cyber-Attacks

Posted by in categories: cybercrime/malcode, government, policy

The United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert that strongly urges users and administrators alike to update a VPN with long-since disclosed critical vulnerabilities. “Affected organizations that have not applied the software patch to fix a remote code execution (RCE) vulnerability,” the CISA alert warns, “can become compromised in an attack.” What has dictated the need for this level of Government agency interest and the urgency of the language used? The simple answer is the ongoing Travelex foreign currency exchange cyber-attack, thought to have been facilitated by no less than seven VPN servers that were late in being patched against this critical vulnerability. The vulnerability in question is CVE-2019–11510, first disclosed way back in April 2019 when Pulse Secure VPN also released a patch to fix it.

Critical VPN security vulnerability timeline

The CISA alert provides a telling timeline that outlines how the Pulse Secure VPN critical vulnerability, CVE-2019–11510, became such a hot security potato. Pulse Secure first released an advisory regarding the vulnerabilities in the VPN on April 24, 2019. “Multiple vulnerabilities were discovered and have been resolved in Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS),” that advisory warned, “this includes an authentication by-pass vulnerability that can allow an unauthenticated user to perform a remote arbitrary file access on the Pulse Connect Secure gateway.” An upgrade patch to fix the problem, which had been rated as critical, was made available at the same time. Warning users that the vulnerabilities posed a “significant risk to your deployment,” Pulse Secure recommended patching as soon as possible.

Jan 12, 2020

Gov. Cooper urges people to pay attention as officials prepare for possible cyberattack

Posted by in categories: cybercrime/malcode, finance

The Department of Homeland Security is preparing for possible cyberattack from Iran. Officials said it could target finance, energy and telecom companies. Gov. Roy Cooper is urging people to pay attention to keep North Carolina’s computer networks safe.

Click the video player above to learn how to stay safe online .

Jan 11, 2020

Air Travel Cyber-Attacks: New York Airport Hit, Travelex Exchange Held To Ransom

Posted by in categories: cybercrime/malcode, transportation

Cyber-attackers have ramped up their campaigns against the travel industry and those who use it.

Jan 10, 2020

Cyber Threats To North American Power Grid Are Growing

Posted by in category: cybercrime/malcode

Threats of cyber attacks on North America’s electric network systems are growing, industrial cybersecurity firm Dragos said in a new report this week.

This year, the firm has identified two groups, Magnallium and Xenotime, which are increasingly probing to compromise electric assets in North America, expanding their targeting from the oil and gas sector to include electric assets.

“This underscores the trend in threats expanding from single-vertical ICS operations to multi-vertical ICS operations we observe from adversaries targeting industrial entities,” Dragos said in its report.

Jan 10, 2020

US Govt Warns of Attacks on Unpatched Pulse VPN Servers

Posted by in categories: cybercrime/malcode, privacy

The US Cybersecurity and Infrastructure Security Agency (CISA) today alerted organizations to patch their Pulse Secure VPN servers as a defense against ongoing attacks trying to exploit a known remote code execution (RCE) vulnerability.

This warning follows another alert issued by CISA in October 2019, and others coming from the National Security Agency (NSA), the Canadian Centre for Cyber Security, and UK’s National Cyber Security Center (NCSC).

Pulse Secure reported the vulnerability tracked as CVE-2019–11510 and disclosed by Orange Tsai and Meh Chang from the DEVCORE research team, and by Jake Valletta from FireEye in an April 2019 out-of-cycle advisory.

Jan 9, 2020

Dunwoody becomes latest metro Atlanta government hit by cyber attack

Posted by in categories: bitcoin, cybercrime/malcode, government

Dunwoody officials said Thursday that no data was compromised during the ransomware attack, which was detected on Christmas Eve and is now under investigation by the FBI. The intrusion was quickly identified by staff, which worked with the city’s computer security contractors at InterDev to shut down servers and disconnect computers in order to limit the impact of the attack.

“As soon as we detected a problem, we took immediate steps to protect the city’s infrastructure,” Ashley Smith, InterDev’s director of government services, said in a news release. “Data back-ups were used to fully restore systems with no loss.”

Dunwoody police Chief Billy Grogan said the attackers demanded a ransom be paid in bitcoin, a digital currency. He declined to reveal the amount requested but said the city did not pay.