U.S. cyber warriors battled Russian hackers attacking State Department

Over a 24-hour period, top U.S. cyber defenders engaged in a pitched battle with Russian hackers who had breached the unclassified State Department computer system and displayed an unprecedented level of aggression that experts warn is likely to be turned against the private sector. Whenever National Security Agency hackers cut the attackers’ link between their command and control server and the malware in the U.S. system, the Russians set up a new one. Details about the November 2014 incident emerged recently in the wake of a senior NSA official’s warning that the heightened aggression has security implications for firms and organizations unable to fight back. “It was hand-to-hand combat,” said NSA Deputy Director Richard Ledgett, who described the incident at a recent cyber forum, but did not name the nation behind it. The culprit was identified by other current and former officials. Ledgett said the attackers’ thrust-and-parry moves inside the network while defenders were trying to kick them out amounted to “a new level of interaction between a cyber attacker and a defender.” Source: The Washington Post

Postal service preview might help in identity theft defense

A U.S. Postal Service program seeks to reduce identity theft by giving customers a preview of their mail, so they can alert authorities if it doesn’t arrive. Informed Delivery sends a digital copy of the front of the envelopes and packages to recipients the day they’re scheduled to be delivered. Once customers know what to expect, they can report missing or stolen mail before anyone has an opportunity to use their personal information for identity theft. Customers can register for the service at the USPS.com website. Source: CBS News

GAO questions effectiveness of identity theft services

A report from the Government Accountability Office acknowledged that identity theft services offer some benefits but cautioned about limitations. Credit-monitoring services, for example, can help detect when an unauthorized account has been opened in someone’s name by alerting users, but such services don’t prevent fraud on an existing account, including misuse of a stolen credit card number. The GAO could not find any studies or data assessing the effectiveness of identity monitoring. Source: Accounting Today

Another week, another release by WikiLeaks

WikiLeaks has released 676 source code files from the CIA’s Marble Framework, which is used to hamper forensic investigators and anti-virus companies from attributing viruses, trojans and hacking attacks to the CIA, WikiLeaks said. The tools could have been used to run false flag hacking operations, the group said. The CIA would not authenticate the data. Source: FCW

Cloud Hopper attack targets organizations in U.S., Asia, Europe

Authorities have uncovered a large-scale cyber attack from a group targeting organizations in Japan, the United States, Sweden and other European countries through IT service providers. The cyber attack, uncovered through a collaboration by Britain’s National Cyber Security Centre, PwC and cybersecurity firm BAE Systems, targeted managed service providers to gain access to customers’ internal networks since at least May 2016 and potentially as early as 2014. The scale of the attack, named Cloud Hopper from an organization called APT10, is not known but is believed to involve huge amounts of data. Source: Insurance Journal

Hackers backing ISIS send out list of targets, seek attacks

A group of hackers supporting the Islamic State militant group (ISIS) have released a list of thousands of individuals in the United States and their addresses, calling for lone wolf attacks on the targets. The list, which includes 8,786 names, was released by the pro-ISIS hacking group the United Cyber Caliphate and verified by the terror monitor SITE. The video, which includes a threat against President Donald Trump, instructed would-be attackers to: “Kill them wherever you find them.” Source: Newsweek

When you’re getting personal, others might be watching

The Svakom Siime Eye internet-connected, camera-equipped vibrator is vulnerable to hacking, according to security services firm Pen Test Partners. The device works with an app that lets users watch video and shoot pictures and videos and save them to devices such as phones or laptops. Anyone who’s within Wi-Fi range and can guess your password can gain access to your videostream. Source: CNet

Presidential hire was on list of hacked Ashley Madison accounts

The Trump administration has hired the former executive director of the Louisiana Republican Party whose name turned up on a list of accounts released in the 2015 hack of the cheating website Ashley Madison. Jason Doré is assistant chief counsel for external affairs for the Small Business Administration’s Office of Advocacy. His office advocates on behalf of small businesses to the federal government and helps address concerns about regulations that may impact small businesses. Source: Politico

Compromised newspaper system sends Nazi alerts on Trump

An April Fools’ Day hack targeted the New York Post with a flurry of bizarre news alerts hailing President Trump as a German führer. “Heil President Donald Trump,” stated one alert around 10:45 p.m. Saturday, before chiming in with at least eight more push notifications for those with the Rupert Murdoch-owned mobile app. The Post acknowledged in another alert that its “push notification system was compromised this evening,” without elaborating how it was hacked. Source: The New York Daily News

Your TV could be targeted by transmitted malware

An attack that uses terrestrial radio signals to hack a wide range of Smart TVs raises the prospect of hackers taking control of a large number of sets at once without having physical access. The proof-of-concept exploit uses a low-cost transmitter to embed malicious commands into a rogue TV signal, which is then broadcast to nearby devices. It worked against two fully updated TV models made by Samsung. By exploiting two known security flaws in the Web browsers running in the background, the attack was able to gain privileged root access to the TVs. By revising the attack to target similar browser bugs found in other sets, the technique would likely work on a much wider range of TVs. Source: Ars Technica

Scottrade subsidiary database was exposed

Scottrade Bank, a subsidiary of Scottrade Financial Services, recently secured a MSSQL database containing sensitive information on at least 20,000 customers that was inadvertently left exposed to the public. The database was discovered by MacKeeper researcher Chris Vickery on March 31, when he was searching for random phrases on the domain s3.amazonaws.com. Once the database was discovered, Vickery says he contacted the company and was connected to a security team who helped secure the data. Two days later, Vickery said, he confirmed that the problem was resolved. Source: CSO Online

Large, teaching hospitals at risk for data breaches, report finds

Larger hospitals and those with major teaching status are the most at-risk for a data breach, according to a report by the Journal of the American Medical Association. There were 216 hospitals included in the 1,798 breaches that occurred from Oct. 21, 2009, to Dec. 31, 2016; more than a third were teaching hospitals. Additionally, 33 hospitals, or 15 percent, reported more than one breach. Of 141 affected acute care hospitals, 52 were major academic medical centers. About 20,000 patients were affected in 24 of the 216 breached hospitals, and six hospitals had more than 60,000 breached patient records. Source: Health Care IT News




The post U.S. cyber warriors battled Russian hackers attacking State Department appeared first on Third Certainty.

By Byron Acohido