Hackers are said to have broken into the networks of U.S. space agency NASA and the Federal Aviation Administration as part of a wider espionage campaign targeting U.S. government agencies and private companies.
The two agencies were named by the Washington Post on Tuesday, hours ahead of a Senate Intelligence Committee hearing tasked with investigating the widespread cyberattack, which the previous Trump administration said was “likely Russian in origin.”
Not to change the topic here:
China Hijacked an NSA Hacking Tool in 2014—and Used It for Years | WIRED
More than four years after a mysterious group of hackers known as the Shadow Brokers began wantonly leaking secret NSA hacking tools onto the internet, the question that debacle raised—whether any intelligence agency can prevent its "zero-day" stockpile from falling into the wrong hands —still haunts the security community. That wound has now been reopened, with evidence that Chinese hackers obtained and reused another NSA hacking tool years before the Shadow Brokers brought it to
Only in early 2017 did Lockheed Martin discover China's use of the hacking technique. Because Lockheed has largely US customers, Check Point speculates that the hijacked hacking tool may have been used against Americans. "We found conclusive evidence that one of the exploits that the Shadow Brokers leaked had somehow already gotten into the hands of Chinese actors," says Check Point's head of cyber research Yaniv Balmas.
Hackers Targeting Insurance Instant Quote Sites | Clark Hill PLC - JDSupra
The New York Department of Financial Services issued a cybersecurity fraud alert (“Alert”) to all regulated entities, particularly those utilizing public-facing websites that display nonpublic information (“NPI”), even if redacted. According to the Alert, data thieves have been attacking websites that provide auto insurance and, in so doing, display redacted NPI—for example, a driver’s license number.
Regardless of the methods employed, companies providing insurance quotes need to be aware of the likelihood that they have been targeted and employ security measures to mitigate their risk of compromising consumer data. The Alert implores insurance companies (and their vendors) across all lines of insurance to examine website analytics and traffic measures for abnormalities such as an unusual number of abandoned quotes in a short timeframe.
These hackers sell network logins to the highest bidder. And ransomware gangs are buying | ZDNet
A growing class of cyber criminal is playing an important role on underground marketplaces by breaching corporate networks and selling access to the highest bidder to exploit however they please.
These brokers work to hack into networks but rather than making profit by conducting their own cyber campaigns, they'll act as a middleman, selling entry to networks on to other criminals, making money from the sales.
Access via Remote Desktop Protocol (RDP) is the most sought after listings by cyber criminals. This can provide stealthy remote access to an entire corporate network because by allowing attackers to start from legitimate login credentials to remotely control a computer, so are much less likely to arise suspicion of nefarious activity.
Other things to check out:
Accellion Data Breach: What We Know About the Hackers
On Monday, Accellion announced that it has been working with cyber firm FireEye since the incident, and that researchers have identified a group, dubbed "UNC2546," as the "criminal hacker behind the cyberattacks and data theft."
Those who know about the world of cybersecurity know that attribution—the act of finding out who was responsible for a particular cyberattack—is a very complicated process. I n reality, FireEye hasn't quite put all the puzzle pieces together yet, so let's step back and look at what the researchers have found.
SolarWinds not the only company used to hack targets, tech execs say at hearing - CNET
US Intelligence agencies have said Russia is responsible for a major hacking campaign that struck federal agencies and prominent tech companies.
Amazon was invited to testify at the hearing but didn't send a representative. The company didn't respond to a request for comment.
More information is likely to emerge about the compromises and their aftermath. Here's what you need to know about the hacks:
The approach is especially powerful in this case because thousands of companies and government agencies around the world reportedly use the Orion software. With the release of the tainted software update, SolarWinds' vast customer list became potential hacking targets.
Stimulus check scam: Hackers use personal info to steal checks | wcnc.com
CHARLOTTE, N.C. — Americans have already lost more than $300 million in stimulus scams , according to the Federal Trade Commission (FTC) and with another round of checks likely to start going out next month, crooks will again be trying to intercept your money.
The FTC says scammers are using people's personal information to make their ploy sound legitimate .
"These scams around COVID stimulus checks , coronavirus, are being undertaken by hackers and scammers in a more sophisticated way because they have easy, cheap access to more of our personal information," said Rob Shavell, a data privacy security expert.
Hackers expose Hyundai logistics data after apparent ransomware attack - FreightWaves
Hackers leaked data related to Hyundai Motor America's logistics operations on Monday and claimed responsibility for an apparent ransomware attack targeting the automaker and subsidiary Kia Motors America.
Files posted by the DoppelPaymer ransomware gang contain information about Hyundai Glovis, the automaker’s global logistics firm, as well as documents related to a trucking partner, in addition to other data.
Hyundai Motor America acknowledged that it had experienced an "IT outage," but would not confirm that it had been targeted in a ransomware attack.
Happening on Twitter
"The reality is the hackers responsible have gained access to thousands of companies, and the ability to carry out… https://t.co/Hq5nl7qSQQ jseldin (from Washington, DC) Tue Feb 23 19:38:08 +0000 2021
Microsoft President Brad Smith's testimony to Congress today says the tech giant believes the SolarWinds hackers "m… https://t.co/IsIoqRMGLh dnvolz (from Washington, DC) Tue Feb 23 19:33:58 +0000 2021
Top executives at Texas-based software company SolarWinds, Microsoft and cybersecurity firms FireEye and CrowdStrik… https://t.co/mHs5kmyEqm Reuters (from Around the world) Wed Feb 24 02:20:00 +0000 2021
No comments:
Post a Comment