The Justice Department said yesterday that it had traced and seized much of the ransom that a major U.S. pipeline operator paid to a Russian hacking collective last month. The ransomware attack shut down the Colonial Pipeline for about a week, prompting fuel shortages and price spikes, until the company paid hackers more than $4 million worth of Bitcoin. But federal officials said that a new F.B.I. task force had recaptured most of the Bitcoins by, in essence, hacking the hackers.
What Hackers Can Learn About You From Your Social-Media Profile - WSJ
Armed with all that publicly available intel, a cybercriminal can cobble together a profile of you—and use it in countless ways to break into your company's network.
"About 60% of the information I need to craft a really good spear phish is found on Instagram alone," says Rachel Tobac, chief executive officer of SocialProof Security, a hacker-led vulnerability-assessment and training firm. By scouring somebody's social-media accounts, she says, "I can usually find everything I need within the first 30 minutes or so."
As Ransomware Hackers Sit On Millions In Extorted Money, America's Military Is Urged To Hack Back
Breaches of Colonial Pipeline and JBS, causing gas and meat shortages across the U.S., have led to calls for more aggressive action on the criminals behind the hacks. (Photo by FRANCOIS PICARD/AFP via Getty Images)
In just two months last year, the FBI watched three companies pay hackers wielding ransomware called NetWalker millions in Bitcoin to get their hacked data back. While that seems like a big win for the cybercriminals, it also gave investigators in the U.S. and elsewhere a new roadmap for tracking and prosecuting them.
'Hackers are going to have a field day:' Security expert says amid launch of Amazon Sidewalk
:strip_exif(true):strip_icc(true):no_upscale(true):quality(65):fill(FFF)/d1vhqlrjc8h82r.cloudfront.net/06-09-2021/t_0212c8d8dc294009b995d2c07cad7666_name_image.jpg)
The Amazon Sidewalk is the latest virtual expansion to improve a user's experience, but some security experts have some concerns about the launch.
However, Hadnagy said this could make your home's private network vulnerable to literal strangers, walking outside, on the sidewalk.
"I'm having a hard time with the pros, to be honest as a security professional," Hadnagy said. "Now someone who is sitting out on the sidewalk can access your cameras and see your family? See your kids? Your daughter walking around the house? There are just so many things that go through my mind that are like, oh no! We don't know how this works."
CISA launches platform to let hackers report security bugs to US federal agencies –
The Cybersecurity and Infrastructure Security Agency has launched a vulnerability disclosure program allowing ethical hackers to report security flaws to federal agencies.
The platform, launched with the help of cybersecurity companies Bugcrowd and Endyna, will allow civilian federal agencies to receive, triage and fix security vulnerabilities from the wider security community.
It’s not uncommon for private companies to run VDP programs to allow hackers to report bugs, often in conjunction with a bug bounty to pay hackers for their work. The U.S. Department of Defense has for years warmed to hackers , the civilian federal government has been slow to adopt.
Experts weigh in on keeping hackers away as much as possible
“So, there are some things you can do to try and stay hack-free,” said Ian Collins, a computer tech at Ribbit computers in Wichita. “Keep the software updated and on your phone too.”
David Evenden used to hack for the government. He’s currently an executive-in-residence for cyber education at Friends University.
“For your computer at home, the probability of an attacker, if they want to get in, of them getting in, is very high,” said Evenden.
One wrong move can let hackers in: cyber security expert
FORT WAYNE, Ind. (Fort Wayne's NBC) -- Local cyber security experts say you are the front line of defense against attacks both at home and at work, because all that hackers need to find is one vulnerability as their way in.
The cyber security expert says organized hackers are persistent and do their homework, like a bank robber casing a bank branch for days on end to learn all the ins and outs, so they can find a company's soft spot.
Hackers Could Shut Down the U.S.
The U.S. power grid is vulnerable to shutdown by cyberattacks, Secretary of Energy Jennifer Granholm warned in interviews on Sunday on both CNN and NBC's Meet the Press .
"There are thousands of attacks on all aspects of the energy sector and the private sector generally," she said in the CNN interview. "It's happening all the time. This is why the private sector and the public sector have to work together."
The comments followed recent attacks on Colonial Pipeline , the meatpacker JBS , and the Martha's Vineyard ferry service , among others. Last week, Anne Neuberger, President Biden's deputy national security adviser for cyber and emerging technology, wrote a letter to American corporations urging them to take the risks from ransomware more seriously.
Chinese hackers implicated in breach of Russian government agencies - CyberScoop
Chinese hackers were likely behind a series of intrusions at Russian government agencies last year, security firm SentinelOne said Tuesday.
Malicious code used in the breaches is similar to hacking tools associated with a broad set of suspected Chinese spies that have also targeted Asian governments in recent years, SentinelOne researchers said .
SentinelOne's research builds on a report released last month by the Federal Security Service ( FSB ), one of Russia 's main spy agencies, and the cyber unit of telecom firm Rostelecom. It said Russian government agencies had been targeted by "cyber mercenaries pursuing the interests of the foreign state."
Happening on Twitter
Another theory has emerged that the feds secured funds by IDing the perps (through some kind of sting operation), &… https://t.co/vQdt2QM6jQ JordanSchachtel (from Florida) Tue Jun 08 03:57:44 +0000 2021
The Department of Justice touted the recovery of $2.3 million — about half — of the ransom that was collected by ha… https://t.co/5h1GiONAtj NPR Tue Jun 08 13:07:32 +0000 2021
@hectorr159 I think the feds are claiming they hacked back against this network and were able to obtain their priva… https://t.co/iJyQbNbwc0 JordanSchachtel (from Florida) Mon Jun 07 19:46:49 +0000 2021
No comments:
Post a Comment