Dubbed Name:Wreck, the newly disclosed flaws are in four ubiquitous TCP/IP stacks, code that integrates network communication protocols to establish connections between devices and the internet.
The specifics of how Travnichek allegedly obtained access to Post Rock Rural Water District’s network after he left the utility remain unclear; the indictment says only that he “logged in remotely.” He’d had a remote login when he worked there, court documents say, for after-hours monitoring.
Technical details of the report are not available to the public, but what we can see allows us to reasonably conclude that serious cybersecurity vulnerabilities exist in weapons systems, including those that would let the potential adversary take control over a system.
Hafnium has now exploited zero-day vulnerabilities in Microsoft's Exchange servers' Outlook Web Access to indiscriminately compromise no fewer than tens of thousands of email servers, according to sources with knowledge of the investigation into the hacking campaign who spoke to WIRED.
This week, Microsoft and security firm FireEye both shared new details about malware strains the Russia-linked group used to get such devastating access to so many targets.
Moderna’s Melissa Moore explained why we should be excited about the dawn of mRNA vaccines; the former director of the Cybersecurity and Infrastructure Security Agency, Christopher Krebs, talked about the cybersecurity issues that pose the biggest threat to our democracy; and Slack's Stewart Butterfield and Salesforce's Bret Taylor told us about how digital-first workplaces will become the norm even when we can return to the office.
Now, after a federal career that many credited with helping to secure the 2020 presidential election from foreign interference, Krebs is venturing into the other massive cybersecurity story of the last year: the Russian hacker intrusion into SolarWinds , a Texas-based company whose software was hijacked and used to penetrate the networks of at least half a dozen federal agencies.
Some of the remediation will involve steps that congressional security already performs as a matter of course, like extensively reviewing security camera footage from the House and Senate floor, in hallways, and other spaces to see what intruders did, including what interactions they may have had with electronics.
There will be more news to come about the SolarWinds supply chain attack and possible other elements of the extensive campaign, but in the meantime officials, security practitioners, and researchers are all puzzling over questions of where to draw the line on global espionage and how to deter destructive and otherwise unacceptable hacking.
The US government alert lays out recommendations and best practices for how hospitals can protect themselves, and private firms like Mandiant have been sharing "indicators of comprise" as well, so health care facilities can monitor their systems extra closely and try to head off potential attacks.
The indictment also lays out new details of Sandworm's targeting of the nation of Georgia in 2019, which included an attempt to compromise the Georgian parliament in addition to a previously known campaign of web defacements across the country's internet, affecting 15,000 sites .Perhaps most significantly, the criminal charges mark the first global law enforcement response targeting Sandworm's hackers for their release of the NotPetya malware that ravaged networks across the world .
The agencies recommended security professionals immediately implement a patch to protect the devices from hacking techniques that could fully take control of the networking equipment, offering access to all the traffic they touch and a foothold for deeper exploitation of any corporate network that uses them.
The law enforcement operation lasted more than three months and was made possible through police access to a secure communications platform called EncroChat, which offered encrypted messaging, disappearing messages, and an emergency data wiping feature.
It is in the clear interest of policymakers, organizations, and the public to receive feedback from security researchers directly, instead of risking the information reaching other potentially malicious parties.
But the country's high court decided in December that blocking access violated its citizens' rights, and this week it was finally restored.This week Mick Baccio left his post over "differences with campaign leadership over how to manage information security," according to a report in the Wall Street Journal.
And for a smaller core of cybersecurity practitioners within that massive readership, it’s become a kind of legend: the ur-narrative of a lone hacker hunter, a text that has inspired an entire generation of network defenders chasing their own anomalies through a vastly larger, infinitely more malicious internet.
Like, say, the revelation that you can hack Alexa, Google Assistant, and Siri with lasers .Take the two former Twitter employees who allegedly used their insider access to spy on behalf of Saudi Arabia —a stark reminder of how ill prepared even the biggest companies are to protect consumer data from the people who work there.
You see, there are only a few working days left before WIRED25, our two-day live event that, in many ways, brings to life the November issue of WIRED, titled Have a Nice Future: Stories of 25 People Racing to Save Us .A few months back, as we began planning the November issue, we started to feel that national malaise, the distress that surrounded the environment, health, cybersecurity, politics.
An attacker could potentially pivot, Santamarta says, from the in-flight entertainment system to the CIS/MS to send commands to far more sensitive components that control the plane's safety-critical systems, including its engine, brakes, and sensors.
Security News This Week: Apple Contractors Will Stop Listening to Your Siri Recordings—For Now. Justin Sullivan. After a report in The Guardian detailed Apple's use of contractors to "grade" the recordings of Siri users, the company has said it will suspend the program.
The state and federal groups that investigated Equifax touted the payout as an important wake-up call for all US corporations—especially since Equifax will also be required to make hundreds of millions of dollars of additional internal cybersecurity improvements on top of the fines.
Though they are developed by well-known companies and the location sharing is advertised for accepted uses, these apps also have the potential to be exploited by attackers who have access to victim devices.
Though the White House has not opposed specific legislation coming out of Congress—the president has signed all the cybersecurity bills sent to his desk—it also has not demonstrated an overarching strategy necessary to combat this pressing issue.
Now, the United States Federal Election Commission may apply the same laws to block a cybersecurity firm from offering free or low-cost defense services to campaigns, at a time when those protections are badly needed .During the 2016 US presidential election, Russian hackers not only threatened election networks and voting systems, but wreaked havoc by targeting campaigns and political parties, particularly the Democratic National Committee, and leaking troves of sensitive data.
“DHS’s voice is vital around the Situation Room table,” says Edelman “Looking ahead, as we consider issues like national security controls over AI, or limits to foreign investment, DHS is going to be more crucial than ever—and their absence of leadership could lead to some very skewed outcomes.”.
From that foothold, it appeared, the hackers had spread through the power companies’ networks and eventually compromised a VPN the companies had used for remote access to their network—including the highly specialized industrial control software that gives operators remote command over equipment like circuit breakers.