On Monday morning Kaspersky published new evidence of technical similarities between malware used by the mysterious SolarWinds hackers, known by security industry names including UNC2452 and Dark Halo, and the well-known hacker group Turla, believed to be Russian in origin and also known by the names Venomous Bear and Snake.
Now, after a federal career that many credited with helping to secure the 2020 presidential election from foreign interference, Krebs is venturing into the other massive cybersecurity story of the last year: the Russian hacker intrusion into SolarWinds , a Texas-based company whose software was hijacked and used to penetrate the networks of at least half a dozen federal agencies.
This week, several major United States government agencies—including the Departments of Homeland Security, Commerce, Treasury, and State—discovered that their digital systems had been breached by Russian hackers in a months-long espionage operation .
But one security researcher has shown how vulnerabilities in the Tesla Model X's keyless entry system allow a different sort of update: A hacker could rewrite the firmware of a key fob via Bluetooth connection, lift an unlock code from the fob, and use it to steal a Model X in just a matter of minutes.
The US government alert lays out recommendations and best practices for how hospitals can protect themselves, and private firms like Mandiant have been sharing "indicators of comprise" as well, so health care facilities can monitor their systems extra closely and try to head off potential attacks.
The malware the Kaspersky researchers discovered uses its UEFI foothold to plant a second, more traditional piece of spyware on the computer's hard drive, a unique piece of code Kaspersky has called MosaicRegressor.
The same researchers found that version 2 of the iKettle and the then-current version of the Smarter coffee maker had additional problems, including no firmware signing and no trusted enclave inside the ESP8266, the chipset that formed the brains of the devices.
Branching Out. As in the Twitter hack, the perpetrators don't appear to be state-sponsored hackers or foreign cybercrime organizations, but young, English-speaking hackers organizing on forums like the website and the chat service Discord, says Zack Allen, the director of threat intelligence at security firm ZeroFox, who has also worked with the industry group tracking the incidents.
In a series of civil and criminal complaints and forfeiture notices released today, the Justice Department has revealed that it seized hundreds of bitcoin and ethereum accounts, millions of dollars, and four websites from known Islamic extremist groups that were using those accounts and funds to support terrorist operations.
Now, the Omidyar Network has a new tool kit, designed to get tech workers talking about the way their products shape society, democracy, and more.Some companies in Silicon Valley have even created internal corporate positions to focus on those issues, like Salesforce’s Office of Ethical and Humane Use.
In addition to ransomware, ThiefQuest has a whole other set of spyware capabilities that allow it to exfiltrate files from an infected computer, search the system for passwords and cryptocurrency wallet data, and run a robust keylogger to grab passwords, credit card numbers, or other financial information as a user types it in.
We'll get to the rest of this week's security news in just a second, but before all that you need to carve out a little chunk of your day to read WIRED senior writer Andy Greenberg's profile of Marcus Hutchins , the hacker who stopped the berserking WannaCry ransomware three years ago.
I was nursing a beer at his winter holiday party as he told me about the solar panels on his Brooklyn brownstone roof.It was a neighbor from around the corner who'd seen my solar array and, like me before him, was intrigued.
Per a report in the Niagara Gazette, the one-time mogul is currently isolated at Wende Correctional Facility in western New York state, where he’s serving a 23-year sentence after being convicted earlier this month of one count of rape and one count of a criminal sex act.In other coronavirus-related news, pop mogul Rihanna’s charitable organization is donating $5 million to Covid-19 relief.
Amazon customers can expect greater availability of things like soap and dog food, and potential shipping delays when it comes to less pressing items like clothing and electronics.“We are seeing increased online shopping, and as a result some products such as household staples and medical supplies are out of stock,” reads an announcement on Amazon’s official forum for sellers.
This week, the Chinese firm QiAnXin spotted Russian hackers—possibly affiliated with the groups Sandworm and Fancy Bear —sending phishing emails laced with malicious document attachments to Ukrainian targets.Meanwhile, the Vietnamese security firm VinCSS detected a high volume of novel coronavirus-related phishing emails over the last two weeks attributed to government hackers.
Yang is the founder and CEO of Gantri, a San Francisco company that designs, fabricates, and sells 3D-printed lamps.The Signal desk light is one of the new lamps in Gantri's collection that was designed by the SF firm Ammunition, which is famous for some of Silicon Valley's most iconic designs.
Microsoft already offers Windows Secure Boot, a feature that checks for cryptographic signatures to confirm software integrity.Instead of relying on firmware, Microsoft has worked with AMD, Intel, and Qualcomm to make new central processing unit chips that can run integrity checks during boot in a controlled, cryptographically verified way.
Uber has a response to a new California law that forces the company to treat drivers like employees: "Well fine, maybe we just won't pick you up ."Uber is now allowing drivers in California to see how much a ride would pay and where it would go before they accept it.
A chat box alongside the video displays frustrated messages: “I still haven’t got the money,” or “I did all the steps.” The stream, which often sits atop YouTube Gaming’s directory, remained live last weekend for over 21 hours, during which it was viewed over 1.1 million times.
Over the last month, researchers at security firms including Sentinel One and Dragos have puzzled over a piece of code called Snake or EKANS, which they now believe is specifically designed to target industrial control systems, the software and hardware used in everything from oil refineries to power grids to manufacturing facilities.
All of that makes Burisma an almost inevitable target for another hack-and-leak operation of the sort that Russia carried out against the Democratic National Committee and the Clinton campaign in 2016—once again with the goal of influencing a US election .Now the first evidence has surfaced, in a report from security firm Area 1, that the very same team of Russian hackers who hit those targets may in fact have hacked Burisma.
If you're not sure how to find these settings, check the documentation that came with the router, or run a quick web search using your router's make and model.You should be using WPA2 security to guard access to your router, which essentially requires every new device to submit a password to connect.
With the faster connection speeds will come increased security and privacy protections for users, as the wireless industry attempts to improve on the defenses of 3G and 4G.
Bringing user data concerns into antitrust, as Delrahim suggested, would require asking a similar question: Will the reduction in competition lead to consumers having to accept inferior privacy protections?.
DoorDash, a takeout delivery company, confirmed a data breach on Thursday almost five months after it occurred on May 4, and a year after some users started complaining that their accounts had been inexplicably compromised.
Like other prominent companies of its kind, CrowdStrike conducts digital forensic investigations, and defends its clients in part by removing a hacker's access to compromised accounts and devices.But when CrowdStrike or another firm investigates an incident, they typically don't physically remove a client's devices.