Clickhole explains Bitcoin
Gov Info
Security
Ex-NSA Hackers Worry China And Russia Will Try to Arrest ThemMotherboard. The deck: The US government has been indicting foreign government hackers, and American government hackers are worried China and Russia might start doing the same to them.
Americans Are Receiving Unordered Parcels From Chinese E-Criminals — And Can’t Do Anything To Stop Them Forbes
|
|
|
Karim
Baratov, 22, appeared in U.S. federal court Tuesday, where he pleaded guilty to
hacking Gmail and Yandex webmail accounts of individuals earmarked by Russia's
FSB state security service and exchanging the victims' account passwords for
money. Baratov, a Canadian citizen and resident who was born in Kazakhstan, was
one of four men named in a 47-count federal indictment filed in February and
unsealed in March.
The
Inquirer
November
27, 2017
NHS Digital
has secured a £20m budget to spend on establishing a new cybersecurity centre
that will constantly scan for attacks and probe the organisation's own defences
using ethical hackers. The NHS will use the money to create "a national,
near real-time monitoring and alerting service that covers the whole health and
care system", said NHS Digital, with "extra specialist resources
during peak periods".
AP November
27, 2017
Three
Chinese nationals are accused of operating a cybersecurity firm that used
phishing scams and malware to steal data from international corporations. A
federal indictment unsealed Monday in Pittsburgh says the trio’s targets
included Siemens AG, Moody’s Analytics in New York and Trimble Inc. in
Sunnyvale, California. The indictment says they ran a company called Boyusec
offering cybersecurity services to Chinese businesses. The men are accused of
sending phony emails that look legitimate in order to hack into corporate
computers across the world. Prosecutors say they concealed their identities and
locations using aliases and valid credentials stolen from victim computer
systems.
CyberScoop November
30, 2017
Reuters November
28, 2017
SWIFT, the
global messaging system used to move trillions of dollars each day, warned
banks on Wednesday that the threat of digital heists is on the rise as hackers
use increasingly sophisticated tools and techniques to launch new attacks.
Brussels-based SWIFT has been urging banks to bolster security of computers
used to transfer money since Bangladesh Bank lost $81 million in a February
2016 cyber heist that targeted central bank computers used to move funds. The
new warning provided detail on some new techniques being used by the hackers.
"Adversaries have advanced their knowledge," SWIFT said in a 16-page
report co-written with BAE Systems Plc's cyber security division. "No
system can be assumed to be totally infallible, or immune to attack."
The Hill November
28, 2017
More than
90 percent of applications using the same computer programming library that,
left unpatched, lead to the Equifax data breach also fail to keep the software
up to date, reports the security firm Veracode. Veracode analyzes clients'
computer code for known security vulnerabilities. Based on its scans between
April and September, 91 percent of applications that use Apache Struts use a
version of Struts with at least one high severity vulnerability. Equifax
admitted earlier this year it had intended but failed to patch Struts before a
hacker took advantage of a security flaw in the library. That hacker ultimately
compromised the personal information of 145.5 million Americans. Veracode
published that new statistic Tuesday as part of a new guide for developers on
good coding practices printed as an addendum to its October "State of
Security" report.
Nextgov November 29,
2017
The Russian
government will build an “independent internet” for use by itself, Brazil,
India, China, and South Africa — the so-called BRICS nations — “in the event of
global internet malfunctions,” the Russian news site RT reported on Tuesday.
More precisely, Moscow intends to create an alternative to the global Domain
Name System, or DNS, the directory that helps the browser on your computer or
smartphone connect to the website server or other computer that you’re trying
to reach. The Russians cited national security concerns, but the real reason
may have more to do with Moscow’s own plans for offensive cyber operations.
According to RT, the Russian Security Council discussed the idea during its
October meeting, saying that “the increased capabilities of western nations to
conduct offensive operations in the informational space as well as the
increased readiness to exercise these capabilities pose a serious threat to
Russia’s security.” Russian President Vladimir Putin has set a date of August
1, 2018, to complete the alternative DNS.
The Wall Street Journal November
29, 2017
A Chinese internet-security firm that researchers say is behind
sophisticated attacks on Western energy and defense companies disbanded this
month amid U.S. accusations that some of its shareholders were involved in
hacking and theft of trade secrets. A U.S. Department of Justice indictment
unsealed Monday alleged that three Chinese nationals hacked into the emails of
a Moody’s Analytics economist and stole confidential business information from
German engineering giant Siemens AG . The indictment identified the three as
employees of Guangdong Bo Yu Information Technology Co., also known as Boyusec.
Filings with a Chinese government-run credit database show that Boyusec was
deregistered Nov. 17. The filings also list two of those named in the
indictment, Dong Hao and Wu Yingzhuo, as among Boyusec’s primary shareholders.
Messrs. Dong and Wu couldn’t be reached for comment Tuesday. Boyusec’s listed
phone number rang unanswered, and an email to a company address didn’t
immediately elicit a response.
US
'orchestrated' Russian spies scandal, says Kaspersky founder
Foreign
influence crackdown a heads-up for everyone in government.
Senior Commonwealth officials will have to disclose if they go to work for foreign entities within three years of leaving the Australian Public Service, under new national security laws proposed by the Turnbull government.
Senior Commonwealth officials will have to disclose if they go to work for foreign entities within three years of leaving the Australian Public Service, under new national security laws proposed by the Turnbull government.