~ Upton Sinclair via ABC:
Indeedy,
Soooo true:
"at least equally with communism, lies the threat to capitalism"
The Moth: Kathryn Bendall - a fear of flying - Comrade from Hunters Hill ;-) -
Senior
Trump official pens anonymous essay saying ‘wasteful government
agencies’ are BETTER OFF without furloughed workers who are lazy and
unaccountable – and should never be allowed back. “For government
employees seeking to implement the president’s policy priorities, the
person claimed their time is often wasted preventing so-called deep
state actors from derailing the administration’s political agenda.”
The Hill
January 11, 2019
Sen. Ron Wyden (D-Ore.) on Friday pressed the Treasury Department and IRS about possible cyber risks facing taxpayers, questioning whether the threat of identity theft is increasing amid the partial government shutdown. Wyden, a member of the Senate Intelligence Committee, sent a letter to Treasury Secretary Steven Mnuchin and IRS Commissioner Charles Rettig asking them about what impact the shutdown is having on their operations and if there are any cyber implications. "Is there increased risk of taxpayer ID theft if lRS tries to maintain normal operations during a shutdown?" Wyden, who's also the ranking member of the Senate Finance Committee, asked in the letter. "For example, if IRS is working with a skeleton staff as a result of the shutdown, is there an elevated risk that cyber criminals filing fraudulent returns with stolen taxpayer identities will be able to steal taxpayers' refunds? Will IRS be able to detect, let alone thwart, these fraudulent attempts?" The letter comes amid a shutdown that is now in its 21st day, tying it for the longest in U.S. history.
Nextgov
January 7,
2019
The
sweeping government reform legislation proposed Thursday by House Democrats
would provide states with federal funding to improve their election
infrastructure and support bug bounty programs to improve election
cybersecurity. One of first bills of the 116th Congress, the For the People Act
would also charge the Homeland Security Department with sharing information
about election threats with state officials and test the security of voting
systems nine months before every federal election. The legislation, introduced
by House Speaker Nancy Pelosi, D-Calif., and Rep. John Sarbanes, D-Md., would
mandate many of the key election security measures lawmakers have spent the
last two years advocating. Previous attempts to lock down voting infrastructure
were mired by legal hair-splitting and funding concerns, despite generally
bipartisan support. Under the House bill, states would receive federal
subsidies to improve election infrastructure, invest in paper ballot systems
and audit elections after the fact. The federal government would also fund
efforts to explore innovative infrastructure changes. Homeland Security would
be required to create a commission to defend “U.S. democratic institutions”
against foreign threats and keep election systems designated as critical
infrastructure. Most of the provisions are derived from the Election Security
Act, which House Homeland Security Committee Chairman Bennie Thompson, D-Miss.,
introduced last year.
ADMINISTRATION
Nextgov
January 11,
2019
More than
250 cybersecurity vulnerabilities, some more than a decade old, remain
unaddressed in the Defense Department’s networks, according to an internal
watchdog. Still, auditors found the agency has made significant strides in
locking down its tech infrastructure. The Defense Department Inspector General
found the Pentagon had yet to correct 266 cyber vulnerabilities highlighted in
numerous watchdog reports between July 2017 and June 2018. Some of the issues
were identified long ago—two dated back to 2008—but the majority were only
discovered in the last year, which auditors acknowledge had given the agency
little time to fix them. Most of the vulnerabilities revolved around the
agency’s approach to identifying potential gaps in its cyber posture and
proactively defending against those threats. Auditors specifically found many
shortcomings related to cyber governance, or the policies and practices that
help officials monitor risk.
Gov Info
Security
January 11,
2019
There's a
stark message on the front page of the U.S. National Institute of Standards and
Technology's website: "NOTICE: Due to a lapse in federal funding, most of
this website is not available." The warning points to the continuing
standoff between President Donald Trump and Congress over the $5.7 billion he
wants to fund a fortified border wall with Mexico. Trump says he won't sign a
spending bill for fiscal 2019 that would reopen the government that lacks the
funding he wants for the wall. Building the wall was one of his key campaign
promises that attracted voters worried about illegal immigration. The
government shutdown, which started on Dec. 21, 2018, is affecting as many as 800,000
federal workers, some of whom are continuing to work without pay. With the
Democrats in control of the House of Representatives and neither party showing
signs of budging, it's unclear how the standoff will be resolved.
AP
After
Georgia's 2018 elections focused stinging criticism on the state's outdated
election system, a study commission voted Thursday to recommend the use of
machines that record votes and print a record. Members of the panel tasked with
considering a potential replacement chose that option over hand-marked paper
ballots favored by cybersecurity experts. The Secure, Accessible and Fair
Elections, or SAFE, Commission voted 13-3 for a draft of a report to be sent to
lawmakers, who are expected to decide on criteria for a new system during the
legislative session that begins Monday. The commission includes lawmakers,
political party representatives, voters and election officials. Georgia's
paperless touchscreen voting machines, in use since 2002, have been widely
criticized. Cybersecurity experts have warned they are unreliable and
vulnerable to hacking. There's also no way to do an effective audit or confirm
votes are recorded correctly because there's no paper trail.
CyberScoop
January 9,
2019
Recruiting
people to work in the federal government, especially in cybersecurity, has been
a challenge for as long as the term “cybersecurity” has existed. It’s why the
government created vehicles like the CyberCorps: Scholarship for Service. If
you are a college student who would like to devote your skills to the
government, the United States will cut you a check — probably in the
five-figure range — to study up on whatever tech-based track you’d like. In
return, you’re obligated to work for Uncle Sam for the length of the
scholarship issued, up to four years. In an ideal setting, this arrangement
seems fair. Yet, clearly, when it comes to the government, these are not ideal
times. The government shutdown has exacerbated this already fraught issue, with
essential cybersecurity personnel at agencies like the Department of Homeland
Security and National Institute of Standards and Technology either legally
unable to continue working or forced to put projects on hold. That stagnation
was on display for the latest crop of CyberCorps students, who earlier this
week tucked themselves into the Gaylord National Hotel in National Harbor,
Maryland for the program’s career fair. On Tuesday, the convention floor was
littered with empty tables, as representatives from various agencies were
unable to attend due to the government shutdown.
BBC
January 9,
2019
They still
don’t know where it came from. But when it hit, the Alaskan borough of
Matanuska-Susitna was knocked for six. Malware rapidly spread across the
borough’s computer networks, disrupting a bewildering array of services.
Hundreds of employees found themselves locked out of their work stations. Staff
at local libraries received urgent phone calls telling them to quickly turn off
all the public PCs. The animal shelter lost access to data on medications
required by its furry residents. It didn’t stop there. An online booking system
for swimming lessons went down, leaving people to queue up in person. One
borough office had to switch to electronic typewriters temporarily. And Helen
Munoz, an 87-year-old woman who has been campaigning for a better sewer system
in the area, got an unexpected response to one of her regular calls to local
administrators. “Our computers are down,” she was told. She threw her hands up
in disgust. “The cyber-attack, God help us, just about stopped everything, you
know,” Munoz says. “In fact, the borough still isn’t squared away with their
computers.”
CyberScoop
January 9,
2019
A survey of
26 countries has found that Americans are among the most likely to expect a
cyberattack to occur on assets like public infrastructure and national security
data. Roughly eight in 10 Americans said it is either “very” or “somewhat
likely” that national-security data will be breached (82 percent), public
infrastructure will be damaged (83 percent), or elections will be tampered with
(78 percent) via hacking, according to data published Wednesday by the Pew
Research Center. Those were among the highest percentages of any respondents,
indicating a growing acceptance among Americans that sensitive data breaches
are a part of life. The answers also came through a partisan filter: 82 percent
of U.S. Democrats said cyberattacks on elections infrastructure were likely,
compared with 66 percent of Republicans.
FCW
The ongoing
government shutdown comes at a sensitive time for the nascent Cybersecurity and
Infrastructure Security Agency at the Department of Homeland Security. The new
DHS component, built out of the National Protection and Programs Directorate
into CISA, was looking to spend much of 2019 in transition mode as part of its
CISA 2020 plan, but because of an ongoing lapse in appropriations, just 56
percent of the workforce is on the job. "Almost half of the [CISA]
workforce is furloughed, and the rest are working without pay," said House
Homeland Security Committee Chair Rep. Bennie Thompson (D-Miss.) in a Jan. 3
statement. "In all, 87 percent of the DHS workforce is reporting to work …
without knowing when their next paycheck will come." According to shutdown
guidance provided by DHS in December 2018, just over 2,000 of CISA's 3,531
staffers were designated as exempt from the shutdown. A substantial amount of
work remains to be done to fully stand up the agency as it forges ahead on
newer initiatives like the National Risk Management Center and the Supply Chain
Security Task Force.
The Hill
January 7,
2019
The
National Counterintelligence and Security Center (NCSC) on Monday launched a
program aimed at helping U.S. companies protect themselves from cyber attacks
or other threats from foreign nation-state actors. The NCSC, housed within the
Office of the Director of National Intelligence (ODNI), is now sharing materials
on how firms can guard themselves against threats to the supply chain — or
components manufactured outside of the U.S. — spear-phishing campaigns and
economic espionage, like the theft of intellectual property. “Make no mistake,
American companies are squarely in the cross-hairs of well-financed
nation-state actors, who are routinely breaching private sector networks,
stealing proprietary data, and compromising supply chains,” NCSC Director
William Evanina said in a statement. “The attacks are persistent, aggressive,
and cost our nation jobs, economic advantage, and hundreds of billions of
dollars," he continued.
ZDNet
January 5,
2019
The US
National Security Agency will release a free reverse engineering tool at the
upcoming RSA security conference that will be held at the start of March, in
San Francisco. The software's name is GHIDRA and in technical terms, is a disassembler,
a piece of software that breaks down executable files into assembly code that
can then be analyzed by humans. The NSA developed GHIDRA at the start of the
2000s, and for the past few years, it's been sharing it with other US
government agencies that have cyber teams who need to look at the inner
workings of malware strains or suspicious software. GHIDRA's existence was
never a state secret, but the rest of the world learned about it in March 2017
when WikiLeaks published Vault7, a collection of internal documentation files
that were allegedly stolen from the CIA's internal network. Those documents
showed that the CIA was one of the agencies that had access to the tool.
INDUSTRY
Reuters
January 10,
2019
A
Massachusetts man was sentenced on Thursday to more than 10 years in prison for
carrying out a cyberattack on a hospital on behalf of the hacking activist
group Anonymous to protest the treatment of a teenager in a high-profile
custody dispute. Martin Gottesfeld, 34, was sentenced by U.S. District Judge
Nathaniel Gorton in Boston nearly three years after he was rescued from a
disabled powerboat off the coast of Cuba by a Disney Cruise Line ship after
fleeing the United States amid a federal investigation. A federal jury in
August found him guilty of two counts, including conspiracy to damage protected
computers related to cyberattacks he carried out in 2014 on Boston Children’s
Hospital and another facility. “Make no mistake, your crime was contemptible, invidious
and loathsome,” Gorton said.
GovInfoSecurity
January 10,
2019
Forty-three
states have reached a settlement with Neiman Marcus over its 2013 data breach,
one of several breaches from that period blamed on card-scraping malware. Under
terms of the deal, the Dallas-based luxury department store chain must pay the
states a total of $1.5 million, according to Texas Attorney General Ken Paxton.
Neiman Marcus must also put in place security measures to protect plaintext
cardholder data. Attorneys general in Connecticut and Illinois led the legal
action against the retailer. Neiman Marcus revealed the breach in January 2014,
just a few weeks after Target said malware scraped about 40 million of its
customers' payment card details. The breaches marked a new era in which
attackers unleashed determined, large-scale efforts aimed at stealing payment
card details.
Financial
Times
January 9,
2019
Mondelez,
the US food company that owns the Oreo and Cadbury brands, is suing its
insurance company, Zurich, for refusing to pay out on a $100m claim for damage
caused by the NotPetya cyber attack. The case will be the first serious legal
dispute over how companies can recover the costs of a cyber attack, as
insurance groups seek to tightly define their liabilities. “It’s a pretty big
deal. I’ve never seen an insurance company take this position,” said Robert
Stines, a cyber law specialist at the US law firm Freeborn. “It’s going to send
ripples through the insurance industry. Major companies are going to rethink
what’s in their policies.” The NotPetya attack in the summer of 2017 crippled
the computer systems of companies around the world, including Merck, the
pharmaceuticals company, Reckitt Benckiser, the consumer group, and Maersk, the
world’s largest shipping group. It caused billions of dollars of damage and has
been blamed by the US and the UK on Russian hackers attacking the Ukrainian
government. The Kremlin has denied any involvement.
CyberScoop
January 9,
2019
Global
hospitality chain Hyatt Hotels announced Wednesday that it’s launching a public
bug bounty program through HackerOne, offering monetary prizes for security
researchers to probe its websites and apps for leaky features and
vulnerabilities that could be exploited by hackers. The company is now looking
to crowdsource vulnerability testing from of a field of ethical hackers through
HackerOne’s platform. Covered in the bug bounty program are the websites
Hyatt.com, m.hyatt.com, world.hyatt.com and Hyatt’s Android and iOS apps. “At
Hyatt, protecting guest and customer information is our top priority and
launching this program represents an important step that furthers our goal of
keeping our guests safe every day,” Benjamin Vaughn, Hyatt’s chief information
security officer, in a press release.
Reuters
January 7,
2019
The U.S.
Supreme Court on Monday declined to hear Fiat Chrysler’s appeal in a class
action lawsuit over allegations that its Jeeps and other trucks are vulnerable
to hacking, one of the first legal cases involving automotive cyber security
risks. The court’s action paves the way for an October trial in the litigation
centering on the question of whether truck buyers can sue over hypothetical
future injuries without having been actual victims of cyber security attacks on
their vehicles. Fiat Chrysler has received widespread support from industry
groups in the dispute. Three car owners from Illinois, Michigan and Missouri in
2015 sued the U.S. subsidiary of the Italian-controlled carmaker and Harman
International Industries, a subsidiary of Samsung Electronics Co that
manufactures the Uconnect infotainment system installed in various Ram, Dodge,
Jeep and Chrysler trucks. According to the lawsuit, cyber criminals are able to
gain access to the infotainment system, allowing them to take over
safety-critical functions such as acceleration, braking, steering and ignition.
Ars
Technica
January 7,
2019
The prices
for James Bond-style hacks keep growing, especially for those that hijack
iPhones and secure messaging apps. It's the latest sign that governments and
police forces around the world are as eager as ever to exploit software that's
becoming ever more difficult to compromise. On Monday, market-leading exploit
broker Zerodium said it would pay up to $2 million for zero-click jailbreaks of
Apple's iOS, $1.5 million for one-click iOS jailbreaks, and $1 million for
exploits that take over secure messaging apps WhatsApp and iMessage.
Previously, Zerodium was offering $1.5 million, $1 million, and $500,000 for
the same types of exploits respectively. The steeper prices indicate not only
that the demand for these exploits continues to grow, but also that reliably
compromising these targets is becoming increasingly hard. "I think one
conclusion is that targets are getting harder to exploit," Patrick Wardle,
a former hacker for the National Security Agency and now a cofounder of Digital
Security, told Ars. "But also another is that there is now a higher demand
for exploits."
INTERNATIONAL
The New
York Times
January 11,
2019
The Polish
authorities arrested two people, including a Chinese employee of the
telecommunications giant Huawei, and charged them with spying for Beijing,
officials said on Friday, as the United States and its allies move to restrict
the use of Chinese technology because of concerns that it is being used for espionage.
The arrest of the Huawei employee is almost certain to escalate tensions
between Western countries and China over the company, which the authorities in
the United States have accused of acting as an arm of the Chinese government
and making equipment designed for spying.
BBC
January 11,
2019
A British
cyber criminal who carried out an attack so powerful it knocked a nation
offline has been jailed. Daniel Kaye admitted attacking an African phone
company - inadvertently crashing Liberia's internet - in 2016. The 29-year-old
remains at the heart of a major international investigation into hundreds of
acts of cyber sabotage around the world. The National Crime Agency says Kaye is
perhaps the most significant cyber criminal yet caught in the UK. Jailing Kaye
for 32 months at Blackfriars Crown Court in London, Judge Alexander Milne QC
said Kaye had committed a "cynical" financial crime.
The Wall
Street Journal
January 10,
2019
One morning
in March 2017, Mike Vitello’s work phone lighted up. Customers wanted to know
about an odd email they had just received. What was the agreement he wanted
signed? Where was the attachment? Mr. Vitello had no idea what they were
talking about. The Oregon construction company where he works, All-Ways
Excavating USA, checked it out. The email was bogus, they told Mr. Vitello’s
contacts. Ignore it. Then, a few months later, the U.S. Department of Homeland
Security dispatched a team to examine the company’s computers. You’ve been
attacked, a government agent told Mr. Vitello’s colleague, Dawn Cox. Maybe by
Russians. They were trying to hack into the power grid. “They were intercepting
my every email,” Mr. Vitello says. “What the hell? I’m nobody.” “It’s not you.
It’s who you know,” says Ms. Cox. The cyberattack on the 15-person company near
Salem, Ore., which works with utilities and government agencies, was an early
thrust in the worst known hack by a foreign government into the nation’s
electric grid. It set off so many alarms that U.S. officials took the unusual
step in early 2018 of publicly blaming the Russian government. A reconstruction
of the hack reveals a glaring vulnerability at the heart of the country’s
electric system. Rather than strike the utilities head on, the hackers went
after the system’s unprotected underbelly—hundreds of contractors and
subcontractors like All-Ways who had no reason to be on high alert against
foreign agents. From these tiny footholds, the hackers worked their way up the
supply chain. Some experts believe two dozen or more utilities ultimately were
breached.
FT
January 10,
2019
An inquiry has found that hackers resembling state-sponsored actors were
responsible for the biggest cyber attack in Singapore’s history, which targeted
the healthcare details of Prime Minister Lee Hsien Loong and accessed the data
of a quarter of the population. A report published on Thursday described the
hackers involved in last year’s attack as “skilled and sophisticated,” with
characteristics matching “state-linked cyber attackers who conduct extended,
carefully planned cyber campaigns, to steal information or disrupt operations”.
The findings come as state-backed cyber crime across Asia Pacific proliferates
and as Singapore has tried to ramp up its defence against digital attacks, most
recently with a new cyber security act passed in February 2018. The attackers’
identity remains undisclosed. Singaporean officials have said they would not
name suspects, citing national security concerns.
Ars Technica
January 10,
2019
Federal
authorities and private researchers are alerting companies to a wave of domain
hijacking attacks that use relatively novel techniques to compromise targets at
an almost unprecedented scale. The attacks, which security firm FireEye said
have been active since January 2017, use three different ways to manipulate the
Domain Name System records that allow computers to find a company's computers
on the Internet. By replacing the legitimate IP address for a domain such as
example.com with a booby-trapped address, attackers can cause example.com to
carry out a variety of malicious activities, including harvesting users' login
credentials. The techniques detected by FireEye are particularly effective,
because they allow attackers to obtain valid TLS certificates that prevent
browsers from detecting the hijacking. “A large number of organizations has
been affected by this pattern of DNS record manipulation and fraudulent SSL
certificates,” FireEye researchers Muks Hirani, Sarah Jones, Ben Read wrote in
a report published Thursday. “They include telecoms and ISP[s], government and
sensitive commercial entities.” The campaign, they added, is occurring around
the globe at “an almost unprecedented scale, with a high degree of success.”
The researchers assessed with moderate confidence that the attackers had a link
to Iran, based on IP addresses they’re using.
Wired
January 10,
2019
It was a
treasure trove of information: nearly 20,000 emails and 8,000 attachments, sent
by and to the Democratic National Committee (DNC), the body which runs the
United States’ Democratic party, found its way into the hands of WikiLeaks and
were unleashed on the world in late July 2016. The emails were siphoned off DNC
servers over the course of a two-month period, but dated back to January 2015,
and included private conversations that torpedoed the campaign of Democratic
presidential nominee Hillary Clinton, and eventually helped elevate Donald
Trump to the White House. It wasn’t just in the United States that the
ramifications of this unprecedented leak of internal correspondence – which in
July 2018 US special counsel Robert Mueller attributed to 12 members of the
Russian military – were felt. Something seismic shifted underfoot. While
nefarious nation states had been propping up or supporting campaigns aimed at
promoting their goals in third countries for decades, this was the most overt
attempt at changing the course of history in favour of a third party. And it
worked. On November 8, 2016, around three hours after polls in Alaska closed
and Donald Trump was declared president-elect, preparations for the European
Parliamentary elections due in May 2019 changed. They changed because
everything changed. There was a recognition across the European Union that
preparations for its upcoming parliamentary elections needed to be stepped up –
but the core principle of independence among the member states meant that only
a certain amount of centralised planning could take place. Instead, each of the
27 member states expected to be part of the Union in May (Britain, of course,
departs at the end of March, if all goes to plan) will take the lead in ensuring
the sanctity of their vote, while the European Union will possibly oversee
exercises stress-testing member states’ response.
CyberScoop
January 10,
2019
A criminal
hacking group suspected of operating out of Russia has shifted tactics in
recent months from wire fraud to targeting big organizations for ransomware payouts,
according to new research. The change in tactics is exemplified by the infamous
Ryuk ransomware, which cybersecurity company CrowdStrike said Thursday is being
used by a subset of the Russian group to rake in $3.7 million since August. The
trend in extorting bigger organizations “has been increasing in the last year
and poses a significant challenge to enterprises and businesses,” Adam Meyers,
vice president of intelligence at CrowdStrike, told CyberScoop. “We have
observed numerous adversaries adopting this tactic and charging substantial
fees to unlock data across the entire network.”
Politico
January 9,
2019
The 2016
arrest of a former National Security Agency contractor charged with a massive
theft of classified data began with an unlikely source: a tip from a Russian
cybersecurity firm that the U.S. government has called a threat to the country.
Moscow-based Kaspersky Lab turned Harold T. Martin III in to the NSA after
receiving strange Twitter messages in 2016 from an account linked to him,
according to two people with knowledge of the investigation. They spoke with
POLITICO on condition of anonymity because they’re not authorized to discuss
the case. The company’s role in exposing Martin is a remarkable twist in an
increasingly bizarre case that is believed to be the largest breach of
classified material in U.S. history.
AP
January 9,
2019
Israel's
internal security service said Wednesday it was prepared to thwart any foreign
intervention in the upcoming elections, after its director warned such efforts
were being made by a world power, with suspicions falling on Russia. The
unusual Shin Bet statement followed a TV report that Shin Bet chief Nadav
Argaman recently told a closed audience that a foreign country was trying to
intervene in the April elections via hackers and cyber technology. "The
Shin Bet would like to make clear that the state of Israel and the intelligence
community have the tools and capabilities to identify, monitor and thwart
foreign influence efforts, should there be any," it said. "The
Israeli defense apparatus is able to guarantee democratic and free elections
are held in Israel." Argaman did not say for whose benefit the alleged
meddling was being done. Prime Minister Benjamin Netanyahu has grown closer to
Russian President Vladimir Putin in recent years. However, Netanyahu is far
ahead in the polls at the moment, and does not appear to need any outside help.
The New York Times
January 8,
2019
A
20-year-old German student took advantage of passwords as weak as “Iloveyou”
and “1234” to hack into online accounts of hundreds of lawmakers and
personalities whose political stances he disliked, officials revealed Tuesday,
shaking Berlin’s political establishment and raising questions about data
security in Europe’s leading economy. Working from his computer in his parents’
home, the young man used relatively simple techniques to hack into successive
accounts, the authorities said. There, he stole the users’ personal information
and published it through Twitter over the course of December. But it was not
until late on Jan. 3 that an employee in the office of Andrea Nahles, leader of
the center-left Social Democratic Party, finally noticed the hack and informed
security officials, who then scrambled to track the source of the leaks.
The New York Times
January 6,
2019
The Trump
administration has warned scientists doing biomedical research at American
universities that they may be targets of Chinese spies trying to steal and
exploit information from their laboratories. Scientists and universities
receiving funds from the National Institutes of Health for cutting-edge
research need to tighten their security procedures and take other precautions,
said a panel of experts commissioned by the agency to investigate “foreign
influences on research integrity.” “Unfortunately, some foreign governments
have initiated systematic programs to unduly influence and capitalize on
U.S.-conducted research, including that funded by N.I.H.,” the panel said in a
report last month to the director of the N.I.H., Dr. Francis S. Collins.
AP
January 5,
2019
Germany's
IT security agency on Saturday defended its response to the leaking of hundreds
of politicians' private information, after lawmakers accused it of failing to
inform them quickly enough. Politicians from several parties questioned why the
Federal Office for Information Security, or BSI, didn't alert Parliament about
the suspected hacking case when it first came to light in December. In a
statement, the agency acknowledged it was approached by one lawmaker about
suspicious activity on his private email and social media accounts in early
December, but said it believed at the time his experience was a one-off case.
"The BSI took this case very serious and took it up with the National
Cyber Defense Center," the agency said in a statement, adding that it
wasn't aware of the planned mass online leak of data that occurred Thursday via
Twitter. "It was impossible to foresee at the start of December 2018 that
there would be further cases," the BSI said.
TECHNOLOGY
ZDNet
January 9,
2019
A new
penetration testing tool published at the start of the year by a security
researcher can automate phishing attacks with an ease never seen before and can
even blow through login operations for accounts protected by two-factor
authentication (2FA). Named Modlishka --the English pronunciation of the Polish
word for mantis-- this new tool was created by Polish researcher Piotr
Duszyński. Modlishka is what IT professionals call a reverse proxy, but
modified for handling traffic meant for login pages and phishing operations. It
sits between a user and a target website --like Gmail, Yahoo, or ProtonMail.
Phishing victims connect to the Modlishka server (hosting a phishing domain),
and the reverse proxy component behind it makes requests to the site it wants
to impersonate.
Wired
January 8,
2019
The promise
of digital cryptocurrencies like bitcoin is that you don't need to trust the
people to whom you send or receive money, because the software makes it
technically impossible for anyone to cheat the system. Instead of relying on
humans and their flawed judgment, you rely on the laws of mathematics. But a
recent attack on the cryptocurrency Ethereum Classic—not to be confused with
the original Ethereum project—shows once again how hard it is to remove human
frailty from digital systems. Like other cryptocurrencies, Ethereum Classic
relies on a decentralized ledger known as a blockchain created and shared by
the machines that process transactions on the network. This ledger ensures that
no one can spend their virtual tokens twice. Unless, that is, someone could
take over at least 51 percent of the machines in the network. That's what
appears to have happened last weekend.
via Nick
Leiserson