Resistance keeps you stuck. Surrender immediately opens you to the greater intelligence that is vaster than the human mind, and it can then express itself through you. So through surrender often you find circumstances changing.”
~Eckhart Tolle
Author George Hodgman Dead At 60 In Apparent Suicide
“[He was] a well-regarded book and magazine editor who had his own moment as a literarycause célèbre in 2015 when he published Bettyville, a memoir about caring for his aging mother that also delved into his growing up gay in a Midwestern town.” – The New York Times
'Nor Cast One Longing Lingering Look Behind'
“It is alleged by a friend of my family that I used to suffer from insomnia at the age of four; and that when she asked me how I managed to occupy my time at night I answered ‘I lie awake and think of the past.’”
Knox, a Roman Catholic priest and son of an Anglican bishop, is one of the last century’s unacknowledged masters of English prose. Like Max Beerbohm, Knox calibrates his words until they attain the precise edge of irony he seeks. The passage above arouses in this reader pensive amusement with a hint of sadness. The notion of a four-year-old even having a past to contemplate is funny – and poignant. We’ve all known boys and girls who carry the gravitas of old men and women. They seem to inhabit two ages and have access to precocious wisdom.
Nige has been visiting cemeteries and reading Thomas Gray, the poet I thought of when reading Knox’s essay. Knock“Elegy Written in a Country Churchyard” if you wish; call it sentimental, pious or sententious, but the poem has touched millions of people, most of whom have not been poets or critics but thoughtful, private, non-aligned readers who value music and consolation. This stanza recalls the four-year-old Knox:
“For who to dumb Forgetfulness a prey,
This pleasing anxious being e’er resigned,
Left the warm precincts of the cheerful day,
Nor cast one longing lingering look behind?”
Nige speaks for generations of Gray’s readers: “[Y]ou wonder how many poets of the twentieth century had such appeal, convincing the reader that his lines reflect the things the reader has always him(her)self felt – Kipling of course, and later Betjeman, none of the modernists except maybe sometimes Eliot . . . maybe sometimes Auden and Yeats, even Larkin once in a while? But the century produced nothing with such strong and enduring appeal as Gray’s Elegy. Or did it?”
AP
July 26,
2019
Robert
Mueller warned that Russian interference is still happening “as we sit here.”
State election officials are anxious and underfunded, some running systems with
outdated software and scrounging for replacement parts off e-Bay. And on
Thursday a report from the Senate Intelligence committee concluded all 50
states were targeted in 2016 and ahead of the 2018 election “top election
vulnerabilities remained.” But there’s no help coming from Congress. It’s a
risky calculation heading into 2020, when the stakes will be high for an
election that could see record turnout as President Donald Trump runs for a
second term. Primary voting is six months away. Senate Majority Leader Mitch
McConnell on Thursday blocked a House-passed bill that would authorize $775 million
to beef up state election systems. GOP leaders made the case that the Trump
administration has already made great strides in protecting the vote and they
say no more funding is needed.
The New
York Times
July 25,
2019
The Senate
Intelligence Committee concluded Thursday that election systems in all 50
states were targeted by Russia in 2016, an effort more far-reaching than
previously acknowledged and one largely undetected by the states and federal
officials at the time. But while the bipartisan report’s warning that the
United States remains vulnerable in the next election is clear, its findings
were so heavily redacted at the insistence of American intelligence agencies
that even some key recommendations for 2020 were blacked out. The report — the
first volume of several to be released from the committee’s investigation into
Russia’s 2016 election interference — came 24 hours after the former special
counsel Robert S. Mueller III warned that Russia was moving again to interfere
“as we sit here.” While details of many of the hackings directed by Russian
intelligence, particularly in Illinois and Arizona, are well known, the
committee described “an unprecedented level of activity against state election
infrastructure” intended largely to search for vulnerabilities in the security
of the election systems.
The Hill
July 25,
2019
House
Homeland Security Committee Chairman Bennie Thompson (D-Miss.) and Rep. Debbie
Wasserman Schultz (D-Fla.) sent a letter to President Trump this week
questioning his administration's efforts to secure elections. The letter was
sent Wednesday in light of comments made by former special counsel Robert
Mueller while testifying in front of two House committees. Mueller said that
the Russians will likely try to interfere in the 2020 U.S. elections, and are
doing so “as we sit here.” Thompson and Wasserman Schultz questioned Trump on
his actions taken in regard to election security, in particular pointing out
that he has not requested or received a briefing from federal officials about
election security efforts. They also questioned why Trump has not designated a
White House official to coordinate “interagency efforts” to secure elections
against foreign interference. “It is your responsibility, as Commander in
Chief, to address the threat of cyber-attacks, influence operations,
disinformation campaigns, and other activities that undermine the security and
integrity of U.S. democratic institutions,” Thompson and Wasserman Schultz
wrote. “We implore you to treat this issue with seriousness and with the utmost
sense of urgency and concern that it demands.”
FCW
July 24,
2019
The House
quietly passed legislation on July 23 that would expand cybersecurity research
and development partnerships between several federal agencies and the
government of Israel. The bill, introduced in March by Reps. Ted Deutch
(D-Fla.) and Joe Wilson (R-S.C.), covers a broad set of cooperative issues
between the two countries but contains several provisions related to
cybersecurity. Most notably, it would create a new grant program at the
Department of Homeland Security to support cybersecurity R&D as well as the
demonstration and commercialization of cybersecurity technology with the
Israeli government. Applicants would be eligible for funding under the program
if their project represents a joint venture between a U.S.-based third-party
organization and an Israeli one, including the U.S. and Israeli governments,
and addresses “a requirement in the area of cybersecurity research or …
technology, as determined by the secretary.
The
Washington Post
July 22,
2019
House
Intelligence Committee Chairman Adam B. Schiff (D-Calif.) said Saturday that he
and his contacts at top intelligence agencies were unaware of Russian attempts
to hack Senate candidates until the issue came up publicly at a conference last
year. Speaking to NBC journalist Kristen Welker at the Aspen Security Forum —
an annual Colorado gathering of government officials, industry experts and
reporters — Schiff recalled his surprise when a Microsoft representative said
at last year’s forum that three Senate campaigns had been attacked by what
seemed like the same Russian group that interfered in the 2016 presidential
election. “That should not be the first time the Intelligence chair is hearing
that,” Schiff said at the Aspen conference. The hacking attempts were also news
to the National Security Agency and CIA officials he talked to later, the
lawmaker said. “And that told me, as a matter of quality control, that
something is broken here,” Schiff added.
Nextgov
July 22,
2019
As our
planes, trains and automobiles become increasingly connected in cyberspace, a
pair of lawmakers want to make sure manufacturers are doing everything they can
to secure the vehicles against unwanted digital intrusions. Sens. Ed Markey,
D-Mass., and Richard Blumenthal, D-Conn., last week introduced a pair of bills
that would require the government to regulate the security of the numerous IT
systems onboard cars and commercial planes. The proposals come months after
Washington D.C.-area lawmakers recommended banning the Washington Metropolitan
Area Transit Authority from buying train cars from a Chinese manufacturer,
citing potential espionage threats. Though the two bills call on manufacturers
to follow best practices like isolating critical systems and frequent
penetration testing, they avoid codifying any specific security measures, giving
regulators the flexibility to update standards as the threat landscape evolves.
“Evolving transportation technologies offer enormous potential to improve
safety, help protect the environment and entertain passengers,” Markey said in
a statement. “But these same technologies could pose massive cybersecurity and
privacy vulnerabilities if appropriate safeguards are not in place. The
[legislation] will make sure our drive[r]s and fliers are all able to travel
safely in the internet era.”
Fifth
Domain
July 21,
2019
After
stonewalling congressional committees for nearly a year, the Trump
administration has apparently finally agreed to share documents related to a
new processes for approving cyber operations outside U.S. networks. “On a
bipartisan basis some of us sent a letter to the Trump administration demanding
that they share with, at least some of the leadership on the Armed Services
Committees, the rules of engagement for certain cyber contingencies,” Rep. Mac
Thornberry, R-Texas, ranking member of the House Armed Services Committee, said
at the Aspen Security Forum July 20. “The Obama folks did give us that
information, the Trump people changed it, but then they were reluctant to show
us. We had to go all the way to the White House counsel, but he has come back
and said, ‘OK, we will follow that precedent.’” Congress, as part of its
oversight role, has been asking to see the documents for National Security
Presidential Memorandum 13, which repealed Obama-era processes for approving
cyber operations through the interagency.
ADMINISTRATION
CyberScoop
July 26,
2019
A British
cybersecurity researcher best known for halting the spread of the global
WannaCry ransomware outbreak two years ago will avoid prison for creating
banking malware that surfaced in 2014. A federal judge in the Eastern District
of Wisconsin on Friday sentenced 25-year-old Marcus Hutchins to time served and
one year of supervised release. The decision brings to a dramatic close a
legal saga that has absorbed the cybersecurity community for years. Hutchins,
also known by the Twitter handle “MalwareTech,” had faced up to a decade in
prison after pleading guilty in April to two counts related to writing and distributing
the Kronos banking trojan, and another piece of malware known as UPAS Kit.
Hutchins created Kronos as a black hat hacker, a life he disavowed before the
WannaCry ransomware virus infected more than 200,000 computers in roughly 150
countries in May 2017. Hutchins, working as a security researcher at the time,
found a so-called kill switch in the WannaCry code which stopped the malware’s
spread.
Ars
Technica
July 26,
2019
This
Wednesday, Louisiana Governor John Bel Edwards declared a state of emergency in
response to ransomware attacks on three public school districts. There's no
word so far on which ransomware variant has hit the school districts or what
the exact extent of damages is. Eddie Jones, principal of Florien High School
(a school in one of the three affected districts), told KSLA News that his
technology supervisor received an alert on his phone at 4am Sunday about
unusually high bandwidth usage. Shortly afterward, investigators discovered
ransomware on the school servers. Jones says "anything and everything
housed solely on the School District's servers" was lost, including 17
years of his own personal documents. The Sabine and Morehouse district
ransomware attacks this week follow an attack on the Monroe City school
district last week. Morehouse parish claims not to have been affected to the extent
of the other two parishes, and it states that "all major systems,
including payroll, are operational."
FCW
Contractors
routinely fail to secure the Defense Department's unclassified information from
cyberthreats when it's housed on their systems and networks, according to a new
report from the department's watchdog agency. The DOD inspector general
released a report July 25 after reviewing how DOD information is protected on
contractor's networks and systems. The IG found that contractors were not
consistently adhering to DOD's cybersecurity standards, which are based on
controls created by the National Institute of Standards and Technology.
Specifically, contractors failed to use multifactor authentication, enforce
strong password use, identify and mitigate vulnerabilities or document and
track cybersecurity incidents. Administrators also improperly assigned access
privileges that did not align with users' responsibilities, the report stated.
CNN
July 26,
2019
Two days
after Louisiana officials declared a state of emergency following a massive
cyber attack, authorities from New York conducted a "digital fire
drill" to see how critical infrastructure would hold up during a security
breach. The tabletop exercise, hosted by IBM at its training facility in Boston
on Friday, puts leaders from law enforcement, telecommunications, energy and
many other sectors to the test. The idea was to create a makeshift scenario
where a cyber attack shuts down key infrastructure, causing anywhere from a
loss of power to mass casualties. The test could expose blind spots for first
responders and reiterate the need for leaders at the local level to meet and
exchange information, a critical lesson learned in the wake of the 9/11 terror attacks,
officials said. "It's like a digital fire drill," said Kenn Kern,
chief information officer for the Manhattan District Attorney's Office.
"How are we going to respond right now."
AP
July 26,
2019
In a
federal court filing, lawyers for election integrity advocates accuse Georgia
election officials of intentionally destroying evidence that could show
unauthorized access to the state election system and potential manipulation of
election results. Election integrity advocates and individual Georgia voters
sued election officials in 2017 alleging that the touchscreen voting machines
Georgia has used since 2002 are unsecure and vulnerable to hacking. In a court
filing Thursday, they said state officials began destroying evidence within
days of the suit's filing and continued to do so as the case moved forward.
"The evidence strongly suggests that the State's amateurish protection of
critical election infrastructure placed Georgia's election system at risk, and
the State Defendants now appear to be desperate to cover-up the effects of
their misfeasance — to the point of destroying evidence," the filing says.
A spokeswoman for the secretary of state's office, which oversees elections,
denied the allegations.
Nextgov
July 26,
2019
The Energy
Department failed to enact proper cybersecurity controls at one of its
radioactive waste management facilities, leaving the site potentially
vulnerable to digital attacks, according to an internal watchdog. The agency
inspector general found the site’s digital security fell short of the standards
outlined in the Federal Information Security Management Act, the government’s
primary cybersecurity regulation. The unnamed facility lacked proper physical
and logical access controls, and officials also failed to properly monitor
networks, manage vulnerabilities and develop a contingency plan, according to
the IG. “The integrity, confidentiality and availability of systems and data
managed by the site may be impacted by the vulnerabilities identified during
our review,” auditors wrote in a summary of their findings. The public version
of the report included few details on specific vulnerabilities. Auditors
attributed the vulnerabilities to shoddy oversight, calling out the site’s
cybersecurity officials for not ensuring FISMA requirements were fully implemented.
Department leaders also never created specific performance metrics to
incentivize the site’s primary contractor to follow robust cybersecurity
practices, they said.
CyberScoop
Maybe the
only thing more complicated than the Methbot advertising fraud scheme was the
plan that ultimately shut it all down. Last year, the FBI led a takedown
operation that, with help from the bot detection firm White Ops and more than a
dozen other companies, resulted in the arrest of three accused fraudsters in
three different countries, as well as the seizure of more than 50 web servers
and numerous bank accounts. The law operation, detailed Wednesday by FBI
officials at the International Conference on Cyber Security, targeted the
Methbot/3ve fraud scheme. The ad-fraud ring defrauded digital advertisers and
web publishers out of more than $30 million by charging marketers for access to
internet users who didn’t actually exist, according to the U.S. Department of
Justice. Advertising fraud, already a billion-dollar problem, is set to cost
the ad industry $44 billion by 2022. The investigation, which lasted more than
a year and a half, resulted in the arrests of three suspects who were
apprehended in Bulgaria, Malaysia and Estonia. Five other suspects have been
indicted while managing to avoid capture. Identifying the suspects only turned
out to be the first hurdle, though, for FBI agents who ultimately spent six
months plotting out how to bring the ringleaders into custody without
compromising evidence or tipping off other suspects that police were on the
way.
CyberScoop
When
soldiers are preparing to deploy, they head to the Army’s National Training
Center at Fort Irwin in California. There, they can replicate an entire
campaign during a two-week rotation against a world class force. But in the
cyber world, no such training environment exists. That means cyber forces train
in ad hoc cyber ranges and are limited by the number of teams that can dial in.
Moreover, there is no space to rehearse for an upcoming mission. The Persistent
Cyber Training Environment (PCTE), managed by the Army, seeks to change all of
that. PCTE is an online client in which members of U.S. Cyber Command’s cyber
mission force can log on from anywhere in the world for training, either of
individuals or of groups, and to rehearse missions. In June, the program
underwent its biggest test to date, working with cyber warriors from across
several time zones during an exercise created by the Navy, to get the system
ready for primetime.
The New
York Times
July 23,
2019
Attorney
General William P. Barr said on Tuesday that technology companies should stop
using advanced encryption and other security measures that effectively turn
devices into “law-free zones” that keep out law enforcement officials
conducting criminal investigations. “As we use encryption to improve
cybersecurity, we must ensure that we retain society’s ability to gain lawful
access to data and communications when needed to respond to criminal activity,”
Mr. Barr said in his keynote address at the International Conference on
Cybersecurity at Fordham University Law School in Manhattan. The Justice
Department has long pushed technology companies to help the government gain
access to information on electronic devices, a conflict that last peaked in
2016, when investigators obtained a court order that required Apple to help the
F.B.I. unlock an iPhone recovered after the mass shooting in San Bernardino,
Calif., in December 2015. Tensions eased after the F.B.I. found a way to get
into the phone without Apple, but the case reinvigorated the debate over tech
freedom, security and encryption.
CyberScoop
July 23,
2019
The
National Security Agency is creating a Cybersecurity Directorate to better
protect the country against cyberthreats from foreign adversaries, NSA Director
Gen. Paul Nakasone said Tuesday. Anne Neuberger will be the intelligence
agency’s first director for cybersecurity. The directorate is slated to be
operational Oct. 1 of this year, an NSA spokesperson told CyberScoop. The move
is intended to allow the NSA — which is part of the Department of Defense
— to better provide information gleaned from signals intelligence to agencies
and the private sector in order to protect national critical infrastructure,
the spokesperson said. Nakasone made the announcement in New York at the
International Conference on Cyber Security. “It’s a major organization that unifies
our foreign intelligence and our cyberdefense mission, and it’s charged with
preventing and eradicating threats to national security systems and the defense
industrial base,” the spokesperson said.
Nextgov
July 22,
2019
States and
local election offices need much more financial support from the federal
government to create reliably secure election systems that can withstand
attempts at interference from foreign governments, according to a new report.
After Russian hackers sought to interfere with the 2016 election, Congress in
2018 approved $380 million for states to help them improve election security.
States are expected to spend most of the money ahead of the 2020 balloting, but
the report from the Brennan Center for Justice cautions that each state faces
particular challenges that won’t be resolved before the next big election. The
report, which was also sponsored by the Alliance for Securing Democracy, R
Street Institute and University of Pittsburgh Institute for Cyber Law, Policy and
Security, examined six states, finding that all had taken steps to shore up
vulnerabilities. But in each state, big problems that come with big price tags
remain, such as old voting equipment that is more vulnerable to hacking, aging
voter registration systems and states failing to provide sufficient
cybersecurity assistance to local governments.
INDUSTRY
Gov Info
Security
July 26,
2019
A massive
botnet attack earlier this year utilized more than 400,000 connected devices
over the course of 13 days, according to researchers at the security firm
Imperva. The attack, which occurred between March and April at one of the
firm's clients in the "entertainment industry," targeted an online
streaming application, Imperva says in a blog. At one point, the botnet
produced more than 292,000 requests per minute, the researchers say. This particular
botnet, and the distributed denial-of-service attack associated with it,
mirrored some of the same activity seen with the Mirai botnet, which first
appeared in 2016. For example, it used some of the same open ports as Mirai
malware infected, according to the blog. "It was the largest Layer 7 DDoS
attack Imperva has ever seen," researcher Vitaly Simonovich notes in the
blog.
ZDNet
July 25,
2019
A US
cyber-security company is selling a weaponized BlueKeep exploit as part of a
penetration testing utility. BlueKeep, also known as CVE-2019-0708, is a
vulnerability in the Remote Desktop Protocol (RDP) service included in older
versions of the Windows operating system. Microsoft released patches for
BlueKeep on May 14, and described it as a "wormable" vulnerability
that could self-propagate in a similar manner how the EternalBlue helped
propagate the WannaCry ransomware outbreak. The vulnerability was considered
incredibly dangerous. Microsoft has repeatedly told users to apply patches, and
even the US National Security Agency (NSA), the US Department of Homeland
Security, Germany's BSI cyber-security agency, the Australian Cyber Security
Centre, and the UK's National Cyber Security Centre have issued security alerts
urging users and companies to patch older versions of Windows. For the last two
months, security researchers have been holding their collective breadth that
malware authors don't discover a way to weaponize BlueKeep.
Reuters
July 24,
2019
German
blue-chip companies BASF, Siemens, Henkel along with a host of others said on
Wednesday they had been victims of cyber attacks, confirming a German media
report which said the likely culprit was a state-backed Chinese group. Public
broadcaster ARD said the hackers used a type of malware called Winnti, which
allows attackers to remotely access a victim’s computer network. ARD said an
analysis of the malware code showed which companies were targeted by a group
likely working for the Chinese government. Alongside the German firms named,
companies including drug maker Roche, hotels group Marriott, airline Lion Air,
conglomerate Sumitomo, and chemicals group Shin-Etsu were also targeted by the
hackers, ARD reported. Industrial conglomerate Siemens, shampoo maker Henkel
and Swiss pharma group Roche confirmed that they were affected by “Winnti”,
while BASF and Covestro also confirmed that they have been attacked. All said
that no sensitive information was lost, while none of the companies commented
on whether the attacks had been launched by Chinese hackers.
CyberScoop
July 24,
2019
The hackers
who breached corporate VPN service provider Citrix last year used an
unsophisticated technique that throws commonly used, weak passwords at a system
until one works, the company’s investigators has confirmed. The “password
spraying” ploy allowed the hackers to steal business files from a Citrix
network drive along with a drive linked with its consulting practice, Citrix
President David Henshall wrote in a blog post last week. The attackers had
access to the drives for a “limited number of days,” between October 2018 and
March 2019, he said. Henshall did not say who carried out the hack or what
their ultimate objective was. VPN providers could be an enticing target for any
set of hackers looking for a foothold in a corporation’s network. “The
cybercriminals also may have accessed the individual virtual drives and company
email accounts of a very limited number of compromised users and launched
without further exploitation a limited number of internal applications,”
Henshall added.
TechCrunch
July 23,
2019
Researchers
have found several security flaws in popular corporate VPNs which they say can
be used to silently break into company networks and steal business secrets.
Devcore researchers Orange Tsai and Meh Chang, who shared their findings with
TechCrunch ahead of their upcoming Black Hat talk, said the flaws found in the
three corporate VPN providers — Palo Alto Networks, Pulse Secure and Fortinet —
are “easy” to remotely exploit. These VPNs — or virtual private networks —
aren’t your traditional consumer VPN apps designed to mask where you are and
hide your identity, but are used by staff who work remotely to access resources
on a company’s network. Typically employees must enter their corporate username
and password, and often a two-factor code. By connecting over an HTTPS (SSL)
connection, these providers create a secure tunnel between the user’s computer
and the corporate network. But Tsai and Chang say the bugs they found allow
anyone to covertly burrow into a company’s network without needing a working
username or password.
The New York Times
July 22,
2019
The credit
bureau Equifax will pay about $650 million — and perhaps much more — to resolve
most claims stemming from a 2017 data breach that exposed sensitive information
on more than 147 million consumers and demonstrated how little control
Americans have over their personal data. The settlement is vast in its scope,
resolving investigations by two federal agencies and 48 state attorneys general
and covering every American consumer whose data was stolen — or just under half
the population of the United States. It does not just compensate victims who
lost money: People who suffered through the hassles of bank phone trees and
credit-card customer service lines can bill Equifax $25 an hour for their time.
A federal judge gave the agreement preliminary approval on Monday, and once
finalized, it will be the largest settlement of a data breach case in terms of
dollar amount and number of victims, surpassing the $115 million the health
care company Anthem paid to settle claims from 79 million people who had their
personal information stolen in 2015.
INTERNATIONAL
Financial
Times
July 26, 2019
One of the
world’s most secure email services has been caught up in a sophisticated cyber
attack aimed at investigative journalists and other experts who are probing
Russian intelligence activities. Those targeted have used Swiss-based
ProtonMail to share sensitive information related to their probes of Moscow’s
military intelligence directorate, the GRU. Its agents have been accused of
complicity in the downing of MH17 over Ukraine in 2014, and the attempted
assassination of Sergei Skripal and his daughter last year in Britain.
ProtonMail, which bills itself as the world’s most secure email platform,
because of its cutting edge cryptography and protections against attack, became
aware of the attempt to compromise its users on Wednesday. The company, founded
in 2014 by a team of former scientists from the European particle research
laboratory Cern, has been in touch with Swiss authorities to help shut down the
web domains used to try to dupe its clients and has taken action to block
phishing emails.
Gov Info
Security
July 26, 2019
Portions of
the South Africa capital of Johannesburg were left in the dark for a part of
Thursday, after an unknown ransomware variant knocked out the local electrical
utility's network, databases and applications, according to city officials and
local media reports. By Friday morning, City Power, which provides electricity
for Johannesburg and is owned by the city, had restored power and most services
for affected residents. The utility was still in the process of recovering its
various IT systems and networks on Friday, according to the local officials.
While the ransomware attack knocked out City Power's website and other
applications for most of Thursday, the utility did manage to post a series of
tweets to keep residents up-to-date on developments and the recovery effort.
What exact variant of ransomware hit City Power on Thursday is not clear, and
the utility did not say if the attackers asked for ransom or if officials paid
to restore service. While the attack crippled the utility's IT systems,
Johannesburg's official Twitter account stressed that no customer data was
stolen or breached during the incident.
The New
York Times
July 25, 2019
President
Jair Bolsonaro’s cellphones were among hundreds targeted by hackers this year,
he said Thursday, as part of an elaborate scheme that has roiled the political
establishment and called into question the fairness of high-profile corruption
prosecutions. The revelation came days after law enforcement officials took
four people into custody as part of their investigation into the hacking of
confidential material stored on the cellphones of Brazilian cabinet members,
prosecutors and lawmakers. Mr. Bolsonaro called the hacking “a serious attack
against Brazil and its institutions,” but said he personally had little to
fear. “I never handled sensitive or national security matters over a
cellphone,” he said. On Thursday, Brazilian newspapers reported that one of the
suspects, Walter Delgatti Neto, told investigators that he had leaked
correspondence between prosecutors and a prominent judge to The Intercept, an
online news site, which published several articles based on the material.
Ars Technica
July 24,
2019
Researchers
have discovered some of the most advanced and full-featured mobile
surveillanceware ever seen. Dubbed Monokle and used in the wild since at least
March 2016, the Android-based application was developed by a Russian defense
contractor that was sanctioned in 2016 for helping that country’s Main
Intelligence Directorate meddle in the 2016 US presidential election. Monokle
uses several novel tools, including the ability to modify the Android
trusted-certificate store and a command-and-control network that can
communicate over Internet TCP ports, email, text messages, or phone calls. The
result: Monokle provides a host of surveillance capabilities that work even
when an Internet connection is unavailable.
CyberScoop
July 23, 2019
European
authorities are testing out the idea that not every cybercrime investigation
has to end with a hacker in handcuffs. Police in the U.K. and the Netherlands
have created a legal intervention campaign for first-time offenders accused of
committing cybercrimes, officials explained Tuesday at the International
Conference on Cybersecurity at Fordham University. The effort, called
“Hack_Right,” is aimed at people between 12 and 23 years old who may be
skirting the law from behind their keyboard and not even realize it. The
experiment, which began last year, already has involved interactions with more
than 400 young people in the U.K., the officials said. “We do this … to get out
and find them and get them into computing clubs before we have to investigate
someone and lock them up,” said Gregory Francis, acting national prevent lead
at the National Cyber Crime Unit of the National Crime Agency. “[Cybercrime] is
not a law enforcement problem. It’s a societal problem.”
Gov Info
Security
July 22, 2019
A recent
spate of attacks targeting domain name system protocols and registrars,
including several incidents that researchers believe have ties to nation-state
espionage, is prompting the U.S. and U.K. governments to issues warnings and
policy updates to improve security. The recent alerts and updates issued by the
U.S. General Services Administration, which has responsibility for .gov
domains, and the U.K. National Cyber Security Center over the last two weeks
come at a time when security experts warn that the aging DNS protocol cannot
keep up with modern threats and tools designed to hijack internet traffic. On
Wednesday, the GSA plans to start alerting officials who oversee .gov domains
when changes are made to those sites' DNS registrar. Meanwhile, British
officials have issued a new warning about attacks targeting DNS - the second
time this year it has issued such an alert.
BBC
July 20,
2019
The
Metropolitan Police's website has been hit by hackers who posted a series of
bizarre messages. A series of tweets were sent from the force's verified
account, which has more than a million followers, including one about rapper
Digga D. A stream of unusual emails were also sent from the force's press
bureau at about 23:30 BST on Friday. Scotland Yard confirmed its website had
"been subject to unauthorized access". Following the incident, US
President Donald Trump renewed his attack on Mayor of London Sadiq Khan, in a
tweet quoting right-wing commentator Katie Hopkins. Ms. Hopkins said "they
have lost control of London streets" and "apparently they lost
control of their twitter account too", while Mr Trump added: "With
the incompetent Mayor of London, you will never have safe streets!". The
Mayor's office has declined to comment on Mr Trump's tweet.
TECHNOLOGY
BBC
July 26,
2019
A free
scheme to prevent cyber-attack victims paying ransom to hackers claims to have
saved more than 200,000 victims at least $108m (£86m). The No More Ransom
project offers advice and software to recover computer files encrypted in
ransomware attacks. Founded by Europol, police in the Netherlands, and McAfee,
it now has more than 150 global partners. With 14 new tools introduced in 2019
alone, Europol says it can now decrypt 109 different types of infection.
"When we take a close look at ransomware, we see how easy a device can be
infected in a matter of seconds," says Steven Wilson, head of Europol's
European Cybercrime Centre (EC3).
Wired
July 21,
2019
When you
think of malware, it's understandable if your mind first goes to elite hackers
launching sophisticated dragnets. But unless you're being targeted by a
nation-state or advanced crime syndicate, you're unlikely to encounter these ultratechnical
threats yourself. Run-of-the-mill, profit-generating malware, on the other
hand, is rampant. And the type you're most likely to encounter is adware. In
your daily life you probably don't think much about adware, software that
illicitly sneaks ads into your apps and browsers as a way of generating bogus
revenue. Remember pop-up ads? It's like that, but with special software running
on your device, instead of rogue web scripts, throwing up the ads. Advertisers
often pay out based on impressions, or the number of people who load their ads.
So scammers have realized that the more ads they can foist upon you, the more
money they pocket.
via
via
