Tag Archive for: agencies

Karakurt warning. Clipminer in the wild. GootLoader evolves. Cyber ops in Russia’s hybrid war. Russian agencies buy VPNs.

/in


Dateline Moscow, Kyiv, Washington: Gray zone operations.

Ukraine at D+98: Friction in the gray zone. (The CyberWire) Advancing into the rubble it’s created, Russia’s army tries to come to grips with combat refusals. The White House says that the cyber operations NSA Director Nakasone alluded to this week are entirely consistent with the US policy of avoiding direct combat with Russia. Observers work to understand the state of the cyber phase of the hybrid war. And Russian censorship seems to be producing friction in some Russian government operations. (That’s why agencies in Moscow are buying VPNs.)

Russia-Ukraine war: List of key events, day 99 (Al Jazeera) As the Russia-Ukraine war enters its 99th day, we take a look at the main developments.

Exclusive: Ukraine troops retreating in Donbas have a plan, Luhansk governor says (Newsweek) Serhiy Haidai told Newsweek the defenders remain defiant despite the intense Russian attacks, which included a strike on a chemical plant.

Russia-Ukraine latest news: Kyiv may switch off Europe’s largest nuclear powerplant (The Telegraph) Ukraine would consider switching off its Zaporizhzhia nuclear power plant that lies in Russian-occupied territory if Kyiv loses control of operations at the site, an aide to the prime minister has said, Interfax news agency reports.

Documents Reveal Hundreds of Russian Troops Broke Ranks Over Ukraine Orders (Wall Street Journal) Desertions and refusal to engage in the invasion have put Moscow in a bind over how to punish service members without drawing more attention to the problem. “So many people don’t want to fight.”

The Russian Military’s People Problem (Foreign Affairs) It’s hard for Moscow to win while mistreating its soldiers.

Zelensky will be tried as war criminal if Russia captures him (Newsweek) A lawmaker in the self-declared, Russia-backed Donetsk People’s Republic accused Ukraine’s president of sending “neo-Nazis to Donbas to kill civilians.”

Six lessons the Ukraine conflict has taught us about modern warfare (The Telegraph) From drones to the use of tanks, we dissect the masterstrokes and miscalculations of military tactics after three months of fighting

Some see cyberwar in Ukraine. Others see…

Source…

oil: Ib & Central Cyber Security Agencies Join Probe Into Oil Ransomware Attack | Guwahati News

/in


Dibrugarh: The Intelligence Bureau (IB) and country’s two leading cyber security agencies — Indian Computer Emergency Response Team (CERT-In) and National Critical Information Infrastructure Protection Centre (NCIIPC) — have joined the probe into the ransomware attack on state-run explorer Oil India Limited’s (OIL) headquarters at Duliajan in upper Assam’s Dibrugarh district.
Two representatives from each of these agencies reached Duliajan on Friday to join the probe being conducted by the local police. The anonymous hackers had sought a ransom of $7.5 million from OIL to restore the affected network.
The CERT-In is the national nodal agency that deals with cyber security threats such as hacking and phishing. The NCIIPC is the national nodal agency that handles critical information infrastructure protection. It is a unit of the National Technical Research Organisation under the Prime Minister’s Office.
To add teeth to the probe, the OIL has also separately engaged the services of a Delhi-based private cyber security agency with international exposure.
OIL spokesperson Tridiv Hazarika on Saturday said, “Our production and drilling operations are functioning normally. Our communication network is also not affected as we have an alternate network of computers in place to deal with such kind of emergencies. Most of the data is safe as we were able to isolate the infected servers… we suspect it is the handiwork of international hackers.”

Source…

Google removes Android apps with spyware linked to US security agencies

/in


Google LLC has reportedly removed dozens of apps from the Google Play Store after researchers found they included software for collecting user data for a company with alleged ties to U.S. security agencies.

The Wall Street Journal reported today that spy software found in the apps came from Panamanian company Measurement Systems S. de R.L. The company is said to be linked through corporate records and web registrations to a Virginia defense contractor who does cybersecurity intelligence, network-defense and intelligence-intercept work for U.S. national-security agencies.

The Journal claims that Management Systems paid developers worldwide to incorporate its software development kit into its apps. The SDK allowed the company to collect data from users of those apps. The company told developers that it specifically wanted data from the Middle East, Central and Eastern Europe and Asia.

The code was found inside several Muslim prayer apps that have been downloaded more than 10 million times, a highway-speed-trap detection app and a number of other popular consumer apps. In total, it’s estimated that apps with the spy software were installed on at least 60 million Android devices.

Serge Egelman, a researcher at the International Computer Science Institute and the University of California at Berkeley and Joel Reardon of the University of Calgary discovered the code and informed Google, federal privacy regulators and the Journal.

The two researchers run a mobile app security company called AppCensus. On the AppCensus blog, Reardon goes into more detail.

The software, described by Reardon as “Coulus Coelib,” receives various forms of data from users running apps with the code included. The software collects phone numbers, email addresses, GPS data and details such as phone identification markers.

The Measurement Systems SDK can also collect information stored in a phone’s clipboard, such as passwords, whenever the cut-and-paste feature is used and also has the ability to scan some parts of the phone’s system, including files stored in the WhatsApp downloads folder. WhatsApp is the most popular messaging app in the world.

“A database mapping someone’s actual email…

Source…

Lawmakers mull measure requiring public agencies to report cybersecurity incidents

/in


Lawmakers advanced a measure Monday that would require public agencies to report cybersecurity incidents to the New Jersey Office of Homeland Security and Preparedness.

Mandated reporting would allow authorities to have a statewide strategy in helping agencies more quickly and effectively respond to and recover from such attacks, said Michael Geraghty, the state’s chief information security officer and director of the Office of Homeland Security and Preparedness’ cybersecurity office.

Geraghty testified Monday before the Senate Law and Public Safety Committee, which unanimously advanced the bill sponsored by Sen. Linda Greenstein (D-Middlesex).

State government computer networks get attacked 10 million times daily, Geraghty said. His office scours the dark web for compromised credentials from New Jersey’s public and critical infrastructure agencies and has detected more than 23,000 compromised credentials (such as a state employee’s email and password) being used since May 2020, he said.

Russian cyberattacks also are on the rise, prompting a White House warning this week that companies and agencies should be on guard as Russia retaliates for U.S. sanctions over its invasion of Ukraine.

“We’re not going to prevent every attack from happening, just like we’re not going to prevent hurricanes or tornadoes or other types of natural disasters, but we want to make New Jersey more resilient to these attacks,” Geraghty said.

Under the bill, all public agencies would have to report incidents within 72 hours. The state Office of Homeland Security and Preparedness would create a central database of threats statewide, with the goal of sharing threat intelligence that can help agencies reduce risks and improve preparedness and response.

The bill also would require the office to annually report cybersecurity incidents, responses, and trends to the Attorney General’s Office.

“It’s a global community online, and it’s a global fight,” said Ryan Hoppock, deputy director of the New Jersey Regional Computer Forensics Laboratory.

Everything is more connected digitally than ever before, Geraghty said, from intelligent traffic systems to…

Source…