Posts

Attempted Hack of R.N.C. and Russian Ransomware Attack Test Biden

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


Last month, Mr. Biden used the summit with Mr. Putin to make the case that ransomware was emerging as an even larger threat, causing the kind of economic disruption that no state could tolerate. Mr. Biden specifically cited the halting of the flow of gasoline on the East Coast after an attack on Colonial Pipeline in June, as well as the shutdown of major meat-processing plants and earlier ransomware attacks that paralyzed hospitals.

The issue has become so urgent that it has begun shifting the negotiations between Washington and Moscow, raising the control of digital weapons to a level of urgency previously seen largely in nuclear arms control negotiations. On Tuesday, the White House press secretary, Jen Psaki, said American officials will meet with Russian officials next week to discuss ransomware attacks — a dialogue the two leaders had agreed upon at their summit in Geneva.

On Saturday, as the attacks were underway, Mr. Putin gave a speech timed to the rollout of Russia’s latest national security strategy that outlines measures to respond to foreign influence. The document claimed that Russian “traditional spiritual-moral and cultural-historical values are under active attack from the U.S. and its allies.”

While the strategy reaffirmed Moscow’s commitment to using diplomacy to resolve conflicts, it stressed that Russia “considers it legitimate to take symmetrical and asymmetric measures” to prevent “unfriendly actions” by foreign states.

The remarks, cybersecurity experts said, were Mr. Putin’s response to the summit with Mr. Biden.

“Biden did a good job laying down a marker, but when you’re a thug, the first thing you do is test that red line,” said James A. Lewis, a cybersecurity expert at the Center for Strategic and International Studies in Washington. “And that’s what we’re seeing here.”

Mr. Lewis added that “low-end penalties” like sanctions had been exhausted. “The White House will have to use more aggressive measures, whether that is something in cyberspace, or a more painful legal or financial maneuver,” he said.

Stronger measures have long been debated, and occasionally used. When Russian…

Source…

Freeport fends off attempted ransomware attack – WGME

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360



Freeport fends off attempted ransomware attack  WGME

Source…

CrowdStrike Fends Off Attack Attempted By SolarWinds Hackers

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


The suspected Russian hackers behind the massive SolarWinds attack attempted to hack CrowdStrike through a Microsoft reseller’s Azure account but were ultimately unsuccessful, CrowdStrike said.

The Sunnyvale, Calif.-based endpoint security giant said it was contacted on Dec. 15 by Microsoft’s Threat Intelligence Center, which had identified a reseller’s Microsoft Azure account making abnormal calls to Microsoft cloud APIs during a 17-hour period several months ago, CrowdStrike Chief Technology Officer Michael Sentonas wrote in a blog post Wednesday.

The reseller’s Azure account was used for managing CrowdStrike’s Microsoft Office licenses, and Sentonas said the hackers attempted to read the company’s email. That attempt was unsuccessful, Sentonas said, adding that CrowdStrike’s findings were confirmed by Microsoft. As part of CrowdStrike’s secure IT architecture, Sentonas said the company doesn’t use Office 365 email.

[Related: SolarWinds Deploys CrowdStrike To Secure Systems After Hack]

“CrowdStrike conducted a thorough review into not only our Azure environment, but all of our infrastructure for the indicators shared by Microsoft,” Sentonas wrote in the blog post. “The information shared by Microsoft reinforced our conclusion that CrowdStrike suffered no impact.”

CrowdStrike’s review in the wake of the SolarWinds hack was “extensive” and included both the company’s production and internal environments, according to Sentonas. The firm’s stock is up $45.23 (25.7 percent) to $221.12 per share since news of Russian foreign intelligence service hackers injecting malware into updates of SolarWinds’ Orion network monitoring platform went public on Dec. 13.

The reseller was not identified in CrowdStrike’s blog post, and the company declined further comment on the attempted attack.

Microsoft told CRN that if a customer buys a cloud service from a reseller and allows the reseller to retain administrative access, then a compromise of reseller credentials would grant access to the customer’s tenant. This abuse of access would not be a compromise of Microsoft’s services themselves, according to the company.

Customers do not have to…

Source…

North Korea attempted to hack into COVID-19 vaccine developers data

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360



By Park Han-sol A North Korean cyber espionage group has attempted to hack into multiple international organizations including companies working on COVID-19 vaccines with a new fo …

Source…