Tag Archive for: General

Biden taps Air Force General for NSA, Cyber

/in


U.S. President Joe Biden has nominated Air Force Lieutenant General Timothy Haugh to head both the National Security Agency (NSA) and U.S. Cyber Command, a U.S. official said on Tuesday. The official confirmed a Politico report that cited an Air Force notice sent out Monday. Haugh is now the deputy commander of the military’s U.S. Cyber Command, reporting to the current NSA and Cyber Command chief, Paul Nakasone. The Associated Press has the story:

Biden taps Air Force Genral for NSA, Cyber

Newslooks- WASHINGTON (AP)

President Joe Biden has chosen a new leader for the National Security Agency and U.S. Cyber Command, a joint position that oversees much of America’s cyber warfare and defense.

Air Force Lt. Gen. Timothy Haugh, the current deputy commander of Cyber Command, would replace Army Gen. Paul Nakasone, who has led both organizations since May 2018 and was expected to step down this year, according to a notice sent by the Air Force this week and confirmed by a person familiar with the announcement. The person spoke on condition of anonymity to discuss personnel matters not yet made public.

If confirmed, Haugh will take charge of highly influential U.S. efforts to bolster Ukraine’s cybersecurity and share information with Ukrainian forces fighting Russia’s invasion. He will also oversee programs to detect and stop foreign influence and interference in American elections, as well as those targeting criminals behind ransomware attacks that have shut down hospital systems and at one point a key U.S. fuel pipeline.

Politico first reported that Haugh was picked.

President Joe Biden speaks as he meets with House Speaker Kevin McCarthy of Calif., to discuss the debt limit in the Oval Office of the White House, Monday, May 22, 2023, in Washington. (AP Photo/Alex Brandon)

It’s unclear whether Haugh will be affected by a Republican senator’s blockade of all military nominations. Sen. Tommy Tuberville of Alabama has for months objected to the Pentagon’s policy of providing travel money and support to troops seeking abortions but based in states with abortion bans.

Haugh’s nomination to lead both the NSA and Cyber Command reflects the White…

Source…

Millions Stolen in Hack at Cryptocurrency ATM Manufacturer General Bytes

/in


Cryptocurrency ATM manufacturer General Bytes over the weekend disclosed a security incident that resulted in the theft of millions of dollars’ worth of funds.

The attackers, the company says, exploited a vulnerability in the master service interface that Bitcoin ATMs use to upload videos, which allowed them to upload a JavaScript script and execute it with batm user privileges.

“The attacker scanned the Digital Ocean cloud hosting IP address space and identified running CAS services on ports 7741, including the General Bytes Cloud service and other GB ATM operators running their servers on Digital Ocean (our recommended cloud hosting provider),” the company says.

The code execution provided the attackers with access to the database and access to API keys for accessing funds in hot wallets and exchanges.

The attackers were then able to transfer funds from hot wallets, steal account usernames and password hashes, and disable two-factor authentication.

Furthermore, the attackers gained the “ability to access terminal event logs and scan for any instance where customers scanned private key at the ATM”, information that was logged by older versions of ATM software.

“We urge all our customers to take immediate action to protect their funds and personal information,” General Bytes tweeted on March 18. The incident prompted most ATM operators in the US to suspend operations.

In a security bulletin detailing the incident, the company has shared information on the steps customers should take to secure their GB ATM servers (CAS) and underlined that even those that might not have been impacted by the incident should implement the recommended security measures.

“Please keep your CAS behind a firewall and VPN. Terminals should also connect to CAS via VPN.  With VPN/Firewall attackers from open internet cannot access your server and exploit it. If your server was breached please reinstall the whole server including operation system,” the company notes.

The crypto ATM maker released a CAS security fix and urged customers to consider all user passwords and API keys to exchanges and hot wallets as being compromised and to change them. The company also shared the crypto…

Source…

Iran and Russia were too distracted to meddle in midterm elections, US general says

/in




CNN
 — 

Domestic unrest in Iran and Russia’s war in Ukraine may have distracted Tehran and Moscow from making more of an effort to influence or interfere in the 2022 US midterm election, a top US military cyberofficial said Monday.

“We collectively saw much less focus from foreign adversaries, particularly the Russians” in targeting the 2022 election compared to previous elections, Maj. Gen. William J. Hartman, who leads the Cyber National Mission Force of US Cyber Command, the military’s offensive and defensive hacking unit, said at a press briefing at Fort Meade, home to Cyber Command and the National Security Agency.

Hartman said he was “surprised” by the relative lack of activity from the Russians and Iranians during the midterm election. The US military’s cyber forces have taken a more active role in defending US elections from foreign interference since 2018 by targeting computer networks used by Russia and others to try to sow discord.

Gen. Paul Nakasone, the head of Cyber Command, confirmed to reporters this month that the command conducted offensive and defensive cyber operations in an effort to protect the midterms from foreign interference and influence.

Nakasone declined to go into details on the operations, but said the command focused on taking down the computer infrastructure used by foreign operatives “at key times.”

“There was a campaign plan that we followed and it wasn’t just November 8. it covered before, during and until the elections were certified,” said Nakasone, who also leads the National Security Agency.

Foreign governments tend to use established agencies to meddle in elections rather than create new organizations to do that on the fly, Hartman said. And the security services in Russia and Iran were preoccupied in the weeks and months before Americans went to the polls in November.

Iranian security forces carried out a bloody crackdown on protesters this fall after a woman died in the custody of the so-called morality police. Russia’s military, meanwhile, pummeled…

Source…

AWS Announces General Availability of AWS IoT FleetWise

/in


New service makes it easier for automotive companies to collect, transform, and transfer vehicle data to the cloud in near real time, enabling improved vehicle quality and autonomy

Bridgestone, Hyundai Motor Group, LG CNS, and Renesas Electronics Corporation among customers using AWS IoT FleetWise

SEATTLE, September 27, 2022–(BUSINESS WIRE)–Amazon Web Services, Inc. (AWS), an Amazon.com, Inc. company (NASDAQ: AMZN), today announced the general availability of AWS IoT FleetWise, a new service that makes it easier for automotive companies to collect, transform, and transfer vehicle data to the cloud in near real time. Automakers, suppliers, fleet operators, and technology solution vendors in the automotive industry can use AWS IoT FleetWise to collect and organize vehicle data more easily, and to store the data in a standardized way for data analysis in the cloud. AWS IoT FleetWise helps automotive companies efficiently transfer data to the cloud in near real time using the service’s intelligent data-collection capabilities. These capabilities allow developers to reduce the amount of data transferred to the cloud by defining rules for when to collect and transfer it based on configurable parameters (e.g., vehicle temperature, speed, and type). Once the data is in the cloud, automotive companies can use it for applications that analyze vehicle fleet health to more quickly identify potential recalls or safety issues, make in-vehicle infotainment systems smarter, or improve advanced technologies like autonomous driving and advanced driver-assistance systems with analytics and machine learning. There are no upfront costs to use AWS IoT FleetWise, and customers pay only for the underlying services used. To get started with AWS IoT FleetWise, visit aws.amazon.com/iot-fleetwise.

“Automotive companies want to use the broad portfolio of AWS services to help manage the vast amounts of data coming from connected vehicles, but they have lacked a solution that made it easier to collect, transform, and transfer data to the cloud,” said Mike Tzamaloukas, general manager of IoT automotive at AWS. “Now, with AWS IoT FleetWise, customers can easily pinpoint the exact vehicle data they need and…

Source…