Tag Archive for: hacking

Russian hacking group takes responsibility for DDoS attacks on Lithuania

/in


A Russian hacking group has taken responsibility for a distributed denial-of-service attack targeting government and private organizations in Lithuania.

According to a report today in The Baltic Times, the attack, from a group known as “Killnet,” caused delays in processing passports and residence permits through Lithuania’s Migration Department. Other public agencies and companies in the communications and finance sectors also suffered temporary service disruptions.

The cyberattacks follow a decision by Lithuania to restrict the transit of steel and ferrous metals to Kaliningrad, a Russian exclave on the Baltic Sea that can only be accessed by land through Lithuania or Poland. Lithuania restricted the goods because of European Union sanctions, but the decision enraged the Kremlin, who denounced the move as unprecedented and unlawful.

A spokesperson for Killnet told Reuters that the DDoS attack was in direct response to Lithuania’s decision to block the transit of sanctioned goods. “The attack will continue until Lithuania lifts the blockade,” the spokesperson said. “We have demolished 1,652 web resources. And that’s just so far.”

The figure of 1,652 “web resources” being demolished was not backed up with evidence. Jonas Skardinskas, director of Lithuania’s National Cyber Security Center, told Yahoo News that the attacks have already been “contained,” but warned that “it is very likely that attacks of similar or higher intensity will continue in the coming days, especially in the transport, energy and financial sectors.”

Attacks originating from Russia have been prolific since the start of the invasion of Ukraine, including an attack on the Viasat satellite service in February. On June 22, Microsoft Corp. warned that Russian hacking against allied governments — Lithuania is a member of NATO — continues to increase.

“Every significant military power in the world has developed cyber capabilities,” Chris Clymer, director and chief information security officer of cybersecurity risk management provider Inversion6, told SiliconANGLE. “These have evolved from espionage tools into full-fledged weapons to be used as part of a…

Source…

Statutory defense for ethical hacking under UK Computer Misuse Act tabled

/in



Adam Bannister

23 June 2022 at 14:06 UTC

Updated: 23 June 2022 at 14:09 UTC

Amendment applies to bill related to 5G rollout and connected products

Statutory defense for ethical hacking under UK Computer Misuse Act tabled in Houses of Parliament

UK legislators have proposed an amendment to the Product Security and Telecommunications Infrastructure (PSTI) bill that would give cybersecurity professionals a legal defense for their activities under the Computer Misuse Act (CMA).

A cross-party group in the House of Lords, the UK’s second chamber, tabled the amendment on Tuesday (June 21).

The PSTI bill is designed to support the UK’s 5G rollout while also mandating vulnerability disclosure policies for vendors of Internet of Things (IoT) products, among other security provisions.

‘Acting in good faith’

The CyberUp campaign, a security industry coalition calling for wholesale reform of the CMA, argues that a statutory defence under the 1990 act would protect security researchers, ethical hackers, and pen testers from spurious legal action when responsibly hunting for or reporting vulnerabilities.

Speaking in the House of Lords yesterday, Lord Arbuthnot of Edrom referenced the CyberUp campaign’s suggestion that a statutory defense should be based on “the prospective benefits of the act outweighing the prospective harms”, on “reasonable steps being undertaken to minimise the risks of causing harm… the actor demonstrably acting in good faith [and] being able to demonstrate competence”.

The CyberUp campaign has also urged the government to release the findings of its ‘call for information’ (consultation) on the effectiveness of the CMA, which closed more than a year ago.

UK Home Secretary Priti Patel announced the consultation with academia, law enforcement agencies, and the cybersecurity industry alongside plans to review the CMA in May 2021.

BACKGROUND UK government to review country’s aging Computer Misuse Act

Kat Sommer, head of public affairs at CyberUp backer NCC Group and CyberUp spokesperson, hailed the PSTI amendment, noting that some countries had “more permissive regimes, but no country has yet gone so far as to introduce a defence for unauthorised access.

“Of…

Source…

The hacking industry faces the end of an era

/in


That’s still a huge and rich market, but it cuts out dozens of nations in Latin America, Africa, Eastern Europe, and Asia, where Israeli cyber firms had been making a killing selling cutting-edge surveillance tools to customers with deep pockets and a willingness to spend. It’s also where NSO Group kept getting in trouble for getting caught selling powerful hacking tools to authoritarian regimes that abused Pegasus. NSO Group executives say they have terminated eight Pegasus contracts due to abuse. 

The defense ministry’s licensing restrictions have sounded the death knell for several smaller shops of hackers and researchers. Nemesis, an Israeli cyber firm that had managed to keep a low public profile, shut down in April. Ace Labs, a spinoff of the billion-dollar tech giant Verint, closed up shop and fired all its researchers earlier this month.

The Israelis’ former customers are not standing idle. New players and old rivals are stepping into the vacuum to provide the hacking capability that more and more governments demand. 

“The landscape is shifting and, to a certain degree, diversifying,” said Christoph Hebeisen, director of security intelligence research at the mobile security firm Lookout. 

Source…

Microsoft: Russia Stepping Up Hacking, Cyber Penetration Efforts on 42 Ukraine Allies

/in


Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a
user – asks your browser to store on your device in order to remember information about you, such as your
language preference or login information. Those cookies are set by us and called first-party cookies. We also
use third-party cookies – which are cookies from a domain different than the domain of the website you are
visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking
technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to
ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy
choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of
your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts
of the site will not work as intended if you do so. You can usually find these settings in the Options or
Preferences menu of your browser. Visit www.allaboutcookies.org
to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to
ensure the proper functioning of our
website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site
performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You
can set your browser to block or alert you about these cookies, but some parts of the site will not work as
intended if you do so. You can usually find these settings in the Options or Preferences menu of your
browser. Visit www.allaboutcookies.org
to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to
ensure the proper functioning of our

Source…