Tag Archive for: issue

Review board to issue report detailing Microsoft’s lapses in China hack: report

/in


The US Cyber Safety Review Board is expected to issue a report detailing lapses by Microsoft that led to a targeted Chinese hack of top US government officialsemails last year, the Washington Post reported on Tuesday.
The intrusion, which ransacked the Microsoft Exchange Online mailboxes of 22 organizations and more than 500 individuals around the world, was “preventable” and “should never have occurred”, the Washington Post said, citing the report.”While no organization is immune to cyberattack from well-resourced adversaries, we have mobilized our engineering teams to identify and mitigate legacy infrastructure, improve processes, and enforce security benchmarks,” Microsoft said.

Elevate Your Tech Prowess with High-Value Skill Courses

Offering College Course Website
Indian School of Business ISB Professional Certificate in Product Management Visit
Indian School of Business ISB Product Management Visit
IIM Kozhikode IIMK Advanced Data Science For Managers Visit

“Our security engineers continue to harden all our systems against attack and implement even more robust sensors and logs to help us detect and repel the cyber-armies of our adversaries. We will also review the final report for additional recommendations,” it added.

The Cyber Safety Review Board did not immediately respond to a Reuters request for comment.

Last year, the tech giant said the Chinese hack of senior officials at the US State and Commerce departments stemmed from the compromise of a Microsoft engineer’s corporate account penetrated by a hacking group it dubbed Storm-0558.

Discover the stories of your interest

The hack is alleged to have stolen hundreds of thousands of emails from top American officials including Commerce Secretary Gina Raimondo, US Ambassador to China Nicholas Burns and Assistant Secretary of State for East Asia Daniel Kritenbrink.

The Cyber Safety Review Board’s report blames shoddy cybersecurity practices, lax corporate culture and a deliberate lack of transparency over what Microsoft knew about the origins of the breach, according to the Washington Post.

Source…

Cybersecurity agencies issue warning over Chinese hacking group

/in


Government cybersecurity authorities in the US and allied nations are sounding the alarm bell again over the Chinese hacking group known as Volt Typhoon.

In a joint advisory issued on Tuesday, the US Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), FBI, and eight international partners warned that the Beijing-backed Volt Typhoon gang may be gearing up for disruptive or destructive cyber strikes targeting critical infrastructure organisations.

“Volt Typhoon has been pre-positioning themselves on US critical infrastructure organisations’ networks to enable disruption or destruction of critical services in the event of increased geopolitical tensions and/or military conflict with the United States and its allies,” the advisory warns.

“This is a critical business risk for every organisation in the United States and allied countries.”

This latest alert comes just over a month after the same coalition of agencies revealed that Volt Typhoon had compromised the networks of multiple critical infrastructure victims in the US.

The alert recommends that organisations prioritise security efforts through tools like the Cybersecurity Performance Goals and engage with designated Sector Risk Management Agencies. It also urges implementing robust logging practices to detect stealthy “living off the land” techniques favoured by Volt Typhoon, which leverage legitimate software to blend into target environments.

Developing comprehensive incident response plans, conducting cybersecurity drills, and hardening supply chains are also highlighted as critical measures to thwart potential Volt Typhoon intrusions and attacks.

The repeated warnings underscore the grave concerns over Volt Typhoon’s capabilities and suspected destructive intentions against critical infrastructure providers in the US and allied nations amid heightened geopolitical tensions.

(Photo by Thomas Kelley)

See also: Nations demand tech firms tackle scammers

Unified Communications is a two-day event taking place in California, London, and Amsterdam that delves into the future of workplace collaboration in a digital world. The comprehensive event is co-located with Digital Transformation Week,…

Source…

Intel agencies issue guidance to protect against Russian botnet

/in


U.S. and international authorities on Tuesday urged owners of routers used in a Russian botnet operation to ensure the devices cannot still be exploited by malicious actors.

The additional warning came a week after a coordinated international action by the FBI and others disrupted a Russian GRU-led hacking campaign that infiltrated more than a thousand home and small business routers that were used to carry out cyber espionage around the globe.

Dubbed Operation Dying Ember, it was first announced by FBI Director Christopher Wray in remarks at the Munich Security Conference.

LISTEN: FBI Director Chris Wray sat down for a rare interview with the Click Here podcast to talk about Operation Dying Ember.

It marked the latest effort by U.S. law enforcement, led by the bureau and the Justice Department, to combat digital criminal groups — including a similar action earlier this month that knocked off Chinese government-sponsored hackers from hundreds of home and small business routers that were allegedly used to target American infrastructure networks.

“With these operations, and many more like them, we’ve set our sights on all the elements that we know from experience make criminal organizations tick,” Wray said in Munich. “Because we don’t just want to hit them: we want to hit them everywhere it hurts and put them down hard.”

Despite last week’s apparent success against the so-called “Moobot” botnet that infected routers, “owners of relevant devices should” take steps to “ensure the long-term success of the disruption effort and to identify and remediate any similar compromises,” authorities cautioned.

In particular, they recommended owners conduct a hardware reset to “flush file systems of malicious” content; upgrade to the latest firmware; change default usernames and passwords; and enact firewall protections in order to “prevent the unwanted exposure of remote management services.”

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

Source…

Hacking is far more than a security issue. It chills free speech

/in


The British and US governments have just jointly sanctioned two Russian intelligence operatives for their attempts to derail the democratic process through a series of coordinated cyber attacks. The US State Department is also offering a reward of up to $10M for information on the Russian hackers responsible for the coordinated cyber espionage attack, which is international and spans several years. Targets even included the former MI6 director Richard Dearlove, and more recently scientists at several nuclear facilities in the United States. But what distinguishes this recent wave of Russian cyberattacks is that they are not just targeting governments or politicians.

Civil society became a significant target for Russia’s state backed hackers, including “universities, journalists, public sector, non-government organisations and other civil society organisations”. Paul Mason, a former BBC and Channel 4 journalist, has put out a statement confirming he was targeted by these hackers. At the time his private accounts were hacked, I had been helping Mason work on an article challenging Russian propaganda narratives that were spreading during the Bucha massacre in Ukraine. Overnight we were turned into the latest circulating ‘deep state’ conspiracy theory.

The Mason hack

As we worked, I received an urgent message from Mason saying his emails with me may have been compromised. He published a statement saying he had been “targeted by a Russian hack-and-leak operation”. I then received an email from a Grayzone writer who has also written for Russian state media (Sputnik/RT), saying, “Been going over various emails and DMs of yours. Very interesting…” The writer said he thought my employer and “the academics you’re trying to target are likely to be very unhappy indeed when they hear about all this. I think we’d better talk.”

The writer said the email was not a threat. But it was clear to me I was facing an impending reputational attack to harm my career and relationships. This email didn’t resemble the right to reply that journalists usually send posing questions prior to reporting, and it made no mention of an article or outlet.

Within…

Source…