Tag Archive for: Reveal

Hackers maintained deep access inside military organization’s network, U.S. officials reveal

/in


Written by Suzanne Smalley
Oct 4, 2022 | CYBERSCOOP

U.S. cybersecurity, law enforcement and intelligence officials revealed on Tuesday that sophisticated hackers infiltrated a likely U.S. military contractor and maintained “persistent, long-term” access to their system.

The National Security Agency, the Cybersecurity and Infrastructure Security Agency and the FBI released a detailed, joint advisory containing the notification, explaining that in November 2021 CISA responded to a report of malicious activity on an anonymous “Defense Industrial Base (DIB) Sector organization’s enterprise network.”

CISA uncovered a likely compromise, and said that some of the intruders had “long-term access to the environment.” After breaking in, officials said, hackers leveraged an open-source toolkit known as Impacket to “programmatically” construct and manipulate network protocols.

Impacket is a collection of Python libraries that “plug into applications like vulnerability scanners, allowing them to work with Windows network protocols,” Katie Nickels, director of threat intelligence at Red Canary, said via email. Hackers favor Impacket because it helps them retrieve credentials, issue commands and deliver malware onto systems, she said.

The digital intruders in this case also used a custom data exfiltration tool, CovalentStealer, to steal sensitive data and exploited a Microsoft Exchange vulnerability on the defense organization’s server to gain access remotely, officials said. From there, the hackers used the compromised company accounts to further infiltrate the targeted organization.

Nickels said hackers could have gained access by exploiting vulnerabilities in Exchange, but there is “no evidence to support this right now, nor is there evidence that adversaries knew about the ProxyNotShell,” a reference to a new Exchange Server zero-day vulnerability.

There have been a number of Exchange vulnerabilities reported over a span of years, Nickels said. Given how difficult it can be to patch on-premise Exchange servers, she said, many of these vulnerabilities go unfixed, and become vectors for attack.

The…

Source…

China's military drills reveal plans for Taiwan blockade in case of war: experts – The New Indian Express

/in



China’s military drills reveal plans for Taiwan blockade in case of war: experts  The New Indian Express

Source…

Hacking experts reveal the five most dangerous Facebook posts you can make

/in


Hacking experts have issued an urgent warning to all Facebook users about how certain posts could leave you at risk of being hacked.

Security whiz Javvad Malik has urged app users to be extremely careful online as even the most innocent posts can be used against you.

He says that if you give away too much information you are leaving yourself open to being hacked.

He said: “Any information publicly posted can be used by criminals.

“Even seemingly trivial information can be put together to build a better picture of the victim.”

Jay, who leads security awareness at KnowBe4, told the Sun: “Broadly speaking, the most dangerous information that you can put out there relates to password reset questions.

Even the most innocent posts can be useful to cybercriminals

“So things like mother’s maiden name, schools, street, etc.

“Also, it’s important to realise that information that people post may target those around them.

“So parents posting excessive information about their children can be used against their children as opposed to the parents.”

Cyber-expert Jamie Akhtar said people need to be careful about sharing any data that could be used to verify your identity like your date of birth, full address or mother’s maiden name.

The CyberSmart CEO said that everyone should be selective in sharing data with third party gaming and quiz apps as many of them are scams and advised against sharing your location data as this could be used to conduct physical cyberattacks and other crimes.

He urged people to be wary of anyone contacting you out of the blue who you don’t know and never go into any detail about where you work or what you do as this could lead to your employer being targeted by cybercriminals.

Earlier this month it was revealed that a hacker who gets paid to hack company computer systems and identify security flaws is set to become a millionaire.

Teen hacker Corben Leo could have triggered stock market crash or sparked spy accusations

Corben Leo runs his own cyber security firm, which has a partnership with the US…

Source…

Most Governments Were Hacked in the Past Year, Reports Reveal

/in


Cybersecurity professionals often urge organizations to think not of “if” they’ll be attacked, but “when” — and new studies indicate that for many governments around the globe, that “when” may have already happened.

A November 2021 international report from cybersecurity research and marketing consultancy CyberEdge found that 68.2 percent of surveyed government organizations were compromised by one or more cyber attacks within the past 12 months. Fifty-four percent believed such an event was “more likely to occur than not” within the coming year.

The report polled 1,200 public- and private-sector IT security professionals from 17 countries, and focused on organizations with at least 500 employees. Government respondents comprised 4.1 percent of respondents, or roughly 49 individuals.

A survey of 353 IT professionals at government agencies and educational institutions, provided to GovTech by data management solutions company Veeam, also found at least half of respondents suffering from cyber attacks. It reported that ransomware caused “outages” at 52 percent of public-sector organizations. That study captured responses from 28 countries between October 2021 and December 2021.

Both reports suggest that more than half of government agencies have fallen to attack — a significant rate, yet one that puts it ahead of the pack, according to CyberEdge. Just over 85 percent of its overall respondent group reported suffering a successful cyber attack within the past 12 months, and nearly 41 percent had fallen to six or more attacks — the highest ever recorded by this annual report. (The report does not specify how often agencies were re-victimized by the same threat types compared to falling to a variety of attacks. Cyber threats are diverse, including incidents like distributed denial of service (DDoS) attacks, ransomware and other malware and account takeovers.

More important than the sheer number of successful attacks an organization suffers may be how much damage these attacks deal, said Minnesota CISO Rohit Tandon.

Strong cyber protections enable an organization to limit the impacts of…

Source…