Tag Archive for: Spot

After A Major Hack, U.S. Looks To Fix A Cyber ‘Blind Spot’

/in


The National Security Agency considers itself the world’s most formidable cyber power, with an army of computer warriors who constantly scan the wired world. Yet by law, the NSA collects intelligence abroad, and not inside the U.S.

U.S. rivals like Russia are aware of this blind spot and know how to exploit it, as the NSA director, Army Gen. Paul Nakasone, explained recently to the Senate Armed Services Committee.

“We may see what’s occurring outside of the United States, but when it comes into the United States, our adversaries are moving very quickly,” Nakasone testified on March 25. “They understand the laws and the policies that we have within our nation, and so they’re utilizing our own infrastructure, our own Internet service providers, to create these intrusions.”

In a major breach last year, hackers widely believed to be from Russia’s foreign intelligence service, the SVR, stealthily placed malware on a software update produced by the Texas company Solar Winds.

No one had reason to be suspicious, or the legal authority to monitor, as that software update was sent out electronically from SolarWinds to 18,000 organizations, including nine U.S. government agencies.

“It’s not the fact that we can’t connect the dots. We can’t see all of the dots,” Nakasone said.

Privacy protections

The U.S. Constitution’s 4th Amendment bars the government from domestic surveillance unless a crime is suspected.

But in the digital age, these U.S. privacy protections have an unintended consequence. They help hide foreign intelligence agencies that can disguise their tracks and make it appear as if they are operating from inside the U.S.

This is fueling a debate on how the U.S. government and private tech companies can both protect computer networks and civil liberties.

None of the leading figures in this debate are suggesting that privacy laws protecting Americans should be rolled back. But they are saying the U.S. must find a better way to guard against foreign spy agencies.

SolarWinds was just one of several U.S. companies that the hackers tapped into to cover their tracks, said Glenn Gerstell, who was the NSA’s general counsel until he stepped down last year.

“The Russians rented a computer…

Source…

After A Major Hack, U.S. Looks To Fix A Cyber ‘Blind Spot’ : NPR

/in


Army Gen. Paul Nakasone, director of the National Security Agency, says the U.S. has a ‘blind spot’ when it comes to foreign intelligence services that effectively carry out cyber spying from inside the U.S. He testified before the Senate Armed Services Committee on March 25.

Anna Moneymaker/New York Times via AP


hide caption

toggle caption

Anna Moneymaker/New York Times via AP

Army Gen. Paul Nakasone, director of the National Security Agency, says the U.S. has a ‘blind spot’ when it comes to foreign intelligence services that effectively carry out cyber spying from inside the U.S. He testified before the Senate Armed Services Committee on March 25.

Anna Moneymaker/New York Times via AP

The National Security Agency considers itself the world’s most formidable cyber power, with an army of computer warriors who constantly scan the wired world. Yet by law, the NSA collects intelligence abroad, and not inside the U.S.

U.S. rivals like Russia are aware of this blind spot and know how to exploit it, as the NSA director, Army Gen. Paul Nakasone, explained recently to the Senate Armed Services Committee.

“We may see what’s occurring outside of the United States, but when it comes into the United States, our adversaries are moving very quickly,” Nakasone testified on March 25. “They understand the laws and the policies that we have within our nation, and so they’re utilizing our own infrastructure, our own Internet service providers, to create these intrusions.”

U.S. Cyber Weapons Were Leaked — And Are Now Being Used Against Us, Reporter Says

In a major breach last year, hackers widely believed to be from Russia’s foreign intelligence service, the SVR, stealthily placed malware on a software update produced by the Texas company Solar Winds.

No one had reason to be suspicious, or the legal authority to…

Source…

Malicious Home Depot ad gets top spot in Google Search

/in


Scam

A malicious Home Depot advertising campaign is redirect Google search visitors to tech support scams.

Malicious Google search ads are nothing new, with campaigns for Amazon Prime, PayPal, and eBay seen in the past. As these ads look like legitimate campaigns for the company, including showing their standard URL when you hover over them, it is common for people to be tricked into clicking on them.

Yesterday, BleepingComputer was notified by someone who fell for a malicious Home Depot advertisement currently displayed in the top spot of a Google search.

As a test, BleepingComputer searched for ‘home depot’ and was shown the malicious advertisement on our first try. Even worse, the ad is the top spot in the research result, making it more likely to be clicked.

As you can see below, the ad clearly states it’s for www.homedepot.com, and hovering over it shows the site’s legitimate destination URL.

Home Depot ad in Google Search
Home Depot ad in Google Search

However, when visitors click on the ad, they will be redirected through various ad services until eventually they are redirected to a tech support scam.

Redirects from Google ad to tech support scam
Redirects from Google ad search to tech support scam

Ultimately, the visitor will land at a page showing an incredibly annoying “Windows Defender – Security Warning’ tech support scam. This scam will repeatedly open the Print dialog box, as shown below, which prevents the visitor from easily closing the page.

Tech support scam shown by clicking on the Home Depot ad
Tech support scam shown by clicking on the Home Depot ad

To make it more difficult for security professionals to diagnose these ads, it appears that they only redirect to the scam once every 24 hours to the same IP address. Once a tech support scam is shown by clicking on the ad, subsequent clicks bring visitors to the legitimate site.

Unfortunately, many people, especially older people, who are not comfortable with computers, fall for these scams and call the number thinking it is a legitimate alert.

In some cases, the caller is tricked into allowing remote access to their computer where the scammers install programs like Lock My PC. The scammers then state that the caller must purchase a support package to unlock Windows.

To avoid these types of ads, users are advised to pay more attention to…

Source…

How to spot a phishing email

/in


JACKSONVILLE, Fla. – It’s being called a cyber pandemic. Now more than ever before, cyber criminals are taking advantage of people being home, looking for just one person to slip up.

“It is the world’s largest work from home experiment,” said Chris Freedman, founder of OnDefend, a cyber security services provider.

Freedman is accustomed to working remotely, but for many working from home this is new territory.

“In the business world, you can walk around the corner and say, ‘Joe, did you send me that email?’” he said. “In the personal world, there’s not much reference material right now.”

Unless you have an IT department set up in your extra bedroom, Freedman said, there are a lot of pitfalls to avoid. The primary ways scammers get access to your computer is through websites and emails.

“They’re not necessarily targeting you as an individual, it’s kind of like a shotgun approach to get as many as possible,” Billy Steeghs, a cyber security expert who works with Freedman, said.

Companies hire Steeghs and Freedman to hack into their computer systems and identify potential security weaknesses. And let’s just say these two are good at their jobs.

To show how easy it is for scammers to prey on people, Steeghs created a phishing email, or an email that’s intended to look like it came from someone else in hopes that the recipient will be duped.

For his example, Steeghs made the email look like it came from Amazon, a popular place to shop online.

“So, it’s $10 and it says apply to your Amazon account,” he explained. “Who wouldn’t fall for this?”

With emails like this, scammers can get access to your account the moment you input your credentials. Then it’s up to the cyber criminals what they decide to do with your personal information.

So, how do you spot it?

“I’m hovering over this Amazon account, you see I’m hovering over it and this is an action you can do, and you can see to the left it doesn’t actually say Amazon.com,” Steeghs said.

Whenever you receive an email and there’s a link attached, hover over the link but don’t click it. While hovering, look at the bottom left of your screen. The website’s URL will pop up and if it doesn’t…

Source…