Tag: United States

US Cyber Command starts uploading foreign APT malware to VirusTotal

The Cyber National Mission Force (CNMF), a subordinate unit of US Cyber Command (USCYBERCOM), has set in motion a new initiative through which the DOD would share malware samples it discovered on its networks with the broader cybersecurity community.

The CNMF kicked off this new project by creating an account on VirusTotal, an online file scanning service that also doubles as an online malware repository, and by uploading two malware samples. In addition, USCYBERCOM also created a new Twitter account where it would tweet a link to all new VirusTotal malware uploads. USCYBERCOM’s decision was met with universal praise by leading voices from the cybersecurity private sector.

Read more about USCYBERCOM’s popular initiative on ZDNet.

Republican Kemp accuses Georgia Democrats of hacking but provides no proof

Toss around accusations of a failed attempt to hack a state’s voter registration system — without actually providing any proof — that’s one way to really stir things up right before the midterm elections.

That is what Brian Kemp, Georgia’s current secretary of state — who is also the Republican candidate for governor — did on Sunday. With the midterm elections just a few days away, Kemp accused the Democratic Party of Georgia of hacking the state’s voter registration system. Democrat Stacey Abrams, his opponent, called it “a reckless and unethical ploy” to mislead voters.

Read more about this developing story on CSO.

U.S. National Cyber Strategy: What You Need to Know

On September 20, 2018, the White House released a new cybersecurity strategy with several important changes in direction meant to give government agencies and law enforcement partners a greater ability to respond to cybercrime and nation-state attacks.

The new U.S. cyber strategy makes one message clear: America will not sit back and watch when attacked in cyberspace. On the contrary, in areas ranging from critical infrastructure to space exploration to intellectual property protection, the USA will respond offensively, as well as defensively in cyberspace.

Read everything you need to know about the new U.S. national cybersecurity strategy on Tripwire.

SEO Poisoning Campaign Targeting U.S. Midterm Election Keywords

A new SEO poisoning campaign has been discovered that is targeting keywords associated with the U.S. midterm elections.

SEO poisoning is when attackers create malicious sites or hack legitimate ones in order to generate pages that promote certain keywords. These pages are then linked together between a large amount of sites under the attacker’s control to get high rankings in search engine results for the promoted keywords. The visitors to these sites are then typically shown scam advertisements or are redirected to other sites pushing unwanted software or infecting users via exploit kits.

Read more about the SEO poisoning campaign on BleepingComputer.

Pentagon discloses card breach

Pentagon official said last Friday that the US Department of Defense had suffered a security breach thanks to a third-party contractor. An investigation is still underway, so the exact details haven’t been made public, but according to an Associated Press report, a DOD official said that roughly 30,000 DOD military and civilian personnel are believed to be affected. This number is expected to grow as the Pentagon’s investigation continues.

The official said the breach was discovered on October 4. An attacker (or multiple attackers) appear to have compromised a third-party contractor and used the vendor’s access to the Pentagon network to steal travel data for DOD personnel.

Read more about the Department of Defense security breach on ZDNet.

Pentagon’s new next-gen weapons systems are laughably easy to hack

New computerized weapons systems currently under development by the US Department of Defense (DOD) can be easily hacked, according to a new report. The report was put together by the US Government Accountability Office (GAO), an agency that provides auditing, evaluation, and investigative services for Congress.

Congress ordered the GAO report in preparation to approve DOD funding of over $1.66 trillion, so the Pentagon could expand its weapons portfolio with new toys in the coming years. But according to the new report, GAO testers “playing the role of adversary” found a slew of vulnerabilities of all sort of types affecting these new weapons systems.

Read more about the flaws affecting the new weapons systems on ZDNet.

California, U.S. Government Battle Over Net Neutrality State Law

The U.S. government and the state of California are butting heads over a newly-passed state law that enforces net neutrality regulations on internet service providers (ISPs). And experts say that the outcome of the feud between federal and state law has long-standing implications for the future of net neutrality.

Senate Bill 822, passed into law on Sunday, mandates a thorough set of regulations on ISPs ensuring they don’t discriminate against various types of content. But as soon as the California bill passed, the Department of Justice promptly hit back with a lawsuit alleging that its regulations are unlawful.

Read more about the ongoing battle over net neutrality on Threatpost.

National Cyber Security Awareness Month: What’s New for 2018?

October is National Cyber Security Awareness Month (NCSAM), a collaborative effort that began in 2004 as part of a joint campaign of the National Cyber Security Alliance and the U.S. Department of Homeland Security (DHS).

This year, NCSAM focuses on internet security as a shared responsibility among consumers, businesses and the cyber workforce.

Read an overview of the year in cybersecurity and a preview of what NCSAM 2018 has in store, on Security Intelligence.

Port of San Diego suffers cyber-attack, second port in a week after Barcelona

Two major international ports fell victim to cyber-attacks within the span of a week, putting the shipping industry on alert for a possible threat actor targeting the entire sector. On September 20 the Port of Barcelona, Spain, fell. It was followed by the Port of San Diego in the US, on September 25.

None of the two port authorities revealed any details about the nature of the cyber-attacks, leaving security experts to speculate about possible causes. It is unclear if the two incidents are related or alike, and the whole maritime industry may benefit from a little bit of openness about the two incidents. Port authorities around the world should be on alert, regardless.

Read more about the cyber-attacks on the two different ports on ZDNet.

Infinite Campus DDoS attack impedes access to student data

Infinite Campus, one of the largest student information management systems used by schools in America, is coping with the latest in a string of Distributed Denial-of-Service (DDoS) attacks.

Over the last week, Infinite Campus has borne the brunt of a DDoS attack which has prevented parents from using the portal — and this has not been the first time the firm has been targeted. In a statement, the company said the latest DDoS attack’s “volume is 50 times greater and the duration is already 100 times longer than anything we’ve experienced before.”

Read more about the latest DDoS wave targeting Infinite Campus on ZDNet.