Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

Credit to Author: BrianKrebs| Date: Fri, 16 Apr 2021 12:57:19 +0000

On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. An analysis of the malicious file and other submissions by the same VirusTotal user suggest the account that initially flagged the backdoor as suspicious belongs to IT personnel at the National Telecommunications and Information Administration (NTIA), a division of the U.S. Commerce Department that handles telecommunications and Internet policy.

Read more

Report: U.S. Cyber Command Behind Trickbot Tricks

Credit to Author: BrianKrebs| Date: Sat, 10 Oct 2020 04:47:09 +0000

A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet, a malware crime machine that has infected millions of computers and is often used to spread ransomware. A new report Friday says the coordinated attack was part of an operation carried out by the U.S. military’s Cyber Command.

Read more

Mass surveillance alone will not save us from coronavirus

Credit to Author: David Ruiz| Date: Wed, 15 Apr 2020 18:05:40 +0000

As governments roll out enormous data collection programs to limit coronavirus, we should remember that mass surveillance alone will not save us.

Categories:

Tags:

(Read more…)

The post Mass surveillance alone will not save us from coronavirus appeared first on Malwarebytes Labs.

Read more

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Credit to Author: BrianKrebs| Date: Mon, 13 Jan 2020 22:17:47 +0000

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to branches of the U.S. military and to other high-value customers/targets that manage key Internet infrastructure, and that those organizations have been asked to sign agreements preventing them from disclosing details of the flaw prior to Jan. 14, the first Patch Tuesday of 2020.

Read more

Backdoors are a security vulnerability

Credit to Author: David Ruiz| Date: Fri, 09 Aug 2019 16:10:27 +0000

Upset by their inability to access potentially vital evidence for criminal investigations, the federal government has, for years, pushed to convince tech companies to build backdoors that will, allegedly, only be used by law enforcement agencies. The problem, cybersecurity researchers say, is that those backdoors can easily be exploited by criminals.

Categories:

Tags:

(Read more…)

The post Backdoors are a security vulnerability appeared first on Malwarebytes Labs.

Read more

Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware

Credit to Author: BrianKrebs| Date: Tue, 04 Jun 2019 00:16:11 +0000

For almost the past month, key computer systems serving the government of Baltimore, Md. have been held hostage by a ransomware strain known as “Robbinhood.” Media publications have cited sources saying the Robbinhood version that hit Baltimore city computers was powered by “Eternal Blue,” a hacking tool developed by the U.S. National Security Agency (NSA) and leaked online in 2017. But new analysis suggests that while Eternal Blue could have been used to spread the infection, the Robbinhood malware itself contains no traces of it.

Read more

A week in security (March 4 – 11)

Credit to Author: Malwarebytes Labs| Date: Mon, 11 Mar 2019 15:47:27 +0000

A roundup of cybersecurity news from March 4–11, including a Chrome zero-day, Labs’ data privacy report, news from RSA, and more.

Categories:

Tags:

(Read more…)

The post A week in security (March 4 – 11) appeared first on Malwarebytes Labs.

Read more

Who Was the NSA Contractor Arrested for Leaking the ‘Shadow Brokers’ Hacking Tools?

Credit to Author: BrianKrebs| Date: Mon, 27 Nov 2017 17:01:26 +0000

In August 2016, a mysterious entity calling itself “The Shadow Brokers” began releasing the first of several troves of classified documents and hacking tools purportedly stolen from “The Equation Group,” a highly advanced threat actor that is suspected of having ties to the U.S. National Security Agency. According to media reports, at least some of the information was stolen from the computer of an unidentified software developer and NSA contractor who was arrested in 2015 after taking the hacking tools home. In this post, we’ll examine clues left behind in the leaked Equation Group documents that may point to the identity of the mysterious software developer.

Read more