WikiLeaks just dropped the CIA’s secret how-to for infecting Windows

Latest batch of documents details how CIA infects targets’ Windows-based computers.

WikiLeaks has published what it says is another batch of secret hacking manuals belonging to the US Central Intelligence Agency as part of its Vault7 series of leaks. The site is billing Vault7 as the largest publication of intelligence documents ever.

Continue reading “WikiLeaks just dropped the CIA’s secret how-to for infecting Windows”

Trump says cyberattacks had “no effect” on election outcome after briefing

Four top intelligence officials briefed the president-elect Friday on a classified report on Russian hacking and interference in the election

 

Top intelligence officials briefed President-elect Donald Trump Friday on Russia’s hacking efforts to interfere with the U.S. election.

Following the briefing at Trump Tower in New York, Mr. Trump released a statement on what he called a “constructive meeting and conversation” saying that the cyberattacks had “no effect on the outcome of the election.”

Continue reading “Trump says cyberattacks had “no effect” on election outcome after briefing”

Vermont power company finds malware linked to Russian hackers

A malware signature linked to ‘Grizzly Steppe’ by the FBI and DHS was found on a single laptop.

Just a few days ago, the FBI and the Department of Homeland Security released a report detailing their assessment that Russian hackers were behind a series of attacks on US agencies and citizens. While the Obama administration issued sanctions, code linked to those hackers has been shared with other agencies, and on Friday, the Burlington Electric Department found malware with a matching signature on one of its laptops. The discovery raises more questions than it answers, but with recent reports of Russian hackers attacking the power grid in Ukraine, it obviously has raised alerts all over.

Continue reading “Vermont power company finds malware linked to Russian hackers”

What’s their angle? Breaking down the Putin, Trump and Obama spy games

A tweet from the Russian government responding to US sanctions is shown.

President Barack Obama and his first secretary of state, Hillary Clinton, entered the White House in 2009 with visions of a “Russian reset.” But Obama will leave office next month in the midst of a shadowy Cold War-era fever dream, as Washington and Moscow are, once again, beset by accusations of diplomatic chicanery and outright espionage.

Continue reading “What’s their angle? Breaking down the Putin, Trump and Obama spy games”

Obama announces sanctions for Russian election hacking

The Obama administration announced today that it will impose sanctions on Russian intelligence services and officials in response to the hacks of American political institutions during the election season.

Continue reading “Obama announces sanctions for Russian election hacking”

The government body that oversees the security of voting systems was itself hacked

The U.S. Election Assistance Commission, which is responsible for testing and certifying voting systems, among other things, was hacked around the time of the election, security outfit Recorded Future reports. The EAC confirmed a “potential intrusion” in a statement issued to TechCrunch.

This isn’t a smoking gun for a stolen election or anything like that; the EAC doesn’t actually run the elections, nor does it handle voter information. But it is a shameful display all the same, especially considering how loudly and frequently the hacking threat has been bruited by officials this year.

Continue reading “The government body that oversees the security of voting systems was itself hacked”

FriendFinder Networks hack reportedly exposed over 412 million accounts

If you have an account on AdultFriendFinder, Cams.com, Penthouse, Stripshow and/or iCams.com — and reused it on other sites — you should probably change your password. FriendFinder Networks, the parent company of those sites, has reportedly been hacked, resulting in the leak of of over 412 million accounts, according to Leaked Source (h/t to CSO). For context of just how big this breach is, the Ashley Madison hack affected 32 million people.

Continue reading “FriendFinder Networks hack reportedly exposed over 412 million accounts”

The consequences of the Trump presidency on cybersecurity

A situation now revealed in all its hideousness, brought to us by a 400-lb hacker in bed.

Hacking and cybersecurity played a huge role in the presidential election. So much so that Donald Trump, America’s new president-elect, was helped greatly by the acts of criminal hackers in his journey to the White House, and is now an outspoken WikiLeaks fan.

Though, unless he appoints Julian Assange as his Cybersecurity Czar, I doubt we’ll be seeing WikiLeaks coming to Trump’s rescue when he needs help with cyber-policy in the near future. But you never know.

Continue reading “The consequences of the Trump presidency on cybersecurity”

After the election, hackers target think tanks with phishing attacks

Security firm Volexity believes the emails come from the same Russians accused of hacking the DNC.

Now that the election is over, the Russian teams of hackers suspected of breaking into the Democratic Party’s systems have reportedly launched a new phishing attack on US political think tanks and non-government organizations. Incident response firm Volexity has compiled information on “The Dukes” (aka APT29 or Cozy Bear) that it believes are behind the attacks. This time around, they worked by posing as a Harvard professor, sending links to Microsoft Office Word or Excel documents that contained a macro used to install a malware downloader on that target’s computer. Once installed, it downloads a PNG file that has a backdoor embedded via steganography.

Continue reading “After the election, hackers target think tanks with phishing attacks”