DoJ Blasts Apple on Lack of Encryption Backdoor - Again

Data Breach Today

Law Enforcement Leaders Say Encryption Delayed Terrorist Investigation; Apple Pushes Back Although FBI technicians were able to gain access to data in two iPhones belonging to a Saudi national who killed three U.S.

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

as members of the PLA’s 54 th Research Institute, a component of the Chinese military. military against foreign targets, Barr said the DOJ did so in this case because the accused “indiscriminately” targeted American civilians on a massive scale. The U.S.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Maze ransomware operators stole data from US military contractor Westech

Security Affairs

Hackers have stolen confidential documents from the US military contractor Westech, which provides critical support for US Minuteman III nuclear deterrent. Threat actors first compromised the Westech’s network, then stole the documents before encrypting them.

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe.

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

One sliver of the $90 billion, or so, companies are expected to spend this year on cybersecurity products and services is an estimated $85 million they will shell out for encrypted flash drives. DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. The encryption in our products is handled by a chip inside the actual hardware itself.

Chinese Military personnel charged with hacking into credit reporting agency Equifax

Security Affairs

The United States Department of Justice charged 4 Chinese military hackers with hacking into credit reporting agency Equifax. The four members of the Chinese military unit are Wu Zhiyong (???), were members of the PLA’s 54 th Research Institute, a component of the Chinese military.

Q&A: The troubling implications of normalizing encryption backdoors — for government use

The Last Watchdog

Should law enforcement and military officials have access to a digital backdoor enabling them to bypass any and all types of encryption that exist today? The disturbing thing is that in North America and Europe more and more arguments are being raised in support of creating and maintaining encryption backdoors for government use. Here are excerpts edited for clarity and space: LW: What’s wrong with granting governments the ability to break encryption?

The Myth of Consumer-Grade Security

Schneier on Security

The Department of Justice wants access to encrypted consumer devices but promises not to infiltrate business products or affect critical infrastructure. Nor are we necessarily talking about the customized encryption used by large business enterprises to protect their operations.

Security Vulnerabilities in US Weapons Systems

Schneier on Security

From the summary: Automation and connectivity are fundamental enablers of DOD's modern military capabilities. control cybersecurity departmentofdefense encryption nationalsecuritypolicy operationalsecurity passwords reports vulnerabilities weapons

Maze Ransomware operators hacked the Xerox Corporation

Security Affairs

Xerox Corporation is the last victim of the Maze ransomware operators, hackers have encrypted its files and threaten of releasing them. Maze ransomware operators have breached the systems of the Xerox Corporation and stolen files before encrypting them.

GUEST ESSAY: Why the hack of South Korea’s weapons, munitions systems was so predictable

The Last Watchdog

The disclosure that malicious intruders hacked the computer systems of the South Korean government agency that oversees weapons and munitions acquisitions for the country’s military forces is not much of a surprise. In today’s environment for commercial business, let alone government security and defense agencies, the de rigueur approach for cyber security necessarily includes end-to-end encryption, single sign-on, and two-factor authentication, at minimum.

Crypto AG Was Owned by the CIA

Schneier on Security

The Swiss cryptography firm Crypto AG sold equipment to governments and militaries around the world for decades after World War II. These spy agencies rigged the company's devices so they could easily break the codes that countries used to send encrypted messages.

Maze ransomware gang hacked M&A firm Threadstone Advisors LLP

Security Affairs

MAZE ransomware operators have stolen the data of the company before encrypting its systems and threaten to leak it in case the victim will not pay the ransom.

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Krebs on Security

military and to other high-value customers/targets that manage key Internet infrastructure, and that those organizations have been asked to sign agreements preventing them from disclosing details of the flaw prior to Jan. Sources tell KrebsOnSecurity that Microsoft Corp.

Texas Government Agencies Hit by Ransomware

Adam Levin

The DIR has yet to identify the affected government entities and is currently working with the Texas Military Department as well as the Texas A&M Cyberresponse and Security Operation Center to investigate the attack and restore critical services where possible. .

Supply-Chain Security

Schneier on Security

Earlier this month, the Pentagon stopped selling phones made by the Chinese companies ZTE and Huawei on military bases because they might be used to spy on their users. Members of the military, and everyone else, can still buy the phones. They just can't buy them on US military bases.

US Govn contractor Electronic Warfare Associates infected with Ryuk ransomware

Security Affairs

Evidence of the hack is still visible online because Google has cashed the ransom notes and encrypted files. The encrypted files and ransom note are associated with a Ryuk ransomware infection.

UK, US and its allies blame Russia’s GRU for 2019 cyber-attacks on Georgia

Security Affairs

The governments of Britain and the US declared that Russia’s military intelligence service GRU is behind the massive cyber attack that hit Georgia during 2019. The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Russia-linked Gamaredon group targets Ukraine officials

Security Affairs

Russia-linked Gamaredon cyberespionage group has been targeting Ukrainian targets, including diplomats, government and military officials. Russia linked APT group tracked as Gamaredon has been targeting several Ukrainian diplomats, government and military officials, and law enforcement.

Platinum APT and leverages steganography to hide C2 communications

Security Affairs

In June 2018, experts at Kaspersky were investigating attacks against government and military entities in South and Southeast Asian countries, The experts tracked the campaign as EasternRoppels, they speculate it may have started as far back as 2012.

The Dangers of Using Unsecured Wi-Fi Networks

Security Affairs

Data that travels over a public hotspot network is rarely encrypted. The answer is a virtual private network (VPN) which creates a private tunnel between your device and the internet and encrypts your data. Isn’t public Wi-Fi great?

Security Affairs newsletter Round 253

Security Affairs

Kr00k Wi-Fi Encryption flaw affects more than a billion devices. Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates. A new round of the weekly newsletter arrived! The best news of the week with Security Affairs.

Maze Ransomware gang breached the US chipmaker MaxLinear

Security Affairs

MaxLinear restored some of the systems using its backups, despite Maze Ransomware threatened to leak over 1TB of data allegedly stolen before encrypting the infected systems.

List of data breaches and cyber attacks in March 2020 – 832 million records breached

IT Governance

Randleman Eye Center says some files were encrypted in cyber attack (unknown). Medical and military contractor Kimchuk hit by ransomware (unknown). Financial companies embroiled in massive data leak after failing to encrypt info (500,000).

MY TAKE: How state-backed cyber ops have placed the world in a constant-state ‘Cyber Pearl Harbor’

The Last Watchdog

That May 10th air strike by the Israel Defense Force marked the first use of military force in direct retaliation for cyber spying. This comes as no surprise to anyone in the military or intelligence communities. Russia explicitly recruits folks already engaged in criminal activities, and once recruited, they are contracted and connected to military organizations for direction and oversight,” Bort told me.

US administration requests $9.8B for cyber 2021 budget for the Department of Defense

Security Affairs

The amount requested for the Department of Defense in the “ DOD Releases Fiscal Year 2021 Budget Proposal ” is nearly the same one as last year for cyber operations that the US military will conduct in 2020. The US administration requested $9.8

NEW TECH: Silverfort extends ‘adaptive multi-factor authentication’ via key partnerships

The Last Watchdog

Silverfort is the brainchild of a band of colleagues who toiled together in the encryption branch of Unit 8200 , the elite cybersecurity arm of the Israeli military. That was the problem company Co-Founder and CEO Hed Kovetz, and his fellow military compatriots set out to solve in the commercial arena upon discharge from Unit 8200 a few years ago.

Crypto AG was spied for US, German intelligence agencies for decades

Security Affairs

Swiss authorities are investigating into allegations the company Crypto AG, a Switzerland-based maker of encryption devices, was a front company for the CIA and German intelligence.

Companies need CASBs now more than ever — to help secure ‘digital transformation’

The Last Watchdog

FedEx discovered this when an unsecured Amazon Simple Storage Service (S3) server — configured for public access — exposed thousands of FedEx customer records, including civilian and military ID cards, resumes, bills, and more. . CipherCloud’s founders, for instance, came from an encryption services background. The vendor has built a broad portfolio of CASB services around this encryption core. “We

Security Affairs newsletter Round 264

Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Security Affairs

Italian Military Personnel and National Association of Professional Educators. Hackers were able to obtain 97 un-encrypted passwords, emails, telephone numbers, virtual hosts. Military Personnel. Guy Fawkes Day, November 5th 2018 – LulzSec Italy announced credit a string of hacks and leaks targeting numerous systems and websites across Italy.

NEW TECH: How ‘adaptive multi-factor authentication’ is gaining traction via partnerships

The Last Watchdog

Silverfort is the brainchild of a band of colleagues who toiled together in the encryption branch of Unit 8200 , the elite cybersecurity arm of the Israeli military. That was the problem company Co-Founder and CEO Hed Kovetz, and his fellow military compatriots set out to solve in the commercial arena upon discharge from Unit 8200 a few years ago.

Ethical Hackers: A Business’s Best Friend?

Thales eSecurity

encryption, two-factor authentication and key management) to protect their data from hackers. military and Apple regularly offering rewards to anyone who can find and report vulnerabilities. Originally published in Forbes on July 29, 2019.

The Platinum APT group adds the Titanium backdoor to its arsenal

Security Affairs

In June 2018, experts at Kaspersky were investigating attacks against government and military entities in South and Southeast Asian countries, The experts tracked the campaign as EasternRoppels, they speculate it may have started as far back as 2012.

MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry

Security Affairs

The victim was one of the most important leaders in the field of security and defensive military grade Naval ecosystem in Italy. At a first sight, the office document had an encrypted content available on OleObj.1 Stage1: Encrypted Content.

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Security Affairs

The Operation Transparent Tribe was first spotted by Proofpoint Researchers in Feb 2016, in a series of espionages operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. Exclusive: Pakistan and India to armaments.

Bouncing Golf cyberespionage campaign targets Android users in Middle East

Security Affairs

The attackers appear to be focused o n stealing military-related information. The malicious code allows the attackers to choose the data types to collect, stolen data is encrypted using a simple XOR operation with a pre-configured key, then it is sent to the C2 via HTTP POST requests.

How to Ensure Your Digital Security During the Rugby World Cup

Thales eSecurity

First, it said that it would invest in cultivating military assets in the digital space, as reported by the Organization for World Peace. Now that it’s September, the excitement is beginning to build in earnest for the 2019 Rugby World Cup.

IoT 108

New Turla ComRAT backdoor uses Gmail for Command and Control

Security Affairs

Earlier versions of Agent.BTZ were used to compromise US military networks in the Middle East in 2008. Despite their extensions, the attachments are not Office documents, but rather encrypted blobs of data that include a specific command to be executed.

Surveillance after Snowden

Data Protector

Some have altered their communication methods, while others have taken advantage of new encryption tools. The report explains that: “States need secrets, for intelligence and military purposes, criminal investigations and a host of other reasons.