The U.S. cybersecurity agency says that a sprawling cyber espionage campaign made public earlier this month is affecting state and local governments, although it released few additional details. From a report: The hacking campaign, which used U.S. tech company SolarWinds as a springboard to penetrate federal government networks, was “impacting enterprise networks across federal, state, and local governments, as well as…
Tag: cybersecurity
Apple, Google, Microsoft, and Mozilla Ban Kazakhstan’s MitM HTTPS Certificate
Browser makers Apple, Google, Microsoft, and Mozilla, have banned a root certificate that was being used by the Kazakhstan government to intercept and decrypt HTTPS traffic for residents in the country’s capital, the city of Nur-Sultan (formerly Astana). From a report: The certificate had been in use since December 6, 2020, when Kazakh officials forced local internet service providers to block…
How Do US Government Agencies Verify Security Software from Private Contractors?
A recent article at Politico argues that the U.S. government “doesn’t do much to verify the security of software from private contractors. And that’s how suspected Russian hackers got in.” The federal government conducts only cursory security inspections of the software it buys from private companies for a wide range of activities, from managing databases to operating internal chat applications. That…
3 Million Users Have Installed 28 Malicious Chrome or Edge Extensions, Says Avast
More than three million internet users are believed to have installed 15 Chrome, and 13 Edge extensions that contain malicious code, reports ZDNet, citing an announcement from cybersecurity company Avast: Avast researchers said they believe the primary objective of this campaign was to hijack user traffic for monetary gains. “For every redirection to a third party domain, the cybercriminals would receive…
UK Use of Software Linked To Russia-Hack Runs Deep
The little-known Texas software company that’s been attacked by suspected Russian hackers has a sprawling reach among U.K. government agencies, potentially putting clients from the National Health Service to police forces at risk. From a report: SolarWinds, which fell victim to hackers who put a “backdoor” in the software giving them access to users’ computer networks, has been deployed by the…
Hackers Tied To Russia Hit US Nuclear Agency, Three States
The U.S. nuclear weapons agency and at least three states were hacked as part of a suspected Russian cyber attack that struck a number of federal government agencies. Microsoft Corp. was also breached, and its products were used to further attacks on others, Reuters reported. Bloomberg reports: The Energy Department and its National Nuclear Security Administration, which maintains America’s nuclear stockpile,…
Can’t Get a PlayStation 5? Meet the Grinch Bots Snapping Up the Holidays’ Hottest Gift.
Computer programs that automate online tasks, called bots, have aligned with the coronavirus pandemic and low inventories of hot products to create a perfect storm of holiday disappointment — or opportunity, depending on your perspective. From a report: On Black Friday, when it launched a deal on the console, Walmart.com says it blocked more than 20 million bot attempts in the…
Hackers at Center of Sprawling Spy Campaign Turned SolarWinds’ Dominance Against It
An anonymous reader shares a report: On an earnings call two months ago, SolarWinds Chief Executive Kevin Thompson touted how far the company had gone during his 11 years at the helm. There was not a database or an IT deployment model out there to which his Austin, Texas-based company did not provide some level of monitoring or management, he told…
Coursera Becomes Part of Global Services Administration Listing
Now Any Federal Government Agency Can Easily Engage Coursera for Upskilling Projects By Kevin Mills, Head of Government Partnerships Approximately 400,000 Federal employees will need to be reskilled by FY 2021, according to the Office of Management and Budget. That’s nearly 20% of the government’s current workforce. Today, we are excited to announce an agreement […]
The post Coursera Becomes Part of…
Russia Breached Update Server Used by 300,000 Organizations, Including the NSA
Sunday Reuters reported that “a sophisticated hacking group” backed by “a foreign government” has stolen information from America’s Treasury Department, and also from “a U.S. agency responsible for deciding policy around the internet and telecommunications.” The Washington Post has since attributed the breach to “Russian government hackers,” and discovered it’s “part of a global espionage campaign that stretches back months, according…