Daily NCSC-FI news followup 2019-06-23

U.S. Carried Out Cyberattacks on Iran

www.nytimes.com/2019/06/22/us/politics/us-iran-cyber-attacks.html United States Cyber Command on Thursday conducted online attacks against an Iranian intelligence group that American officials believe helped plan the attacks against oil tankers in recent weeks, according to people briefed on the operation. The intrusion occurred the same day President Trump called off a strike on Iranian targets like radar and missile batteries. But the online operation was allowed to go forward because it was intended to be below the threshold of armed conflict using the same shadow tactics that Iran has deployed. The online attacks, which had been planned for several weeks, were ultimately meant to be a direct response to both the tanker attacks this month and the downing of an American drone this week, according to the people briefed on the operations. Multiple computer systems were targeted, according to people briefed on the operations, including those believed to have been used by an Iranian intelligence group that helped plan the tanker attacks. A: See also:



www.kauppalehti.fi/uutiset/washington-post-yhdysvallat-teki-kyberiskun-iranin-ohjusjarjestelmiin/10dd83a3-5f1a-4282-b1e7-06e0cdc29294, http. www.is.fi/ulkomaat/art-2000006151539.html,


www.kaleva.fi/uutiset/ulkomaat/mediatiedot-yhdysvallat-teki-kyberiskun-iranin-sotilastietojarjestelmiin/822392/ ja


DHS warns of spike in cyberattacks from Iran

www.washingtontimes.com/news/2019/jun/22/dhs-warns-spike-cyberattacks-iran/ Iranian computer hackers are ramping up attacks against U.S. targets, a top Department of Homeland Security official said Saturday. Christopher C. Krebs, the head of the DHS Cybersecurity and Infrastructure Security Agency, or CISA, issued a statement confirming recent reporting about Iranian hackers increasingly setting their sight on the U.S. as tensions flare between countries. CISA is aware of a recent rise in malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies, said Mr. Krebs. We will continue to work with our intelligence community and cybersecurity partners to monitor Iranian cyber activity share information, and take steps to keep America and our allies safe, he said. Iranian hackers are increasingly using wiper attacks to erase data stored on infected computers as opposed to just stealing it, Mr. Krebs added. These efforts are often enabled through common tactics like spear phishing, password spraying and credential stuffing. What might start as an account compromise, where you think you might just lose data, can quickly become a situation where youve lost your whole network, he warned. Individuals should defend themselves by exercising cybersecurity best practices and alert authorities of any suspected compromises, he said. CrowdStrike and FireEye, two private U.S. cybersecurity firms, both said Friday that they have witnessed an uptick in malicious activity in recent weeks traced to suspected Iranian government hackers. See also:


www.bleepingcomputer.com/news/security/us-government-warns-of-data-wipers-used-in-iranian-cyberattacks/, https://twitter.com/CISAKrebs/status/1142520000135278594 ja

www.zdnet.com/article/dhs-cisa-warns-of-iranian-hackers-habit-of-deploying-data-wiping-malware/. Vinkit: www.us-cert.gov/ncas/tips

Tor Browser 8.5.3 Fixes a Sandbox Escape Vulnerability in Firefox

www.bleepingcomputer.com/news/software/tor-browser-853-fixes-a-sandbox-escape-vulnerability-in-firefox/ Tor Browser 8.5.3 has been released to fix a Sandbox Escape vulnerability in Firefox that was recently used as part of a targeted attack against cryptocurrency companies. As this vulnerability is actively being used, it is strongly advised that all Tor users upgrade to the latest version.. When starting Tor Browser, it should alert you if a new version is available. If you would like to perform a manual check, you can do so by going to Tor Browser menu -> Help -> About Tor Browser.

You might be interested in …

Daily NCSC-FI news followup 2019-07-23

4 Practical Steps for Shift Left Security blog.paloaltonetworks.com/2019/07/4-practical-steps-shift-left-security/ Since the beginning of modern computing, security has largely been divorced from software development. Recent vulnerability research confirms this. Consider that over the past five years, out of all published vulnerabilities, 76% were from applications. Given this radical shift in attacker focus, its time to embed security […]

Read More

Daily NCSC-FI news followup 2019-11-19

Why Were the Russians So Set Against This Hacker Being Extradited? krebsonsecurity.com/2019/11/why-were-the-russians-so-set-against-this-hacker-being-extradited/ The Russian government has for the past four years been fighting to keep 29-year-old alleged cybercriminal Alexei Burkov from being extradited by Israel to the United States.. When Israeli authorities turned down requests to send him back to Russia supposedly to face separate […]

Read More

Daily NCSC-FI news followup 2020-02-29

TRICKBOT DELIVERY METHOD GETS A NEW UPGRADE FOCUSING ON WINDOWS 10 blog.morphisec.com/trickbot-delivery-method-gets-a-new-upgrade-focusing-on-windows Over the past few weeks, Morphisec Labs researchers identified a couple dozen documents that execute the OSTAP javascript downloader.. This time we have identified the use of the latest version of the remote desktop activeX control class that was introduced for Windows 10. […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.