Daily NCSC-FI news followup 2019-06-23

U.S. Carried Out Cyberattacks on Iran

www.nytimes.com/2019/06/22/us/politics/us-iran-cyber-attacks.html United States Cyber Command on Thursday conducted online attacks against an Iranian intelligence group that American officials believe helped plan the attacks against oil tankers in recent weeks, according to people briefed on the operation. The intrusion occurred the same day President Trump called off a strike on Iranian targets like radar and missile batteries. But the online operation was allowed to go forward because it was intended to be below the threshold of armed conflict using the same shadow tactics that Iran has deployed. The online attacks, which had been planned for several weeks, were ultimately meant to be a direct response to both the tanker attacks this month and the downing of an American drone this week, according to the people briefed on the operations. Multiple computer systems were targeted, according to people briefed on the operations, including those believed to have been used by an Iranian intelligence group that helped plan the tanker attacks. A: See also:

news.yahoo.com/pentagon-secretly-struck-back-against-iranian-cyber-spies-targeting-us-ships-234520824.html,

www.washingtonpost.com/world/national-security/with-trumps-approval-pentagon-launched-cyber-strikes-against-iran/2019/06/22/250d3740-950d-11e9-b570-6416efdc0803_story.html,

www.kauppalehti.fi/uutiset/washington-post-yhdysvallat-teki-kyberiskun-iranin-ohjusjarjestelmiin/10dd83a3-5f1a-4282-b1e7-06e0cdc29294, http. www.is.fi/ulkomaat/art-2000006151539.html,

www.hs.fi/ulkomaat/art-2000006151551.html,

www.kaleva.fi/uutiset/ulkomaat/mediatiedot-yhdysvallat-teki-kyberiskun-iranin-sotilastietojarjestelmiin/822392/ ja

www.wsj.com/articles/u-s-launched-cyberattacks-on-iran-11561263454

DHS warns of spike in cyberattacks from Iran

www.washingtontimes.com/news/2019/jun/22/dhs-warns-spike-cyberattacks-iran/ Iranian computer hackers are ramping up attacks against U.S. targets, a top Department of Homeland Security official said Saturday. Christopher C. Krebs, the head of the DHS Cybersecurity and Infrastructure Security Agency, or CISA, issued a statement confirming recent reporting about Iranian hackers increasingly setting their sight on the U.S. as tensions flare between countries. CISA is aware of a recent rise in malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies, said Mr. Krebs. We will continue to work with our intelligence community and cybersecurity partners to monitor Iranian cyber activity share information, and take steps to keep America and our allies safe, he said. Iranian hackers are increasingly using wiper attacks to erase data stored on infected computers as opposed to just stealing it, Mr. Krebs added. These efforts are often enabled through common tactics like spear phishing, password spraying and credential stuffing. What might start as an account compromise, where you think you might just lose data, can quickly become a situation where youve lost your whole network, he warned. Individuals should defend themselves by exercising cybersecurity best practices and alert authorities of any suspected compromises, he said. CrowdStrike and FireEye, two private U.S. cybersecurity firms, both said Friday that they have witnessed an uptick in malicious activity in recent weeks traced to suspected Iranian government hackers. See also:

www.bloomberg.com/news/articles/2019-06-22/iran-increases-cyberattacks-on-the-u-s-amid-tensions-dhs-says,

www.bleepingcomputer.com/news/security/us-government-warns-of-data-wipers-used-in-iranian-cyberattacks/, https://twitter.com/CISAKrebs/status/1142520000135278594 ja

www.zdnet.com/article/dhs-cisa-warns-of-iranian-hackers-habit-of-deploying-data-wiping-malware/. Vinkit: www.us-cert.gov/ncas/tips

Tor Browser 8.5.3 Fixes a Sandbox Escape Vulnerability in Firefox

www.bleepingcomputer.com/news/software/tor-browser-853-fixes-a-sandbox-escape-vulnerability-in-firefox/ Tor Browser 8.5.3 has been released to fix a Sandbox Escape vulnerability in Firefox that was recently used as part of a targeted attack against cryptocurrency companies. As this vulnerability is actively being used, it is strongly advised that all Tor users upgrade to the latest version.. When starting Tor Browser, it should alert you if a new version is available. If you would like to perform a manual check, you can do so by going to Tor Browser menu -> Help -> About Tor Browser.

You might be interested in …

Daily NCSC-FI news followup 2020-11-21

Leaky Buddies: Cross-Component Covert Channels on Integrated CPU-GPU Systems arxiv.org/pdf/2011.09642.pdf Integrated GPUs share some resources with the CPU and as a result, there is a potential for microarchitectural attacks from the GPU to the CPU or vice versa. We believe this type of attack, crossing the component boundary (GPU to CPU or vice versa) is […]

Read More

Daily NCSC-FI news followup 2020-12-15

Yhdysvalloissa on hakkeroitu lisää hallinnon järjestelmiä kotimaan turvallisuusvirasto oli viimeisimmän kyberhyökkäyksen uhri yle.fi/uutiset/3-11697114 Yhdysvaltain kotimaan turvallisuusviraston vastuulla on maan suojeleminen perinteisiä sekä verkkohyökkäyksiä vastaan. No One Knows How Deep Russia’s Hacking Rampage Goes www.wired.com/story/russia-solarwinds-supply-chain-hack-commerce-treasury/ Dark Halo Leverages SolarWinds Compromise to Breach Organizations www.volexity.com/blog/2020/12/14/dark-halo-leverages-solarwinds-compromise-to-breach-organizations/ Volexity is releasing additional research and indicators associated with compromises impacting customers […]

Read More

Daily NCSC-FI news followup 2020-06-19

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy krebsonsecurity.com/2020/06/fema-it-specialist-charged-in-id-theft-tax-refund-fraud-conspiracy/ An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.