Juniper Breach Mystery Starts to Clear With New Details on Hackers and U.S. Role
finance.yahoo.com/news/juniper-breach-mystery-starts-clear-130016591.html Bloomberg News investigation has filled in significant new details, including why Sunnyvale, California-based Juniper, a top maker of computer networking equipment, used the NSA algorithm in the first place, and who was behind the attack.. Pentagon tied some future contracts for Juniper specifically to the use of Dual Elliptic Curve, the employees said. The request prompted concern among some Juniper engineers, but ultimately the code was added to appease a large customer, the employees said.. Members of a hacking group linked to the Chinese government called APT 5 hijacked the NSA algorithm in 2012, according to two people involved with Junipers investigation and an internal document detailing its findings that Bloomberg reviewed. The hackers altered the algorithm so they could decipher encrypted data flowing through the virtual private network connections created by NetScreen . devices. They returned in 2014 and added a separate backdoor that allowed them to directly access NetScreen products, according to the people and the document.
Apple Delays iPhone Child Sexual Abuse Scanning After Uproar
www.forbes.com/sites/thomasbrewster/2021/09/03/apple-delays-iphone-child-sexual-abuse-scanning-after-uproar/ Apple has apparently been listening to its critics. On Friday, it announced it was going to delay a controversial technology that would scan users iPhone photos before they went up to the iCloud to check them for known child sexual abuse material (CSAM).
Cybercrime Group FIN7 Using Windows 11 Alpha-Themed Docs to Drop Javascript Backdoor
www.anomali.com/blog/cybercrime-group-fin7-using-windows-11-alpha-themed-docs-to-drop-javascript-backdoor Anomali Threat Research discovered six malicious Windows 11 Alpha-themed Word documents with Visual Basic macros being used to drop JavaScript payloads, including a Javascript backdoor.
Babuk ransomware’s full source code leaked on hacker forum
www.bleepingcomputer.com/news/security/babuk-ransomwares-full-source-code-leaked-on-hacker-forum/ A threat actor has leaked the complete source code for the Babuk ransomware on a Russian-speaking hacking forum.
FBI: Spike in sextortion attacks cost victims $8 million this year
www.bleepingcomputer.com/news/security/fbi-spike-in-sextortion-attacks-cost-victims-8-million-this-year/ The FBI Internet Crime Complaint Center (IC3) has warned of a massive increase in sextortion complaints since the start of 2021, resulting in total financial losses of more than $8 million until the end of July.
RISK CONSIDERATIONS FOR MANAGED SERVICE PROVIDER CUSTOMERS
www.cisa.gov/publication/risk-considerations-msp-customers This CISA Insights provides a framework that government and private sector organizations (to include small and medium-sized businesses) outsourcing some level of IT support to MSPs can use to better mitigate against third-party risk.
More than 10% of Firebase databases are open and exposing data
therecord.media/more-than-10-of-firebase-databases-are-open-and-exposing-data/ In a research project conducted in July 2021 and published this week on Wednesday, cybersecurity firm Avast said it found nearly 19,300 Firebase databases from a grand total of 180,300 that were left exposed online without authentication.
New Zealand internet outage blamed on DDoS attack on nation’s third largest internet provider
www.theregister.com/2021/09/03/nz_outage/ Vocus the country’s third-largest internet operator which is behind brands including Orcon, Slingshot and Stuff Fibre confirmed the cyberattack originated at one of its customers.
Confessions of a ransomware negotiator: Well, somebody’s got to talk to the criminals holding data hostage
www.theregister.com/2021/09/03/how_to_be_a_ransomware/ Often he finds that the ransomware gang’s negotiating skills are quite weak. So part of his role is to make sure that the ransomware-flingers or their henchpersons don’t learn anything more during the negotiations than they already do about the company they’ve attacked and the data they’ve encrypted and/or stolen.
FTC bans ‘brazen’ stalkerware maker SpyFone, orders data deletion, alerts to victims
www.theregister.com/2021/09/02/ftc_spyfone_stalkerware/ America’s trade watchdog today banned stalkerware developer SpyFone and its CEO from the surveillance industry, effectively putting an end to its business.