‘A year of cyberwar’ with Russia: An inside look from a top Ukrainian cybersecurity official
A year after the Russian invasion of Ukraine, the Ukrainian government has suffered untold numbers of cyberattacks designed to render systems inoperable and carry out espionage or psychological operations. Ukraine...
CISA director urges tech sector to stop shipping unsafe products
Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency, called on technology companies to take greater responsibility when it comes to the cybersecurity of their products that “are embedded into the very foundations of our society.” The remarks at a Carnegie Mellon University event on Monday echo a recent call to action from CISA for tech companies to “fundamentally shift” product design to one that...
A year after Russia’s invasion, the scope of cyberwar in Ukraine comes into focus
Twenty-four hours before the Russian invasion of Ukraine on Feb. 24, 2022, a group of cybersecurity researchers from the firm SentinelLabs sat together on the floor of a Miami hotel where they had gathered for a company...
Russian national accused of developing, selling malware appears in U.S. court
A Russian national accused of developing and licensing the “NLBrute” malware and selling at least 35,000 compromised logins appeared in a Florida federal court on Tuesday facing charges of conspiracy, access device fraud and computer fraud. Dariy Pankov, also known as “dpxaker,” was arrested in the Republic of Georgia on Oct. 4, 2022 and was recently extradited to the United States, U.S. Attorney Roger B. Handberg said in a...
White House cybersecurity strategy to force large companies to make systems secure by design
A forthcoming White House cybersecurity strategy document aims to force large companies to shoulder greater responsibility for designing secure products and to redesign digital ecosystems to be more secure, Camille...
The Energy Department’s Puesh Kumar on grid hacking, Ukraine and Pipedream malware
Cyberattacks against the energy sector have received increasing attention since a ransomware attack against Colonial Pipeline catalyzed a nation’s understanding of the risks to critical infrastructure. The Department of Energy is the agency responsible for ensuring that the energy sector is secured against all types of threats — whether physical or digital. The DOE stood up the Office of Cybersecurity, Energy Security, and...
More vulnerabilities in industrial systems raise fresh concerns about critical infrastructure hacks
A slew of new reports about vulnerabilities in operational technology systems are raising fresh concerns about potential weaknesses inside U.S. critical infrastructure organizations. In just the past few weeks,...
Supreme Court declines to hear Wikimedia case against NSA surveillance program
The Supreme Court declined to hear a rare case challenging the NSA’s secretive “upstream surveillance” program that gathers a massive amount of data on online communications, according to the court’s decision released Tuesday. The American Civil Liberties Union and Knight First Amendment Institute filed a petition for the high court to hear the case on behalf of the Wikimedia Foundation after the U.S. Court of Appeals for the...
FBI says cyber incident at New York field office ‘contained’
The FBI says it has contained a cyber incident at the agency’s New York field office that reportedly affected a computer network used in child sexual exploitation investigations. In a statement to FedScoop, the agency said it is aware of the incident and is working to gain additional information. The FBI added: “This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further...
Wikimedia wants the Supreme Court to hear case over NSA surveillance. Here’s what’s at stake.
The Supreme Court will meet on Friday to decide whether to review a case challenging the legality of the National Security Agency’s surveillance program that hoovers up Americans’ internet traffic as it flows in and...
After apparent hack, data from Australian tech giant Atlassian dumped online
A little known hacking crew called SiegedSec posted data on what appears to be thousands of Atlassian employees and floor plans for two of the Australian software vendor’s offices. The employee file posted online Wednesday contains more than 13,200 entries and a cursory review of the file appears to show multiple current employees’ data, including names, email addresses, work departments and other information. The floor plans are...
US government launches ‘strike force’ to combat Chinese and Russian technology threats
The U.S. government is stepping up its effort to combat threats from foreign technology investments, data acquisition and cyberattacks with a new collaboration between the Departments of Justice and Commerce, Deputy...
The cost of expected cybersecurity mandates: bigger energy bills for consumers
The Biden administration’s forthcoming national cybersecurity strategy is widely expected to call on utility operators to invest more on cybersecurity protections to guard against malicious hackers who are increasingly targeting critical infrastructure. And that will mean consumers will end up footing the bill for those added protections, said Bill Fehrman, CEO of Berkshire Hathaway Energy, at the annual S4x23 ICS conference in...
Russian cybersecurity expert convicted of charges in $90M hack-to-trade case
A Russian national accused of hacking into two U.S. firms that prepare filings for publicly traded companies, and then trading on information before it was public, was found guilty by a federal jury in Boston Tuesday. Vladislav Klyushin, 42, the owner of cybersecurity firm M-13 in Moscow, was found guilty of conspiracy to obtain unauthorized access to computers, wire fraud and securities fraud. “We are disappointed but respect the...
Ransomware attacks surge against US manufacturing plants
The manufacturing industry suffered at least 437 ransomware attacks in 2022, making up more than 70% of these types of costly and disruptive assaults that industrial companies faced last year, according to the cybersecurity firm Dragos. The number of attacks against manufacturing plants also jumped about 107% compared with the 211 recorded against the sector in 2021, according to data from Dragos, which specializes in cybersecurity for...
California lawmaker seeks to end to ‘reverse warrants’ that could pinpoint abortion seekers
A California lawmaker on Monday introduced a bill that would put an end to digital dragnet warrants that could be used to surveil individuals seeking reproductive health services and gender-affirming care. “With states across the country passing anti-abortion and anti-trans legislation, it’s vital that California shore up our protections against digital tracking of vulnerable people seeking healthcare,” said Democratic...
