Security daily (23-10-2020)

US sanctions Russian government institution in connection with Trisis malware

The U.S. Treasury Department sanctioned a Russian government research institute on Friday that it said was connected to the strain of destructive malware frequently labeled the most dangerous in the world. Known as Trisis or Triton, the malicious software is designed to target systems used to safely control emergency shutdowns of industrial plants. Last year, security researchers at Dragos determined that the hackers behind the tool had scanned the networks of U.S. electrical utilities, after the malware initially surfaced in 2017 at a Saudi petrochemical plant. The sanctions mark the first time any government has publicly connected Trisis to Russia. “In recent years, the Triton malware has been deployed against U.S. partners in the Middle East, and the hackers behind the malware have been reportedly scanning and probing U.S. facilities,” Treasury said it its sanctions announcement. “The development and deployment of the Triton malware against our partners is particularly troubling given the Russian government’s involvement in malicious […] The post US sanctions Russian government institution in connection with Trisis malware appeared first on CyberScoop. (CyberScoop)

Global cyber community can do more to stop state-sponsored malware, EFF researcher says

When it comes to defending against foreign cyber powers, many U.S. national security experts tend to hype up countries with powerful hacking capabilities, such as China, Iran, Russia, and North Korea. Regarding state-sponsored malware campaigns, though, the security community needs to dig deeper, says Cooper Quintin, a security researcher and programmer at the Electronic Frontier Foundation. “We’ve found lots of countries now are starting to get hacking programs. It’s a lot of countries you wouldn’t expect,” Quintin said Friday during CyberTalks, a virtual event produced by Scoop News Group. “We’ve seen state-sponsored malware coming out of Kazakhstan, Lebanon, Morocco, Ethiopia, and all sorts of countries that haven’t previously been well known for their hacking capabilities.” The countries themselves haven’t necessarily developed hacking capabilities, though they appear to be outsourcing cyber-operations to third parties, or shopping around for commercial hacking tools in an effort to mask government involvement, according to Quintin. The government of Kazakhstan, for […] The post Global cyber community can do more to stop state-sponsored malware, EFF researcher says appeared first on CyberScoop. (CyberScoop)

S3 Ep3: Cryptography, hacking and pwning Chrome [Podcast]

Listen to the latest Naked Security podcast! (Naked Security)

Ransomware Takes Down Network Of French IT Giant

(News ≈ Packet Storm)

Russian Hackers Infiltrated Government Networks

(News ≈ Packet Storm)

FDA Vuln Grading System Proves All Risk Not Created Equal

(News ≈ Packet Storm)

Nvidia Tackles Code Execution, Data Leaks In GeForce Experience

(News ≈ Packet Storm)

New Framework Released to Protect Machine Learning Systems From Adversarial Attacks

Microsoft, in collaboration with MITRE, IBM, NVIDIA, and Bosch, has released a new open framework that aims to help security analysts detect, respond to, and remediate adversarial attacks against machine learning (ML) systems. Called the Adversarial ML Threat Matrix, the initiative is an attempt to organize the different techniques employed by malicious adversaries in subverting ML systems. Just (The Hacker News)

U.S. Levies Sanctions Against Russian Research Institution Linked to Triton Malware

The latest in a flurry of actions this week, tied to foreign threats against U.S. computer systems, includes sanctions by the Department of the Treasury. (Threatpost)

IoT Device Takeovers Surge 100 Percent in 2020

The COVID-19 pandemic, coupled with an explosion in the number of connected devices, have led to a swelling in IoT infections observed on wireless networks. (Threatpost)

Louisiana Calls Out National Guard to Fight Ransomware Surge

An investigation showed a custom backdoor RAT and the Emotet trojan in the networks of municipal victims of the attacks. (Threatpost)

Election Security: Beyond Mail-In Voting

There are many areas of the election process that criminal hackers can target to influence election results. (Threatpost)

Georgia Election Data Hit in Ransomware Attack

With Election Day approaching, local governments need to be prepared for malware attacks on election infrastructure. (Threatpost)

COVID-19 Vaccine-Maker Hit with Cyberattack, Data Breach

Dr. Reddy's, the contractor for Russia’s “Sputinik V” COVID-19 vaccine and a major generics producer, has had to close plants and isolate its data centers. (Threatpost)

Nvidia Warns Gamers of Severe GeForce Experience Flaws

Versions of Nvidia GeForce Experience for Windows prior to are affected by a high-severity bug that could enable code execution, denial of service and more. (Threatpost)

Ransomware Takes Down Network of French IT Giant

Sopra Steria hit with cyber attack that reportedly encrypted parts of their network on Oct. 20 but has remained mostly mum on details. (Threatpost)


/security-daily/ 24-10-2020 23:44:22