-
-
Re: How Russia hacked the Democrats email
How long are you liberal gonna ride this Russian horse? Y'll told me Trump was going to prison after the the Mueller investigation. Wrong.Adversity temporarily visits a strong man but stays with the weak for a lifetime.Comment
-
Re: How Russia hacked the Democrats email
Comment
-
Re: How Russia hacked the Democrats email
Google published a six-part report today detailing a sophisticated hacking operation that the company detected in early 2020 and which targeted owners of both Android and Windows devices.
The attacks were carried out via two exploit servers delivering different exploit chains via watering hole attacks, Google said.
Watering hole is a computer attack strategy in which an attacker guesses or observes which websites an organization often uses and infects one or more of them with malware. Eventually, some member of the targeted group will become infected. Hacks looking for specific information may only attack users coming from a specific IP address. This also makes the hacks harder to detect and research. The name is derived from predators in the natural world, who wait for an opportunity to attack their prey near watering holes.
2017 CCleaner attack
From August to September 2017, the installation binary of CCleaner distributed by the vendor's download servers included malware. CCleaner is a popular tool used to clean potentially unwanted files from Windows computers, widely used by security-minded users. The distributed installer binaries were signed with the developer's certificate making it likely that an attacker compromised the development or build environment and used this to insert malware.Comment
-
Re: How Russia hacked the Democrats email
Ransomware attacks now to blame for half of healthcare data breaches
Almost half of data breaches at hospitals were because of ransomware attacks – and those attacks could've been prevented with timely patching.
Almost half of all data breaches in hospitals and the wider healthcare sector are as a result of ransomware attacks according to new research.
Ransomware gangs are increasingly adding an extra layer of extortion to attacks by not only encrypting networks and demanding hundreds of thousands or even millions of dollars in bitcoin to restore them, but also stealing sensitive information and threatening to publish it if the ransom isn't paid.
This double extortion technique is intended as extra leverage to force victims of ransomware attacks to give in and pay the ransom rather than taking the time to restore the network themselves. For healthcare, the prospect of data being leaked on the internet is particularly disturbing as it can involve sensitive private medical data alongside other forms of identifiable personal information of patients.
One of the key methods for ransomware gangs gaining access to hospital networks is via a pair of VPN vulnerabilities found in the Citrix ADC controller, affecting Gateway hosts (CVE-2019-19781) and Pulse Connect Secure (CVE-2019-11510).
Both of these vulnerabilities had received security patches to stop hackers from exploiting them by the beginning of 2020, but despite this, large numbers of organisations have yet to apply the update.
That's allowed ransomware groups – and even nation-state-linked hacking operations – to exploit unpatched vulnerabilities to gain a foothold on networks and they'll continue to do so as long as networks haven't received the required security patches.
"As the attack surface expands, vulnerability management has a central role to play in modern cybersecurity strategies. Unpatched vulnerabilities leave sensitive data and critical business systems exposed, and represent lucrative opportunities for ransomware actors," said Renaud Deraison, co-founder and chief technology officer at Tenable.
The key way to protect networks falling victim to ransomware and other cyberattacks is to apply patches when they're released, particularly those designed to fix critical vulnerabilities. And if there's applications that your organisation uses that no longer receives security updates, researchers recommend replacing this software with an alternative that's still supported.
"If the software solutions used by your organization are no longer receiving security updates, upgrading to one with an active support contract is vital," the report says.
"It is imperative that organizations identify assets within their environments that are vulnerable to months- and years-old flaws and apply relevant patches immediately," it said.Comment
-
Re: How Russia hacked the Democrats email
Biden orders investigation into Russian misdeeds as admin seeks nuclear arms treaty extension
The White House has ordered an intelligence review of Russian misdeeds ranging from the SolarWinds hack to alleged bounties on US troops, but will pursue an agreement with Moscow on an issue of mutual concern: nuclear arms control.
"Even as we work with Russia to advance US interests, so too we work to hold Russia to account for its reckless and adversarial actions," White House press secretary Jen Psaki told reporters at a briefing Thursday.
"To this end, the President is also issuing a tasking to the intelligence community for its full assessment of the SolarWinds cyber breach, Russian interference in the 2020 election, its use of chemical weapons against opposition leader Alexey Navalny and the alleged bounties on US soldiers in Afghanistan," she said.
President Joe Biden's intel chief, Avril Haines, was sworn in on Thursday and overseeing the assessment will be one of her first major tasks.
The launch of the review signals that Biden is prepared to take a more critical approach on countering Moscow than his predecessor, Donald Trump, who failed to forcefully condemn Russia over those incidents.
However, Psaki told reporters that the Biden administration is prepared to work with Russia on the New START Treaty, telling reporters that "the United States intends to seek a five year extension ... as the treaty permits."
"Just as we engage Russia in ways that advance American interests, we in the Department will remain clear-eyed about the challenges Russia poses and committed to defending the nation against their reckless and adversarial actions," Kirby said.
Comment
-
Comment
-
Re: How Russia hacked the Democrats email
More bullshit coming from liberal rags like CNN MSNBCpms or VOX
Sent from my SM-G960U using TapatalkComment
Comment