Russian hackers stole documents detailing how US agencies defend their networks against cyberattacks, how they breach foreign networks and the computer code they use to do so.
The stolen files were identified through Kaspersky security software used by an NSA contractor that had taken classified material from the NSA and saved it on his computer. The theft, discovered last spring, occurred in 2015 and those familiar with the incident told that having this information could help inform Russian officials how to protect their networks against the NSA and possibly how to break into US networks.Read more
Moscow is adding facial-recognition technology to its network of 170,000 surveillance cameras across the city in a move to identify criminals and boost security. Since 2012, CCTV recordings have been held for five days after they’re captured, with about 20 million hours of video stored at any one time.
"We soon found it impossible to process such volumes of data by police officers alone," said Artem Ermolaev, head of the department of information technology in Moscow. "We needed an artificial intelligence to help find what we are looking for." Moscow says the city’s centralized surveillance network is the world’s largest of its kind.Read more
It's going to be much harder to view the full web in Russia before the year is out. President Putin has signed a law that, as of November 1st, bans technology which lets you access banned websites, including virtual private networks and proxies. Internet providers will have to block websites hosting these tools.
The measure is ostensibly meant to curb extremist content, but that's just pretext -- this is really about preventing Russians from seeing content that might be critical of Putin, not to mention communicating in secret. Accordingly, the President has signed another law requiring that chat apps identify users through their phone numbers after January 1st, 2018.Read more
Passwords belonging to British politicians, diplomats and senior police officers have been traded by Russian hackers, it has been reported.
Security credentials said to have belonged to tens of thousands of government officials, including 1,000 British MPs and parliamentary staff, 7,000 police employees and more than 1,000 Foreign Office staff were in the troves sold or swapped on Russian-speaking hacking sites. The majority of the passwords are said to have been compromised in a 2012 hacking raid on the business social network LinkedIn, in which millions of users' details were stolen.Read more
Hackers allied with the Russian government have devised a cyberweapon that has the potential to be the most disruptive yet against electric systems that Americans depend on for daily life.
The malware, which researchers have dubbed CrashOverride, is known to have disrupted only one energy system — in Ukraine in December. In that incident, the hackers briefly shut down one-fifth of the electric power generated in Kiev. But with modifications, it could be deployed against U.S. electric transmission and distribution systems to devastating effect, said Sergio Caltagirone, director of threat intelligence for Dragos.Read more
Russia’s growing aggression toward the United States has deepened concerns among U.S. officials that Russian spies might try to exploit one of the world’s most respected cybersecurity firms to snoop on Americans or sabotage key U.S. systems.
Products from the company, Kaspersky Lab, based in Moscow, are widely used in homes, businesses and government agencies throughout the United States, including the Bureau of Prisons. Kaspersky Lab’s products are stocked on the shelves of Target and Best Buy, which also sells laptops loaded by manufacturers with the firm’s anti-virus software.Read more
Oracle has discovered a cyber security breach in its Micros payments system that is used by hundreds of thousands of stores and hotels across the world. The software company has sent letters to Micros customers asking them to change their passwords and any passwords used by customer services representatives.
In the letter, Oracle said it had “addressed” the malicious code found in the payments system, and that all payment card data were encrypted. It is not known if a hacker was able to decrypt the card data or use it to steal money from consumers. The company said its corporate network and its “other cloud and service offerings” were not affected.Read more
It's the latest in a string of historical hacks targeting large social networking sites. Accounts for over 100 million users of popular social media site VK.com are being traded on the digital underground. The hacker known as Peace, meanwhile, listed the data for sale on a dark web marketplace.
VK, heavily inspired by Facebook, is particularly popular in Russia, and has all the same features one might expect, including messaging, profiles, photo galleries, like buttons, and more. Peace provided experts with a dataset containing records. The data contains first and last names, email address, phone numbers and passwords.Read more
The group responsible for the Phishing attacks in Russia earlier this week started by targeting banking clients, before looking towards the bigger prize by going after the banks themselves. Since August of 2015, the group has conducted 13 successful attacks resulting in losses of more than $27.4M. The group is called Buhtrap.
Earlier this morning, Salted Hash examined their most recent attack, where they targeted Russian banks by pretending to be FinCERT – the security arm of the Russian Central Bank. How to respond to ransomware threats? Russian security firm Group-IB examines the history Buhtrap and the group's successful run on the banking industry in Russia.Read more
Experts have discovered Asacub, a banking trojan which started actively attacking Android users in January. Our experts managed to track its evolution step-by-step. A banking trojan is a type of malware which is installed a mobile device and employs certain techniques to steal money from the user’s credit cards.
Recent versions of Asacub does it by luring a user into submitting credit card credentials via phishing screens. Obviously, this data is not going to a legitimate bank. At first, researchers suggested the banking trojan was targeting Russia and Ukraine exclusively, due to the fact that the phishing resembled the login screens of some Russian and Ukrainian banks.Read more