The personal computer of an NSA worker who took government hacking tools and classified documents home with him was infected with a backdoor trojan, unrelated to these tools, that could have been used by criminal hackers to steal the US government files.
The Moscow-based antivirus firm, which has been accused of using its security software to improperly grab NSA hacking tools and classified documents from the NSA worker's home computer and provide them to the Russian government, says the worker had at least 120 other malicious files on his home computer.Read more
The U.S. International Trade Commission said on Tuesday it had launched an investigation into allegations of patent infringement by Apple Inc on various devices. The commission said in a statement the probe was based on a complaint by Aqua Connect Inc and Strategic Technology Partners of Orange, California.
The products at issue are certain Apple Mac computers, iPhones, iPads, iPods, and Apple TVs, it said. The investigation is based on a complaint filed by Aqua Connect, Inc., and Strategic Technology Partners, LLC, of Orange, CA, on October 10, 2017. The complaint alleges violations of section 337 of the Tariff Act of 1930 in the importation into the US.Read more
Jake Williams awoke last April in an Orlando, Fla., hotel where he was leading a training session. Checking Twitter, Mr. Williams, a cybersecurity expert, was dismayed to discover that he had been thrust into the middle of one of the worst security debacles ever to befall American intelligence.
Mr. Williams had written on his company blog about the Shadow Brokers, a mysterious group that had somehow obtained many of the hacking tools the United States used to spy on other countries. Now the group had replied in an angry screed on Twitter. It identified him — correctly — as a former member of the National Security Agency’s hacking group, Tailored Access Operations, or T.A.O., a job he had not publicly disclosed.Read more
Moscow-based antivirus software maker Kaspersky Lab said on Wednesday that its security software had taken source code for a secret American hacking tool from a personal computer in the United States.
In September, U.S. officials ordered Kaspersky’s products removed from government computers, saying the firm was vulnerable to Kremlin influence and that using the software could jeopardize national security. After that announcement, the Wall Street Journal reported on Oct. 5 that hackers working for the Russian government appeared to have targeted a National Security Agency (NSA) worker by using Kaspersky software to identify classified files in 2015.Read more
Christopher Wray said encryption on devices was "a huge, huge problem" for FBI investigations. The agency had failed to access more than half of the devices it targeted in an 11-month period, he said. One cyber-security expert said such encryption was now a "fact of life".
Many smartphones encrypt their contents when locked, as standard - a security feature that often prevents even the phones' manufacturers from accessing data. Such encryption is different to end-to-end encryption, which prevents interception of communications on a large scale.Read more
The NSA’s hackers have a problem. Last week, multiple outlets reported that its elite Tailored Access Operations unit—tasked with breaking into foreign networks—suffered another serious data breach.
The theft of computer code and other material by an employee in 2015 allowed the Russian government to more easily detect U.S. cyber operations. It’s potentially the fourth large-scale incident at the NSA to be revealed in the last five years. Now, sources with direct knowledge of TAO’s security procedures in the recent past tell just how porous some of the defenses were to keep workers from stealing sensitive information.Read more
Russian hackers stole documents detailing how US agencies defend their networks against cyberattacks, how they breach foreign networks and the computer code they use to do so.
The stolen files were identified through Kaspersky security software used by an NSA contractor that had taken classified material from the NSA and saved it on his computer. The theft, discovered last spring, occurred in 2015 and those familiar with the incident told that having this information could help inform Russian officials how to protect their networks against the NSA and possibly how to break into US networks.Read more
Equifax said hackers might have stolen the personal information of 2.5 million more U.S. consumers than it initially estimated, bringing the total to 145.5 million.
The company said the additional customers were not victims of a new attack but rather victims who the company had not counted before. Equifax hired the forensic security firm Mandiant to investigate the breach, and it finished its report on Sunday. News of the new victims comes on the eve of congressional testimony to be given by Equifax’s former CEO Richard Smith, who will address a House subcommittee on Tuesday. He was forced into retirement last week in the wake of the attack.Read more
The FBI will not be forced to reveal details of a hacking tool used to break into a terrorist's iPhone, a case that sparked months of legal hostilities between Apple and the US government.
Vice News, USA Today, and the Associated Press filed a Freedom of Information lawsuit to reveal the name of the hacking tool's vendor and its price. The Justice Dept. launched legal action against Apple, which had refused to help unlock the phone, arguing the device's encryption could not be defeated -- even by the company. The FBI later obtained a hacking tool -- details of which the agency wants to keep secret.Read more
The U.S. National Security Agency conducted targeted surveillance over the past year against 106,000 foreigners suspected of being involved in terrorism and other crimes, using powers granted in a controversial section of law that’s set to expire at the end of this year.
The number of foreigners targeted under Section 702 of the Foreign Intelligence Surveillance Act rose from 94,000 in fiscal year 2015, according to U.S. intelligence officials, who asked not to be identified discussing the information. The program lets agencies collect the content of emails and other communications from suspected foreign criminals operating outside the U.S.Read more