Democratic groups and figures weren't the only ones targeted in Russia’s suspected campaign to influence last year's U.S. election. Russian cyberspies also targeted computers from state-level Republican groups and stole information from local voter registration records, FBI director James Comey said."There were successful penetrations of some groups and campaigns, particularly at the state-level on the Republican side," Comey said during a senate committee hearing on Tuesday.He and three U.S. intelligence chiefs spoke at the hearing, following their Friday report accused the Kremlin of ordering a covert campaign that helped boost incoming President Donald Trump's election chances.To read this article in full or to leave a comment, please click here
Democratic groups and figures weren't the only ones targeted in Russia’s suspected campaign to influence last year's U.S. election. Russian cyberspies also targeted computers from state-level Republican groups and stole information from local voter registration records, FBI director James Comey said.
"There were successful penetrations of some groups and campaigns, particularly at the state-level on the Republican side," Comey said during a senate committee hearing on Tuesday.
He and three U.S. intelligence chiefs spoke at the hearing, following their Friday report accused the Kremlin of ordering a covert campaign that helped boost incoming President Donald Trump's election chances.To read this article in full or to leave a comment, please click here
For better or worse, a security firm’s attempt to cash in on software bugs -- by shorting a company’s stock and then publicizing the flaws -- might have pioneered a new approach to vulnerability disclosure.Last August, security company MedSec revealed it had found flaws in pacemakers and other healthcare products from St. Jude Medical, potentially putting patients at risk.However, the controversy came over how MedSec sought to cash in on those bugs: it did so, by partnering with an investment firm to bet against St. Jude’s stock. Since then, the two parties have been locked in a legal battle over the suspected vulnerabilities. But on Monday, MedSec claimed some vindication.To read this article in full or to leave a comment, please click here
For better or worse, a security firm’s attempt to cash in on software bugs -- by shorting a company’s stock and then publicizing the flaws -- might have pioneered a new approach to vulnerability disclosure.Last August, security company MedSec revealed it had found flaws in pacemakers and other healthcare products from St. Jude Medical, potentially putting patients at risk.However, the controversy came over how MedSec sought to cash in on those bugs: it did so, by partnering with an investment firm to bet against St. Jude’s stock. Since then, the two parties have been locked in a legal battle over the suspected vulnerabilities. But on Monday, MedSec claimed some vindication.To read this article in full or to leave a comment, please click here
Russia dismissed an intel report claiming that the Kremlin meddled with the U.S. presidential election, saying the accusations were "amateurishly emotional" and driving a "witch-hunt.""There was nothing in this report that deserved to be read in detail," said Kremlin spokesman Dmitry Peskov on Monday, according to the Russian news agency TASS.The U.S. intel report, published on Friday, accused Russian President Vladimir Putin of personally ordering a secret campaign meant to influence last year's presidential election.To read this article in full or to leave a comment, please click here
Russia dismissed an intel report claiming that the Kremlin meddled with the U.S. presidential election, saying the accusations were "amateurishly emotional" and driving a "witch-hunt.""There was nothing in this report that deserved to be read in detail," said Kremlin spokesman Dmitry Peskov on Monday, according to the Russian news agency TASS.The U.S. intel report, published on Friday, accused Russian President Vladimir Putin of personally ordering a secret campaign meant to influence last year's presidential election.To read this article in full or to leave a comment, please click here
A Federal Trade Commission attempt to rein in a poorly secured IoT device is raising questions over whether the U.S. regulator has the power to crack down on vendors suspected of shoddy practices.On Thursday, the FTC filed a complaint against Taiwanese manufacturer D-Link Systems that charged the company’s internet routers and web cameras can easily be hacked, putting consumers at risk.But the FTC’s complaint doesn’t cite evidence that the products have been breached, only the potential for harm to consumers.That’s among the reasons D-Link is contesting the complaint. “Notably, the complaint does not allege any breach of a D-Link Systems device,” it said in a statement. To read this article in full or to leave a comment, please click here
A Federal Trade Commission attempt to rein in a poorly secured IoT device is raising questions over whether the U.S. regulator has the power to crack down on vendors suspected of shoddy practices.On Thursday, the FTC filed a complaint against Taiwanese manufacturer D-Link Systems that charged the company’s internet routers and web cameras can easily be hacked, putting consumers at risk.But the FTC’s complaint doesn’t cite evidence that the products have been breached, only the potential for harm to consumers.That’s among the reasons D-Link is contesting the complaint. “Notably, the complaint does not allege any breach of a D-Link Systems device,” it said in a statement. To read this article in full or to leave a comment, please click here
A highly anticipated U.S. intelligence report claims that Russian President Vladimir Putin ordered a campaign to covertly influence last year’s presidential election in favor for Donald Trump.However, the report – or at least the declassified version – offered no new evidence or sources to prove the Kremlin’s role in sponsoring the effort, which included hacks and online propaganda.The U.S. government published the 25-page document on Friday amid skepticism from incoming President-elect Trump over whether Russia was really involved.Outgoing President Barack Obama has nevertheless ordered sanctions against Russia and threatened covert action in retaliation for the cyber-meddling.To read this article in full or to leave a comment, please click here
A highly anticipated U.S. intelligence report claims that Russian President Vladimir Putin ordered a campaign to covertly influence last year’s presidential election in favor for Donald Trump.However, the report – or at least the declassified version – offered no new evidence or sources to prove the Kremlin’s role in sponsoring the effort, which included hacks and online propaganda.The U.S. government published the 25-page document on Friday amid skepticism from incoming President-elect Trump over whether Russia was really involved.Outgoing President Barack Obama has nevertheless ordered sanctions against Russia and threatened covert action in retaliation for the cyber-meddling.To read this article in full or to leave a comment, please click here
After meeting with U.S. intelligence leaders on Friday, President-elect Donald Trump withheld any direct endorsement of their findings that Russia tried to meddle with the recent election.Rather, he focused on whether the hacking efforts -- from any country -- had an effect on the election’s outcome. In his view, there was “absolutely” none."While Russia, China, other countries, outside groups and people are consistently trying to break through the cyber infrastructure of our governmental institutions, businesses and organizations including the Democrat National Committee, there was absolutely no effect on the outcome of the election," Trump said in a statement. To read this article in full or to leave a comment, please click here
After meeting with U.S. intelligence leaders on Friday, President-elect Donald Trump withheld any direct endorsement of their findings that Russia tried to meddle with the recent election.Rather, he focused on whether the hacking efforts -- from any country -- had an effect on the election’s outcome. In his view, there was “absolutely” none."While Russia, China, other countries, outside groups and people are consistently trying to break through the cyber infrastructure of our governmental institutions, businesses and organizations including the Democrat National Committee, there was absolutely no effect on the outcome of the election," Trump said in a statement. To read this article in full or to leave a comment, please click here
The FBI may have been forced into a misstep when investigating whether Russia hacked the Democratic National Committee -- the agency never directly examined the DNC servers that were breached.Instead, the FBI had to rely on forensic evidence provided by third-party cybersecurity firm CrowdStrike, which the DNC hired to mitigate the breach.“The FBI repeatedly stressed to DNC officials the necessity of obtaining direct access to servers and data, only to be rebuffed,” the agency said on Thursday in a statement.The incident threatens to spark more skepticism over whether the U.S. properly arrived at its conclusion that Russian cyberspies were responsible for the breach.To read this article in full or to leave a comment, please click here
The FBI may have been forced into a misstep when investigating whether Russia hacked the Democratic National Committee -- the agency never directly examined the DNC servers that were breached.Instead, the FBI had to rely on forensic evidence provided by third-party cybersecurity firm CrowdStrike, which the DNC hired to mitigate the breach.“The FBI repeatedly stressed to DNC officials the necessity of obtaining direct access to servers and data, only to be rebuffed,” the agency said on Thursday in a statement.The incident threatens to spark more skepticism over whether the U.S. properly arrived at its conclusion that Russian cyberspies were responsible for the breach.To read this article in full or to leave a comment, please click here
The U.S. Federal Trade Commission is cracking down on D-Link for selling wireless routers and internet cameras that can easily be hacked, the regulator said Thursday.Thousands of consumers are at risk, the FTC said in a complaint filed against the Taiwanese manufacturer charging D-Link with repeatedly failing to take reasonable measures to secure the products.The action comes as hackers have been hijacking poorly secured internet-connected products to launch massive cyberattacks that can force websites offline. Recently, a notorious malware known as Mirai has been found infecting routers, cameras, and DVRs built with weak default passwords.To read this article in full or to leave a comment, please click here
The U.S. Federal Trade Commission is cracking down on D-Link for selling wireless routers and internet cameras that can easily be hacked, the regulator said Thursday.Thousands of consumers are at risk, the FTC said in a complaint filed against the Taiwanese manufacturer charging D-Link with repeatedly failing to take reasonable measures to secure the products.The action comes as hackers have been hijacking poorly secured internet-connected products to launch massive cyberattacks that can force websites offline. Recently, a notorious malware known as Mirai has been found infecting routers, cameras, and DVRs built with weak default passwords.To read this article in full or to leave a comment, please click here
The closure of a major online marketplace for paid distributed denial-of-service attacks appears to have done little to slow down the illegal activity.In late October, HackForums.net shut down its "Server Stress Testing" section, amid concerns that hackers were peddling DDoS-for-hire services through the site for as little as US$10 a month.According to security experts, the section was the largest open marketplace for paid DDoS attacks -- a notorious hacking technique that can disrupt access to internet services or websites. But since the section's closure, the attacks remain rampant.To read this article in full or to leave a comment, please click here
The closure of a major online marketplace for paid distributed denial-of-service attacks appears to have done little to slow down the illegal activity.In late October, HackForums.net shut down its "Server Stress Testing" section, amid concerns that hackers were peddling DDoS-for-hire services through the site for as little as US$10 a month.According to security experts, the section was the largest open marketplace for paid DDoS attacks -- a notorious hacking technique that can disrupt access to internet services or websites. But since the section's closure, the attacks remain rampant.To read this article in full or to leave a comment, please click here
How do you prove Russia meddled with the presidential election?That's a question the U.S. government is facing, but may never fully answer, at least not publicly. Last week, the U.S. punished Russia, claiming the country's cyberspies hacked Democratic groups and figures during the election season.However, missing from last week’s announcement was any new evidence -- or a smoking gun -- proving the Kremlin’s involvement. This isn’t sitting well with everyone in the security industry, especially since identifying the culprit of any cyberattack is no easy matter.“Maybe Russia did do it, but until we have sufficient evidence, it’s a mistake to move forward,” said Jeffrey Carr, a cybersecurity consultant. To read this article in full or to leave a comment, please click here
How do you prove Russia meddled with the presidential election?That's a question the U.S. government is facing, but may never fully answer, at least not publicly. Last week, the U.S. punished Russia, claiming the country's cyberspies hacked Democratic groups and figures during the election season.However, missing from last week’s announcement was any new evidence -- or a smoking gun -- proving the Kremlin’s involvement. This isn’t sitting well with everyone in the security industry, especially since identifying the culprit of any cyberattack is no easy matter.“Maybe Russia did do it, but until we have sufficient evidence, it’s a mistake to move forward,” said Jeffrey Carr, a cybersecurity consultant. To read this article in full or to leave a comment, please click here
Michael Kan