Mediaboss Marketing

Brooks Kraft LLC/Corbis via Getty Images

Russian hackers attacked a voting software company and election officials across the country right before Election Day, according to a top secret National Security Agency report.

In the NSA's classified report from May 5, the agency detailed how Russian government hackers tried to phish US officials and VR Systems, a technology company that creates election software for eight states: California, Florida, Illinois, New York, North Carolina, Indiana, Virginia and West Virginia.

The timing of the attack happened right before the Election Day, with multiple hacking attempts centered around late October.

The report had been leaked to The Intercept on Monday, and confirmed by CBS News. Russia's cyberattacks and influence on the 2016 presidential election continue to plague the White House, as President Donald Trump sits embroiled with investigations of ties to the Kremlin. Trump has continued to deny reports of any Russian hackers meddling on his behalf, even as the FBI launched a formal investigation into any ties between his campaign and foreign cyberattacks.

The leaked report comes just three days before fired FBI director James Comey is expected to testify to the Senate Intelligence Committee about the investigation. Russian President Vladimir Putin continues to deny any nation-state hackers on the country's behalf, insisting that it could have been the work of patriotic Russians, and most recently, a child.

The NSA's report detailed that hackers on behalf of the Russian government posed as an e-voting company to fool government workers into opening emails packed with hidden malware in Microsoft Word documents.

The Russian hackers also pretended to be Google by using the email "noreplyautomaticservice@gmail.com," which they registered on August 24, 2016, according to the report. It would send emails to victims asking them to click on a link that would ultimately phish them. The NSA's report identified seven potential victims so far.

On October 27, 2016, just 12 days before the election, the hackers pretended to be VR Systems with the email address vr.elections@gmail.com, and sent fake user guides to customers on how configure their Windows machines meant for voting. Of course, those were also filled with viruses.

"It is unknown whether the aforementioned spear-phishing deployment successsfully compromised the intended victims, and what potential data could have been accessed," the NSA wrote in its report.

VR Systems didn't respond to requests for comment.

That cyberattack went out to more than 120 different local government organizations, according to the report.

Days before the report leaked, the Department of Justice filed charges against Reality Leigh Winner, a federal contractor working in Georgia, for providing classified materials to a news outlet. She was arrested at her home on Saturday, and appeared in court on Monday afternoon.

According to court documents, the classified report she had leaked was also from May 5. Winner worked for Pluribus International Corporation, an analytical and engineering company that provides services to the NSA, as well as other agencies in the intelligence community.

The NSA didn't respond to requests for comment.

Read the original here:
NSA report discloses Russian hacking days before US election - CNET

Atlanticmagazine writer Steve Clemons said during a Saturday panel on MSNBCs The Point with Ari Melber that National Security Administration (NSA) Director Michael Rogers may have a bomb to drop on the Trump administration.

Rogers will testify Wednesday before theSenate Intelligence Committee, which is currently investigating whether President Donald Trumps campaign colluded with Russian officials to sway the results of the 2016 election.

We now know for certain that Vladimir Putin waged political warfare against Americas democracy with the election last year, saidMother Jonesmagazines David Corn. While thats going on, Donald Trump is saying, No, its not happening. Its like a guy in front of a bank robbery saying, Nothing is going on here. He was helping.

He made it easier for Putin to pull this off, Corn said. That in itself should be a big scandal.

While a lot of people have focused on James Comey and thats obviously a huge anchor in this, Clemons said at the end of the segment, watch the Senate Intelligence Committee hearings on Wednesday. National Security Agency Director Mike Rogers may have a bomb to drop in this, as well as Dan Coates. I have been tipped off that Mike Rogers has a story to tell as well that goes right along the lines that our friend David Corn has shared.

Watch the video, embedded below:

Follow this link:
NSA Director Mike Rogers Poised to 'Drop a Bomb' on Trump Admin During Wednesday Testimony: MSNBC - AlterNet

NEW DELHI: Cow smugglers and those indulging in cow slaughter must be booked under the National Security Act, Uttar Pradeshs director general of police Sulkhan Singh has said in an order issued to senior police officials in the state.

There is a need to clamp down on cow slaughter and transport of cows for the same. The National Security Act (NSA), 1980 or Gangsters Act must be invoked against criminals indulging in the same, the DGP said in an order to all senior police officials present in a review meeting in Lucknow on Monday.

The Act allows for detention of any persons for three months or more with a view to preventing them from acting in any manner prejudicial to the security of the state or from acting in any manner prejudicial to the maintenance of public order. The Centre has to be informed within seven days by the state government about any case of invocation of the NSA.

There have been cases of right-wing groups taking the law into their own hands to stop purported cow smuggling and incidents of lynching of people undertaking transportation of cows have been reported. Cow slaughter and transportation of cows for slaughter is banned in UP.

The DGP spelt out several other directives to improve the law and order scenario in the state, for which the new Yogi Adityanath government has been facing flak.

The directives include transferring out police officials posted in one district for long and taking departmental action against police officials having connections with criminals.

The DGP ordered that police must make efforts to get bails cancelled for mafia and criminal elements, and maintain a proper register with a record of known enmities and disputes in an area to take preventive action if required. He ordered that policing in Noida and Ghaziabad should be better than in Delhi and that efforts be made to ensure disciplined traffic and policemen turning out in wellkept uniforms.

The DGP also directed that police posts be set up outside jails to keep a watch on visitors to known criminals lodged behind bars. Duties of police officials accompanying criminals to courts should also be frequently changed, he ordered, so that no official accompanies any criminal regularly.

As a people-friendly measure, the DGP directed that a police report be given within a week in case of inquiries for passport or character verification and strict action be taken in case of delay on the part of the police.

View original post here:
Book cow killers under NSA: UP Police Chief - Economic Times

Cybercriminals have taken the EternalBlue exploits and used them to build more effective Trojans.

A leaked NSA exploit which helped the WannaCry ransomware outbreak become so prolific is now being used to distribute Trojan malware.

A Windows security flaw known as EternalBlue was one of many allegedly known to US intelligence services and used to carry out surveillance before being leaked by the Shadow Brokers hacking group.

The exploit leverages a version of Windows' Server Message Block (SMB) networking protocol to spread itself across an infected network using wormlike capabilities.

But while, for the most part, the spread of WannaCry has been stopped, cybercriminals and hackers are still using the leaked EternalBlue exploit to carry out a much more discreet form of cyberattack, say researchers at FireEye.

This time, the SMB vulnerabilities are being used to distribute Backdoor.Nitol - a Trojan horse which opens a backdoor on the infected computer - and Gh0st RAT, a form of malware capable of taking full control of a machine in addition to conducting espionage and stealing data.

The latter is particularly dangerous and is repeatedly a thorn in the side of the aerospace and defence industries, as well as government agencies and even activists. Now those behind this new Gh0st RAT campaign are using EternalBlue exploits in an effort to compromise Singapore, while Nitol is attacking the wider South Asia region.

Researchers note that machines vulnerable to the SMB exploit are attacked by hackers using the EternalBlue exploit to gain shell access to the machine.

The initial exploit used at the SMB level is similar to what's been seen in WannaCry attacks, but this time, instead of being used to deploy ransomware, the attack opens a shell to write instructions into a VBScript file which is when executed to retrieve the payload from another server in order to create the required backdoor into the machine using Nitol or Gh0st RAT.

While neither attack is new - both have plagued victims for years - the addition EternalBlue adds additional potency to attacks, although nothing so far has suggested that it could spread so widely as quickly as WannaCry did.

And with the EternalBlue exploits now out in the open for any malicious actor to use, it's likely that we'll see it used again and again in new types of attacks.

"The addition of the EternalBlue exploit has made it easy for threat actors to exploit these vulnerabilities. In the coming weeks and months, we expect to see more attackers leveraging these vulnerabilities and to spread such infections with different payloads," said researchers at FireEye Dynamic Threat Intelligence.

"It is critical that Microsoft Windows users patch their machines and update to the latest software versions as soon as possible," they add.

While WannaCry exploited the vulnerability to infect networks across the globe, poor-coding behind the ransomware played a part in it not being as damaging as it could've been, resulting in those behind it not making much money, considering the scale of the campaign.

However, if something like Nitol or Gh0st RAT could simultaneously infected hundreds of thousands across the globe - and the nature of the Trojan attacks means they wouldn't be obvious about it - then future attacks could have much worse consequences.

Read the rest here:
Leaked NSA hacking exploit used in WannaCry ransomware is now powering Trojan malware - ZDNet

WATCH LIVE

A woman was arrested for leaking a top-secret National Security Agency document that reveals details about Russian hacking's influence on the U.S. presidential election, asenior federal official told NBC News.

Reality Leigh Winner, 25, was arrested Saturday and charged with "gathering, transmitting, or losing defense information" to The Intercept. The Department of Justice said in a statement that she did this around May 9, and mailed the information shortly after.

The story published Monday features a secret NSA document that notes efforts by the Russian government to hack into a voting software company approximately a week before the election. It details tactics allegedly used by Russian intelligence to dupe U.S. government employees and officials with spear-phishing emails and Microsoft documents.

The document was classified at some of the highest levels.

The FBI said when they approached Winner she admitted to printing out the document, removing it from her place of work and mailing it to The Intercept. Winner told authorities she did this knowing the information was highly confidential.

The report is published just a days after NBC's Megyn Kelly sat down with Russian President Vladimir Putin to discuss the hacking accusations, which Putin vehemently denies. Putin said that "it wouldn't make sense" for Russia to interfere with the election.

"Releasing classified material without authorization threatens our nations security and undermines public faith in government," said Deputy Attorney General Rod J. Rosenstein in a statement. "People who are trusted with classified information and pledge to protect it must be held accountable when they violate that obligation."

Authorities were alerted to the leak on June 1. Officials contacted the FBI after The Intercept called them regarding a story involving the document.

Winner is identified as being a contractor with Pluribus International Corporation since mid-February. The NSA has a facility in Georgia.

Word of the arrest was tweeted out by the Justice Department barely an hour after The Intercept published the story.

Published 40 minutes ago | Updated 4 minutes ago

More:
Woman Charged With Leaking Top-Secret NSA Report on Russian Hacking to Media - NBC Bay Area