Company Arms Cyber Warfighters to Defend Our Nation’s Most Critical Networks FREMONT, Calif. – July 15, 2021 – Attivo Networks®, the industry experts in preventing identity privilege escalation and detecting lateral movement attacks, today announced it is working to provide the U.S. Department of Defense (DoD) with a new generation of sophisticated, active defense technologies. …
Many cybercriminals are opportunists and take the path of least resistance, aiming at targets that will enable them to make a quick profit with the least effort. … Unfortunately, local government authorities are often precisely the kind of target these criminals seek. Threat actors are well aware that local authorities have vast stores of valuable …
Deception technology is proving to be an innovative and successful approach for defending local governments against cybersecurity threats. Tuning into the news, one might easily get the impression that local councils are disproportionately impacted by cybersecurity incidents compared to many other industry sectors. Certainly in the US, municipal governments have proven easy targets for ransomware. …
Perhaps its constant state of change presents the most challenging characteristic of cybersecurity. Techniques, tools and tradecraft that worked last week may leave you vulnerable next week.
Luckily the federal government doesn’t sit still. Agencies operate in an environment of continuously updated policy, guidance and technology.
In this exclusive executive briefing, the following federal cybersecurity practitioners provide a read on the most contemporary cybersecurity thinking:
Attivo Networks has named FireEye veteran Tony Cole as its CTO as the company looks to boost its presence in the government, financial services, and oil and gas verticals. The Fremont, Calif.-based vendor brought Cole on board to help Attivo deliver more clarity to the market around how its platform is differentiated from competitors. Cole said he plans to take a deep dive into what the Attivo platform does and the capabilities it provides to ensure it’s continually growing.
A hacker is selling stolen credentials that purportedly give access to servers of the US Navy, Centers for Disease Control, US Postal Service, and other US government sites.
Listings for the accounts were found recently by Tech Insider on a dark web marketplace called The Real Deal, a popular site many cyber criminals use for buying and selling everything from illegal drugs to zero-day software exploits. It’s unclear when the postings were made, since the site offers no dates for when sellers create their listings.
A hacking group called the Turk Hack Team is taking credit for a shutdown of the Library of Congress website and hosted systems including Congress.gov, the Copyright Office, Congressional Research Service and other sites.
The group claimed credit on an online message board where users go for updates on the availability of websites.
The attack was launched July 17, in the midst of Turkey’s response to the military coup targeting the elected government of President Recep Tayyip Erdogan. Prominent Turkish officials have accused the U.S. of fomenting the coup; Secretary of State John Kerry issued a stern denial of such accusations.
A sustained distributed denial-of-service attack is being blamed for dropping Congress’ central website from the web for the past three days.
The Library of Congress (loc.gov) and the US Copyright Office (copyright.gov), which are operated on the same servers, also struggled to stay online.
The Library of Congress said in a tweet that technical staff “are working hard to restore full service”, and apologized for the inconvenience.
As of Wednesday morning, the sites appeared to be up and running.
The US Internal Revenue Service (IRS) has announced it is retiring the e-Filing PIN system following a new wave of cyber-attacks after crooks previously abused the same system last February.
In a statement on the IRS website, the agency says it was planning to eliminate the e-File PIN system later this year, but it decided to expedite its decision after they detected another set of cyber-attacks against its online tool.
Hackers abused the tool last February
Last February, the IRS announced it detected an automated bot attack during which unknown crooks tried to illicitly generate e-Filing PINs for over 464,000 Americans. The IRS admitted that crooks got access to 101,000 e-Filing PINs.
The IRS uses the e-Filing PIN system to generate a unique PIN that Americans can use on their Form 1040 to file for tax returns. The PIN is not mandatory but only serves as an alternative to authenticating the document. US citizens can also use their prior-year adjusted gross income from copies of their previous year tax returns.