CrowdStrike

January 8, 2017

DNI: Putin Led Cyber, Propaganda Effort to Elect Trump, Denigrate Clinton

This post was originally published on this siteRussian President Vladimir Putin directed a massive propaganda and cyber operation aimed at discrediting Hillary Clinton and getting Donald Trump elected, the top U.S. intelligence agencies said in a remarkable yet unshocking report released on Friday. Russian President Vladimir Putin tours RT facilities. Image: DNI The 25-page dossier from the Office of the Director of National Intelligence stopped short of saying the Russians succeeded at influencing the outcome of the election, noting that the report did not attempt to make an assessment on that front. But it makes the case that “Russia’s intelligence […]
August 17, 2017

Blowing the Whistle on Bad Attribution

This post was originally published on this siteThe New York Times this week published a fascinating story about a young programmer in Ukraine who’d turned himself in to the local police. The Times says the man did so after one of his software tools was identified by the U.S. government as part of the arsenal used by Russian hackers suspected of hacking into the Democratic National Committee (DNC) last year. It’s a good read, as long as you can ignore that the premise of the piece is completely wrong. The story, “In Ukraine, a Malware Expert Who Could Blow the Whistle on Russian Hacking,” […]
February 18, 2019

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

This post was originally published on this siteThe U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy. This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series […]
August 9, 2019

iNSYNQ Ransom Attack Began With Phishing Email

This post was originally published on this siteA ransomware outbreak that hit QuickBooks cloud hosting firm iNSYNQ in mid-July appears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned. It also looks like the intruders spent roughly ten days rooting around iNSYNQ’s internal network to properly stage things before unleashing the ransomware. iNSYNQ ultimately declined to pay the ransom demand, and it is still working to completely restore customer access to files. Some of this detail came in a virtual “town hall” meeting held August 8, in which iNSYNQ chief […]