Hacks & Hackers

AP: Russia hackers had targets worldwide, beyond US election

AP: Russia hackers had targets worldwide, beyond US election

The Associated Press is reporting on a trove of data accidentally leaked by the Russian-backed advanced persistent threat (APT) group known as Fancy Bear that suggests the group conducted a years-long campaign against targets in the US, Ukraine, Russia, Georgia and Syria. 

Ryan Kazanciyan talks to us about how he helps USA Network get the hacking scenes in Mr. Robot right. (Image courtesy of USA Network.)

Hacking Back Reconsidered and the Guy who makes Mr. Robot’s Hacking Scenes Look So Good

In this week’s podcast, we talk with Gadi Evron of Cymmetria, which released Mazehunter, a targeted hack-back tool this week about going on offense and staying on the right side of the law. Also: Ryan Kazanciyan of Tanium is one of the talented hackers who help design Mr. Robot’s hacking scenes. We talk with him about bringing realistic hacks alive on the small screen. And: when Uncle Sam dishes the dirt on a state sponsored campaign against critical infrastructure, what are companies supposed to do with the information? Mark Durfresne of the firm Endgame and Itzik Kotler of the firm Safebreach give us their thoughts.

A new report by DHS and the FBI describes recent attacks by a group known as DragonFly or Energetic Bear against energy and critical infrastructure firms. (Image courtesy of CrowdStrike.)

FBI and Homeland Security dish Dirt on Critical Infrastructure Attacks

A new joint FBI-DHS report dishes the dirt on recent sophisticated attacks targeting the US energy grid and critical infrastructure, saying third party firms and web sites to gain access to energy and other critical infrastructure networks. It also names a sophisticated hacking group believed to be linked to the government of Russia. 

A flaw in the WPA-2 wireless protocol leaves millions of device vulnerable to hacking and other malicious acts.

Update: Flaw in widely used Wi-Fi Standard could allow snooping

Hundreds of millions of wireless devices may be affected by a flaw in WPA-2, a widely used standard for securing wireless Internet connections.  (Updated to add commentary by Bob Rudis of Rapid 7.)

Kaspersky Lab disputed a report in the Wall Street Journal that its software played a role in the theft of NSA hacing tools from a government contractor.

Kaspersky Lab CEO says company may be hacking victim

CEO Eugene Kaspersky likened a Wall Street Journal report on his company’s software being used to hack an NSA contractor to “the script of a C movie” and said his company was in the middle of a geopolitical dispute.