Monday, October 25, 2021

Blizzard Reveals New Name for Overwatch’s Cowboy

Due to harmful allegations regarding the real-life Jesse McCree (among […] The post Blizzard Reveals New Name for Overwatch’s Cowboy appeared first on ComingSoon.net.
More
    Home Tags Cybersecurity

    cybersecurity

    Microsoft's advanced cybersecurity tech comes in a large number of countries now

    With upcoming national elections in five European countries, Microsoft is making some of the more advanced features of its AccountGuard service available to additional groups and individuals at no additional cost. AccountGuard is a program Microsoft offers to people and organizations at higher risk of being targeted by hackers. Typically that has meant politicians, but near the start of the pandemic, the company made the tool available to healthcare workers and humanitarian organizations at no cost. In practice, the service provides notifications from Microsoft when the company detects an attack and guidance on how to stop it. As part of today's expansion, Microsoft is making the service's enterprise-grade identity and access management features available to all AccountGuard members in '31' democracies at no additional cost. Some of those more advanced features include multi-factor authentication and single sign-on service. The company trialed a similar expansion ahead of the 2020 US presidential election, providing political campaigns and parties access to those features. Microsoft also plans to provide up to 25,000 YubiKeys to AccountGuard customers. Depending on the size of the organization, the company will have multiple free keys on offer. The expansion is timely for a couple of reasons. With national elections coming up in the Netherlands, Finland, Germany, Estonia and the Czech Republic, Microsoft hopes to protect them from disinformation campaigns. It also was only last year that Russian state-sponsored hackers pulled off the SolarWinds attack. The US government is still sorting through all the damage left by the hack, and even Microsoft wasn't left unscathed.

    The Oldsmar, Florida water plant hacked earlier this week used outdated Windows 7 PCs and shared passwords, the Associated Press has reported. A government advisory also revealed that the relatively unsophisticated attack used the remote-access program TeamViewer. However, officials also said that the hacker’s attempt to boost chemicals to dangerous levels was stopped almost immediately after it started. “The cyber actors likely accessed the system by exploiting cybersecurity weaknesses, including poor password security and an outdated Windows 7 operating system to compromise software used to remotely manage water treatment,” according to investigators. "The actor also likely used the desktop sharing software TeamViewer to gain unauthorized access to the system." The unknown attacker logged into TeamViewer, accessed sensitive systems and attempted to boost lye levels by 100 times. A supervisor monitoring one of the systems saw a mouse pointer move across the screen and “immediately noticed the change in dosing amounts,” according to the advisory. They were able to reverse it immediately and the water treatment process was unaffected. If it hadn’t been observed, the alteration would have taken 24-36 hours to affect the water supply and the changes would have been detected and stopped by plant safeguards. Windows 7 has not been patched with security updates in over a year. On top of everything else, the computers were “connected directly to the Internet without any type of firewall protection installed,” the advisory said. The Oldsmar hack was an accident waiting to happen, according to experts. “We have known for a long time that municipal water utilities are extremely underfunded and under-resourced, and that makes them a soft target for cyberattacks,” Dragos Security’s Lesley Carhart told the AP. “In a lot of cases, all of them have a very small IT staff. Some of them have no dedicated security staff at all.”

    SolarWinds hackers also targeted security firm CrowdStrike

    Andrei Stanescu via Getty Images The group behind the SolarWinds hack also tried to compromise a top security firm. CrowdStrike now says that it too was targeted by the group. According to CrowdStrike, the attempt happened “during a 17-hour period several months ago,” when hackers tried to access the company’s email. Though CrowdStrike says the attempt was ultimately unsuccessful, it offers further insight into the scale of the hacking operation, which US government officials have attributed to Russia. As Reuters points out, SolarWinds is so far the only company known to have been successfully targeted by the group. The company’s Orion software, widely used among major companies and US government agencies, was compromised giving hackers potential access to email and other sensitive data.  The fact that CrowdStrike was also targeted suggests the hackers could have cast a wider net than investigators previously realized. The Cybersecurity and Infrastructure Security Agency (CISA) is still unraveling just how big an impact the SolarWinds hack has had. The agency said earlier this week that state and local governments were also affected, “as well as critical infrastructure entities and other private sector organizations.” In this article: SolarWinds, cybersecurity, CrowdStrike, Russia, gear All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

    Facebook takes down more fake accounts linked to Russian intelligence

    Sponsored Links Elijah Nouvelage / reuters Facebook has uncovered yet another network of fake accounts with ties to Russia’s intelligence services. As with another recent investigation, Facebook says the fake accounts posed as editors and other media entities in order to trick actual journalists into writing articles for them.  The social network disclosed the takedowns, saying that the fake accounts had gained around 59,000 followers on Facebook and 2,000 on Instagram. Facebook’s Head of Cybersecurity Policy, Nathaniel Gleicher, said the accounts in question could have also been used in the same kinds of “hack-and-leak operations” Russia used in 2016. “While we have not seen the networks we removed today engage in these efforts, or directly target the US 2020 election, they are linked to actors associated with election interference in the US in the past, including those involved in ‘DC leaks’ in 2016,” Gleicher wrote. “These fake personas posed as editors and researchers to solicit articles for these websites. This network posted primarily in Russian and English about news and current events, including protests and elections in Belarus, Russian and Ukrainian politics, geopolitical conspiracies, Russia-NATO relations, Russia’s relations with neighboring countries, and criticism of US foreign policy, socio-economic issues in the US, and US political candidates on both sides of the political spectrum.” This isn't the first time Facebook says it found fake accounts linked to Russian state actors. Earlier this month the company took down a handful of accounts tied to Russia’s Internet Research Agency that successfully tricked US journalists into writing articles for a website called PeaceData. Facebook’s latest takedowns also caught networks of Russia-linked accounts that had targeted Turkey, Syria, Ukraine and other European countries. In this article: Facebook, Social media, cybersecurity, 2020 Elections, Russia, news, gear All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. Comments 133 Shares Share Tweet Share

    Must Read

    Get notified on updates    OK No thanks