C.I.A. Vault 7 engineer convicted, Hackers targeted Jan6 journalists, Twitter’s brief outage

from the ceso series it's cyber security headlines it's Friday July 15th 2022 ex CIA engineer convicted in biggest theft ever of agency Secrets a former Central Intelligence Agency software engineer was convicted by a federal jury on Wednesday of causing the largest theft of classified information in the agency's history Joshua Schultz was arrested after the 2017 Disclosure by Wikileaks of a trove of confidential documents detailing the agency's secret methods for penetrating the computer networks of foreign governments and terrorists the document dump included instructions for compromising various commonly used computer tools and then using them to spy these included Skype Wi-Fi networks PDF documents and even commercial antivirus programs of the kind used by millions of people to protect their computers the breach known as The Vault 7 leak caused catastrophic damage to National Security according to the government Chinese hackers targeted us political reporters just ahead of the January 6th attack hackers connected with the Chinese government engaged in numerous fishing campaigns targeting US based journalists since early 2021 with operations focused on political and National Security reporters and White House Correspondents in the days leading up to the January 6 attack on the capital researchers said on Thursday these researchers with the cyber security firm proof Point shared the details on Thursday as part of a report looking at these kinds of operations carried out by China Iran North Korea and turkey the attacks both targeted journalists and had hackers posing as journalists to Target others they said Twitter outage briefly hits thousands the fail whale reappeared briefly in spirit anyway when Twitter faced a brief outage on Thursday leaving thousands of users without service for about an hour at the Peak around 8:20 a.m. in New York almost 55,000 users reported problems on down detector Twitter's website displayed an error message and prompted users to reload the page but it wasn't immediately clear what caused the outage the endemic log forj software flaw could take years to address Government Review finds it could take a decade to fully eradicate log for J from some computer systems a Department of Homeland Security review board said on Thursday the review board which the White House established last year to investigate major cyber security incidents called on the government and the private sector to invest much more in securing the open- source software that underpins Global it infrastructure but while there were reports of ransomware gangs and governments from China to Turkey exploiting the software vulnerability the high impact hacks that some analysts anticipated have yet to materialize according to the DHS backed [Music] panel thanks to today's episode sponsor Edge scan Edge scan simplifies vulnerability management by delivering a single full stack SAS solution integrated with world class Security Professionals instead of managing a plethora of Point scanning tools for each layer of the attacked surface and squandering precious staff resources manually removing false positives Edge scan offers automated and accurate contextualized alerts across the entire attack surface into a single source of Truth for more information visit edges scan.com that's e d g c an.com Microsoft published exploit code for a Mac OS app sandbox Escape flaw Microsoft has uncovered a vulnerability in Mac OS that could allow specially crafted codes to escape the app sandbox and run unrestricted on the system Microsoft reported the issue to Apple through coordinated vulnerability disclosure via Microsoft security vulnerability research in October 2021 Apple addressed the issue named cve 2022 26706 on May 16th of this year an attacker could trigger the flaw by using a specially crafted Office document containing malicious macro code that allows it to bypass sandbox restrictions and execute commands on the system Lilith enters the ransomware game researchers at cyble describe a new ransomware operation called Lilith and bleeping computer reports that the group not only operates a new strain of malware but that it's already posted the first victim to its double extortion dump site cyal notes throughout 2021 and 2022 we have observed record levels of ransomware activity while notable examples of this are rebrands of existing groups newer groups like Lilith red alert and Omega are also proving to be potent threats experts are concerned about ransomware groups creating searchable databases of victim data several ransomware gangs and extortion groups are creating searchable databases of information stolen during attacks according to several cyber security experts over the last month ransomware groups alv and lock bit have debuted features on their leak sites that allow anyone to search through troves of data by company name or other signifiers bleeping computer also reported that the caraker extortion group has created a similar functionality tenable senior staff research engineer satnam narang confirmed to the record that all three groups have Incorporated some kind of searchable database functionality into their leak sites Lithuanian energy firm disrupted by Doos attack Lithuanian Energy company ignitis group was hit by what it described as its biggest Cyber attack in a decade on Saturday when numerous distributed denial of service attacks were aimed at it disrupting its Digital Services and websites pro-russian hacking group Kiln net claimed responsibility for the attack on its telegram channel on Saturday making this the latest in series of attacks launched by the group in Lithuania due to that country's support for Ukraine in the war with Russia in a post on the ignitis group's Facebook page on July 9th the company said it had been able to manage and limit the attack's impact on its systems and that no breaches were recorded however the post also revealed that the attacks were ongoing remember we have a great slate of live Friday content today it gets started with super cyber Friday our hourong conversation about the biggest topic in cyber security this week the topic will be hacking compliance an hour of critical thinking of how to simplify and scale complicated and often manual processes that kicks off at 1:00 p.m. Eastern 10:00 a.m. Pacific then at 3:30 p.m. Eastern 12:30 Pacific we start our weekend review show this gets you caught up on all the biggest security headlines in about 20 minutes with a healthy dose of expertise and commentary from one of our ceso guests to join us for both just head on over to cesos series.com and click on the super cyber Friday logo to register I'm Steve Prentice reporting for the ceso series cyber security headlines are available every weekday head to cesos series.com for the full stories behind the [Music] headlines