TechCrunch: Hackers are using leaked NSA hacking tools to quietly hijack thousands of computers . “More than a year after patches were released to thwart powerful NSA exploits that leaked online, hundreds of thousands of computers are unpatched and vulnerable. First they were used to spread ransomware. Then it was cryptocurrency mining attacks. Now, researchers say that hackers are using the leaked tools to create an even bigger malicious proxy network.”
AP News: State-backed hackers target Gmail of US senators, aides. “State-backed hackers are still trying to break into the personal email accounts of U.S. senators and their aides — and a lawmaker focused on cybersecurity says the Senate’s security office should stop refusing to help defend them.”
ZDNet: Bill that would have the White House create a database of APT groups passes House vote. “The US House of Representatives passed a bill this week that would have the White House create and maintain a database containing all the names of individuals and cyber-threat groups associated with foreign cyber-espionage operations active against the US.” I think in this case APT stands for Advanced Persistent Threat.
Ars Technica: Hackers find new ways to print digital money for free. “The sky-high valuations of cryptocurrencies isn’t lost on hackers, who are responding with increasingly sophisticated attacks that covertly harness the computers and electricity of unwitting people to generate digital coins worth large sums of money. One example is a recently uncovered mass hack of servers that has mined about $6,000 worth of the cryptocurrency known as AEON in the past 23 days. ”
CBR Online: Black Friday cyberattacks to break records as hackers enlist bots. “We are in the midst of a week predicted to be record breaking in terms of cyberattack volumes, with malicious activity set to spike aggressively on Black Friday and Cyber Monday. A colossal 50 million attacks globally are expected to hit throughout the prime shopping period, meaning that potentially billions of pounds are hanging in the balance in the UK alone. In the run up to what may prove to be the worst week of cyberattacks on record, it is also important to note that 171 million attacks have been logged in just the last quarter. This tremendous figure is a 100 per cent increase compared to the same time span in 2015.”
Wired: Researchers Found They Could Hack Entire Wind Farms. “For the past two years, [Jason] Staggs and his fellow researchers at the University of Tulsa have been systematically hacking wind farms around the United States to demonstrate the little-known digital vulnerabilities of an increasingly popular form of American energy production. With the permission of wind energy companies, they’ve performed penetration tests on five different wind farms across the central US and West Coast that use the hardware of five wind power equipment manufacturers.”
Reuters: Symantec attributes 40 cyber attacks to CIA-linked hacking tools. “Past cyber attacks on scores of organizations around the world were conducted with top-secret hacking tools that were exposed recently by the Web publisher Wikileaks, the security researcher Symantec Corp (SYMC.O) said on Monday.”