Thursday, February 22, 2024

Creating liberating content

Waymo’s application to expand...

Waymo’s application to expand its robotaxi service in Los Angeles and San...

Neuralink’s First Brain Implant...

Some Neuralink rivals, such as Precision Neuroscience, are developing implants that sit...

The World’s First Malaria...

Malaria expert Brian Greenwood had once resigned himself to the possibility that...

Business travel management platform...

TravelPerk, a business travel management platform targeted at SMEs, has raised $105...
HomeTechnologyIsrael cybersecurity agency...

Israel cybersecurity agency says no breach after senior official self-infects home PC with malware


Israel’s National Cybersecurity Directorate said there was “no breach” of its network after passwords belonging to a senior agency official were stolen from their home computer earlier this year and published online.

A security researcher, who asked not to be named, told TechCrunch that they recently found the INCD official’s stolen credentials posted in mid-June in a public Telegram group known for sharing caches of passwords, crypto wallet keys, and other sensitive data stolen from computers infected with the RedLine password stealing malware.

TechCrunch has seen the public Telegram post containing the cache, which was advertised as a nondescript archive file containing the credentials of hundreds of victims, including the senior INCD official.

The cache contained saved credentials, credit card numbers, and auto-filled passwords from the official’s home computer, including passwords that relate to the senior official’s work at the INCD, such as threat detection services, and other internal Israeli government systems.

A desktop screenshot of the official’s home computer taken at the time of compromise and bundled in the cache of stolen credentials shows the INCD official mistakenly infecting their home computer with the RedLine malware. The screenshot prominently features a virtual machine running FlareVM, a custom software used by cybersecurity professionals for reverse-engineering and analyzing malware, with a sample of RedLine on the virtual machine’s desktop.

RedLine is a notorious password-stealing malware, which was attributed to last year’s hack at Uber and the theft of login details from Worldcoin Orb operators.

TechCrunch is not naming the INCD official, who did not respond to a request for comment. The INCD is responsible for defending Israel’s cyberspace against cyberattacks.

When asked about the incident, INCD said the agency official “reported in accordance with our established security protocols,” but did not say when, or how long after the incident it was reported.

“Following the event, the INCD launched a thorough investigation which confirmed that there was no breach to our well-secured organizational network,” said Libi Oz, a spokesperson for INCD.

“The incident took place on a private computer, disconnected and isolated from the organization’s network, ensuring a clear separation between personal and work-related digital spaces, as required. In addition, there was no sensitive information stored on it,” the spokesperson added.

INCD said that it “routinely applies a multi-layered security framework in the organizational network, which includes multi-factor authentication and other measures, to effectively prevent and minimize the potential impact of such incidents.”

Read more on TechCrunch:



Source link

Continue reading

Waymo’s application to expand California robotaxi operations paused by regulators

Waymo’s application to expand its robotaxi service in Los Angeles and San Mateo counties has been suspended for 120 days by the California...

Neuralink’s First Brain Implant Is Working. Elon Musk’s Transparency Isn’t

Some Neuralink rivals, such as Precision Neuroscience, are developing implants that sit on top of the brain, or in the case of Synchron,...

The World’s First Malaria Vaccine Program for Children Starts Now

Malaria expert Brian Greenwood had once resigned himself to the possibility that a successful vaccine for the disease might not become available in...