Back to news

August 3, 2024 | International, C4ISR, Security

New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication

New Windows backdoor BITSLOTH exploits BITS for command-and-control, targeting South American government and linked to Chinese actors.

https://thehackernews.com/2024/08/new-windows-backdoor-bitsloth-exploits.html

On the same subject

  • How tensions with Iran could test a new cyber strategy

    January 10, 2020 | International, C4ISR, Security

    How tensions with Iran could test a new cyber strategy

    Mark Pomerleau In 2018, the Department of Defense began following a new philosophy for cyber operations to better protect U.S. networks and infrastructure. Known as “defend forward,” the approach allows U.S. cyber forces to be active in foreign network outside the United States to either act against adversaries or warn allies of impending cyber activity that they've observed on foreign networks. After the U.S. military killed an Iranian general in a Jan. 2 drone strike and after national security experts said they expect Iran might take some retaliatory action through cyber operations, the specter of increased cyber attacks against U.S. networks puts Cyber Command and its new approach front and center. “This Iran situation today is a big test of the ‘defend forward' approach of this administration,” James Miller, senior fellow at Johns Hopkins Applied Physics Laboratory and former undersecretary of defense for policy, said at a Jan. 7 event hosted by the Council on Foreign Relations. “Will [Cyber Command] take preventative action? Will they do it in a way that our allies and partners support and that can be explained to the public?” While Iran fired several missiles Jan. 7 at a base in Iraq where U.S. troops lived as an initial response to the drone strike, many national security experts expect Iran could continue cyber actions as further retaliation for the strike. Iran could also ratchet up its cyber operations in the United States following the collapse of portions of the 2015 nuclear deal between the United States, Iran and five other nations to curb Iran's nuclear weapons capability in return for sanctions relief. Over the past 12 months, the White House and Congress streamlined many of the authorities used to conduct cyber operations to help cyber forces to get ahead of threats in networks around the world. One such provision in last year's annual defense policy bill provides the Pentagon with the authority to act in foreign networks if Iran, among other named nations, is conducting active, systematic and ongoing campaigns of attacks against the U.S. government or people. Cyber Command declined to comment on what, if anything, they were doing differently since the drone strike. Some experts, however, have expressed caution when assessing how well this defend forward approach has worked thus far given it is still relatively new. “The jury is very much still out here,” Ben Buchanan, assistant professor and senor faculty fellow at Georgetown University, said at the same event. “We don't have a lot of data, there's been a lot of hand-wringing ... about these authorities and about how Cyber Command may or may not be using them. I just don't think we've seen enough to judge whether or not ... [it is] meaningfully changing adversary behavior.” Others have also expressed reservations about how effective Iran can even be in cyberspace toward U.S. networks. “Iran is a capable cyber actor, Iran is a wiling cyber actor. That means Iran will conduct cyberattacks,” said Jacquelyn Schneider, Hoover fellow at the Hoover Institution at Stanford University. “It's not like they have this capability and they've been deterred in the past and maybe now they're going to turn it on. I think they've been trying this entire time.” Complicating matters further could be other actors trying to take advantage of U.S.-Iran imbroglio for their own interests. Priscilla Moriuchi, senior principal researcher and head of nation-state research at threat intelligence firm Recorded Future, said over the past several months, there have been reports of Russian state-affiliated actors hijacking Iranian cyber infrastructure to conduct operations masquerading as Iranians. “That creates its own uncertainty,” she said at the same event. “Another level of potential what we call inadvertent escalation if a country perceives that they are attacked by Iran but in reality, it” wasn't. https://www.fifthdomain.com/dod/2020/01/09/how-tensions-with-iran-could-test-a-new-cyber-strategy/

  • In first, MDA remotely launches a missile

    September 3, 2019 | International, Land

    In first, MDA remotely launches a missile

    By: Jen Judson WASHINGTON — The first-ever test of the Terminal High Altitude Area Defense system'sability to remotely fire an interceptor was deemed a success by the U.S. Missile Defense Agency. Following the test in the early hours of Aug. 30, the Lockheed Martin-made THAAD has now had 16 successful intercept tests in a row. But the significant milestone is proving the ability to remotely engage the system with a government-developed remote launcher kit. The capability provides extended range of a defended area, an MDA statement notes. “Preliminary indications are that planned flight test objectives were achieved and the target was successfully intercepted by the THAAD weapon system,” the statement reads. "This test demonstrates the expanding capabilities of the THAAD weapon system and its ability to intercept and destroy ballistic missile threats in defense of our nation, deployed forces and allies,” MDA Director Vice Adm. Jon Hill said in the statement. THAAD operators from the E-62 Battery conducted radar operations as well as launcher and fire control operations employing a procedure used in combat and were unaware of the target-launch timing. The ability to launch an interceptor remotely achieves a more layered — and ultimately less stove-piped — approach to regional ballistic missile defense and to increase the battlespace. The U.S. Army is also working to integrate the Patriot medium-range air-and-missile defense system with THAAD in response to an urgent operational need on the Korean Peninsula. That effort uses some of the same principles of decoupling launchers and radars so an operator can, for instance, use a THAAD radar (which can see farther than a Raytheon-made Patriot radar) but decide to engage a Patriot interceptor depending on the threat picture. The ability to use the THAAD radar also gets more out of the Patriot Advanced Capability-3 Missile Segment Enhancement (PAC-3 MSE) missile fired from Patriot units, which outperforms the organic Patriot radar. Earlier, in an Aug. 29 Army test also at White Sands Missile Range, a PAC-3 Cost Reduction Initiative interceptor took out an air-breathing threat “at a record distance," according to a Lockheed Martin statement. The company builds the missile as well as the PAC-3 MSE. The test also showed it can be integrated into the Northrop Grumman-made Integrated Air and Missile Defense Battle Command System, the command-and-control system of the Army's future air and missile defense architecture. The test demonstrated the Northrop system's ability to detect, track and engage a low-flying threat at a distance that exceeds the range of the current Patriot system, according to a Northrop Grumman statement. https://www.defensenews.com/land/2019/08/30/first-remotely-launched-terminal-missile-defense-test-deemed-a-success

  • Kratos Receives $20 Million Unmanned Aerial Drone System Production Contract

    August 9, 2022 | International, Aerospace

    Kratos Receives $20 Million Unmanned Aerial Drone System Production Contract

    The unmanned aerial drone systems produced under this contract award will be manufactured in a Kratos production facility

All news