Cyber Attacks, Threats, and Vulnerabilities
Governments and NGOs: Germany Spied on Friends and Vatican (Spiegel) Efforts to spy on friends and allies by Germany's foreign intelligence agency, the BND, were more extensive than previously reported. SPIEGEL has learned the agency monitored European and American government ministries and the Vatican
Cyber torpedo alert: China, Russia hack submarine plans of bidders (The Australian) Chinese and Russian spies have attempted to hack into the top secret details of Australia's future submarines, with both Beijing and Moscow believed to have mounted repeated cyber attacks in recent months
Hackers a threat to defence: Xenophon (9 News) Hacking threats to Australia's future submarine project highlight the need to bolster cyber security, independent Senator Nick Xenophon says
Pro-Palestinian Hackers Took over Twitter Account of Israeli Ha'aretz Newspaper (HackRead) Pro-Palestine activists Hacked Ha'aretz Newspaper's Twitter Account and Posted: "Our martyrs' mothers will drink your soldier's blood"
CIA Email Hackers Return With Major Law Enforcement Breach (Wired) Hackers who broke into the personal email account of CIA Director John Brennan have struck again.
Anonymous "unhoods" alleged KKK members but innocents are smeared (Naked Security) Members of the loose hacker collective Anonymous followed through on a pledge to release the names of members of the Ku Klux Klan, but #OpKKK was flawed from the get-go by uncoordinated document dumps and smearing of innocent people who are in no way connected to the KKK
Remote Code Execution Flaw Found in Java App Servers (SecurityWeek) Several popular Java-based products are affected by a serious vulnerability that can be exploited by malicious actors to remotely execute arbitrary code
Dangerous bugs leave open doors to SAP HANA systems (IDG via CSO) The bugs could expose financial and customer data, product pricing info and more
Onapsis Discovers and Helps Mitigate New Critical Cyber Security Vulnerabilities Affecting All SAP HANA-Based Applications, Including SAP S/4HANA and SAP Cloud Solutions (BusinessWire) Onapsis Research Labs protects SAP customers against new critical risks that could allow cyber attackers to steal, delete or modify corporate business information
Gone in a Flash: Top 10 Vulnerabilities Used by Exploit Kits (Recorded Future) Adobe Flash Player provided eight of the top 10 vulnerabilities used by exploit kits in 2015
No surprise here: Adobe's Flash is a hacker's favorite target (IDG via CSO) A new study adds to already compelling evidence that Flash should be retired
Trojanized Adware Floods Third-Party Android App Stores (InformationWeek) New security research from Lookout suggests that several strains of trojanized adware are targeting third-party Android app stores. The safe bet is to use Google Play
Leaky mobile phones are 'betraying' us (Naked Security) Mobile apps are regularly leaking information to third parties, according to research from the Massachusetts Institute of Technology (MIT), Harvard, and Carnegie-Mellon
Apple's XcodeGhost malware still in the machine... (Naked Security) It's about six weeks since we first wrote about XcodeGhost
Is Your Business Still Running Infected Apple Apps? (Small Business Trends) When Apple found out XcodeGhost had infected more than 4,000 applications in its Apple Store recently, the company took immediate actions to identify the infected apps and remove them from its App Store. Apple then released a set of new security features to stop this activity
DRIDEX: Down, But Not Out (TrendLabs Security Intelligence Blog) On October 13, American and British law enforcement took action against the notorious DRIDEX botnet with the goal of stopping the activities of the notorious online banking threat
Cheap OmniRAT malware used to spy on Android, Windows, Linux, Mac devices (Help Net Security) European law enforcement agencies recently targeted users of the DroidJack mobile phone RAT, and likely made other would-be users refrain from buying and using that particular piece of malware
Comcast resets nearly 200,000 passwords after customer list goes on sale (CSO) Dark Web market ad offering Comcast accounts in bulk
Software products firm Zoho faces cyber attack, blackmail from hackers (Business Standard) Hackers used distributed denial-of-service type of attack to flood Zoho's servers with requests from multiple sites
Touchnote hacked — tells users to reset their passwords (Graham Cluley) Touchnote, an online service which takes your digital photographs and then sends them to loved ones as a physical postcard, has been hacked
Encrypted email provider ProtonMail caves in to extortion, hands over $6000 (Naked Security) Swiss–based encrypted email provider ProtonMail — developed at the CERN research facility in 2013 to withstand surveillance by the world's increasingly inquisitive intelligence agencies — has revealed that it handed over 15 bitcoins (about $6000/£4000) to stop a Distributed Denial of Service (DDoS) attack
ProtonMail says it won't ever again pay ransom to DDoS blackmailers (Graham Cluley) A couple of days ago, on the blog where it is documenting its fight against DDoS attackers, secure email service ProtonMail explained that it had paid a $6000 ransom to attackers
Ransomware Now Gunning for Your Web Sites (KredsOnSecurity) One of the more common and destructive computer crimes to emerge over the past few years involves ransomware — malicious code that quietly scrambles all of the infected user's documents and files with very strong encryption
The kernel of the argument (Washington Post) Fast, flexible and free, Linux is taking over the online world. But there is growing unease about security weaknesses
Google says 19,000 organizations are trying or using Android for Work, but security questions linger (FierceMobileIT) Google has announced plans to push updates to Android for Work based on the latest iteration of its mobile OS, Android Marshmallow
The Top 5 Data Breach Vulnerabilities (Forbes) In previous blogs I've focused on some very specific data breaches and specific defense mechanisms. I often find CEOs, particularly owners of small businesses, who don't know how to approach security, or even if they have a firewall in place
Security Like the Dickens (PYMNTS) With the holiday shopping season upon us and projections for consumer spending looking rosy, retailers are certainly keeping a keen eye on security issues that could shake consumer confidence and cut into profits
Bulletin (SB15-313) Vulnerability Summary for the Week of November 2, 2015 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week
Security Patches, Mitigations, and Software Updates
Advantech Clears Hard-Coded SSH Keys from EKI Switches (Threatpost) Critical industrial switches used worldwide for automation contained hard-coded SSH keys that put devices and networks at risk
First update for Windows 10 may come next Patch Tuesday (FierceCIO) Microsoft released a new build for Windows 10 Insider testers that could signal an impending update for the new OS
Cyber Trends
The rise of the hacker (Economist) Computers are not great for storing secrets
Ovum: Data Breaches Offer a Good Case for Cloud Security (Infosecurity Magazine) Despite cloud security fears, the ongoing epidemic of data breaches is likely to simply push more enterprises towards the cloud
States' Cyber Security Readiness Presents "Grim Picture" Pell Study Finds (Dark Reading) Just eight states of 50 fared decently in a Pell study on their preparedness to deal with current and emerging cyberthreats
Is The United States Prepared For A Massive Cyberattack? (National Geographic) No, says broadcast journalist Ted Koppel, in a new book that explains why the Internet is potentially a weapon of mass destruction
Cyber-criminal sphere a serious threat for SA (Business Day Live) Last year, SA had the most cyber attacks of any country on the continent. In 2014, losses from cyber crime reached an estimated R5bn annually
Marketplace
What The Boardroom Thinks About Data Breach Liability (Dark Reading) Most public companies subscribe to cybersecurity insurance of some sort, and 90% say third-party software vendors should be held liable for vulnerabilities in their code
Inside the economics of hacking (Washington Post) Imagine getting $1 million for finding a security weakness in a mobile operating system
FireEye: Is the Selling Deluge Overdone? (Motley Fool) The rapidly growing cybersecurity company missed expectations on a key metric and lowered full-year guidance. Did investors overreact in the ensuing sell-off?
FireEye: Growing Competition In Sector Dims Flame (Seeking Alpha) FEYE's lowered billings guidance for the fourth quarter a sign that growing competition in the sector is slowing growth
FireEye's Stock Is Collapsing for One Key Reason (DCInno) Mandiant, an Alexandria, Va.-based cyber forensics company that was acquired in January 2014, may be at the heart of FireEye's (FEYE) recent stock woes, according to FBR Capital Markets analysts
FireEye +6.2%; CEO, CFO buy shares following plunge (Seeking Alpha) CEO Dave DeWalt bought 22.5K shares earlier today. CFO Michael Berry bought 13.5K shares
FireEye Earnings Illustrate Why You're More Secure With HACK (Seeking Alpha) FEYE showed why owning a single cyber security stock is high risk
Is The Party Over For CyberArk? (Seeking Alpha) CyberArk continues to outshine sector peers with strong earnings and free cash flow generation
Moodispaw's legacy guiding KEYW as it looks to grow (Baltimore Sun) When Leonard Moodispaw died in June, KEYW Corp. lost not just its top executive, but its founder and visionary — the brains behind its Margaritaville-inspired spin on federal contracting
TalkTalk boss Dido Harding set to reassure on cyber attack (Express) TalkTalk chief executive Dido Harding will issue a fresh apology to customers affected by the cyber attack on the telecoms group this week when she unveils its first-half results
Microsoft Goes For Another Israeli Security Firm Buying Secure Islands (TechCrunch) Israel is a small country with a thriving security startup industry, and Microsoft appears to be have a taste for them. Today it announced an agreement to buy Secure Islands, its third Israeli security firm in the last year
Source: Blue Coat is buying cloud security startup Elastica for more than $300M (VentureBeat) Blue Coat Systems, a security vendor owned by Bain Capital, is acquiring Elastica, a startup that detects potentially dangerous use of cloud applications
CSC US Govt-SRA Combination Unveils Business Plan, Exec Team & Board to Investors (GovConWire) The company being formed out of Computer Sciences Corp.'s (NYSE: CSC) U.S. government business and SRA International has revealed more details of its business plan in Wednesday filings with the Securities and Exchange Commission and a presentation to investors in New York held Thursday
Intel Security Confirms Divestiture Of McAfee NGFW, Firewall Enterprise Businesses In Memo To Partners (CRN) Intel Security for the first time confirmed its divestiture of its McAfee Next-Generation Firewall and McAfee Firewall Enterprise businesses in a memo to partners Wednesday evening
Products, Services, and Solutions
Airbus Defense Cuts Keys To Lock Up Cyber Security (Aviation Week) As combat aviation evolves, the plethora of sensors and subsystems fielded on individual platforms increases
Sophos Launches Security Heartbeat To Bring Together Network, Endpoint Capabilities (CRN) Sophos is launching a new technology Monday that synchronizes threat intelligence and automation across endpoint and network levels
Microsoft may have the most secure smartphone OS in Windows Phone (Neowin) Low sales, stagnation, a formidable app gap and lack of popular features. These are just some of the accusations levied against Windows Phone but Microsoft may have at least one thing going for it in the mobile department: security
Avast says its mobile anti-theft app can now withstand a factory reset (Stuff) And guess who scares us more than cyber criminals when it comes to the naughty stuff on our phones?
TrapX CEO on the art of deception in cyber security (Computer Business Review) C-Level Briefing: Deception technology firm boss explains why ancient tactics apply in the modern age
CloudFlare Supplies Security At Network's Edge (InformationWeek) CloudFlare is a startup that has invested in security-as-a-service, and distributes it with a low latency to the edge of the network. Microsoft, Google, and others have taken notice
Symantec Offers Tailored Threat Intelligence For Businesses (TechWeek Europe) Know thy enemy. Symantec service gives businesses answers to specific questions to improve cyber defences
Technologies, Techniques, and Standards
DNS Reconnaissance using nmap (Internet Storm Center) In a penetration test (PenTest) a thorough reconnaissance is critical to the overall success of the project
3 Warning Signs Of A Breach — What Security Teams Should Be Looking For (TechCrunch) Every company struggles to allocate security resources. It's not that security pros don't have the tools to improve their risk postures — it's that they don't have the time
Internet of Things: Security, Compliance, Risks and Opportunities (Business.com) The Internet of Things (IoT) is pushing an information-driven shift to connected devices in the enterprise world at large
Why Depending on Cyber Risk Assessments is a Risk (SecurityWeek) Just this past week, a recent study hit the news that concluded — as many studies have before it — that the Transportation Security Administration (TSA) is fundamentally not effective at making air travel more secure in a post-9/11 world
What Flu Season Can Teach Us About Fighting Cyberattacks (Dark Reading) Cybersecurity doesn't have to be an arms race towards complexity if we put people front and center of the solution
Design and Innovation
The Future of Passwords Isn't Just Biometric, It's Behavioral (Inverse) Even fingerprints and eyeballs can be hacked. Replicating interactions, however, is nearly impossible
Google Just Open Sourced TensorFlow, Its Artificial Intelligence Engine (Wired) Tech pundit Tim O'Reilly had just tried the new Google Photos app, and he was amazed by the depth of its artificial intelligence
EMV's Real Disruption Is for Online Payments (Payments Source) The EMV deadline has come and gone, and customers and retailers alike are realizing that they need to understand and adapt to the new payment reality both online and offline
Crowdsourced Threat Intelligence: A paradigm shift in Cyber Security (Imperva) What is common between your traffic data, music playlists, and news feeds today?
Legislation, Policy, and Regulation
My work at GCHQ and the surveillance myths that need busting (Guardian) Many words about GCHQ have appeared over the last two years — but rarely have they been GCHQ's own word
EU says negotiations for 'Safe Harbor 2.0' must be complete by January, reminds US of downgraded data protection status (FierceCIO) Switzerland, Canada, Argentina, the Bailiwicks of Guernsey and Jersey, and the Isle of Man are all states better than the U.S. at protecting the data of European citizens
US must make next move on Safe Harbor (IDG via CSO) The European Union expects the U.S. to make the next move in negotiating a replacement for the Safe Harbor Agreement
Japan to heighten cyber security (Daijiworld) Prime Minister Shinzo Abe on Friday said Japan will take all possible measures to heighten computer security ahead of next year's G-7 summit and the Tokyo Olympics in 2020
Japan Its Own Enemy in Push to Improve Cybersecurity (ABC News) Apart from rogue hackers, criminal organizations or even state-backed cyberwarfare units, Japan's businesses and government agencies are facing a unique cybersecurity foe: themselves
Opinion: Will TPP undermine the global Internet? Read this before you decide (Christian Science Monitor Passcode) Now that the White House has released the controversial Trans-Pacific Partnership text, critics and proponents alike can have a more informed discussion about its effect on the Open Internet
Legal scholars set guidelines for cyber skirmishes in Tallinn Manual (Pittsburgh Tribune-Review) After President Obama publicly blamed North Korea for a computer attack on Sony Entertainment and vowed the United States would respond in some fashion, that country's Internet service went out for more than nine hours
U.S. Sets Precedent on Dealing With Cyberattacks (Government Technology) After the cyberattack on Sony Pictures, the Obama administration set of responses has been dubbed as the "Cyber Monroe Doctrine"
NSA discloses most security flaws, but that's not the whole story (Engadget) The National Security Agency is opening up a bit about how it discloses security exploits… though not by much
DoD issues cyber-risk memo for weapons-buying (C4ISR & Networks) The Defense Department's acquisition chief is targeting the integration of cybersecurity into military acquisition, recently issuing new guidance that revises existing policies and emphasizes information assurance and systems resiliency
Hacked Opinions: The legalities of hacking — Lisa Berry-Tayman (CSO) Lisa Berry-Tayman talks about hacking regulation and legislation
Hacked Opinions: The legalities of hacking – Sol Cates (CSO) Sol Cates, from Vormetric, talks about hacking regulation and legislation
Litigation, Investigation, and Law Enforcement
Websites can keep ignoring "Do Not Track" requests after FCC ruling (Ars Technica) Petition to impose Do Not Track requirements rejected by commission
GCHQ and NCA join forces to police dark web (ComputerWeekly) GCHQ and the National Crime Agency are to track down paedophiles and serious online criminals by using the techniques and expertise used to find terrorists
Man charged for bogus tweets that sent stocks plummeting (Naked Security) A Scottish citizen was indicted on Thursday by a federal grand jury in San Francisco for allegedly using Twitter to spread disinformation, causing the stock prices of two companies to plummet
Teen arrested over TalkTalk cyber attack sues papers for alleged privacy breach (Belfast Telegraph) A Co Antrim schoolboy arrested over the cyber attack on TalkTalk is suing three national newspapers for alleged breach of privacy, it has emerged
VW Ingenieure schummelten aus Angst vor Winterkorn — VW Engineers Cheated! (Supply Chain 24/7) Several Volkswagen engineers have admitted manipulating carbon dioxide emissions data because goals set by former Chief Executive Martin Winterkorn were difficult to achieve
EMC, hospital to pay $90,000 over stolen laptop with medical data (IDG via CSO) The theft of the laptop from an employee of EMC goes back to 2012