Cyber Attacks, Threats, and Vulnerabilities
WikiLeaks official website hacked by OurMine hacking group (HackRead) The official website of whistleblowing platform WikiLeaks was hacked Thursday morning by OurMine, a Saudi Arabia based hacking group. The hackers left a de
WikiLeaks attacked by OurMine: what are the lessons? (Computing) The apparent defacement of WikiLeaks' website this morning reveals how rudimentary attacks can still have short-term impacts.
Cyberespionage group uncovered by ESET research targeting embassies (WeLiveSecurity) ESET researchers have uncovered a previously undocumented backdoor is been used to spy on consulates and embassies worldwide by cyberespionage group Turla.
New Backdoor Trojan Deployed in Cyber-Espionage Campaign Targeting Embassies (BleepingComputer) A cyber-espionage group believed to be operating out of Russia for the past two decades has deployed a new backdoor trojan on computers at embassies in Southeast Europe, former Soviet states, and some South American countries.
Turla APT Used WhiteBear Espionage Tools Against Defense Industry, Embassies (Threatpost) The Turla APT's WhiteBear toolset was used to attack defense organizations as recently as June, and diplomatic targets during most of 2016.
Gazing at Gazer (ESET) Turla's new second stage backdoor.
Twitter Bots Use Likes, RTs for Intimidation (KrebsOnSecurity) I awoke this morning to find my account on Twitter (@briankrebs) had attracted almost 12,000 new followers overnight.
New Locky Variant 'IKARUSdilapidated' Strikes Again (Threatpost) For a second time this month, a Locky ransomware variant called IKARUSdilapidated is part of a calculated phishing attack targeting office workers with fake scanned image attachments.
Active ransomware attack uses impersonation and embedded advanced threats (Barracuda) In the last 24 hours, the Barracuda advanced security team has observed about 20 million attempts at a ransomware attack through an email attachment “Payment_201708-6165.7z.” Here is a screenshot of the email with the addresses redacted:
Ransomware is Going More Corporate, Less Consumer (Dark Reading) Cybercriminals on average charge $544 for ransom per device, signaling a new sweet spot for payouts.
Phishing Emails Undetected by 97 Percent of People (Inside Counsel) Today, phishing emails are behind 97 percent of cyberattacks, yet recent research reveals 97 percent of people cannot identify those phishing scams, putting the companies they work for at risk. In fact, out of 5,000 emails, one of them is likely to be a phishing email that causes damage. Victims may not know they've become one for up to a year.
SMBs beware! This is how automated software updates spread malware (Computing) Why you should never trust automatic updates
How Hackers Hide Their Malware: Advanced Obfuscation (Dark Reading) Hackers continue to develop new ways to break into systems. Here are three of them, along with ways to fight back.
The Active Directory Botnet (Dark Reading) It's a nightmare of an implementation error with no easy fix. Ty Miller and Paul Kalinin explain how and why an attacker could build an entire botnet inside your organization.
DDoS attacks blamed on 70,000-strong Android botnet (IT PRO) Security researchers discover Mirai-style 'WireX' botnet
New malware turns smartphones into cyberattackers (Boston Globe) Tens of thousands of Android phones were recently infected with WireX, a new kind of malware that hides inside apparently legitimate apps, converting phones into computer-killing zombies.
Researchers say Intel's Management Engine feature can be switched off (ZDNet) Updated: Researchers have shown how Intel's all-powerful Management Engine in its CPUs could be disabled.
Why Should We Trust DJI? (sUAS News - The Business of Drones) The historical relationship between the Chinese and United States is steeped in espionage. A quick search of sUAS News website will reveal an article going back to 2013: “QinetiQ North America was attacked by a Shanghai-based hacker group from 2007 to 2010, Bloomberg reported on Thursday. The hacking collective has been coined the ‘Comment …
It Still Takes 2 Minutes to Have Vulnerable IoT Devices Compromised Online (BleepingComputer) Almost a year after the emergence of the Mirai botnet, smart devices are still facing a barrage of credential attacks, and a device left connected to the Internet with default credentials will be hijacked in about two minutes.
UK infrastructure failing to meet the most basic cybersecurity standards (Register) We're all doomed
"House of Cards" publisher exposes gigabytes of sensitive client files (ZDNet) A backup drive on the agent's network exposed gigabytes of sensitive client data -- including unpublished books, invoices, details of royalty payments, and contracts.
Instagram says high-profile users targeted in cyber attack (NBC4i.com) Instagram alerted its verified users Wednesday of a security breach it said was due to a bug in its own software.
Attackers exploited Instagram API bug to access users' contact info (Help Net Security) Individuals obtained unlawful access to a number of high-profile Instagram users' contact information by exploiting a bug in an Instagram API.
Hacking Retail Gift Cards Remains Scarily Easy (WIRED) One security researcher reveals the secrets of simple gift card fraud.
People Are Making the FCC Host 'Rick and Morty' GIFs (Motherboard) What is going on?
FCC “apology” shows anything can be posted to agency site using insecure API (Ars Technica) FCC API could be misused to host malware on FCC's domain.
Wells Fargo uncovers up to 1.4 million more fake accounts (CNNMoney) Wells Fargo has uncovered up to 1.4 million more fake accounts after digging deeper into the bank's broken sales culture.
Your website is a window into your network — and guess who's looking? (Techaeris) Websites and the servers that host them are vulnerable to attack, and so too are the networks that are connected to them.
Security Patches, Mitigations, and Software Updates
Reflected XSS Bug Patched in Popular WooCommerce WordPress Plugin (Threatpost) Automattic has patched a reflected cross-site scripting vulnerability in the WooCommerce WordPress plugin.
Siemens Fixes Session Hijacking Bug in LOGO!, Warns of Man-in-the-Middle Attacks (Threatpost) Siemens fixed a session hijacking vulnerability in its LOGO! logic module Wednesday but says a second issue, one that could help facilitate a man-in-the-middle attack, has no fix currently.
Siemens patches one security vuln, leaves folks to block second (Register) LOGO owners on alert
St. Jude Pacemaker Gets Firmware Update 'Intended as a Recall' (Dark Reading) The devices that were the subject of a vulnerability disclosure debate last summer now have an FDA-approved fix.
Welcome to 2017: Pacemaker Patients Told to Visit Doctors to Receive Security Patches (BleepingComputer) Patients with pacemakers manufactured by Abbott — formerly St. Jude Medical's — are advised to reach out to their doctors and inquire about the availability of a security update for their implanted medical devices.
Blizzard vows tougher policies to punish Overwatch trolls (Ars Technica) Temporary "silences" to become suspensions, permanent bans will come more quickly.
Cyber Trends
Cybersecurity is Standard Practice for Most Large Companies, New Survey Finds (ISEBOX) Even with protocols in place to prevent cyber attacks, enforcement by management can be lax
Payment security: What are the biggest challenges? (Help Net Security) Discover how your industry fares on payment security and where the biggest challenges lie, requirement by requirement, according to Verizon.
Marketplace
UK Firms on GDPR Hiring Spree but Gaps Persist (Infosecurity Magazine) UK Firms on GDPR Hiring Spree but Gaps Persist. Reports suggest many have yet to begin compliance
The first ICO unicorns are here (TechCrunch) It was always like to happen, but the speed in which the first ICOs worth more than $1 billion have arrived is surprising. Today both Omise GO (OMG) and..
Right to Privacy to Boost the Encryption Market in Five Years: Carlos Moreira, WiseKey (DATAQUEST) Carlos Creus Moreira, CEO, WiseKey who has spent most of his time as a UN expert on IT and eSecurity was recently in India. His visit to India coincided with...
This former CIA analyst has signed big deals — and $40 million in new funding — for his internet monitoring startup (TechCrunch) Tim Junio knew as a high school student that he wanted to join the CIA. He even wrote as much in his college application to Johns Hopkins University, where he..
Siemens kooperiert mit ISA im Bereich Industrial Cyber Security (IT Times) Der deutsche Technologiekonzern Siemens AG arbeitet mit der International Society of Automation zusammen, um das Bewusstsein für Cybersicherheit im Industrie 4.0. Zeitalter zu schärfen.
Qualcomm Joins the IoT Cybersecurity Alliance (Qualcomm) Qualcomm Technologies, Inc., a subsidiary of Qualcomm Incorporated (NASDAQ: QCOM), joins AT&T, IBM, Nokia, Palo Alto Networks, Symantec and Trustonic as part of the IoT Cybersecurity Alliance formed earlier this year. The purpose of the group is
KeyW rides opportunity 'bubble' post Sotera deal (Washington Technology) KeyW Corp. continues to lay down the foundation it believes will drive success from its combination with Sotera Defense Solutions.
BKAV puts faith in tapping high-end phone market (Viet Nam News) BKAV Technology Group spent eight years and VNĐ500 billion (US$22 million) to make the first “Made in Việt Nam, Designed by BKAV’ smartphone. Việt Nam News speaks with Nguyễn Tử Quảng, chairman and CEO of the company, about its latest offering, the luxury Bphone 2017.
A first look at the Augusta Cyberworks Campus and the jobs that are following (WJBF-TV) Locals watched history meet the future Tuesday night at the old Sibley Mill.
CACI International (CACI) Seccures $51M Task Order from U.S. Air Force Cyberspace Operations for Software Development Support (Street Insider) CACI International Inc (NYSE:CACI) announced today it has been awarded a $51 million task order to provide software development support to the 90th Cyberspace Operations Squadron (90th COS), a subordinate unit of the 24th Air Force, the Air Force’s component to U.S. Cyber Command. The three-year task order, awarded under the Network-Centric Solutions-2 (NETCENTS-2) contract vehicle, represents continuing business for CACI.
Prevalent Appoints Chief Software Architect to Executive Team (Benzinga) Industry veteran to drive strategic vision, next generation design for third-party risk management leader
Marco Corrent appointed to head Carbon Black ANZ channel (Channel Life) Carbon Black has appointed Marco Corrent as channel director for ANZ as the security vendor looks to broaden its ANZ channel scope.
Products, Services, and Solutions
Okta Integrates with Palo Alto Networks Next-Generation Security Platform to Automate End-User Security from the Okta Identity Cloud to the Enterprise and Back (Okta) Okta, Inc. (NASDAQ:OKTA), the leading independent provider of identity for the enterprise, today announced integrations with the Palo Alto Networks® Next-Generation Security Platform to provide security across cloud, on-premises and hybrid applications and data centers.
SecureAuth Continues to Raise the Bar on Passwordless Authentication with New Access Control Methods (SecureAuth) With new Link-to-Accept™ and YubiKey multi-factor authentication methods, SecureAuth is taking more organizations passwordless with the flexibility they need.
IRS to relaunch a more secure data retrieval tool on Oct 1 for 2018-19 FAFSA (CSO Online) After making security and privacy tweaks to the disabled data retrieval tool, the IRS will relaunch the DRT on Oct 1 for 2018-19 FAFSA applicants.
WISeKey WISeAuthentic Blockchain for Brand Protection and Monetization Revolutionizing the Luxury Industry - NASDAQ.com (NASDAQ.com) WISeKey International Holding Ltd ("WISeKey"), (SIX: WIHN) a cybersecurity IoT platform company, today announced that its WISeAuthentic solution for brand protection is now able to minimize counterfeiting and fraud by developing a trusted digital global blockchain ledger that includes the identity of the luxury object and tracks and protects any item of value.
Anomali, Phantom Partnership Provides Cybersecurity Automation and Orchestration (Marketwired) Joint customers can now automate threat hunting, investigations, alerts and response
Gemalto Announces Data Protection Solutions for VMware Cloud on AWS (Technuter) Gemalto, the world leader in digital security, today announced its SafeNet data encryption and key management solutions are now available to customers of VMware Cloud™ on AWS.
VeloCloud's SD-WAN security program adds more partners (SearchSDN) VeloCloud expands its SD-WAN security program, and Verizon adds SD-WAN from Versa Networks into its managed software-defined branch service offering.
Technologies, Techniques, and Standards
Why The New NIST Guidelines Are Not Enough (Infosecurity Magazine) Industry should be working to create better and more secure technology that is also easier for consumers to use.
Cyber products to get further scrutiny under new DHS plan (FederalNewsRadio.com) DHS issued an updated CDM supply chain risk management plan to help agencies be more confident in the cybersecurity products and services they are buying.
The true cost of unstructured 'dark data' in the GDPR era (Computing) Kazoup's Johan Holder warns that unmanaged, unstructured data will pose major risks to organisations when the GDPR comes into force in just nine months
One of These Things Is Not Like the Other (SIGNAL Magazine) Cyber hunt teams look to machine learning to sort true security alerts from false positives.
Not all machine learning is created equal (Computing) Kevin Gidney of Seal Software talks about the training and work that must go alongside machine learning
Remote KYC: A competitive advantage for mobile only banking (Mobey Forum) The required procedures for Know Your Customer (KYC) have finally broken free of branch-based face-to-face meetings, and now enable banks to use videoconferencing and biometrics to verify a customer’s identity remotely. This is a big deal...
Cybersecurity Is Not A One-Time Fix (CSO Online) A comprehensive approach to security helps beat cybercriminals at their game.
Design and Innovation
Assume self-driving cars are a hacker's dream? Think again (the Guardian) Autonomous vehicles have long been seen as a major security issue, but experts say they’re less vulnerable to hacks than human-controlled vehicles
Self-driving lorries to be seen on British roads (Software Testing News) The government has announced that by the end of next year major British roads will be used by small convoys of partially self-driving lorries.
Dr. Jessica Barker: Keep People in the Security Equation (Cylance) What is the role of real live human people in protecting your data and your network? Matt Stephenson spends some time with Dr. Jessica Barker to look at cybersecurity from a different angle: the human perspective.
Cyber-Security Firm Kaspersky Lab Envisions Moscow’s Future (Moscow Times) The 3D map of Moscow is also flush with “climatic domes,” inside which temperature and humidity are regulated
Research and Development
Mathematicians Race to Debunk German Man Who Claimed to Solve One of the Most Important Computer Science Questions of Our Time (Motherboard) Norbert Blum's solve for the infamous 'P vs NP' problem "passes many filters of seriousness," but does it hold up?
John Martinis Believes Quantum Computing Threat to Be Long Way Off (Bitcoin News) At a recent crypto event, Google’s John Martinis addressed the hypothetical threats posed by quantum computing, stating that we are still many years from
Academia
Hackers to compete in Australia's first defence cyber challenge (iTnews) Seeking to fill skills shortage.
NKU, U.S. Bank Announce 3-Year Scholarship Program (The River City News) U.S. Bank announced this week that it will continue its support of Northern Kentucky University's nationally-recognized cyber security program.
Cyber defense research designation could improve research opportunities (The Daily Wildcat) Last week, the University of Arizona was named a Center of Academic Excellence in Cyber Defense Research by the Department of Homeland Security and the National Security Agency. This designation was awarded to Eller’s School of Business’ Management Information Systems department and is following the UA’s newly created Masters program in Cybersecurity.
CU Boulder, Lockheed extend research partnership aimed at developing new tech — and young minds (Boulder Daily Camera) Standing beneath a 26-foot research rocket suspended from the ceiling, officials from the University of Colorado and aerospace giant Lockheed Martin announced Tuesday an extended partnership aimed at building world-renowned technologies and training the next innovators of the future.
Universities struggle to provide cybersecurity education: Infographic (The CloudPassage Blog) The main reason for skills gaps? A “lack of qualified personnel” who can fill the role and a lack of universities providing cybersecurity education.
Legislation, Policy, and Regulation
Here Are the 41 Websites You Can't Access in Cuba (Motherboard) A new report looks at how the internet is censored on the island nation.
International Firms Struggle to Adapt as China's Cybersecurity Law Takes Shape (Dark Reading) After the release of new guidelines on critical information infrastructure, international companies are still searching for clarity on how to comply with the country's new cyber regime.
Curbs on freedom of expression encourage militants: Babar (International News) Senator Farhatullah Babar Tuesday said that inability to hold security forces accountable in operations against violent extremism can result in alienating the affected people and directly...
Distorted history a major source of bigoted worldview: speakers (Daily Times) The distorted history that has been taught to children and youth has made them oblivious of real history. It is a major reason behind the state of disconnect from our progressive and pluralistic culture of the past as a nation.
US Gearing Up for Digital Arms Race (VOA) Key intelligence agency looking to artificial intelligence to maintain eroding edge
How the West can defeat the Kremlin’s lies (Time) In 1976, aged 22, I went with a student delegation to Prague. Then it lay behind an iron curtain that few of us thought would be lifted in our lifetimes. We had gone to meet the members of the...
Congress faces decision on whether to rein in controversial spying program (USA TODAY) Critics of the surveillance program known as Section 702 say it is being used to collect electronic data on Americans without a warrant.
Senate Dem blasts Trump on cyber readiness (FCW) The ranking Democrat on the Senate energy committee is again raising warning flags about critical infrastructure cybersecurity in the wake of resignations from a key advisory group.
Litigation, Investigation, and Law Enforcement
Huawei rejects allegations it bribed Solomons' PM (Radio New Zealand) Chinese telecommunications company Huawei has rejected allegations it bribed the Solomon Islands' prime minister for the contract to build an internet submarine cable between Honiara and Sydney.
Reality Winner, NSA contractor charged in leak case, asks court to suppress initial statement (The Washington Times) Attorneys for National Security Agency contractor Reality Winner have asked a court to suppress the statements she made to investigators prior to being taken into custody and charged with leaking classified intelligence.
Exclusive: Wasserman Schultz IT Staffer Banned From House Network Months Ago Still Has Active Account (The Daily Caller) A former IT aide suspected of stealing equipment and data from Congress still has an active, secret email account on the House computer system, even though he has been banned from the congressional network...
Will special counsel Mueller examine the DNC server, source of the great Russiagate caper? (Philadelphia Inquirer) When the Department of Homeland Security and the FBI learned of the hacking claim, they asked to examine the server. The DNC refused - and continues to deny law enforcement access to it.
Bank cyber attack suspect extradited from Germany to appear in British court (Reuters) A British man has been extradited from Germany after being accused of launching cyber attacks on the networks of Lloyds Banking Group and Barclays banks this year, the National Crime Agency said on Wednesday.
Ex-Diplomats Warn Against Extending Civil Liability to Bank in Suit by Terror Victims (New York Law Journal) Former U.S. diplomats are going to bat for the Jordan-based Arab Bank, arguing in papers filed this week with the U.S. Supreme Court in favor of affirming di...
Feds: Man jailed for not decrypting drives has “chutzpah” to ask to get out (Ars Technica) Prosecutors use Yiddish to describe man imprisoned 2 years for contempt of court.