Cyber Attacks, Threats, and Vulnerabilities
U.S. Cyberweapons, Used Against Iran and North Korea, Are a Disappointment Against ISIS (New York Times) The Islamic State’s internet use has proved a more elusive target than missile systems or centrifuges, American officials say.
Israeli hackers reportedly got into ISIS networks and found they were building laptop bombs (Business Insider) The intelligence gleaned from the electronic heist was "so exquisite" that it helped US spies get an understanding of how such devices would be detonated.
Alert (TA17-163A) CrashOverride Malware (US-CERT) The National Cybersecurity and Communications Integration Center (NCCIC) is aware of public reports from ESET and Dragos outlining a new, highly capable Industrial Controls Systems (ICS) attack platform that was reportedly used in 2016 against critical infrastructure in Ukraine. As reported by ESET (link is external) and Dragos (link is external), the CrashOverride malware is an extensible platform that could be used to target critical infrastructure sectors. NCCIC is working with its partners to validate the ESET and Dragos analysis, and develop a better understanding of the risk this new malware poses to the U.S. critical infrastructure.
Cyber firms warn of malware that could cause power outages (Reuters) Two cyber security firms have uncovered malicious software that they believe caused a December 2016 Ukraine power outage, they said on Monday, warning the malware could be easily modified to harm critical infrastructure operations around the globe.
Energy industry becomes cyber war battlefield (The Bakersfield Californian) U.S. energy facilities are increasingly being targeted by cybercriminals, according to a recent report released by government and private security officials. Just one agency, the Department of Homeland Security, reported
First Malware Designed Solely for Electric Grids Caused 2016 Ukraine Outage (Dark Reading) Attackers used CrashOverride/Industroyer to cause a partial power outage in Kiev, Ukraine, but it can be used anywhere, say researchers at Dragos and ESET.
Industroyer can knock out power grid, ESET (SC Media US) Researchers at ESET have been examining malware samples that they claim can do precisely what was used to knock off power to the residents of Kiev in Decem
Russia has developed a cyberweapon that can disrupt power grids, according to new research (Washington Post) Already used in Ukraine, the malware could be modified to target U.S. systems.
CRASHOVERRIDE Analyzing the Threat to Electric Grid Operations (Dragos) Dragos, Inc. was notified by the Slovakian anti-virus firm ESET of an ICS tailored malware on June 8th, 2017. The Dragos team was able to use this notification to find samples of the malware, identify new functionality and impact scenarios, and confirm that this was the malware employed in the December 17th, 2016 cyber-attack on the Kiev, Ukraine transmission substation which resulted in electric grid operations impact.
Analyzing Xavier: An Information-Stealing Ad Library on Android (TrendLabs Security Intelligence Blog) We have recently discovered a Trojan Android ad library called Xavier that steals and leaks a user’s information silently. Xavier’s impact has been widespread, with more than 800 applications embedding the ad library’s SDK having been downloaded millions of times from Google Play.
ForcePoint: TrickBot spreading using Necurs botnet (Computing) TrickBot malware shifts from malvertising to Necurs botnet to spread, warns Malwarebytes
ForcePoint: TrickBot spreading using Necurs botnet (Computing) TrickBot malware shifts from malvertising to Necurs botnet to spread, warns Malwarebytes
The Rise of Polymorphic Malware (LIFARS) Polymorphic malware is code engineered with the ability to transform from its original form every time it is executed to evade detection.
Free Mac-Based Ransomware-as-a-Service MacRansom Surfaces (Threatpost) A new, free macOS-based ransomware as a service has surfaced on the darkweb. Researchers say once the malware encrypts users’ files, they’re “pretty much gone for good.”
Someone Is Offering Mac Ransomware on the Dark Web (Motherboard) New Mac malware might be a sign of things to come for Apple computer users.
SambaCry Flaw Exploited to Deliver Cryptocurrency Miner (Security Week) A recently patched Samba flaw known as EternalRed and SambaCry has been exploited in the wild to deliver a cryptocurrency miner to vulnerable machines, researchers warned.
Attackers Mining Cryptocurrency Using Exploits for Samba Vulnerability (Threatpost) Kaspersky Lab said it has seen some of the first exploits targeting a patched Samba vulnerability, and those are being used to mine Monero cryptocurrency.
Blinking Router LEDs Leak Data From Air-Gapped Networks (Threatpost) Researchers say sensitive data can be extracted from air-gapped networks via a wireless router’s blinking LEDs.
Mouseover Macro Campaign Delivers Gootkit Trojan Via PowerPoint (Cyber Security Experts) Earlier this week, a researcher analyzed a newly detected technique for delivering malware involving PowerPoint files and mouseover events. Today, Trend Micro has published details on a spam campaign it detected in late May using the same technique. TrendLabs researchers Rubio Wu and Marshall Chen suggest that although the recent campaign was limited (which in Read more about Mouseover Macro Campaign Delivers Gootkit Trojan Via PowerPoint…
Word exploits weaponised in quick time (Naked Security) The normal lifecycle of an Office exploit can take months – what makes this latest Word exploit different?
Chinese-Made Video Cameras Pose Major Cyber Attack Risk (Washington Free Beacon) A Chinese company warned Monday that some of its remote-controlled video cameras contain flaws that a security firm said could be used in cyber attacks.
Virgin Media’s Super Hub gets hit by another big security flaw (TechRadar) Super Hub 2 was the vulnerable party this time round
Stolen UAE InvestBank, Qatar National Bank Data Sold on Dark Web (HackRead) There may be a serious conflict between Qatar and the UAE (United Arab Emirates), but hackers see no difference, for them, it is all about making easy mone
Watch out! Scammers are making a fortune in the iOS App Store (HOTforSecurity) Just how much money can a scammy iPhone app make in the iOS App Store? You may be surprised. After all, how does $80,000 per month sound to you? The “Mobile protection :Clean & Security VPN” app is estimated to be have earnt its developer $80,000 per... #iosappstore #mobileprotection #scammers
Fortinet: Cybercrime ditches regional targets & goes for global 'element of surprise' (Security Brief) According to Fortinet's Global Threat Landscape Report, attackers are always looking for 'the element of surprise'.
Victims Lost US$1B to Ransomware (TrendLabs Security Intelligence Blog) Over the course of 2016, ransomware operators trailed their sights on bigger targets and raked in US$1 billion for their efforts.
Georgia’s voting machines face criticism, but state says they’re secure (Atlanta Journal-Constitution) Georgia officials have stood by the state's electronic voting machines, which it adopted in 2002, despite questions raised in a recent lawsuit.
Security Patches, Mitigations, and Software Updates
Crypto and SSL Improvements in High Sierra and iOS 11 (Hashed Out) After Apple's WWDC conference, we've compiled a list of all the crypto and SSL-related changes that are coming to High Sierra and iOS 11.
Apple to auto-update devices to two-factor authentication (Naked Security) iOS 11 and macOS High Sierra public beta testers will be automatically upgraded from 2SV. But, most users are unclear about the benefits of using 2FA.
Cyber Trends
New Imperva report reveals why old security fails (Software Testing News) Data and application security solution company Imperva has released its new Hacker Intelligence Initiative (HII) report.
Massive Surge in Botnet Malware Activity in Q1 2017 (eSecurity Planet) At the same time, ransomware usage dropped by 44.9 percent.
New Mimecast report detects 400% jump in impersonation attacks (Times of Oman) The number of impersonation attacks detected this quarter rose by more than 400 per cent quarter over quarter, in comparison to the data initially reported in the February 2017.
IT professionals believe their data is safer in the cloud than on-premise (Help Net Security) IT professionals believe that when facing malfunctions, malicious attacks and disasters, their organization's data is safer in the cloud than on-premises.
Security in the words of Dr Seuss (CSO) This is what Dr Seuss said and it’s something former Telstra CISO discussed during his opening keynote address at the Emerging Cyber Threats summit held in Sydney on 7 and 8 June 2017.
Differences in personal security behaviors of US and UK workers (Help Net Security) Wombat surveyed more than 2,000 working adults about cyber security topics and best practices that are fundamental to network and data security.
Marketplace
Israeli hacking company NSO Group is on sale for more than $1 billion (Cyberscoop) The Israeli hacking firm best known for the Pegasus mobile malware is looking for a buyer.
Honeywell to acquire industrial cyber security software leader Nextnine (Automotive World) Honeywell announced today that it has signed a definitive agreement to purchase Nextnine, a privately held provider of security management solutions and technologies for industrial cyber security. The addition of Nextnine’s industry-leading security solutions and secure remote service capabilities will enhance the Company’s existing range of innovative cyber security technologies and significantly increase Honeywell’s Connected Plant cyber security customer base.
Tanium lays out channel plans after $100m funding win (Channelweb) Security vendor looking to build deeper channel ties with enterprise VARs
How Raytheon Will Unlock The Value Of Its Cybersecurity Business For Shareholders (Forbes) Defense contractor Raytheon is flying high. Its stock is trading near an all-time high, up over 80% since Dr. Thomas A. Kennedy became Chairman & CEO in 2014. E.P.S. rose 21% year-over-year in the first quarter, and Wall Street is noticing. Argus Research says the company's business mix and growth outlook merit a premium valuation. Morningstar says Raytheon is poised "for some of the fastest growth in the defense industry," and despite the recent run-up in share price is "the least expensive pure-play defense name."
Raytheon's Space and Airborne Systems Awarded $42.8M Deal (NASDAQ.com) Raytheon Company 's RTN Space and Airborne Systems Division has won a $42.8 million contract for production of Identification Friend-or-Foe (IFF) KIV-77 Mode 4/5 cryptographic appliqué computers. Per the terms, the work will be carried out at Largo, FL and is expected to be completed by June 8, 2022.
Leidos: The Combination Of SAIC Divestiture And Lockheed Martin Spin Off Is Well Poised For A Breakout (Seeking Alpha) On August 16th, 2016, LockHeed Martin spun off its information systems and strategic solutions business to Leidos Holdings Inc., a defense services, technology
Why Proofpoint Keeps Shaking FireEye (Seeking Alpha) FireEye is sleeping on a cash cow hidden in its EX series of email security solutions. Sustainable double-digit growth in cloud security will provide the needed
3 Stocks With FireEye-Like Growth Potential (nwitimes.com) Our societal dependence on technology has made us increasingly more vulnerable to internet attacks. That's why an ever-increasing number of companies are to looking to internet security companies like FireEye
Can Dell change endpoint security? (Computerworld) Traditional PC security is failing most companies, and a new approach is required if enterprises are to be protected. Can PC vendors like Dell dramatically improve endpoint security?
“Cyber Ninjas” Tell it Like it is ... and Companies are Listening (Northrop Grumman Newsroom) Earning a spot at the top, Northrop Grumman was named among the best places to work for Cyber Ninjas, according to a recent report issued by the SANS Institute, a global leader in information security training. “Cyber Ninjas” are defined as those...
Strengthening Security Through Alliances (Benzinga) JKL Web Technologies forms an alliance with BTB Security.
CyberSponse, Inc. Appoints Former United States Federal CISO Greg Touhill, Brigadier General, US Air Force (Ret.), to its Board of Directors (PRWeb) CyberSponse, Inc., the leader in incident response automation and orchestration, appoints former Federal CISO, Gregory Touhill, Brigadier General, US Air Force (Ret.), to its company Board of Directors.
Products, Services, and Solutions
Nets Rolls Out Preventative Fraud Service to Protect Online Consumers Across the Nordics (Nets) Nets blocks clickbait traps and unsolicited recurring payments worth €1.9m, reducing card disputes by up to 20%.
ThreatConnect Partners with CenturyLink for Managed Security Services (ThreatConnect) ThreatConnect provides managed security services providers the ability to offer more premium services
Reed Smith Releases First App for Multistate Assessment of Data Breach Notification Obligations (Reed Smith LLP) Global law firm Reed Smith LLP today announced the launch of Breach RespondeRS, a free app. Nearly every state in the United States has a data security breach law, requiring notice when certain personal information is lost, stolen, or misused. But the many laws differ in small but crucial respects, making it difficult to get to a bottom line.
Launching New Multistate Assessment Tool for Data Breach Notification Obligations (Technology Law Dispatch) Nearly every state in the United States requires notification when certain personal information is lost, stolen, or misused.
SPYRUS Announces Extensive Family of FIPS 140-2 Level 3 Certified Hardware Root of Trust Devices for the Internet of Things (Marketwired) Devices available in multiple form factors to support blockchain, IoT infrastructures or embedded, edge, and standalone computing platforms
Cybersecurity Leadership and Governance (Covenant Security Solutions) The goal for this course is to provide an understanding of cybersecurity leadership focused on people and not just technology and policy. It will give you an overview of frameworks to support your risk management activities. It is highly useful to any organizational executive, or leader seeking an understanding of building cybersecurity cultures and governance. The instructor is Dr. Mansur Hasib, called the 'Peter Drucker' of Cyber Security Leadership. He is published in the “Cybersecurity Canon” and recent recipient of the coveted “2017 People's Choice Award” in Cybersecurity training.
Microsoft integrates with Zimperium to guard against zero-day mobile threats (BetaNews) Cyber attacks aren't limited to desktop systems, mobile endpoints are equally at risk and for enterprises this is something else that needs protection.
Microsoft will counter cyberattacks on Windows 10 with AI from Hexadite (TechRepublic) Criminals are winning the battle for data access way too often. Microsoft is adding AI and automation to its security platform by acquiring innovations from Hexadite.
Adelaide's emt Distribution named US-security vendor Thycotic's master distributor in Asia-Pacific (CRN Australia) Emt Distribution first to distribute Thycotic in Australia.
This hypnotic, terrifying map charts cyberattacks in real-time (WIRED UK) Kaspersky Labs has created a map that uses live data to give you an insight into cyber threats
Illusive Networks Tricks Attackers With Email Data Deceptions (eWEEK) The deception technology vendor adds a new email deception feature that will place fake information in corporate mail systems in a bid to trick attackers.
SecureWorks Innovates Counter Threat Platform to Enable Enterprises to Better Detect, Contain, and Eliminate Cyber Threats (BusinessWire) SecureWorks® (NASDAQ: SCWX), a leading provider of intelligence-driven information security solutions, continues to innovate its flagship Counter
Dimension Data Launches Endpoint Lifecycle Management Services (PRNewswire) Global IT services and solutions provider to help organizations accelerate adoption of enterprise mobility through...
Apple of Their Eye: Dimension Data Launches Apple Practice to Drive iOS Adoption in the Enterprise (CRN) Dimension Data has unveiled a dedicated Apple practice to help businesses easily manage corporate apps and data across the Mac, iPad, iPhone and Apple Watch.
IBM upgrades VersaStack for hybrid cloud (The Stack) IBM has announced a new version of VersaStack which now includes new VDI and hybrid cloud capabilities, to increase the flexibility of hybrid cloud networks.
Technologies, Techniques, and Standards
SOF goes cyber (Shephard) Details have emerged regarding a joint training exercise conducted by the US Army Cyber Command and Dutch Defence Cyber Command (DCC), aimed at developing a ‘Cyber Warrior’ concept for special operations forces (SOF) operating at the tactical edge.
Partnership between Dutch and Army Cyber Brigade Benefits Both Nations (DVIDS) Dutch Brig. Gen. Hans Folmer, commandant of his country's newly-formed Dutch Defence Cyber Command (DCC), met with Col. John (Dave) Branch, commander of the 780th Military Intelligence (MI) Brigade (Cyber), to strengthen their partnership and to discuss cyber and future training opportunities at the Muscatatuck Urban Training Center (MUTC), Mar. 16.
Crying wolf: Combatting cybersecurity alert fatigue (SC Media US) Not only must security pros contend with ever-increasing attacks to their networks, they also must finagle the tool sets guarding their systems to make certain settings are as they should be, reports Greg Masters.
An Introduction to VolUtility (SANS Internet Storm Center) If you would like to practice memory forensics using Volatility but you don't like command line tools and you hate to remmber plugins then VolUtility is your friend.
The best identity management advice right now (CSO Online) We've never been closer to getting pervasive, global identities. And with 2FA/MFA, you get all of the benefit with less of the risk.
Why are Businesses still Taking Unnecessary Risks with Cybersecurity? (Infosecurity Magazine) Businesses carry IT-related commercial risk that is either misunderstood, poorly communicated, or worse still, unidentified.
Mobile app developers: Make sure your back end is covered (ITworld) Developers need to make sure they are baking security into the application code and protecting how their apps handle data, but as the so-called HospitalGown security issue shows, they also need to know how the back-end servers and data stores are being configured.
AusCERT 2017 - Myths and Truths to Building a World Class Cyber Defence (CSO) Chris Coryea comes from Leidos – a major MSSP in the United States which is comprised of about 33000 employees that come from the original Leidos MSSP business and Lockheed Martin's cyber security team. That brought together the MSSP capability with advanced analytics and Lockheed Martin's famed Cyber Security Kill Chain approach.
10 Ways to Fight Advanced Malware With Threat Intelligence Sharing (Security Intelligence) The X-Force Exchange threat intelligence sharing platform brings collaboration to the forefront of the ongoing fight against WannaCry and other malware.
Top tips to secure your home wifi network from net nasties (Future Five) Your home internet network is become more and more vulnerable. Here's what you can do to help protect it from hackers and other net nasties.
Design and Innovation
This UK Company Is Making It Easier for Private Companies to 'Hack Back' (Motherboard) As the US considers legislation that would allow companies to strike-back against hackers, a UK firm is already making that step a little bit easier.
Academia
DCC ‘Cyber Team’ honored at national summit (GoDanRiver.com) The Danville Community College “Cyber Team” was honored Wednesday at the National Cyber Security Summit in Huntsville, Alabama.
AccessData to Host Digital Forensics Lab at Cybersecurity Camp for Girls at Dakota State University (Globe Newswire) AccessData Group, a leading provider of integrated digital forensics and e-discovery software, will host hands-on labs to educate students about digital forensics at the 2017 GenCyber: Girls in CybHER Security camp at Dakota State University (DSU).
San Juan College hosts youth cybersecurity camp (Farmington Daily Times) A free San Juan College summer camp focusing on teaching K-12 students about cybersecurity is in high demand.
Legislation, Policy, and Regulation
The Saudi-Iran War Comes to Washington (Foreign Policy) In the battle for Middle East supremacy, Tehran and Riyadh are pulling out all the stops.
Intelligence and the Presidency (Foreign Affairs) The relationship between Trump and the intelligence community needs to be recalibrated. The president must understand that “alternative facts” have no place in the work of intelligence professionals.
Work on government security strategy is progressing (CSO) Working alongside the Prime Minister’s special adviser for all things cyber gives Jacob Boyle a unique perspective on the government’s role in securing the country – not just with all the services offered by government but also in working with businesses and the security industry.
Litigation, Investigation, and Law Enforcement
Man in Pakistan sentenced to death for blasphemous Facebook comments (TechCrunch) There's disturbing news from Pakistan, where a man has been handed the death sentence for allegedly making blasphemous comments on Facebook. The Guardian..
Pakistan: man sentenced to death for blasphemy on Facebook (the Guardian) Taimoor Raza was found guilty of insulting the prophet Muhammad during an argument on social media with a counter-terrorism official
Why Isn't Twitter Deleting the Weis Market Shooter's 'Suicide Tapes'? (Motherboard) It’s been four days since Randy Stair killed three people in a Pennsylvania supermarket. Why is his extensive web presence still online?
This Is How Chinese Spying Inside the U.S. Government Really Works (The National Interest) A federal affidavit shows how China lured and paid a suspected spy inside the State Department.
How Russia Targets the U.S. Military (POLITICO Magazine) With hacks, pro-Putin trolls and fake news, the Kremlin is ratcheting up its efforts to turn American servicemembers and veterans into a fifth column.
The monumental idiocy of leaker Reality Leigh Winner (Washington Examiner) If it's true that Winner has been openly discussing the PR angle with family members over monitored phone calls, it suggests she is dimmer...
Top Democrat calls for investigation of Loretta Lynch’s Clinton probe (New York Post) The top Democrat on the Senate Judiciary Committee called Sunday for a congressional investigation into former Attorney General Loretta Lynch’s handling of the Hillary Clinton email pr…
Byron York: Is Robert Mueller conflicted in Trump probe? (Washington Examiner) Comey is a good friend of special counsel Robert Mueller — such a good friend, for about 15 years now, that the two men have been described...
Yes, Robert Mueller Should Recuse Himself From Investigating Trump Over Comey Firing (Daily Wire) In light of James Comey's testimony last week, it is abundantly clear that Special Counsel for the Russia investigation Robert Mueller needs to recuse himself from any issues surrounding the former FBI Director.
Cyber Scam: A Side of the Web You Won (The Citizen) When Pinakita Gupta ordered a surprise gift for her friend through an Instagram store <em>Chic Carnations</em>, little did she know she was in for an
Many terrorists' first victims are their wives - but we're not allowed to talk about that (New Statesman) The links between domestic violence and mass killings are now exhaustively documented. So why the conspiracy of silence?