Cyber Attacks, Threats, and Vulnerabilities
Appleby law firm data breach goes public as 'Paradise Papers' finally spill into the press (Computing) Queen among the big names outed in latest Panama Papers-style offshore law firm data breach
Here’s a guide to the major revelations in the Paradise Papers (Quartz) Hundreds of journalists have begun publishing articles based on a massive document leak from two companies that specialize in offshore accounts.
Paradise Papers expose tax schemes of global elite (Deutsche Welle) Reporters have unveiled some 13.4 million secret documents detailing evidence of tax avoidance among high-ranking politicians and the super wealthy. Some in US President Donald Trump's cabinet have been implicated.
Kremlin Cash Behind Billionaire’s Twitter and Facebook Investments (New York Times) Leaked files show that a state-controlled bank in Moscow helped to fuel Yuri Milner’s ascent in Silicon Valley, where the Russia investigation has put tech companies under scrutiny.
Iranian General Warns of Cyberthreat from US Regional Command (Tasnim News Agency) TEHRAN (Tasnim) - A senior Iranian cyber security official cautioned against “serious” potential threats posed by an American cyber command center in Bahrain.
PH probing North Korean ‘hacking’ ahead of Asean summit (Inquirer) The Department of Information and Communications Technology (DICT) said it was “on top” of cybersecurity preparations ahead of the Association of Southeast Asian Nations (Asean) summit next week, assistant secretary Allan Cabanlong said in an interview.
Russia-Linked Hackers Target Turkish Critical Infrastructure (Security Week) A Russia-linked threat group has been targeting people associated with Turkish critical infrastructure through compromised Turkish sites, according to threat management firm RiskIQ.
Russia’s hackers took only a week to pry into Clinton camp (Concord Monitor) Nineteen thousand lines of raw data associated with the theft of emails from Hillary Clinton campaign staffers show how the hackers managed the election-shaking operation.Minute-by-minute logs gathered by the cybersecurity company Secureworks and...
Suspected Russian cyber spy Guccifer 2.0 altered a DNC document before releasing it (Business Insider) The revelation that Guccifer altered the document comes amid the FBI and Congress' wide-ranging investigations into Russia's election interference.
Social Media Experts Say the Russian Trolls Suck at Facebook (Motherboard) You don’t even have to be good at Facebook to reach millions of voters
AP finds hackers hijacked at least 195 Trump web addresses (News Observer) The Associated Press has learned that four years ago, at least 195 web addresses belonging to Donald Trump, his family or his business empire were hijacked by hackers possibly operating out of Russia.
Corebot banking trojan returns - after modifying indicators of compromise (SC Media UK) A new variant of banking Trojan, CoreBot, active in 2015, spotted by security researchers with the new variant spreading via malicious Office documents.
Crooks poison results for financial-related searches to deliver banking malware (Help Net Security) Beware financial-related searches deliver banking malware, as cyber crooks are using a clever approach to fool unsuspecting users.
Russian hackers silently threaten global financial organisations (SC Media UK) A new bankrobber Trojan has been identified by Kaspersky Lab, quietly stealing money direct from the banks themselves rather than customers.
CEO says Kaspersky antivirus software also takes harmless files (Reuters) Eugene Kaspersky said his company's widely used antivirus software has copied files that did not threaten the personal computers of customers, a sharp departure from industry practice that could increase suspicions that the Moscow-based firm aids Russian spies.
Chinese KeyBoy Group Unlocks More Victim Networks (Infosecurity Magazine) Chinese KeyBoy Group Unlocks More Victim Networks. PwC claims new sighting of group targeting Western victims
Turkish hackers deface Times of Israel website for Palestine (HackRead) The state of Israel is one of the places whose cyberinfrastructure is continuously under cyber attack from hackers around the world. On November 2nd (Balfo
ChessMaster’s New Strategy: Evolving Tools and Tactics (TrendLabs Security Intelligence Blog) A few months ago, we covered the ChessMaster cyberespionage campaign, which leveraged a variety of toolsets and malware to compromise its targets—primarily organizations in Japan.
GIBON Ransomware Being Distributued by Malspam (BleepingComputer) A new ransomware has been discovered called GIBON that is being distributed via malspam emails with malicious documents.
Japanese businesses are the latest victims of attacks disguised as ransomware (Cyberscoop) A sustained ransomware campaign aimed at extorting Japanese companies now appears to have been part of an elaborate cyber-espionage operation that included destroying data to conceal evidence, according to cybersecurity firm Cybereason...
Merck reveals losses in sales due to cyber-attack (EPM Magazine) Merck has revealed, in its third quarter earnings report, that the manufacturing disruptions related to the cyber-attack that happened earlier in the year led to $135 million in lost sales.
Over 1 million Android users downloaded fake WhatsApp app (HackRead) Scammers tricked over 1 million Android users into downloading a fake version of the popular messaging app WhatsApp pretending to be the official one. The
LokiBot: If not stealing, then blackmailing (Kapsersky Blog) This versatile mobile banking Trojan morphs into ransomware on detecting a removal attempt.
2018 Malware Forecast: learning from the long summer of ransomware (Naked Security) SophosLabs looks at the summer of 2017’s most prolific ransomware families
Hacker Holds University for Ransom, Threatens to Dump Student Info (BleepingComputer) A hacker is trying to extort a Canadian university, threatening to dump student information unless university top brass pay 30,000 CAD (23,000 USD).
Stepping Stone Attack launches EternalBlue Internally (Netskope) Netskope Threat Research Labs has observed an email-server message block (SMB) blended threat which uses the compromised machine as a stepping stone to propagate laterally via the EternalBlue exploit...
Estonia blocks certificates on 760,000 ID cards due to identity theft risk (Help Net Security) On 3 November 2017 at midnight, Estonia will block the certificates of 760,000 ID cards due to identity theft risk becoming real.
Equifax Says Execs Unaware of Hack When They Sold Stock (Security Week) Equifax said Friday an internal review found that four executives who sold shares ahead of disclosure of a massive data breach at the credit agency were unaware of the incident ahead of the sale.
Equifax letters spark scam concern among victims (Which? News) Around 700,000 Brits are being notified that their data was stolen from Equifax – but the vast majority have never dealt with the company directly.
2nd Breach at Verticalscope Impacts Millions (KredsOnSecurity) For the second time in as many years, hackers have compromised Verticalscope.com, a Canadian company that manages hundreds of popular Web discussion forums totaling more than 45 million user accounts.
Data Pours from Cloud—And 'The Enemy is Us' (Threatpost) Enterprises are grappling with widespread incidents of misconfigured servers leaking sensitive data to the public internet.
Critical infrastructure on target: A cyber attack that could be worse than war (The Economic Times) A cyber attack on critical infrastructure could be a preferred mode of attack in a future war. It can cripple a nation without firing a single shot.
Crypto Bugs in IEEE Standard Expose Intellectual Property in Plaintext (BleepingComputer) Due to the usage of weak cryptography in the IEEE P1735 electronics standard, attackers can recover highly-valuable intellectual property in plaintext.
Standardizing Bad Cryptographic Practice (Association for Computing Machinery) A teardown of the IEEE P1735 standard for protecting electronic-design intellectual property
Adobe Flash Player Is Getting More Vulnerable To Exploits (TAJ) A recent malware attack was spotted using Adobe Flash Player download to victimize users. It was discovered as a new version of ransomware named as the Bad Rabbit.
Cyber attack knocked Lake Farmparks holiday ticket sales off line, ticketing to resume next week (Cleveland.com) Hackers disrupt ticket sales for Lake Metroparks' Country Lights holiday event, sales to resume November 8
Nationwide cards have stopped working across the country (The Independent) Nationwide customers across the UK have been hit by problems with their cards. Transactions in stores and online were declined and some people were unable to withdraw cash from ATMs.
Popular Anime Site Crunchyroll.com Hijacked to Distribute Malware (BleepingComputer) Popular Anime site Crunchyroll.com was taken offline this morning due to a hack that caused visitors to be prompted to download a desktop version of their software. This software, though, was not as it seemed because it also included malware that was installed along with it.
Security Patches, Mitigations, and Software Updates
Microsoft 'external database' bug patches have even more bugs (Computerworld) Microsoft released five patches for the “Unexpected error from external database driver” bug. But the cure’s worse than the disease. If you installed one, yank it now.
Advantech Patches Code Execution Flaws in SCADA Product (Security Week) An update released by Taiwan-based industrial automation company Advantech for its WebAccess product patches two remote code execution vulnerabilities, ICS-CERT reported on Thursday.
Tor flaw results in user IP address leakage (Computing) Tor Project has released a patch for 'TorMoil' an IP address flaw affecting macOS and Linux users
Cyber Trends
Facebook and Google Are Actually 'Net States.' And They Rule the World (WIRED) Opinion: The world is no longer dominated by nations. We're in a non-state, net-state era.
Only 18% of Small-Business Owners Think They Are at Risk for a Cyber Attack (insureon) Only 18% of small-business owners think they might face a cyber breach. Find out how damaging a breach can be and get small business cyber security tips.
Marketplace
GDPR to have limited impact on M&A activity (Help Net Security) Dealmakers believe that the new General Data Protection Regulation (GDPR) will likely only have a modest impact on M&A activity in the EU.
Despite Challenges, Australia is Becoming a Thriving Cybersecurity Ecosystem (Infosecurity Magazine) Australia is making some noise when it comes to breaking through on the global cybersecurity scene.
Kaspersky Struck References to 67 'Tech Partners' Like Amazon and Microsoft From Website (Fortune) This is your Cyber Saturday edition of Fortune's tech newsletter for November 4, 2017.
To fix itself, Facebook needs to put profit second — for now (Yahoo! Finance) Facebook plans on doubling the number of employees allocated to “safety and security” to 20,000. Hiring 10,000 people is a significant investment and is a sign that public and political pressure has led Facebook to take the great power of its platform seriously. But is it enough?
Broadcom offers to acquire Qualcomm for $70 per share (TechCrunch) Following rumors over the weekend, chipmaker Broadcom has today confirmed it has approached wireless chipmaker Qualcomm with an acquisition offer that values..
Israeli hacking firm's founders to move into cyber defence (NASDAQ.com) Israeli entrepreneurs with a track record of developing computer hacking weapons for law enforcement agencies fighting online crime, are now looking to set up a new business to defend computer systems against attacks, they said on Thursday.
ForeScout IPO Update: There Are Better Deals To Buy (Seeking Alpha) ForeScout, the endpoint security software vendor, went public on October 27 at $22/share, pricing at the high end of its range of $20-$22. The company also enla
Products, Services, and Solutions
New infosec products of the week: November 3, 2017 (Help Net Security) New infosec products of the week include releases from: Fidelis Cybersecurity, ManageEngine, RiskIQ, Adaptiva, Honeywell, Dashlane, and Vera.
Cybrary Launches Subscription Option for Enhanced Member Experience (PRWeb) Program offers members access to exclusive benefits, content, and services
The case for outsourcing your KYC (Equiniti) Outsourcing KYC is a good way for banks to safeguard their continued regulatory compliance and control spiralling costs, explains Toby Tiala, Programme Director, Equiniti KYC Solutions.
Dashlane updated to version 5, no separate app needed (Android Community) With the sheer number of forms and log-ins on sites and apps that we encounter every day, whether on mobile or on your desktop, you will eventually need an auto-complete and password manager in one…
Smart Lock and iCloud Keychain – password managers for the rest of us (Naked Security) Apple’s iCloud Keychain and Google’s Smart Lock aren’t perfect, but they might make it easier for people to choose to use a password manager
Mosaic451 Introduces Cybersecurity Talent Training Program (PRNewswire) Mosaic451, a bespoke cybersecurity services provider and consultancy, is...
Cyber attack: Bajaj Allianz launches first cyber insurance cover (Business Today) In a first cyber cover for individuals, Bajaj Allianz General Insurance has launched Individual Cyber Safe policy.
Gemalto launches SafeNet Data Protection On Demand (iTWire) SafeNet Data Protection on Demand is Gemalto's data security-as-a-service product for enterprises and managed service providers. Cloud-based SafeNet D...
Secdo 5.0 Makes Behavioral-Based Bet on Automated Incident Response (eSecurity Planet) Secdo, a New York City cybersecurity startup, launched version 5.0 of its incident response platform with a new Behavioral Based Indicators of Compromise capability that enables businesses to better tailor the product's protections to their needs.
Technologies, Techniques, and Standards
Five Fundamental Strategies for Cybersecurity (SIGNAL Magazine) Legacy technology is not equipped to adequately prevent attacks that are now becoming alarmingly commonplace.
The Race Is On to Protect Feds' Laptops and Mobile Devices (FedTech) Endpoint protection is a priority for security professionals who need to lock down agencies' devices and .
Email Security at Risk: How to Stop Hackers in Their Tracks (Corporate Counsel) Federal agencies have 90 days to adopt a form of email security that guards against spam and phishing. This order is so critical because 97 percent of…
How to Keep Your Bitcoin Safe and Secure (WIRED) Bitcoin and other cryptocurrencies have exploded in value—making them an ever-more attractive target for scammers and hackers. Here's how to protect investment.
How to Protect Yourself From the CryptoShuffle Trojan (Cointelegraph) Hackers using copy/paste issue to steal cryptocurrencies - what can you do to protect yourself?
Zk-Snarks Everywhere: Ethereum Privacy Tech Hits Tipping Point (CoinDesk) "I was expecting maybe 15-20 people to care about zk-snarks, but wow."
Design and Innovation
Microsoft and AWS Collaborate on Machine Learning (InfoQ) Microsoft and AWS have recently announced a new collaboration aimed at democratizing deep learning and artificial intelligence.
How to Build a Robot That Won't Take Over the World (WIRED) The computer scientist Christoph Salge is trying to circumvent the need for rules that guide robots’ behavior. His strategy: Give them a goal of making us more powerful.
Academia
West Point shows off cyber chops in higher ed challenge (EdScoop) Symantec's cybersecurity competition for colleges and universities drew participation from 31 university IT teams in 25 states.
NSA Professionals Score College Creds at Drexel (DrexelNow) For more than half a century, students in training to become experts in numerous fields at the National Security Agency have participated in rigorous training at the National Cryptologic School — learning everything from foreign languages to codebreaking.
Students in cybersecurity club embark on long weekend of national, international competition (Snoqualmie Valley Record) The Siber Defense Club at Mount Si High School has a full weekend schedule ahead, hacking into computer systems and decrypting data. The group, an evolution of a computer club at Mount Si, is in its second year as an official club at the high school, focused on cybersecurity challenges.
Legislation, Policy, and Regulation
Senator wants tech giants to help U.S. retaliate against Russia (CSO Online) Sen. Mitch McConnell said tech giants such as Google and Facebook should help the U.S. government retaliate against Russia for meddling in the 2016 election.
UK offers expertise to Qatar in implementing cyber security standards (Gulf-Times) London has offered its expertise to Qatar in developing and implementing appropriate standards in cyber security, according to Conrad Prince, the UK’s Cyber Security Ambassador.
Verizon Wants the FCC to Overturn State Internet Privacy Laws (Motherboard) The telecom giant filed a white paper with the commission last week arguing that it had the authority to overrule recent state-level laws.
Litigation, Investigation, and Law Enforcement
MI5 missed clues over Manchester bomber Salman Abedi (Times) MI5 officials missed key intelligence warnings that could have put the Manchester bomber under surveillance as a “high-priority” target before he murdered 22 people, The Sunday Times can reveal.
Fusion GPS And House Intel Committee Renew Battle Over Bank Records (The Daily Caller) Fusion GPS and the House Intelligence Committee renewed their legal battle on Friday over subpoenas for the Trump dossier firm's bank records. Lawyers for Fusion submitted a new request for a tempo
Papadopoulos is “the big one," not Manafort, ex-CIA director Michael Hayden says (Newsweek) Just as in Watergate, a low-level aide has blown the Russia probe wide open.
University of Stirling link to Hillary Clinton ‘dirt’ (Times) A British university rolled out the red carpet for the professor who is now at the centre of the FBI investigation into alleged collusion between the Trump election campaign and Russia. Joseph...