Cyber Attacks, Threats, and Vulnerabilities
New Group of Iranian Hackers Linked to Destructive Malware (WIRED) A suspected Iranian government hacking team known as APT33 may be planting computer-killing code in networks around the world.
Rogue governments using ‘off the shelf’ hacks, Google warns (Financial Times) Smaller states able to launch cyber attacks inexpensively, security chief says
UK Biggest Market in Europe for Jihadist Web Content (Infosecurity Magazine) UK Biggest Market in Europe for Jihadist Web Content. May to ramp up pressure on internet giants
Germany sees no sign of cyber attack before Sept. 24 election (Reuters) German government officials and security experts say they have not seen signs of hacking or suspicious news leaks ahead of the Sept. 24 election despite months of warnings about possible foreign meddling.
Political Campaigns Ramp Up Cybersecurity Efforts Before Elections (Newsmax) Political campaigns from both parties are working on enhancement of their cybersecurity, by using encrypted messaging applications instead of email and trying to help new campaigns with advice and strategies to keep their operations secure before they are targeted,...
Democrats scrambling to protect data from election hackers — but there’s no road map (Raw Story) While the hackers that attacked the Democratic National Committee dropped a lot of information and documents, more is coming.
Viacom AWS Misconfig Exposes IT Infrastructure (Infosecurity Magazine) Viacom AWS Misconfig Exposes IT Infrastructure. Attackers could have used it for phishing and botnet building, warns UpGuard
Barracuda Advanced Technology Group monitoring aggressive ransomware threat (Barracuda) The Barracuda Advanced Technology Group is actively monitoring an aggressive ransomware threat that appears to come in the largest volume from Vietnam.
Locky Ransomware Pushed Alongside FakeGlobe in Upgraded Spam Campaigns (CSO) In the beginning of September, a sizeable spam campaign was detected distributing a new Locky variant. Locky is a notorious ransomware that was first detected in the early months of ...
Financial attractiveness of ransomware ensures it remains growing threat (SC Magazine) Mobile devices under increasing attack from malware, including ransomware, which has seen a 122 percent increase in variants as it becomes an increasingly attractive option for criminals.
Check Point Research calls out DU Antivirus Security (Enterprise Times) Check Point mobile threat researchers have called out DU Antivirus Security for stealing user data and then using it in another app
Researchers Discover New Android Banking Trojan (BleepingComputer) Security researchers have detected a new Android banking trojan by the name of Red Alert 2.0 that was developed during the past few months and has been recently rolled out into distribution.
Show Me The Money: Cybercriminals Deploying Diverse Range of Banking Trojans and Ransomware, says Check Point (GlobeNewswire News Room) Check Point’s August Global Threat Impact Index shows Roughted remained the top malware, followed by Globalimposter and HackerDefender in third place
Equifax Suffered a Hack Almost Five Months Earlier Than the Date It Disclosed (Bloomberg) Equifax Inc. learned about a major breach of its computer systems in March -- almost five months before the date it has publicly disclosed, according to three people familiar with the situation.
Earlier Equifax breach was no secret (TheHill) A Bloomberg story claiming that Equifax did not notify the public of a breach in March appears to be inaccurate about one of its central tenets.
Equifax says 100,000 Canadians affected by breach (TheHill) Equifax’s Canada division has revealed that as many as 100,000 Canadian consumers may have had their personal information compromised by hackers.
Inside the massive Equifax hack attack (Australian) On March 8, researchers at Cisco Systems reported an online security flaw that allowed hackers to break into servers around the internet. Cisco urged users to upgrade their systems immediately with a newly issued fix.
Analysis | Equifax’s security chief had some big problems. Being a music major wasn’t one of them. (Washington Post) Why nontechnical degrees in technology aren't a sign of incompetence or weakness.
What's that, Equifax? Most people expect to be notified of a breach within hours? (Register) Go on, you're the breach expert
Equifax breach indicates need to evolve cyber security thinking (Security Brief) The Equifax breach has underlined the problem with security testing.
Apache “Optionsbleed” vulnerability – what you need to know (Naked Security) Remember Heartbleed, where servers could be tricked into letting other people’s data slip? “Optionsbleed” is an Apache bug that’s similar.
Risks Limited With Latest Apache Bug, Optionsbleed (Threatpost) The risks surrounding the latest Apache bug, called Optionsbleed, are limited given it can only be attacked under certain conditions.
Avast opens up about CCleaner hack and outlines how it will protect users (BetaNews) When news broke yesterday that CCleaner had been hacked and a dangerously modified version had been available to download for a number of weeks, there were understandable concerns from the program's large userbase. And the concern is well-placed -- some 2.27 million machines are thought to have installed the infected software.
LiteBit Bitcoin Exchange Hacked Twice in Two Months (BleepingComputer) LiteBit.eu — a multi-currency exchange based in the Netherlands — has suffered data breaches two months in a row. According to emails sent to affected customers after each event, no Bitcoin or altcoin funds were stolen in any of these two incidents.
PyPI Python repository hit by typosquatting sneak attack (Naked Security) Imposters posing as popular packages were found to contain malicious code
Casting a Light on BlackEnergy (ThreatConnect) A look into BlackEnergy malware and using ThreatConnect to aggregate and memorialize the identified intelligence.
3 Personas of DNS in Cyber Security (BlueCat) Cyber attackers leverage DNS differently for different outcomes: DNS as Facilitator, DNS as Hostage and DNS as Weapon. How is your DNS being hijacked?
BeyondTrust Survey Reveals the "5 Deadly Sins" That Increase the Risks of a Data Breach (BeyondTrust) Despite prioritizing privileged access management, a majority of enterprises fail to prevent the abuse or misuse of privileged credentials
Cyber attack, hurricane weigh on FedEx quarterly profit (Reuters) Package delivery company FedEx Corp (FDX.N) said on Tuesday a June cyber attack on its Dutch unit slashed $300 million from its quarterly profit, and the company lowered its full-year earnings forecast.
Revenge Hacking Is Hitting the Big Time (The Daily Beast) Companies are hacking back against cybercriminals to try to prevent—or at least limit the damage of—Equifax-style disasters. One problem: It’s not all that legal.
Security Patches, Mitigations, and Software Updates
Apache bug leaks contents of server memory for all to see—Patch now (Ars Technica) Optionsbleed is especially threatening for people in shared hosting environments.
Apple releases iOS 11 (Help Net Security) iOS 11 is performance optimised for 64-bit apps. 32-bit apps will need to be updated by the app developer to work with this version of iOS.
iOS 11 Update includes Patches for Eight Vulnerabilities (Threatpost) Apple released a number of patches, including a security update for iOS 11, which is available today.
Steam has a “review bomb” problem—but will today’s new feature fix it? (Ars Technica) Follows a September 2016 overhaul that aimed to remove fraudulent reviews.
Cyber Trends
Barracuda Research Confirms U.S. Companies Doubling Down on Public Cloud, Customers' Security Responsibilities Still Unclear (PRNewswire) Barracuda Networks, Inc. (NYSE: CUDA), a leading provider of...
September 2017 - Netskope Cloud Report (Netskope) Little change in GDPR-readiness levels with May 2018 deadline looming.
BSIMM8 Study Reinforces Benchmarking as a Critical Exercise in Early Stages of Software Security Initiatives (PRNewswire) Synopsys, Inc. (Nasdaq: SNPS) today released BSIMM8, the latest...
Spyware rampant, emails could be compromised (AJP) Cyber criminals are becoming ever more sophisticated, and security experts say they’re alarmed Cisco has released its Midyear Cybersecurity Report for 2017, in which it ...
The three least effective enterprise security measures (Help Net Security) Hackers identified phishing as the best data exfiltration strategy, and also pointed out the three least effective enterprise security measures.
Number of lost, stolen or compromised records increased by 164% (Help Net Security) According to Gemalto's Breach Level Index, 918 data breaches led to 1.9 billion data records being compromised worldwide in the first half of 2017.
1.9 Billion Data Records Exposed in First Half of 2017 (Dark Reading) Every second, 122 records are exposed in breaches around the globe, a new report shows. And that's doesn't even include the new Equifax breach data.
Cyberattacks cost US enterprises $1.3 million on average in 2017 (CSO Online) IT security budgets as well the costs of data breaches are up for North American enterprises and SMBs.
Marketplace
Equifax's Data Breach Should Prop Up These Cybersecurity Stocks (NASDAQ) Betting on cybersecurity stocks has been a profitable trade in 2017. Thanks to the number of high-profile hacking-related headlines that have hit retailers and corporations, both the First Trust Nasdaq Cybersecurity ETF (CIBR) and ETFMG Prime Cyber Security ETF (HACK) — up 11% and 14%, respectively -- have padded many portfolios.
Threat Stack Announces $45M in Series C Funding (BusinessWire) Threat Stack, provider of the industry’s most comprehensive intrusion detection platform for cloud, hybrid-cloud, and on-premise environments, t
Aqua Secures $25M in Series B Funding (Aqua Blog) With the exciting news of Aqua securing $25 Million in series B funding, Aqua says it will invest heavily in growing their sales and marketing teams in order to meet the growing demand as container adoption is becoming more mainstream.
10 Hot Cybersecurity Funding Rounds in Q3 (Dark Reading) The first two quarters of 2017 have been the most active ever in five years from a cybersecurity investment standpoint. Here's how the third quarter has shaped up.
SecureAuth and Core Security Announce Merger Plans (Infosecurity Magazine) The two orgs will combine security operations and identity and access management
Checking In on FireEye Inc.'s Turnaround (The Motley Fool) Five metrics show the progress FireEye is making on its turnaround.
Elbit Systems restructuring cyber subsidiary (Globes) Cyberbit's defense business is being transferred to the parent company.
Threat Sketch Named Startup to Watch (Business Insider) Threat Sketch was recently named one of seven startups to watch in North Carolina's Triad region by Exit Event, an organization providing news, information and tools for startups and emerging companies.
SecureRF is bringing crypto to the embedded world (Stacey on IoT | Internet of Things news and analysis) SecureRF makes software that gets embedded onto microprocessors that allows them to perform impressive feats of security in milliseconds, not minutes. Since security is one of the current challenge…
LookingGlass Cyber Solutions and Brookcourt Solutions Announce Strategic Partnership (BusinessWire) LookingGlass Cyber Solutions and Brookcourt Solutions announce strategic partnership to deliver unified threat protection against strategic attacks.
Siemens and PAS Announce Global Strategic Partnership to Provide Essential Industrial Control System Cybersecurity (BusinessWire) Siemens and PAS Global announced an agreement to provide fleet-wide, real time monitoring for control systems in utilities and oil and gas sectors.
Samsung Electronics Joins the OPC Foundation to Accelerate Enabling Interoperable Industrial IoT Edge Platform (Presse Box) Samsung Electronics, as one of the biggest manufacturers in the world, becomes a Corporate Member for a goal of interoperable Industrial IoT edge platform powered...
PrecisionLender Joins Cloud Security Alliance (Broadway World) PrecisionLender Joins Cloud Security Alliance
Cylance beefs up local partner focus and skills (ARN) Since launching full throttle into the A/NZ marketplace, Cylance has been on a mission to propel its growth in the market through its channel network.
FourV Systems Appoints Two New Senior Advisors to Company Board (BusinessWire) FourV announces the addition of two senior officers to its Board of Advisors: David Neuman of Rackspace and Jerry Archer of Sallie Mae.
CrowdStrike Appoints Lisa McGill as Chief Human Resources Officer (CrowdStrike) CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced that the company has appointed Lisa McGill as chief human resources officer (CHRO). McGill will lead CrowdStrike’s Human Resources organization to steer the…
Products, Services, and Solutions
Nehemiah Security Releases New Version of AtomicEye RQ (Nehemiah Security) AtomicEye RQ Delivers Security Risk Management Platform Capable of Identifying Exploitabilities and Prioritizing Actions on an Automated, Continuous Basis Tysons, VA – September 20, 2017 – Nehemiah Security, an internationally recognized supplier of cybersecurity software and services to enterprise and government organizations, today announced major upgrades to their security risk management platform, AtomicEye RQ (Risk …
Neustar WAF Helps Organizations Combat Growing Application Layer Threats (BusinessWire) Neustar, Inc., a trusted, neutral provider of real-time information services, today introduced its new Web Application Firewall (WAF). It combines the
Ethical Security Research on SecureDrop (SecureDrop) The SecureDrop engineering team welcomes the contributions of security researchers.
Microsoft extends Office bug bounty program (ZDNet) The company is offering up to $15,000 per bounty.
Quest Expands Security Software Solutions for Microsoft Office 365 (BusinessWire) Quest announces new solutions that make it easy for IT teams to manage and secure Office 365 and Azure AD environments
China Telecom utilises Versa Networks for SD-WAN service (Telecom Tech News) Versa Networks has been chosen as a primary vendor for software-defined WAN (SD-WAN) and security (SD-Security) by China Telecom to cater the needs of its global customer base.
Aruba rolls out security fabric for IoT and the digital era (TechCentral.ie) Aruba, a Hewlett Packard Enterprise Company, is best known for its business-grade Wi-Fi products. What is less well known about Aruba is that it has always had excellent security products. In fact, the company has often been described as a security vendor dressed up as a Wi-Fi maker. However, Aruba’s security positioning has always been [&hellip
ThreatMetrix and Nok Nok Labs partner on FIDO-compliant solutions (Security Document World) Digital ID firm ThreatMetrix has announced a new partnership with authentication suite developers Nok Nok Labs.
Apple’s new tracking protection is “sabotage”, claims ad industry (Naked Security) The ad industry is not happy with Apple’s latest move to limit how we get tracked around the web.
Infinite Group, Inc. Launches New Version of Nodeware Cybersecurity Solution, Now Available as Virtual Machine (Infinite Group Inc.) Infinite Group Inc., or IGI (OTCBB:IMCI), announces a new and improved release of the Nodeware™ vulnerability management system, now with options for both virtual machine and hardware deployment. Nodeware 2.0 offers new features that improve the user experience, including enhanced vulnerability data, simple API integration, improved performance,
Quann partners with Claroty to protect Singapore’s critical infrastructure from cyberattacks (Quann) Powered by Claroty’s innovative technologies, Quann’s advanced OT security solution enables full visibility to all assets and traffic and provides actionable alerts for critical infrastructure
Thales delivers trust and security to internet-based Kakao Bank (Business Insider) Thales, a leader in critical information systems, cybersecurity and data security, announces Kakao Bank, Korea's digital-only bank, is deploying Thales nShield hardware security modules (HSMs) to secure the foundation of its banking systems.
Anomali Launches its First Threat Intelligence Sharing Group for Banks in the United Arab Emirates (Marketwired) Partners with major banking federation to encourage cybersecurity intelligence sharing amongst banks, including Barclays, HSBC, Citibank and others
Carlo Minassian returns to security with a hacker trapper (CRN Australia) The man who sold Earthwave to Dimension Data is rethinking how to ambush hackers from the inside.
Dashlane Gets Down To Business 2.0 (PRNewswire) Dashlane announces Dashlane Business 2.0, the only enterprise password...
Google Chrome most resilient against attacks, researchers find (Help Net Security) Researchers have analyzed Google Chrome, Microsoft Edge, and Internet Explorer, and found Chrome to be the most resilient against attacks.
Technologies, Techniques, and Standards
Enhancing Resilience of the Internet and Communications Ecosystem (National Institute of Standards and Technology) Executive Order 13800, "Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure” was issued May 11, 2017. In Section 2 (d), the executive order requires the Secretaries of Commerce and Homeland Security to “jointly lead an open and transparent process to identify and promote action by appropriate stakeholders to improve the resilience of the internet and communications ecosystem and to encourage collaboration with the goal of dramatically reducing threats perpetrated by automated and distributed attacks (e.g., botnets).”
Comments on Promoting Stakeholder Action Against Botnets and Other Automated Threats (National Institute of Standards and Technology) Comments received in response to the Request for Comments on Promoting Stakeholder Action Against Botnets and Other Automated Threats
Banks to adopt new cyber security rules in November (Business Daily) Move to mitigate growing risks of attacks in face of increasing online exposure
Part I: An Overview of Firmware Storage Options (Context Information Security) How firmware is commonly stored on embedded devices, and the techniques for extracting it:
How Windows Active Directory is failing User Logon Security (IS Decisions) Native Windows Active Directory can be the root cause of many logon security headaches. Improve the way you manage user access to avoid data breaches.
Cybersecurity Tools in Financial Services Have Become Part of the Problem (Bricata) Big banks are besieged by cybersecurity alerts. Some alerts might point to threats that are real, but the challenge is distinguishing the signal from the noise. In fact, some 60% of banks deal with 100,000 or more alerts a day, according to reporting by Penny Crosman of the American Banker, a financial services industry trade publication.
3 Crucial Cybersecurity Reporting Methods To Begin Using Today (BitSight) Innovative methods of reporting allow you to communicate cyber risk in the best way, for the best audience. Consider these three options.
How to Freeze Your Credit After the Equifax Breach (Moving FC) A step-by-step guide on freezing your credit in the wake of the Equifax breach. Don't take any chances, especially with your credit history in stake.
Why companies need to get serious about privileged account security (Singapore Business Review) CyberArk VP of sales for APAC and Japan Vincent Goh warned of the rising insider threat amongst corporates.
Get Serious about IoT Security (Dark Reading) These four best practices will help safeguard your organization in the Internet of Things.
Are you ready for ‘Moneyball’ security? (CSO Online) Mike McKee, CEO of ObserveIT, discusses the benefits of an evidence- and data-based approach to security.
Design and Innovation
GDPR: Privacy must be designed in to every system, says Chef (Computing) Chef encourages IT leaders to automate GDPR automation, and break the cycle of ensuring compliance at the time of every audit, and forgetting about it the rest of the time
Leading The Pack: How The U.S. Government Is Out-Innovating The Fortune 500 (Forbes) The federal government is rarely seen as innovative these days, but in the area of cybersecurity, it has been further ahead of the curve than most people give it credit for. By adopting vulnerability disclosure and bug bounty programs, the U.S. government is acting on its belief that engaging with independent security researchers is an effective way of improving its cybersecurity posture.
Hacker-turned-CEO brings digital currency offline (Korea Herald) While cryptocurrency exchanges among those in their 40s and 50s deal with larger volumes, the older generation more often than not face inconveniences in trading their digital currencies.“Some traders often found themselves in trouble,” Kevin Cha, founder and chief executive of ...
Academia
Singapore to have new academy to train cybersecurity professionals (Channel NewsAsia) The new academy will partner FireEye, its first industry partner, to train those in government and critical information infrastructure sectors, Deputy Prime Minister Teo Chee Hean says.
UK education system exacerbates cyber skills gap (ComputerWeekly) Security industry needs to get involved to raise awareness of cyber security career opportunities, say commentators.
Legislation, Policy, and Regulation
Important Information on New EU Regulations (Infosecurity Magazine) Failure to comply with new guidelines will result in significant financial penalti
Evolution of Cyber Requires Change As Normal Concept, Rogers Says (U.S. Department of Defense) The cyber world will look different in the future and the Defense Department must become used to change as a normal component of the cyber mission set, commander of U.S. Cyber Command and director of
CYBERCOM and NSA leadership needs to evolve and that may mean a leadership split (FederalNewsRadio.com) U.S. CYBERCOM and National Security Agency Director Adm. Mike Rogers seems open to the idea of changing the leadership structure he currently heads.
What Cybercom's independence means (FCW) Is the next step for Cybercom as a unified combatant command to split off from the National Security Agency?
91st Cyber Brigade activated as Army National Guard’s first cyber brigade (DVIDS) The Virginia National Guard activated the Bowling Green-based 91st Cyber Brigade as the Army National Guard's first cyber brigade at a ceremony Sept. 17, 2017, at Fort Belvoir, Virginia. The new brigade provides training and readiness oversight for cyber units across 30 states and deploys personnel to meet the demands of growing cyber mission sets throughout the U.S. Army and Department of Defense.
Board Expected To Back Cyberspace Security Proposals (Lake Elsinore-Wildomar, CA Patch) The board is being asked to endorse both Senate bill No. 412 and House of Representatives bill No. 1344.
Litigation, Investigation, and Law Enforcement
AG Presses TransUnion, Experian for Cyber Security Details (WWNY) New York Attorney General Eric Schneiderman is pressing TransUnion and Experian to explain what cyber security they have in place to protect sensitive consumer information following a recent breach...
Massachusetts attorney general sues Equifax after hack (TheHill) Massachusetts Attorney General Maura Healey filed suit against Equifax on Tuesday, alleging that the credit reporting company ignored obvious cybersecurity vulnerabilities for months before hackers accessed the
Court dismisses lawsuits over OPM data breach (TheHill) Class-action suit brought by largest federal workers union dismissed by D.C. court.
Plaintiffs Take Just 1 Hour to Appeal Dismissal of Suit Over OPM Data Breach (National Law Journal) The district court in Washington, D.C., on Tuesday dismissed a consolidated class action over the 2015 hack of the U.S. government’s Office of Personnel Mana...
Manafort Calls On DOJ To Release His Intercepted Communications With Foreigners (The Daily Caller) Former Trump campaign manager Paul Manafort is calling on the Justice Department to release transcripts of any intercepted communications he may have had with foreigners. Manafort, a longtime Repub
Fake: Susan Rice not arrested for unmasking Trump officials (@politifact) A fake news story that said former national security adviser Susan Rice had been arrested for her "failed attempt to stage a coup" against President Donald Trump is actually a post by a self-described liberal troll looking to fool conservatives.
Senators question whether Dragonfly hacks hit Maryland power companies (Baltimore Sun) Maryland Sens. Ben Cardin and Chris Van Hollen are asking the Department of Homeland Security whether any power companies in Maryland were hit by a recent cyber attack.
We need more bobbies online to tackle abuse (Times) Lorin LaFave was the perfect mother to her son and triplets. She read to them every night, took them to swimming lessons and church, gave them chores and monitored their screen time. But in 2014...
Greater Manchester Police Running 1000+ XP PCs (Infosecurity Magazine) Greater Manchester Police Running 1000+ XP PCs. UK forces could be exposing themselves to unnecessary risk
Most-wanted criminal arrested after posting Instagram video of himself (Ars Technica) Officials obtained fugitive’s GPS coordinates after he took to social media.