Cyber Attacks, Threats, and Vulnerabilities
How the Russian government allegedly attacks the American electric grid (Fifth Domain) The Russian government attacks America's electric grid by targeting the company's employees with phishing and malicious software.
Russian hackers are ready to disrupt US energy utilities, says DHS (Naked Security) Jonathan Homer says Russian hackers have snared “hundreds of victims” in the utilities and equipment sectors and “got to the point where they could have thrown switches” in a way that could h…
Russian Hackers Reach U.S. Utility Control Rooms, Homeland Security Officials Say (Wall Street Journal) Hackers working for Russia claimed “hundreds of victims” last year in a long-running campaign that put them inside the control rooms of U.S. electric utilities where they could have caused blackouts, federal officials said.
Russian Hackers Breach US Utility Networks via Trusted Vendors (GTM) Hackers were able to access confidential information, such as the equipment being used and how utility networks are configured.
Russian cyber activity against critical infrastructure – what’s new? (Control Global) The Russians planted malware in our electric grids in at least the October 2014 timeframe. What’s new and why the disclosures now?
Russian Cyber Attacks on Critical Infrastructure: The “New Normal” (Nozomi Networks) According to new information just reported by the Wall Street Journal, Russian cyber attacks have impacted hundreds, rather than dozens, of U.S. energy facilities. Nozomi Networks Chief Product Officer, Andrea Carcano, thinks the attackers have all the tools needed to cause power outages – the only thing holding them back is their fear of consequences.
Cyber-Attacks on Finland Intensified Before the Trump-Putin Summit (BleepingComputer) Prior to the Trump-Putin summit that took place on July 16 in Helsinki, Finland, cyber-attacks on the host country saw an uncharacteristic spike of activity.
Leafminer: New Espionage Campaigns Targeting Middle Eastern Regions (Symantec) Active attack group is eager to make use of available tools, research, and the work of other threat actors.
Cyberwar: What happens when a nation-state cyber attack kills? (ZDNet) A cyber attack that kills someone is getting ever more likely. What happens then is a big -- and scary --question.
Warnings about a massive cyberattack aren't new – intelligence officials have raised red flags for years (CNBC) According to a former top DHS cybersecurity official, the fact that Russians successfully accessed "hundreds" of utilities in the U.S. represents a possible change of tactics, from targeted attacks to a "blanket strategy."
Singapore disconnects healthcare computers from the Internet after... (Reuters) Singapore has disconnected computers from the internet at public healthcare centers to prevent cyberattacks of the kind that caused its worst breach of personal data, a government official said on Tuesday.
Kronos Reborn (Proofpoint) Proofpoint researchers examine a new version of the Kronos banking Trojan.
Red Alert 2.0: Android Trojan targets security-seekers (Sophos News) A malicious, counterfeit version of a VPN client for mobile devices targets security-minded victims with a RAT.
Mirai, Gafgyt IoT Botnet Attacks Intensify (SecurityWeek) Security researchers are warning of a new wave of attacks associated with the Mirai and Gafgyt Internet of Things (IoT) botnets.
Threat Brief: Office Documents Can Be Dangerous (But We’ll Continue to Use Them Anyway) (Palo Alto Networks Blog) Unit 42 Threat Brief: Office Documents can be dangerous, however, we'll continue to use them anyway.
Cosco caught in new cyber attack as email and telephone systems go down (The Loadstar) Cosco’s UK systems are down following a cyber attack which affected its US operations late last night.
The company’s Pier J Terminal at the Californian port of Long Beach was the first to be affected.
The port said it was monitoring the situation, while local media reported that it did not seem as severe as a previous cyber attack on Maersk.
A notice sent by Cosco to its customers said “local” network systems and some email services had been ...
Cosco Cyber Attack: Cosco responds to cyber attack on US operations (JOC.com) Since Cosco’s overseas operations have not been affected, communication with US offices is able to take place, although at a slower pace, a key Cosco official said Tuesday.
Attacks on Oracle WebLogic Servers Detected After Publication of PoC Code (BleepingComputer) Oracle WebLogic servers are under attack from hackers who are trying to take over vulnerable installations that have not received a recent patch for a critical vulnerability.
Crimson Hexagon banned by Facebook over user data concern (Naked Security) Facebook is probing whether the firm’s government contracts comply with its policies, which nix use of user data for government surveillance.
An Incredibly Simple Hack Had the Potential to Manipulate Cryptocurrency Markets (Motherboard) Visitors to Ethereum blockchain explorer Etherscan.io on Monday were shown a pop-up that said, “l337,” but the hackers could have tricked site visitors by superficially changing values on the blockchain record.
Scammers pwn verified Fox Twitter account to scam cryptocurrency (Naked Security) Scammers have been exploiting Twitter for months now to steal digital currencies from naïve users, but this month one attacker pulled off a rare coup by compromising a verified Twitter account.
Mind your company's old Twitter accounts, rather than allowing them to be hijacked by hackers (Graham Cluley) There were only 13 episodes of the science fiction TV show "Almost Human" aired before it was pulled from the schedules in 2014.But its Twitter account lives on, under the control of cryptocurrency giveaway scammers.
BYOD: Are Thousands of Rogue Devices Lurking on Your Network? (Security Intelligence) While securing the variety of known devices on your network is hard work, it may feel impossible to manage uninvited guests. Here's how to effectively manage rogue devices.
Quarterly Incident Response Threat Report, July 2018 (Carbon Black) Quarterly Incident Response Threat Report, July 2018
KnowBe4 Releases Q2 2018 Top-Clicked Phishing Report (ResponseSource Press Release Wire) Messages Playing into Human Psyche of Being Popular or Wanted Continue to Sail Through Security Defences York, UK July 24, 2018 – KnowBe4, provider of the world’s largest security awareness train...
Security Patches, Mitigations, and Software Updates
Chrome 68 Released With Warnings on HTTP Sites, But Also Other Security Features (BleepingComputer) Google has released today version 68 of the Chrome browser. This marks a milestone release for the browser maker, being the first version where Chrome will mark HTTP sites as "Not Secure."
Sony Patches Remotely Exploitable Vulnerabilities in Network Cameras (SecurityWeek) Two serious, remotely exploitable vulnerabilities in Sony IPELA E Series Network Camera products could allow attackers to execute commands or arbitrary code on affected devices.
AVEVA Patches Critical Flaws in HMI/SCADA Tools Following Schneider Merger (SecurityWeek) AVEVA, which recently merged with Schneider Electric and took over the Wonderware products, patched critical vulnerabilities in the InduSoft and InTouch HMI/SCADA tools
Cyber Trends
Mimecast Unveils Second-Annual State of Email Security Report (GlobeNewswire News Room) More than 90 Percent of Global Organizations Reported the Volume of Phishing Attacks Have Increased or Stayed the Same in Past 12 Months
The State of Email Security (Mimecast) The latest threats, confidence killers and bad behaviors – and a cyber resilience strategy to fix them
The attacks of the future (SecurityCurrent) What might the most damaging attacks of the future look like? The answer to the question may lie somewhere between the known patterns that attackers have established over the years, and signs that we are starting to see today. A look back It started with the sun and the moon. Solar Sunrise was discovered in…
Larry Ponemon Goes Behind the Scenes of the 2018 Cost of a Data Breach Study (Security Intelligence) Dr. Larry Ponemon takes you behind the scenes of the Ponemon Institute's 2018 Cost of a Data Breach Study on this week's SecurityIntelligence podcast.
Marketplace
How private companies handle attributing governments to hacking operations (Cyberscoop) Cybersecurity companies are becoming increasingly capable of burning intelligence collection efforts by governments, But with this new found influence, what responsibilities do they hold?
Concerns grow over cyber security skills gap (Personnel Today) Last week in parliament, MPs and peers accused the government of lacking urgency in its work to tackle the shortage of skilled cyber security workers. And, separately, accountancy giant Deloitte has expanded a scheme to encourage more women to enter the sector. Parliament’s Joint Committee on the National Security Strategy said ministers had “no real sense …
This gig can pay more than $130K — but you’ve probably never heard of it (Moneyish) Eighty percent of U.S. adults have never considered a cybersecurity job, a new survey finds. Here’s why so few women have jobs in the industry
Wanted: More Female Cyber Warriors (Forbes) IBM’s Allison Ritter helps create cyber attack simulations to prepare companies for coming threats
Trending: ZTE Agrees with U.S. Commerce Department to $1.4 Billion in Penalties (Global Trade Magazine) The Chinese telecommunications group ZTE has agreed to additional penalties and compliance measures to replace the United States Commerce Department’s denial order imposed as a result of ZTE’s violations of a March 2017 settlement agreement. Under the new agreement, ZTE must pay $1 billion and place an additional
Gigamon Acquires Security Start-Up ICEBRG (PRNewswire) SaaS solution empowers customers to leverage the power of network traffic analytics to decrease complexity of security stack
First Look At Safe-T Group's $10 Million IPO (Seeking Alpha) Safe-T Group, an Israeli cybersecurity software company, has filed for its IPO in the U.S. It is offering 1 million American Depository Shares at $9.50-10.50 ap
Israeli cyber startup NSO 'kills merger talks' with software company Verint (Haaretz) A secretive company, NSO is best known as a supplier of mobile surveillance tools to governments and law enforcement agencies
EU pushes Thales/Gemalto to Phase II (Global Competition Review) Europe’s antitrust enforcer has opened an in-depth review of Thales’s €4.8 billion takeover of Gemalto, on the grounds that the companies’ combined shares in the...
Booz Allen Hamilton (BAH) Secures $92M Task Order from U.S. Navy for Cybersecurity and Technical Support (StreetInsider.com) As a leader in the field of information warfare, the U.S. Navy is constantly evolving capabilities to defend naval information systems in the hostile environment of cyberspace. To safeguard maritime systems against adversarial cyberattacks, the Navy relies on the Information Assurance and Cyber Security Program Office (PMW 130) to acquire cybersecurity products and services. In support of the mission of PMW 130, the Space and Naval Warfare Systems Command (SPAWAR) has awarded Booz Allen Hamilton (NYSE: BAH) a $92M task order in February to provide cybersecurity, technical, and program management services to PMW 130 over a five-year period.
Accenture hires FBI vet Marshall as cyber intell team lead (Washington Technology) Accenture brings aboard two-decade FBI veteran Howard Marshall as director of the company's iDefense cyber threat intelligence team.
San Diego Airport Responds to Being Ranked Worst in Country For Cybersecurity (NBC 7 San Diego) A new article released by CNBC ranked the San Diego International Airport as the worst airport for cybersecurity and the number one airport in the country where travelers are most likely to be hacked.
Products, Services, and Solutions
Venafi and Gemalto Partner to Expand Machine Identity Protection (BusinessWire) New partnership and integration allows customers to protect the growing number of connected machines
Netskope and SentinelOne Partner to Bring Cloud Security and Endpoint Protection to the Global Enterprise (Virginian-Pilot) Netskope, the leader in cloud security, today announced a partnership and product integration with SentinelOne, the autonomous endpoint protection company, to give
Detected, blocked, quarantined, cleaned? (SE Labs) Security testing lab specialising in anti-malware and targeted attack testing of endpoints, appliances and cloud services.
Gemalto Helps Companies Gain Valuable Data Insights, Reduce Cost and Time with Automatic Software Updates (BusinessWIre) Gemalto today announced the launch of Sentinel Up, an enterprise-grade software update solution for software vendors and device manufacturers. Designe
EnduraData Ports Its Replication Software to OpenBSD, Announces Ransomware Solution (PRNewswire) EnduraData, a leader in cross-platform data replication solutions and data management software, today announced the availability of its EDpCloud™ software for the OpenBSD operating system, joining its Windows, Linux, Mac, and Unix versions. It also announced a major disaster-tolerance solution to help businesses, hospitals, and government entities survive ransomware attacks.
New Xacta 360 Application Operationalizes NIST Cybersecurity Framework v1.1 (BusinessWire) New application for Xacta 360 cyber risk management platform operationalizes NIST Cybersecurity Framework.
Mocana Supports TPM 2.0 (Mocana) Mocana supports TCG's TPM 2.0 specification. Using Mocana TrustPoint's simple set of APIs, IoT device engineers can use certified TPM keys to secure storage, SSL/TLS, IPsec, authentication, and applications, including containers and virtual machines.
Kaspersky launches adaptive security product through cloud (iTWire) Security firm Kaspersky Lab has launched a new product called Kaspersky Security Cloud which operates as a service and is not attached to a device, bu...
ProtectWise Joins CrowdStrike's Elevate Partner Program (PRNewswire) Companies to Deliver a Compelling Combination of Next-Generation Endpoint and Network Protection, Threat Intelligence and Response Services
Technologies, Techniques, and Standards
Unpacking the Impact of NIST 1.1 Updates on ICS (SecurityWeek) The National Institute of Standards and Technology (NIST) has updated its cybersecurity framework (CSF), rolling out changes to all five pillars: Identify, Protect, Detect, Respond, and Recover.
Design and Innovation
Microsoft developed an AI to catch Xbox Live cheaters (The Next Web) Microsoft recently filed for a patent for an AI that detects Xbox cheaters by combing through their gaming history for suspicious ranks or achievements. The patent application was published by the US Patent and Trademark Office last month. Unlike other efforts by the likes of Valve, this AI wouldn’t just look for cheaters within active games. Instead, …
Legislation, Policy, and Regulation
Proposed EU Cybersecurity Act Released (Lexology) On May 29, 2018, the Council of the European Union released a proposal for the future of cybersecurity regulation in Europe (the “EU Cybersecurity…
In cyber, Germany needs to counter-attack, minister says (Reuters) Germany is considering laws that would let it respond actively to foreign cyber-attacks, Interior Minister Horst Seehofer as he presented a domestic intelligence agency report showing Iran was the latest power to ramp up hack attacks on German systems.
Statement for the Record: The Honorable Christopher C. Krebs Under Secretary National Protection and Programs Directorate U.S. Department of Homeland Security (US House of Representatives Committee on Oversight and Government Reform) Chairman Gowdy, Ranking Member Cummings, and members of the Committee, thank you for today’s opportunity to testify regarding the U.S. Department of Homeland Security’s (DHS) ongoing efforts to assist with reducing and mitigating risks to our election infrastructure.
Without evidence, Trump claims Russia ‘will be pushing very hard for the Democrats’ in 2018 midterms (Washington Post) The president trotted out a new line on Russian interference as the uproar over his shifting stances on the issue entered its second week.
Analysis | The Cybersecurity 202: Congress isn't happy with Trump's cyber strategy. It wants a commission to help. (Washington Post) Sen. Sasse's proposal appears likely to succeed.
Trump-Putin summit marked by cybersecurity missteps (Washington Examiner) President Trump's public skepticism about his own intelligence services' conclusions on Russian hacking in the 2016 election, combined with an ad hoc approach to last week's summit with Vladimir Putin, created a political fiasco for the administration and a missed opportunity to address serious…
Ted Cruz says Trump shouldn't be 'apologizing for Russia' (Dallas News) WASHINGTON - Eight days into the uproar over Donald Trump's surprisingly gentle stance toward Vladimir Putin, Sen. Ted Cruz again tweaked him for...
Lawmakers: Use Cyber Attacks on Countries That Meddle in US Elections (Military.com) The SASC wants the U.S. to launch cyber attacks against any country that tries to disrupt the functioning of our society.
What the new defense bill means for cyber (Fifth Domain) U.S. House and Senate negotiators boosted funding for cybersecurity in the annual defense authorization bill, which serves as a repudiation of the Trump administration’s foreign policy.
NDAA Conference Report Strengthens U.S. Cyber, Electronic Warfare Defenses (MeriTalk) The National Defense Authorization Act (NDAA) for FY 2019 took a big step toward passage with the release of the conference report late yesterday that unifies House and Senate NDAA legislation and places in sharp focus concerns about growing cyber and electronic warfare threats and ways that the United States should address them.
How Congress wants DoD to tackle AI and machine learning in 2019 (C4ISRNET) The 2019 National Defense Authorization Act includes funding to the Air Force and the establishment of an independent commission on artificial intelligence.
House bill would make DHS’s CDM cyber program law (FedScoop) A new House bill aims to codify the Department of Homeland Security’s signature cybersecurity program.
Homeland Security Committee Forwards Bill to Prevent the Next Kaspersky (Nextgov.com) The committee also forwarded legislation to codify Homeland Security’s CDM program.
Former Trump cyber adviser tapped for top intelligence role in UK (CNN) Rob Joyce, President Donald Trump's former cybersecurity coordinator, has been tapped to serve as the National Security Agency's top representative in the United Kingdom, according to a former senior intelligence official and a second source familiar with the matter.
Israelis to train Czech cyberspace fight specialists (Prague Monitor) The Czech Defence Ministry plans to have dozens its officers trained in anti-hacking methods by experts from the Czech-Israeli company CyberGym Europe, a step showing the state's efforts to enhance its cyberspace protection, daily Hospodarske noviny (HN) wrote on Monday.
Security concerns drive growing concern over mandatory health records (CSO) In the wake of a series of healthcare data breaches, the Electrical Trades Union (ETU) of Australia has joined the chorus of critics pushing back against the government’s plans to mandate use of its My Health Record (MHR) scheme.
Litigation, Investigation, and Law Enforcement
Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M (KrebsOnSecurity) Hackers used phishing emails to break into a Virginia bank in two separate cyber intrusions over an eight-month period, making off with more than $2.4 million total. Now the financial institution is suing its insurance provider for refusing to fully cover the losses.
LinkedIn hacking suspect refuses to cooperate with his lawyers (Cyberscoop) Yevgeniy Nikulin, the Russian hacker accused of stealing data from three U.S. firms, is uncooperative in his own defense, one of his lawyers told CyberScoop