Cyber Attacks, Threats, and Vulnerabilities
Vladimir Putin’s bots are the ‘new Lord Haw‑Haws’, says Gavin Williamson (Times) Thousands of suspected pro-Russia robotic accounts producing bogus web messages about the Salisbury attack are the Nazi propagandists of the 21st century and must be confronted, the defence...
UK Anti-Doping hit by cyber attack but agency insists no data was stolen (The Telegraph) Britain’s anti-doping agency was the victim of a cyber attack at the weekend, which attempted to access athletes' drug-testing and medical data.
Eugene Kaspersky defends ‘Slingshot’ report (The Australian) Kaspersky Lab boss and founder Eugene Kaspersky has defended his company’s controversial “Slingshot” report, which uncovered an alleged US military malware program targeting ISIS and potentially put lives at risk.
Iranian Hackers Charged Last Week Were Actually Pretty Damn Good Phishers (BleepingComputer) The group of Iranian hackers the US charged last week with hacking over 300 universities across the globe were actually master phishers astute at their craft, so much so that they used the same phishing lure for years without needing to change it.
A new data leak hits Aadhaar, India's national ID database (ZDNet) Exclusive: The data leak affects potentially every Indian citizen subscribed to the database.
Watering Hole Attack Exploits North Korea's Flash Flaw (SecurityWeek) An attack leveraging the compromised website of a Hong Kong telecommunications company is using an Adobe Flash vulnerability (CVE-2018-4878) that has been exploited by North Korea since mid-November 2017.
Meet Federico Tenga: The guy who teaches North Koreans about Bitcoin (ExpressVPN) Despite being the most hermetic country on Earth, North Korea is certainly no stranger to cyberspace—in both its uses and abuses. Despite a tiny local internet user base and just a few dozen local websites, cybercrime in the Democratic People’s Republic of Korea (DPRK) is estimated to be a multi-billion dollar industry.
Unraveling ThreadKit: New document exploit builder used to distribute The Trick, Formbook, Loki Bot and other malware (Proofpoint) In October 2017, Proofpoint researchers discovered a new Microsoft Office document exploit builder kit that featured a variety of recent exploits as well as a mechanism to report infection statistics.
Hacking intelligent buildings using KNX and Zigbee networks (Help Net Security) Yong Yang, HuiYu Wu and YuXiang Li of the Tencent Blade Team have concentrated on probing KNX, and Zigbee, communication protocol widely used in home automation systems.
Most IT pros fear IoT cyber attacks. Few are doing anything about it. (ZDNet) A report from Ponemon Research and Shared Assessments suggests a major disconnect when it comes to IoT security
Third-party IoT risk management not a priority (Help Net Security) A new report uncovered an alarming number of respondents who believe their organization will suffer from a catastrophic IoT related attack in the next two years, and shows that many are not properly assessing for third party IoT risks and do not have an accurate inventory of IoT devices.
Shodan and passwords sitting in a tree, S-H-O-W-I-N-G! (Naked Security) If an application offers authentication security, it’s always a good idea to turn it on if on isn’t the default setting.
Sanny Malware Updates Delivery Method (Threatpost) Attackers, purportedly hailing from Korea, are stepping up their malware campaign with three new techniques ranging from abusing UAC and targeting Windows 10.
Cryptocurrency Mining Craze Going for Data Centers (Bitdefender) Cryptocurrency is a virtual currency that uses cryptography to guarantee anonymity and provide anti-counterfeit features, enabling anyone to make transactions without being regulated by government or banking institutions. Anonymous and decentralized, virtual currency became synonymous with money laundering, tax evasion, and cybercrime.
Facebook death hoax: Captain Kirk says, “I’ve not boldly gone yet!” (Naked Security) Has Captain James Tiberius Kirk of the USS Enterprise, also known as actor William Shatner, really been beamed up for the last time? (No.)
Of course Facebook logs calls and texts – people gave it permission (Naked Security) Facebook’s been upsetting quite a lot of people lately.
I asked a security expert to reveal how Cambridge Analytica might target me based on my personality (WUWM) OK, so I took a version of the personality test that Cambridge Analytica used to gather data on Facebook users. But I’m not going to tell you all of my
Before Cambridge Analytica there was ‘Hacking Team’ in India (Asia Times) The revelations around Cambridge Analytica underscore how states in India are using surveillance to snoop on its citizens
The Cost of Sharing Our Data Online (Infosecurity Magazine) A personality app harvested your data and Facebook and Cambridge Analytica faced government scrutiny, but we knew this was coming.
What Are 'Data Brokers,' and Why Are They Scooping Up Information About You? (Motherboard) These sites you haven't heard of are sharing boatloads of data about you.
Here’s a Long List of Data Broker Sites and How to Opt-Out of Them (Motherboard) How to get off of people search sites like Pipl, Spokeo, and WhitePages.
A Closer Look at Unpopular Software Downloads and the Risks They Pose to Organizations (TrendLabs Security Intelligence Blog) In this blog post, the first of a three-part series, I would like to share some insights on trends that we have observed in the wild after analyzing 3 million software downloads, involving hundreds of thousands of Internet-connected machines.
HOAX ALERT: Can you really verify your Facebook account security with a comment? (Naked Security) There’s a rumor floating around in certain corners of the internet that you can “prove” your Facebook account is secure by triggering an animation in the comments section.
City of Atlanta officials provide little detail about cyberattack (Atlanta Journal Constitution) Atlanta city officials hold press conference on ransomware attack, but reveal no new significant details
Bill payment sites down as City of Atlanta works to resolve cyber attack issues (WSBTV) The cyber attack happened early last Thursday morning.
Expert: Full recovery from cyber attack for Atlanta could take months (WMAZ) City officials say they are working with private and public partners to hopefully set the "hostage" free.
SamSam group deletes Atlanta's contact portal after the address goes public (CSO Online) An image shared with local media during the early stages of a SamSam ransomware infection in Atlanta exposed the contact portal assigned to the city by the group responsible for the attack. When questioned about their actions via the exposed portal, the SamSam group later deleted the contact form, calling the questions and comments spam.
The Dark Web’s Favorite Currency Is Less Untraceable Than It Seems (WIRED) Researchers point out serious gaps in the privacy promises of stealth cryptocoin Monero.
Side-channel information leakage in mobile applications (SANS Internet Storm Center) Smartphones today carry an unbelievable amount of sensitive information. As absolutely everything is going mobile these days, we have to pay special attention on security of mobile applications, specifically data at rest (data stored on a mobile device) and data in transit (data transferred to the target server).
Fake Images of Parkland Survivors Tearing Up the Constitution Go Viral (Motherboard) You don't even need to be that good at Photoshop to make a fake image go viral.
Cyber Trends
2017 Vulnerability Report: A Shift in Cybercriminal Preferences (Recorded Future) Every year we analyze thousands of sources, including code repositories, deep web forum postings, and dark web onion sites to bring you the top 10 vulnerabilities used by cybercriminals.
Distil Networks' Annual Bad Bot Report Finds One in Five Companies Now Block Russian Traffic (Distil Networks) Findings show overall increase in bad bot traffic, gambling and airlines most targeted industries
Survey: 53 Percent of Organizations Blame Legacy Antivirus Protection for Failed Ransomware Prevention (BusinessWire) Survey Highlights the Risks of Paying Ransomware; Organizations’ Adoption of Next-Gen Endpoint Protection to Improve Confidence in Repelling Attacks
Building Cyber Resilience: Compromise Response Intelligence in Action (Baker Hostetler) This is our fourth Report addressing the issues entities care about most when it comes to incident response. The Report’s focus remains consistent with that of prior years, although this year we emphasize the importance of using Compromise Response Intelligence in addition to the measures necessary to be Compromise Ready.
The Once and Future InfoWars (War on the Rocks) David Patrikarakos, War in 140 Characters: How Social Media is Reshaping Conflict in the Twenty-First Century (Basic Books, 2017). Violence, like Twitter, is a means of communication. If we do not understand it as such, its place in international relations makes no sense. As Thomas Schelling wrote in 1966: “The power
Finland’s top national security risk? Cyber (Fifth Domain) Supo has ranked terrorism-linked cyber-threats as the primary risk to Finland’s national security and critical industrial infrastructure going forward.
Digital innovation held back as IT teams firefight security threats (Help Net Security) 43% of IT executives at European financial institutions reveal that fears of a cyber-attack keep them awake at night – two months before the GDPR comes into force.
Marketplace
GDPR Spurs 700% Increase in Data Protection Vacancies (Infosecurity Magazine) GDPR Spurs 700% Increase in Data Protection Vacancies. Privacy regulation will land in two months’ time
Industry Sounds Off On Pentagon’s Cloud Strategy (Nextgov.com) The Defense Department received more than 1,000 comments from industry regarding its JEDI cloud acquisition.
Twitter to start ban of most cryptocurrency ads on Tuesday (Reuters) Twitter's ban on cryptocurrency advertising will start on Tuesday, the social media company told Reuters.
Kenna Security Secures $25 Million in Series C Funding Led by Bessemer Venture Partners (PR Newswire) Kenna Security, a leader in predictive cyber risk, announced today that...
AppRiver Acquires Roaring Penguin for Email Security Services (ChannelE2E) AppRiver acquires Roaring Penguin Software for additional email security services, as private equity and M&A deals potentially reshape the managed & cloud security services market.
Palo Alto Networks Closes Acquisition of Evident.io (PR Newswire) Palo Alto Networks® (NYSE: PANW), the next-generation security...
JASK and the future of autonomous cybersecurity (TechCrunch) There is a familiar trope in Hollywood cyberwarfare movies. A lone whiz kid hacker (often with blue, pink, or platinum hair) fights an evil government. Despite combatting dozens of cyber defenders, each of whom appears to be working around the clock and has very little need to use the facilities, t…
Cyber-arms-dealer Grey Heron really, really doesn't want you to know about the connections between them and the disgraced Hacking Team (Boing Boing) Cyber-arms-dealer Grey Heron really, really doesn't want you to know about the connections between them and the disgraced Hacking Team
Axonius Wants To Do Cybersecurity Like It's 1985. (Axionus) Leveraging the security and management tools customers already have, Axonius aims to provide full visibility into all devices to see and secure all
Prevoty Cited as The Only Leader in The Runtime Application Self-Protection Market (GlobeNewswire News Room) According to analyst report, “Research uncovered a market in which Prevoty leads the pack.”
Former DHS Chief Architect Nicolas Chaillan Named Qualys Federal CTO (GovCon Wire) Nicolas Chaillan, formerly special adviser for cybersecurity and chief architect at the Department o
Former Barclays CISO to Head WEF's Global Center for Cybersecurity (SecurityWeek) Troels Oerting, who has been the group chief information security officer (CISO) at Barclays since February 2015, will be the first head of the World Economic Forum's (WEF) Global Centre for Cybersecurity.
Products, Services, and Solutions
Wombat Security Introduces New Insider Threat Training Modules (PR Newswire) Wombat Security (Wombat), a division of Proofpoint and the leading...
Netskope Expands Platform to Secure Enterprise Web Access with Netskope for Web (PR Newswire) Netskope, the leader in cloud security, today announced the general...
Telos ID Selected to Process Background Checks for Aviation Workers at Los Angeles International Airport (LAX) (Telos) Telos ID’s DAC services offer increased efficiency and flexibility in background checks and credentialing operations at California’s largest and busiest airport
Companies With Secure Email to Gain Unlimited Free Brand Impressions to Drive Increased Digital Commerce (BusinessWire) Agari, a leading cybersecurity company, today announced the first pilot of an online brand standard developed with major email providers Comcast, Goog
RSA® Helps Organizations Quantify Financial Risk Exposure To Cyber Attacks (PR Newswire) RSA, a global cybersecurity leader delivering Business-Driven...
Technologies, Techniques, and Standards
Democrats Know Hackers Will Be Back In 2018. The Problem? Forcing Campaigns To Care. (BuzzFeed) "The threat is there — and ignoring it isn’t going to make it go away."
Q&A: Darktrace explains how AI influences cybersecurity (Security Brief) “Without AI, cybersecurity doesn’t have a hope of coping with inevitable digital growth.”
Three Myths About Cyber Insurance (Healthcare Informatics Magazine) Given the escalating number of attacks and increasing financial costs, the rate of cyber insurance adoption is somewhat surprising. There are three myths about cyber insurance that are keeping more businesses from adding these policies.
Inside the Fort Gordon: Where Next-Gen Cyber Troops Are Trained (WIRED) What's happening at the US Army's new cyber branch headquarters marks a change for Fort Gordon. Hell, it might be changing warfare itself—all through a computer screen.
Preventing the Next Ransomware Attack (Infosecurity Magazine) While there is no simple solution to protect against ransomware attacks, there are a few key tactics that security teams can take that will boost their immunity.
Design and Innovation
Mozilla Tests DNS over HTTPS: Meets Some Privacy Pushback (Threatpost) Mozilla is testing a method of securing DNS traffic via HTTPS, but is faced with some privacy resistance.
Research and Development
Bitcoin Private Foundation Announces Research Grants for Cybersecurity and Cryptography Projects (The Merkle) In a recent announcement, the Bitcoin Private (BTCP) Foundation stated that it would award a series of $150,000 grants to research projects that cover a number of topics, including cybersecurity and
Legislation, Policy, and Regulation
Morning mail: Russian diplomats face mass expulsion (the Guardian) Tuesday: Western countries expel more than 100 Russians in response to the nerve agent attack in the UK. Plus: voters split on Labor’s tax policy
World unites in biggest ever mass expulsion of Russian spies (Times) The world is at a turning point in the fight to curb President Putin’s “reckless ambitions”, Boris Johnson has said after the largest collective expulsion of Russian spies in history. More than 20...
Diplomats ousted: US, Europe punish Russia over spy case (Military Times) The United States and more than a dozen European nations kicked out Russian diplomats on Monday and the Trump administration ordered Russia’s consulate in Seattle to close, as the West sought joint punishment for Moscow’s alleged poisoning of an ex-spy in Britain.
The US Is Shutting Down A Russian Consulate Near A Major Nuclear Arsenal (Task & Purpose) Trump to Russian intelligence officers: Dosvedanya!
Russia Promises Retaliation After Western Expulsions (Foreign Policy) Over 100 Russians were expelled from North America and Europe on Monday. Here's how Russia will react.
Statement from the Press Secretary on the Expulsion of Russian Intelligence Officers (The White House) Today President Donald J. Trump ordered the expulsion of dozens of Russian intelligence officers from the United States and the closure of the Russian consulate in Seattle due to its proximity to one of our submarine bases and Boeing. The United States takes this action in conjunction with our NATO allies and partners around the …
Trump's 'Good Relationship' With Russia Is Slipping Away (The Atlantic) By shuttering a consulate and expelling 60 diplomats in response to the spy poisoning in Britain, he’s taken a remarkably hard line against Putin.
Obama official: We could have stopped Russian trolls (CNN) A former Obama White House official says the US government could have thwarted a Russian troll group's attempts to meddle in the 2016 US presidential election.
Iran Slams US Sanctions Following Cyber-Theft (Infosecurity Magazine) Iran Slams US Sanctions Following Cyber-Theft. Mabna Institute accused of massive IP theft from global universities
Are Cyber-Related Indictments a Good Deterrent Strategy? (Technative) In mid-March 2018, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated five entities and 19 individuals under the Countering America’s Adversaries Through Sanctions Act (CAATSA) as well as Executive Order (E.O.) 13694, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities.”
Silicon Valley has gone from liberating to creepy. Next stop, government regulation. (USA TODAY) Facebook and Cambridge Analytica are part of Silicon Valley's fall from grace. Expect the public to demand government scrutiny and regulation.
Civil rights groups criticise new US law which increases international snooping powers (Computing) Much-criticised CLOUD Act becomes law without a debate, makes it easier for authorities to seize private data on their citizens without a warrant
Spending bill gives election cybersecurity nearly $400M boost (Fifth Domain) The funding is divided between the pre-existing Election Assistance Commission and a new Election Infrastructure Security Initiative housed within the Department of Homeland Security.
Bolton Expected to ‘Clean House’ (Foreign Policy) The incoming national security advisor aims to ax dozens of White House officials as he dismantles McMaster’s NSC.
John Bolton Is Misunderstood (Defense One) The actual track record of Trump’s next national-security adviser offers cause for cautious optimism.
Cybercom’s ‘Command Vision’ Aims to Maintain Superiority in Cyber Domain (Executive Gov) The U.S. Cyber Command has issued a new strategy that seeks to help the command achieve and maintain
Craigslist personals, some subreddits yanked after passage of FOSTA (Naked Security) Craigslist shut down its personals section on Friday in response to the passage of H.R. 1865, the Fight Online Sex Trafficking Act (FOSTA) bill, in both houses of Congress on Wednesday.
FCC chairman Ajit Pai plans new measures to shut-out Huawei and ZTE from US communications networks (Computing) US officials launch their latest offensive against Chinese technology firms
FCC wants Chinese tech out of US phones, routers
(Washington Examiner) U.S. officials are discouraging U.S. telephone and internet companies from purchasing Chinese technology that could be used for surveillance, Federal Communications Commissioner Ajit Pai announced Monday.
China urges WTO members: put U.S. tariff 'beast back in the cage' (Business Insider) China called on World Trade Organization members on Monday to unite to prevent the United States "wrecking" the WTO and urged them to oppose U.S. tariffs targeting China's alleged theft of intellectual property.
DHS hires new cybsersecurity adviser ahead of 2018 midterm elections (Washington Examiner) The Department of Homeland Security has hired the former chairman of the Election Assistance Commission, Matt Masterson, to help federal, state, and local authorities coordinate cybersecurity efforts ahead of the 2018 midterm elections, the department announced Monday.
Privacy: Do We Need a National Data Breach Disclosure Law? (Dark Reading) Some say we need a more consistent approach, while others worry a national law might supersede and water down some state laws already on the books.
Litigation, Investigation, and Law Enforcement
The FTC Is Officially Investigating Facebook's Data Practices (WIRED) The Federal Trade Commission's probe comes on the heels of the Cambridge Analytica scandal, in which the data firm improperly retained the Facebook data of 50 million Americans.
Mark Zuckerberg refuses to appear before Parliamentary select committee investigating Facebook data practices (Computing) Zuckerberg to send flunky to give evidence to Parliamentary select committee
Cambridge Analytica accused of violating US election laws in legal action (ABC News) The U.K.-based firm and its top executives are now also under fire for alleged violations of U.S. election laws.
Biggest pirate in the US sentenced to 5 years (Naked Security) Sharebeast, Newjams and Albumjams were sites to pirate prerelease songs from the likes of Justin Bieber, Pitbull and Beyonce.