Cyber Attacks, Threats, and Vulnerabilities
China reportedly steps up efforts to steal Australian company secrets (CNBC) An investigation by Australia's Fairfax Media and Nine News found that China's Ministry of State Security was responsible for a wave of attacks detected by Australia and its partners in an intelligence sharing alliance.
Russian 'Bear' Hackers Are Back With New Weapons And Disguises (Forbes) Two hacking crews linked to the Kremlin have been spotted targeting Western businesses and government organizations. One was allegedly behind the DNC hack, the other hasn't been seen for a year.
APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign (Threatpost) The group is best-known for hacking the DNC ahead of the 2016 presidential election.
Technical foul: Amazon suffers data breach days before Black Friday, emails world+dog (Register) $1tn biz doesn't answer very basic questions - like how or why it happened
Amazon admits it exposed customer email addresses, but refuses to give details (TechCrunch) Amazon’s renowned secrecy encompasses its response to a new security issue, withholding info that could help victims protect themselves. Amazon emailed users Tuesday, warning them that a it exposed an unknown number of customer email addresses after a “technical error” on its website. W…
Amazon Low-Key Reveals Breach of Some Customer Data (Dark Reading) 'Technical error' exposed names and email addresses.
Facebook, Instagram back up after outage, company confirms (ABC News) Facebook and Instagram are back up, the company confirmed on Tuesday.
Facebook blames outage on 'server configuration' (CNET) The social network, along with its apps such as Instagram, were down for hours Tuesday.
Black Friday and Cybercrime: Retail's Frankenstein Monster (Digital Shadows) With every year that passes, Black Friday seems to morph into a creation its original proponents could not have even envisioned.
Cyber-security firm doxxes hacker who sold MySpace and Dropbox databases in 2016 (ZDNet) Recorded Future claims Tessa88's identity is a 29-year-old Russian named Maksim Vladimirovich Donakov.
True Identity of Notorious Hacker tessa88 Revealed (Recorded Future) Insikt Group analyzed underground forum discussions and discovered images of the individual behind notorious hacker tessa88, revealing their true identity.
Magecart Black Hats Battle it Out On Infected Site (Infosecurity Magazine) One group attempts to sabotage skimming operation of the other
E-commerce site is infected not by one, but two card skimmers (Ars Technica) Rival crime gangs race against each other to steal consumers' personal data.
Mirai: Not Just For IoT Anymore (Arbor Networks Threat Intelligence) Executive Summary Botmasters have taken the lessons from developing Internet of Things (IoT) malware and shifted their focus to targeting commodity Linux servers. Like many IoT devices, unpatched Linux servers linger on the network, and are being abused at scale by attackers sending exploits to every vulnerable
Report: Emotet makes phishing lures more convincing by scraping victims' emails (Cyberscoop) Researchers say the Emotet is improving its ability to steal financial credentials by using emails scraped from its own victims to make templates.
TrickBot’s Bigger Bag of Tricks (TrendLabs Security Intelligence Blog) TrickBot's module scans for indicators if an infected computer is connected to a network that supports POS services and machines.
Malvertising in Apple Pay Targets iPhone Users (Infosecurity Magazine) Malicious advertising on newspaper and magazine websites is targeting iPhone users.
Half a million Android users tricked into downloading malware from Google Play (TechCrunch) More than half a million users have installed Android malware posing as driving games — from Google’s own app store. Lukas Stefanko, a security researcher at ESET, tweeted details of 13 gaming apps — made by the same developer — which were at the time of his tweet downloadable from Google Pla…
Hackers erase 6,500 sites from the Dark Web in one attack (Naked Security) Dark Web hosting company Daniel’s Hosting was wiped out, taking down about 30% of the Dark Web’s operational and active hidden services.
Here’s why Marines in Afghanistan abruptly shut down their social media account (Marine Corps Times) The sudden removal of the account calls into question transparency concerns regarding the Corps’ combat missions overseas.
Microsoft’s MFA is so strong, it locked out users for 8 hours (Naked Security) It’s a long time for Office 365 and Azure AD users to be locked out of such an important business platform, but MFA remains a good idea.
Malware-Analyse: G Data: GandCrab-Ransomware besonders penetrant (Channel Partner) Die Entwickler der GandCrab-Ransomware setzen laut G Data auf einfache Lösungen wie ein hundertmaliges Aufrufen der Benutzerkontensteuerung, um ihre kriminellen Ziele zu erreichen.
VisionDirect hacked: Hackers infect domains with malicious Google Analytics code (HackRead) Hackers using Google Adwords & Google Sites to spread malwareVisionDirect, one of Europe’s largest online optical retailer that deals with contact lenses and eye care related products has announced that a number of its domains have suffered a data breach in which hackers stole customers’ credit card and banking data.
Analysis | The Cybersecurity 202: At least six states still might not have paper ballot backups in 2020 (Washington Post) The old-fashioned way of counting is the accepted defense against cyber attacks.
Making a PCS move from overseas? Your Social Security number and other personal data might be at risk (Military Times) As troops are making international moves, they may not be aware that their personally identifiable information, such as Social Security numbers, is on the move, too.
Subject: Invoice. The cause of 6 out of 10 of the most effective phishing campaigns (Panda Security Mediacenter) The digital security consultancy, Cofense, has recently published a report about the state of phishing attacks throughout this year.
Beware of Third Party Data Breaches (The National Law Review) A study by Ponemon Institute found the percentage of US and UK companies that faced a data breach because of a vendor or third party is growing. In the US alone, 61% of surveyed respondents
High Tail Hall data breach exposes over 400,000 furry fans (Graham Cluley) An online fantasy role-playing game where participants can dress up as buxom furry animals has had its user database leaked onto the internet.
Security Patches, Mitigations, and Software Updates
You can now sign into your Microsoft account without a password (VentureBeat) You can now sign into Microsoft accounts password-free, thanks to Yubico, Microosft, and other FIDO2 device manufactuerers.
Cyber Trends
The Snowden Legacy, part one: What’s changed, really? (Ars Technica) In our two-part series, Ars looks at what Snowden's disclosures have wrought politically and institutionally.
Cyber Attacks Leave US Telco Companies on Hold for Two Days (PRWeb) EfficientIP, a leading specialist in network security, today revealed in its 2018 Global DNS Threat Report that the telecommunications sector ranks as one o
2018 Global DNS Threat Survey Report (EfficientIP) Discover the prominence and business impact of DNS attacks this past year, plus results from the Coleman Parkes global survey covering multiple sectors.
Survey Says: Security and IT Professionals Are Concerned About Enterprise API Growth (Ping Identity) At Ping Identity, we surveyed 100 security and IT professionals during our IDENTIFY 2018 events in San Francisco and New York about the growing adoption of APIs in the enterprise. The findings point to one conclusion: API security should be at the top of everyone’s minds.
Policy on data protection likely to get tighter worldwide: Fortinet (The Financial Express) Governments and regulators around the world are likely to persist in pushing for greater access to and control over their citizens’ data amid rising incidence of data breach, said Patrice Perche, senior executive vice president for worldwide sales and support, Fortinet.
Cybersecurity a big concern in Canada as cybercrime’s impact grows (WeLiveSecurity) Cybersecurity a big concern in Canada as the impact of cybercrime continues to grow according to the ESET Cybercrime Barometer 2018, a survey that polled 3,500 adults in North America.
Marketplace
Israeli cybersecurity co Tufin plans Nasdaq IPO (Globes) Tufin, which is engaged in network security policy management and firewall management, has met with investment bankers on the planned IPO.
Quantum Machines raises $5.5M to build control and operational layer for quantum computers (TechCrunch) Quantum Machines, an Israeli startup launched by three Ph.D. physicists, wants to build the operational and control layer for quantum computing. Today, it announced a $5.5 million seed investment led by TLV Ventures with participation from Battery Ventures. The three principals have been studying q…
Trillion-dollar loss for big five tech companies as market slump deepens (The Telegraph) One trillion dollars has been wiped off the values of the famous five “FAANG” technology companies as the Silicon Valley stock market rout deepened on Tuesday.
Has the Bitcoin bubble finally burst? (The Telegraph) Another day, another plunge in the digital currency market.
Alphabet Chairman Struggles With Google CEO's China Strategy (Bloomberg.com) Alphabet Inc. Chairman John Hennessy is unsure about a banner strategy of the company’s most-important executive.
Facebook’s Zuckerberg Says He Has No Plans to Step Down as Chairman (Wall Street Journal) Facebook CEO Mark Zuckerberg pushed back against calls for him to step down as chairman and said he hoped to continue working with his longtime chief operating officer, Sheryl Sandberg, in a TV interview.
Internal Facebook memo sees outgoing VP of comms Schrage take blame for hiring Definers (TechCrunch) TechCrunch has obtained an internal memo published by Facebook’s outgoing head of public policy Elliot Schrage in which he blames himself for hiring PR firm Definers. He admits to having the company push negative narratives about competitors, but says Facebook did not ask or pay Definers to p…
Sorry Mark Zuckerberg, Facebook isn’t a “positive force” (Ars Technica) Facebook makes users depressed, and Facebook posts helped fuel ethnic cleansing.
Forcepoint competitor on why it scrapped its EMEA strategy to 'start again' (CRN) iboss EMEA VP tells CRN that he sees no point in the vendor entering into competition with its partners
A New Global Cyber Innovation Summit is Coming to the U.S. (Legaltech News) The Global Cyber Innovation Summit which will be hosted in Baltimore in May 2019 looks to differentiate from other conferences through its proactive risk-oriented approach to cybersecurity.
Tanium CEO leads from the front as company plans 60% growth (IDG Connect) Tanium CEO, Orion Hindawi, talks Brexit, Quantum computing fears, machine learning, and pressures to IPO.
AttackIQ Names Brett D. Galloway as CEO (AttackIQ) Former Cisco executive and Silicon Valley-based founder joins fast-growing innovator in continuous security validation
Products, Services, and Solutions
Amazon Pay Accepted Here? Web Giant Aims to Put Digital Wallet in Stores (Wall Street Journal) Amazon wants brick-and-mortar stores to accept Amazon Pay, its digital wallet service, challenging Apple in the mobile-payments race.
The FCC’s New Spam Rules Makes Oxford BioChronometrics Even More Critical for Business Owners (Equities.com) Due to the rise of bad actors and spam advertising, the FCC is now wielding heavy fines for violators. As a result, business owners must walk a fine line.
Just in Time for the Holidays: KnowBe4 Offers “Safe Travels for Road Warriors” Video (AP NEWS) With the stress of holidays around the corner, KnowBe4 , the provider of the world’s largest security awareness training and simulated phishing platform, is offering up tips for staying safe while you travel with a free video module entitled “Safe Travels for Road Warriors.” The video, which is packed with online safety tips, is available now and will continue to be accessible throughout the 2018 holiday season.
RapidFire Tools Inc. Adds Advanced Breach Detection System to Cyber Hawk Insider Threat Tool (GlobeNewswire News Room) The company’s flagship internal threat detection system gives MSPs Basic and Advanced options for identifying “Advanced Persistent Threats” on client networks
Awake Security Debuts Network Traffic Analysis Platform to Detect Risks (eWEEK) Awake Security enters the cyber-security market with network traffic analysis technology that can help enterprises identify potential risks and cyber-threats.
ZeroFOX Premium Social Media & Digital Threat Data in ThreatConnect (AP NEWS) ThreatConnect, Inc. ®, provider of the industry's only extensible, intelligence-driven security platform, is proud to announce its integration with ZeroFOX. This premium social media & digital threat data integration is now available to ThreatConnect customers and is one of the more than 350 existing integrations and applications available in the ThreatConnect Platform.
Technologies, Techniques, and Standards
How clean is your software supply chain? (Computing) With malware now pervasive and high-profile organisations being breached every day, Computing invites IT leaders to a networking dinner for sharing best practises
Evolving military cyber training starts with how industry delivers software (Fifth Domain) It's clear the U.S. Army is going to have a strong requirement for software development practices such as Agile. Agile and DevOps software methodology for the Defense Department's Persistent Cyber Training Environment.
Disruptive technologies show why government needs data security standards now (Fifth Domain) Innovation could quickly turn to exasperation if a strategy to harden the increasing variety of smart devices is not implemented, according to experts.
Need board support for IT security investments? Think about who they really are first, advises Kier CIO Duncan Stott (Computing) Understanding board members can help when making IT security pitches to them, says Stott
The Country You Save May Be Your Own (Foreign Affairs) The problem of democracy in the United States, Iran teaches us, is neither the forgotten voter nor the handwringing swingvoter; it is the nonvoter, the nearly 103 million Americans who either refused or were unable to cast a ballot in 2016.
The path to improved cybersecurity culture (Information Management) The recent ISACA-CMMI Institute cybersecurity culture research illustrates the accomplishments and gaps that are seen in the cybersecurity culture of many organizations.
The holiday season and cybercrime: 8 ways to protect yourself (Help Net Security) The holiday season has become an unbridled online spending extravaganza, and threat actors have taken notice. Learn how to protect yourself.
Design and Innovation
A clear case for AI in endpoint protection (Security Brief) Today, AV has an alternative, and it is Artificial Intelligence (AI).
Instagram’s Crackdown on Fake Followers Just Might Work (WIRED) Instagram's promise to root out "inauthentic activity" sends some social media marketers into crisis.
How Will We Outsmart A.I. Liars? (New York Times) For better and worse, humans are only improving their ability to deceive themselves with technology.
The Story of Lenny, the Internet's Favorite Telemarketing Troll (Motherboard) Lenny is a decade-old chatbot designed to troll telemarketers that has developed a cult following online. It’s remarkably convincing, but is it actually effective?
Research and Development
Can a new standard prevent an encryption meltdown? (GCN) Even with government and industry working on quantum-resistant encryption, getting any solutions rolled out will take time and a massive effort.
Blockchain Is Especially at Risk for Quantum Attacks, Scientists Warn (Gizmodo) Blockchain is meant to be secure—but a new paper from quantum computing scientists warns that quickly advancing quantum technology poses a vulnerability for the much-hyped blockchain.
Legislation, Policy, and Regulation
China identifies 17 key areas to make AI breakthroughs (ZDNet) The Chinese government is also inviting private entities and research institutions to join the development of key AI projects as the country aims to lead global AI races by 2030.
From cyber to military mobility: EU members endorse new defense objectives (Defense News) EU member states adopt 17 new cooperative projects under the fledgling PESCO pact, an initiative meant to sharpen Europe's military edge.
Cyber Is at the Heart of Indo-Pacific Command Strategy (SIGNAL Magazine) Across the vast Indo-Pacific region, all roads lead to cyber, according to a panel of U.S. and foreign military and civilian experts.
DoD to reorganize, create new security clearance organization (Federal News Network) The Defense Department is planning to merge the National Background Investigations Bureau, Defense Security Service and other entities within the Pentagon to form one, new security clearance entity.
To maintain tech edge, US seeks export controls on AI (C4ISRNET) Before the government can regulate artificial intelligence, it has to define it.
The FCC has a new plan to combat unwanted robocalls and spammy texts (Washington Post) But critics say it could lead to censorship of legitimate messages.
Army creates new defensive cyber project office (InsideDefense.com) The Army has reorganized one of its leading technology project management offices to instead focus on defensive cyber operations, responding to a growing need in that domain.
To Stockpile or Not to Stockpile Zero-Days? (Dark Reading) As the debate rages on, there is still no simple answer to the question of whether the government should stockpile or publicly disclose zero-day vulnerabilities.
Opinion | How should we address the growing power shift from Washington to Silicon Valley? (Washington Post) How do we modernize the government’s crumbling digital infrastructure without giving tech too much control?
Litigation, Investigation, and Law Enforcement
A knife emoji, then silence: The strange story of how China detained the head of Interpol (Quartz) Chinese authorities are investigating Meng Hongwei, who has been missing since late September, for taking bribes.
Russia loses Interpol presidency vote (BBC News) Interpol elects a South Korean as president, rejecting the controversial Russian frontrunner.
Blow for Kremlin as ‘ex‑KGB man’ loses Interpol vote (Times) Russia was dealt a blow this morning when its candidate to become the head of Interpol was defeated. Alexander Prokopchuk, a veteran of the Russian interior ministry, had been seen as the favourite...
U.S. spy agencies sued for records on whether they warned Khashoggi of impending threat of harm (Washington Post) The Columbia University institute seeks documents relating to agencies’ “duty to warn.”
Trump statement sticks with Saudis, hyping economic benefits of alliance (Defense News) President Donald Trump released a lengthy statement justifying the U.S. alliance with Saudi Arabia by focusing on domestic economic benefits and the threat from Iran.
Bitcoin-Rigging Criminal Probe Focused on Tie to Tether (Bloomberg) DOJ investigating whether Tether was used to prop up Bitcoin. U.S. case part of broader review of possible coin manipulation.
Russian challenge to chemical weapons watchdog rejected (Military Times) The global chemical weapons watchdog’s initiative to apportion blame for poison gas and nerve agent attacks survived two institutional challenges from Russia on Tuesday and is set to become operational next year.
IRS Failed to Track 11,000 Breached Social Security Numbers for Tax Fraud (Nextgov.com) The tax agency also failed to review another 15,000 breached taxpayer ID numbers it received for possible fraud monitoring, an audit found.
CBP’s Facial Biometrics Program Has Caught 26 Alleged Imposters (Nextgov.com) Since its rollout this summer, the biometrics program is finding more success at land borders than airports.
Silk Road’s alleged hitman, “redandwhite,” arrested in Vancouver (Ars Technica) Ross Ulbricht told redandwhite that he wanted to put a "bounty" on a vendor's head.
Facebook appeals UK data watchdog’s £500K Cambridge Analytica fine (TechCrunch) Facebook has said it will appeal a £500,000 penalty issued by the U.K.’s data watchdog this summer following a lengthy investigation into the Cambridge Analytica data misuse scandal. Facebook told the regulator an estimated one million U.K. users were among the 87 million of its users whose p…
Facebook failed to stop a child bride being auctioned on its platform (TechCrunch) Facebook failed to prevent its platform being used to auction a 16-year-old girl off for marriage in South Sudan. Child early and forced marriage (CEFM) is the most commonly reported form of gender-based violence in South Sudan, according to a recent Plan International report on the myriad risks fo…
Ivanka Trump’s email use spurs bipartisan calls for investigation (Washington Post) President Trump defended his daughter, but Republicans and Democrats in Congress demanded documents and said they’ll look into her actions.