Cyber Attacks, Threats, and Vulnerabilities
APT Attack Activity Occurs at 'Low, Consistent Hum,' Rapid7 Finds (Dark Reading) Organizations in industries aligned to nation-state interests are main targets of nation-state attack threats, new quarterly threat report shows.
US Intelligence Agencies Fear Rogue Insiders as Much as Spies (Military.com) A proliferation of U.S. intelligence and military insiders have gone rogue and spilled secrets to journalists or WikiLeaks.
Slew of Source Code and Malware Leaks Increases Risk for Organizations (SurfWatch Labs) Earlier this month, an undergraduate student in Korea apologized for creating and making public the joke ransomware “Resenware.” The malware didn’t ask for money to decrypt files; instead, it required victims to score more than 200 million points on the “lunatic” level of the shooting game Touhou Seirensen ~ Undefined Fantastic Object.
Flashpoint - An Analysis of Cybercriminal Communication Strategies (Flashpoint) The ubiquitous usage of encrypted communication tools among cybercriminal communities presents challenges for organizations seeking to combat cybercrime.
An Analysis of Cybercriminal Communications Strategies (Flashpoint) To understand the most common services used worldwide by criminals is to better understand what your organization can do to mitigate risk.
Cybersecurity Startup Tanium Exposed California Hospital’s Network in Demos Without Permission (Wall Street Journal) Cybersecurity firm Tanium spent years pitching its software by showing it working in a client’s network—something the client, a California hospital, says Tanium never had permission to do.
Tanium exposed hospital’s IT while using its network in sales demos (Ars Technica) CEO used client hospital's network in demo "hundreds of times," reports WSJ.
An Open Letter From Tanium’s CEO To Our Customers (Tanium Blog) I can imagine that many of you are getting tired of waking up to the bad Tanium press stories hitting your inbox in the last week. Most of you know our company well, and reading these stories can be disturbing to all of us.
Vigilante Hacker Uses Hajime Malware to Wrestle with Mirai Botnets (BleepingComputer) Hajime, an IoT malware strain discovered last October, appears to be the work of a vigilante who has set out to take over and neutralize as many smart devices as possible before other botnets like Mirai can get ahold of them.
Researchers identify new variant of IoT/Linux botnet (MIS Asia) The Amnesia botnet targets an unpatched remote code execution vulnerability.
Fake Super Mario Run App Steals Credit Card Information (TrendLabs Security Intelligence Blog) Trend Micro has identified more malicious Android apps abusing the name of the popular mobile game Super Mario Run.
Android SMS Spyware Sees Millions of Downloads (Infosecurity Magazine) SMSVova can steal and relay a victim's location to an attacker in real time.
Flashlight App on Google Play Spreads Banking Malware (Cyware) Android users were the target of another banking malware, detected by ESET, with screen locking capabilities, masquerading as a flashlight app on Google Play.
Why Brand Monitoring is a Security Issue - Typosquatting (Anomali) Corporate brands are generally thought of as intangible objects that carry the company’s image and reputation.
Stalkerware Company FlexiSpy Calls Catastrophic Hack ‘Just Some False News' (Motherboard) In the aftermath of a damaging hack, the company is keeping it quiet.
Anonymous India Claims Snapchat Hack, Leaking Details of 1.7 Million users (HackRead) One of the biggest and most popular social networking platforms, Snapchat, has once again become the center of attention.
Neiman Marcus: 2015 Breach Exposed Full Card Details (Data Breach Today) Luxury clothing retailer Neiman Marcus has disclosed that a December 2015 breach compromised more sensitive information than first thought.
Imperva Incapsula uncovers elaborate 80,000-strong spam botnet (SC Magazine UK) Researchers at the security company find that making money online from fake Viagra not so hard.
Tracing Spam: Diet Pills from Beltway Bandits (KrebsOnSecurity) Reading junk spam messages isn’t exactly my idea of a good time, but sometimes fun can be had when you take a moment to check who really sent the email.
Fake Australian Securities and Investments Commission emails target business owners with malware (CRN Australia) Invites recipients to renew their business details.
HHS Watchdog Agency Issues Phone Scam Warning (GovInfo Security) The Department of Health and Human Services has issued a warning for consumers to be on alert for fraudsters
How tech support scammers have made millions of dollars (Naked Security) Researchers who spent eight months digging into the scammers’ techniques reveal the tools the bad guys use and the money they’ve made
Google: “Google Hire” Won't Share Browsing History with Employers (HackRead) Google is known to be in the spotlight for its success mostly, but this wasn’t the case last night.
Security Patches, Mitigations, and Software Updates
Researchers Find Multiple RCE Bugs in Linksys Routers (Infosecurity Magazine) Researchers Find Multiple RCE Bugs in Linksys Routers. IOActive works with manufacturer on issues with Smart Wi-Fi models
Report: Google will add an ad blocker to all versions of Chrome Web browser (Ars Technica) The owner of the Web's biggest advertising platform is building an ad blocker?
Mozilla: The Firefox Attacks Wikileaks Gave to Us Were Already Fixed (Motherboard) Turns out three potential Firefox vulnerabilities found in a cache of alleged CIA files were dealt with in 2012 and 2014.
LG G6 On Verizon Receives A Notable Update Adds April Security Patches (Droid Report) Verizon’s First LG G6 update with Android April security patches adds a couple of extra features.
Patched Flaw in Bosch Diagnostic Dongle Allowed Researchers to Shut Off Engine (Threatpost) Two vulnerabilities were identified in Bosch’s Drivelog Connect OBD-II dongle and smartphone app that allowed researchers to shut off the engine of a vehicle.
Microsoft Touts New Phone-Based Login Mechanism (Threatpost) Microsoft announced this week its giving users a new way to sign into their accounts without long and complicated passwords.
How to bypass Microsoft's update block for Windows 7, 8.1 (Network World) GitHub user Zeffy created a custom patch to defeat Microsoft's update block for Windows 7 and 8.1 users using devices powered by next-gen processors.
Microsoft's new Patch Tuesday gets mixed reviews (CRN Australia) Security bulletins replaced with updates guide.
Cyber Trends
Rapid7 Threat Report 2017 Q1 (Rapid7) The “threat landscape” is a moving, shifting form that will look different to different organizations—it all depends on where you are standing.
Organizations are not effectively dealing with open source security threats (Help Net Security) Black Duck open source audits of 1000+ applications show widespread weakness in addressing open source security vulnerability risks.
How secure are banks and financial services firms? (Help Net Security) Many senior bank executives are confident about their cybersecurity strategy, yet a lack of practical testing is leaving gaps in their defense.
Be Compromise Ready: Go Back to the Basics (BakerHostetler) Cybersecurity carries a certain mystique.
Fighting ‘the boy’s club’ mentality in cyber security (IT World Canada) Few IT leaders would deny that having staff with a wide range of backgrounds is an advantage. But with men still dominating
Marketplace
Feds face big obstacle in cyber efforts: Geography (TheHill) There’s a major overlooked challenge in the government’s struggle to shore up its cybersecurity, experts say: the location of the nation’s capital.
Tanium CEO Apologizes for Being ‘Hard-Edged’ After Executive Exodus (Bloomberg.com) Cybersecurity startup used hospital's computer network for sales pitches without permission
IBM Should Buy Palo Alto Networks (Seeking Alpha) IBM accomplished a rare feat of quarterly year-over-year revenue declines for 20 consecutive quarters. Instead of wasting money on share buybacks, IBM needs to
OCX May Pave Way For ‘Huge’ Raytheon Cyber Business (Breaking Defense) OCX, for the last two years the most troubled space acquisition program and a watchword for the high risks of being the first program to try and meet the Pentagon’s highest cyber security standards, may now open the way for Raytheon to plow its way deep into the rich fields of the cyber security market.
Dome9 Security nets $16.5 mln Series C (PE Hub) Mountain View, California-based Dome9 Security, a provider of cloud infrastructure security solutions, has raised $16.5 million in Series C funding. SoftBank led the round.
Cylance layoffs hit Australian shores (CRN Australia) Trusts distributor for marketing and sales approach.
How a high schooler hacked into a security company and ended up with a job (CNBC) When top security expert Dug Song found out he was hacked by student Jono Oberhide, he ended up teaming up and starting a company.
Ingram Micro signs distribution agreement with ESET to offer security for Canadian partners (Computer Dealer News) Ingram Micro is making sure its Canadian partners can choose from the most up to date security solutions available. The tech distributor
Ingram Micro Named Global Symantec Distribution Partner (IT Briefing) Building on its success in advanced IT security, Ingram Micro Inc. is now a key global distribution partner for Symantec and an authorized distributor for the network security portfolio Symantec gained through its acquisition of Blue Coat last August.
WISeKey to Leverage Zug Position in Switzerland as Crypto Valley by Establishing an IoT Blockchain Center of Excellence (Yahoo! Finance) WISeKey International Holding Ltd , a leading Zug domiciliated Swiss cybersecurity and Blockchain IoT company announced today its intention to establish an Internet of Things Blockchain Center of Excellence in the Canton of Zug aiming to deploy a Trusted Blockchain as a Service platform.
Software firm Corero bags multi-year contract with big-name internet service provider (Proactiveinvestors UK) Corero Network Security PLC (LON:CNS) - Corero will provide its SmartWall products and SecureWatch services to the internet service provider’s customers
CIO Applications Names Delta Risk LLC as Top 25 Cyber Security Company (Broadway World) CIO Applications names Delta Risk LLC as Top 25 Cyber Security Company
Splunk Named One of the “Best Places to Work” for 10th Consecutive Year (Yahoo! Finance) Splunk Inc. , provider of the leading software platform for real-time Operational Intelligence, today announced it has been named one of the “Best Places to Work” in the Bay Area by the San Francisco Business Times.
Teradata puts the swagger back in its step (BW CI World) From a technology focused company, Teradata took big strides in the past year to become more customer focused. It embraced open source technologies, the cloud and software defined analytics. Teradata also made a foray into consulting services.
iovation Appoints Dwayne Melancon as New Vice President of Product (MarketWired) Noted cybersecurity expert to lead innovation for growing fraud prevention and authentication provider
OWL Cybersecurity Appoints Andrew Lewman as Vice President (Businesswire) Executive to bring darknet expertise and business strategy to Vice President role
Karen Dayan Appointed Chief Marketing Officer of Trusona (PRNewswire) Trusona, the leader in simply secure identity authentication, today...
Robert Zitz Joins SSL as SVP and Chief Strategy Officer (WashingtonExec) Space Systems Loral, a provider of innovative satellites and spacecraft systems, announced this week it is increasing its commitment to support U.S. gov...
Here’s the businesswoman who will replace the longtime former CEO on Tech Data’s board (Tampa Bay Business Journal) Tech Data Corp. shareholders will vote on adding a top executive from a government technology consulting firm to the Tech Data board of directors.
Security Orchestration Automation & Response Leader CyberSponse, Inc. Has Raised the Bar by Electing Larry Johnson as the Company’s Next Chief Executive Officer (PRWeb) CyberSponse, Inc., the global leader in Security Orchestration Automation and Response, has raised the bar by electing Larry Johnson as the company’s next Chief Executive Officer.
Former Sourcefire CEO John Becker Joins Cyren Board as Outside Director (PRNewswire) Cyren (NASDAQ: CYRN), an internet Security as a Service provider,...
Glance Technologies Appoints Former VP of Cisco Systems, Inc. to Board of Directors (Sys-Con Media) Glance Technologies Inc. (OTCQB:GLNNF) (CSE:GET.CN) (CSE:GET.RT) (FKT:GJT) is pleased to announce the appointment of Mr. Larry Timlick to its board of directors as of April 18th, 2017.
Products, Services, and Solutions
IIoT: New Industrial Security Solution for Secure Modbus Protocol Communication available from Rohde & Schwarz Cybersecurity (Rohde & Schwarz Cybersecurity) SCADA, CIS, ICS and similar Modbus protocol communication based industrial systems become much more vulnerable due to their increasing connection to the Internet.
Sophos Boosts Server Protection Products with Next-Gen Anti-Ransomware CryptoGuard Technology (Finanz Nachrichten) Sophos (LSE: SOPH), a global leader in network and endpoint security, today announced, that its next-generation anti-ransomware CryptoGuard
Cyphort Introduces the Anti-SIEM (Yahoo! Finance) Cyphort Inc. today unveiled a powerful security analytics platform that empowers enterprise security teams with the prioritized, actionable intelligence required for fast, interactive threat investigation ...
Balabit Introduces Shell Control Box 5 for Improved Incident Management (SecurityInfoWatch.com) New version of Balabit's Privileged Session Management solution speeds up forensic investigations, leverages existing security investments, and provides a best-of-breed user experience
ManagedMethods Announces Support of Gmail and Office 365 Email Featuring Check Point SandBlast Zero-Day Protection (Businesswire) Today at the CPX 2017 conference ManagedMethods, a provider of cloud security solutions, announced its new email scanning feature and an expansion of
Bay Dynamics and Grant Thornton to help companies make simpler, more cost-effective cyber decisions (Yahoo! Finance) Bay Dynamics® is partnering with professional services provider Grant Thornton LLP – the U.S. member firm of Grant Thornton International Ltd – to help companies make simpler, more cost-effective cyber security decisions.
IBM Security App Exchange Now Features Over 90 Custom Applications (PRNewswire) IBM (NYSE: IBM) announced today that the IBM Security App Exchange has grown to over 90 custom applications from IBM and Business Partners, fostering innovation and collaboration amongst the security community. Over 30,000 apps, content packs and tools have
RapidFire Tools Inc. Launches Unlimited-Use Internal Cyber Security Service Delivery System For MSPs (Yahoo! Finance) RapidFire Tools Inc. has bundled together a powerful new set of tools that, for the first time, allows MSPs to roll-out a high-value, automated and branded internal IT security service that can be offered ...
NIST Includes MobileIron and Entrust Derived Credentials in Reference Architecture (Yahoo! Finance) MobileIron (NASDAQ:MOBL), the security backbone for the digital enterprise, and Entrust Datacard, a leader of trusted identity and secure transaction ...
Malwarebytes Integrates with ForeScout to Deliver Real-Time Threat Visibility and Remediation (Businesswire) Malwarebytes™ today announced an integration with ForeScout Technologies, Inc.
Swimlane Achieves Cisco Compatibility Certification With the Cisco Solution Partner Program (Yahoo! Finance) Swimlane announced that its automated incident response and security orchestration platform, Swimlane, has successfully achieved Cisco compatibility certification with Cisco Threat Grid.
Sumo Logic Extends Support for SaaS Contracts on AWS Marketplace (Marketwired) New flexible subscription and procurement model enables AWS users to purchase the industry's leading cloud-native machine data analytics platform with a single click
Arrow Electronics Expands Security Offerings via Its Seneca Brand (null) Dell EMC OEM video and surveillance products now available in Seneca-bundled solutions
Arrow Electronics Expands Security Offerings via Its Seneca Brand (null) Dell EMC OEM video and surveillance products now available in Seneca-bundled solutions
HyTrust Helps Feds Meet Cloud Security Mandate (SDxCentral) HyTrust cloud security products aim to make it easier for public agencies to comply with a federal cloud security mandate.
Threat Sketch Creates Free, Custom Cybersecurity Plan for North Carolina Business (PRNewswire) One local business owner is grateful for having participated in...
BlueCat DNS Edge Pounces on Insider Threats (eSecurity Planet) The solution uses DNS data to detect suspicious behavior within enterprise networks.
Technologies, Techniques, and Standards
Cylance Battles Malware Testing Industry (Security Week) After a brief respite, the animosity between the incumbent anti-virus vendors and the newcomer machine learning (ML) endpoint protection vendors has returned; and the focus is still on testing.
Google Won't Trust Symantec and Neither Should You (Dark Reading) As bad as this controversy is for Symantec, the real damage will befall the company and individual web sites deemed untrustworthy by a Chrome browser on the basis of a rejected Symantec certificate.
The Cost Of Cyber Breach -- How Much Your Company Should Budget (Forbes) Ariel Evans is an American Israeli cybersecurity expert, entrepreneur and business developer. She recently took the helm of an Israeli cyber risk company that provide enterprises, cyber insurers and M&A teams quantification of cyber risk. Additionally, she consults for over 30 Israeli companies and is the go-to person in Israel that connects cyber startup companies to funding and business development opportunities.
What You Need To Know About Fourth-Party Vendor Risk (BitSight) Your third parties aren’t the only vendors you should be thinking about. Here’s what you need to know about monitoring fourth-party vendor risk.
DNS Query Length... Because Size Does Matter (SANS Internet Storm Center) n many cases, DNS remains a goldmine to detect potentially malicious activity.
Five Principles for Improving Medical Device Cybersecurity (HealthcareInfo Security) Medical device manufacturers and healthcare entities should take five key cyber-related steps to help ensure patient safety, says Beau Woods of the grassroots
Improve employee device access, security for happier workplace, customers: Dell (Techgoondu) Better devices for employees and improved security are the priorities for Southeast Asian firms seeking workplace transformation to better serve customers.
Design and Innovation
Security and the human factor: Creating a positive user experience (Help Net Security) Despite the myriad of security solutions deployed, breaches are still happening. Even with robust security solutions, we’re failing with the fundamentals.
Venafi: automate cryptographic functions in DevOps, or die, basically (Computer Weekly) DevOps is, obviously, a coming together of Developers and Operations teams. All well and good, but what about security?
MasterCard trials biometric bankcard with embedded fingerprint reader (TechCrunch) MasterCard is trialling a Chip and PIN bankcard that includes an embedded fingerprint reader, introducing a biometric authentication layer for card payments..
Blockchain: 'Overhyped' buzzword or real-deal enterprise solution? (CSO Online) While blockchain technology may be a hotspot in data privacy, experts disagree about whether it’s a good fit for enterprises that have traditionally relied on centralized data control.
Weaknesses in Bitcoin and blockchain might undermine efforts to expand their use (MIT Technology Review) An expert who is studying Bitcoin and blockchain technologies says those looking to commercialize them need to be aware of potentially dangerous technical issues.
What are Schnorr Signatures? (The Merkle) Every bitcoin user knows the popular currency is based on cryptographic standards and technology. As a result, bitcoin developers can regularly introduce new features to make the currency more secure
Academia
ICMCP Announces Cybersecurity Educational Scholarship Award Provided by Conventus Corporation (PRWeb) Award provides $5,000 for selected ICMCP member student over 2 years for undergraduate degree program
Legislation, Policy, and Regulation
How Israeli Conscription Drives Innovation (Foreign Affairs) The IDF’s conscription system has brought great benefits to Israel’s economy. In European countries, a selective draft has the potential to produce the same results.
Intelligence Community Pushes to Keep Surveillance Powers (Foreign Policy) Maintaining existing foreign intelligence powers is "the intelligence community’s top legislative priority for 2017," a new document notes.
The FISA Amendments Act: Q&A (IC on the Record) The Intelligence Community’s top legislative priority for 2017 is reauthorization of the FISA Amendments Act.
Schiff advocates for NSA, Cyber Command split (TheHill) The top Democrat on the House Intelligence Committee is calling for the National Security Agency (NSA) to be split from U.S. Cyber Command.
Army looks to revamp its intelligence enterprise from the 'bottom-up' (FederalNewsRadio.com) Interviews and surveys are asking commanders at every level what they'll need from the intelligence corps over the next decade.
A Plan to Tamp Down Defense Network Cyberthreats (SIGNAL Magazine) The Defense Department should adapt this two-phase plan to make network security more agile and automated in the rapidly evolving threat landscape.
(ISC)2 Issues Recommendations to Trump Administration (Infosecurity Magazine) (ISC)2 urges prioritization of workforce development within the pending cybersecurity executive order.
Huge new boost for cyber sector (InnovationsAus.com) The Turnbull government’s $230 million Cyber Security Strategy turns one this week and the industry scores a boost from a new Cyber Security Sector Competitiveness Plan launched today.
Tech firms are our next line of defence (Times (London)) Driving a tank is an unenviable task. The commander must decide where to go and where to direct fire, based on limited visual information. Recently FFI, the Norwegian government’s defence research...
Data compliance top of mind for Japanese enterprises as legal deadline looms (Security Brief) More than half of Japanese enterprises are increasing their security spending – and topping the list is compliance.
Who cares about Directives? Why UK companies will benefit from the harmonisation of trade secret law (Computing) Anette Gaertner of Reed Smith explains how the Trade Secrets Directive of 2018 will have a two-fold effect on UK firms
Startup Action Plan: What It Means to Security Practitioners (InfoRisk Today) Despite a slew of measures announced by the Modi government last year to encourage cybersecurity startups in the region, security experts argue that converting
Litigation, Investigation, and Law Enforcement
The Doxing of Equation Group Hackers Raises Questions About the Legal Role of Nation-State Hackers (Empty Wheel) Update: I should have caveated this post much more strongly. I did not confirm the names and IDs released in the dump are NSA’s hackers. It could be Shadow Brokers added names to cast blame on someone else. So throughout, take this as suspected doxing, with the possibility that it is, instead, disinformation.
Trend Micro Sponsors First Ever Guide for Cybercriminal Investigations (Businesswire) Trend Micro today announced the release of the first edition Cybercrime Investigation Body Of Knowledge (CIBOK) book by the CIBOK editorial committee.
Siemens employee catches coworker trying to sell secrets to China (CSO Online) China's hand was caught in the cookie jar, again. In early April 2017, an employee of Siemens was arrested on suspicion of espionage, the theft of trade secrets and intellectual property.
Bose in court for alleged eavesdropping (CRN Australia) Selling users' information without permission.
You Probably Shouldn’t Forge a Judge’s Signature to Solve Your SEO Problems (Motherboard) A jewelry company CEO was arrested on Monday and charged with forging court orders in order to de-index negative reviews on Google.
Lawsuit: Neo-Nazi website owner is liable for harassing Montana real estate agent (Ars Technica) "It's that time, fam... ready for an old fashioned Troll Storm?"
PGP public key and self-service postal kiosk expose online drug dealers (Ars Technica) Second of 2 AlphaBay sellers arrested in 2016 pleads guilty: Abdullah Almashwali.