Cyber Attacks, Threats, and Vulnerabilities
Ongoing Holyrood cyber attack fails to breach security (BBC News) A "brute force" cyber attack is ongoing, but has failed to breach security systems at the Scottish Parliament.
North Korean Cyberspies Target US Defense Contractors Following Nuclear Threats (BleepingComputer) The North Korean cyber-espionage group known as the Lazarus Group has been busy hacking US defense contractors, according to a report published on Monday by security research firm Palo Alto Networks.
Latest Aadhaar leak exposes security flaws in app developed by NIC (Hindustan Times) In recent months, websites maintained by NIC have inadvertently published the Aadhaar numbers and financial details of millions of citizens.
Tipping Point: Why have Aadhaar numbers been deactivated? (Business Standard) Unique Identification Authority of India (UIDAI) has deactivated about 8.1 million Aadhaar cards
Russian security chief warns against the use of foreign IT in state sector (RT International) The head of the Security Council of Russia says the use of foreign data technology by state structures could result in the infrastructure servicing the state one day being blocked from the outside.
Exploit leaks are a cyber security game changer, says Kaspersky Lab (ComputerWeekly) Leaked exploits became the game changer of the cyber threat landscape in the second quarter of 2017, say security researchers
Exploit Packages Lead to Five Million Attacks in Q2 (Infosecurity Magazine) Exploit Packages Lead to Five Million Attacks in Q2. Kaspersky Lab claims leaked exploits are causing widespread damage
LG service centers in S.Korea Possibly Hit By WannaCry ransomware (HackRead) LG Electronics' service centers have been targeted by cyber criminals leading to ransomware infecting of its self-service kiosks and blocking it from funct
NotPetya aftermath: Companies lost hundreds of millions (Help Net Security) The NotPetya ransomware attack, which started in Ukraine on June 27 but later spread internationally, has resulted in huge monetary losses for the victims.
Google Chrome under attack: Have you used one of these hijacked extensions? (ZDNet) Recent versions of several Chrome extensions have been compromised to spread malicious ads.
(Banker(GoogleChromeExtension)).targeting("Brazil") (SANS Internet Storm Center) A new day, a new way to steal bank data in Brazil. Scammers are calling and urging victims to install a supposed update of the bank's security module. In fact, it is a malicious extension of Google Chrome capable of capturing the information entered by the user during access to the bank account.
Bank-fraud malware not detected by any AV hosted in Chrome Web Store. Twice (Ars Technica) Extension that surreptitiously steals bank passwords uploaded twice in 17 days.
Eight Chrome Extensions Hijacked to Deliver Malicious Code to 4.8 Million Users (BleepingComputer) Six more developers have had their Chrome extensions hijacked in the past four months, according to new evidence surfaced yesterday by Proofpoint researcher Kafeine.
Were the Kenyan Elections Conducted Successfully? (Foreign Affairs) For the most part, the Kenyan elections showed how digital technology can help to overcome problems of distrust during the voting process.
Doubts over EVM security again as RTI reveals theft of 70 voting machines (Moneycontrol) The Election Commission of India (ECI) has repeatedly claimed that EVMs are unhackable and tamper-proof.
A Deep Flaw in Your Car Lets Hackers Shut Down Safety Features (WIRED) A new wrinkle in auto-hacking research points to a fundamental vulnerability in the CAN protocol cars' innards use to communicate.
Hackers can shut down critical security features in most modern cars: report (TheHill) With physical access to car components, someone could disable any component using the CAN bus network.
HBO Social Media Accounts Hacked (EXCLUSIVE) (Variety) Way to kick HBO while it’s down. As if the Time Warner-owned cable network didn’t have enough problems to worry about with cyberattacks, a notorious hacking group took over the company&…
EV ransomware is targeting WordPress sites (Help Net Security) Wordfence has flagged several attempts by attackers to upload ransomware that provides them with the ability to encrypt a WordPress website’s files.
Cerber Fights Anti-Ransomware Tools (Dark Reading) Deception technology is the popular ransomware's latest target.
Vaccine discovered for Cerber ransomware - based on its own evasion (SC Media UK) Hackers try to circumvent anti-ransomware, gives researchers vital clues to combat threat of Cerber
Locky Ransomware Variant Slips Past Some Defenses (Threatpost) Ransomware called IKARUSdilapidated is managing to slip into unsuspecting organizations as an unknown file.
Security Alert: Locky Adds the .lukitus Extension, Spreads through Waves of Malspam (Heimdal Security Blog) New variant of Locky Ransomware spreads through waves of malspam.
2016 Open-Source Repo Continues to Fuel the PHP Server Ransomware Scene (BleepingComputer) A PHP ransomware project open-sourced on GitHub is still spawning active threats, more than a year after it was released in early 2016.
New pulse wave DDoS method lets attackers hit multiple targets (CSO Online) In a new type of DDoS attack, skilled bad actors use pulse wave DDoS assaults to exploit weaknesses in appliance-first hybrid mitigation solutions and pin down multiple targets.
Websites Selling DDoS Services and Tools on the Rise in China (Dark Reading) Researchers detect an increase in Chinese websites offering online DDoS services within the past six months.
Companies are buying bitcoin to pay off hackers, says top cybersecurity CEO (CNBC) Jim Cramer spoke with CyberArk's Udi Mokady to hear about how companies are getting involved with cryptocurrencies because of cyberattacks.
Maldoc with auto-updated link (SANS Internet Storm Center) Yesterday, while hunting, I found another malicious document that (ab)used a Microsoft Word feature: auto-update of links. This feature is enabled by default for any newly created document (that was the case for my Word 2016 version). If you add links to external resources like URLs, Word will automatically update them without any warning or prompt.
Sarahah app craze continues: 10 things you should know before you start using it (India Today) Sarahah has become the talk of the town. Everyone on social media, be it on Facebook, Twitter, Instagram or Snapchat, is talking about Sarahah, an app that allow users to send anonymous messages to others registered with the app. The key highlight of Sarahah is that it doesn't reveal the identity of the sender of the message at any given cost. This is where Sarahah stands out from other similar applications available on the Play store.
Millions of RDP Endpoints Exposed Online and Ready for Bad Things (BleepingComputer) An Internet-wide scan carried out by security researchers from Rapid7 has discovered over 11 million devices with 3389/TCP ports left open online, of which over 4.1 million are specifically speaking the RDP protocol.
Software maker admits attackers hid backdoor in entire suite of products (Computing) South Korea's NetSarang holds hands up to 'ShadowPad' backdoor hack of its server management products
Supply chain attack inserted backdoor into popular server management software (Graham Cluley) A supply chain attack is believed to have been responsible for surreptitiously inserting a backdoor into widely used server management software.
Internet turns on white supremacists and neo-Nazis with doxing, phishing (Ars Technica) Many fear being outed from photos, but now the real cyber game against “alt-right” begins.
Doxing Is a Perilous Form of Justice—Even When It's Outing Nazis (WIRED) While the extreme right and the far left use different logic to justify their actions, the end result is often the same.
The Ethics of Doxing Nazis on Social Media (Motherboard) The important question is: does any of this help?
Neo Nazi site DailyStormer moves to dark web that's as good as dead (HackRead) On August 14th it was reported that Internet domain registrar and web hosting giant GoDaddy banned the racist and neo-nazi website Daily Stormer from its p
DigitalOcean and Cloudflare ditch neo-Nazi client, The Daily Stormer (TechCrunch) Following the violent far right demonstrations in Charlottesville at the weekend, another two web services companies have terminated their business..
The Daily Stormer’s Last Defender in Tech Just Dropped It (WIRED) Cloudflare pulls the plug on a white supremacist site, after years of declaring neutrality.
CloudFlare CEO says his Daily Stormer takedown was “arbitrary” and “dangerous” (Ars Technica) “I woke up this morning in a bad mood and decided to kick them off the Internet.”
Tech is not winning the battle against white supremacy (TechCrunch) Content warning: This post contains racial slurs, homophobic language and very graphic depictions of racism and violence. If you were just paying attention..
Web hosting, CDN companies torn as to how to respond to racist websites (Ars Technica) Dreamhost, meanwhile, “will host any website as long as its content is legal.”
Email Provider ProtonMail Says It Hacked Back, Then Walks Claim Back (Motherboard) There’s plenty of appetite for "hacking back," but in many contexts it’s likely illegal for companies to retaliate against cybercriminals.
Black Hats VS Computer Security Companies – an ongoing campaign? (cyberdb.co) In Late July 2017 hackers leaked information from Cybersecurity company - another episode in a historical battle between blackhats and security companies
Becker County website shut down by cyber attack (WDAY) Becker County is under a cyber attack that has taken down its website, disabled its printers and is now slowly corrupting its entire IT network, according to Becker County Administrator Jack Ingstad."Apparently we got the ransom request from whoever's doing it to pay them off,"...
Security Patches, Mitigations, and Software Updates
Google Removes Chrome Extension Used in Banking Fraud (Threatpost) Google has removed the Interface Online Chrome extension. The plugin was used in Brazil to target corporate users with the aim of stealing banking credentials.
Adobe Flash's Final Countdown Has Begun (Threatpost) The impending demise of Adobe Flash will create legacy challenges similar to Windows XP as companies begin to wean themselves off the vulnerable code base.
Cyber Trends
On-premises workloads have more security incidents than those in the public cloud (BetaNews) According to a new survey, workloads run on in-house systems suffer 51 percent more security incidents than those on public cloud services.
Insider Threats Loom Large for Security Pros (Dark Reading) Insider threats pose a greater challenge to security pros than external threats, according to a recent survey.
BYOD Drives Prevalence of Insider Threat (Infosecurity Magazine) BYOD Drives Prevalence of Insider Threat. Dtex report claims staff negligence is key cause of breaches
Why Cyber Attacks are Not as Scary as they Sound (Infosecurity Magazine) The truth is that there are already excellent processes and diligent professionals that have kept us safe, and will continue working to keep us safe.
In Search of an Ethical Code for Cybersecurity (Infosecurity Magazine) Ethics plays a big part in many lines of work, but what about information security?
Marketplace
Respond Software Powers The Self-Driving SOC™ (Respond Software) First company to automate analyst decision-making receives $12 million in Series A funding from CRV and Foundation Capital
Codacy, a platform that helps developers check the quality of their code, raises $5.1M (TechCrunch) Codacy, a startup based in Lisbon, Portugal that offers what it calls an "automated code review platform," has raised $5.1 million in Series A funding. EQT..
Digi.me and Personal merge to put you in control of the nascent ‘personal data ecosystem’ (TechCrunch) Digi.me and Personal, two companies that broadly play in the personal data space by offering apps to securely store and share various data about yourself, are..
Claims resurface that Kaspersky helped Russian intelligence (ZDNet) Yes, Kaspersky Lab works with government law enforcement agencies, just like American ones do. The company denies any wrongdoing with its work with Russia's government.
Booz Allen wins $91M Missile Defense cyber contract (Washington Technology) Booz Allen Hamilton wins a five-year, $91.5 million contract for cybersecurity and computer network defense support services to the Missile Defense Agency.
SAIC to support Marine Combat Operations Center in $39M task order (UPI) Science Applications International Corporation will provide engineering services to support the U.S. Marine Corps Combat Operations Center.
Cisco: Looking For A Comeback In Security And Services (Seeking Alpha) Cisco Systems will report fiscal 4Q17 results this Wednesday after the closing bell. Will services and security, key tenets of the investment thesis, engineer a
You Wouldn't Believe the Size of Cisco's Cybersecurity Unit (The Motley Fool) With over $2 billion in annual revenues, Cisco’s cybersecurity business is becoming a threat to smaller stand-alone players.
Cybercompany adds pair of former Mach37 execs to help its growth (Washington Business Journal) Chantilly cybersecurity startup Atomicorp has big plans to boost its profile and raise money — and it has brought on a pair of former Mach37 executives to help.
Former Splunk Executive Pete Sicilia Joins Periscope Data as Vice President, Customer Success (GlobeNewswire News Room) Former VP of data and analytics at Splunk brought on to scale customer success and solutions, accelerate new initiatives including professional services and customer education
Products, Services, and Solutions
Netsparker is now enabling open source projects to secure their application with unlimited web security scans with Netsparker Cloud (Netsparker) Press Release | Open source developers can now obtain unlimited web security scans with Netsparker Cloud web application security scanner.
Top Security Tools of 2017 (CSO Online) Go hands-on with some of the most innovative and useful security tools from today's most important cybersecurity technology categories.
Top 10 Enterprise Encryption Products (eSecurity Planet) Encryption remains a mainstay of IT security technology, a critical tool for protecting sensitive data. We evaluate the top encryption solutions.
Eset DESlock: Encryption Product Overview and Analysis (eSecurity Planet) We review Eset DESlock, an enterprise encryption tool that allows remote device wipe and control and ease of management and use.
IBM Guardium Data Encryption: Product Overview and Analysis (eSecurity Planet) We review IBM Guardium Data, which performs encryption and decryption with minimal performance hit and requires no changes to databases, apps or networks.
Ethereum Blockchain Powers Vault One Password Service (eSecurity Planet) Ethereum isn't just for cryptocurrency anymore as a new startup uses the underlying open-source blockchain to help improve password security.
Deloitte Selects Miami Based Unified Technologies Ltd. to Form Cyber Security Alliance Serving the Caribbean (PRNewswire) Unified Technologies, a Pan-Regional IT solutions provider with...
IBM and Sony build secure student data store using blockchain (Computing) The platform will hold student records and learning history.
Enterprises still struggle with password policies (BetaNews) Passwords and their effectiveness is a subject that continues to come under the spotlight, particularly with the publication of a recent United States National Institute for Standards and Technology (NIST) document recommending a move to passphrases.
Technologies, Techniques, and Standards
The Day of Reckoning: Cybercrime's Impact on Brand (Dark Reading) Why the security industry needs to invest in architecture that defends against reputational damage as well as other, more traditional threats.
Organizations Willing to Try Out Longer Passwords, Study Finds (eWEEK) Security awareness vendor KnowBe4 surveyed IT professionals' views on new NIST guidance that advocates the use of longer passwords.
How to spot malicious mobile apps (Help Net Security) RiskIQ researchers advise users on how to spot malicious mobile apps: be on the lookout for 3 suspicious things when evaluating the legitimacy of an app.
Preparedness & Cyber Risk Reduction Part Five C: Operations-Based Exercises (SurfWatch Labs, Inc.) As we continue in our series on Preparedness, and concluding this mini-series on exercises, in the section that follows, we’ll look at different types of operations-based exercises as we continue t…
Israeli firm hacks the hackers, and has advice how to beat them (The Times of Israel) What are cyberattackers looking for, and what do they do when they find it? A report by cybersecurity company Imperva has some answers
The human point: Gaining visibility into the context behind user actions (Help Net Security) Dr. Richard Ford, Chief Scientist at Forcepoint, talks about doing some of the fundamental research around what we call the human point.
What to know before buying AI-based cybersecurity tools (Healthcare IT News) These tools have evolved in maturity, and there are ways to conduct due diligence to get past the hype.
Managing Manufacturing Cybersecurity (Pharmtech) Everyone from IT departments through to manufacturing line personnel should be aware of cybersecurity threats and how to prevent attacks.
Design and Innovation
Apple's biometric identity crisis (CRN Australia) [Comment] Is Apple planning an about-face on its next iPhone’s biometric security?
Bitcoin Is Forking. Again. (Motherboard) In November there will be three versions of the world's most popular cryptocurrency.
Research and Development
NSA Awards Grant to CSU for Cyber Training Tool (MeriTalk) The National Security Agency gave Columbus State University in Georgia a $174,000 grant to develop a cybersecurity training tool.
Academia
RIT named a National Center for Academic Excellence in Cyber Defense Research (EurekAlert!) Rochester Institute of Technology has been nationally recognized for its significant contributions in defending America's cyberspace through computing security research. RIT has been designated as a National Center of Academic Excellence in Cyber Defense Research (CAE-R) through the year 2022.
Teams needed for High School Cyber Challenge (UPMATTERS) Michigan high school students are invited to become cyber warriors this Fall and compete in the second annual Governor’s High School Cyber Challenge.
University of West Florida announces Florida Cyber Range virtual platform (Pensacola News Journal) The UWF Center for Cybersecurity announced the creation of the Florida Cyber Range, an platform that will supply hands-on education and training.
Hacker Halted Security Conference Complimentary for Women through IBM Security Scholarship (PRWeb) To increase female representation in information security, IBM is funding a scholarship that will cover 100% of the entry fees for women to attend EC-Council’s largest annual cyber security conference, Hacker Halted.
Legislation, Policy, and Regulation
21 smartphone makers, a chunk of them Chinese, told to share security info or face action (The Economic Times) The government has given the companies, a large majority of which are Chinese, time till August 28, to revert with the details of processes they follow.
Asian regulators stepping up as cyberattacks increase: Deloitte (The Business Times) AS worries grow over a financial cyber crisis, Asia's regulators are stepping up their efforts to tackle the risks while facing a number of challenges, said a Deloitte report released on Wednesday. Read more at The Business Times.
Defense execs back Trump's move to investigate Chinese theft (InsideDefense.com) In a statement, the chief executive of the National Defense Industrial Association today praised President Trump's new effort to stem Chinese theft of U.S. intellectual property.
Assistant Secretary for Infrastructure Protection: Who Is Christopher Krebs? (AllGov) Krebs joined the George W. Bush administration as a policy adviser to Bob Stephan, then the assistant secretary for infrastructure protection. Krebs helped develop and implement DHS’ Chemical Facility Anti-Terrorism Standards regulatory program. Krebs left government in 2009 to join Dutko Risk Management, a lobbying firm, as a VP in a new division to focus on consulting with governments and businesses on risk-management issues involving threats and disaster recovery.
DHS cyber shop seeks CTO (FCW) A key cyber hub at the National Protection and Programs Directorate is looking for a top tech officer.
Air Force CISO says innovation key to future cyber defense (Defense Systems) According to senior Air Force officials, airmen are encouraged to take an innovative approach to cyber defense.
Army cyber Guard transition ceremony historic moment (DVIDS) The transition of authority between 169 Cyber Protection Team (CPT) and Task Force Echo (TFE), U.S. Army National Guard (ARNG), at the McGill Training Center August 15 was more than just a ceremony – it was a historic and impactful event for the Army cyber enterprise and the Nation.
Litigation, Investigation, and Law Enforcement
Ukraine malware author turns witness in Russian DNC hacking investigation (Ars Technica) “Profexor” turns self in to Ukrainian authorities, assists FBI in DNC hack investigation.
In Ukraine, a Malware Expert Who Could Blow the Whistle on Russian Hacking (New York Times) For the first time, an actual witness has emerged in the election hacking, and he has been interviewed by the F.B.I.
There's Now At Least One Real, Live Witness In FBI's Election-Hacking Probe (Talking Points Memo) A New York Times report out this morning contains a rare glimpse into the workings of a notorious hacking team that’s been chased by an...
Shady pro-Russia group tries to infiltrate liberal media with conspiracy about DNC hack (ShareBlue) The same group that denied the Syrian dictator gassed his people are now responsible for a report blaming the DNC for an internal leak.
Verizon—Yes, Verizon—Just Stood Up For Your Privacy (WIRED) By fighting against the collection of warrantless location information, Verizon bucks a trend of telecom cooperation with the feds.
When government hides decisions behind software (WIRED) Agencies decline to release information about algorithms used for criminal justice, social welfare, and education.
The Daily Stormer Is Getting Sued for Fabricating a Comedian’s Tweets (Motherboard) Dean Obeidallah, a radio host, comedian, and Daily Beast contributor, is suing the neo-Nazi site for framing him as the perpetrator of the Manchester bombing.
Lawyers clash over an imaged hard drive as Waymo v. Uber hurtles toward trial (Ars Technica) "He was ordered to come clean and did not come clean."
IT Insider Helped Alleged $5m Insider Trading Scheme (Infosecurity Magazine) IT Insider Helped Alleged $5m Insider Trading Scheme. DoJ charges five after bank’s tech consultant pleaded guilty
Secret Service Man Admits Laundering More Stolen Bitcoin (Infosecurity Magazine) Secret Service Man Admits Laundering More Stolen Bitcoin. Shaun Bridges highlights the continued dangers posed by malicious insiders
Negotiating Licenxe and Services Agreements: Part 1 – Limitation of Liability Clauses (Galkin Law) The ins and outs of negotiating a limitation of liability clause for license and services agreements.