Cyber Attacks, Threats, and Vulnerabilities
A Brief Tour of Russia's Infrastructure Hacking Teams (WIRED) Which of Russia's hacking groups is targeting American energy utilities?
The Big Dark: Motive, not Means, is what holds back a Crippling Grid Hack (The Security Ledger) In-brief: A crippling cyber attack that could damage and destroy equipment needed to keep the lights on in major US cities is already possible. The only thing that’s lacking is a motive to ca…
Cybersecurity expert fights for realism (TheHill) Robert M. Lee thinks we should start taking infrastructure cybersecurity seriously.
Industrial Cybersecurity Explosion (Automation World) The prevalence of malware impacting manufacturers is getting increasingly difficult to downplay or ignore.
Firms that didn’t patch and enabled local admin rights continue to suffer post cyber-attack (Bitdefender Business Insights) Firms that didn’t patch and enabled local admin rights continue to suffer post cyber-attack
Threat spotlight: Petya-like ransomware is a nasty wiper (Cylance) Since being released on June 27th, the Cylance Threat Guidance team have been analyzing the Petya-like ransomware that was highly effective in targeting organizations around the world.
WannaCry About NotPetya? (Recorded Future) In this episode, we’ll talk about what the WannaCry and NotPetya attacks mean for the future — do they represent harbingers of the “big one” we all fear?
Cyber attacks on S. Korean military, ATMs connected: Kaspersky Lab (India.com) The cyberespionage attack on South Korea's defence agency and the malware that stole data from over 2,000 financial cards by compromising 60 ATMs in the country were connected, Russian cybersecurity firm Kaspersky Lab said on Tuesday.
Preempt Uncovers Vulnerabilities in Microsoft Windows’ NTLM Security Protocol (Preempt) Preempt, pioneer of the industry’s first behavioral firewall, today announced its research team has uncovered two vulnerabilities within the Microsoft Windows NT LAN Manager (NTLM) security protocols.
New LDAP & RDP Relay Vulnerabilities in NTLM (Preempt Blog) Preempt researchers discovered two vulnerabilities with NTLM security protocols These vulnerabilities can result in domain compromise, credential compromise and risk of password cracking
Is Baghdadi Dead? For ISIS, it May Not Matter (US News and World Report) Renewed Russian claims that it killed the elusive leader face skepticism from the U.S. and scrutiny among analysts.
What Comes After ISIS? (Foreign Policy) The jihadi group's defeat in Mosul and Raqqa is about to usher in a new era — and new conflicts — across the Middle East.
More than 100m records potentially lost in huge telecoms breach (Naked Security) India’s newest telecoms provider denies that subscriber records posted online were authentic, but users claim the data is real
MTN: Our employees weren't involved in fraudulent transactions (TheCable) Telecommunications giant MTN has denied the reports that some of its employees were involved in a syndicated crime resulting in fraudulent bank transactions
Fintech Cyber Security: The Hidden Risks of Digital Financial Services (Chipin Crowdfunding) These fast technology adopters are disrupting traditional financial services and their delivery. Circumventing regulation is part of their cost advantage
Cyber Weapon of War That Fits in Your Pocket (Recorded Future) Katyusha Scanner allows criminals to initiate large-scale penetration attacks against a massive number of targeted websites using only their smartphones.
3 New Ways That Criminals Are Making Money Off Your Stolen Data (Inc.com) Faked DocuSign emails and credential stuffing are among the variety of new attacks.
How Magecart attackers monetize stolen payment card info (Help Net Security) The Magecart campaign is still going strong, and researchers have pinpointed another way threat actors behind it monetize stolen payment card info.
Two-factor via your mobile phone – should you stop using it? (Naked Security) Although SIM cards themselves are very secure, it’s annoyingly easy for a crook to get hold of one for your number
Breach Transparency Kudos to Hacked Kiosk Maker (BankInfo Security) Kudos to the breached business - in this case, kiosk manufacturer Avanti Markets - that quickly alerts victims and gives them actionable information for protecting themselves. Unfortunately, not all breached businesses are so forthright...
Trump Hotels customers hit by credit-card stealing hackers. Again. (HOTforSecurity) Donald Trump may know more about hacking than he's letting on. That's because it has been revealed that the US president's family-run hotel business has once again been hit by hackers...
Pranksters keep hacking UK radio station to play 'I'm a w**ker' comedy song (International Business Times UK) 'It might be increasing our audience,' said radio boss as hacker takes over broadcasts.
Security Patches, Mitigations, and Software Updates
Adobe, Microsoft Push Critical Security Fixes (KrebsOnSecurity) It’s Patch Tuesday, again. That is, if you run Microsoft Windows or Adobe products. Microsoft issued a dozen patch bundles to fix at least 54 security flaws in Windows and associated software. Separately, Adobe’s got a new version of its Flash Player available that addresses at least three vulnerabilities.
Microsoft Addresses NTLM Bugs That Facilitate Credential Relay Attacks (Threatpost) Microsoft today addressed two NTLM-related vulnerabilities privately disclosed by Preempt Security. The flaws allow for credential relay attacks.
Adobe Fixes Six Vulnerabilities in Flash, Connect with July Update (Threatpost) Adobe only fixed six vulnerabilities in two products, making it the company’s smallest security bulletin of the year.
Microsoft's July Patch Tuesday Fixes 55 Security Issues (BleepingComputer) Microsoft has released updates today for the Windows 10 operating system, as well as for other of the company's products, updates that fix 55 security issues ranging from remote code execution to simple spoofing attacks.
Vulnerabilities Expose Oracle OAM 10g to Remote Session Hijacking (Threatpost) Version 10g of Oracle Access Manager suffers from vulnerabilities that could allow an attacker to hijack sessions.
Cyber Trends
IT Leaders Still Believe Perimeter Security Will Keep Hackers Out (Infosecurity Magazine) IT Leaders Still Believe Perimeter Security Will Keep Hackers Out. Gemalto reveals “head-in-the-sand” remains a favorite posture for many
Gemalto releases findings of 2016 Breach Level Index (Gemalto) Almost 1.4 billion data records compromised in 2016 as hackers targeted large-scale databases across industries
It’s here: The 2017 WhiteHat Security Application Security Statistics Report (WhiteHat Security) WhiteHat's Annual Application Security Statistics Report provides valuable insights and recommendations on how to secure the apps that drive your business.
Attack Detection in the Expanding Digital Enterprise (CyberadAPT) The need for speed: faster detection requires a new type of platform.
Event-driven architecture to become essential skill (Help Net Security) Event-driven architecture (EDA) is a key technology approach to delivering on the growth agenda that many CEOs see as their highest business priority.
Kaspersky Lab Survey: One-in-Four Hide Cybersecurity Incidents From Their Employers (BusinessWire) Kaspersky Lab announced a new report from Kaspersky Lab and B2B International, "Human Factor in IT Security: How Employees are Making Businesses...
Industrial firms billed $500,000 a year from cyber breaches (The National) Kaspersky Labs' new report shows more than half industrial firms faced up to five cyber attacks over 12 months
ESG Research Highlights Growing Cybersecurity Operational Challenges Despite Increase in Spending (BusinessWire) ThreatQuotient™ today unveiled research results from Enterprise Strategy Group’s (ESG) 2017 Next-Generation Analytics and Operations Study
Hospitals Brace for Cyber Attack (Handelsblatt Global Edition) Two out of three German hospitals have already been the victims of cyber crime, according to a new study.
UK organisations risk penalties by ignoring upcoming GDPR (Computing) Research by Sharp suggests that almost one quarter of employees store data in public cloud services without permission
UK's SMEs aren't considering the aftermath of cyber-attacks (IT Pro Portal) Securing work operations is all well and good, but what if security measures fail?
Marketplace
Edgewise Networks Emerges from Stealth to Protect Where Firewalls Fail with Introduction of Trusted Application Networking (BusinessWire) Edgewise Networks, the first provider of Trusted Application Networking to secure the modern data center and cloud, emerges today from stealth.
Launch Announcement (Edgewise) Welcome to Edgewise Networks! A message from our founders.
Lastline Secures $28.5M in Latest Funding Round Led by Thomvest Ventures (BusinessWire) Lastline, Inc., the leader in advanced malware protection, today announced it has secured $28.5 million in its latest round of funding led by Thomvest
()
11 Ways Palo Alto Networks Is Changing The Game For Partners (CRN) Ron Myers, senior vice president of worldwide channels, and Karl Soderlund, newly appointed vice president, Americas channels, speak with CRN about helping partners win in competitive situations and the 'temendous opportunity' for partner-led services.
Better Buy: Palo Alto Networks Inc. vs. FireEye (The Motley Fool) Both data security upstarts are in the midst of sweeping changes, and their recent share-price performance doesn't tell the whole story.
3 Growth Stocks for Shrewd Investors (The Motley Fool) Thinking outside the box can pay big dividends for shrewd investors willing and able to look past the fanfare for hidden gems.
This Computer Security Firm Scored More Funding and Data Security Smarts (Fortune) Data Gravity had cool tech, not enough revenue.
CrowdStrike Helped Trace The DNC Hack To Russia -- Now Business Is Booming (Forbes) When the Democratic National Committee suspected it had suffered a cyberattack in 2016, it turned to George Kurtz to figure out what went wrong. Kurtz and his firm, CrowdStrike, examined the DNC's networks and discovered that the organization had fallen victim to hackers affiliated with the Russian government.
Chubb creates global cyber unit under Bill Stewart (Insurance Insider) Chubb is setting up a standalone cyber division under commercial cyber risk specialist Bill Stewart, who will lead its global practice in the segment across property and casualty (P&C) lines.
Cyxtera Appoints Brigadier General Greg Touhill as President of Newly Formed Federal Division (PRNewswire) Cyxtera Technologies, the secure infrastructure company, today...
Leading Cyber Security Software Architect, Bill Easton, Joins Verve Industrial Protection as Chief Technical Officer (PRNewswire) Verve Industrial Protection is pleased to announce the...
Microsoft CIO Jim DuBois leaves as the company restructures (Computing) DuBois rose up through the ranks at Microsoft over more than two decades
Arxan Strengthens Executive Team with New CFO and SVP of Global Customer Success (Arxan) Industry veterans join leader in application protection solutions to support record-breaking growth as it surpasses protecting over 1 billion apps San Francisco, CA – July 11, 2017 – Arxan Technologies, the trusted leader for application protection solutions, today announced the appointment of Dick Davidson as CFO and Dennis Reno as SVP of global customer success. Following... Read more »
Imperva Shifts Executive Technical Bench with Creation of Chief Scientist Position (BusinessWire) Imperva chief product strategist, Terry Ray, named chief technology officer (CTO) and former CTO, Amichai Shulman named chief scientist
Bitglass Names Senior Product and Marketing Executive Rich Campagna Next CEO (Marketwired) Cybersecurity standout builds on success with new leadership
Products, Services, and Solutions
Group-IB and EclecticIQ partner to deliver top-quality cyber threat intelligence on Russian-language hackers (EclecticIQ) Group-IB, a global leader in high-grade threat intelligence and best-in-class anti-fraud solutions, and EclecticIQ, the leading vendor of products and services dedicated to augmenting threat analysts’ capabilities, today announced a partnership to integrate Group-IB’s unique data on Russian-language hackers into EclecticIQ Platform.
Core Security Introduces New Flexible Pricing for Core Impact (Core Security) Core Security, a leader in Vulnerability, Access Risk Management...
Webroot Announces General Availability (Webroot) Advanced machine learning-based technology detects zero-day, polymorphic, and highly targeted malware...
Cymulate Helps Businesses Strengthen Cyber Defenses with New Breach and Attack Simulation Technology for Security System Testing (KEYC News 12) New launch exposes hidden vulnerabilities, assesses readiness to fight cyber attacks
Arxan Now Protecting More Than 1 Billion Apps (Arxan) Corporate growth driven by enterprise solutions, executive hires, product innovation and industry recognition San Francisco, CA – July 11, 2017 – Arxan Technologies, the trusted leader for application protection solutions, today announced milestones from the first half of 2017, illustrating exceptional growth and leadership in the mobile application security market. Through accelerated product innovation and... Read more »
Marubeni IT Solutions Selects Secdo's Incident Response Solution (PRNewswire) Secdo, provider of automated incident response solutions announced today that...
FairWarning® Announces Record Growth of Cloud Security Offering (PRNewswire) FairWarning® announced today that the company's cloud security...
Zentera Systems to Showcase CoIP Cloud-Ready Enclave at IoT Evolution Expo 2017 (PRNewswire) Zentera Systems, Inc., the leader in infrastructure security for the...
New Forcepoint Cloud Security, NGFW and Cross Domain Solutions Enhance Government IT Modernization and Security Capabilities (PRNewswire) Global cybersecurity leader Forcepoint today announced new enhancements...
KnectIQ and U of IL Enter Agreement to Enhance Marketplace Cybersecurity (PRWeb) KnectIQ's next generation secure authentication technology creates "Trusted Environments" by protecting computing devices and the Internet of Things.
ISO Launches Cyber Insurance Program with Enhanced Rating and Coverage Options (NASDAQ) ISO has launched a cyber insurance program with enhanced rating variables and coverage options designed to help insurers respond to the rapidly changing world of cyber risk. ISO is a Verisk Analytics (Nasdaq:VRSK) business.
Tanium Improves EDR With Threat Response Security Platform (eWEEK) Tanium updates its endpoint detection and response capabilities with a new offering that combines multiple security features to help rapidly find and deal with issues.
Akamai Delivers Cloud-Based Security, Powered by Smart Algorithms, To Thwart DNS, Malware Attacks (Integration Developer News) Akamai Technologies, well known for high-performance content delivery over the Internet, is leveraging that knowledge to deliver a high-impact security service from the cloud. IDN talks with Akamai’s Frank Childs to learn how its Enterprise Threat Protector thwarts DNS, malware and bot attacks.
Bitdefender unveils 2018 edition of Total Security, Internet Security, Family Pack, Antivirus Plus (Windows Report - Windows 10 and Microsoft News, How-to Tips) BitDefender's latest suite of products aim at providing ransomware protection, malware protection and other security tools that will help users stay safe from both online and offline threats.
Zenedge and Internet2 Team up for DDoS Mitigation; Benefits Extended to Thousands of Institutions Across the U.S. Research and Education Community (PRNewswire) Zenedge, a leading provider of cloud-based, artificial intelligence...
Lieberman Software Helps Utilities Meet NERC Critical Infrastructure Protection (CIP) Standards (Marketwired) Lieberman RED Suite provides essential cybersecurity access controls and mitigations to help achieve NERC CIP compliance
Men & Mice xDNS Redundancy Revolutionizes DNS Management Across Multiple Service Provider Platforms (IT News Online) Men & Mice, experts in software overlay DNS, DHCP and IP Address Management (DDI), announces the release of Men & Mice xDNS Redundancy, a revolutionary approach to maintaining DNS high availability.
Technologies, Techniques, and Standards
Thom Langford Digs Into the Notion of Risk (Cylance) Security luminary Thom Langford digs into the notion of risk and its impact on the security decisions organizations have to make.
Piero DePaoli on Security Incident Preparedness (Cylance) Piero DePaoli discusses the virtues of having a plan in place to react once a negative security event has happened.
What will it take to improve the ICS patch process? (Help Net Security) Here are some ideas on how to evolve the ICS patch process to better match the real-world needs of Operational Technology organizations.
4 ways to protect your agency’s site from DDoS attacks [Commentary] (Fifth Domain | Cyber) DDoS attacks are important not because of their size. Rather, they are damaging due to the nature of the attack, which targets the underlying fabric of websites and ties up resources or pulls information from the database powering sites.
4 tips to make use of Wannacry in awareness programs (CSO Online) When security events make news, you can take advantage of the wake-up call — if you know what to do.
Design and Innovation
FDD and CPRI Research Blockchain For Supply Chain Protection (ETHNews.com) The Foundation for Defense of Democracies and The Cybersecurity Policy and Research Institute investigate blockchain solutions to supply chain problems.
Defending Borders with Blockchain: Former Cheney Advisor Calls for Action (CoinDesk) A new report from the Foundation for Defense of Democracies details how blockchain could be used to protect government supply chains.
Research and Development
Army rapid prototyping office wants EW, PNT solutions (C4ISRNET) Among a series of questions these EW solutions should be able to answer, the Army is interested if a potential solution can use machine learning and artificial intelligence to assist in understanding local electromagnetic spectrum usage and the performance of command and control of available EW assets.
AI will solve the challenge of unstructured data, says IBM (Computing) Text, images and voice are difficult for computers to process - but artificial intelligence is making contextual understanding a possibility
Academia
UCI Cybersecurity Policy & Research Institute Launches Initiatives to Combat Cyber Threats (Newswise) New initiatives from the Cybersecurity Policy & Research Institute at the University of California, Irvine will help combat one of our greatest security challenges: vulnerabilities and attacks in cyberspace.
Legislation, Policy, and Regulation
4 ways to protect your agency’s site from DDoS attacks [Commentary] (Fifth Domain | Cyber) DDoS attacks are important not because of their size. Rather, they are damaging due to the nature of the attack, which targets the underlying fabric of websites and ties up resources or pulls information from the database powering sites.
Trump and Putin's Meeting of the Minds (Foreign Affairs) Putin wants to win acceptance as a major player at the international table. And that's what Trump gave him at the G-20 summit.
US signs anti-terror agreement with Qatar (Dawn) The agreement is aimed to shore up Qatar's counter-terrorism efforts.
Net Neutrality Activists Launch Massive ‘Day of Action’ to Protest Trump’s FCC (Motherboard) An online show of force opposing the FCC’s plan to dismantle net neutrality protections.
IoT cybersecurity a hot topic for White House adviser (FCW) A White House cybersecurity adviser warns on the interconnected ecosystem of the internet of things.
Litigation, Investigation, and Law Enforcement
Kaspersky Lab Has Been Working With Russian Intelligence (Bloomberg.com) Emails show the software-security maker developed products for the FSB and accompanied agents on raids.
Kaspersky Lab response clarifying the inaccurate statements published in a Bloomberg Businessweek article on July 11, 2017 (Kaspersky Lab) “Regardless of how the facts are misconstrued to fit in with a hypothetical, false theory, Kaspersky Lab, and its executives, do not have inappropriate ties with any government. The company does regularly work with governments and law enforcement agencies around the world with the sole purpose of fighting cybercrime.
Kaspersky Lab denies leaked emails prove it worked with Russia's FSB (CSO Online) Bloomberg says leaked emails prove Kaspersky Lab has closer ties to Russia than the cybersecurity firm has acknowledged. Kaspersky claims that is not true.
Trump administration considering governmentwide ban on popular Russian software (ABC News) A final decision could be made in the coming days.
The Trump administration just fired back at Russia (Business Insider) The Trump administration is weighing whether to blacklist Kaspersky Labs, a popular Russian cybersecurity firm that may pose a threat.
US government backing away from Russia-based Kaspersky Labs (Fifth Domain | Cyber) The fate of Kaspersky Labs within the U.S. government appears to be in a death spiral as fresh reports seem to link the Russian cybersecurity company directly to Russian government intelligence and security agencies, a long founded claim disavowed by the company’s chief.
How Worried Should We Really Be About Security Firm Kaspersky Lab’s Ties to Russia? (Slate Magazine) It’s possible that Kaspersky is busy selling out all of its customers to the Russian government—but the evidence isn't there yet. At least not publicly.
Russian Hysteria Now Threatens to Undermine U.S. Cybersecurity (LifeZette) Now that hysterical anti-Trumpers have failed to prove collusion between Putin and the president, they are going after anything that breathes Russian air. Unfortunately, the crazed behavior has extended to include members of Congress.
Fake news could prove vexing in Mueller probe (POLITICO) The special counsel faces the challenge of showing Trump’s aides colluded with the Russia-linked Twitter bots and Facebook trolls.
Donald Trump Jr. Hires Lawyer and Pledges to Work With Congress (Wall Street Journal) President Donald Trump’s eldest son retained a private attorney on Monday and said he would work with congressional investigators who have sought his testimony as part of ongoing probes into whether the president’s campaign colluded with Moscow to influence the election.
Russian Dirt on Clinton? ‘I Love It,’ Donald Trump Jr. Said (New York Times) Email exchanges reviewed by The Times offer a detailed unspooling of how an eager Donald Trump Jr. came to meet with a Kremlin-connected lawyer.
Congressional Democrats say Donald Trump Jr.'s emails show collusion and treason (Washington Examiner) 'If this isn't treasonous, I'm not sure what is.'
In Donald Trump Jr.'s Emails, Intent Matters More Than Intel (WIRED) The conservative defense of Donald Trump Jr. misses the point.
The Wall Begins to Crumble: Notes on Collusion (Foreign Policy) Donald Trump Jr.’s meeting with a Russian lawyer is looking fishier and fishier.
China Breakthroughs: Cyber Space Court ushers in 'digital justice' (CCTV) A new era of justice is emerging. China's courts are transforming into a hub for hi-tech innovations while the nation faces an increasing number of internet-related cases entering the judicial system.
“Gates Procedures,” dating to 1992, Released For First Time, Govern Congressional Identity Information (IC on the Record) In carrying out their national security mission, Intelligence Community elements may, on occasion, incidentally acquire intelligence information concerning a Member of Congress or congressional staff such as when a surveillance target makes mention of a Member of Congress in a communication.
ATO will continue to use Cellebrite tools (ZDNet) The Australian Taxation Office has not stepped back from its use of phone cracking tools, saying it will continue to use Cellebrite forensic software.
FBI didn’t need warrant for stingray in attempted murder case, DOJ says (Ars Technica) Prosecutors: “signals emitted from a phone are… not by their nature private.”
Your gadget could save your life: smart device phones police (Naked Security) We write a lot about the privacy issues of connected things in your home – but one device might have saved lives
Owner of The Intercept assisting accused NSA leaker’s legal defense (Atlanta Journal Constitution) Owner of The Intercept assisting accused NSA leaker’s legal defense
Events that led to arrest of Army soldier on terrorism charges (Army Times) After years of red flags and reprimands by the U.S. Army, the FBI took an active-duty soldier into custody on terrorism charges over the weekend. The yearlong federal investigation that led to his arrest involved multiple undercover agents and confidential informants. Sgt. 1st Class Ikaika Kang made an initial appearance Monday in federal court.
Man Pleads Guilty to Manipulating Lottery Winning Tickets via Hacked Computer (BleepingComputer) Eddie Tipton, 54, admitted to creating malware in the form of a DLL file, which he loaded on the secure computers of the Multi-State Lottery Association (MSLA), a company that runs lotteries in 33 states, but also in the District of Columbia, Puerto Rico and the U.S. Virgin Islands.
Australian Man Arrested for Helping Group of Tech Support & Ransomware Operators (BleepingComputer) Australian police have arrested a man from the city of Mackay on allegations of laundering money for the operators of a tech support and ransomware scheme.