Las Vegas: the latest from Black Hat, Defcon, and BSides
Cyber defenders have a message that US policymakers should hear (Washington Examiner) 'Our community has a responsibility to the people of the world that goes beyond traditional facets of information security.'
Black Hat USA 2017 Preview (Threatpost) Mike Mimoso and Tom Spring preview Black Hat, which starts tomorrow in Las Vegas.
Black Hat, DefCon 2017 Security Conferences to Reveal New Threats (eWEEK) The annual week of security conferences in Las Vegas gets underway as security researchers prepare to details all manner of vulnerabilities.
Windows SMB Zero Day to Be Disclosed During DEF CON (Threatpost) Microsoft has said it will not patch a two-decade-old Windows SMB vulnerability, called SMBloris because it behaves comparably to the Slowloris attacks. The flaw will be disclosed and demonstrated …
Novel Attack Tricks Servers to Cache, Expose Personal Data (Threatpost) Researchers have a devised a way to trick a web server into caching pages and exposing personal data to attackers.
Academia’s Role in Security Skills Gap Examined (Threatpost) At Black Hat, two RIT professors are expected to deliver a talk about the professional skills gap in security and how academic programs are falling short.
Preparing for the future of security requires focusing on defense and diversity (Facebook) Today I’m honored to be keynoting the Black Hat USA conference in Las Vegas, which is celebrating its 20th year of bringing together security researchers and industry.
Facebook Offers $1 Million for New Security Defenses (Dark Reading) The social media giant has increased the size of its Internet Defense Prize program in order to spur more research into ways to defend users against the more prevalent and common methods of attack.
With Global Cyber Attacks On the Rise, Zenedge Says Artificial Intelligence Holds the Answer (Zenedge) Zenedge believes that businesses of all sizes must invest in cloud-based security with a strong foundation in automation, leveraging artificial intelligence and machine learning to dynamically create and manage security postures, identify threats and mitigate attacks.
Raytheon enhances cyber threat hunting with CyberSponse automation tools (PRNewswire) Raytheon Company will integrate the CyberSponse security platform to...
AlienVault OTX Community Growth Spurs Threat Intelligence Sharing and Rapid Detection and Response (Marketwired) Collaboration between 65,000 global participants now enhanced by Groups and Adversary Pages; Support for STIX, TAXII, and YARA included in latest release
Intertrust to Showcase Comprehensive Suite of Security Products and Services at Black Hat USA 2017 (BusinessWire) Intertrust Technologies Corporation invites all Black Hat 2017 attendees to visit its booth at Black Hat 2017 in Las Vegas, July 26-27. In what has be
Cyber Attacks, Threats, and Vulnerabilities
Hackers' Own Tools Are Full of Vulnerabilities (Motherboard) The flaws could allow a hacking victim to strike back, and perhaps learn who else the attacker is targeting, or clues on who exactly the hackers are.
Report: North Korean Cyber Attacks Launched from Other Countries (Infosecurity Magazine) Report: North Korean Cyber Attacks Launched from Other Countries. India and China prime candidates, according to Recorded Future
North Korea’s Ruling Elite Are Not Isolated (Recorded Future) Our in-depth analysis of North Korean internet activity reveals an informed, modern, and technologically savvy ruling elite. Learn more.
North Korea's internet connections to China and India come under scrutiny (Cyberscoop) New analysis of recent North Korean internet traffic reveals that the reclusive regime is most likely carrying out its cyber-operations via the networks of other countries across Asia, Oceania and Africa.
North Korean web users enjoy Amazon, Facebook and YouTube, report claims (ComputerWeekly) Threat intelligence specialist Recorded Future claims that the North Korean elite are as plugged in to the worldwide web as any western citizen.
Iran-linked cyber spies use simple yet effective hacks: report (Reuters) A cyber spying group with links to Iran and active for the past four years is targeting countries including Israel, Saudi Arabia, Germany and the United States, security researchers said on Tuesday.
Iranian Cyber Espionage Group CopyKittens Successful, But Not Skilled (Dark Reading) Despite being only moderately skilled, CopyKittens has exfiltrated large volumes of data since at least 2013.
New details emerge on Fruitfly, a near-undetectable Mac backdoor (ZDNet) The malware went largely undetected for several years and is only detectable on a handful of security products, but the "fully featured" Mac backdoor can take control of an entire computer.
Cybercriminals Kept Botnet That Infected 500,000 Computers Hidden For Five Years (Forbes) You've read about the Mirai botnet and ransomware like WannaCry and Petya. Another piece of malware, dubbed Stantinko... not so much. That's because it managed to stealthily carry out its criminal mission for the past five years without attracting anyone's attention.
Malware Discovered That Can Control a Mac's Webcam and Keyboard, But It's Old and Possibly Abandoned (MacRumors) Earlier this year, researchers from security firm Malwarebytes discovered a piece of Mac malware called Fruitfly that reportedly spied on computers in medical research centers for years before being detected. Apple has since updated macOS to automatically detect the malware, safeguarding users.
FruitFly Mac malware - FBI investigating hundreds of infections, say researchers (Graham Cluley) The FBI is thought to be currently investigating hundreds of infections tied to the mysterious FruitFly family of Mac-based malware.
Banking Trojan Uses Mouse Movements to Distinguish Users From Virtual Machines (BleepingComputer) In July 2017, security researchers have spotted a new version of the proficient Ursnif banking trojan that comes with a clever trick to avoid sandbox environments and automated virtual machines by using mouse movements to detect if a real user is interacting with the computer.
Netskope Threat Research Labs analysis of ongoing cloud-aware data theft attack (Netskope) Netskope Threat Research Labs has become aware of an ongoing data theft attack. The attack begins as an email attachment and results in the installation of banking and credential theft malware,...
EVERY app offered by alternative Android app market redirected to malware (Graham Cluley) Remember to never ever agree to download Adobe Flash Player onto your Android phone.
Rapid Revision: New CryptoMix Strains Picking Up Speed (Security Intelligence) New variants of CryptoMix malware are quickly making the rounds, holding files ransom and demanding victims fork over the bitcoin.
Malspam pushing Emotet malware (SANS Internet Storm Center) On Tuesday 2017-07-25, we were contacted by a reader through our contact page. He sent us a Microsoft Word document, and he included the following message:
Don't Click on These New Fake Replies From 'Customer Service Departments' (Inc.com) A new phishing variant looks like responses to requests for information.
Social engineering and ransomware: analysis and opinions (WeLiveSecurity) ESET's David Harley assesses social engineering techniques and their varying success rates on getting victims to pay the ransom.
The Phisher Kings (Cylance) It’s unanimous: the Phisher Kings are alive and well. Industry threat and intelligence reports reveal that time and again, you, your employees, your customers and your friends and family are all potential targets. We take a look at some of the latest reports, and discuss how to mitigate this threat.
Three Telltale Signs a Hacker Has Been in Your Account (Imperva) Attackers don't always clean up after themselves. Learn about attacker practices and three telltale signs that indicate a hacker has been in your account.
Malware programme can cost as little as US$7, says report (Software Testing News) According to a new report from Proofpoint, using malware to steal important user credentials on the web can cost as little as US$7 when using the malware stealing programme, Ovidy Stealer.
Watch Security Researcher As She Hacks ATM by Drilling a Hole (HackRead) ATMs (automated teller machines) have remained a preferred target of hackers around the world. Last year, ATMs in over a dozen locations across Europe were
Unicredit Reveals Double Breaches Affecting 400,000 Users (Infosecurity Magazine) Around 400,000 Italian bank accounts have been accessed in one of Europe’s largest data breaches.
Over 100,000 IDs from Edinburgh up for sale on the dark web (International Business Times UK) Email IDs, passwords and credit card information made available in identity trading scam.
Cyber Attack Costs Weigh on Reckitt Revenue Forecast (New York Times) Reckitt Benckiser Group expects muted sales growth this year, after last month's global cyber attack exacerbated ongoing difficulties at the British consumer goods firm.
Shipping disruption and high air freight rates give sea-air operators a boost (Loadstar) The sea-air sector is enjoying a healthy resurgence, as high air freight rates, disruptions in sea freight and new pricing transparency have combined to make multimodal transport more attractive.
UK organisations brace for another WannaCry type event (Enterprise Times) A recent Clearswift survey shows that post WannaCry users are more aware of cyber security with increasing numbers wanting to learn more
Security Patches, Mitigations, and Software Updates
Adobe to pull plug on Flash, ending an era (CRN Australia) Technology to be retired at the end of 2020.
Cyber Trends
Accenture Security Report Identifies Top Cyber Threats of 2017 (BusinessWire) A new report from iDefense, part of Accenture Security, reveals how threat actors are continuing to evolve their ability to avoid detection.
Expected cyber threats over the next six months (Help Net Security) The 2017 Cyber Threatscape Report examines key trends during the first half of 2017 and explores how cyber incidents may evolve over the next six months.
Over 2,200 Data Breaches Disclosed So Far In 2017, Exposing Over Six Billion Records (Risk Based Security) The pace of data breach disclosures remains steady compared to the prior two years while the number of records exposed jumps to a record high.
Why does it still take six months for a company to spot a hack? (NBC News) Data breaches jumped by 29 percent in the first half of 2017, with 12 million records exposed, including medical files and Social Security numbers.
GDPR and big data - friends or foes? (Computing) Is the GDPR a guiding light to the benefits of big data, or its death knell?
State of Application Security: Libraries (Contrast Security) Read analytics gathered from within 1,668 running applications which included 3,815 different open source libraries, frameworks, and modules.
Consumers Want Better IoT Security Built in From the Start (Infosecurity Magazine) Consumers Want Better IoT Security Built in From the Start. Irdeto survey reveals global consumers are well aware of the risks
Robert Herjavec: We are in the midst of a Cyber Cold War (City A.M.) Never has a flute of champagne been thrust into my hand as I arrived for an interview, until today.
Marketplace
New cyber security consortium leads to open data, security platform for companies (Financial Post) Palo Alto Networks and other members share threat information and will produce playbooks that describe malware campaigns in detail to help address them
SiteLock Extends Web Security Leadership with Acquisition of Patchman (PRNewswire) SiteLock, a global leader in business website security solutions,...
Security acquisitions high on the agenda for SolarWinds MSP (ARN) SolarWinds MSP is on the lookout to acquire businesses with a stronghold in the security space, following its increased focus into this vertical.
Cybersecurity Pioneer Bricata Raises $8 Million in Series A Led by Edison Partners (Bricata) Growth equity investment will accelerate the business plan on the heels of momentum stemming from a new product release and additions to the management team
3 Important Backstories Behind the Bricata Series A Funding (Bricata) Today our company announced a Series A funding round led by Edison Partners. The funding is clearly a major milestone for the company and has a meaningful impact for our customers. However, it’s important to note there are key aspects here besides just the money.
Tenable Network Security boasts of $50M billed in second quarter (Maryland Daily Record) Tenable Network Security Inc., a cybersecurity firm in Columbia, announced record second-quarter results on Monday. Tenable had more than $50 million in billings, representing more than 50 percent …
Why investors are betting on this cybersecurity stock (CBS News) As cyber attacks surge, Wall Street sees opportunities for Symantec and its growing business, government and consumer markets
Army adds three to electronic security systems contract (Washington Technology) The Army adds three companies to a five-year, $270 million contract for electronic security systems upon the dismissal of their protests.
ELTA North America is opening a cybersecurity center in Maryland (Baltimore Business Journal) Howard County manufacturing firm ELTA North America has selected Maryland as the home for its new Cyber Innovation Center, Gov. Larry Hogan announced Tuesday.
LightEdge Opens Its Expanded Data Center Campus in Altoona (PRWeb) Partnering with Ball Team and Schneider Electric, LightEdge expansion spans 48,000 square feet
PwC IT service head Matt Chamley jumps to VMware (CRN Australia) Matt Chamley jumps to the vendor side.
BrainChip Adds Thomas Stengel as Vice President of Americas Business Development :: BrainChip Holdings Ltd. (BrainChip Holdings Ltd.) Leadership team in place to drive sales of new AI-based BrainChip studio video analytic solutions
HyTrust Fuels Government Market Growth Hires Wayne Lewandowski as GM/SVP and Expands Federal Advisory Board (Marketwired) Government business will be led by proven executive and HyTrust federal advisory board expanded with three new members
Products, Services, and Solutions
Oxygen Forensics discovers method to extract data from locked Motorola devices (Oxygen Forensics) Oxygen Forensics, a worldwide developer and provider of advanced forensic data examination tools for mobile devices and cloud services, released version 9.4.2 of its flagship Oxygen Forensic® Detective product today and is the first forensics company to give forensic professionals the added functionality of extracting data from locked Motorola devices.
CrowdStrike Launches the Fastest and Largest Cybersecurity Search Engine - (CrowdStrike) New CrowdStrike Falcon® Search Engine empowers next-gen Security Operation Centers to search in real-time on the world’s fastest and most comprehensive security platform SUNNYVALE, Calif., July 25, 2017 – CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced that…
Electric Cooperative Saves 50 Hours Every Week on Security Monitoring (Netwrix) Netwrix Auditor enables Guadalupe Valley Electric Cooperative to improve the security of its critical IT infrastructure
Neustar Introduces New Integrated Security Platform (BusinessWire) Neustar, Inc. (NYSE: NSR), a trusted, neutral provider of real-time information services, today introduced its new Integrated Security Platform, conti
Solarflare Opens Market for 10 Million Firewalls Per Year with World's First NIC-Based Hardware Server Firewall (BusinessWire) Solarflare Opens Market for 10 Million Firewalls Per Year with World’s First NIC-Based Hardware Server Firewall
Trivalent Announces Trivalent Protect™ with Ransomware Protection (Trivalent) Unique, data-centric solution receives new upgrades that put organizations in control of their information by securing enterprise data from ongoing ransomware attacks The leading provider of next generation data protection, Trivalent, announces the addition of ransomware protection to Trivalent Protect™. As the first and only solution to receive Commercial Solutions for Classified (CSfC) approval forRead more
DarkLight Offers First of its Kind Artificial Intelligence to Enhance Cybersecurity Defenses (BusinessWire) Champion Technology Company, Inc., developer of DarkLight, an AI expert system for active cyber defense and trusted information sharing, today release
Webroot launches certification programme for SecureAnywhere partners (Channel Pro) Partners can become certified as professionals or technicians
Lieberman Software Teams with VeriClouds to Prevent End-Users from Logging On with Known Compromised Credentials (Marketwired) Technology integration prohibits compromised users from accessing sensitive systems
Skyport Announces Self-Service Security Policy Capabilities Delivering the Industry’s First Agile, DevOps Friendly Perimeter for the Hybrid Enterprise (BusinessWire) Skyport Systems, a leading secure hyperconverged infrastructure provider for the hybrid enterprise, announced today at the Black Hat USA 2017 conferen
RiskIQ Reveals Digital Footprint Snapshot – On-Demand, Cost-Effective External Asset Intelligence Report (GlobeNewswire News Room) RiskIQ, the leader in digital threat management, today unveiled RiskIQ Digital Footprint Snapshot, which provides organizations with an automated, on-demand intelligence report of their internet-facing digital assets.
Cog Systems and Silent Circle Team Up to Bring Trusted Mobile Communications to the World's Most Secure Device (PRNewswire) Cog Systems and Silent Circle have teamed up to provide in-depth defense...
IBM X-Force Red Launches IoT and Connected Car Security Services (eWEEK) On its one-year anniversary, IBM's elite security testing team adds new services to help organizations improve car and IoT security.
Security a Must for Auto GbE Switch (EETimes) Bringing popular Ethernet technology to cars seems like a natural progression. But here's why in the auto world, a regular GbE switch won't work, and even 1000BASE-T1 might not cut it for autonomous cars.
Qualys helps developers to build cloud visibility apps with CloudView (Computing) CloudView provides infrastructure visibility from cloud providers like AWS and Microsoft
Paragon UFSD for Nucleus (Paragon Software Group) Tackles Incompatibility Problems on Embedded Devices, Creating New Opportunities for Device Manufacturers
New JASK Trident Platform Dramatically Increases Operational Efficiency to Give Security Teams Crucial Response Speed and Agility (Marketwired) Artificial intelligence-enabled platform leverages predictive capabilities for detection, triage and investigation of cybersecurity threats
Russia’s Kaspersky Lab launches free antivirus software globally (Reuters) Moscow-based Kaspersky Lab on Tuesday announced it was rolling out a free version of its antivirus software across the globe, a product launch that comes amid mounting suspicion in the United States that the cyber firm is vulnerable to Russian government influence.
Lacework's Partnerships and Integrations Establish Foundation of New Cloud Security Stack (Business Insider) Lacework™, the industry's first zero-touch cloud security solution, today announced a range of partnerships across the security and cloud ecosystems as critical building blocks of a security stack natively adapted to cloud deployments in Amazon Web Services (AWS), Microsoft Azure and private clouds.
Latin America and Caribbean to Receive First Complete Software Solution to Protect Mobile and IoT Devices (Marketwired) YellowPepper and MagicCube announce partnership to offer unprecedented security to protect token-based payment service deployments from advanced threats
Technologies, Techniques, and Standards
'Jump boxes' and SAWs improve security, if you set them up right (CSO Online) The concept of a traditional “jump box”, a secure computer that all admins first connect to before launching any administrative task or use as an origination point to connect to other servers, has morphed into an even more comprehensive and locked-down “secure admin workstation” (or SAW). You should be using one or both, and if you’re not, you need to get busy.
Disrupting the Disruptors, Art or Science? (McAfee) Understanding the role of threat hunters and continuing evolution of the SOC in cybersecurity
Red team versus blue team: How to run an effective simulation (CSO Online) Playing the role of an attacker can make your team better at defense. Learn how in our step-by-step guide to war gaming your security infrastructure — from involving the right people to weighing a hypothetical vs. live event.
Design and Innovation
'As a service' model will create an accessible and future proof Internet of Things (Computing) Nick Sacke, head of products and IoT at Comms365, believes that the IoT is on the cusp of mass deployment, as organisations leverage low power wide area networking (LPWAN) and new IoT as a Service deployment models to achieve fast, low risk and low cost innovation
Mark Zuckerberg criticises Elon Musk for 'irresponsible' warnings over AI (Computing) But Elon Musk hits back suggesting that Zuckerberg 'has limited understanding of AI',Big Data and Analytics
Zuckerberg and Musk are both wrong about AI (Ars Technica) During an impromptu Facebook Live interview, Zuck said there’s no doomsday coming.
Keep forgetting your ID card? US company offers RFID chip implants to staff instead (Computing) Welcome to the future of work!
Academia
Two Schools Join to Educate More Cyber-Security Professionals (Iowa Public Radio) Iowa State University and Des Moines Area Community College are joining together to create what they call the Iowa Cyber Hub. Its aim is to increase the
Leidos Named Sponsor of University of Cambridge’s Cross-Nation Cyber Competition - GovCon Wire (GovCon Wire) Leidos (NYSE: LDOS) will serve as sponsor of the University of Ca
UK gov wants teens to practice cybersecurity in their spare time (WIRED UK) Teenagers are being encouraged to apply for the scheme where they'll learn through 'games, challenges, and projects'
Students asked to compete as 'cyber protection agents' (Delaware Online) Delaware students are being asked to take part in a competition designed by the SANS Institute to test their aptitude for keeping the internet safe.
Legislation, Policy, and Regulation
NATO Cyber Defence Centre names new director (Fifth Domain) Merle Maigre will assume the role of NATO Cooperative Cyber Defence Centre of Excellence director on Sept. 1, taking over from Sven Sakkov.
U.S. treads water on cyber policy as destructive attacks mount (Reuters) The Trump administration's refusal to publicly accuse Russia and others in a wave of politically motivated hacking attacks is creating a policy vacuum that security experts fear will encourage more cyber warfare.
China Toys With an Internet Lockdown (Wall Street Journal) China deploys a fierce array of censorship tools and methods to maintain its Great Firewall, but there has been one crack: the virtual private network, which allows connections to servers outside the country. Now that is in doubt.
Steptoe Cyberlaw Podcast: Governments to Internet: STFU (Lawfare) This week's podcast covers the Russia sanctions bill, radio silence from Silicon Valley on 702 renewal, and an interview with Dave Aitel.
Despite all the fake news, ODI chief Sir Nigel Shadbolt remains 'resolutely optimistic about the emancipating power of good data' (Computing) The UK needs to treat data as infrastructure in the same way as roads and the power grid
Lessons from Europe’s Fight Against Russian Disinformation (The New Yorker) For years, European nations have struggled to block fake news. Their solution: treat the media like an oil pipeline.
Spies in the age of social media: Ex-CIA experts reveal challenges of modern espionage (International Business Times UK) Technology has changed the game as social media could hinder espionage work.
Here's how DoD organizes its cyber warriors (Fifth Domain) This is part one of a series exploring the differences between military cyber forces, capabilities, mission sets and needs.
Is an intel community reorg in the works? (C4ISRNET) The intelligence community is in the middle of a “significant transformation process,” according to the IC’s top official.
3 priorities for Army’s cyber/EW aviation concept of operation (Fifth Domain) The Army is looking to upgrade its aviation training incorporating cyber and electronic warfare.
Bill to create new cyber agency at DHS to be introduced this week (FederalNewsRadio.com) In today's Federal Newscast, Representative Michael McCaul (R-TX) is set to introduce legislation this week which would reshuffle DHS.
Repealing Net Neutrality is Easy. Replacing It Will Be Hard (WIRED) The next fight over the future of the open internet will fall to the U.S. Congress.
Oh Shit, the SEC Just Ruled That Ethereum ICO Tokens Are Securities (Motherboard) Some ICOs must be registered or they’re unlawful.
Litigation, Investigation, and Law Enforcement
Surveillance: German police ready to hack WhatsApp messages (Deutsche Welle) Germany's security forces will have the technology to install surveillance software on cellphones before the end of the year, a leaked document shows. Police plan to use private firms to skirt legal dilemmas.
Swedish cyber security slip-up 'a complete failure': PM Stefan Löfven (The Local (Sweden)) Sweden's Prime Minister Stefan Löfven has commented for the first time on a cyber security slip-up that made top secret police databases available to foreign IT workers.
Newly declassified memos detail extent of improper Obama-era NSA spying (TheHill) The memos reviewed by The Hill were publicly released on July 11 through Freedom of Information Act litigation by the American Civil Liberties Union.
Seven Observations About Jared Kushner’s Statement (Foreign Policy) The president’s son-in-law apparently thinks he’s pretty safe from investigators. But he threw Don Jr. under the bus.
Tech Firms Target Domains Used by Russia-linked Threat Group (Security Week) Tech companies ThreatConnect and Microsoft are moving toward exposing and taking down domains associated with Russia-linked threat group known as Fancy Bear.
FOI Report: UK Cops Investigate Over 700 Cases of Data Misuse (Infosecurity Magazine) FOI Report: UK Cops Investigate Over 700 Cases of Data Misuse.
NanoCore RAT creator pleads guilty (Help Net Security) Huddleston developed, marketed, and distributed two products popular with cybercriminals around the world. One of those is the NanoCore RAT.
How a Citadel Trojan Developer Got Busted (KrebsOnSecurity) A U.S. District Court judge in Atlanta last week handed a five year prison sentence to Mark Vartanyan, a Russian hacker who helped develop and sell the once infamous and widespread Citadel banking trojan. This fact has been reported by countless media outlets, but far less well known is the fascinating backstory about how Vartanyan got caught.
Officials arrest suspect in $4 billion Bitcoin money laundering scheme (Ars Technica) Bitcoin's decentralized architecture makes it popular with criminal groups.