Cyber Attacks, Threats, and Vulnerabilities
HospitalGown Vulnerability Exposes Apps to Backend Server Risk (eWEEK) Appthority discovers a link between mobile applications and publicly accessible data stores that are leaving users and their data open to attack.
Vulnerability affecting 1,000+ apps is exposing terabytes of data (Help Net Security) A newly discovered backend data exposure vulnerability, dubbed HospitalGown, highlights the connection between mobile apps and insecure backend databases.
Hackers hosted tools on a Stanford University website for months (Help Net Security) Compromising legitimate websites and the web servers that store and deliver them is a time-honoured tactic of opportunistic hackers.
Defense contractor stored intelligence data in Amazon cloud unprotected [Updated] (Ars Technica) Booz Allen Hamilton engineer posted geospatial intelligence to Amazon S3 bucket.
US military data reportedly left on unsecured Amazon server (CNET) Defense contractor Booz Allen Hamilton is linked to an account that contained login credentials for other data repositories.
A Nation State-Looking Cyberattack that Wasn't (Dark Reading) Symantec researchers uncover a cybercrime campaign with all the hallmarks of a state-sponsored campaign that didn't even make much money for the attackers.
Symantec Security Response: Bachosens: Highly-skilled petty cyber-criminal with lofty ambitions targeting large organisations (Scoop Business) Eastern Europe based attacker’s advanced malware comparable with that used by nation-state actors, but basic missteps indicate a threat actor who is skilled but lacking in expertise
OneLogin suffers breach—customer data said to be exposed, decrypted (Ars Technica) Customer account-only support page warns of "ability to decrypt encrypted data."
OneLogin: Breach Exposed Ability to Decrypt Data (KrebsOnSecurity) OneLogin, an online service that lets users manage logins to sites and apps from a single platform, says it has suffered a security breach in which customer data was compromised, including the ability to decrypt encrypted data.
Perils Of Free WiFi: Google & Railwire’s Users Most Hit By WannaCry RansomWare; MP & Maharashtra Worst Hit States (Trak) The devastating outbreak of WannaCry ransomware across the globe this month has exposed a very crucial vulnerability in our security infrastructure, and if this is not taken care of early on, then hackers would be celebrating Christmas and Diwali every day they wish.
A recently discovered Linux flaw could be exploited by Sudo Users to gain Root Privileges (Security Affairs) Security researchers at Qualys Security have discovered a Linux Flaw that could be exploited to escalate privileges and overwrite any file on the filesystem.
Threat Actors Discuss Circumvention Techniques Against "Bank Drop" Detection (Flashpoint) One cybercriminal’s efforts to bypass security for a “bank drop” scheme show how adaptability and collaboration are integral to cybercrime.
PhishLabs investigating claims of a possible customer data dump (Cyberscoop) Cybersecurity startup PhishLabs has launched an investigation into a possible data breach, the company confirmed to CyberScoop on Wednesday.
Wolf in sheep’s clothing: a SophosLabs investigation into delivering malware via VBA (Naked Security) SophosLabs gets under the skin of the bad guys’ latest attempt to drop ransomware on to your PCs
Sanctuary Dark Web Market Hacked by Cipher0007 (BleepingComputer) A hacker that goes by the nickname of Cipher0007 has hacked the Sanctuary Dark Web marketplace. The hacker announced the breach a few hours ago and also posted proof of his intrusion.
Attacks within the Dark Web (Help Net Security) A honeypot setup simulating several underground services on the Dark Web revealed that hidden services are subjected to attacks from within and outside it.
Sharing Private Data with Webcast Invitations (SANS Internet Storm Center) Last week, at a customer, we received a forwarded email in a shared mailbox. It was somebody from another department that shared an invitation for a webcast “that could be interesting for you, guys!”.
How Twitter Is Being Gamed to Feed Misinformation (New York Times) After last year’s election, Facebook came in for a drubbing for its role in propagating misinformation — or “fake news,” as we called it back then, before the term became a catchall designation for any news you don’t like.
Hackers jailbreak permanent mods onto Super Mario World save files (Ars Technica) Incredible hack perpetually alters game through nothing but controller input.
Microsoft Outlook users hit by Office 365 outage (CRN Australia) Users unable to access Outlook accounts.
No cyber attack on Aadhaar biometric data: UIDAI (The Economic Times) The Unique Identification Authority of India, however, refused to share the latest cyber security assessment of Aadhar data, citing national security.
Twitter Creeps Are Making Jakarta Even More Dangerous For Women (Motherboard) An anonymous Twitter account was recently banned for uploading secretly recorded videos of women in public spaces.
Someone hacked a road sign in Houston with "Impeach Trump" Message (HackRead) Hacking electronic billboards or road signs is a growing new trend. Some hack these platforms for fun while some do it to highlight their political support
Security Patches, Mitigations, and Software Updates
Cisco, Netgear Readying Patches for Samba Vulnerability (Threatpost) Cisco is prepping fixes for two of its products affected by last week’s Samba vulnerability. Netgear has also pushed out a fix for NAS devices that were affected.
Google uses machine learning for new security features in Gmail (CSO Online) Google has pushed four new security features to enterprise users on G Suite, the search giant's hosted business offering. The new protections come shortly after Citizen Lab report exposed a Russia-linked Phishing and disinformation campaign using Google services, including Gmail.
In ongoing phishing fight, Google to delay delivery of suspicious messages to enterprise Gmail customers (WeLiveSecurity) How well Google protects its business customers impacts all of us - whether we have personally chosen to be users of Google's services or not.
Cyber Trends
Cybersecurity Experts Anticipate Growing Number of Attacks Against ERP Systems (PRNewswire) Crowd Research Partners with the support of ERPScan, a leading business application security provider, released the ERP Cybersecurity survey 2017.
Rising volume of attacks overpowers security teams (Help Net Security) A surge in attacks overpowers security teams. The amount of time companies are spending on analyzing and assessing incidents is a huge problem.
The newest cyber vulnerability: The ‘internet of things’ (Maryland Daily Record) The most likely cyber threat to your home? Probably the innocuous appliance or household device that you see as a modern convenience and not as a portal for hackers to penetrate your digital world.…
Ready or not, IoT third party risks are here (Help Net Security) Ready or not, IoT third party risks are here. Our cyber climate is evolving and organizations have to shift their focus to the security of external parties.
The future of IT security lies in automation (Cloud Security Solutions | Zscaler) In the wake of digitalisation, companies will no longer be able to handle the increasing levels of cybercrime through manual intervention.
Poll result: Are Australian businesses prepared for cyber attacks? (CRN Australia) We asked, you answered.
Marketplace
FICO Survey: Half of US Firms Don't Have Cybersecurity Insurance (PRNewswire) A full 50 percent of US firms do not have cybersecurity risk insurance, despite the fact that 61 percent of US firms expect the volume of cyber breaches to increase in the next year.
Why 27% of U.S. Firms Have No Plans to Buy Cyber Insurance (Insurance Journal) A full 50 percent of U.S. firms do not have cyber risk insurance and 27 percent of U.S. executives say their firms have no plans to take out cyber insuranc
Cyber security employee shortage 'barrier to effective threat detection' (Information Age) The skilled cyber security employee shortage tops the list of barriers to implementing effective threat detection and management
Singapore: Singtel Innov8 leads $20m Series D in CounterTack (DealStreetAsia) Cybersecurity firm CounterTack has closed a $20 million Series D round led by Singtel Innov8 and SAP National Security Services (SAP NS2).
Startup Spotlight: Microsoft cybersecurity vets launch Seklarity to help companies understand hacking risk (GeekWire) During the years Joe Donahue spent running Microsoft’s cybersecurity threat detection team, he observed a recurring problem. The team helped Microsoft customers respond to cyber attacks, which often…
Cisco and IBM Team Up On Security (Fortune) The giants are joining forces.
IBM, Cisco partner to help customers in fight against cybercrime (TechRepublic) Cisco and IBM have announced a partnership that will see integrations across their products and services as they aim to help customers improve their security posture.
IBM's Security Tie-Up With Cisco Once More Shows Big Blue's Value as a Tech Partner (TheStreet) Though IBM continues to face major revenue headwinds, its software and services expertise in numerous fields makes it a valuable ally to tech giants and others.
Cisco, IBM, and Verizon All Have the Same Problem (The Motley Fool) Dividend investors need to be more hands-on with these names going forward since success is no longer a given.
Lockheed Martin Plugs Into Energy Security Market (National Defense) Lockheed Martin announced in March 2016 that it was consolidating its energy portfolio. A year later, that decision is paying dividends for the defense industry giant.
FireEye: Shareholders No Longer WannaCry (Seeking Alpha) FireEye is finally emerging from bad business practices that led to massive negative margins. The Q1 results finally changed the trend of missing financial targ
Palo Alto Networks stock jumps 13 percent as revenue and profit top estimates (CNBC) Shares of Palo Alto Networks surged after hours on better-than-expected third-quarter results.
Malwarebytes swerves revenue approach with partner programme (MicroscopeUK) The usual focus on revenue has been avoided by the security vendor keen to reward those partners that generate new business and work with existing customers
Cyber Security: Why Companies Such As Darktrace Will Thrive (The Market Mogul) Following the WannaCry cyber attacks, society must increase their investment in cyber security and turn to companies like Darktrace for help.
CIS Senior Vice President Kathleen Patentreger Appointed a PCI Board Member (PRNewswire) CIS (Center for Internet Security) Senior Vice President of...
Cybric Appoints Former RSA Marketing Executive to Leadership Team (BusinessWire) Cybric, provider of the first software security assurance delivery platform, today announced the appointment of Carol Clark as the company’
Josh Horowitz Joins PasswordPing as Co-Founder and COO (PRNewswire) PasswordPing Ltd., a leading provider of compromised password solutions,...
Products, Services, and Solutions
Neustar Triples Global DDoS Defence Network Mitigation Capacity to More Than 4 Tbps Including EMEA and Singapore (Neustar) EMEA nodes expanded to over 1Tbps of regional capacity distributed across Frankfurt, Amsterdam and London
Tenable Delivers the First Vulnerability Management Platform to Unify IT and OT Security Across the Full Range of Traditional and Modern Assets (BusinessWire) Tenable delivers complete visibility over the full range of traditional and modern assets, from IT to OT, with the latest release of its cloud-based v
Rockwell Automation develops 3-step industrial security programme (Trade Arabia) US-based Rockwell Automation, one of the world's largest companies dedicated to industrial automation, has developed a three-step approach for building an industrial security programme that extends from the enterprise to the plant level.
SecureWorks to Deliver Critical Cyber Security Services to NH-ISAC Members At Preferred Prices (BusinessWire) SecureWorks®, a leading provider of intelligence-driven security solutions, has teamed with the National Health Information Sharing and Analysis Center...
Keybase adds end-to-end encryption to messages on the web (Naked Security) Chrome extension means that users can send encrypted messages on services such as Twitter, Facebook and Reddit that have enabled Keybase
WISeKey launches IIoT chip (Smart Cities World) Technology provides smaller IoT manufacturers that do not have the resources or expertise to perform thorough security analysis
Dropbox beefs up security in the cloud with MobileIron integration (TechRepublic) On Wednesday, MobileIron Access, the company's multi-cloud security product, integrated with Dropbox Business to secure data in the cloud. Here's what it means for the enterprise.
Resilient IoT Guardian Protects 'Things' Using a Layered Approach (eSecurity Planet) Resilient Network Systems teams up with RunSafe Security to secure enterprise Internet of Things deployments.
New RapidFire Tools Data Breach Liability Report Quantifies Financial Risk of Personal Data on the Network (GlobeNewswire News Room) MSPs confirm the tool has detected tens, even hundreds of thousands of dollars-worth of potential liability among their client base — and helped them win incremental business
Technologies, Techniques, and Standards
XData Ransomware Master Decryption Keys Released. Kaspersky Releases Decryptor. (BleepingComputer) In what has become a welcome trend, today another ransomware master decryption key was released on BleepingComputer.com. This time the key that was released is for the XData Ransomware that was targeting the Ukraine around May 19th 2017.
Avast Releases AES_NI Ransomware Decryptor After Master Keys Become Public (Virus Guides) Ransomware programs are a growing threat in today's cyber space. They have become a formidable source of income for computer hackers. Upon creating an encr
Blame game for cyber attacks grows murkier as spying, crime tools mix (Reuters) Veteran espionage researcher Jon DiMaggio was hot on the trail three months ago of what on the face of it looked like a menacing new industrial espionage attack by Russian cyber spies.
Tech pro cautions on attribution of cyber attacks (iTWire) Anyone attributing cyber attacks to Russia or any other country or hacker group should proceed with the utmost caution, the chief technology officer o...
Balancing act: Ensuring compliance with GDPR and US regulations (Help Net Security) When it comes to GDPR compliance USA companies with a global reach should create a unified compliance regime to make sure they don't incur fines.
The Stagnated Culture of Compliance (Recorded Future) Today, we have a plethora of security standards and compliance which has created a governed and stagnated culture. Have we crippled our own innovation?
A Culture of Security, Not of Blame (Infosecurity Magazine) People are aware of security, but don't blame them for technology failures.
What Can Hospitals do to Avoid Cyber Attacks? (Acumin) With reports of a rise in cyber attacks about English NHS hospital trusts in 2016, it’s a reminder that although hospitals need to protect their patients and staff from viruses, not all viruses are physical. Hospitals need protection from digital viruses as well.
The Power of an Exploit (Anomali) Not all exploits are created equalVulnerabilities and PatchingPatching vulnerabilities is something everyone with a technology footprint deals with on one level or another whether they realize it or not. Consumers patch vulnerabilities all the time even if they don’t realize that’s what they are doing. Updating a phone to the latest version of Android or iOS, for instance, often includes fixes for some underlying vulnerabilities. Choosing to restart a smart TV or an Amazon FireTV
Peter Cochrane: The road to password heaven or insecure hell? (Computing) Peter Cochrane looks at how to make stronger, better passwords that you can actually remember
4 Ways the Best IT Security Can Be Like a Team Sport (EdTech) A layered security approach helps protect networks and users every step of the way.
Design and Innovation
Hunt for Best Cybersecurity Talent in Europe Begins (Infosecurity Magazine) Cyber Security Challenge UK looks for 10 candidates to represent the nation at European Cyber Security Challenge competition
Research and Development
AT&T Foundry, Caltech Form Alliance for Quantum Technologies (HPCwire) The AT&T Foundry innovation center in Palo Alto, California is joining the California Institute of Technology to for
Academia
EMCC offers cyber security degree, addressing shortage (Meridian Star) East Mississippi Community College is offering a new program in cyber security to help meet the growing demand for information technology security professionals.
Legislation, Policy, and Regulation
On Cyber Coercion: Lessons from the Sony Hack that We Should Have Learned, But Didn’t (War on the Rocks) Can cyber coercion succeed? In other words, can threatening or conducting a cyber operation persuade an adversary to comply with one’s demands? The answer
Russia escalates spy games after years of U.S. neglect (POLITICO) Lawmakers and intelligence officials say that the United States missed opportunities to crack down on Russian espionage efforts.
NATO might trigger Article 5 for certain cyberattacks (Defense News) NATO will not rule out invoking Article 5 of its charter should one or more member nations find themselves under a serious cyberattack.
NATO Could Go To War Over A Cyber Attack (The Daily Caller) The North Atlantic Treaty Organization would consider a large enough cyber attack against one member an attack on them all, according to NATO officials. A persistent and devastating attack could tr
NATO to beef up cyber capabilities (Defense News) The development of NATO defensive and offensive cyber weaponry is tasked to the Western alliance’s dedicated cyber unit, which forms part of NATO’s Supreme Headquarters Allied Powers Europe.
Improved information sharing key for NATO cyber ops (IHS Jane's) NATO does not yet need a cyber Command but requires better sharing of information among members in the near term, according to military commanders and organisation officials.
China’s strict cybersecurity laws took effect today; potentially impacting foreign businesses (TechCrunch) The rigorous new Chinese cybersecurity laws which we wrote about last November took effect today. They're designed to give China's central government more..
China postpones portion of cybersecurity law (Fifth Domain | Cyber) China has postponed enforcement of part of a cybersecurity law that companies warn violates Beijing's free-trade pledges but says most of it will take effect Thursday as planned.
OMB tells agency leaders how to meet cyber executive order (Fifth Domain | Cyber) An Office of Budget and Management memo released in the wake of President Trump’s May 11 “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure” executive order lays out deadlines and and implementation guidance on required agency cybersecurity reporting.
The 5 non-cyber challenges facing federal cybersecurity (Fedscoop) Cybersecurity may be the top issue keeping federal CIOs, CISOs and other IT officials up at night — but it doesn’t exist in a vacuum alone. In addition to strong cybersecurity risk awareness and mitigation policies, as well as state-of-the-art threat detection software, agencies must also equip themselves with top talent, modern systems, efficient procurement …
Litigation, Investigation, and Law Enforcement
The many, many probes into Trump-Russia ties (The Economist) The FBI, the election commission and several congressional committees have investigations ongoing
House committee issues subpoenas in Russia probe; Comey OK'd to testify (Military Times) The House intelligence committee said Wednesday it is issuing subpoenas for President Donald Trump's former national security adviser and his personal lawyer, as well as their businesses, as part of its investigation into Russian activities during last year's election.
Dispute erupts over House panel subpoenas for CIA, FBI (Reuters) A political feud erupted on Wednesday over the U.S. House Intelligence Committee's probe of suspected Russian meddling in the 2016 presidential election, with charges that the panel's Republican chairman subpoenaed the CIA, FBI and National Security Agency without telling Democratic members.
Czech Court Approves Extradition of LinkedIn Hacker but Doesn't Say to Which Country (BleepingComputer) A Czech judge ruled yesterday that Yevgeny Nikulin, a Russian national accused of crimes in both the US and Russia, can be extradited based on the current charges. The court didn't specify to which country, and the decision now rests with Czech Justice Minister Robert Pelikan.
Senators want FBI to find out who attacked net neutrality comment system (Ars Technica) Democrats say net neutrality proceeding's integrity threatened by DDoS.
That Time The FBI Phished A Cop With Poisoned Microsoft Docs (Forbes) In an investigation into a Irondequoit, New York cop accused of stalking and harassing an ex-girlfriend, the FBI used techniques it often sees deployed by cybercriminals it investigates. It sent emails to the suspect containing Microsoft Word and Excel documents that, once clicked, would help them unmask the identity of the officer, William Rosica.
Appeals court upholds Ross Ulbricht’s life sentence for creating Silk Road (Ars Technica) Ross Ulbricht, aka Dread Pirate Roberts, will serve life in prison.
Court: Dead daughter’s parents have no right to access her Facebook account (Ars Technica) Berlin court says abiding by family's wishes would set dangerous privacy precedent.
Motorcycle Gang Busted for Hacking and Stealing Over 150 Jeep Wranglers (BleepingComputer) The FBI has arrested members of a motorcycle gang accused to have hacked and stolen over 150 Jeep Wranglers from Southern California, which they later crossed the border into Mexico to have stripped down for parts.