Cyber Attacks, Threats, and Vulnerabilities
CIA Leak Reveals Gaps in Patchwork of Android Software (Wall Street Journal) Google says Android software updates resolve vulnerabilities highlighted by WikiLeaks documents, but likely only a fraction of phones received those updates.
How much are vendor security assurances worth after the CIA leaks? (CSO Online) Google, Apple, Microsoft and other software vendors are working to identify and patch the vulnerabilities described in the CIA leak, but ultimately this doesn't change the status quo of software security.
The CIA Leaks: Whodunit? (RedOwl) The latest Wikileaks dump of CIA data has a lot of people asking a lot of questions. At RedOwl, we put together some of the biggest questions on our mind and took an attempt at answering them. How technically significant is this dump? This leak, so far, is not as technically damaging …
WikiLeaks dump brings CIA spying powers into the spotlight (CSO Online) Has the CIA ever spied on you? That’s a key question swirling around Tuesday’s WikiLeaks document dump that allegedly detail the U.S. agency’s secret hacking tools.
Kellyanne Conway Wonders If a Microwave Can Spy On You. Spoiler: It Can’t. (WIRED) It's not coming from inside the house.
GOP senator alleges password-hijack attempts after blasting WikiLeaks founder (CSO Online) Sen. Ben Sasse (R-Neb.) did not elaborate on the exact nature of the password-reset messages he said he'd seen, such as whether they were limited to a single app and how they had been sent.
A cyber attack just took down a Canadian government website (National Observer) Government takes preventative measures in closing CRA portal for filing taxes over the weekend.
The Statistics Canada Site Was Hacked By an Unknown Attacker (Motherboard) Parts of the Canada Revenue Agency website were also shut down over the same vulnerability, smack in the middle of tax season.
Sensitive info from Air Force was publicly visible online: report (TheHill) Researchers reportedly discovered "gigabytes" of sensitive Air Force documents left unsecured online, visible to anyone who knew where to look for them without a password.
US military leak exposes 'holy grail' of security clearance files (ZDNet) Exclusive: These security clearance applications contain sensitive personal information, and are highly valuable to foreign adversaries seeking to undermine US national security.
Poorly-configured online backup leaks US Air Force documents (Bitdefender) Sensitive information related to the United States Air Force has been found exposed publicly on the internet, allowing anyone with a web connection to peruse them without authorisation and no need for a password. The discovery was made by security researchers at MacKeeper who said that they had found gigabytes of files on an internet-connected …
Three Mobile cyber attack: More customers hit than previously thought (City A.M.) A Three Mobile handset fraud investigation has identified tens of thousands more customers have been hit than was previously thought.
Several high risk 0-day vulnerabilities affecting SAP HANA found (Help Net Security) Onapsis discovered several high risk SAP HANA vulnerabilities. If exploited, these would allow an attacker to take control of the platform remotely.
Listen to ‘Tech Support’ Scam Calls That Bilk Millions Out of Victims (WIRED) To get to the bottom of a devious form of phone-based fraud, a group of researchers scammed the scammers.
Mirai is the hydra of IoT security: too many heads to cut off (CSO Online) Efforts to stop Mirai, a malware found infecting thousands of IoT devices, have become a game of whack-a-mole, with differing opinions over whether hackers or the security community are making any headway.
Credit Card Scrapers Continue to Target Magento (Threatpost) Researchers said last week they came across a malicious function that was snuck into a module in Magento in order to steal credit card information.
Nintendo Switch ships with unpatched 6-month-old WebKit vulnerabilities (Ars Technica) Apple patched so-called "Trident" bugs in iOS 9.3.5 back in August.
Researchers find 38 Android devices shipping with pre-installed malware (Naked Security) Malicious apps not part of the original ROM, say researchers, but were added somewhere along the supply chain
If Your iPhone is Stolen, These Guys May Try to iPhish You (KrebsOnSecurity) KrebsOnSecurity recently featured the story of a Brazilian man who was peppered with phishing attacks trying to steal his Apple iCloud username and password after his wife’s phone was stolen in a brazen daylight mugging.
Ransom demand with county cyber attack about $30,000 (The Newark Advocate) The ransom demand of Licking County government to recover computer files was 28 bitcoins, valued at $34,579, on Monday.
One-Third of Ransomware Victims End Up Paying the Ransom (eSecurity Planet) Another 54 percent refuse to pay but are able to recover their data anyway, a recent survey found.
IRS Guides Taxpayers to Avoid Online Scammers (Dark Reading) Internal Revenue Service calls on taxpayers to be extra vigilant about cybersecurity, especially during tax season.
Perez Hilton website visitors hit by two malvertising attacks in same week (Graham Cluley) Visitors to the immensely popular celebrity gossip blogging website Perez Hilton have recently been struck by ransomware attacks pushed out via poisoned ads.
Malware's Newest Disguise: The Humble Resume - Bromium (Bromium) Ransomware use goes back to the 1980s when developers and programmers, afraid that they would not be paid, sometimes inserted “time bombs” into the code. Ransomware plays a role in the insidious new trend where cybercriminals are targeting healthcare organizations through the use of an unsuspecting accomplice. What started with 256-bit encryption has now reached 2048-bit. To decrypt this, …
Top five most wanted malware families worldwide (Help Net Security) The Hancitor downloader has surged into the top five most wanted malware families worldwide for the first time, according to Check Point.
Hacker Lexicon: What Is an Attack Surface? (WIRED) Whenever there's a hack, one of the first questions is how the attackers got in. For the answer, look to the attack surface.
LinkedIn Breach: Weak Passwords Are the Norm (Infosecurity Magazine) About 35% of the leaked LinkedIn passwords were already known from previous password dictionaries.
Security Patches, Mitigations, and Software Updates
March Android Security Update Breaks SafetyNet, Android Pay (Threatpost) Google has re-issued its over-the-air Android security update after Nexus 6 users reported that the patches broke the SafetyNet API and features such as Android Pay no longer worked.
Telepresence Robots Patched Against Data Leaks (Threatpost) Double Robotics telepresence robots were patched against vulnerabilities that leaked device data and session keys and tokens.
How to Update All Your Gear (For Safety!) (WIRED) The simplest thing you can do to make yourself just a little bit safer: Keep your firmware up to date.
By the end of March no one will remember that Microsoft missed a Patch Tuesday (Help Net Security) Like the weather in Minnesota, the March Patch Forecast is unpredictable at best. Be prepared for turbulent times interspersed with moments of calm.
Cyber Trends
M-Trends 2017 Cyber Security Trends (FireEye) The annual report was compiled by consultants at Mandiant based on hundreds of incident response investigations in more than 30 industry sectors. It offers recommendations on how organizations can improve the way they prevent, detect, analyze and respond to cyber attacks.
Most security pros expect increasing attacks on Industrial Internet of Things (Help Net Security) A new survey looked at the rise of Industrial Internet of Things deployment in organizations, and to what extent it is expected to cause security problems.
96% Of Infosec Pros Expect An Increase In Cyber Attacks On Industrial IoT (Information Security Buzz) Study reveals most organizations take additional precautions to secure IIoT London, UK. Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced the results of a study conducted in partnership with Dimensional Research. The study looked at the rise of Industrial Internet of Things (IIoT) deployment in organizations, and …
IT Workers Expect Industrial Internet of Things Attacks to Rise (Infosecurity Magazine) New research suggests nearly all workers expect to see more attacks on IIoT infrastructure, but most are not prepared
Will the IoT force truck stops? (Help Net Security) Autonomous trucking is on the horizon, yet imagine the social and economic impact if one day those trucks simply stopped. Can the IoT force truck stops?
From Data to Critical Infrastructure: Attackers Get Physical (Infosecurity Magazine) No longer just regulatory fines and reputational damage, but the possibility of actual physical harm.
Report finds the security of confidential documents is a significant problem (CSO Online) 60 percent of survey respondents say sensitive documents have accidentally been sent to the wrong person.
Sir Tim Berners-Lee warns of the threats to today’s web (TechCrunch) Sir Tim Berners-Lee doesn't issue too many proclamations, but those he does are usually quite sensible. The latest, occasioned by the 28th anniversary of Sir..
Marketplace
Demystifying cyber insurance coverage (DU Press) Organizations continue to invest heavily in cybersecurity efforts to safeguard themselves against threats, but far fewer have signed on for cyber insurance to protect their firms afteran attack. Why not? What roadblocks exist, and what steps could the industry take to help clear them?
$1.2 billion security startup Okta files for its long-awaited IPO (Business Insider) The $1.2 billion security startup Okta has filed for its initial public offering.
Identity management software provider Okta files for today’s second $100M IPO (TechCrunch) It looks like Snap's (at least perceived) successful IPO has officially opened the window: Following Yext officially filing for an IPO this afternoon,..
Cymulate Raises $3M for Attack Simulation Technology (eSecurity Planet) Startup raises new funds to help expand its reach, with a diverse set of Software-as-a-Service offerings to test an organization's ability to withstand different types of attacks.
BRIEF-Symantec Corp entered into accelerated stock repurchase agreements (Reuters) Symantec Corp - on March 10, entered into accelerated stock repurchase agreements with financial institutions to repurchase $500 million of co's common stock
NCC Group launches bounty for open source security flaw fixes (ComputerWeekly) Firm hopes bounty scheme will inspire others to do the same to encourage security specialists to make open source software more secure
McAfee to add jobs, ramp up investment in India (US China News) IT security firm McAfee is looking at adding more jobs at its centre in Bengaluru and will continue to invest in growing local business in India, a top official said on Sunday.
Anchor Technologies moves to Columbia from Annapolis (Baltimore Sun) The cyber security firm's new office is three times the size of its old space.
Yahoo to give Marissa Mayer $23 million parting gift after sale to Verizon (Ars Technica) Mayer will leave as what remains of Yahoo becomes Altaba holding company.
Security Industry Association Recognizes Ken Mills of Dell EMC with 2016 SIA Chairman’s Award (PRWeb) Mills has been a prominent proponent of cybersecurity measures in his roles on the SIA Board of Directors and the SIA Cybersecurity Advisory Board.
Products, Services, and Solutions
Simility Adds AI Powered Adaptive 3-D Secure Support to Increase Merchant Profits (Marketwired) Enables chargeback protection for merchants by selectively invoking 3-D secure for high-risk transactions
Trustonic and Armour Communications partner on secure government and enterprise communications (Trustonic) Trustonic has announced a partnership with Armour Communications, a leading supplier of strong, end-to-end encrypted voice, data and video communication.
Threat operations and management with ThreatQ (Help Net Security) The ThreatQuotient CTO discusses the relevance of threat intelligence, and the ThreatQ platform, designed to enable threat operations and management.
ID TECH and Worldnet achieve EMV certification through First Data (ABNewswire) Worldnet’s EMV certified payment application “GoChip” and ID TECH’s EMV certified readers streamline and accelerate EMV Migration.
Actiance Helps Simplify Security in the Cloud (Yahoo! Finance) REActiance , the leader in communications compliance, archiving, and analytics, and a Microsoft Gold Partner, today announced customers can now host ...
Intel's CHIPSEC can detect CIA's OS X rootkit (Help Net Security) Intel Security offered a tool that can identify the presence of the DarkMatter EFI rootkit on machines running Apple's OS X.
Akamai and AT&T Renew Global Alliance Through 2019 (Yahoo! Finance) The renewed alliance means AT&T business customers in the U.S. and around the globe will continue to have access to Akamai services as part of a comprehensive portfolio of cloud and network solutions from AT&T. In addition, Akamai is expanding its global server footprint located at the edge of AT&T&
Safe-T and SecureAuth Revolutionize Application Access Security (PRNewswire) Safe-T Data, the leading provider of secure data exchange and...
Harris radio system gains NSA certification (UPI) Harris Corporation's new RF-300H communications system has been approved for transmitting classified images and data, the company announced Monday.
Thales Offers Transparent Encryption with BT (Database Trends and Applications) Thales, a provider of cybersecurity and data security, will partner with BT, a provider of communications services and solutions, to provide Vormetric Transparent Encryption to its users. Vormetric Transparent Encryption helps customers encrypt data-at-rest, control privileged user access, and manage a collection of security intelligence logs without re-engineering applications, databases or infrastructure.
High-Tech Bridge Teams with Imperva for Virtual Vulnerability Patching of Web Services and Applications (Yahoo! Finance) High-Tech Bridge, a leading application security testing company, announced it has teamed with Imperva to integrate High-Tech Bridge’s ImmuniWeb platform with the Imperva SecureSphere Web Application Firewall solution.
The NSA's 'Twitter For Spies' Has Over 60,000 Users - Motherboard (Motherboard) Data obtained through a Freedom of Information Act request reveals just how popular the NSA's social network for spies called eChirp really is.
Technologies, Techniques, and Standards
How to remove ransomware: Use this battle plan to fight back (CSO Online) Ransomware has exploded onto the PC. We'll show you what to do to avoid it, remove it, and—if necessary—even negotiate with its authors.
Reinventing software patching, curing big security holes (Help Net Security) 0patch sends tiny patches of code (usually less than 30 bytes) to computers and devices in order to fix software vulnerabilities in various products.
Post Breach Identity Theft Monitoring: Too Little Too Late (Security Week) Breached companies must get ahead of attacks and provide security that protects victims before they are victimized again
Cybersecurity: The Best Defense is a Good Offense (Bricata Blog) A CISO employed by a global insurance carrier walked RSA attendees through an excellent case study on how to shift from a defensive to an offensive security posture.
Cookie hijacking attack - Penetration Testing in Linux (Penetration Testing in Linux) HTTP is a stateless protocol, in order to maintain and track the user’s state, the introduction of the Cookie and Session. Cookie First introduced with Netscape 0.9 on October 13, 1994, a cookie is a small amount of text-only data saved on your computer while you browse a certain website. This information can be used …
Design and Innovation
Invisible reCAPTCHA means no more clicking on kitten pictures to prove you’re carbon-based (Naked Security) Google’s Invisible reCAPTCHA means most humans won’t have to jump through hoops – the algorithms will determine if you’re a robot
Bitcoin Is for the People, Not Wall Street (Motherboard) Bitcoin needs to focus on usability, now more than ever before.
Academia
Raytheon Sponsors Nation's Largest Cybersecurity Competition - American Security Today (American Security Today) College students from more than 220 schools across the United States will showcase their defensive cyber skills during the 2017 National Collegiate Cyber Defense Competition. Beginning with 10 regional contests in March and April, the teams will compete to show who can best protect a computer network …
Republic Polytechnic announces joint labs with security vendors (Networks Asia) Republic Polytechnic (RP) unveiled two initiatives at the Republic Polytechnic(SOI) Industry Day to enhance skills development opportunities for students from the Diploma in Infocomm Security Management.
Legislation, Policy, and Regulation
Singapore Eyes Tougher Cyber Laws (The Diplomat) The city-state is looking to strengthen legal measures against cybercrimes.
Turf war between GDS and HMRC over Gov.UK Verify just 'creative tension', says local government CDIO Ed Garcez. (Computing) But Garcez admits that the Verify platform needs time to mature.
WikiLeaks Dump Shines Light on Government's Shadowy Zero-Day Policy (Defense One) The documents shed little light on how many unknown vulnerabilities the intelligence agency retains and how well it vets the damage they might cause.
Should the U.S. stockpile zero days? (FCW) Zero-day vulnerabilities live on average for 6.9 years and have a low rate of discovery by other entities, which could argue in favor of stockpiling them, according to a comprehensive study by the RAND Corporation.
Make America Secure Again: Trump Should Order U.S. Spy Agencies to Responsibly Disclose Cyber Vulnerabilities (Information Technology and Innovation Foundation) Last week, WikiLeaks released a trove of CIA documents that detail many of the spy agency’s hacking capabilities.
I Ran Intel at the Pentagon. Here’s My Advice on Insider Threats (Defense One) If I were still in government, this is what I would be telling Defense Secretary Mattis and the DNI.
Bill proposes letting victims of cybercrime hack the hackers (Naked Security) What could possibly go wrong? Republican Tom Graves’ bill ‘might result in harm to innocent parties’, warns law professor
Will NSA's Rob Joyce Be Trump's Top Cybersecurity Adviser? (BankInfo Security) The latest ISMG Security Report leads with a profile of Rob Joyce, the National Security Agency operative who is reportedly under consideration to be President Donald Trump's top cybersecurity adviser.
Senate Democrats question FCC chair’s independence from Trump (Ars Technica) Dems want promise that Pai won’t “penalize free speech” to punish Trump enemies.
Combatant Commands in an era of multi-domain battle [Commentary] (Defense News) One service cannot complete the mission alone, and new domains must fuse with the traditional service-specific physical domains.
Cyber, electronic warfare top urgent buying needs for Army (C4ISRNET) As near-peer adversaries are catching up and challenging the U.S. military, the Army is pursing certain technologies and capabilities with urgency to meet these challenges.
Former VP laments that even now, sharing medical data is awful (Ars Technica) Moonshot hopes, medical data sharing, and a “Cyber National Guard.”
Litigation, Investigation, and Law Enforcement
Beware 'fake news' on GDPR, warns compliance lawyer Jonathan Armstrong (Computing) Many companies have a false sense of security around compliance, warn industry insiders,
Evidence of wiretapping due to Congress today (Washington Examiner) There’s no indication the White House plans to meet a request to provide by today any evidence to back up President Trump’s explosive charge that his predecessor President Obama wiretapped Trump Tower a month before the election last year.
House investigators on a Trump-Russia 'collision course' (POLITICO) The top Republican on the intelligence committee was on Trump's transition team. The lead Democrat is a fierce Trump critic.
Washington's Spy Paranoia (The Atlantic) Who did the Russian ambassador meet in D.C.? Welcome to America’s capital city, where everyday encounters may not be what they seem.
Home Depot Will Pay Banks $25 Million for 2014 Breach (Dark Reading) Home Depot has already spent $179 million in compensation for the data breach, which affected 50 million customers.
Man behind GemCoin, a fake cryptocurrency, settles lawsuit for $71M (Ars Technica) Judge: “Defendant has shown no sign of recognition of wrongdoing.”
Child Abusers Ran Fake Chat Sites to Trick Kids (Motherboard) Abusers would coerce victims with webcam footage of other children, or "loops."