"Hidden Cobra," better known as the North Korean threat actor Lazarus Group, has been discovered distributing a remote administration tool to targets in the aerospace, finance, and telecommunications sectors. The US Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) in their warning yesterday called the RAT "FALLCHILL." It appears to be an espionage tool.
DHS and FBI also issued in a separate warning of a different North Korean bit of malware. This one, a Trojan called "Volgmer," is being distributed by spearphishing.
Someone—apparently a hacktivist, but it's difficult to be sure—is also hacking around North Korean radio. They got into the feed of a DPRK short-wave station (regarded as a "numbers station") and played Europe's 1986 hit "The Final Countdown."
Two Internet-of-things vulnerabilities have been disclosed. Cisco researchers report critical vulnerabilities in Foscam C1 Indoor HD Cameras. The vulnerable application firmware version is 188.8.131.52. And SEC Consult reports finding exploitable issues in older Siemens SICAM remote terminal unit modules. They're at the end of their life, and Siemens advises updating to newer versions.
OnePlus 5, 3 and 3T smartphones appear to have shipped with backdoors.
The UK reports Russian trolling during the run-up to the Brexit vote.
Both Microsoft and Adobe issued a large number of patches yesterday. Microsoft's fifty-plus fixes included some twenty that addressed Explorer and Edge critical browser issues. Adobe issued eighty patches affecting Flash Player, Photoshop, Connect, Acrobat and Reader, DNG Converter, InDesign, Digital Editions, Shockwave Player, and Experience Manager.
A well-informed cybersecurity strategy is essential to keeping your organization protected, but gathering global intelligence from various sources and locations is difficult. Your organization needs a partner with deep roots in cyber threat intelligence. The LookingGlass digital library (STRATISS) of strategic intelligence reports expands your understanding of the threat landscape and delivers the intelligence your decision makers want to their fingertips. Check out our intelligence here.
Earn a master’s degree in cybersecurity from SANS(Online, November 21, 2017) Earn a master’s degree in cybersecurity from SANS, the world leader in information security training. Learn more at a free online information session on Tuesday, November 21st, at 1:00pm ET. For complete information on master’s degree and graduate certificate programs, visit www.sans.edu.
Cyber Security Summit: Los Angeles(Los Angeles, California, USA, November 29, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security on November 29 in Los Angeles. Register with promo code cyberwire50 for half off your admission (Regular price $350).
Flaw in Siemens RTU Allows Remote Code Execution(Security Week) Potentially serious vulnerabilities have been found in some Siemens SICAM remote terminal unit (RTU) modules, but patches will not be released as the product has been discontinued.
The Ukrainian electric grid cyber attacks were not “success stories”(Control Global) The Ukrainian cyber attacks were not “half full” success stories but a message to the Ukraine and the US as to what the attackers could do to our grids. This is particularly important to the US as the BlackEnergy malware has been in our electric grids since at least October 2014.
This year's most hackable holiday gifts(Help Net Security) McAfee announced its third annual Most Hackable Holiday Gifts list to help consumers identify potential security risks associated with popular gifts this h
10-year-old kid succeeds in unlocking his mum’s iPhone X, with just a glance(HOTforSecurity) If you have a spare thousand dollars burning a hole in your pocket you might be tempted to purchase Apple’s latest smartphone, the iPhone X. The new device comes with a bigger screen than the previous regular incarnation of the iPhone and an improved camera... #biometrics #faceidsecurity #iphonex
Security Patches, Mitigations, and Software Updates
Adobe Patches 80 Flaws Across Nine Products(Security Week) Adobe on Tuesday announced the availability of patches for a total of 80 vulnerabilities across the company’s Flash Player, Photoshop, Connect, Acrobat and Reader, DNG Converter, InDesign, Digital Editions, Shockwave Player, and Experience Manager products.
Adobe, Microsoft Patch Critical Cracks(KrebsOnSecurity) It’s Nov. 14 — the second Tuesday of the month (a.k.a. “Patch Tuesday) — and Adobe and Microsoft have issued gobs of security updates for their software.
Bay Dynamics Risk Fabric puts vulnerabilities in context(CSO Online) Many vulnerability management programs will direct IT teams to the critical threat on the non-critical asset, and place a midlevel threat on a critical asset thousands of places down on the priority scale. It’s not the program’s fault. It just doesn’t know context. That is one of the major problems in the vulnerability management space that the Bay Dynamics Risk Fabric program is designed to solve.
Barracuda Announces New Cloud Generation Firewall Capabilities(null) Barracuda Networks, Inc. (NYSE: CUDA), a leading provider of cloud-enabled security and data protection solutions, today announced expanded public cloud functionality for the Barracuda Web Application Firewall and Barracuda NextGen Firewall.
SecurityFirst™ Launches Channel Partner Program(IT Briefing) SecurityFirst™, a provider of data-centric cyber solutions, today announced the SecurityFirst Partner Program designed to help resellers and service providers make more money selling critical data protection to clients.
Securonix Shrinks Cyber Incident Response Time With Phantom Integration - ForexTV(ForexTV) Securonix, the market leader in big data security analytics and user and entity behavior analytics, today announced integration of its Next Gen SIEM platform with Phantom, the clear leader in Security Automation and Orchestration (SA&O) market. This partnership enables security operations center (SOC) analysts to dramatically improve ...
Thwarting the Tactics of the Equifax Attackers(Cloudflare Blog) We are now 3 months on from one of the biggest, most significant data breaches in history, but has it redefined people's awareness on security? The answer to that is absolutely yes, awareness is at an all-time high. Awareness, however, does not always result in positive action. The fallacy which
Quantum Dawn War Games Test Cyber Resiliency in Finance Sector(Security Week) Quantum Dawn IV, a large-scale exercise to test the cyber resiliency of the U.S. finance sector, was held on Tuesday and Wednesday this week. The excercise had more than 900 participants from over 50 financial institutions, government agencies and regulators.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cyber Security Opportunities in Mexico Webinar(Washington, DC, USA, November 15, 2017) Learn about the cyber security opportunities in Mexico. Mexico is ranked 28th out of 164 countries in the ITU's 2017 Global Cyber Security Index. Companies spend approximately 3.5% of their IT budgets...
The 3rd Annual Billington INTERNATIONAL Cybersecurity Summit(Washington, DC, USA, November 21, 2017) The 3rd Annual Billington International Cybersecurity Summit on March 21 in Washington, D.C. at the National Press Club, will attract over 400 attendees at the leading forum on global cybersecurity in...
Aviation Cyber Security(London, England, UK, November 21 - 22, 2017) Join us on November 21/22 in London, England for the Cyber Senate Aviation Cyber Security Summit. We will address key issues such as the importance of information sharing and collaboration, supply chain...
Global Conference on Cyberspace (GCCS)(New Dehli, India, November 23 - 24, 2017) The Global Conference on Cyberspace (GCCS) aims to deliberate on the issues related to promotion of cooperation in cyberspace, norms for responsible behaviors in cyberspace and to enhance cyber capacity...
AutoMobility LA(Los Angeles, California, USA, November 27 - 30, 2017) The Los Angeles Auto Show Press & Trade Days and Connected Car Expo have MERGED to form AutoMobility LA, the new auto industry’s first true trade show. Register to join us in Los Angeles this November.
INsecurity(National Harbor, Maryland, USA, November 29 - 30, 2017) Organized by Dark Reading, the web’s most trusted online community for the exchange of information about cybersecurity issues. INsecurity focuses on the everyday practices of the IT security department,...
INsecurity(National Harbor, Maryland, USA, November 29 - 30, 2017) INsecurity is for the defenders of enterprise security—those defending corporate networks—and offers real-world case studies, peer sharing and practical, actionable content for IT professionals grappling...
Cyber Security, Oil, Gas & Power 2017(London, England, UK, November 29 - 30, 2017) ACI’s Cyber Security - Oil, Gas, Power Conference will bring together key stakeholders from energy majors and technology industries, to discuss the challenges and opportunities found in the current systems.
Cyber Security Summit Los Angeles(Los Angeles, California, USA, November 30, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Los Angeles. Receive...
cyberSecure(New York, New York, USA, December 4 - 5, 2017) cyberSecure is a unique cross-industry conference that moves beyond the technology of cyber risk management, data security and privacy. Unlike other cybersecurity events, cyberSecure brings together corporate...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.