Cyber Attacks, Threats, and Vulnerabilities
Exclusive: Iran-based political influence operation - bigger, persistent, global (Reuters) An apparent Iranian influence operation targeting internet users worldwide is significantly bigger than previously identified, Reuters has found, encompassing a sprawling network of anonymous websites and social media accounts in 11 different languages.
Critical Apache Struts Vulnerability Exploited in Live Attacks (SecurityWeek) Critical remote code execution vulnerability (CVE-2018-11776) in Apache Struts 2 is being exploited in malicious attacks, threat intelligence firm Volexity warns.
Hackers drop crypto mining on vulnerable Struts (iTnews) Active scanning and exploitation of unpatched boxes afoot.
Exploit Published for Windows Task Scheduler Zero-Day (SecurityWeek) Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface, which can allow a local user to obtain SYSTEM privileges.
Critical Windows zero-day security flaw revealed anonymously on Twitter (Computing) Microsoft working on a fix to the verified security flaw
Microsoft Windows zero-day vulnerability disclosed through Twitter (ZDNet) Updated: There is no known workaround for the security flaw.
The Urpage Connection to Bahamut, Confucius and Patchwork (TrendLabs Security Intelligence Blog) We dig deeper into the possible connection between cyberattacks by focusing on the similarities an unnamed threat actor shares with Confucius, Patchwork, and another threat actor called Bahamut. For the sake of this report, we will call this unnamed threat actor “Urpage.”
Facebook Flaw Allowed Remote Commands (Threatpost) Facebook failed to fully sanitize error data returned by a public facing web app.
Fiserv Flaw Exposed Customer Data at Hundreds of Banks (KrebsOnSecurity) Fiserv, Inc., a major provider of technology services to financial institutions, just fixed a glaring weakness in its Web platform that exposed personal and financial details of countless customers across hundreds of bank Web sites, KrebsOnSecurity has learned.
Brazilian Crypto exchange hacked; private data of over 264,000 users exposed (HackRead) Follow us on Twitter @HackRead
Hackers Breach Cryptocurrency Platform Atlas Quantum (SecurityWeek) The information of over 260,000 users was stolen after hackers managed to compromise the cryptocurrency investment platform Atlas Quantum.
Old "Misfortune Cookie" flaw opens medical gateway and devices to attack (Help Net Security) A medical gateway device vulnerability can be easily exploited to allow attackers to execute unauthorized code to obtain administrator-level privileges.
Spyware Company That Marketed To Domestic Abusers Gets Hacked (Motherboard) A hacker broke into the servers of TheTruthSpy, one of the most notorious stalkerware companies out there, and stole logins, audio recordings, pictures, and text messages, among other data.
Analysis | The Cybersecurity 202: These researchers worry more about cybercriminals hacking the grid than nation-state hackers (Washington Post) Here's why.
Nuclear Plants are not cyber secure and it can affect nuclear safety (Control Global) Nuclear plant cyber security requirements still do not address process sensors. This can directly affect nuclear safety.
Graphus detects sophisticated SharePoint phishing attacks (Graphus) Graphus has detected several SharePoint attacks for our customers. These are newer attack types that are extremely well crafted and difficult to detect.
Remote Code Execution on packagist.org (Max Justicz) tl;dr There was a remote code execution vulnerability on packagist.org, the default package server behind Composer, a PHP package manager. Packagist currentl...
Your data center's IT is lock-tight, are the facility's operations? (Help Net Security) Securing data centers is important, and operators are doing themselves a disservice by focusing on IT as the only line of defense against attacks.
Scammers Threaten to Review Bomb a Travel Company Unless it Pays Ransom (Motherboard) Twitter bots, fake reviews, and Instagram comments are the tools of a black hat SEO extortion attempt.
Researchers find way to spy on remote screens—through the webcam mic (Ars Technica) Remote audio plus machine learning equals rudimentary remote screen viewing.
Air Canada confirms mobile app data breach (TechCrunch) Air Canada has confirmed a data breach on its mobile app, which the airline said may affect 20,000 people — or 1 percent — of its 1.7 million app users. The company said it had “detected unusual log-in behavior” occurring between August 22-24. According to an email to customers, attacke…
Google created “unnecessary risk” for Fortnite users, claims Epic boss (Naked Security) Google disclosed the bug “in order to score cheap PR points”, said Epic CEO and founder Tim Sweeney,
Security Patches, Mitigations, and Software Updates
Instagram finally supports third-party 2FA apps for greater account security (Graham Cluley) Instagram has entered the 21st century, and finally added support for third-party 2FA apps like Google Authenticator, Duo Mobile, and Authy.
Please turn it on.
Cyber Trends
Cybercriminals shift tools, tactics and procedures to improve infection rates (Help Net Security) Cybercriminals are moving away from attention-grabbing ransomware attacks to more covert methods intended to steal money and valuable computing resources.
Cybercriminals Changing Tactics as Seen in First Half Report (Trend Micro) Today, Trend Micro released its first half 2018 security roundup report in which we want to share the threat intelligence we discovered through the Trend Micro™ Smart Protection Network™ that allows us to identify the threats that have targeted our customer base. Below are some thoughts I’d like to share with you about these trends...
Cryptomining Malware Soars 956% in a Year (Infosecurity Magazine) Trend Micro blocked over 20 billion threats in the first six months of 2018
77% of Businesses Have Experienced Cyber Attack in the Past 12 Months (Security Boulevard) The vast majority of businesses think data protection is important or mission-critical for digital and IT transformation projects, but they lack the technological provisions to provide good data protection assurance.
5 ways the World Economic Forum says AI is changing banking (American Banker) The forum, which is best known for its annual Davos economic conference, offers insights on what many get wrong about artificial intelligence and how banks should be thinking about using it.
Deloitte Publishes Report About Major Blockchain Trends (CryptoNews) Cryptocurrencies came along almost ten years ago, and it caused quite a stir in the global financial markets. Blockchains also gathered a lot of attention [...]
Banks should not assume fraud victims are at fault, UK watchdog says (Reuters) Banks should not assume that customers have been negligent when they fall for scams peddled by increasingly sophisticated fraudsters, Britain's financial ombudsman said on Wednesday.
UK Watchdog Warns Banks Scams Are Not Users Fault (Information Security Buzz) In response to the news that the financial ombudsman has come out today saying that banks should not assume victims are at fault, James Romer, Chief Security Architect at SecureAuth + Core Security and David Kennerley, Director of Threat Research at Webroot commented below. James Romer, Chief Security Architect at SecureAuth + Core Security: “Cybercriminals dedicate …
The four ways that ex-internet idealists explain where it all went wrong (MIT Technology Review) 21st-century digital evangelists had a lot in common with early Christians and Russian revolutionaries.
Marketplace
Yahoo, Bucking Industry, Scans Emails for Data to Sell Advertisers (Wall Street Journal) The web giant owned by Verizon analyzes more than 200 million inboxes for clues about what products people might buy—a practice much of Silicon Valley has declared off-limits.
Facebook: It’s too tough to find personal data in our huge warehouse (Naked Security) GDPR: it means give users their data when they ask for it, and Facebook’s refusal to do so has provoked an inquiry by the Irish DPC.
Risks and Rewards of Google's Improving Security (Infosecurity Magazine) A Google tool detects bad actors and defends against nation-state threats.
Senators Criticize Google CEO for Declining to Testify (BloombergQuint) Google’s Sundar Pichai is facing bipartisan criticism for refusing to testify at a Senate Intelligence Committee hearing next week, but the panel’s chairman signaled he’s unlikely to issue a subpoena to force the chief executive officer to appear.
World’s Leading Human Rights Groups Tell Google to Cancel Its China Censorship Plan (The Intercept) A blistering letter from Amnesty International and Human Rights Watch calls a forthcoming search engine with blacklists “an alarming capitulation by Google on human rights.”
We should all be worried about Google’s power (New York Post) Tuesday brought endless commentary and reporting on how President Trump was being utterly ridiculous and conspiratorial to accuse Google of bias in its search algorithms. Funny: Just over a year ag…
Opinion | Google is on the verge of making a huge mistake with China (Washington Post) A Google project appalls Chinese fans who thought the company stood for something higher.
Facebook has restored the cross-posted tweets that were removed from users’ profiles (TechCrunch) Facebook says it has corrected the issue of users’ deleted posts, which had affected those who had previously cross-posted their Tweets to their Facebook profile – a feature that’s no longer supported. Earlier this month, Facebook locked down its API to prevent third-party apps fr…
Allstate Accelerates Expansion into Identity Protection with Acquisition of InfoArmor (Arizona Daily Star) The Allstate Corporation (NYSE: ALL) has agreed to acquire InfoArmor, Inc., a leading provider of employee identity protection to more than 1 million employees and their family members at over 1,400 firms, including more than 100 of the Fortune 500 companies.
Lacework Raises $24 Million to Expand Cloud Security Business (SecurityWeek) Cloud security firm Lacework has raised $24 million through Series B funding round with Sutter Hill Ventures, bringing the total raised to $32 million.
Industrial Cybersecurity Firm Indegy Raises $18 Million (SecurityWeek) Industrial cybersecurity firm Indegy has raised $18 million through a Series B funding round, bringing the total amount raised by the company to $36 million.
Bark brings in $9M to help parents track their kids’ online activity (TechCrunch) Not to be confused with a dog-walking startup, Bark is a watchdog for kids’ and teens' internet security. Today it announces a $9 million Series A led by Signal Peak Ventures, with participation from Two Sigma Ventures, Symmetrical Ventures, Fuel Capital, Hallett Capital and Atlanta Seed Company.
…
Terra is an ambitious crypto project to build a stable coin through e-commerce (TechCrunch) Four of the world’s largest crypto exchanges are leading a $32 million investment in an ambitious venture out of Korea that’s aiming to develop a new stable coin using e-commerce as the lynchpin. Global exchanges Binance Labs, OKEx, Huobi Capital, and Dunamu — the firm behind Kore…
FireEye May Have Just Found The Key To Profit (Seeking Alpha) FireEye's most recent financial report shows a company that is on the verge of breaking into profitable territory. The company made headlines on Thursday by ass
Should FireEye Investors Start Jumping Ship? (The Motley Fool) FireEye investors aren't buying the company's story because of these red flags.
Splunk Growth Outpacing Competitors (BusinessWire) Splunk Inc. (NASDAQ: SPLK), first in delivering “aha” moments from machine data, today announced the company's continued growth in IT Operations Analy
Qualys Boosts Its Government Platform (Seeking Alpha) In June, Qualys announced that it entered into a non-binding letter of intent to purchase Second Front Systems. The acquisition is expected to provide increased
MITRE names new cyber and security chief (Fifth Domain) The position is responsible for the cyber strategy and protection from physical and digital attacks of the MITRE corporation, a nonprofit organization that manages federal research.
Vera welcomes Carlos Delatorre as CEO (Help Net Security) In his new role as CEO, Carlos Delatorre brings to Vera go-to-market knowledge along with strong operational expertise.
Products, Services, and Solutions
Varonis Announces Q2 Winners of Channel Partner Awards (GlobeNewswire News Room) Awards recognize channel partners for their commitment to helping customers protect data from insider threats and cyberattacks
Digital Shadows SearchLight Enhances Threat Intelligence for its Clients by Integrating with Webroot BrightCloud® Threat Intelligence Services (PRNewswire) Partnership Boosts Market‐leading Risk Analysis Platform with Industry Leading Digital Risk Management Service.
ButterflyVPN: World's Tiniest VPN Router and Most Travel-Friendly Available for Retail Purchase (Digital Journal) U-Disk VPN solution for travelers, Plug and Play, 10 plus devices supported at an affordable price
Tool and resources to help small merchants improve payment card data security (Help Net Security) The PCI Security Standards Council launched updated educational resources and a new tool to help small businesses improve payment card data security.
TP-Link introduces AC2600 Wi-Fi router with enhanced security (Help Net Security) With Intel technology, the Archer C2700 optimizes entire WiFi network for traffic and provides bandwidth for multiple devices.
Navisite upgrades its Managed DaaS solutions with VMware Horizon DaaS 8.0 (Help Net Security) With new DaaS solution and the VMware Horizon DaaS 8.0 and Microsoft Windows 10, the desktop in the cloud becomes a reality.
Comtech EF Data releases new Durostream WAN Optimization appliances (Help Net Security) Comtech EF Data announced the new Durostream AHA725 and AHA723 WAN Optimization appliances with packet protection from its AHA Products Group.
NEXT Biometrics to provide software customization with FingerCell algorithm (Help Net Security) The FingerCell algorithm allows developers of solutions incorporating NEXT Biometrics fingerprint sensor technology to customize their own products.
Minerva Labs Achieves Certified Integration with McAfee ePO™ Through the McAfee Security Innovation Alliance (PRWeb) Minerva Labs, announced today that it has achieved technical integration of its Anti-Evasion Platform with McAfee ePolicy Orchestrator™(ePO), enabling
Experian Rolls Out Child Identity Theft Scan (PYMNTS.com) To help parents protect against child identity theft, Experian is rolling out a Child ID scan. The service comes as 1 million children had their identities stolen last year, and Experian has designated Saturday (Sept. 1) as Child Identity Theft Awareness Day, the company said in an announcement. The scan seeks to find if a […]
Perfect Privacy review: The price is high, but the speeds are good (PCWorld) Perfect Privacy is a little known VPN with a shadowy ownership structure but good performance and an antiquated interface.
Digital Shadows SearchLight Enhances Threat Intelligence for its Clients by Integrating with Webroot BrightCloud(R) Threat Intelligence Services (IT News Online) Partnership Boosts Market leading Risk Analysis Platform with Industry Leading Digital Risk Management Service.
Bugcrowd announces free training platform (SC Media US) Bugcrowd crowdsourcing platform last week launched a free educational platform for security researchers called Bugcrowd University.
Symantec Simplifies Cloud Migration with Management Center 2.0 (Markets Insider) Symantec Corp. (NASDAQ: SYMC), the world’s leading cyber security company, has announced significant enhancements to Symantec Management Center.
Symantec Corp. (NASDAQ: SYMC), the world’s leading cyber security
company, has announced significant enhancements to Symantec
...
Technologies, Techniques, and Standards
Why reversible cyberattacks could become standard in digital warfare (Fifth Domain) Reversible cyber operations have been praised as a warfare tactic of the future, and some have argued attacks whose affects cannot be restored may violate the laws of war in years to come.
Will you still need a VPN with WPA3? (Security Boulevard) Behold, the dawn of WPA3! Well... actually, there’s nothing much to see yet.
CISOs Reveal the Most Likely Culprits for Data Leaks (Infosecurity Magazine) Data security issues can be profoundly damaging. How can your organization avoid them?
Understanding the threat key to good cyber defence (The Business Times) ONE indirect result of the SingHealth cyberbreach - in which digital records of 1.5 million patients were stolen - has been that there is now growing realisation within South-east Asia that data breaches and cyber attacks do not happen only in the West.
How One Company's Cybersecurity Problem Becomes Another's Fraud Problem (Dark Reading) The solution: When security teams see something in cyberspace, they need to say something.
7 Steps to Start Searching with Shodan (Dark Reading) The right know-how can turn the search engine for Internet-connected devices into a powerful tool for security professionals.
Design and Innovation
The terrifying, hidden reality of Ridiculously Complicated Algorithms (TheTLS) 'Algorithms have changed, from Really Simple to Ridiculously Complicated. They are capable of accomplishing tasks and tackling problems that they’ve never been able to do before.'
Academia
University College Oxford Launches Blockchain Research Centre (PRNewswire) Director says the new centre aims to bring Blockchain to the mainstream
Norwich gets $3.5 million NSF grant for cybersecurity scholarships (Vermont Business Magazine) Vermont Business Magazine Norwich University has received a $3.58 million grant from the National Science Foundation (NSF) as part of a “Scholarship for Service” program, in which student-recipients majoring in computer security and information assurance commit to work for the federal government following graduation.
Legislation, Policy, and Regulation
NIS Directive Met, Polish Cybersecurity in Effect (Infosecurity Magazine) One of 17 countries to miss the NIS Directive deadline, Poland's National Cybersecurity System Act is now in effect
Governments want your smart devices to have stupid security flaws (Nature) Steven Aftergood assesses a warning about the future of the Internet.
Surveillance legislation: Government’s ‘lip service’ on backdoors (Computerworld) Draft government legislation intended to increase law enforcement organisations’ ability to monitor the use of online communications services pays “some lip service to not creating backdoors”, according to Robin Doherty, a privacy advocate and a security champion at software consultancy ThoughtWorks.
Marise Payne defends 5G ban on Chinese telcos Huawei and ZTE (the Guardian) Excluding the companies from the Australian network has angered Beijing, but foreign minister says it protects national security
China intensifies criticism of Australia's Huawei 5G ban (Financial Review) Beijing has ramped up criticism of Australia's ban on Huawei bidding for 5G mobile phone network contracts, accusing the Morrison government of 'double standards'.
Opinion | America Goes on the Cyberoffensive (Wall Street Journal) U.S. government hackers will now have greater latitude to deter and answer attacks.
Feds, Facebook and Microsoft brief state election officials on cyberthreats (StateScoop) The call focused on bringing public and private resources together to push back against foreign threats against voting systems.
“Your voter data is secure,” Oklahoma agencies prepare for runoff elections (KFOR.com) As Oklahomans prepare to vote in the runoff primary election Tuesday, the state's election board said there are "no specific threats" to security. "We’re working with our partner agencies to make sure we’re doing everything we can to protect the integrity and security of elections in Oklahoma," said Paul Ziriax, secretary of the Oklahoma State Election Board.
A Proposed Agenda for a New PCLOB (Lawfare) The inquorate privacy watchdog may be back in action soon. If so, it should review the NSA’s call detail records program, Section 702, and the disparate impact of surveillance on minorities.
Focusing on the long tail of cybersecurity (FCW) DHS wants to use its new risk management center to buy down cybersecurity risks over the long term while leaving operational cyber incident response duties to the NCCIC.
Trump Accuses Google of Suppressing Positive News About His Presidency (Wall Street Journal) President Trump accused Google of elevating critical stories about him, calling it a “very serious situation” that will be addressed. Google said “we don’t bias our results toward any political ideology.”
New bill looks to end Trump’s security clearance threats (Federal Times) Members of Congress introduced a bill that would prevent Trump from using the revocation of security clearances to threaten retired members of the intelligence community that critique him.
The Fight Over California's Privacy Bill Has Only Just Begun (WIRED) The tech industry lobby has made it clear that they want changes to California's sweeping privacy protections—and they've got plenty of time left to get them made.
Litigation, Investigation, and Law Enforcement
Notorious Cybercriminal Released From Prison (SecurityWeek) Earlier this month, Belarusian authorities released from prison Sergey Yarets, a notorious cybercriminal and co-developer of the Andromeda botnet.
Andromeda Botnet Operator Released With a Slap on the Wrist (BleepingComputer) Sergey Yarets, also known as Ar3s, a hacker arrested last year for running an instance of the Andromeda botnet, was released by Belarusian authorities with nothing more than a slap on the wrist.
Ar3s Avoids Lengthy Prison Term After Cooperating With Authorities (Recorded Future) Insikt Group offers new details based on recently disclosed information about the prison release of Ar3s, known as the co-developer of the Andromeda botnet.
Extreme prejudice: how the Kremlin is cracking down on discontent (Times) They created a group to chat in a messenger app and met occasionally at a McDonald’s restaurant to talk about politics; ten young people in Moscow with grumbles about President Putin and the...
Telegram Says to Cooperate in Terror Probes, Except in Russia (SecurityWeek) The Telegram encrypted messenger app said said it would cooperate with investigators in terror probes when ordered by courts, except in Russia where it is locked in an ongoing battle with authorities.
Devin Nunes’s Curious Trip to London (The Atlantic) The chairman of the House Intelligence Committee flew to London to gather intel on Christopher Steele, the former British intelligence officer who compiled the dossier alleging Trump-campaign ties with Russia. But MI5, MI6, and GCHQ didn’t seem interested.
Attorney: Accused Russian agent and GOP operative had genuine romance (TheHill) The lawyer of alleged Russian agent Maria Butina on Tuesday released a video of her singing a Disney song with GOP political operative Paul Erickson in order to prove the two had a genuine romantic relationship.
Trump, without evidence, blames China for hacking Clinton emails (Reuters) U.S. President Donald Trump said on Twitter early on Wednesday China hacked the emails of 2016 Democratic presidential candidate Hillary Clinton but did not offer any evidence or further information.
Man Accused of Hacking Into Bank Account, Stealing $300,000 (SecurityWeek) Hartford police say 36-year-old Kwadjo Osei-Wusu, of Manchester, was arrested Friday and charged with money laundering, larceny and conspiracy to commit identity theft.
Alleged Facebook scammer arrested in Ecuador, will resist extradition (Ars Technica) Paul Ceglia claims CEO Mark Zuckerberg promised him half of Facebook years ago.