Jackpotting has arrived in the US. Hitherto seen most often in Eastern Europe and East Asia, the hacking of ATMs to get them to spill cash to a waiting mule has now appeared in the US. The Secret Service is working with banks and ATM vendors to contain the problem.
Fitness app Strava published heat maps showing the exercise patterns of its users. The data are "aggregated and anonymized," but critics point out that the patterns on the map effectively reveal the locations of "secret army bases," as the Guardian puts it. Strava says military users should just opt out of the reporting. It's worth noting that critics know the patterns correspond to bases because they already know where those bases are, and the secrecy of some of the locations (like Groom Lake, Nevada) is pretty attenuated anyway.
A new secure communications app, "Muslim Crypt," is out, and designed specifically for the jihadi market.
Research indicates that widely used electronic sensors are susceptible to transduction attacks, which suggests a greatly expanded Internet-of-things attack surface.
The epidemic of cryptomining shows no signs of abating. In direct theft of cryptocurrency, thieves set a new record: Japanese exchange Coincheck was just looted of $530 million, more than was taken from the previous record-holder, Mt. Gox.
Pyongyang tells London to mind its own business about WannaCry, which Pyongyang says it didn't do in the first place, and while you're at it, London, stop copying Washington. So there. Usual threats of massive righteous cyber retaliation...
Today's issue includes events affecting Australia, Canada, China, France, Germany, India, Israel, Italy, Japan, Jordan, Democratic Peoples Republic of Korea, Republic of Korea, Kuwait, Lebanon, Nepal, Netherlands, Pakistan, Philippines, Qatar, Russia, Saudi Arabia, Switzerland, Syria, Thailand, United Kingdom, United States, Venezuela, and Vietnam.
Implement these seven cybersecurity best practices for 2018.
Is your organization prepared for the threat landscape of 2018? In this article, ObserveIT takes a look at seven cybersecurity best practices—ranging from preparing for GDPR to testing backup systems to leveling up user training—that will better prepare you for everything from spearphishing to insider threats. Rather than dwell on the past, take stock of where your organization stands today and put these best practices in place, and you’ll be well-prepared for the coming year.
ON THE PODCAST
In today's podcast, we talk with our partners at RSA, as Zulfikar Ramzan shares his well-informed and reflective perspective on Spectre and Meltdown.
Cyber Attacks, Threats, and Vulnerabilities
First ‘Jackpotting’ Attacks Hit U.S. ATMs(KrebsOnSecurity) ATM “jackpotting” — a sophisticated crime in which thieves install malicious software and/or hardware at ATMs that forces the machines to spit out huge volumes of cash on demand — has long been a threat for banks in Europe and Asia, yet these attacks somehow have eluded U.S. ATM operators.
Strava user heatmap reveals patterns of life in western military bases(Help Net Security) In November 2017, online fitness tracker Strava published a heatmap of the activity many of its users around the world engage in (and track) daily. But, as it turns out, the anonymized, aggregated data can reveal potentially sensitive information about military bases and secret sites.
Hacking Group Spies on Android Users in India Using PoriewSpy(TrendLabs Security Intelligence Blog) We have been seeing attacks that spy on and steal data from specific targets on the mobile platform since late 2017. We discovered the malicious apps victimizing Android users in India, and believe a hacking group—one previously known for victimizing government officials—carried out the attacks. We identified these malicious apps as PoriewSpy (detected by Trend Micro as ANDROIDOS_PORIEWSPY.HRX). We also suspect that the group used malicious apps built using DroidJack or SandroRAT (detected as ANDROIDOS_SANRAT.A), based on similarities in their command-and-control (C&C) server. DroidJack is a remote access Trojan (RAT) that allows intruders to take full control of a user's Android device when installed.
Hackers Hijack Google DoubleClick Ads(Media Post) Malware infected Google's DoubleClick advertising service, as hackers hijacked ads and infused them with cryptocurrency mining software, serving them to viewers.
File Your Taxes Before Scammers Do It For You(KrebsOnSecurity) Today, Jan. 29, is officially the first day of the 2018 tax-filing season, also known as the day fraudsters start requesting phony tax refunds in the names of identity theft victims. Want to minimize the chances of getting hit by tax refund fraud this year? File your taxes before the bad guys can!
Lenovo Fingerprint Manager Pro is full of fail(Help Net Security) The Lenovo Fingerprint Manager Pro vulnerability is terrible. This piece of software that allows users to log into their PCs or authenticate to configured websites using fingerprint recognition, has a hardcoded password.
Intel Warned Chinese Companies of Chip Flaw Before U.S. Government(Fox Business) In initial disclosures about critical security flaws discovered in its processors, Intel Corp. notified a small group of customers, including Chinese technology companies, but left out the U.S. government, according to people familiar with the matter and some of the companies involved.
Why we should be excited about Schnorr signatures - Dowbit(Dowbit) Bitcoin development is not standing still. We have many cool new features to look forward to. Segwit, Lightning Network, and Schnorr signatures aim to solve Bitcoin’s scalability problem and make the cryptocurrency more usable. The first two features have been covered by almost all mainstream media out there, but there is surprisingly little info on …
Deterring Russian Hacking(Atlantic Council) The apparent lack of US preparation and defense nearly eighteen months after Russia’s interference in the presidential elections, especially given numerous media reports that Russia aims to interfere in the 2018 US midterm elections, is deeply...
Alleged Trump administration docs show military weapons a 5G concern(ZDNet) Saying China is poised to become the global leader in 5G and AI, the US government has suggested mandating 5G standards to protect its physical and virtual borders, as well as working with allies to deploy 5G in developing nations, according to documents Axios reported as being prepared by a senior US government official.
Effective national policy needed to protect the cyber domain(The Washington Times) Our world is increasingly reliant on the cyber domain and the connections that it creates. We live in a world where the “internet of things” includes the smartphones and computers we use every day and also seemingly benign objects such as factory robots and appliances in our homes. This digital connection to the world around us brings great convenience, efficiency and prosperity, but vulnerability accompanies it.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Transport Security and Safety Expo(Washington, DC, USA, June 11 - 12, 2018) Security incidents are expected to cost the world $6 trillion annually by 2021, making now the time to find out more at the 2018 Transport Security and Safety Expo. The transportation industry is rapidly...
CyberUSA(San Antonio, Texas, USA, January 29 - 30, 2018) The CyberUSA Conference will be held in San Antonio, TX at the Henry B. Gonzalez Convention Center on Tuesday, January 30, 2018. A welcome reception will be held on the evening of Monday, January 29, 2018.
Legal CIO(New York, New York, USA, January 31 - February 1, 2018) LegalCIO: Formerly the Law Firm Chief Information and Technology Officers Forum, combines cutting-edge updates on legal technologies with the chance to exchange practical guidance and discuss daily challenges...
Cyber Security Summit: Silicon Valley(San Jose, California, USA, February 13, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.
Security Titans(Scottsdale, Arizona, USA, February 23, 2018) Security Titans is a ground-breaking event, bringing the biggest names in Information Security together - all in one day, on a single stage to give the nation's cyber security industry access to the very...
European Cybersecurity Forum – CYBERSEC Brussels(Brussels, Belgium, February 27, 2018) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...
SINET ITSEF 2018(Silicon Valley, California, USA, March 7 - 8, 2018) Bridging the gap between Silicon Valley and the Beltway. SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment...
PCI Security Standards Council Middle East and Africa Forum(Cape Town, South Africa, March 14 - 15, 2018) Don’t miss the data security event of the year for the payment card industry. Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.