Cyber Attacks, Threats, and Vulnerabilities
Russian OSCE observers find no irregularities in US elections (TASS) "There have been no irregularities at the nine polling stations (two in Washington and seven in the state of Maryland) visited by Russian OSCE PA observers," MP Alexey Korniyenko said
Russian Troll Farm Internet Research Agency Held a Bizarre Reddit AMA With Itself (The Daily Beast) The Mueller-indicted troll farm solicited questions for a tell-all Q&A that never happened. Except that it did. And virtually no one ever saw it.
DNC tech chief: No successful hacks seen during midterms (TheHill) The chief technology officer for the Democratic National Committee (DNC) said Thursday that the group isn't aware of any successful hacks during Tuesday's midterm elections.
What 2018 election security teaches us about 2020 (POLITICO) Dems begin to unveil House cyber oversight plans — Russia says U.S. election went a-OK
What an unhacked election means for election security (Axios) It could make election security improvements seem less urgent for 2020.
'UK Will Be Hit By Category One Cyber-Attack,' Says Government Director (Forbes) With an increase in nation state cyberattacks, the UK should be wary of a category one assault in the coming years and needs to act accordingly, according to Peter Yapp, deputy director of NCSC, which is a part of the UK government's intelligence agency GCHQ.
Lazarus Group Targets Bank Networks to Rob ATMs (Infosecurity Magazine) Symantec uncovers Trojan.Fastcash malware used by N. Korean hacker group in ATM attacks
FASTCash: How the Lazarus Group is Emptying Millions from ATMs (Symantec) Symantec uncovers tool used by Lazarus to carry out ATM attacks.
In online ruse, fake journalists tried to hack Saudi critic (AP NEWS) Hackers impersonating journalists tried to intercept the communications of a prominent Saudi opposition figure in Washington, The Associated Press has found. One attempt involved the fabrication of a fake BBC secretary and an elaborate television interview request; the other involved the impersonation of slain Washington Post columnist Jamal Khashoggi to deliver a malicious link. Media rights defenders denounced the hacking effort, which they said would make it harder for genuine reporters to do their jobs.
Attackers breach web analytics service, go on to target Bitcoin platform (WeLiveSecurity) Latest ESET research details how attackers compromised a leading web analytics service with the ultimate aim of stealing bitcoin from customers of one specific virtual currency exchange.
Active Exploitation of Newly Patched ColdFusion Vulnerability (CVE-2018-15961) (Volexity) If your organization is running an Internet-facing version of ColdFusion, you may want to take a close look at your server.
Inception Attackers Target Europe with Year-old Office Vulnerability (Palo Alto Networks Blog) Inception targets Europe with year old office vulnerability. Read the full report.
AP: Video expert says White House clip of CNN reporter was likely doctored [updated] (Ars Technica) Analysis: Video is sped up to make reporter's actions look more aggressive.
Doctored Jim Acosta video shows why fakes don’t need to be deep to be dangerous (CSO Online) White House promotion of an allegedly doctored press conference video shows how "shallow fakes" can manipulate opinion.
Don’t Want to Fall for Fake News? Don’t Be Lazy (WIRED) An MIT professor argues that misinformation boils down to one simple thing: mental laziness, exacerbated by social media.
How email fraud tactics continue to find new life (Help Net Security) Almost as soon as email became widely used, crooks and scammers began using it as a means to defraud people, according to Vircom.
Hackers go spear phishing on Grambling’s campus (Gramblinite) This is the screenshot of the email that was sent out to Dr.
Chesapeake Public Schools’ computer network affected by malware from phishing emails (WTKR.com) Officials with Chesapeake Public Schools said Thursday the district's computer system has been hacked.
A Sexual Predator Is Allegedly Extorting Kids for Explicit Photos in 'Fortnite' (Motherboard) Montreal police reported four cases of sextortion using the popular game.
Security Patches, Mitigations, and Software Updates
Round two: Microsoft prepares to release Windows 10 October 2018 Update... again! (Help Net Security) Thanksgiving comes early this year, but the Microsoft Windows 10 October 2018 Update is coming late. Should we be thankful?
Cisco fixes two critical bugs, recommends workaround for a third (SC Magazine) Cisco Systems yesterday issued 17 security advisories, disclosing vulnerabilities in multiple products, including at least three critical flaws.
Oops: Cisco accidentally leaked in-house Dirty COW exploit code with biz conf call software (Register) Critical bugs patched in switches, messaging, analytics
Several Vulnerabilities Patched in nginx (SecurityWeek) Several DoS vulnerabilities have been patched in nginx, the open source web server software used by hundreds of millions of websites
Chrome will start warning users about shady mobile subscription pages (Help Net Security) Chrome 71 users will be warned when attempting to visit pages that try to trick them into signing up for mobile subscription services.
Dropbox strengthens security ecosystem with Google Cloud Identity and expanded partnerships (Help Net Security) Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.
Cyber Trends
Though 2018 Will Likely Not Surpass 2017 Numbers – Still Significant Year For Breach Activity (Risk Based Security) The number of publicly reported breaches keeps pace with recent years while a staggering 3.6 billion records are exposed.
Subscriber Only: Have we reached a tipping point towards a better internet? (The Irish Times) Tim Berners-Lee may feel he created a monster, but there are grounds for optimism
The Growing Menace of Cyber Attacks in the Asia-Pacific region (Entrepreneur) A Frost & Sullivan study commissioned by Microsoft revealed that a large-sized organization in the Asia Pacific region can possibly incur an economic loss of $30 million, more than 300 times the average economic loss for a mid-sized organization.
Marketplace
Opinion | Google was working on two ethically questionable projects. It quit the wrong one. (Washington Post) A censored search engine for China is much more evil than working with the U.S. military.
Broadcom axes CA Technologies staff in large-scale layoffs following $19bn acquisition (Computing) Monday: Broadcom CEO welcomes CA staff into the Broadcom family. Friday: Mass layoffs reported,Software,Cloud and Infrastructure ,CA Technologies,broadcom,layoffs,reduandancies
ForeScout Acquires SecurityMatters (GlobeNewswire News Room) Accelerates ForeScout’s momentum by enabling the industry’s first, and only, end-to-end agentless device visibility and control platform across the extended enterprise...
Threat Stack acquires runtime application security vendor Bluefyre (Help Net Security) Addition of Bluefyre's runtime application security gives Threat Stack customers stack security observability for cloud infrastructure.
Cybersecurity Company Checkmarx Buys Ontario-based Custodela (CTECH) Israel-based Checkmarx develops and markets cybersecurity technology that automatically scans code to detect security breaches
Hotshot, Mobile Security Solution For Business, Announces Partnership With Government of Luxembourg and Acceptance Into Technoport® Business Incubation Program (PR Newswire) Hotshot today announced a partnership with the Government of Luxembourg and acceptance into the...
Novetta Reports $410M in 2018 Contract Wins Year-to-Date; Tiffanny Gates Quoted (GovCon Wire) Novetta closed third quarter having booked $410M in contract awards in 2018 and expects to close the
CACI Awarded $194 Million Task Order to Provide End-to-End Enterprise IT Support to the Transportation Security Administration (AP NEWS) CACI International Inc ( NYSE:CACI ) announced today that it has been awarded a $194 million task order to provide end-to-end enterprise information technology infrastructure, integration, and support to the Transportation Security Administration (TSA). The three-year, single-award task order falls under the Department of Homeland Security’s Enterprise Acquisition Gateway for Leading-Edge Solutions II (EAGLE II) contract vehicle and represents new work in CACI’s Enterprise IT market.
The Cybersecurity Marketing Engagement Index (Team Lewis US) Tracking the top 10 funded DC-area security companies
Exostar names new member to Board of Directors (Compliance Week) Exostar, a secure information sharing company, named Philip E. Goslin to its Board of Directors. Goslin serves as vice president of global supply chain for Lockheed Martin’s Rotary and Mission Systems (RMS) business area. In that role, Goslin’s responsibilities span all aspects of supply chain strategy, supply chain operations, and subcontract program management for RMS.
Allure Security Expands Its Team With a Proven Cybersecurity Marketing Executive (BusinessWire) Allure Security has added cybersecurity marketing veteran Mikala Vidal as its new VP of Marketing.
Products, Services, and Solutions
New infosec products of the week: November 9, 2018 (Help Net Security) DFLabs open framework enables integration of SOAR and security tools DFLabs launched a new version of the IncMan SOAR platform that provides an open
Axio launches cyber risk management platform to enable utilization of NIST-CSF (Help Net Security) Axio’s plaform measures cyber program maturity, establishes a baseline for cyber readiness, and provides a risk reduction roadmap for ongoing improvement.
ISACA partners with national threatcasting initiative and releases its threatcasting labs (Help Net Security) Collaboration with Arizona State University’s Threatcasting Lab and partners such as Army Cyber Institute help to model threats and design solutions.
Technologies, Techniques, and Standards
Capabilities Assessment for Securing Manufacturing Industrial Control Systems (NIST NCCoE) The NCCoE has released a draft NISTIR Capabilities Assessment for Securing Manufacturing Industrial Control Systems and is requesting your feedback. The public comment period for this report will close on December 6, 2018.
NIST, CyberX, and Industry Partners Collaborate to Secure Manufacturing Industrial Control Systems (GlobeNewswire News Room) CyberX, the IIoT and industrial control system (ICS) security company, today announced its industrial cybersecurity platform was used by NIST to recommend new ways of securing manufacturing industrial control systems.
Aspen Cybersecurity Group: Internet of Things (IoT) Security First Principles (Aspen Institute) The Aspen Cybersecurity Group is a cross-sector public-private forum comprised of former government officials, Capitol Hill leaders, industry executives, and respected voices from academia, journalism, and civil society that have come together to translate pressing cybersecurity conversations into action.
DHS Wants to Expand the Reach of Its Critical Infrastructure Cyber Training (Nextgov.com) The department wants to be able to provide cyber training webinars to 5,000 simultaneous users.
Vulnerabilities in our Infrastructure: 5 Ways to Mitigate the Risk (Dark Reading) By teaming up to address key technical and organizational issues, information and operational security teams can improve the resiliency and safety of their infrastructure systems.
User Behavior Analytics Could Find a Home in the OT World of the IIoT (Dark Reading) The technology never really took off in IT, but it could be very helpful in the industrial world.
To Fight This Generation of Hackers, Companies Take a Cue from Spies (Wall Street Journal) Threat-intelligence services give companies a clearer view of the dangers they’re facing.
When your Instagram account has been hacked, how do you get it back? (Graham Cluley) Travel blogger Delaine Maria D’Costa had her account wiped after she failed to pay an extortionist $200.
That was bad enough, but then she had to try to convince Instagram to let her have it back again.
Academia
A Brief History of Higher Education Insecurity (Edguards) Educational institutions play a major role in the US economic, political, and intellectual well-being. Ironically, the security of the software and data systems used in such organizations on an everyday basis is far from perfect.
CSM students take part in Cyber Fast Track Maryland (SoMdNews.com) College of Southern Maryland students recently participated in the launch of Cyber Fast Track Maryland, a new program established to help close a widening gap of job openings in the
Does a Career in Cyber Security Require a Degree? (Acumin) Last month we attended Cyber Re:coded, Europe’s largest cyber security recruitment event, focussing on school and graduate attendees.
Legislation, Policy, and Regulation
Microsoft President: Governments Must Cooperate on Cybersecurity (Dark Reading) Microsoft's Brad Smith calls on nations and businesses to work toward digital peace and acknowledge the effects of cybercrime.
China Violated Obama-Era Cybertheft Pact, U.S. Official Says (Wall Street Journal) China has violated an accord it signed with the U.S. three years ago pledging not to engage in hacking for the purpose of economic espionage, a senior U.S. intelligence official said Thursday.
NSA official: China violating agreement on cyber economic espionage (TheHill) Senior National Security Agency official Rob Joyce said Thursday that he believes China is violating a 2015 agreement with the U.S. to end cyber economic espionage.
With elections over, DHS maintains ‘heightened’ posture (FCW) As the National Risk Management Center winds down its work on 2018 election security, it is turning its attention to securing other critical infrastructure sectors.
First Came GDPR, Then Comes ePrivacy - What to Expect with Global Data Regulations (SecurityWeek) ePrivacy takes GDPR's approach a step further by ensuring personal and family privacy in relation to data collection, storage and usage.
California’s new IoT security law is not nearly enough - We need a GDPR for IoT…NOW! (SC Media) By Sudhakar Ramakrishna, CEO, Pulse Secure After years of undisclosed breaches, stolen identities and negligent data handling, Europe’s General Data
OPM authorizes use of new cyber job title (Fifth Domain) Federal agencies now have more options for classifying employees that perform cybersecurity duties.
Cyber War Requires Cyber Marines (U.S. Naval Institute) To ensure Marine Corps competitiveness in the cyber domain, personnel reforms must address policy, training, and organization, without compromising a warrior ethos.
Litigation, Investigation, and Law Enforcement
Google plans to send a top executive to Congress after facing criticism (Washington Post) Google CEO Sundar Pichai agreed to participate in the unscheduled hearing in response to a request from House Majority Leader Kevin McCarthy (Calif.), who like other Republicans has said Google silences right-leaning news, views and users.
SEC Poised to Ramp up Cybersecurity Enforcement (Cooley) On October 16, 2018, the Securities and Exchange Commission (SEC) issued an investigative report signaling its intent to use sections 13(b)(2)(B)(i) and (iii) of the Securities Exchange Act of 1934…
Alabama U.S. Attorney chosen to pursue Chinese economic espionage and trade secret cases (al.com) U.S. Attorney for the Northern District of Alabama Jay E. Town is one of five U.S. Attorney's named appointed to the China Initiative, according to U.S. Assistant Attorney General for National Security John Demers. The other federal prosecutors named to the China Initiative are from Massachusetts, California, New York and Texas.
Austrian colonel spied for Russia for decades, Vienna says (Reuters) A senior Austrian military officer is believed to have spied for Moscow for deca...
Notorious "DerpTrolling" Pleads Guilty to DDoS Attacks on EA & Sony (BleepingComputer) A Utah resident named Austin Thompson has pleaded guilty in federal court in San Diego for performing DDoS attacks against multiple victims from 2013 to 2014. These victims ranged from small Twitch streamers to major gaming companies such as EA, Sony, and Microsoft.
Chinese headmaster fired after setting up his own secret... (HOTforSecurity) A Chinese headmaster has lost his job after it was discovered he was stealing the school's electricity to power a secret cryptocurrency-mining rig. As the South China Morning Post reports, Lei Hua, the head teacher of a school in the central province of Hunan... #china #cryptojacking #cryptomining