Cyber Attacks, Threats, and Vulnerabilities
Russians impersonating U.S. State Department aide in hacking... (Reuters) Hackers linked to the Russian government are impersonating U.S. State Department...
Russian APT comes back to life with new US spear-phishing campaign (ZDNet) Cozy Bear (APT29) makes a comeback after last year's Dutch and Norwegian hacking campaigns.
Ukraine's Foreign Intelligence Service helps thwart another massive cyber attack (Ukrinform) A joint effort of the Computer Emergency Response Team of Ukraine (CERT-UA) and the Foreign Intelligence Service of Ukraine revealed new modifications of Pterodo malware in computers used in Ukraine's state agencies, which indicates that preparations are likely underway for a massive cyber attack.
Power outages and bank runs: Here are the 'cyber 9/11' scenarios that really worry the experts (CNBC) There are many scenarios that could make up a future "cyber 9/11," but history and private-sector initiatives have given us some clues of what that may look like.
UK 'wholly' unprepared to stop devastating cyber-attack, MPs warn (the Guardian) Ministers not taking growing threat to national infrastructure seriously, says committee
Expert says Quebec government servers are highly vulnerable to cyber attack (The Globe and Mail) Jose Fernandez says it is ironic because Quebec is home to a thriving cybersecurity industry and is an emerging hub for artificial-intelligence research.
America’s Election Grid Remains a Patchwork of Vulnerabilities (NYTimes) The midterms showed that there aren’t enough qualified poll workers and that accusations of political manipulation persist. Still, the situation has improved since Bush v. Gore.
How Hackers Are Stealing High-Profile Instagram Accounts (The Atlantic) In the Wild West of “influencer” marketing, there are few protections and plenty of easy marks.
Do You Know What a Bot Actually Is? (WIRED) The term “bot” has lost much of its actual meaning, becoming a vague tech-adjacent buzzword.
TrickBot Banking Trojan Starts Stealing Windows Problem History (BleepingComputer) A version of TrickBot spotted recently shows interest in data that is peculiar for the normal scope of banking trojans: the Windows system reliability and performance information.
Beware: New wave of malware spreads via ISO file email attachments (Security Boulevard) We’ve seen a spike in malware concealed in ISO file email attachments. Learn more about this new threat and how you can protect yourself against ISO malware. The post Beware: New wave of malware spreads via ISO file email attachments appeared first on Emsisoft | Security Blog.
Emotet has some customized phish for you (Avira Blog) A new wave of Emotet Trojan malware is hitting Europe and the DACH region with the Avira Protection Lab recording over 3.6 million detections so far in 2018. Usually disguised as a phishing email, the latest variants of this Trojan have been fine-tuned to slip past the user defenses and worm their way into Local …
Gmail "From field" bug makes phishing attacks easier for hackers (HackRead) Gmail, as we know, is a popular and commonly preferred email platform around the world.
Gmail Bugs Allow Changing From: Field and Spoofing Recipient's Address (BleepingComputer) A bug in the way Gmail handles the structure of the 'from:' header allows placing of an arbitrary email address in the sender field.
Instagram’s download your data tool exposed users’ passwords to public view (HackRead) Facebook somehow manages to make headlines one way or the other.
Hacker Say They Compromised ProtonMail. ProtonMail Says It's BS. (BleepingComputer) A person or group claiming to have hacked ProtonMail and stolen "significant" amounts of data has posted a lengthy ransom demand with some wild claims to an anonymous Pastebin. ProtonMail states it's complete BS.
How to rob an ATM? Let me count the ways… (Naked Security) A comprehensive new report lifts the lid on the sketchy state of ATM security.
In a post-EMV world, fraud is shifting from in-person to ecommerce channels (Help Net Security) The implementation of EMV chip cards and chip card readers was supposed to reduce fraud. So why is fraud still the top concern for merchants?
Outlaw Group Distributes Botnet for Cryptocurrency-Mining, Scanning, and Brute-Force (TrendLabs Security Intelligence Blog) We spotted two variants of activities from hacking group Outlaw. The script used in the first version of its bot has two functionalities: the miner and Haiduc-based dropper. The second variant of the code, distributed by the bot, was mainly designed to brute force and further exploit the Microsoft Remote Desktop Protocol and cloud administration cPanel in order to escalate the privileges.
McAfee Labs Discovers New Cryptojacking Malware ‘WebCobra’ (Ibinex News) McAfee Labs researchers have discovered a new cryptojacking malware which stealthily extracts victims’ computing power to mine the cryptocurrencies Monero (XMR) or Zcash secretly. Originating in Russia and dubbed ‘WebCobra,’ this cryptocurrency mining malware drops and installs the Cryptonight miner or Claymore’s Zcash miner, depending on the configuration the malware finds. It is comparatively uncommon...
GandCrab Ransomware: Cat-and-Mouse Game Continues (BankInfo Security) A new, free decryptor has been released for "aggressive" crypto-locking ransomware called GandCrab. Researchers say GandCrab has come to dominate the ransomware-as-a-service market, earning its development team an estimated $120,000 per month.
SamSam and GandCrab Illustrate Evolution of Ransomware (SecurityWeek) Targeted ransomware attacks such as those by SamSam take more effort, require skilled adversaries, but generate much larger payouts.
Be Prepared: The Threat of Ransomware Will Never Go Away (Modern Tire Dealer) Tire retailers and wholesalers, big and small, have been targets of ransomware and cyberattacks. We've got eight preventive measures you can take to help guard your business.
Emoji Attack Can Kill Skype for Business Chat (Threatpost) The "Kitten of Doom" denial-of-service attack is easy to carry out.
Popular Dark Web hosting provider got hacked, 6,500 sites down (ZDNet) Hosting provider is still looking for the hacker's point of entry.
‘Nothing on this page is real’: How lies become truth in online America (Washington Post) On Facebook, he writes America’s Last Line of Defense. She likes and shares.
Hacking MiSafes’ smartwatches for kids is child’s play (Naked Security) Researchers describe breaking into the watches as “probably the simplest hack we have ever seen.”
Vision Direct Notifies Customers of Data Compromise (Infosecurity Magazine) Vision Direct notifies customers of November data compromise
Why a seemingly insignificant financial merger triggered huge wave of Canadian phishing attacks (IT World Canada) In February two Canadian bank-owned co-operatives, Interac Association – which runs the inter-bank debit card network – and Acxsys Corp. – which
Black Friday brings out hackers looking to rip you off (CNET) Researchers found hundreds of malicious apps pretending to offer discounts.
Security Patches, Mitigations, and Software Updates
New security feature to prevent Amazon S3 bucket misconfiguration and data leaks (Help Net Security) AWS is rolling out Amazon S3 Block Public Access, a new security feature aimed at preventing accidental S3 bucket misconfiguration and data leaks.
Google Scours the Internet for Dirty Android Apps (SecurityWeek) Google is analyzing all the apps that it can find across the Internet in an effort to keep Android users protected from Potentially Harmful Applications (PHAs).
Cyber Trends
FireEye Expects New Cyber Security Challenges For 2019 (CXOtoday.) Every year brings with it new trends and challenges in the technology industry, especially in a domain like cyber security.
Personal cyberattacks becoming more common (IT Pro Portal) Hackers are pushing bots aside as they roll up their sleeves.
Remote working may boost productivity, but also leave you vulnerable to attack (Help Net Security) SMBs face the challenge of keeping their business secure, all the while adhering to the needs and expectations of the modern workforce.
Workers unaware of travel-related cybersecurity threats, survey finds (ZDNet) This holiday season, over half of adults plan to travel with work devices. Most don't appreciate the risks.
You Know What? Go Ahead and Use the Hotel Wi-Fi (WIRED) You were right not to trust hotel and airport Wi-Fi a few years ago. But these days, it's (probably) fine.
Study finds medical device security pros may have false sense of security (SC Media) A recent study surveying healthcare IT professionals found while the majority of them are very confident their connected devices are protected from cyberattacks, there may be some disconnects between the perceived level of security and how secure medical devices are.
Surveillance Kills Freedom By Killing Experimentation
(WIRED) When we're being watched, we conform. We don't speak freely or try new things. But social progress happens in the gap between what’s legal and what’s moral.
Opinion | A Smarter Way to Think About Intelligent Machines (New York Times) We should be thinking more about how much A.I. has changed our lives already, and the future of human-algorithm collaboration.
We are a long way from achieving 'pure' AI, says AutoTrader's David Hoyle (Computing) AI that can truly replace humans is still in the distant future, and automation has a long way to go
Artificial intelligence: the potential and the reality (Computing) A look at AI and machine learning in the UK today
Marketplace
BBC: Big tech's use of data a barrier to working more closely with Google and Facebook (Computing) BBC strategist Noriko Matsuoka reveals how the national broadcaster is approaching AI and technology architecture
Google News may shut over EU plans to charge tax for links (the Guardian) Search engine is lobbying hard to stop proposed tax, aimed at compensating news publishers
With Facebook at ‘War,’ Zuckerberg Adopts More Aggressive Style (Wall Street Journal) Mark Zuckerberg’s new approach is causing unprecedented turmoil at Facebook, driving out several key executives and creating tensions with Chief Operating Officer Sheryl Sandberg.
Nick Clegg wipes public Facebook profile, deleting Lib Dem and Brexit posts (The Telegraph) Nick Clegg has scrubbed all traces of his anti-Brexit activism from his public Facebook page as he begins a new job as the social network's head of global affairs.
Facebook Fallout Ruptures Democrats’ Longtime Alliance With Silicon Valley (New York Times) Tech giants have found key allies among Democrats for years, a bond strengthened through mutual interests and campaign donations. But a year of scandals has forced a reckoning in Washington.
6 Questions From The New York Times' Facebook Bombshell (WIRED) Facebook has a lot of explaining to do: For starters, there's Sheryl Sandberg’s next steps and the accusations about George Soros.
Opinion | Yes, Facebook made mistakes in 2016. But we weren’t the only ones. (Washington Post) Lawmakers, the intelligence community and the media all bear blame.
Opinion | How Plato Foresaw Facebook’s Folly (New York Times) Technology promises to make easy things that, by their intrinsic nature, have to be hard.
What BlackBerry's Acquisition of Cylance Means for Cybersecurity Business (Fortune) This ain't your father's "crackberry."
Palantir may go public, but can it turn a profit? (Marketplace) The surveillance software giant may be preparing for an IPO amid concerns about its business.
Palantir Deal May Make IRS ‘Big Brother-ish’ While Chasing Cheats (Bloomberg) A contract with billionaire Peter Thiel’s Palantir Technologies will give the IRS new firepower to pursue tax cheats by connecting the dots in millions of tax filings, bank transactions, phone records, and even social media posts.
SolarWinds Acquires 8MAN, Launches Access Rights Management (ChannelE2E) SolarWinds acquires 8MAN and launches Access Rights Management (ARM) security platform for MSPs and IT professionals.
A10 Networks Unveils Its 5G Strategy (Light Reading) Security systems specialist A10 Networks has outlined its strategy to help mobile operators 'future-proof' their networks for 5G.
Google’s Cloud-Computing Boss, Diane Greene, to Step Down (Wall Street Journal) Google said its top cloud-computing executive is departing the company and will be replaced by a former executive of business software rival Oracle Corp.
Google looks to former Oracle exec Thomas Kurian to move cloud business along (TechCrunch) Diane Greene announced on Friday that she was stepping down after three years running Google’s cloud business. She will stay on until the first of the year to help her successor, Thomas Kurian in the transition. He left Oracle at the end of September after more than 20 years with the company,…
Long-standing boss of tech firm Spirent announces retirement (The Telegraph) The veteran chief executive of technology testing and security company Spirent Communications is to step down after 36 years working for the business.
Products, Services, and Solutions
Nok Nok Labs Introduces Strong Account Recovery (Nok Nok Labs) Today, more than 80 percent of mobile users typically require password reset (or account recovery) when using traditional username and passwords. Enterprise customers using the Nok Nok S3 Suite will be able to substantially reduce the need to address account recovery issues with their end users. Global organizations need to scale to meet the …
Mastercard accredits FIME for biometric evaluation services (FIME) Device manufacturers and solution providers can now demonstrate the quality of fingerprint sensors for strong customer authentication.
Microsoft Introduces edX-Based Cybersecurity Training Program (Campus Technology) Microsoft has introduced a new series of open access courses on cybersecurity that can be taken for free or, for more formal recognition, as a certificate program for a fee. The Microsoft Professional Program Cybersecurity track includes 12 courses — 10 of which must be completed successfully to earn the certificate. The program is hosted on edX and includes labs, community interaction and quizzes. Content is delivered online through videos.
Fugue releases Risk Manager to ID cloud compliance violations (Help Net Security) Fugue Risk Manager provides visibility into cloud infrastructure and the assurance it always complies with security policy.
Alert Logic Adds Managed Threat Intelligence Service (Security Boulevard) Alert Logic this week announced it is adding a managed threat management service based on compute resources running on the Amazon Web Services (AWS) Alert Logic is adding a managed threat management service based on compute resources running on the Amazon Web Services public cloud.
Wellington College chooses LogRhythm's NextGen SIEM Platform to improve threat detection (FE News) Wellington College chooses LogRhythm's NextGen SIEM Platform to improve threat detection
Technologies, Techniques, and Standards
Inside the British Army's secret information warfare machine (WIRED UK) They are soldiers, but the 77th Brigade edit videos, record podcasts and write viral posts. Welcome to the age of information warfare
Navy recognizes electromagnetic battlespace, and its convergence with cyber and electronic warfare (EW) (Military & Aerospace Electronics) A new U.S. Navy policy recognizes the electromagnetic spectrum as a warfighting domain on par with sea, land, air, space and cyber
Modernization, people needed to drive Army's cyber capabilities (US Army) With an increase in digital connectivity and a rapid development of technologies, such as advanced computing, big data analytics, and artificial intelligence, the character of war has changed, making cyberspace a critical battlefield of the 21st cent...
Cyber criminals meet their match as industry players work together (Fin24) Major industry players are taking down cyber threats through collaboration and intelligence sharing.
The unsettling persistence of cybersecurity vulnerabilities in the cloud (SiliconANGLE) Clouds are full of cybersecurity vulnerabilities.
Blockchain Like Using Sledgehammer on a Thumb Tack (Radio) (Bloomberg) Dr Zulfikar Ramzan - Chief Technology Officer, RSA Security, joined Rishaad Salamat and Bryan Curtis on Daybreak Asia to discuss trends he sees in cybersecurity for 2019, including cloud solutions and IoT. He goes on to explain why he thinks blockchain has been overhyped.
Design and Innovation
Cyber Security Derailed? Recommendations for Smarter Investments in Infrastructure (War on the Rocks) A state-owned Chinese company receives a contract to build and maintain the next generation of railcars that service Metro stations at the Pentagon, near
Helping researchers with IoT firmware vulnerability discovery (Help Net Security) Researchers have analyzed over 200,000 firmware images from 76 unique manufacturers across many different products, and their system can help others.
Research and Development
4 technologies a cyber moonshot should include (Fifth Domain) An industry group is urging an investment in four technologies that it says can create a “safe and secure internet.”
Legislation, Policy, and Regulation
NATO To ‘Integrate’ Offensive Cyber By Members (Breaking Defense) "NATO is clear that we will not perform offensive cyberspace operations," said Maj. Gen. Wolfgang Renner. "However, we will integrate sovereign cyberspace effects from the allies who are willing to volunteer."
Apple CEO Tim Cook calls new regulations "inevitable" (Axios) "This is not a matter of privacy versus profits, or privacy versus technical innovation. That's a false choice."
Tim Cook defends using Google as primary search engine on Apple devices (Ars Technica) Apple CEO also thinks forthcoming federal regulation of tech companies is "inevitable."
We have promising cybersecurity strategies, now the hard part: implementation (TheHill) John Wood and Robert DuPree say defining problems and stating objectives is one thing; getting the government to pull together and take action is another.
Trump signs bill that creates the Cybersecurity and Infrastructure Security Agency (ZDNet) The US now has an official federal cybersecurity agency.
Analysis | The Cybersecurity 202: A Nielsen exit could leave void as DHS gains new cybersecurity authority (Washington Post) Observers praised the secretary's work on the midterms.
Launch of DHS cyber agency 'more of a groundbreaking than a ribbon-cutting' (Federal News Network) The Department of Homeland Security finally secured a name change for its cybersecurity-focused branch, but more importantly, its chief has laid out a two-year roadmap to bring it up to "full operating capability."
DOD reorgs to fuel cyber, AI and space opportunities (Washington Technology) At the immixGroup's annual Government IT Sales Summit, analysts describe how several DOD reorganization efforts will fuel new opportunities in cyber, space and artificial intelligence.
Litigation, Investigation, and Law Enforcement
CIA concludes Saudi crown prince ordered Jamal Khashoggi’s assassination (Washington Post) Audio recordings, intercepted phone calls and other intelligence link Mohammed bin Salman to killing that Saudis say was conducted by rogue elements.
Trump speaks with CIA about Khashoggi killing, says there will be a report by Tuesday (Washington Post) The agency found that Saudi Crown Prince Mohammed bin Salman ordered the journalist’s slaying.
U.S. Is Optimistic It Will Prosecute Assange (Wall Street Journal) The Justice Department is preparing to prosecute WikiLeaks founder Julian Assange and is increasingly optimistic it will be able to get him into a U.S. courtroom.
Free-press advocates worry Assange charges could set dangerous precedent — though details remain unclear (Washington Post) The Justice Department under Trump has waged an aggressive battle against leaks.
Snowden criticizes indictment of Assange over unspecified documents (New Kerala) Former US National Security Agency (NSA contractor and whistleblower Edward Snowden on Saturday voiced his concern over the indictment of WikiLeaks founder Julian Assange on the basis of unspecified documents. He has bee
Dubai Interpol summit told dark web drug deals and 'new dimension' of cyber crime pose great threat (The National) At this week's General Assembly in the emirate, a new Interpol president will also be chosen — after Chinese incumbent Meng Hongwei was arrested on corruption charges
Wave of Ethiopia arrests nets ex-top spy (BBC News) Dozens of security officials have been held as Prime Minister Abiy tackles corruption and rights abuses.
Facebook pays $69m to investors who sued over Zuckerberg control (The Telegraph) Facebook has agreed to pay $69m (£54m) to a group of investors who sued the social network for legal fees they incurred while fighting a plan to tighten Mark Zuckerberg's control of the company.
Judge asks if Alexa is witness to a double murder (Naked Security) A judge has ordered Amazon to turn over any recordings an Echo device may have made around the time a horrific crime occurred.
Europol, Diebold Nixdorf to Share Information on Cyber Threats (SecurityWeek) Europol and ATM maker Diebold Nixdorf sign a memorandum of understanding for exchanging information and expertise on cyber threats
Qatar beefs up incidence response capabilities against cybercrimes (Gulf-Times) Qatar’s Cybersecurity Centre (CSC) has strengthened its incidence response capabilities to protect and assist its client organisations in the public and private sectors ...
Convicted tax fraudster sues CNBC for defamation, says he’s not a “hacker” (Ars Technica) Daniel Rigmaiden, now a privacy advocate, heads to court representing himself.
John McAfee is 'liable' for 2012 death of Belize neighbour, rules court (Register) Default judgement for one-time antivirus bad boy
SEC Whistleblower Program Has Record-Breaking Year (Wall Street Journal) The agency’s annual report to Congress, published this week, indicates the maturity of the federal whistleblower program.