Cyber Attacks, Threats, and Vulnerabilities
iOS app developers taking shortcuts on security (Wandera) Despite developers having a mandate from Apple to build end-to-end encryption into their apps, a high number of apps do not. Apple even offers a feature that helps developers comply with data privacy requirements, and our data shows that this isn't being used properly. To understand how app develope
Twitterbots: Anatomy of a Propaganda Campaign (Symantec) Internet Research Agency archive reveals a vast, coordinated campaign that was incredibly successful at pushing out and amplifying its messages.
Attackers Stitch Together Frankenstein Campaign Using Free Tools (BleepingComputer) Threat actors behind a highly-targeted series of cyber attacks spanning from January to April 2019 have been seen employing malicious tools built using freely available components to infect victims with malware designed to harvest credentials.
It's alive: Threat actors cobble together open-source pieces into monstrous Frankenstein campaign (Cisco Talos) Cisco Talos recently identified a series of documents that we believe are part of a coordinated series of cyber attacks that we are calling the "Frankenstein" campaign.
Method used in European bank breach ties attack to FIN7 group (Computing) FIN7 is known for primarily targeting payment-card and other financial data using the Carbanak backdoot.
Hollywood lie: Bank hacks take months, not seconds (ZDNet) A modern bank cyber-heist is methodically planned and usually takes months.
An APT Blueprint: Gaining New Visibility into Financial Threats (Bitdefender Labs) This new Bitdefender forensic investigation reveals a complete attack timeline and behavior of a notorious financial cybercriminal group, known as Carbanak. In mid-2018, Bitdefender researchers investigated a targeted attack on an Eastern European financial... #bitdefenderresearch #Carbanak #cobalt
Hackers Can Bypass Windows Lockscreen on Remote Desktop Sessions (SecurityWeek) NLA feature of Windows Remote Desktop Services can allow a hacker to bypass the lockscreen on remote sessions and there is no patch from Microsoft, CERT/CC warns.
Top Australian University Reports Vast, 'Sophisticated' Hack (SecurityWeek) A top Australian university with close ties to the country's government and security services on Tuesday said it had been the victim of a vast hack by a "sophisticated operator" who gained access to 19 years of sensitive data.
Privilege Escalation Vulnerability Found in Rapid7 InsightIDR (SecurityWeek) An easy-to-exploit local privilege escalation vulnerability has been found and patched in Rapid7’s InsightIDR intruder analytics solution.
Opinion | The State Department has been funding trolls. I’m one of their targets. (Washington Post) Programs that fight the spread of falsehoods and propaganda shouldn’t combat lies with other lies — and certainly not with public funds.
BlueKeep: cybercriminals scanning for the latest Windows vulnerability (Panda Security Mediacenter) A threat intelligence company has announced that it has started to detect scans looking for Windows systems with the BlueKeep vulnerability.
Geutebrück G-Cam and G-Code (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.2ATTENTION: Exploitable remotely/low skill level to exploitVendor: GeutebrückEquipment: G-Cam and G-CodeVulnerabilities: Cross-site Scripting, OS Command Injection2. RISK EVALUATIONSuccessful exploitation of these vulnerabilities could allow remote code execution as root and remote code execution in the browser of the IP camera operator.
PHOENIX CONTACT FL NAT SMx (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 8.8ATTENTION: Exploitable remotely/low skill level to exploitVendor: Phoenix ContactEquipment: FL NAT SMxVulnerability: Improper Access Control2. RISK EVALUATIONSuccessful exploitation of this vulnerability could allow unauthorized users full access to the device configuration.
PHOENIX CONTACT PLCNext AXC F 2152 (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.6ATTENTION: Exploitable remotely/low skill level to exploitVendor: Phoenix ContactEquipment: PLCNext AXC F 2152Vulnerabilities: Key Management Errors, Improper Access Control, Man-in-the-Middle, Using Component with Known Vulnerabilities2.
Cost of Baltimore ransomware attack so far: $18 million (Maryland Daily Record) Sheryl Goldstein Nearly a month after a ransomware attack crippled Baltimore government computer systems, only about 35% of city employees' access is restored and the invasion has cost the city roughly $18 million. The city's technology department created a "safe environment" to start bringing systems back online, said Sheryl Goldstein, the mayor's deputy chief of staff for operations, who is overseeing the recovery. It's hoped that 90% of Baltimore's 10,000 employees will have access to the city's network by the end of the week.
Authorities investigating claim that Baltimore ransomware group leaked documents to Twitter (Baltimore Sun) Baltimore and federal authorities are investigating documents posted to a Twitter account tied to the hackers behind the ransomware attack, a spokesman said.
Baltimore anticipates 90 percent recovery from ransomware by week’s end (StateScoop) Baltimore officials say the city is steadily recovering from the May 7 cyberattack by the RobbinHood virus, sticking to an estimate of $18 million in damages.
Robbinhood: Inside the Ransomware That Slammed Baltimore (Dark Reading) Attackers appear to have used a ransomware-as-a-service platform to wage the attack.
Sen. Van Hollen: Government sees no EternalBlue in Baltimore ransomware attack - CyberScoop (CyberScoop) A second lawmaker from Maryland now says it doesn’t appear that the ransomware attack in Baltimore relied on a stolen National Security Agency exploit, EternalBlue. “It’s the federal government’s view that EternalBlue was not involved in the ransomware attack in Baltimore City,” Democratic Sen. Chris Van Hollen told CyberScoop on Monday following a briefing on Capitol Hill from NSA officials.
A Password Cracking Dictionary Found Online (Information Security Buzz) A big password cracking dictionary (1,493,677,782 words, 15GB) with every wordlist, dictionary, and password database leak found on the internet. Expert Comments: Jake Moore, Security Specialist at ESET: “This is an enormous database of passwords available to anyone who may want to get their hands on it. This shouldn’t be shrugged off as just another breach. When passwords …
Millions Stolen by Hackers Shows Vulnerability of Mexico's Banks (InSight Crime) Hackers infiltrated Mexico’s banking system to transfer millions of dollars to bogus accounts and then made ATM machines shell out the cash, in a case that
Private Info of Over 1.5M Donors Exposed by UChicago Medicine (BleepingComputer) The personal information of more than 1,6 million potential and existing University of Chicago Medicine donors were exposed by a misconfigured and unprotected ElasticSearch server left open on the Internet without a password.
Some Luzerne County computer servers set for reactivation today following cyber attack (Times Leader) Some Luzerne County government computer servers targeted in a cyber attack should be cleared and reactivated today, county Administrative Services Division Head David Parsnik said Tuesday.
‘Jeopardy!’ producer: ‘Appropriate’ action planned after leak of James Holzhauer’s loss (Washington Post) After the "pirated" clip circulated on social media, executive producer Harry Friedman says the show has probably identified the culprit.
Security Patches, Mitigations, and Software Updates
NSA Cybersecurity Advisory: Patch Remote Desktop Services on Legacy Versions of Windows (National Security Agency | Central Security Service) NSA advisory urging Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing cybersecurity threats.
Apple Unveils Privacy-Focused Authentication System (SecurityWeek) Apple announces “Sign in with Apple,” a new authentication system advertised as fast, secure and privacy friendly, but some experts are skeptical.
Apple Backs Off Crackdown on Parental-Control Apps (New York Times) The iPhone maker acted as tech giants faced more scrutiny over what critics argue is anticompetitive behavior.
Experts weigh in on Apple's private sign-in feature (Engadget) We spoke to security and privacy experts about Sign in with Apple.
Cyber Trends
Hollywood lie: Bank hacks take months, not seconds (ZDNet) A modern bank cyber-heist is methodically planned and usually takes months.
Only one in 20 vulnerabilities are exploited in the wild, claim researchers (Computing) Of 76,000 security flaws unearthed between 2009 and 2018, only 4,183 were exploited in the wilds by attackers.
ForgeRock U.S. Consumer Data Breach Report: Data breaches cost $654 billion in 2018, 2.8 billion consumer records exposed (West) Financial services suffered $6.2 billion in damage from cyberattacks in Q1 2019, up from $8 million in Q1 2018
Is AI fundamental to the future of cybersecurity? (Help Net Security) 69% of SMEs will implement AI security solutions in the next five years, with 44% of SMEs planning to invest in AI/ML defense in the immediate future.
How organizations are managing vulnerability risks (Help Net Security) Tripwire evaluated how organizations are managing vulnerability risks and found that more than one in four (27 percent) globally have been breached as a
Why do the same vulnerabilities keep showing up? (SD Times) Creator of the OWASP Top Ten list expresses disappointment after 16 years when it comes to security
Marketplace
Why four security companies just sold for $1.5B (TechCrunch) If you’re thinking about starting a technology company, you may want to consider focusing on cybersecurity. Last week was an incredible M&A whirlwind with four security companies getting acquired over just a three-day period: On Tuesday, FireEye bought Verodin, a five-year-old startup tha…
Top Russian Internet Firm Reportedly Under Pressure on Data (SecurityWeek) Russian internet company Yandex said that it's committed to data privacy as it responded to reports that the national intelligence agency is pressuring it into handing over encryption keys.
Norsk Hydro core profit better than expected despite cyber attack (Reuters) Norsk Hydro reported an 82% fall in first-quarter underlying profit on Wednesday...
Imperva to Acquire Distil Networks, the Industry-Recognized Leader in Bot Management (BusinessWire) The global leader in press release distribution and regulatory disclosure. Public relations and investor relations professionals rely on Business Wire for broad-based and targeted market reach.
SentinelOne Announces $120M Series D (SentinelOne) Expanding the Cybersecurity Platform of the Future, SentinelOne Capitalizes on Unprecedented Global Market Traction in the Largest Endpoint Security Funding Round of 2019
GuardKnox Funding Reaches $24 Million Upon Completion of $21 Million Series A Round Led by Fraser McCombs Capital (Yahoo) GuardKnox positioned to bring its best-in-class in-vehicle cybersecurity solutions to automotive customers worldwide
EnSilo is raising a series B to monitor and remediate cyber threats (Updated) (VentureBeat) EnSilo's security platform enables IT teams to proactively respond to cyber threats and conduct detailed analyses of ongoing and past intrusions.
Cybersecurity unicorn CrowdStrike announces share price for future IPO (Built In) CrowdStrike, currently valued at $3.4 billion, will offer 18 million shares of Class A common stock for between $19 and $23 each.
Cisco Continues To Shine (Seeking Alpha) Cisco continues its impressive streak of beating estimates amid strong results. The company's transformation is still in full swing and keeps its strong momentum
Kaspersky Announces New Branding, Mission Statement (SecurityWeek) Kaspersky Lab changes its name to Kaspersky, introduces a new logo, and unveils its new mission statement, “Building a safer world.”
UNITED ARAB EMIRATES : NESA, SIA, DarkMatter, BeamTrail make up Abu Dhabi's new interceptions landscape (Intelligence Online) In less than a year, technical intelligence and interceptions, or SIGINT, in the United Arab Emirates has been totally reorganised, with offensive and defensive operations now separate. The move has
Radiflow Launches MSSP Partner Program (PR Newswire) Radiflow, a leading provider of industrial cybersecurity solutions for industrial automation networks, today...
Cybereason Continues Rapid EMEA Expansion (PR Newswire) New Customers, Product Excellence, New Hires Drives Record Global Results
BioCatch Expands Financial IT Expertise with the Appointment of Mitchel Lenson as an Independent Board Director (Global Banking & Finance Review) BioCatch, the global leader in AI-driven behavioral biometrics, today announced the appointment of Mitchel Lenson as an independent member of its Board of
Absolute Strengthens Executive Team to Accelerate Next Stage of Growth (BusinessWire) Absolute (TSX: ABT), the leader in endpoint resilience, today announced the appointment of three key executives to its leadership team. Sandra Toms jo
Products, Services, and Solutions
Enveil and Novetta Partner to Deliver Secure Data Processing at the Tactical Edge (West) Strategic partnership and technology integration unlocks field-ready capabilities for mission-critical applications in the government market
Digital Reasoning Launches AI-Enabled Voice Analytics for Conduct Surveillance in Banking (West) New solution has developed in partnership with leading banks. Delivers highly efficient workflows and market-leading accuracy for analyzing noisy, financial domain audio data.
Carbon Black Introduces Third-Generation Cloud Architecture, Announces Plans for ‘Bring Your Own Key (BYOK)’ Encryption Capabilities (West) Additional planned features on the new architecture include ‘Flexible Data Retention,’ ‘Event Forwarder’ API and faster response times on advanced queries
OneSpan Revolutionizes the Digital Account Opening Experience with Secure Agreement Automation (West) End-to-end, cloud-based solution enables digital account opening in minutes while helping financial institutions fight application fraud and synthetic identities
Wandera announces Secure Access Layer to protect user privacy and provide secure mobile access to corporate data (West) Wandera, the leading mobile security company, announces new privacy functionality that further extends its endpoint solution to the network.
Continuity Software Launches Data Security Advisor, Uncovering Hidden Security Risks to Critical Data Storage Systems (Yahoo) Continuity Software's new Data Security Advisor solution enables enterprises to meet information security audit requirements and protects high value data assets
Morphisec Announces Version 3.5 at Infosecurity Europe 2019 with New Unified Security Center for End-to-End Visibility Across All Blocked Attacks (PR Newswire) Latest upgrades make it easier to replace legacy antivirus with more secure, lower TCO endpoint defense
Checkmarx Makes SCA Market Waves with Enhanced Open Source Security Offering (BsinessWire) Infosecurity Europe — Checkmarx, the Software Exposure Platform for the enterprise, has deepened its stake in the software composition analysis (SCA)
SecureAuth Innovates Secure Identity Management with its Intelligent Identity Cloud Service (West) Latest innovations advance usability and security, giving enterprise customers deployment freedom (hybrid, on-premises and cloud) and ability to consolidate multiple solutions
IOXO Launches CityWRX™ to Address Ransomware for Municipalities with End to End Virtualization and CloudWRX (Yahoo) On the heels of the formal launch of CloudWRX™, an end-to-end cloud computing management platform, IOXO (www.IOXO.cloud), today announced CityWRX™, an initiative leveraging CloudWRX to provide increased security and savings for cities, counties and municipalities (“Cities”) while freeing them from
Snowflake Announces Data Exchange to Break Down Data Barriers (PR Newswire) Snowflake, the data warehouse built for the cloud, today announced an all-new shared data experience, the Snowflake ...
Jazz Networks Launches Fully-Customizable Insider Threat Detection and Response (BusinessWire) Jazz Networks, an award-winning cybersecurity platform, announces that its newest release makes it the first of its kind to enable fully-customizable
The first Finnish audit criteria for cloud services released – PiTuKri improves cloud security (News Powered by Cision) The Finnish National Cyber Security Centre (NCSC) has released new audit criteria for cloud services called PiTuKri. The implementation of the criteria improves security in situations where authorities process classified information in the cloud.
Aon collaborates with CyberCube to advance insurers' cyber risk aggregation management (PR Newswire) Aon Plc, a leading global professional services firm, aims to leverage CyberCube's advanced cyber aggregation risk modeling capabilities and build...
Mt Pelerin signe un partenariat avec ID Quantique (Allnews) La société dirigée par Arnaud Salomon et ID Quantique veulent développer la première solution quantique pour le stockage sécurisé d’actifs crypto: le Quantum Vault.
SolarWinds Announces Network Insight for Palo Alto Networks (Storage Review) Today SolarWinds extended support of their Network Insight service to Palo Alto Networks and several updates to their existing services. SolarWinds’s Orion Platform is getting upgrades to improve scalability and transparency. SolarWinds was founded in 1999 and is a leading provider of IT infrastructure management software. Palo Alto Networks was founded in 2005 and primarily provides firewalls as well as other cloud-based security services.
Technologies, Techniques, and Standards
Leading MSP and Cloud Certification Program Increases Emphasis on Cybersecurity and MSP Best Practices (PR Newswire) The International Association of Cloud & Managed Service Providers (MSPAlliance®) today continued its...
How Laya Healthcare overhauled its data privacy for GDPR in just two-and-a-half days (Computing) Laya Healthcare implemented multi-factor authorisation with a simple interface as it grappled with its GDPR obligations
Tales From the SOC: Municipal Edition (SecurityWeek) Devon Kerr explains what happened when a municipality inadvertently deployed a brand-new endpoint protection technology across a small part of their production network.
'IT shouldn't tell OT they have an ugly baby,' says Anglo American CISO (Computing) How digital and physical infrastructure can work in harmony with operational technology.
Cyber due diligence: considerations before a merger or acquisition - PE Hub (PE Hub) Do you have any idea how often hackers attack? A University of Maryland study says a cyberattack on average happens every 39 seconds. That’s 2,200 attempts a day, more than 800,000 a year. Countless companies — Sony, JP Morgan, Target and Equifax, to name just a few — have fallen prey to …
Is your private equity firm exposed to these hidden IT risks? (Help Net Security) Without an audit into all of the potential investment company’s technical assets and processes, a private equity firm is setting itself up for hidden risks.
How William Hill's CISO sells cyber security to the board: Simple, practical, pragmatic and obvious (Computing) CISOs need to sell security to the board like a marketeer, says William Hill's Group CISO Killian Faughnan.
Minimum Home Router Security Recommendations Defined in New Joint LACNOG and M3AAWG Best Practices (BusinessWire) New best practices will help deter DoS attacks that make use of vulnerable network infrastructure devices, IoT devices, and malware infections.
Good cyber security culture should, literally, begin in employees' homes, says HSBC CISO Paula Kershaw (Computing) Top CISOs share their top employee engagement tips at InfoSec.
Beware of security blind spots in encrypted traffic (ComputerWeekly) The growth of encrypted traffic has put the spotlight on intrusion prevention systems that help to surface cyber attacks conducted under the cloak of network encryption
How to Protect Yourself or Your Business from Ransomware in 2 Steps (The Internet Patrol) The City of Baltimore had their city government computer system shut down by the Robbinhood ransomware. Yet it could have been avoided, or at least mitigated. Here's how to protect yourself or a business from ransomware.
Design and Innovation
Eliminating the growing pains of government IT modernization (Federal Times) It is imperative that agency IT leaders understand where their most critical needs lie and develop a coherent picture of the underlying causes slowing their digitization efforts.
DoD tech officials caution culture challenges lie ahead before rolling out more emerging tech tools (Federal News Network) Officials working behind the scenes at DoD say the majority of their responsibilities focus on getting people and processes ready for emerging tech tools.
Research and Development
Florida Institute of Technology, Air Combat Command Enter Into Research Agreement (Space Coast Daily) Florida Tech and the Air Force Air Combat Command (ACC) recently entered into a Cooperative Research and Development Agreement.
Academia
Walmart Adds 14 Tech Degrees, Certificates to Live Better U College Offering, Expands Debt-Free College to High Schoolers and Creates Graduation Bonuses (Walmart Corporate) Walmart is committed to winning the future of retail and knows investing in its people is essential to serving customers today and in the future. To help prepare its…
Legislation, Policy, and Regulation
Huawei Offers U.S. 'No-Spy Deal' As Trump Looks To End Huawei's U.K. 5G Ambitions (Forbes) The same day President Trump discussed Huawei with U.K. Prime Minister Theresa May, saying that the company would not be allowed to come between the two allies, Huawei's chairman looked to offer the U.S. a "no-spy deal' in an attempt to ease the pressure on the company.
Huawei Chairman Willing To Sign A 'No-Spy' Deal With The United States (NPR) A top Huawei executive accused the U.S. of inappropriate conduct, while also striking a conciliatory tone — a response that reflected the level of exasperation being felt by the Chinese tech giant.
Huawei offers to meet with U.S. cybersecurity officials (FierceWireless) Huawei would be willing to discuss ways to show it is meeting U.S. security standards suggested by the National Institute of Standards and Technology.
White House strategy calls for secure, usable government data (Federal Times) The Federal Data Strategy establishes near- and long-term goals for getting the most out of the federal government's massive data stores.
Time to break up social media firms? MPs and activists on the threat to democracy from online disinformation (Computing) Western democracy is under severe threat from autocratic regimes' use of Facebook and Twitter.
US to launch new program to fight extremism in Philippines (Military Times) U.S. and Philippine officials on Tuesday discussed a new program to thwart efforts by Muslim extremists to recruit and mobilize followers in the country’s south after a bloody siege by jihadists aligned with the Islamic State group.
State Department proposes new $20.8 million cybersecurity bureau (CyberScoop) The State Department has sent to Congress a long-awaited plan to reestablish a cybersecurity-focused bureau it says is key to supporting U.S. diplomatic efforts in cyberspace.
House panel worries about Navy’s at-sea network (Fifth Domain) The House Armed Services Committee wants to fence off about 15 percent of the Navy’s funding for its advanced at-sea network until the service answers questions about the program’s cybersecurity.
New York's Privacy Bill Is Even Bolder Than California's (WIRED) New York is poised to become the next battleground in the fight for consumers' rights over their personal data.
Ex-NSA Hacker Reviewed by FEC over Software Contribution Offer (Infosecurity Magazine) Area 1 Security wants to contribute free spear-phising prevention software to political campaigns.
Litigation, Investigation, and Law Enforcement
SEC Charges Issuer With Conducting $100 Million Unregistered ICO (US Securities and Exchange Commission) The Securities and Exchange Commission today sued Kik Interactive Inc. for conducting an illegal $100 million securities offering of digital tokens. The SEC charges that Kik sold the tokens to U.S. investors without registering their offer and sale as required by the U.S. securities laws.
Messaging app sued by US regulator over cryptocurrency launch (The Telegraph) A controversial messaging app is being sued by US regulators for raising capital through cryptocurrency sales.
Aussie Police Raid Journalist's Home Over Secret Spying Report (SecurityWeek) Australian police on Tuesday raided the home of a prominent journalist who reported on a secret government plan to spy on Australian citizens.