Cyber Attacks, Threats, and Vulnerabilities
Opinion | The Internet Security Apocalypse You Probably Missed (New York Times) Last week was an online security nightmare and few people noticed. Here’s what you need to know.
It's not just WhatsApp, most messaging apps likely have security vulnerabilities (CNBC) "Pretty much the entire suite of apps that 'talk' over the internet could be vulnerable," said Tom Uren, a senior analyst at the Australian Strategic Policy Institute's International Cyber Policy Centre.
Cyber Command's latest VirusTotal upload has been linked to an active attack (CyberScoop) The malware, which was uploaded to VirusTotal last week, looks to have been used by APT28 in attacks aimed at the Czech Republic Central Asian countries.
Researchers find coordinated anti-Trump campaign on Instagram (TheHill) Researchers have identified what they are calling a coordinated campaign to undermine President Trump on Instagram, an effort that bears hallmarks of the disinformation campaigns that proliferated on the platform in 2016.
What’s going on? Anti-Trump memes and other oddities on Instagram (Ghost Data) Last June Instagram reached 1 billion monthly active users and has sought to ramp up its e-commerce efforts and its reach throughout the world.
Abusing Code Signing for Profit (Medium) Signing a Windows executable file was originally conceived as a mechanism to guarantee the authenticity and integrity of a file published…
Google: We've been storing some enterprise customer passwords in plaintext since 2005 - CyberScoop (CyberScoop) Google has notified a portion of its enterprise customers that their passwords have been stored in plaintext in the company's internal encrypted systems.
Attack Combines Phishing, Steganography, PowerShell to Deliver Malware (SecurityWeek) A malware campaign targeting Japan and combining phishing, steganography, PowerShell, and the URLZone and Ursnif malware has been discovered.
Hackers Steal Payment Card Data Using Rogue Iframe Phishing (BleepingComputer) Cybercriminals have upgraded their credit card skimming scripts to use an iframe-based phishing system designed to phish for credit/debit card info from Magento-powered store customers on checkout.
Researchers discover new rogue iFrame phishing technique targeting payments (Computing) The technique is the latest in a long line of attacks targeting online payments
Use of EternalBlue in attacks on the increase despite patch (SC Magazine) Cyber-attacks leveraging the Windows Server Message Block exploit EternalBlue at historically high levels over the last few months, even though the vulnerability patched by Microsoft more than two years ago.
Critical Vulnerabilities Discovered in South Korean ActiveX controls (Risk Based Security) Many years ago, ActiveX was a popular technology. Unfortunately, too many ActiveX controls had a very low code maturity and were riddled with basic vulnerabilities like buffer overflows, or exposed unsafe functionality even if marked as “safe for scripting”. These allowed malicious websites to trivially compromise users’ systems.
From Pesky to Dangerous - Image-based Spam (Clearswift) Those of you that can remember back to 2006 may recall that High School Musical was the highest selling album of the year. “We’re all in this together” was one of the most popular songs played at the time and, some would say, a pesky tune that would stick in your head.
iEBSWAX ActiveX Control Add() Method Argument Handling Heap Buffer Overflows (Risk Based Security) Details for tested products and versions:
Traveler Beware: Your Loyalty Rewards Points And Personal Data Are Catnip For Cyberthieves (Forbes) Travelers are catnip for a growing number of nation-state cybercriminals. Here's what you can do to keep your personal data safe.
Why You Should Never Use Airport USB Charging Stations (Forbes) Stop! Plugging into that airport USB charging station could put your personal data at risk.
Satan Ransomware Expands Portfolio of Exploits (SecurityWeek) A new variant of the Satan ransomware has added new exploits to its portfolio and is looking to compromise more machines by targeting additional vulnerabilities.
WordPress plugin sees second serious security bug in six weeks (Naked Security) Researchers have uncovered another serious bug in WP Live Chat that could lead to the mass compromise of websites.
Computrols CBAS Web (ICS-CERT) EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit
Mitsubishi Electric MELSEC-Q Series Ethernet Module (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.5ATTENTION: Exploitable remotely/low skill level to exploitVendor: Mitsubishi ElectricEquipment: MELSEC-Q series Ethernet moduleVulnerability: Uncontrolled Resource Consumption2. RISK EVALUATIONSuccessful exploitation of this vulnerability may render the device unresponsive, requiring a physical reset of the PLC (Programmable Logic Controller).
Are Tampa Bay cities prepared for cyber-ransom attacks? (10NEWS) Cities in the region are no stranger to these types of attacks.
Al Jazeera Gets Twitter To Silence Critics Of Its Video Implying Jews Benefited From Holocaust (Daily Caller) The Qatar-funded Al Jazeera news network published a video questioning the Holocaust and implying that Jews have benefited from it.
Rats leave the sinking ship as hackers’ forum gets hacked (Naked Security) The OGUsers forum, which trades in hijacked social accounts, has been hacked, its hard drives wiped, and its user database published online.
Hackers turn Brazil's job crisis into lucrative phishing attacks (The Brazilian Report) As most people go online for their job hunting, they become easy targets for hackers. 21% of Brazilian internet users have been victims of phishing attacks.
Business Email Compromise Still Reigns (SecurityWeek) Business Email Compromise (BEC) scams are becoming increasingly profitable for threats actors, making it easier for adversaries to gain access to the valuable information that sits within email inboxes.
Car Manufacturers Be Aware - Bluetooth Module Could Lead To Vehicle Shut Down By Hackers (Information Security Buzz) According to new research uncovered by security specialists, Pen Test Partners, who were investigating the systems within Tesla vehicles, found that if hackers could attach an ELM327 Bluetooth module to the interface, they would have the ability to analyse the traffic and read CAN messages. If left in, a hacker could also potentially shut the car down. Experts Comments: Martin Jartelius, …
Security Patches, Mitigations, and Software Updates
Another WannaCry May Be Coming – Are You Ready? (Information Security Buzz) The vulnerability is severe enough that Microsoft took a pretty unusual step in releasing updates for Windows XP and Server 2003 in addition to currently supported versions of Windows that are affected. Unlike WannaCry, this threat is seen as extremely easy to exploit. It took a leaked NSA tool to exploit the WannaCry vulnerability, whereas the fear …
Microsoft Releases Windows 10 Version 1903 - May 2019 Update (BleepingComputer) Microsoft has officially started to roll out Windows 10 version 1903, called the May 2019 Update, to everyone. Originally released to Insiders for testing on April 8th, Microsoft has now made it available to everyone.
Firefox Now Blocks Cryptominers and Fingerprinters (Decipher) In Firefox 67, Mozilla has moved to block cryptominers and browser fingerprinters, which track users across the web.
WhatsApp patches flaw allowing easy installation of Pegasus spyware (SC Media) Facebook posted a security advisory for a buffer overflow vulnerability in its subsidiary WhatsApp that could allow an attacker to install Pegasus spyware
Cyber Trends
Cloud Security Complexity (Cloud Security Alliance) CSA’s latest survey examines information security concerns in complex cloud environment [Link Here]. The survey of 700 IT and security professionals aims to analyze and better understand the state of adoption and security in current hybrid cloud and multi-cloud security environments, including
IBM Security: Cybersecurity Threats Growing In Travel and Transportation Industries (IBM News Room) IBM (NYSE: IBM) Security today issued new research highlighting that the travel industry and its customers are increasingly the targets of cyberattacks as criminals seek to monetize highly...
Cyber Adversaries Flock to Apps Where the Users Are and When Users Are Online (Nasdaq) Fortinet Threat Landscape Report Reveals Nearly 60% of Threats Shared at Least One Domain, Indicating the Majority of Botnets Leverage Established Infrastructure
Analysis of Cyber Risk Exposure for U.S. and European Political Parties (Security Scorecard) Offensive cyber operations, from information campaigns to computer network exploitation, are being used to influence foreign elections through political parties and candidate campaigns.
See how US political parties fare in cybersecurity (Fifth Domain) SecurityScorecard recently analyzed the networks of parties from the United States and Europe.
DNC's cybersecurity lags behind RNC, new study finds (TheHill) The Democratic National Committee’s (DNC) cybersecurity practices continue to “lag behind” those of its Republican counterpart despite investments the group has made since the 2016 presidential election, according to a new report.
Poor Security Hygiene Found Across Almost All Political Parties in US, Europe (SecurityWeek) Report outlines changes observed within the external security postures of political parties and organizations in the U.S. and Europe.
Daniel Wood Joins Bishop Fox as Associate Vice President of Consulting (Yahoo) Bishop Fox, the largest private professional services firm focused on offensive security testing, announced today that Daniel Wood has joined the firm as associate vice president of consulting. Wood will lead all of Bishop Fox's service lines and enhance current
The State of Location-Tracking Mobile Apps in 2019 (The Manifest) Businesses recognize the power of collecting data for advertising but must strike a balance between "creepy" and useful targeted marketing efforts.
Marking GDPR Anniversary, nCipher Survey Reveals Americans’ Data Privacy Attitudes (AP NEWS) The General Data Protection Regulation (GDPR) went into effect in the European Union a year ago this month.
Most Americans Think They Know More About Web Security Than They Really Do (PCMAG) As the internet expands, more of us are creating websites—and knowledge of secure practices falls to website creators. But 70 percent of this Google/Harris Poll survey's respondents wrongly identified what a secure URL looks like.
Mumbai at topmost risk of cyber attack (The Times of India) Business News: Cyber criminals usually try to target vulnerabilities on IT systems. Windows systems were attacked the most last year, with 1,985 attempts per minute,
Marketplace
How Huawei Might Handle the Latest US Sanctions (WIRED) The Trump administration barred US companies from doing business with Huawei, forcing the Chinese firm to find new chips and software for its products.
ZTE moves to prove its own security credentials (Telecoms.com) Taking a page from the Huawei playbook, ZTE is opening its own European cybersecurity lab to demonstrate its own security credentials and appeal to customers.
Awareness Training Firm KnowBe4 Acquires Awareness Measurement Firm CLTRe (SecurityWeek) Tampa Bay, FL-based security awareness and simulated phishing firm KnowBe4 has acquired Oslo, Norway-based security culture measurement company CLTRe for an undisclosed sum.
MistNet scores $7M in funding, launches CyberMist threat detection platform (FierceTelecom) MistNet announced a $7 million series A round of funding on Tuesday and also launched its CyberMist detection platform.
Guardicore Raises $60 Million in Series C Funding (SecurityWeek) Data center and cloud security company Guardicore has secured $60 million in Series C funding round led by Qumra Capital.
U.S. Chamber of Commerce Joins Cyber Readiness Institute Champion Network to Protect Small and Mid-Sized Businesses from Cyber Threats (Cyber Readiness Institute) The Cyber Readiness Institute (CRI) today welcomed the U.S. Chamber of Commerce (U.S. Chamber) as the newest member of its Cyber Readiness Champion Network.
Intelligent Waves wins contract for US Army’s Defensive Cyber Operations (Army Technology) Intelligent Waves will provide programme management support services for cyber-related, non-traditional procurement activities of DCO programmes and DoD.
Thales the latest to flag digital transformation security opportunity (MicroscopeUK) The firm has added to a growing number of examples of growing security risks surrounding digital transformation projects
CrowdStrike IPO: Everything You Need to Know About CrowdStrike Ahead of Its IPO Debut - CrowdStrike Estimates, Value, Share Price, Revenues (Oofy) CrowdStrike officially confirmed going public after the cybersecurity company filed for IPO on Tuesday, May 14th. The company is planning to list on Nasdaq exchange market under the thicker CRWD, valued over 3 billion dollars ahead of its IPO, while CrowdStrike is backed by Capital G (Google’s domain) and Accel. Here is everything you need …
Steve Mann Joins ThetaRay as Chief Marketing Officer (Yahoo) Fintech and Marketing Pro Deepens Leadership Bench of Financial Crime Analytics Leader NEW YORK , May 21, 2019 /PRNewswire/ -- ThetaRay, the leading provider of AI-based Big Data analytics, today announced ...
Products, Services, and Solutions
EfficientIP SOLIDserver DDI and Tufin SecureTrack Join Forces to Provide Automated Security Compliance (ResponseSource Press Release Wire) Complementary technologies unite to simplify and control network security policies
Aqua Security Attains VMware PKS Partner Application Program Validation (Aqua) Organizations using VMware Enterprise PKS can now leverage Aqua’s granular security and compliance controls to protect their cloud-native workloads.
EagleBank Cuts Commercial Banking Enrollment Time By 99 Percent with OneSpan (OneSpan) North American bank chose OneSpan to digitally transform the customer experience
Tufin Extends Its Leadership in Policy-Based Security Automation (AP NEWS) Tufin ® (NYSE: TUFN), a company pioneering a policy-centric approach to security and IT operations, today announced the release of Tufin Orchestration Suite R19-1, advancing its leadership in network security automation with the industry’s first solution to feature policy-based automation for server policy cloning.
Spirent First to Incorporate NetSecOPEN Test Suite into Security and Performance Testing Platform (Security Boulevard) Spirent First to Incorporate NetSecOPEN Test Suite into Security and Performance Testing Platform CyberFlood solution simplifies network testing for
Verve Industrial Protection Announces Partnership with MxD, the US DOD's Hub for Manufacturing Cyber Security (Yahoo) Verve Industrial Protection today announced they have partnered with MxD, the US Department of Defense Hub for Cyber Security in Manufacturing to help accelerate the maturity of cyber security across the manufacturing supply chain. MxD is the result of a public-private
Griffin Announces Cybersecurity Awareness Training Partnership with Wuvavi (Yahoo) "Our partnership with Wuvavi was driven by our client's requests for education." said Jonathan Fishbeck, Chief Executive Officer with Griffin. The collaboration on Griffin University with Wuvavi enables Griffin's clients to tap into years of combined cybersecurity expertise at Griffin
Seclore Extends Advanced Email Encryption to Exchange Online, O365, and Exchange On-Prem (PR Newswire) Seclore, provider of the first open Data-Centric Security Platform, today announces Seclore Email Encryption...
Jumio Partners with Nok Nok Labs to Offer Account Recovery Solution (BusinessWire) Jumio, the leading AI-powered trusted identity as a service provider, today announced a new partnership with Nok Nok Labs, the trusted leader in next
Canon Solutions America Announces Security Roadshow Featuring Expert Insights And Recommendations On Information Security And Data Privacy (WhatTheyThink) IT Security Presenters from Canon Solutions America and its Security Solutions Partners Will Discuss Ways to Prevent Security Breaches and Protect Data
ThreatQ adds support for mobile and PRE-ATT&CK in response to rapid customer adoption (Help Net Security) ThreatQuotient, a security operations platform innovator, announced that the integration with MITRE ATT&CK now includes support for PRE-ATT&CK and Mobile.
Coalfire adds 2 programs to its cloud security services (SearchCloudSecurity) Coalfire has added Secure Cloud Automation Services and Cloud Security Strategy and Maturity Assessment programs to its suite of cloud security services. They will help enterprises become FedRAMP-compliant and evaluate current security platforms, respectively.
Amsterdam-Based Software Testing Services Provider, spriteCloud, Launches "Ethical Hacking" Penetration Testing Services (IT News Online) Ethical hackers are certified security experts attempting to gain entry into your website, application or network using methods and knowledge available to malicious hackers. The goal is to discover vulnerabilities for you before real hackers do.
Cloud Comrade boosts managed services offering through Dropsuite integration (Channel Asia Singapore) Cloud Comrade has partnered with Singapore-based ISV, Dropsuite, in an effort to address the growing cyber security challenges across the region.
TrapX Security Launches an ARMY of Artificial Users to Expose Cyber Attackers (AiThority) TrapX Security, the global leader in cyber deception technology, announced that it has released version 6.3 of its DeceptionGrid platform.
Deloitte offers e-communications monitoring product to help prevent fraud (Accounting Today) Deloitte has expanded its strategic alliance with Relativity to offer Relativity Trace, a compliance monitoring application, to help clients detect and mitigate violations of industry regulations and organizational e-communication policies.
Core Elastic Stack security features now available to all users (Help Net Security) Elastic has decided to make core Elastic Stack security features accessible to all users (and not just those who have a Gold subscription).
Gigamon Launches the Industry's Only Application Intelligence Framework with Complete Network Visibility of the Digital Enterprise (Yahoo) Gigamon Inc. ("Gigamon"), the leading network visibility provider for the digital enterprise, today introduced Gigamon Application Intelligence, which provides comprehensive visibility into the highly complex applications at the heart of digital
GreyCastle Launches SOC 2 Report Readiness Services (PRWeb) GreyCastle Security, the industry’s leading provider of cybersecurity risk assessment, advisory and mitigation services, has...
Arxan For Hybrid Apps Expands Data Theft Prevention Solutions, Giving Organizations "No More Excuses" For Unprotected Applications (Yahoo) Arxan Technologies , the trusted provider of application protection solutions, announced ...
Darktrace AI used to protect military personnel data (Cambridge Network) Darktrace, the world’s leading AI company for cyber defence, has announced that the Royal Air Forces Association (RAFA), the largest charity providing welfare support to members of the Royal Air Forces, has selected Darktrace’s cyber AI to protect its members’ sensitive data from insider threat and sophisticated attacks.
Hillstone Networks Safeguards Citizens and Operations for the Ministry of Labor in San Salvador (Yahoo) Hillstone Networks, a leading provider of Enterprise Security and Risk Management solutions, has delivered solutions to safeguards citizens and operations for the Ministry of Labor in San Salvador. The Ministry of Labor and Social Welfare in San Salvador
Digital Guardian Joins “Friends of Objective-See” Program to Support macOS Users with Security Tools to Thwart Malicious Attacks (BusinessWire) Digital Guardian Joins “Friends of Objective-See” Program to Support macOS Users with Security Tools to Thwart Malicious Attacks
Cellebrite and Relativity Partner to Deliver Data From Mobile Devices Directly into Relativity and RelativityOne (Yahoo) Cellebrite today announced the launch of Legalview for Relativity and RelativityOne to make it easier and faster to input and analyze data from mobile devices relevant to litigation and digital investigations. E-discovery professionals need access to
Technologies, Techniques, and Standards
Does Cyber Command need more electronic warfare tools? (Fifth Domain) Cyber forces of the future might need to exploit the electromagnetic spectrum to get at targets not connected to traditional networks.
How to stay cybersecure while traveling for business: 6 tips (TechRepublic) More than 70% of business travelers have been at risk for cyberattacks, according to an IBM Security report.
Aligning Security with Patient Safety: 8 Insights for Healthcare Cybersecurity by Healthcare Cybersecurity Pros | Bricata (Bricata) The chances, of shoring up healthcare cybersecurity with budget and staff, improve when security goals are aligned with healthcare goals, like patient safety.
How effective are login challenges at preventing Google account takeovers? (Help Net Security) Despite implementation bugs that might affect the security of physical security keys, they are the strongest protection against phishing.
Cybersecurity: How a layered approach keeps this F1 team's data secure (ZDNet) Haas F1 uses layers of protection to help give the Formula 1 racing team a competitive advantage.
Suspect a hidden camera in your Airbnb or hotel? Here’s how to tell (The Parallax) Before booking a stay, read the home description for a required camera disclosure. After you check in, take these steps to uncover hidden cameras.
Here’s how to get employees to care about cybersecurity training (CSO) Improving attention and retention rates may have shown that humour is a better training tool than fear, but a security-training pioneer believes the two will come together productively as cyber insurers crack down on training and impending ‘Phishing 2.0’ features allow CISOs to engage with employees the second they click on a malicious link or attachment.
Design and Innovation
Simply elegant, Morse code marks 175 years and counting (Navy Times) The U.S. Navy is actually testing a system that would let a user type words and convert it to blinker light. A receiver would read the flashes and convert it back to text.
Research and Development
Why post-quantum encryption will be critical to protect current classical computers (TechRepublic) Quantum computers are theorized to be capable of breaking RSA encryption. Experts disagree on when it could happen, but agree on a need for quantum-proof encryption.
Academia
National Security Agency Names University of New Haven a Center of Academic Excellence (Yahoo) The University of New Haven announced today that it has been designated by the National Security Agency (NSA) as a National Center of Academic Excellence (CAE) in Cyber Operations (CAE-CO). The certification recognizes the University’s bachelor’s degree programs in cyber security & networks and
Legislation, Policy, and Regulation
Editorial: Good to see Cyber Command's strong work to counter Russian trolls (Omaha World-Herald) The command is now elevated to the same status as the U.S. Strategic Command or Central Command.
US Delays Huawei Ban for 90 Days (SecurityWeek) US officials delayed a ban on American technology exports to Chinese tech giant Huawei until mid-August, saying the time was needed to allow for software updates and other contractual obligations.
The US government's concession to Huawei explained (Computing) US Department of Commerce will consider a further extension beyond the current 90 days
Trump Administration Could Blacklist China’s Hikvision, a Surveillance Firm (New York Times) The move against Hikvision would mark another step to counter China’s economic ambitions, and the first time the administration punished a company for China’s detention of Uighurs.
After the US took down Huawei, could DJI be next? (The Verge) DHS alert warns of flight data getting sent to China
Trump Blacklisted Huawei After China Trade War Negotiations Stalled (Fortune) The move caused massive supply chain disruptions for Intel, Qualcomm, and Broadcom.
China Raises Threat of Rare-Earths Cutoff to U.S. (Foreign Policy) Beijing could slam every corner of the American economy, from oil refineries to wind turbines to jet engines, by banning exports of crucial minerals.
Huawei vs. Trump: all the news about the Chinese phone maker’s messy relationship with the US (The Verge) Huawei’s future hangs in the balance.
Federal agencies stress supply chain safety for incoming 5G technology (Federal News Network) 5G technology is popular on both sides of the political aisle but some security concerns remain, especially when it comes to the supply chain.
Microsoft pushes for GDPR-like privacy rules in the U.S. (FierceTelecom) With the one-year anniversary of the EU's adoption of its GDPR coming up soon, Microsoft is calling on Congress to do the same in the U.S.
Litigation, Investigation, and Law Enforcement
Why the Air Force is investigating a cyber attack from the Navy (Air Force Times) The Air Force has reportedly seized an attorney's computer and phone as part of an investigation into whether the Navy improperly spied on defense attorneys.
After WhatsApp hack, NSO faces scrutiny from Facebook and UK public pension fund (Fast Company) Facebook is examining its legal options and a U.K. pension fund is asking questions amid ongoing lawsuits against the Israeli firm linked to a string of abusive attacks.
Cyber-attack accused 'flees UK' (BBC News) A judge orders the arrest of a defendant after hearing he has flown out of the country.
LeakedSource Operator Pleads Guilty in Canada (SecurityWeek) Canadian authorities announce that Defiant Tech, the company that ran LeakedSource, pleaded guilty to trafficking identity information and possession of property obtained through crime.
American Hustle (Foreign Affairs) Donald Trump and the Mueller report are x-rays, revealing much of what has gone awry in American politics and society in recent years.
The Ghost and Dr. Death: The True Story of How the FBI Caught Robert Hanssen - America's First Cyber Spy (ClearanceJobs) Speaking at the International Spy Museum, Eric O'Neill discussed his new book, "Gray Day" about his role in catching super spy Robert Hanssen. The book offers an amazing glimpse into the life of one of the most devastating spies in American history.