Atlanta: a final look at SecurityWeek's 2019 ICS Cyber Security Conference
The risk to industrial control systems: CyberX looks at the data (The CyberWire) Data from ICS networks tell a story about the risks industrial control systems face worldwide. CyberX concludes that most sectors earn at best a low C, and many of them are struggling to earn even a D.
New Analysis of Real-World Network Traffic Reveals Alarming Prevalence of IoT and Industrial Control System Vulnerabilities (KSL) Critical assets whose compromise would cause a major revenue or safety impact — while implementing compensating controls such as continuous monitoring and behavioral anomaly detection (BAD) to quickly spot intruders before they can cause real damage to operations.
Cyber Attacks, Threats, and Vulnerabilities
Charities at increasing risk of cyber-crime (SC Magazine) New UK government report finds that over half of charities think hackers are "major risk"
DHS warns of Russian interference plans in 2020 elections, as Washington focuses on Ukraine (Yahoo News) U.S. government efforts to prevent Russia from conducting influence operations directed at American audiences have largely failed, and Moscow is continuing its attempts to influence the American political system by exacerbating social divisions.
UN, UNICEF, Red Cross officials targeted in recent phishing campaign (ZDNet) Phishing sites first appeared in March, are not blocked in Google's Safe Browsing, and are still active today.
Phishing attack targeting United Nations and humanitarian organizations discovered by Lookout Phishing AI (Lookout) Lookout Phishing AI has detected a mobile-aware phishing campaign targeting non-governmental organizations around the world, including a variety of United Nations humanitarian organizations, such as UNICEF.
Symantec antivirus crashes something again. This time Chrome 78 browsers (ZDNet) Fourth time in three months when Symantec's antivirus crashes something.
Millions downloaded dozens of Android apps from Google Play that were infected with adware (TechCrunch) Security researchers have found dozens of Android apps in the Google Play store serving ads to unsuspecting victims as part of a money-making scheme. ESET researchers found 42 apps containing adware, which they say have been downloaded more than 8 million times since they first debuted in July 2018…
Google Play adware campaign taken down, developer identified (SC Magazine) Year-long investigation finds 42 adware-injecting apps on Google Play that had been downloaded eight million times
Tracking down the developer of Android adware affecting millions of users (WeLiveSecurity) ESET researchers describe how they discovered a year-long adware campaign on Google Play that ultimately affected millions of users.
Apple bans 15 apps created by Gujarat-based app company for cheating (Gadget Now) Mobile security firm Wandera has discovered 17 apps infected with clickware meant to increase advertising revenue. All of these 17 apps are made by Gujarat-based AppAspect Technologies Pvt. Ltd. Apple has removed 15 of these apps. These apps contained malware that used to open web pages and click on ads in the background.
Trojan malware infecting 17 apps on the App Store (Wandera) Wandera’s threat research team has discovered 17 apps on the Apple App Store that are infected with clicker trojan malware. The apps communicate with a known command and control (C&C) server to simulate user interactions in order to fraudulently collect ad revenue.The clicker trojan module
18 iOS apps with stealthy ad clicking code removed from App Store (Help Net Security) Researchers have discovered 17 apps in Apple's App Store that contained a clicker module, designed to perform covert ad fraud-related tasks.
Cyber Attack Hits Prominent Hedge Fund, Endowment, and Foundation (Institutional Investor) “They’re really focused,” warns one security expert. “Wow.”
TikTok Users Are Finally Posting About Hong Kong, But Only To See If They'll Get Censored (BuzzFeed News) BuzzFeed News found no evidence that TikTok blocks pro–Hong Kong democracy videos — or that many American teens were interested in the protests.
Malware Skip-2.0 Provides “Magic Password” to Access Microsoft Servers (CISO MAG) Security researchers discovered a Chinese hacking group “Winnti” using a new malware named “Skip-2.0” to get access to Microsoft SQL (MSSQL) Servers.
Fujitsu Wireless Keyboard Plagued By Unpatched Flaws (Threatpost) Two high-severity vulnerabilities in a Fujitsu wireless keyboard expose passwords and allow keystroke injection attacks.
Philips IntelliSpace Perinatal (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.1
ATTENTION: Low skill level to exploit
Vendor: Philips
Equipment: IntelliSpace Perinatal
Vulnerability: Exposure of Resource to Wrong Sphere
2. RISK EVALUATION
Successful exploitation of this vulnerability may allow an attacker unauthorized access to system resources, including access to execute software or to view/update files, directories, or system configuration.
Rittal Chiller SK 3232-Series (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.1
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Rittal
Equipment: Rittal Chiller SK 3232-Series
Vulnerabilities: Missing Authentication for Critical Function, Use of Hard-coded Credentials
2.
Honeywell IP-AK2 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.3
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Honeywell
Equipment: IP-AK2
Vulnerability: Missing Authentication for Critical Function
2.
Moxa IKS, EDS (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Moxa
Equipment: IKS, EDS
Vulnerabilities: Classic Buffer Overflow, Cross-site Request Forgery, Cross-site Scripting, Improper Access Controls, Improper Restriction of Excessive Authentication Attempts, Missing Encryption of Sensitive Data, Out-of-bounds Read, Unprotected Storage of Credentials, Predictable from Observable State, Uncontrolled Resource Consumption
Here’s Why Online Holiday Inventory is Often Gone Before You Get There (Cequence Security) As the holidays approach, consumers are beginning to frequent their favorite online retailers. But, sometimes their perfect gift is already gone. Learn why.
Stalking software is 'on the rise' (BBC News) Experts warn of a rise in a type of software commonly used by abusive partners to spy on phones.
Who’s Stalking Mobile App Users?: Finding and controlling the third-party code (3PC) app publishers don’t know about (The Media Trust) Whose eyes are watching mobile app users? Today’s device-toting consumers spend 90% of their time online on mobile apps. Yet they have little to no notion they’re under the watchful eyes of a broad range of companies—many they’ve never even heard of—that form these apps’ digital supply chain.
Cybercriminals as the Russian State’s Deniable Proxies (OODA Loop) Putin’s Russia has demonstrated a penchant for relying on proxies to provide a degree of deniability while pursuing its military objectives.
Hacktivism returns to its roots as a cyber warfare tool (The Daily Swig) Back in hack
Data Insecurity: How One of the Worst Computer Defects Ever Sacrificed Security for Speed (NCL) In January 2018, it was announced that researchers had discovered some of the most significant cyber security vulnerabilities the public has ever faced.
Cyber Trends
NeuShield Predicts the Top Cybersecurity Threats for 2020 and Beyond (NeuShield Ransomware Protection) NeuShield, which developed the world’s first mirror shielding technology to instantly recover data and files when other malware defenses fail, predicts that 2020 will bring growing threats to Internet of Things (IoT) devices, increasingly organized cybercriminals, the exploitation of 5G vulnerabilities, more sophisticated ransomware attacks, and new cyberattacks on... Read more »
KnowBe4 Finds 96 Percent of Organizations Say Email Phishing Scams Pose Biggest Security Risk (KnowBe4) KnowBe4 Finds 96 Percent of Organizations Say Email Phishing Scams Pose Biggest Security Risk
Prepare for a New Cyber Cold War in 2020, Warns Check Point (Yahoo) Check Point® Software Technologies Ltd. (CHKP), a leading provider of cyber security solutions globally, has unveiled its cyber-security predictions for 2020. They reveal the major cyber incidents and technical developments that Check Point’s researchers anticipate will impact our societies and businesses
2020 Vision: Check Point’s cyber-security predictions for the coming year (Check Point Software) Published October 24th, 2019 Hindsight is 20/20 vision, as the old saying goes: it’s always easy to know what the right course of action was after something has happened, but much harder to predict the future. However, by looking at security developments over the past couple of years, it’s possible to forecast what’s likely to…
RiskIQ’s Q2 2019 Mobile Threat Landscape Report (RiskIQ) Blacklisted Apps Rise by 20%, Google Tightens Up, and Attackers Target Tax Season
Exabeam Annual Cybersecurity Salary Survey Identifies Persistent Gaps with Gender and Diversity, Challenges with Work-life Balance (Exabeam) However, nearly half of professionals have worked in cybersecurity for more than 10 years, and 76 percent feel[...]
Organisations failing to diversify their infosec teams will fail meet skills requirements (SC Magazine) Key to diversifying the cyber-security workforce will be both organisations and individuals having a framework that can show exactly what skills are necessary to fulfil what roles.
2019 : Unisys Security Index (Unisys) Americans express concern about both their physical safety and the security of their personal data when attending large-scale sporting events or festivals
Mistrust lingers between government, industry on cyber information sharing (CyberScoop) Sharing cybersecurity information between the government and private sector won’t do much good if neither side trusts the other.
Morphisec Releases 2019 Hospitality Guest Threat Index During National (PRWeb) More than 22 million U.S. travelers self-report as being the victim of a cyberattack through their business with hotels according to the Mo
The Changing Face of Cyber Security (The UCSB Current) UC Santa Barbara hosts 8th semiannual UC Cyber Security Summit
Marketplace
Wärtsilä co-founds global cyber security alliance for operational technology (Hellenic Shipping News) The technology group Wärtsilä is among the founding members of a new alliance to provide a technical and organizational framework for safe and secure
Raytheon to take full control of Forcepoint cyber venture. Then what? (Washington Technology) Raytheon has started to iron out the details of taking full ownership of the Forcepoint commercial cybersecurity venture it entered four years ago. So where does that business fit in the future Raytheon-UTC combined business?
Global caution over 5G puts pressure on Nokia (Washington Post) Finnish tech company Nokia has warned that its profits will be lower than expected due to tough competition and costs related to new-generation 5G networks
Huawei and Sunrise co-build 5G research centre in Switzerland (ZDNet) It is Huawei's first 5G research centre in Europe.
Founder of UAE's DarkMatter to divest his entire stake in the company (Gulf Business) Faisal Al Bannai is in the process of concluding purchase agreements with "multiple parties"
US Air Force Selects L3Harris Technologies to Develop Space Hub End Cryptographic Unit for Protected Tactical SATCOM Program (Valdosta Daily Times) The U.S. Air Force has selected L3Harris Technologies (NYSE:LHX) to deliver the space hub end cryptographic unit (ECU) for the Protected Tactical SATCOM (PTS) SHIELD program.
Absolute Appoints New Executives to Leadership Team to Accelerate Product Innovation and Enhance Endpoint Resilience Offerings (Financial Post) Absolute (TSX: ABT), the leader in endpoint resilience, today announced two new appointments to the company’s executive leadership team. William Morris joi…
John Paitaridis to lead Australian cybersecurity firm CyberCX (Consultancy) Following the wide-ranging merger of twelve cybersecurity consulting firms in Australia into CyberCX, John Paitaridis has been appointed to head the new firm.
Products, Services, and Solutions
Thycotic Releases Free Privileged Access Management Policy Template (PR Newswire) Thycotic, provider of privileged access management (PAM) solutions to more than 10,000 organizations, including 25...
Randori Launches Recon: See Your Company Through the Lens of the Adversary (PR Newswire) Randori today announced the general availability of Randori Recon, the first phase of its automated attack...
Recorded Future Teams Up With ServiceNow on Integrated Security Intelligence Offering for Reducing Organizational Risk (PR Newswire) Recorded Future, the leading provider of security intelligence, today announced a new relationship with ServiceNow to...
AttackIQ and The Chertoff Group Partner to Enable Enterprises to Measure Cyber Risk, Train Talent and Justify Security Investments with Unprecedented Transparency (BusinessWire) AttackIQ and The Chertoff Group are partnering together to offer a joint solution to help organizations measure security risk, train staff and more.
Imperva RASP Now Supports .NET Core Apps for Security by Default (Imperva) Imperva now supports the .NET Core development platform, securing apps written in .NET Core with our industry-leading RASP solution. Support for .NET Core expands our market-leading, full-stack application security solution to apps at the heart of digital transformation.
WebHouse to Introduce Auditing Service at NetAPP Insight 2019 (Markets Insider) Recognizing that data and information are incredibly valuable assets to all organizations, New York-b...
AWS vastly expands its own managed services (CRN Australia) 29 new services now manageable, just eight partners in play to help.
(ISC)² Launches 12 New Cybersecurity Courses For Certified Professionals (PR Newswire) (ISC)² – the world's largest nonprofit membership association of certified cybersecurity professionals – today...
Felix Payment System Security Assured with Intertrust whiteCryption (Moneycontrol) World’s first technology for contactless Tap-and-Pay card transactions on smartphones undergoes security and compliance certification in preparation for Visa and Mastercard Pilots.
New Cellebrite Field Solutions Streamlines Workflow for Law Enforcement Officers and Investigators (The Breeze) TYSON'S CORNER, Va., Oct. 24, 2019 /PRNewswire/ -- Cellebrite, the global leader in digital intelligence solutions for the law enforcement and intelligence communities, has expanded its frontline solutions to encompass
BlackBerry Announces Availability of CylancePROTECT for Mobile; Further Integrates Cylance Artificial Intelligence (EIN News) BlackBerry Limited (NYSE: BB; TSX: BB) today announced availability of CylancePROTECT® for mobile devices managed by BlackBerry® Unified Endpoint Management (BlackBerry® UEM). Leveraging Cylance's artificial intelligence (AI) security...
'Caveat': the CyberWire's new weekly podcast illuminates cybersecurity law and policy (Dark Reading) Cyber security's comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.
Technologies, Techniques, and Standards
Can CISOs at smaller enterprises wield enough influence to square the third-party security circle? (SC Magazine) Persistence, consistency, & flexibility are the keys to driving security strategy in smaller enterprises. They must also be consistent about strategy & the next steps that need to be taken to improve security maturity.
Phishing attacks are a complex problem that requires layered solutions (Help Net Security) Most cyber attacks start with a social engineering attempt and, most often that not, it takes the form of a phishing email.
Here's where U.S. cyber warriors are working to protect against election threats (CBS News) CBS goes inside new NSA facility in Maryland where U.S. personnel work to head off election threats 24 hours a day, seven days a week, 365 days a year
How the Air Force upgraded cyber testing for weapons systems (FCW) Air Force Materiel Command's 96th Test Wing is modernizing the way the service tests weapons systems for cybersecurity vulnerabilities.
For secure communications in the Arctic, the military can now use this satellite (C4ISRNET) The Enhanced Polar System is now fully available to the military, ensuring highly secure military communications are available in the polar region.
U.S. Transportation Command recognized by the National Security Agency for setting the standard in securing, safeguarding, and strengthening its cyber infrastructure (DVIDS) Cyber professionals serving with U.S. Transportation Command epitomize the overarching message of this year’s National Cybersecurity Awareness Month, observed in October, of Own IT, Secure IT, Protect IT.
Design and Innovation
What happens when the military holds a ‘con’ (Fifth Domain) Despite the fact most of the “hackers” attending the conference were all members of the military, it was difficult to discern who was a uniformed member of the service and who wasn’t.
BBC News launches 'dark web' mirror (BBC News) In a bid to thwart censorship attempts, the BBC News website is now available via Tor.
U-M researchers invent technology that scans the internet; now Google is a client (WDIV) To scan the internet sounds like a dizzying, if not impossible, task. But one team of researchers at the University of Michigan figured it out within hours.
Research and Development
China Has ‘Concerning’ Leads Over U.S. in Tech, Defense Department Official Says (Wall Street Journal) The U.S. is trailing China in numerous critical technologies, making the role of the private tech sector more important than ever to American national and economic security, a Defense Department official said.
Google researchers train AI to recognise smells based on molecular structure (Computing) Google researchers used a data set of about 5,000 molecules, identified and described by perfume makers, as a benchmark for their experiment.
IBM tears into Google’s ‘quantum supremacy’ claim (Naked Security) Is ‘quantum supremacy’ the moment that the rarefied world of quantum computing finally enters popular consciousness? Probably not.
Legislation, Policy, and Regulation
Russia Will Test Its Ability to Disconnect from the Internet (Defense One) The nascent RuNet is meant to allow the country to survive an attack — and Putin to monitor and control the population.
Russia’s Domestic Internet Is a Threat to the Global Internet (Slate Magazine) A planned disconnection test signifies the Russian government’s commitment to technological sovereignty.
France’s Military Cyber Strategy – Paris Adds Its Two Cents to Cyber Warfare (LinkedIn) Earlier this year, France announced its new Military Cyber Strategy, which addresses both defensive cyber warfare and public elements for military cyber warfare. Collectively, these two pieces put forth France’s official position on offensive and defensive cyber warfare.
China Focus: Experts call for joint efforts to build a safer cyberspace
(Xinhua) Though the Internet has brought unprecedented convenience to human society and pushes the mode of production to change, experts have called for joint efforts to tackle challenges and risks in cybersecurity to build a safer cyberspace.
Czechs unlikely to differ from Germany on Huawei approach: minister (Reuters) The Czech Republic is likely to follow the approach of Germany and other neighbo...
Trump Officials Battle Over Plan to Keep Technology Out of Chinese Hands (New York Times) The administration is split over restrictions on exporting sensitive technologies that are vital to protecting national security.
Facial recognition laws go well beyond security (Australian Financial Review) The Morrison government's scuttled facial recognition laws would have gone well beyond combating identify theft and national security threats.
Why Brazil’s data law will boost cybersecurity (BNamericas.com) Although still underdeveloped, the segment is expected to grow quickly, as companies will be financially liable for ensuring the protection of consumers' personal...
Exclusive: White House cyber memo warns of new network risks (Axios) The "White House is posturing itself to be electronically compromised once again."
Rethinking Encryption (Lawfare) All public safety officials should think of protecting the cybersecurity of the United States as an essential part of their core mission to protect the American people and uphold the Constitution. In order to do that effectively, they should deal with reality and embrace encryption.
Comcast Is Lobbying Against Encryption That Could Prevent it From Learning Your Browsing History (Vice) Motherboard has obtained a leaked presentation internet service providers are using to try and lobby lawmakers against a form of encrypted browsing data.
Rogers warns on 'stovepiped' cybersecurity (FCW) The ranking member of the House Homeland Security Committee said agencies should be coordinating their cybersecurity efforts under CISA's direction and leadership.
New laws alone won’t be enough to protect government devices (Fifth Domain) Government security managers will need to do more than rely on new legislation to bolster the security of connected devices.
Inside the U.S. Cyber Army (Vice) In 2019, the American war machine doesn’t simply need soldiers, helicopters, or F-22s. It also needs hackers.
The Navy’s plan to stop being ‘woefully behind’ in cyber (Fifth Domain) The Navy secretary wants the service to ensure it can conduct routine business despite cyberthreats.
Litigation, Investigation, and Law Enforcement
Google to begin publishing government requests for Cloud Platform and G Suite data (VentureBeat) In a blog post, Google said it would soon begin publishing government requests for Google Cloud Platform and G Suite data.
Series of failures behind Boeing Lion Air crash (BBC News) Investigators found faults by Boeing, Lion Air and the pilots led to the crash, which killed 189 people.
Senators Ask FTC to Investigate Amazon Over Capital One Hack (Wall Street Journal) Democratic senators are asking the Federal Trade Commission to investigate Amazon over concerns the company ignored security warnings about a vulnerability that enabled the hack of Capital One customer data in one of the biggest-ever heists of such banking records.
Sens. Warren and Wyden urge FTC to investigate Amazon's role in Capital One hack (CNBC) Democratic Sens. Ron Wyden and Elizabeth Warren are now urging the Federal Trade Commission to investigate whether Amazon's failure to secure the servers it rented to Capital One violated federal law.
TikTok raises national security concerns in Congress as Schumer, Cotton ask for federal review (Washington Post) Senate Minority Leader Chuck Schumer and Republican Sen. Tom Cotton asked U.S. intelligence officials to probe TikTok, expressing fears that the Chinese-owned social-networking app poses "national security risks."
Senate Democrat urges review of DHS's handling of personal information (TheHill) Sen. Maggie Hassan (D-N.H.) is asking the Government Accountability Office (GAO) to review Department of Homeland Security (DHS) policies for sharing Americans' personal information with contractors, citing recent data breaches that exposed the information.
Swedish police cleared to deploy spyware against crime suspects (ZDNet) Spyware should be able to turn on device cameras and microphones, get encrypted chat logs.
AT&T Faces New $1.8 Million Lawsuit Over Sim Hijacking Attack (Vice) Neither carriers nor the FCC are doing enough to protect consumers from the rise of such attacks.
US to release Russian 'agent' Maria Butina from prison (Al Jazeera) Gun advocate who built network of Republican contacts before spying arrest is expected in Russia within days.
Ukraine police detain suspected hacker wanted by United States (Reuters) Police in Ukraine said on Friday they had detained a foreigner wanted in the Uni...