Cyber Attacks, Threats, and Vulnerabilities
Nemstov's allies suspect cyber attack as online access to his report disrupted (Newsweek) Online access to Kremlin-critic Boris Nemtsov's report, detailing Russian military presence in Ukraine has been heavily disrupted on its first day of publications, as Nemtsov's allies suspect it has been the subject of a cyber attack
APT28 Targets Financial markets: zero day hashes released (root9B) "In the last year alone Russian hackers have reportedly stolen up to 900 million dollars from banks around the world." Cybersecurity experts are increasingly concerned about the threat posed by Russian hacking groups
ISIS Hackers Hovering Cyber-Attacks, Warning 'Electronic War' On US, Europe (HackRead) In a video released on Monday, Hackers linked with the Islamic State group ISIS are intimidating a chain of cyber-attacks in the United States and Europe
Nashville News ISIS supporters hack Nashville music venue website (Nashville Sun Times) The website for Douglas Corner Cafe, a popular music venue in Nashville, was hacked by ISIS supporters who displayed their love for jihad, Monday morning
NSA: ISIS ideology 'resonating' with Americans (WMUR 9 ABC) Group's ability to recruit online is increasing, head of agency says
President Of Kenya Website Hacked By Indonesian Hackers (HackRead) On 11th May 2015, the President of Kenya (Uhuru Kenyatta) website was hacked where its homepage was replaced by hackers with one of their own — The group behind this hack is an Indonesian based Gantengers Crew
Mystery botnet hijacks broadband routers to offer DDoS-for-hire (TechWorld) Incapsula detects 40,000-node botnet exploiting poorly-configured Ubiquiti routers. A rival hacker group to the infamous Lizard Squad has been discovered quietly using a previously unknown global botnet of compromised broadband routers to carry out DDoS and Man-in-the-Middle (MitM) attack
Researchers uncover "self-sustaining" botnets of poorly secured routers (Ars Technica) Home and small office devices are free for the taking, ensuring follow-on hacks
Default Credentials Lead to Massive DDOS-for-Hire Botnet (Threatpost) Tens of thousands of home and office-based routers have been hijacked over the last several months to form a botnet used to stage a DDoS campaign
Anonymous-tied DDoS botnet shows insecure routers are legion (IDG via CSO) Tens of thousands of home routers have been infected with malware, and are being used by hackers to launch distributed denial-of-service (DDoS) attacks, including by the hacktivist group Anonymous
VENOM Zero-Day May Affect Thousands Of Cloud, Virtualization Products (Dark Reading) Critical vulnerability in the open-source QEMU hypervisor lets attackers break out of a virtual machine, execute code on a host machine and access all the other VMs on the host
Significant virtual machine vulnerability has been hiding in floppy disk code for 11 years (CSO) CrowdStrike researchers announced this morning that they have discovered a buffer overlow vulnerability in many of today's most popular virtual machine platforms
Dropbox Users Hit With 'Urgent, Highly Confidential' Docs Download Phishing Scam (HackRead) Dropbox users beware — Cyber criminals are targeting Dropbox users with a fake email, asking them to click on a link to download urgent and highly confidential documents
The discovery of Apache ZooKeeper's poison packet (Ars Technica) How PagerDuty found four different bugs
Recent Dridex activity (Internet Storm Center) Botnet-based Dridex malspam is like the Energizer Bunny. It just won't quit. We see it almost every day
Bublik Trojan — Variant Evolves with New Features (iSIGHT Partners) iSIGHT Partners has been tracking the development of the Bublik downloader trojan and recently discovered a new variant with more complex features - See more at: http://www.isightpartners.com/2015/05/bublik-trojan-variant-evolves-with-new-features/#sthash.XxnZjzwa.dpuf
Angler EK pushes unnamed ransomware (Help Net Security) Malware distribution campaigns based using the popular Angler exploit kit continue delivering different types of ransomware
Glasgow choir and Winchester music festival hit by 'unique' cyber-attack (SC Magazine) The Glasgow Contemporary Choir and the Blissfields music festival near Winchester are among the innocent victims of what's being described as a 'unique' attack on WordPress-powered websites
Starbucks still grappling with fraud in online accounts, gift cards (IDG via CSO) Starbucks is still grappling with fraud involving its customers' online accounts and gift cards, with some victims seeing hundreds of dollars stolen
Jamie Oliver doesn't care that he gave you malware (Graham Cluley) Well, here's news that will surprise absolutely no-one
Hackers Charge $90 To Hack Gmail, $200 To $350 For Facebook, WhatsApp (HackRead) Can you believe there are several online forums who actually claim to provide hackers in case you want to get someone's Website, Facebook, Gmail, WhatsApp, Netflix etc hacked?
Cyber extortionists are hitting hedge funds (Help Net Security) Hedge funds are increasingly targeted by cyber extortionists, John Carlin, US Assistant Attorney General for National Security, has warned the audience at the SALT hedge fund conference held last week in Las Vegas
Google admits Hangouts doesn't use end-to-end encryption, opening the door for government wiretaps (ITWorld) This puts Hangouts a couple of steps behind rival platforms like iMessage, which offers more vigorous security
Security Patches, Mitigations, and Software Updates
Adobe, Microsoft Push Critical Security Fixes (KrebsOnSecurity) Microsoft today issued 13 patch bundles to fix roughly four dozen security vulnerabilities in Windows and associated software. Separately, Adobe pushed updates to fix a slew of critical flaws in its Flash Player and Adobe Air software, as well as patches to fix holes in Adobe Reader and Acrobat
Adobe Unleashes Big Updates for Flash, Reader, Acrobat (Threatpost) Adobe today released sizable updates for Flash Player, Reader and Acrobat, patching 18 and 34 vulnerabilities respectively in the software
Security updates available for Adobe Flash Player (Adobe Security Bulletin) Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe recommends users update their product installations to the latest version
Security Updates available for Adobe Reader and Acrobat (Adobe Security Bulletin) Adobe has released security updates for Adobe Reader and Acrobat for Windows and Macintosh. These updates address vulnerabilities that could potentially allow an attacker to take over the affected system. Adobe recommends users update their product installations to the latest versions
Microsoft Patches Remote Code Execution Bugs in IE, Font Drivers, Windows Journal (Threatpost) Patch Tuesday as we know it may be on its last legs, but it's certainly not going quietly
Microsoft Security Bulletin Summary for May 2015 (Microsoft Security TechCenter) This bulletin summary lists security bulletins released for May 2015
May 2015 Patch Tuesday isn't all about critical patches, experts say (TechTarget) Microsoft's May 2015 Patch Tuesday has made 2015 this biggest year for patches through the first five months and is highlighted by two non-critical patches, according to experts
Mozilla Patches 13 Vulnerabilities With Release of Firefox 38 (SecurityWeek) Firefox 38 was made available for download on Tuesday. Mozilla has addressed a total of 13 vulnerabilities in the latest version of its web browser, including five critical security bugs
Security Advisories for Firefox (Mozilla) The latest security updates will be delivered to most users automatically. Users who have turned off automatic updates can use the "Check for Updates…" item on the Help menu. If the menu item is disabled your account does not have sufficient privileges to update Firefox--contact the person who installed Firefox on your machine. Additional help is also available through our Community Support site
Security Advisories for Firefox ESR (Mozilla Foundation) The latest security updates will be delivered to most users automatically. Users who have turned off automatic updates can use the "Check for Updates…" item on the Help menu. If the menu item is disabled your account does not have sufficient privileges to update Firefox--contact the person who installed Firefox on your machine. Additional help is also available through our Community Support site
Security Advisories for Thunderbird (Mozilla Foundation) The latest security updates will be delivered to most users automatically. Users who have turned off automatic updates can use the "Check for Updates…" item on the Help menu. If the menu item is disabled your account does not have sufficient privileges to update Firefox--contact the person who installed Firefox on your machine. Additional help is also available through our Community Support site
Cyber Trends
Announcing the 2015 NTT Global Threat Intelligence Report (Solutionary) Interactive report based on analysis of over six billion attacks in 2014
Aon & Ponemon say cyberrisk to sky rocket over next 5 years (Actuarial Post) The 2015 Global Cyber Impact Report, released today by the Ponemon Institute, a leading research firm on privacy, data protection and information security, and sponsored by Aon plc found that information technology assets are 39 percent more exposed than property assets on a relative value to insurance protection basis
A former top Canadian spy told us about 4 huge cyber threats that are emerging (Business Insider Australia) Technology researchers estimate that anywhere from 25-50 billion devices, or more than three for every person on the planet, will be connected to the internet by the end of 2020
Time for a new approach to IT security? (Channelweb) It's no longer about stopping the bad guys getting in, but instead accepting you'll be compromised and working out what to do next. Traditional preventative controls such as firewalls and AV are old hat. Or at least that's what the big vendors and analysts — both of whom are trying to punt their latest wares — would have us believe
Why smart cities need to get wise to security — and fast (Guardian) As cities become more connected, their systems — from traffic lights to utilities meters — are increasingly open to hackers, say experts
Is Homegrown Cybercrime The Next Big UK Security Threat? (TechWeek Europe) ThreatMetrix report finds that nearly three-quarters of cyber-attacks come from inside the UK
Data breaches 'will cost $2.1 trillion by 2019' (IT Pro) Juniper Research warns costs will hurt SMBs the most
Marketplace
Cutting Through the RSA Conference Jargon: Cybersecurity Lessons for the C-Suite (Information Security Buzz) Mike Potts, CEO of Lancope, published a blog post reflecting on the recent RSA Conference and how, while once the domain of IT security specialists, cybersecurity is now becoming familiar terrain to C-level execs. Far from being a solely a technical concern, Mike explains that "cybersecurity is finally being recognized as a business discipline that directly impacts an organization's business goals, which is causing the C-Suite to sit up and listen"
Proofpoint Research: Fortune 100 Social Media Accounts Struggle to Comply With Regulations (MarketWatch) Fortune 100 social media analysis highlights FTC, SEC, FFIEC, FINRA and FDA regulatory issues and the need for more dynamic compliance processes
FireEye Earnings: Balancing Demand and Capability (Investopedia) Cybersecurity solutions provider FireEye (NASDAQ: FEYE) is a small player attempting to procure market share in a very sizable market. The company specializes in virtual machine-based threat detection, meaning that it runs software in a simulated environment to assess potential harm to user systems
FireEye up 4.1% on vague Cisco M&A rumor (Seeking Alpha) Unconfirmed market chatter that Cisco has made a $9B bid for FireEye (NASDAQ:FEYE) has led shares of the threat-prevention hardware/software/service provider to spike higher. For reference, FireEye's market cap is currently $6.7B. As Pandora investors can vouch, such rumors often (though not always) prove unfounded
Revenge hacking and the IT skills drought: An interview with FireEye's CIO (V3) FireEye chief information officer Julie CullivanFew security firms have hit the headlines as regularly as FireEye over the past year
KEYW Holding: Everything Is Even Worse Than We Expected Except The Share Price (Seeking Alpha) Management could have issued equity but did a convert instead. This will come back to bite them as KEYW should end this year around 20x levered. Check our math on this. 2015 Hexis revenue guidance has gone from $75MM to $20-25MM. Why do people still trust these guys?
What Cybersecurity and Studying the Torah Have in Common (Slate) There's a good reason a major company just launched a cybersecurity yeshiva
Fidelis Cybersecurity Expands Advanced Threat Defense to the Endpoint with Acquisition of Resolution1 Security (BusinessWire) Fidelis Cybersecurity meets challenges of rapidly evolving threat landscape through acquisition of Resolution1
Security tech firm Digital Guardian makes second acquisition (Boston Business Journal) Waltham-based security software firm Digital Guardian has made its second acquisition, of a New Hampshire company that specializes in protecting data across mobile devices and in the cloud
MACH37 Cyber Accelerator accepting applications for fall 2015 session (Augusta Free Press) The MACH37™ Cyber Accelerator has officially announced it will begin accepting applications from information security startups and security entrepreneurs for its Fall 2015 (F15) Cohort beginning September 8. The MACH37™ program consists of an intense 90-day program in which the selected startups are coached in all aspects of creating a sustainable and successful business
Northrop to Maintain UK Forensic, Biometric Software (ExecutiveBiz) Northrop Grumman Corp. has been selected to maintain and operate forensic and biometric software used by the U.K.'s Home Office under a two-year, $45.1 million re-compete contract award
DHS Interested in Commercial Biometric ID Tech Procurement (Executive Biz) The Department of Homeland Security has issued a request for information on commercial off-the-shelf software applications that can help the agency to match, store, analyze and share biometric information
Technology firm says it is quitting the UK because of government internet surveillance plans (Graham Cluley) Ind.ie, a British technology firm which is attempting to build a peer-to-peer social network that respects its users' privacy, says it is going to leave the UK
Singapore tackles skills gap in cyber security sector (Asia One) The digital super highway that's coming up in Singapore, as part of the Smart Nation initiative, will allow for many services that will be transformational in nature. There will be instant connectivity, access to information and vital services such as health care
Junior talent fuels growth for rising B.C. tech star Fortinet (Business Vancouver) Employee head count at network security firm founded in Burnaby has ballooned to 550 from 100 since the 2008 recession
Kaspersky Lab Unveils New European Research Centre in London (PR Newswire) New research hub central to providing real-time threat intelligence to customers and partners globally
ThreatTrack Security Expands Operation to New Clearwater Location (PR Newswire) New facility positions local cybersecurity firm for long-term growth in Tampa Bay
Marc Arendt Joins Sevatec as BD, Cyber Services Senior Director (GovConWire) Marc Arendt, formerly director of business development for cybersecurity at Blue Canopy Group, has joined Sevatec as senior director of business development and cyber services
Products, Services, and Solutions
SECUDE Launches First Data Classification Solution Designed for SAP (Digital Journal) SECUDE, an innovative data security provider specializing in security for SAP software, announced today a launch of a new data governance and security solution for SAP customers — Halocore for Data Classification
Intercede teams up with Citrix to deliver strong authentication to Enterprise Mobility Management (Intercede) Intercede's MyID technology allows customers to sign and encrypt email from mobile devices securely using WorxMail
SecureRF Offers Next Generation of Asymmetric Security for the Internet of Things (App Developer Magazine) SecureRF offers a family of Algebraic Eraser public key cryptography cores that offer increased performance while requiring low power and a small footprint. The AE Core is a Diffie-Hellman like authentication protocol that utilizes SecureRF's Algebraic Eraser algorithm, a linear-in-time method, to enable higher levels of security to low resource devices without altering the standard platforms currently in use
EdgeWave Announced Best Product Winner At 3rd Annual Cyber Defense Magazine Awards (PR Newswire) EdgeWave ePrism email security recognized as Messaging Security Best Product
CyberSponse to Utilize Elasticsearch to Organize Data for Incident Response (Sys-Con Media) Elasticsearch Is Integrated Into the CyberSponse Security Operations Platform (CSOP)
AlienVault Collaborates With Intel Security to Expand Enterprise Threat Intelligence Sharing (Virtual Strategy Magazine) Intel Security to integrate AlienVault Open Threat Exchange to enhance real-time, crowd-sourced threat intelligence capabilities for enterprise customers
Vorstack and Flashpoint Team to Boost Threat Intelligence (Top Tech News) Vorstack and Flashpoint partner to deliver actionable threat intelligence from deep and dark web — Vorstack adds Flashpoint's Deep and Dark Web Intelligence to leading threat intelligence platform
OpenDNS first to offer threat intelligence cloud enforcement through APIs (Software Development Times) OpenDNS, a leading provider of cloud-delivered security, today announced that it has opened its enforcement API to all Umbrella Platform customers. This API automatically turns the threat intelligence generated by customers' own security and incident response teams into threat prevention, providing real-time protection for users and devices anywhere in the world. OpenDNS is the first cloud-delivered security provider to enforce threat intelligence through APIs and to provide an open, interoperable platform to its customers
Cool Vendor to Provide ARTIK Security (MobileIDWorld) Sansa Security has announced that it's going to support Samsung's new ARTIK platform. Sansa Client, the company's device-focused software stack, is going to be integrated into the ARTIK silicon in order to provide end-to-end security
Ravello launches networking and security Smart Labs on AWS and Google Cloud (Software Development Times) Ravello Systems, the world's leading nested virtualization company, today launched networking and security Smart Labs that have the functionality of data center labs, combined with the elasticity of AWS and Google Cloud
Free, cheap and easy security tools (ChannelWorld) Free, cheap and easy security tools When it comes to detecting, preventing and analyzing information security threats, security teams need all the help they can get
Technologies, Techniques, and Standards
Four Ways to Promote Safer Cyber Security Practices Among Staff (Information Security Buzz) Maintaining online data security is one of the biggest challenges facing businesses — especially as flexible and mobile working now sees employees accessing information from a range of locations
How to Keep Ransomware From Bringing Your Company to its Knees (Tripwire: the State of Security) Many IT administrators struggle to protect their company's server from malware, and one of the most common malicious software that can damage your IT setup is ransomware
How retailers can protect against security breaches (SecurityInfoWatch) When you swipe your card to pay at a store, how safe is your data? According to Symantec, the security of your data varies greatly depending on the sophistication of the payments system of the retailer you’re visiting. Outdated point of sale systems are notoriously insecure and, according to Symantec, are particularly vulnerable due to a lack of encryption and reliance on outdated software
How Random is Random Enough For Cryptography? (EE Times) How can one create a random stream of bits suitable for use in encryption and embed this solution in an FPGA?
Legislation, Policy, and Regulation
Romania turns hacking crisis into advantage, helping Ukraine fight Russian cyber espionage (US News and World Report) Ukraine is turning to an unlikely partner in its struggle to defend itself against Russian cyber warfare: Romania
British Snoops GCHQ Openly Recruiting Hackers As Government Seeks More Surveillance Powers (Forbes) Now that the Conservative Party has secured a majority government in the UK, it's pushing ahead with plans to expand the surveillance state with the Communications Data Bill, also known as Snooper's Charter, which would require communications providers from BT to Facebook to maintain records of customers' internet activity, text messages and voice calls for a year. This may have emboldened GCHQ, the British spy agency and chief NSA partner, which has, for the first time, openly called for applicants to fill the role of Computer Network Operations Specialists, also known as nation-state funded hackers
Venezuela Creates the Joint Staff for Cyber Defense (Global Voices) The Cocuyo Effect website reported that the Defense Ministry of Venezuela created the Joint Staff for Cyber Defense of the Bolivarian National Armed Forces (known in Spanish as FANB)
Let's get physical? United States weighs options when it comes to cyber attacks (Fortune) National Security Agency chief Michael Rogers seeks to ward off hackers in cyberspace
An Obama Plan to Stop Foreign Hackers Has Mixed Results (New York Times) Two years ago, the Obama administration announced a new strategy to curb online espionage
International norms in cyberspace (Today's Zaman) Last month, the Netherlands hosted the Global Conference on Cyberspace 2015, which brought together nearly 2,000 government officials, academics, industry representatives, and others. I chaired a panel on cyber peace and security that included a Microsoft vice president and two foreign ministers. This "multi-stakeholder" conference was the latest in a series of efforts to establish rules of the road to avoid cyber conflict
Pentagon looking for future threats beyond ISIL (USA TODAY) After missing the early stages of the Islamic State's rise into one of the world's most threatening militant groups, the Pentagon has begun a review to help anticipate possible threats beyond the Islamic State, military records show
Cyber Threats WIll Keep Coming if Public and Private Sectors Don't Collaborate, Says DHS Cyber Exec (Nextgov) Public-private partnerships are the key to robust national cybersecurity, according to Peter Fonash, chief technology officer for the Department of Homeland Security's Cybersecurity and Communications Office. Still, they're unlikely to happen until both sectors can communicate better
Rules Committee Sends USA Freedom Act to the House for a Vote, But Blocks Any and All Amendments on the Floor (Electronic Frontier Foundation) The House Rules Committee isn't interested in any amendments, privacy-protective or otherwise, to the NSA reform package
Op-ed: Why the EFF is pulling its support for the USA Freedom Act (Ars Technica) Congress must embrace recent landmark opinion on phone metadata collection limits
Matt Goodrich: FedRAMP Website Updates Key on Info Availability, Statkeholder Education (ExecutiveGov) The General Services Administration emphasized wider availability of information on the FedRAMP cloud computing initiative and user experience with updates to the program's website that went live in March, FedRAMP's director has told Executive Gov
Litigation, Investigation, and Law Enforcement
Whistleblower claims cybersecurity firm hacked clients (We Live Security) In a case that raises serious ethical and legal issues, a U.S. cybersecurity firm is accused by a former employee and whistle blower of hacking into the information systems of potential clients in order to extort potential customers, according to Engadget
US Passport Agency contractor stole applicants' data to steal their identities (Help Net Security) Three women from Houston, Texas, stand accused of engaging in an identity theft scheme in which one of them, a contract employee of the Department of State Passport Agency, was in charge of stealing personally identifiable information of persons applying for a passport
Feds drop case in which cops nailed webcam to utility pole to spy on house (Ars Technica) Pan-and-zoom cam operated 24 hours daily. Footage synced to detective's computer
Woman sues employer for firing her after she disabled 24x7 monitoring app (Naked Security) Myrna Arias, a former sales executive for the money transfer service Intermex, said she had no problem with having her location monitored by a GPS-powered app on her company-issued iPhone
Pizza Hut steganography — hostage embeds hidden message in pizza order (Naked Security) Yesterday, we wrote about an upside to facial recognition