Cyber Attacks, Threats, and Vulnerabilities
"Locky" ransomware: What you need to know (Naked Security) "Locky" feels like quite a cheery-sounding name
KnowBe4 Warns about New Ransomware Hidden in Word Docs (Benzinga) New "Locky" ransomware is loaded with professional grade malware
Dridex botnet alive and well, now also spreading ransomware (Help Net Security) Last October's disruption of the Dridex botnet by UK and US law enforcement agencies and the arrest of a Moldovan bot master have not lead to the death of the botnet
New ransomware comes with Live Chat feature, somewhat useless uninstaller (Graham Cluely) Researchers have spotted some new ransomware that comes with a Live Chat feature and a somewhat useless uninstaller program
PadCrypt: The first ransomware with Live Support Chat and an Uninstaller (Bleeping Computer) A new ransomware was discovered by @abuse.ch and further analyzed by MalwareHunterTeam called PadCrypt that offers for the first time a live support chat feature and an uninstaller for its victims
Virtual extortion a big business for cyber criminals (CNBC) Extortion, one of the oldest tricks in the criminal bag, is wreaking havoc in the brave new digital world — and generating lots of money for cyber crooks
44% of ransomware victims in the UK have paid to recover their data (SC Magazine) A Bitdefender global study with respondents from the UK, the US, France, Germany, Denmark and Romania was conducted by iSense Solutions to discover what motivates victims to pay ransoms and how much they value their data
Los Angeles hospital paid $17,000 ransom in Bitcoin after cyber-attack (Raw Story) The president of Hollywood Presbyterian Medical Center said on Wednesday that his hospital paid hackers a ransom of $17,000 in bitcoins to regain control of their computer systems after a cyber attack
Hospital hack reveals digital risk in medical world (San Francisco Chronicle) A Southern California hospital fell victim to hackers last week — offering a glimpse at one of many digital threats facing health care
Backdoor in MVPower DVR Firmware Sends CCTV Stills to an Email Address in China (Softpedia) Firmware developer pulls project off GitHub when confronted
Malvertising campaign used Wajam browser extension to infect PCs (Graham Cluley) Researchers recently spotted a malvertising campaign that used the Wajam browser add-on to redirect users to the Angler exploit kit
Angler exploit kit generated by "admedia" gates (Internet Storm Center) On 2016-02-01, the Sucuri blog reported a spike in compromised WordPress sites generating hidden iframes with malicious URLs
Researchers leak phony data on dark web to track journey (SC Magazine) Researchers at Bitglass leaked the digital identity of a fictional bank employee on the dark web as part of its "Where's Your Data: Project Cumulus" experiment to help organizations understand what happens to sensitive data once it's stolen
What happens when Google Doc credentials are leaked on the Dark Web (IDG via CSO) Guess what? People start looking at your documents
Password cracking attacks on Bitcoin wallets net $103,000 (Ars Technica) "Active attacker community" often emptied accounts minutes after they went live
Seculert's Research Finds Critical Gaps in Leading Secure Web Gateways (MarketWired) Leading gateways allowed more than 40 percent of attempted malicious communication to succeed
VA sees massive drop for intrusion attempts in January (FierceGovernmentIT) The number of intrusion attempts blocked by the Veterans Affairs Department dropped drastically last month, from 181.1 million in December to 76.5 million in January
University of Greenwich exposes student data in major web gaffe (V3) The University of Greenwich has admitted that hundreds of students' names, addresses, signatures, dates of birth and mobile phone numbers were uploaded to its public website, making them discoverable via a Google search
The end of the line for Flash? Not so fast (Digital Guardian) Flash has long been a favorite target for attackers; but with Adobe revising strategy, how long before Flash-free is a reality?
Attackers Favor Old Exploits, Mobile Apps (eSecurity Planet) HPE's latest Cyber Risk Report finds a shift toward attackers targeting applications, especially mobile ones
ICIT Report: Know Your Enemies 2.0 — The Encyclopedia of the Most Prominent Hacktivists, Nation State and Mercenary Hackers (ICIT) Every device and network attached to the IoT possesses, within itself, a universe of vulnerabilities
Security Patches, Mitigations, and Software Updates
WordPress joins movement toward HTTPS encryption (Christian Science Monitor Passcode) Popular blogging platform WordPress is the latest in a growing number of sites that are enabling website encryption to protect their users
Instagram Adds Two-Step Authetication to Fight Account Hacking (Hot for Security) Facebook-owned Instagram started implementing the two-step authetication security feature to help prevent account hacking
Xen Project Explains Patch Snafu (Threatpost) Xen Project dropped the ball on two important security patches when it released a maintenance update for its popular hypervisor software on Tuesday
Cyber Trends
Spear Phishing Incident Average Cost is $1.6M (Infosecurity Magazine) Spear phishing has become an endemic scourge: 95% of US and 83% of UK respondents in a recent Cloudmark survey said that they have experienced spear phishing attacks (91% combined)
Cyber risks evolving to hit less traditional targets (Business Insurance) Last year was the year of collateral damage with respect to cyber risks with attacks touching people "who never dreamed they might be involved in a security breach," says Hewlett-Packard Co. in a report issued Wednesday
Marketplace
Cyber security seen climbing up corporate priority lists as danger escalates (Radio Praha) Cyber security is a significant issue now for governments and companies, and will becoming increasingly so for firms as they have to meet legal demands that they act fast and flag up attacks that could have far reaching consequences
2 Cyber Security Stocks You Should Buy (Guru Focus) Investors can buy beaten-down FireEye and Palo Alto Networks to profit from the booming cyber security industry
Who Gets Called In When a Company Is Hacked? (Motley Fool) A look at how one of the major players in the cybersecurity space handles threats and what it's done to set itself far apart from the competition
CyberArk Continues To Do What It Does Best, Opportunity Arises (Seeking Alpha) CyberArk handily beat analysts' 4Q15 estimates on both the top and bottom line, exceeding even my estimates
Nice-Systems Ltd (NICE) Increases Dividend to $0.16 Per Share (FInancial Market News) Nice-Systems Ltd (NASDAQ:NICE) declared a dividend on Thursday, February 11th, MarketBeat.com reports
Security startups vie for honors in RSA Innovation Sandbox (TechTarget) The RSA 2016 Innovation Sandbox competition highlights the top security startups, but only one will be awarded title of 'RSA Conference 2016's Most Innovative Startup'
ZeroFOX Strengthens Executive Team to Support Global Growth (ZeroFOX) Tim Bender, formerly at Motionsoft and Vocus, will serve as CFO, and Gabe Goldhirsh, formerly of Synerjent Ventures and Hexis Cyber Solutions, will serve as Vice President of Worldwide Services
Products, Services, and Solutions
CloudLock and FireEye Partner to Deliver Integrated CASB Cloud and On-Premise Security Intelligence (MarketWired) Solution combines CloudLock's Cloud Access Security Broker with FireEye's Security Data Analytics and Threat Intelligence for integrated orchestration against data breaches and cyber attacks
FAIR Institute Formed to Help Manage Information Security and Operational Risk from the Business Perspective (BusinessWire) A new expert forum to help information risk, cybersecurity and business executives collaborate on the development and sharing of industry-leading best practices for quantifying and managing information risk
DB Networks launches Layer 7 Database Sensor (Help Net Security) DB Networks introduced a product that provides OEM partners with real-time deep protocol analysis of database traffic
Akamai launches 'Akamai Bot Manager' for better Bot Management (Express Computer) Akamai claims 'Akamai Bot Manager' is designed to allow true management of bots vs. detection and blocking only
Cloud Security Gets a Boost From Deep Learning (Enterprise Tech) A range of new cyber security approaches is emerging that seek to shield cloud applications from attack
Exabeam Launches Threat Hunter to Root Out Cybercriminals on Corporate Networks (MarketWired) Behavioral search solution empowers any security professional to identify and stop cybercriminals
Security Startup Provider buguroo Launches New Threat Intelligence Platform (App Developer Magazine) Security provider buguroo, a U.S. startup and spinoff of Deloitte's European Security Operations Center (SOC), is launching bugThreats, a threat intelligence platform (TIP) that looks outside the enterprise infrastructure and focuses on useful intelligence gathered where the compromised end users, and their stolen data, are
ProtectWise Expands Capabilities Of Enterprise Security Platform With Next Generation, Deep File Analysis Solution (PR Newswire) ProtectWise File DVR is the industry's only automated retrospective file analysis solution
Radware, partenaire de Cisco pour l'intégration de solution de mitigation des attaques DDoS (Global Security Mag) Les récentes attaques de la banque HSBC au Royaume-Unis ou de l'ANSSI en France ont démontré l'importance de considérer les attaques DDoS dans l'élaboration d'un système de sécurité informatique
Zimperium Adds Self-Protecting Apps To Its Mobile Security Solution Platform (PR Newswire) 3.0 Mobile Threat Protection Suite introduces expanded protection, detection and remediation capabilities for iOS and Android
BitSight Announces BitSight Discover, A New Solution Designed to Automatically Map Risks Associated with Fourth Party Connections (PR Newswire) Security ratings company expands product suite with BitSight Discover for risk aggregation aimed at cyber insurers
Comparing the top big data security analytics tools (TechTarget) Expert Dan Sullivan compares how the top-rated big data security analytics tools measure up against each other to help you select the right one for your organization
Technologies, Techniques, and Standards
Coming Together in the Cloud: A 'Cloud Security Doctrine' for Law Firms (Legaltech News) When it comes to the cloud, the LCCA believes there should be standards for meeting the legal industry's 'unique security and confidential' needs
How is cryptography incorporated into PoS terminals? (We Live Security) When analyzing the security of PoS (Point of Sale) applications, we have to take into account the necessary involvement of magnetic stripes and cardholder data, which is extremely sensitive information, both for the holder and the financial institution that issued it
Threat Intelligence and SIEM (Part 3) — Combining for Better Security (Recorded Future) Previously, in part one and part two of this series, I explained how threat intelligence (TI) provides defenders better insight into the type of malware, delivery mechanisms, exploits, and overall situational awareness of threats and attack strategies faced by other companies
Academia
NSA to Kick Off National "Day of Cyber" at RSA 2016 (MarketWired) 2 million students to begin their cyber career LifeJourney
Legislation, Policy, and Regulation
Public companies should be obliged to report cyber attacks says security expert (Stuff) Publicly-listed companies should be obliged to report if they have fallen victim to cyber-attacks, such as ransomware attacks, says a visiting security expert
Israel prepares cyber battle against Pro-Palestinian boycott (Fox News) Israel is using its world-leading expertise in cyber security to take on the growing threat of the global pro-Palestinian movement to boycott Israel
HMRC to move away from 'dangerous dependency' on legacy mainframe operating systems in new IT strategy (Computing) HM Revenue & Customs (HMRC) has released an IT strategy document outlining its plans to move away from what it calls a "dangerous dependency on legacy mainframe operating systems"
Kerry enlists Hollywood's help to counter ISIS's messaging (The Hill) Secretary of State John Kerry enlisted the help of Hollywood studio executives in the fight against the Islamic State in Iraq and Syria (ISIS) during a meeting in Los Angeles this week
Twitter's takedown of ISIS accounts still unsatisfactory (CSO) The recent announcement that Twitter has taken down 125,000 counts in the last six or so months sounded like they are making substantial gains in stopping ISIS recruitment, fundraising, and planning efforts
ISIS's Twitter Campaign Faltering Amid Corruption (Newsweek) The success of the Islamic State militant group (ISIS) at spreading its English-language radical Islamist propaganda on Twitter is faltering, as the social media platform continues its crackdown on jihadi accounts, according to a new report released Thursday
NSA's director says Paris attacks "would not have happened" without crypto (Ars Technica) Tells Yahoo News encryption prevented "insights" that could have raised alarms
Opinion: Why cybersecurity needs a grass-roots solution (Christian Science Monitor Passcode) President Obama's Cybersecurity National Action Plan rightly aims to make digital security a higher priority. But Washington needs to work more with states and cities to boost awareness of cyberthreats and the adoption of best practices
See Something Suspicious Online? Homeland Security Wants to Know About It (Nextgov) The Department of Homeland Security wants an extra $1 million next year to develop a public-service campaign designed to increase awareness of online threats
DHS releases initial guidelines for cyber threat info-sharing (Federal Times) The Department of Homeland Security is moving forward with the biggest piece of cybersecurity legislation passed last year, issuing preliminary guidance on how the private sector and government will communicate threat data as part of the Cybersecurity Information Sharing Act
DHS touches nearly every aspect of Cybersecurity National Action Plan, says Johnson (FierceGovernmentIT) Almost every directive under the Cybersecurity National Action Plan, which the president announced last week, involves the Homeland Security Department in some way, said DHS Secretary Jeh Johnson
Obama Creates Cyber Panel, Says Long-Term Vigilance Needed (ABC News) President Barack Obama on Wednesday appointed his former national security adviser, Tom Donilon, to lead a new commission on cybersecurity that will make detailed recommendations on how the nation should better protect itself against computer attacks
Ex-White House aide and ex-IBM CEO to head cyber security panel (Reuters) Former White House national security adviser Tom Donilon and former IBM chief executive Sam Palmisano will lead a new commission to strengthen U.S. cyber defenses over the next decade, the White House said on Wednesday
DHS Official: US Digital Service Not Only a Fix-It Team (Nextgov) The White House's digital services team earned heaps of publicity after rushing to fix the botched Healthcare.gov roll-out, but its mission isn't necessarily to "fix broken things in government," according to one senior official
Broadband Industry Getting Nervous That The FCC Might Actually Protect User Privacy (Tech Dirt) Back in 2008, Verizon proclaimed that broadband services didn't need additional consumer privacy protections because "public shame" would keep the broadband industry honest
DoD revising job descriptions for all its IT personnel, adding cyber responsibilities (Federal News Radio) The Defense Department is in the midst of an ambitious effort to redefine the work roles, job descriptions, qualification standards and training requirements of all of its information technology personnel
Litigation, Investigation, and Law Enforcement
White House: FBI is not asking Apple for a 'backdoor' to the iPhone (CSO) The White House said it is not the aim of the government to compromise the security of Apple's iPhone, as it only wants the company to help in the case of one phone that was used by a terrorist in the San Bernardino, California attack on Dec. 2
Apple Fights Order to Unlock San Bernardino Gunman's iPhone (New York Times) Apple said on Wednesday that it would oppose and challenge a federal court order to help the F.B.I. unlock an iPhone used by one of the two attackers who killed 14 people in San Bernardino, Calif., in December
Why Apple is battling investigators over San Bernardino terrorists' iPhone (Los Angeles Times) Apple Inc. CEO Tim Cook's stand against having his firm help unlock encrypted data on the San Bernardino shooters' cellphone is part of a larger battle between the federal government and Silicon Valley
Apple Slams Order to Hack a Killer's iPhone, Inflaming Encryption Debate (Intercept) Apple CEO Tim Cook's open letter defying a court order to hack into an iPhone — and asking for an open discussion about data privacy — has dramatized and widened the debate over encryption as never before
Apple Unlocked iPhones for the Feds 70 Times Before (Daily Beast) A 2015 court case shows that the tech giant has been willing to play ball with the government before — and is only stopping now because it might "tarnish the Apple brand"
Apple can comply with the FBI court order (Trail of Bits Blog) Earlier today, a federal judge ordered Apple to comply with the FBI's request for technical assistance in the recovery of the San Bernardino gunmen's iPhone 5C
Apple Responds To Order To Help Decrypt Phone, As More Details Come To Light (Tech Dirt) Last night, we wrote about a judge's order commanding Apple to help the FBI effectively decrypt the contents of Syed Farook's iPhone 5C
Why Tim Cook is right to call court-ordered iPhone hack a "backdoor" (Ars Technica) Custom version of iOS could undo years of work Apple put into securing iPhones
How Apple will fight the DOJ in iPhone backdoor crypto case (Ars Technica) US government's position stands or falls on the All Writs Act of 1789
Apple's opposition to FBI request sets stage for broader fight over encryption (Christian Science Monitor Passcode) Security and privacy experts say a lot is riding on the outcome of a federal court order to bypass security functions on an iPhone used by one of the San Bernardino shooters, which would require Apple to build what CEO Tim Cook calls a 'dangerous' backdoor
The FBI's attack on Apple could force Congress to rule on encryption (Verge) A federal court is ordering Apple to break the security of its products by building a backdoor into one of its devices — an iPhone 5C belonging to one of the San Bernardino shooters
Apple hack order potential tipping point in privacy vs. security battle (Washington Times) A seminal showdown in the long-running fight over government access to private communication is brewing over the judicial order to compel tech giant Apple to help the FBI hack the cellphone of one of the San Bernardino jihadis
Ex-NSA, CIA chief Michael Hayden sides with Apple in FBI iPhone encryption fight (The Week) Apple and the U.S. government are gearing up for a public and legal battle over FBI Director James Comey's demand that Apple give the FBI a tool to break the passcode on San Bernardino shooter Syed Farook's iPhone, a tool Apple argues create a "backdoor" around the iPhone's security, putting customer privacy and safety at risk and setting a dangerous precedent in the U.S. and abroad
Google and Microsoft back Apple in iPhone encryption case with US government (V3) Google and Microsoft have come out in defence of Apple in response to demands from the US government that it unlock an iPhone belonging to one of the gunmen in the San Bernardino terrorist attack
Edward Snowden, Sundar Pichai back Apple in fight over iPhone (USA Today) Former National Security Agency contractor Edward Snowden has backed Apple's refusal to comply with a federal court order to help the FBI unlock an iPhone used by one of the assailants in the mass shootings in San Bernardino, Calif., in December
Apple's Noble Stand Against the FBI Is Also Great Business (Wired) Apple CEO Tim Cook has vowed to fight a court order demanding that the company help the FBI unlock the iPhone belonging to one of the San Bernardino shooters. The move is, to say the least, polarizing
The Hubris of Hacking the FBI (eWeek) Hackers who have the audacity to taunt American law enforcement should beware that the long arm of justice will find them — and fast
Russian bank licences revoked for using hackers to withdraw funds (SC Magazine) Russian banks have had licences revoked after being suspected of direct participation in using hackers or blaming cyber-attacks to withdraw funds illegally
Cary brothers charged in Wake Tech cyber attack (WRAL) Two brothers have been charged in connection with a cyber attack that shut down the Wake Technical Community College's computer system for several days last year
