Cyber Attacks, Threats, and Vulnerabilities
United Cyber Caliphate (UCC), formation of a mega hacking group by ISIS (HackRead) Hackers supporting the so-called Islamic State (ISIS) aka Daesh terrorist group have joined hands with other terrorist supporting groups to form a joint team and collectively target the cyberspace in the West. The super hacking unit is labeled United Cyber Caliphate (UCC) – The terrorist group announced this news on their groups on the Telegram messaging app
Why ISIS flow of new recruits has slowed to a trickle (Military Times) The flow of new Islamic State recruits into Iraqi and Syria has slowed dramatically, reflecting a “fracturing in their morale,” a top U.S. general in Baghdad said Tuesday
The US military has a new plan to fight ISIS — and it starts with making the group 'extremely paranoid' (Business Insider) Digital communication and social media are key to the operation of the Islamic State, and the US military now appears poised to counter the group's cybercapabilities
Cyber thieves target bank systems after Bangladesh heist (Financial Times) Cyber thieves who pulled off one of the biggest robberies in history when they raided the Bangladesh central bank in February are now targeting other financial institutions, according to the main group providing interbank transfer messages and a cyber security company investigating the crime
SWIFT Software Hack Details Emerge (PYMNTS) Bad news broke on Monday morning (April 25) for global payments messaging platform SWIFT as BAE Systems released analysis concluding that cyberthieves hacked into SWIFT’s software, causing the $81 million bank heist from the Bangladesh central bank
GozNym Trojan even more sophisticated with a singular redirection mechanism (Open Sources) The cybercriminals behind the GozNym Trojan have started targeting users in European countries with a new singular redirection mechanism. Last week, security experts from the IBM X-Force Research spotted a new threat dubbed GozNym Trojan that combines Gozi ISFB and Nymaim malware abilities
New 'RuMMS' Android Malware Family Infects Smartphones Over SMS In Russia (Tom's Hardware) FireEye, a U.S. network security company, uncovered a new Android malware family infecting smartphones in Russia through SMS phishing
Dogspectus hounds Android devices (Enterprise Times) Android is fast becoming a byword for mobile malware. The latest attack has been detailed by Andrew Brandt, Director of Threat Research, Blue Coat Labs and published in a blog entitled “Towelroot and Leaked Hacking Team Exploits Used to Deliver ‘Dogspectus’ Ransomware to Android Devices”
'Dogspectus' Breaks New Ground For Android Ransomware (Dark Reading) Blue Coat says it's the first Android ransomware that installs without user interaction
Expert Comments on 400 Million Android Devices Vulnerable to Malware (Information Security Buzz) The new Android Security Report shows that 29% of Active Devices are not up to date and therefore are vulnerable to malware. IT security experts from Proofpoint, ESET, MWR Infosecurity and Tripwire provide insight into the problem
Kaspersky Lab: ATMs insecure due to Windows XP and accessible USB ports (Myce) The Russian antivirus vendor Kaspersky Lab reports that ATMs are poorly secured. An important reason is that the majority runs on Windows XP but also because banks sometimes install software like Acrobat Reader 6.0, Radmin and TeamViewer on the machines
Why cybercriminals attack healthcare more than any other industry (Naked Security) Cybercriminals attacked the healthcare industry at a higher rate than any other sector in 2015, and more than 100 million healthcare records were compromised last year, according to a new report published by IBM
Crowdsourcing The Dark Web: A One-Stop Ran$om Shop (Dark Reading) Say hello to Ran$umBin, a new kind of ransom market dedicated to criminals and victims alike
The Growing Sophistication Of Distributed Attacks (Dark Reading) Botnet and DDoS attacks growing more advanced and more crucial than ever to cybercriminal's attack strategies
DDoS Extortionists Make $100,000 Without DDoS Attacks (LIFARS) In a clear indicator of the no-compromising lengths to which companies will venture to protect themselves from service outages via DDoS attacks, it has been revealed that extortionists have made over $100,000 by simply blackmailing organizations with the threat of DDoS attacks, without actually carrying them out
Empty DDoS Threats: Meet the Armada Collective (CloudFlare) Beginning in March 2016, we began hearing reports of a gang of cybercriminals once again calling themselves the Armada Collective. The calling card of the gang was an extortion email sent to a wide variety of online businesses threatening to launch DDoS attacks if they weren't paid in Bitcoin
Qatar National Bank Hacked, 1.4GB Database Leaked (Hack Read) A group of unknown hackers claims to breach the security of Qatar National Bank and leak banking details of Qatari Royal Family, Al Jazeera journalists and MI6 agents.
BeautifulPeople Dating Site, 1.1 Million Users Data for Sale on Dark Web (HackRead) Approximately 1.1 million people suffer data hacks from the dating website BeautifulPeople
The Pirate Bay Malvertising Campaign Pushes Cerber Ransomware (Softpedia) Flash CVE-2016-1019 vulnerability strikes again. Over the weekend, security firms Malwarebytes and RiskIQ spotted malicious ads on The Pirate Bay torrent portal, pushing ransomware and PUP (Potentially Unwanted Software) after redirecting users to a page hosting the Magnitude exploit kit
Facebook Users Hit with ‘irregularities of content’ Phishing Scam (HackRead) Cyber criminals are targeting innocent Facebook users with yet another phishing scam — this time, it’s quite a sophisticated one so watch out!
All About Fraud: How Crooks Get the CVV (KrebsOnSecurity) A longtime reader recently asked: “How do online fraudsters get the 3-digit card verification value (CVV or CVV2) code printed on the back of customer cards if merchants are forbidden from storing this information? The answer: If not via phishing, probably by installing a Web-based keylogger at an online merchant so that all data that customers submit to the site is copied and sent to the attacker’s server
Spotify denies hack; users subjected to weird music beg to differ (Naked Security) Hundreds of Spotify account details have been leaked online, but the Swedish music streamer is telling all to move along, please: nothing to see here and nothing’s been breached
Dutch servers used more in cyber attacks against foreign governments (Netherlands Times) An increasing number of hacker groups and cyber spies make use of Dutch computer servers to attack foreign governments, according to a study done by internet security firm Trend Micro, BNR reports
Bernie Sanders Facebook Pages Shut Down After Porn Cyber Attack (Wrap) Los Angeles-based pro-Clinton group denies involvement
Cruz, Kasich campaign apps under scrutiny over security issues (Fox News) As the Republican presidential contenders battle over who can best protect America, at least two candidates are having trouble protecting potential voters’ personal information on their campaign apps
Security Patches, Mitigations, and Software Updates
Is Microsoft using security patch KB 3146706 to break pirate copies of Windows 7? (InfoWorld) It's not clear whether it’s intentional, but the patch is throwing blue screen error 0x0000006B on Ghost pirate copies of Windows 7
UK PC users making some progress in patching software vulnerabilities, but significant challenges remain (Realwire) Private Microsoft® Windows® users patching their operating systems more diligently – but the same cannot be said of Apple® QuickTime® and Oracle® Java® users
Cyber Trends
Cybercriminals increasingly exploiting human nature (Help Net Security) Cybercriminals are exploiting human nature as they rely on familiar attack patterns such as phishing, and increase their reliance on ransomware, finds the Verizon 2016 Data Breach Investigations Report
DDoS aggression and the evolution of IoT risks (Help Net Security) Few organizations globally are being spared DDoS attacks, according to a Neustar survey of over 1,000 IT professionals across six continents
After the Snowden NSA leaks, fewer people are searching for info on terror groups online (Reuters via Business Insider) Internet traffic to Wikipedia pages summarizing knowledge about terror groups and their tools plunged nearly 30 percent after revelations of widespread Web monitoring by the U.S. National Security Agency, suggesting that concerns about government snooping are hurting the ordinary pursuit of information
Where Banks Are Most Vulnerable to Cyberattacks Now (American Banker) Hundreds of security threat reports come out every year from security vendors
How the biometrics market is entering the evolving IoT ecosystem (Help Net Security) By 2021, the biometrics market will reach $30 billion and shift its revenue focus, moving away from the governmental sector to emphasize opportunities in the consumer and banking sectors, according to ABI Research. Consumer and banking will see 19% and 12% growth rates, respectively
My Bad! Employee Slipups Lead to More Government Hacks than Cyber Espionage (Nextgov) Governments in 2015 suffered more data breaches by goofing up and losing stuff, than by succumbing to the wiles of cyberspies
Consolidation and Modernisation Chief Among Government IT Security Concerns, SolarWinds Survey Discovers (Army Technology) SolarWinds, a leading provider of powerful and affordable IT management software, today announced the results of its third annual Government Cybersecurity Survey, which explores the biggest barriers to improving IT security, including exposure during consolidation and modernisation processes, threats from foreign governments and careless or untrained insiders
Connected cars not yet secure (BusinessCar) Connected cars are likely to be open to hacking for the next 10 years, according to internet security firm boss Eugene Kaspersky speaking in a Financial Times interview
Marketplace
Fear This Man (Foreign Policy) To spies, David Vincenzetti is a salesman. To tyrants, he is a savior. How the Italian mogul built a hacking empire
Akamai's revenue beat estimates on higher cloud service demand (Reuters via Yahoo! Finance) Akamai Technologies Inc, a provider of services that speed up delivery of content over the internet, reported better-than-expected quarterly revenue and profit, helped by higher demand for its cloud security services
TitanHQ picks up Red Herring Europe Award (Galway Independent) Galway-based email and web security solutions company TitanHQ has been recognised as a Red Herring Europe 2016 winner
Duo Security to open second office in Ann Arbor as part of expansion plans (M Live) On the heels of the announcement that Duo Security will receive a $2.5 million grant from the state of Michigan and add 297 jobs, the Ann Arbor-based tech firm confirmed Tuesday it will expand to new office space in downtown Ann Arbor
Uptake raises its game in cybersecurity (Crain's Chicago Business) Uptake, the fast-growing data analytics startup founded by Brad Keywell, has snatched up another high-profile Chicago tech veteran
Products, Services, and Solutions
4 password managers that make online security effortless (PCWorld via CSO) Protect your passwords and other sensitive info with one of these virtual vaults
Owl Computing Technologies' Data Diodes Support Department Of Homeland Security Recommendations for Defending Industrial Control Systems (PR Newswire) Data diodes cited by DHS as best practices for protecting OT networks and facilitating remote monitoring of plant operations
Singtel opens facility to test, train cybersecurity skills (ZDNet) Singapore telco launches cybersecurity training and testing site aimed at helping businesses evaluate their systems and train their employees in the relevant skillsets
Webroot and Tech Data Partner to Deliver Real-time, Collective Threat Intelligence through Expanded Cybersecurity Capabilities (PRNewswire) Designed for MSPs and resellers transitioning to managed services, webroot offers smart, easy-to-deploy and highly effective endpoint protection through tech data solutions store
WISeKey Technology Brings Security to the IoT (iCrunchDataNews) WISeKey International Holding Ltd., a Swiss-based, cyber security company presented late last week its trusted technology for integrating wearable technology with secure authentication and identification, in both physical and virtual environments
Check Point brings advanced threat protection to SMBs and enterprises (Security Brief) Check Point Software has released a series of new advanced threat prevention platforms for customers of all sizes. The 1400, 3000 and 5000 Series appliances are optimised for small businesses to large-scale deployments and provide capabilities such as full inspection of encrypted data, while still maintaining performance, according to the company
Nexusguard Partners With DDoS Strike To Offer Enhanced DDoS Resiliency Services (BusinessWire) Unique service offering immediately reduces customer exposure to security threats
Securonix Wins Platinum Govies Award for Threat Intelligence (MarketWired) Government industry recognition is the latest honor for Securonix, the innovative security and fraud analytics leader
Lastline Emerges as Leader in Advanced Malware Detection in Forrester Research Automated Malware Analysis (MarketWired) Lastline ranks highest among eleven vendors evaluated; detection of evasive malware and exploits, ease of use and strong research pedigree cited by Forrester Research
Technologies, Techniques, and Standards
Holistic approach needed to address federal cyber gaps (Federal News Radio) Cyber attacks are a reality today, and whether small scale or something along the lines of an Office of Personnel Management breach, a collaborative effort is needed among agencies and the administration to put together an offensive strategy
Kaspersky cracks CryptXXX, throws lifeline to ransomware victims (Register) Nasty bug tries to confuse you by glowing slow on external storage encryption
Cyber Police ransomware can lock your Android device and ask for payment (Yahoo! Tech) An exploit called “Cyber Police” has been in the wild for sometime, but a new method it is utilizing can now affect millions of Android devices. It will it lock your device, rendering it useless, and it can be installed on a device without any user interaction from the victim
Paying a malware ransom is bad, but telling people to never do it is unhelpful advice (Virus Bulletin) I'm not usually one to spread panic about security issues, but in the case of the current ransomware plague, I believe that at the very least a sense of great concern is justified. And the threat is unlikely to disappear any time soon
Microsoft shares how it hunted a secretive rogue actor siphoning corporate data (WIndows IT Pro) Last year, Microsoft made a big deal about how it was investing a billion dollars in building out its security apparatus. On the Microsoft Malware Protection Center's Threat Research & Response Blog, they shared a little bit about how that has paid off with the story of how the Windows Defender Advanced Threat Hunting team, or just Hunters for short, thwarted a long-running attack that utilized a series of bad patches and deep discretion
Digging deep for PLATINUM (Microsoft Malware Protection Center) There is no shortage of headlines about cybercriminals launching large-scale attacks against organizations. For us, the activity groups that pose the most danger are the ones who selectively target organizations and desire to stay undetected, protect their investment, and maximize their ROI. That’s what motivated us – the Windows Defender Advanced Threat Hunting team, known as hunters – when we recently discovered a novel technique being used by one such activity group
10 Questions To Ask Yourself About Securing Big Data (Dark Reading) Big data introduces new wrinkles for managing data volume, workloads, and tools
Research and Development
Darpa wants to build encrypted messaging app for the US Department of Defense using Blockchain (International Business Times) The US Defense Advanced Research Projects Agency (DARPA) is looking for businesses to help it develop a secure messaging platform that is impossible to be hacked, and has decided this will be best accomplished by adopting the decentralised bitcoin blockchain technology
Academia
Young would-be cyber warriors battle it out at Bletchley Park (ComputerWeekly) Would-be cyber warriors are battling it out at historic Bletchley Park CyberCenturion to be crowned the UK’s top young cyber defenders
Legislation, Policy, and Regulation
Cyber warfare: Iran opens a new front (Financial Times) With its nuclear programme curbed, digital weaponry has become even more central to Tehran’s arsenal
Do India and Brazil Really Moderate China and Russia’s Approach to Cyberspace Policy? (Council on Foreign Relations) India and Brazil see themselves as power brokers in international cyber diplomacy
Can the United States and China De-Conflict in Cyberspace? (War on the Rocks) In spite of significant differences in views, Beijing and Washington appear committed to not letting cyber issues derail the U.S.-China relationship or interfere with cooperation on other high-profile issues
Litigation, Investigation, and Law Enforcement
Comey: FBI Becoming ‘Prolific Hacker’ Won’t End Encryption Crisis (Foreign Policy) Faced with increasingly sophisticated ways for criminals to scramble communications and cover their tracks online, the FBI has broadly embraced government hacking to track down suspects. But on Tuesday, FBI Director James Comey cautioned that hacking tools won’t solve the challenges law enforcement faces while carrying out investigations in the digital age
FBI won’t reveal method for cracking San Bernardino iPhone (Boston Globe) FBI director James Comey said there’s an internal debate on the agency’s understanding of how the security crack worked
FBI doesn't understand iPhone hack enough to explain to Apple (Macworld via CSO) The FBI claims it doesn't actually know how its iPhone-hacking tool works, so it can't share the method with Apple
Businesses suffering from lack of knowledge over GDPR, report finds (Cloud Computing) The updated EU General Data Protection Regulation (GDPR) legislation is coming in the next two years – but businesses are at risk of fines because of gaps in knowledge, according to new research from Trend Micro
Lawmakers demand briefings on cell network security flaw (The Hill) Top lawmakers on the House Energy and Commerce Committee asked major telecom providers on Tuesday to brief them on a security vulnerability in the global cellphone network
Class action filed after cyber attack, privacy breach at Ontario children’s aid office (Global News) An eastern Ontario children’s aid society is facing a $75 million lawsuit after a cyber attack resulted in a list of client names being stolen and shared on local Facebook groups
BWL: FBI helping investigate cyberattack (Lansing State Journal) Customers can still pay bills online, receive water and electricity service. Ongoing problem affects about 250 employees of the city-owned utility