Cyber Attacks, Threats, and Vulnerabilities
Tick Cyber-Espionage Group Targets Japanese Companies with Daserf Backdoors (Softpedia) A secret cyber-espionage group is using compromised websites along with spear-phishing emails to deliver a backdoor trojan to organizations in Japan for the purpose of stealing sensitive information and private technologies
Toy maker’s website pushed growing CryptXXX ransomware threat (CSO) Attackers are aggressively pushing a new file-encrypting ransomware program called CryptXXX by compromising websites, the latest victim being U.S. toy maker Maisto. Fortunately, there's a tool that can help users decrypt CryptXXX affected files for free
What kind of data do ransomware hackers hold hostage? (Chicago Tribune) Hackers who use ransomware are after money, and they prey on victims’ emotions to get it
Massive security flaw found in Microsoft Office 365 leaving world's largest companies exposed (Interntional Business Times) Two independent European security researchers have discovered a massive security flaw in Microsoft's Office 365 product that would make it possible for an attacker to gain unrestricted access to almost any business account and access company Outlook Online email accounts, Skype for Business, OneNote and OneDrive online storage
Serious Flaw Exposed Microsoft Office 365 Accounts (SecurityWeek) Researchers discovered a severe cross-domain authentication bypass vulnerability that could have been exploited by malicious actors to gain access to Office 365 accounts, including email and files. Microsoft patched the issue within 7 hours after learning of its existence
Hipster hackers cook up 'artisan' Squiblydoo attack (Register) Native OS tools, living off the land... it's all very crunchy
How the Pwnedlist Got Pwned (KrebsOnSecurity) Last week, I learned about a vulnerability that exposed all 866 million account credentials harvested by pwnedlist.com, a service designed to help companies track public password breaches that may create security problems for their users
IBM Transformation Extender Hypervisor Edition Samba Multiple Vulnerabilities (Secunia) Multiple vulnerabilities have been reported in IBM Transformation Extender, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system
Audiophile torrent site What.CD fully pwnable thanks to wrecked RNG (Register) Use of mt_rand means there's free .flac for those who crack
Dramatic Rise in ATM Skimming Attacks (KrebsOnSecurity) Skimming attacks on ATMs increased at an alarming rate last year for both American and European banks and their customers, according to recent stats collected by fraud trackers. The trend appears to be continuing into 2016, with outbreaks of skimming activity visiting a much broader swath of the United States than in years past
Ghost Squad DDoS Black Lives Matter Website Because ‘All Lives Matter’ (HackRead) Ghost Squad hacktivists have conducted a series of some powerful DDoS attacks on the official website of Black Lives Matter movement forcing it to go offline for the visitors. In the first phase of the attack which was conducted yesterday GS DDoSed the blacklivesmatter.com and blacklifematters.org
Botnets getting bigger and stronger, says Kaspersky (SC Magazine) Botnets are getting bigger and DDoS attacks more frequent according to Kaspersky
New Android Malware RuMMS Targeting Users through Smishing (Hack Read) FireEye security firms’ researchers have identified a new Android family malware that is currently targeting Russian users. The malware is distributed via a series of infected subdomains that are actually registered with an authentic domain name, which is owned by a popular shared hosting service provider based in Russia
Thousands of taxpayers affected by W-2 Phishing attacks this year (CSO) Criminals show no signs of slowing when it comes to targeting W-2 information
Canadian Gold-Mining Company Hacked, 14.8 GB Data Stolen (HackRead) Goldcorp, a renowned gold-mining firm in Canada has been “badly hacked.” The gold-mining firm’s headquarters is based in Vancouver, British Columbia. Hackers have also leaked a massive amount of the company’s employees’ data online. The hackers provided sample data by posting a document on a public Pastebin site, which was followed by a URL address to a full torrent download that was around 14.8 GB after uncompressing
Qatar National Bank Accepts Data Breach while Hackers Release Inside Video (HackRead) Last week HackRead exclusively reported on Qatar National Bank (QNB) security breach. Now, the QNB has acknowledged a third-party access to their servers but claim the customers’ data is fully secured. That’s not all while the bank has accepted the breach, the hackers, on the other hand, have released a video revealing how they leaked personal information of alleged MI5’s agents
Qatar National Bank says systems ‘secure’ after cyber attack (ARY NEWS) Qatar National Bank said on Sunday that its systems were “fully secure” following a cyber attack which potentially exposed the names and passwords of tens of thousands of customers
Qatar National Bank claims customer data released by hackers is authentic (ITWorld) The bank, however, said the hack would have no financial impact on customers
South Korea Revives GPS Backup After Cyber Attack (Reuters via Maritime Executive) South Korea has revived a project to build a backup ship navigation system that would be difficult to hack after a recent wave of GPS signal jamming attacks it blamed on North Korea disrupted fishing vessel operations, officials say
Cayman under cyber-attack, says ICTA (Cayman News Service) As local telecommunications provider Flow issued another alert about phishing scams impacting its customers, the managing director of the Information & Communications Technology Authority warned that Cayman is being targeted by cyber criminals
Viewers of the NFL Draft watched a cyber attack unfold on live TV. (New Republic) Laremy Tunsil was one of the most coveted players heading into Thursday’s draft
Security Patches, Mitigations, and Software Updates
Microsoft was flaming fast in fire-fighting a major Office 365 flaw (Tech Radar) Vulnerability was patched the same day it was reported
Slack Plugs Token Security Hole (Threatpost) Popular collaboration and communication firm Slack rushed to plugged a security hole in its platform Thursday that was leaking some of its users’ private chats and files for anyone to access
Valve Fixes Steam Crypto Bug That Exposed Passwords in Plaintext (Softpedia) Valve updated the Steam gaming client to fix a severe security issue in the application's crypto package that under certain conditions would have allowed an attacker to view a user's password in plaintext if observing network traffic when the user was authenticating on the platform
Security Bulletin: Steps you should take to fix a Java SE security risk on your computer (We Live Secruity) Welcome to a very unusual cybersecurity article! Why is it unusual? The title of this Security Bulletin and most of its content was provided by Oracle, the maker of the Java computer programming language. In fact, ESET is publishing this information on We Live Security at the request of Oracle. And Oracle made the request because it was ordered to do so by the US Federal Trade Commission (FTC)
Cyber Trends
Expert Comments on Verizon’s 2016 Data Breach Investigations Report (Information Security Buzz) “The Verizon report echoes similar findings to those just released in Proofpoint’s Human Factor report – everybody clicks, and attackers know this. This is one of the reasons why phishing is so successful and why in 2015 attackers overwhelmingly infected computers by tricking people into doing it themselves instead of using automated exploits"
Marketplace
Cybersecurity Venture Capital: What Investors Can Learn from the Industry’s Top Venture Capitalists (Cybersecurity Investing News) The Investing News Network sat down with industry veteran and Seculert CEO Richard Greene to learn what venture capitalists are looking for in the cybersecurity market, and what DIY investors can learn from them
Security startup confessions: Choosing a tech partner (Help Net Security) My name is Kai Roer and I am a co-founder of a European security startup, and these are my confessions. I hope you will learn from my struggles, and appreciate the choices startups make when security matters. I will share experiences from my own startups (my first was in 1994), and things I have learned by watching and advising numerous other startups around the world
IBM: The Story Is The Business, Not The Stock Price (Seeking Alpha) IBM is still one of the most valuable Fortune 50 companies, employing some of the finest researchers and computer scientists in the world. However, deteriorating revenues and cash flow, including some questionable management decisions, have the bears on the prowl. To restore investor confidence, the company needs to complete its restructuring efforts, ensure corporate governance remains a top priority, and demonstrate the true market power of IBM's Cloud. Watson, Cloud, and Blockchain developments look extremely promising as game-changing technologies, and investors who stick with the company will be rewarded in the end
Symantec CEO Brown’s Exit Highlights Company’s Continuing Struggles (Dark Reading) For the third time since 2012, Symantec is looking for a new CEO to help turn around the business
Symantec Partners Hope New CEO Will Kick-Start Next Phase Of Transformation (CRN) Symantec has been through an operational and strategic transformation, and now partners say it's time for a new CEO to bring the stability and passion back to the Mountain View, Calif.-based vendor
Rip-And-Refresh Battle Pits Cisco, Palo Alto, Fortinet, Check Point (Investor's Business Daily) As Sony Pictures prepared to release actor/director Seth Rogen’s film The Interview in late 2014, the studio hadn’t thought through its defenses. The dubious comedy, a send up of North Korean politics and leadership, engendered ill will with the real McCoy. North Korean hackers easily found their way through the Swiss-cheese firewall protecting the company’s network
Better Buy: Palo Alto Networks Inc vs. Check Point Software Technologies Ltd? (Fox Business) In the world of cybersecurity, big hitters like IBM may be the first providers that come to mind
EclecticIQ Raises 5.5 Million Euro for Enterprise-Ready Cyber Threat Intelligence (CTI) Platform (EclecticIQ) Among the largest European Series A investments in cyber security technology. EclecticIQ supports cyber threat intelligence (CTI) practices in sectors including financial services, government and organizations active within the critical infrastructure. Founder & CEO Joep Gommers is former intelligence operations executive at iSIGHT Partners
Security Entrepreneur Nico Sell: 'Apple Helps the Government All the Time' (Inc.) The creator of Wickr, a highly-encrypted messaging service, says that corporations should never hack their own systems to deliver information to the U.S. government
Pentagon Bug Bountry Program Attracks Strong Hacker Interest (eWeek) The Pentagon is at the midpoint of a crowdsourcing initiative that has attracted about 500 researchers to sign up for the opportunity to search for bugs in the agency's Websites
SANS, NinjaJobs partner to grow cyber talent pipeline (Homeland Preparedness News) The SANS Institute and NinjaJobs entered into a partnership this week to help companies find vetted, experienced cybersecurity professionals
More than 200 cyber security jobs available in Orlando (Orlando Business Journal) If a hacker really wants to get into a company, they'll do all they can to do so, but that doesn't mean you have to make it easy for them
Silicon Valley's most secretive startup is scooping up Palo Alto offices (San Jose Mercury News) Silicon Valley's most secretive startup is quietly taking over downtown Palo Alto
Products, Services, and Solutions
Zscaler Uses the Cloud to Create a VPN Alternative (eWeek) A new Private Access service takes a different approach to enabling secure remote connectivity
Malware Analysis Appliance — A1000: Cyber Security Threat Analysis Platform (Reversing Labs) The A1000 Malware Analysis Appliance is a powerful, integrated, plug-and-play solution for individual analysts or small teams of analysts that makes threat detection, deep analysis and collaboration more effective and productive. This solution is offered as an on-premises hardware appliance, a VM appliance or as a cloud-based service
Radware Cloud Security Service Awarded Best Managed Security Service for 2016 by SC Magazine (Nasdaq) Radware® (NASDAQ:RDWR), a leading provider of cyber security and application delivery solutions ensuring optimal service level for applications in virtual, cloud, and software-defined data centers, was awarded Best Managed Security Service for 2016 by SC Magazine
Technologies, Techniques, and Standards
How To Succeed At Third-Party Cyber Risk Management: 10 Steps (Dark Reading) Organizations are failing -- and badly -- assessing the risk of attacks and data breaches from vendors and supply chains, according to a recent Ponemon Institute study. The solution starts at the top
Cyber Warfare - Who are you going to call? (SC Magazine) If your organization is connected to the Internet, you are very likely engaged in cyber warfare whether you like it or not
When It Comes to Adopting the Cloud, You've Got to Secure Company Data (Entrepreneur) Whether you’re starting a new business, or you have an established small- to medium-sized business, entrepreneurs today have a unique challenge as well as an opportunity when it comes to adopting the cloud. Before there was a wide array of cloud providers serving almost every business need, organizations regardless of size had to maintain IT departments or consultants and extensive physical infrastructure to run their businesses
Living in a password free world in the modern enterprise (Help Net Security) The era of password security in the modern enterprise is over. Passwords are dead
6 Steps for Responding to a Disruptive Attack (Dark Reading) Today's threat landscape dictates that companies must have a workable incident response plan
Fight Hackers With Cyber Hygiene, Symantec Says (MeriTalk) Cyber hygiene is essential for combating the modern, professional hacker, according to Symantec Security Response director of project management Kevin Haley
Stop Building Silos. Security Is Everyone’s Problem (Dark Reading) Yes, it's true that the speed of DevOps has made security more difficult. But that doesn't mean accelerated release cycles and secure applications have to be mutually exclusive
Cyber threat hunting: How this vulnerability detection strategy gives analysts an edge (Tech Republic) Forensic experts indicate cyber threat hunting is an improvement over what currently exists for detecting security threats. Find out what makes cyber threat hunting unique
Defending Advanced Persistent Threats - Be Better Prepared to Face the Worst (Infosecurity Magazine) We often hear news about emerging cyber security threats and attacks impacting every industry. With advanced malwares, zero day exploits and persistent threats, cyber-attacks are now becoming very sophisticated in nature
Design and Innovation
IBM Defines Security Standards For Running Blockchain In The Cloud (Forbes) As companies in financial services and other industries race to take advantage of so-called “blockchain” technology — named after the technical structure that powers Bitcoin — one issue slowing them down is the need to stay within relevant data security and other regulations
$81 Million Cyberheist Underscores Need for Blockchain Security (CryptoCoinNews) The hacking heist of $81 million from the Bangladesh central bank demonstrates the vulnerability of many banks’ existing financial security platforms that cry for blockchain-based security
Craig Wright revealed as Bitcoin creator Satoshi Nakamoto (BBC) Australian entrepreneur Craig Wright has publicly identified himself as Bitcoin creator Satoshi Nakamoto. His admission ends years of speculation about who came up with the original ideas underlying the digital cash system
Craig Wright Claims He Is Bitcoin Inventor ‘Satoshi Nakamoto’ (Wall Street Journal) Australian computer scientist says he is the virtual currency’s pseudonymous creator
Craig Wright outs himself as bitcoin creator Satoshi Nakamoto—and some people believe him (Quartz) Craig Steven Wright, a computer scientist with a doctorate in theology from Queensland, Australia, claimed today (May 2) to be the inventor of bitcoin, the controversial digital currency with the mysterious backstory
Research and Development
Korea, U.S. in joint initiative for AI-based cybersecurity (Korea Herald) South Korea and the United States have teamed up to develop advanced technology using artificial intelligence to counter cyber threats, a ministry said Monday
Microsoft Is Experimenting With DNA as a Way to Store Data (Tech Worm) Given the massive amount of data it generates, Microsoft is looking into dabbling in DNA to store data
Academia
Computer Science Teachers Association (CSTA) Equips Educators to Teach Cybersecurity (EIN News) CSTA launches "Cyber Teacher" certificate program to address the nation's STEM skills gap
Univ. of Central Florida wins college cyber defense competition (USA Today) As technologies rapidly advance, so do threats to our cyber security. The work force, however, isn’t keeping up with the need for more cyber-security professionals. In fact, in 2014 there was a shortage of approximately 1 million such employees, according to the Cisco 2014 Annual Security Report
Cybersecurity contests at colleges aren't just games (Orlando Sentinel) Some might consider Jonathan Singer something of a cybersecurity blanket
Cyber Security legend to teach at USD (San Diego Union Trbune) Roger Schell, an engineer who helped revolutionize the way the U.S. government protects sensitive information on computers, has been named a distinguished fellow at the University of San Diego
CSU-Pueblo a cyberdefense hub (Pueblo Chieftain) National designation may lead to expanded programming
Legislation, Policy, and Regulation
Europol to get new powers to disrupt terrorists’ online presence (Help Net Security) The EU police agency Europol is expected to gain new powers that will help it fight terrorism and cybercrime, thanks to new governance rules endorsed by Civil Liberties Committee MEPs on Thursday
Cyber security in Belgium will gain prominence after terror attacks (ComputerWeekly) Belgium’s physical security has been branded inadequate, so how does the country’s cyber security measure up?
US companies need to gear up for new EU data privacy regulations (Help Net Security) Thousands of American companies that do business in Europe directly or online with European customers will need to start reckoning with new EU data privacy regulations that are due to go into full effect in just two years, according to the International Association of Information Technology Asset Managers (IAITAM)
The Jury's Still Out: Can America Ever Match Russian Cyber Innovation? (Modern Diplomacy) In February 2015, James Clapper, the Director of National Intelligence in the United States, announced that the appraisal of Russian cyber capability and intention had been elevated, pushing Russia to the number one spot on the list of countries which pose a major cyber-threat to the United States
US senators move security act to counter China (Domain-B) Four American senators, including three members of the Senate Foreign Relations Committee (SFRC), have proposed a maritime security act to increase support to Asia-Pacific allies to cope with Beijing's assertive moves in the South China Sea
Snowden: Without encryption, everything stops (The Hill) Edward Snowden defended the importance of encryption, calling it the "backbone of computer security"
The Cyber Implications Of Acquisition Speed (SIGNAL) Acquisition reform has been a topic of discussion among individuals in government, industry and academia for several decades
New Jersey Takes Consolidated, Fusion Center-Style Approach to Cybersecurity (Government Technology) New Jersey is perhaps best known for the “Parkway” and former presidential hopeful Gov. Chris Christie. But some might argue that it should be getting attention for its novel fusion center approach to cybersecurity
Litigation, Investigation, and Law Enforcement
Is This Frenchman Running ISIS Terror Networks in the West? (Daily Beast) Known as Abu Suleyman, this former manager of gyms in France is now said to be managing the Islamic State’s murder incorporated in Europe
Supreme Court OKs expanded hacking power for FBI (FCW) The Supreme Court approved a controversial rule on April 28 that would allow U.S. judges to issue search warrants for computers outside their jurisdictions, a move critics say would significantly expand the FBI's hacking powers
U.S. spy court rejected zero surveillance orders in 2015: memo (KFGO) The secretive U.S. Foreign Surveillance Intelligence Court did not deny a single government request in 2015 for electronic surveillance orders granted for foreign intelligence purposes, continuing a longstanding trend, a Justice Department document showed
The government wants your fingerprint to unlock your phone. Should that be allowed? (Los Angeles Times) As the world watched the FBI spar with Apple this winter in an attempt to hack into a San Bernardino shooter's iPhone, federal officials were quietly waging a different encryption battle in a Los Angeles courtroom
Systems Integrator Arrested for Philippine Election Hack (Infosecurity Magazine) Philippine police have arrested a second man in connection with the major breach of election commission Comelec which exposed the personal details of all the voters in the country
Panama Papers: US launches criminal inquiry into tax avoidance claims (Guardian) US attorney for Manhattan says Department of Justice has opened investigation related to revelations exposed in massive leak of documents
Learning from the Panama Papers Leak (Red Owl Analytics) A single moment of cyber indiscretion can dissolve an entire business
'Do not pay any ransom' - Criminal gangs are threatening business with cyber attacks (Journal) The PSNI says that a number of business in Northern Ireland have been targeted
U.S. Steel Giant Charges That Chinese Government Stole Company Secrets (Washington Free Beacon) U.S. Steel Corp accused the Chinese government of hacking into a company computer to steal the blueprints for new lightweight steel technology so that Beijing-based auto producers could expand their reach into America
Accused Navy officer innocent of espionage: Attorney (Navy Times) The attorney for a U.S. Navy officer accused of espionage is vowing to fight charges that his client spied for a foreign government and lied to investigators
Family launches site to defend Navy officer accused of spying (Navy Times) The family of accused spy Lt. Cmdr. Edward Lin is fighting back against the government’s charges, saying Lin is not a spy and alleges his constitutional rights were violated when he was imprisoned in September
Here’s what the Fairfax County fire chief didn’t say during his cyber-bullying press conference (Statter 911) The owner of the website where the cyber-bullying of Nicole Mittendoff and other Fairfax County firefighters occurred is critical of the comments made by Chief Richie Bowers (video above) during a press conference yesterday (Friday)