Cyber Attacks, Threats, and Vulnerabilities
Swiss defense chief says hackers targeted his ministry (AP via Fox News) Switzerland's defense minister says his department was targeted by hackers in January and is indicating that the motive was industrial espionage
Islamic State seeks news blackout in Mosul as Iraqi army nears (Reuters) For Iraqis living in the Islamic State stronghold of Mosul, news is dwindling about the U.S.-backed army massing to the south for an assault on the city that could begin this year
OpIcarus: Hacktivists Shut Down Central Bank of Cyprus with DDoS Attack (Hack Read) A group of hacktivists shut down the official website of Central Bank of Cyprus earlier today for operation OpIcarus, an online operation aimed at targeting banking and financial institutes worldwide
Introducing Infy: A Decade-Long Attack Campaign from Iran (Infosecurity Magazine) Security researchers have uncovered a major new targeted attack campaign dating back nearly a decade and likely to have originated from Iran
Prince of Persia: Infy Malware Active In Decade of Targeted Attacks (Palo Atlo Networks) Attack campaigns that have very limited scope often remain hidden for years. If only a few malware samples are deployed, it’s less likely that security industry researchers will identify and connect them together
An Introduction to AlphaLocker (Cylance) It is always a treat, as a malware researcher, to come across something new and unique, and to then follow the resulting rabbit hole as far as you can go. I believe most of us in the cybersecurity industry enjoy that particular part of the puzzle, especially when you are able to fully trace the origin of a novel artifact or binary. Starting with a single random file, and ending up with a broad picture of the economy behind that malware is highly satisfying and often eye-opening. Which brings us to yet another family of ransomware – AlphaLocker
Petya: the two-in-one trojan (Securelist) Infecting the Master Boot Record (MBR) and encrypting files is nothing new in the world of malicious programs
What are the odds that a ransomware payment will go to a children’s charity? (Digital Trends via Yahoo! Tech) Yet another new form of ransomware has emerged, and this particular strain of the virus claims it will donate the ransom money to a children’s charity
Security Alert: New Ransomware Promises to Donate Earnings to Charity (Heimdal Security) Psychological manipulation is heavily used in cyber attacks, especially in phishing and ransomware compromise attempts
Neutrino exploit kit sends Cerber ransomware (SANS Internet Storm Center) Seems like we're always finding new ransomware. In early March 2016, BleepingComputer announced a new ransomware named Cerber had appeared near the end of February [1]. A few days later, Malwarebytes provided further analysis and more details on subsequent Cerber samples
Dridex botnet hacked, delivers dummy file (Help Net Security) Someone is toying with the Dridex botmasters. The botnet, or at least one or more of its subnets that are sending out spam email delivering Locky ransomware, has been compromised again, and has been distributing a dummy file instead of the malware
Ransomware continues to plague world's computers, says FireEye (SC Magazine) You just can't keep a piece of ransomware down, according to FireEye's new report. Released today, the report outlines ransomware's relentless forward march deeper into the world's computers
Windows ‘God Mode’ Feature Exploited by New Malware to Avoid Identification (Hack Read) Malware in a Window OS is not a new thing but Microsoft claimed that apps in Windows 10 will automatically detect the presence of malware — However, the Dynamer malware breached Windows OS security by exploiting God Mode
Malware Takes Advantage of Windows ‘God Mode’ (McAfee Blog Central) Microsoft Windows has hidden an Easter Egg since Windows Vista. It allows users to create a specially named folder that acts as a shortcut to Windows settings and special folders, such as control panels, My Computer, or the printers folder. This “God Mode” can come in handy for admins, but attackers are now using this undocumented feature for evil ends. Files placed within one of these master control panel shortcuts are not easily accessible via Windows Explorer because the folders do not open like other folders, but rather redirect the user
Jaku botnet runs targeted attack behind sandstorm of routine malfeasance (Register) ATP via ‘aggregated threat’
Jaku botnet hides targeted attacks within generic botnet noise (Help Net Security) Botnets are usually created by cyber criminals that use them to launch DDoS attacks, deliver spam, effect click fraud. The recently discovered Jaku botnet can effectively do all those things, if its botmaster(s) choose to do so, but it seems that they have other things in mind
DDoS costs, damages on the rise (CSO) Peak-time distributed denial-of-service attacks cost organizations more than $100,000 per hour
Nexusguard Analysts: Attack Researchers Are Top DDoS Target (PRNewswire) Geopolitical events continue to fuel uptick in region-specific cyberattacks
Q1 2016 DDoS Threat Report (Nexusguard) In Q1 2016 new reflection services have been discovered, companies have increasingly become targets, and unexpectedly, the Number One target for DDoS attacks was DDoS researchers themselves
Today’s DDoS Attacks: Separate Truth from Fiction (A10 Community) Distributed denial-of-service (DDoS) attacks are skyrocketing at an unprecedented rate. According to the VeriSign Distributed Denial of Service Trends Report, in fourth quarter of 2015, there was an 85% increase in DDoS attacks compared to 2014.1 Not only are they increasing in quantity, they are also increasing in complexity and in the severity of damage they inflict. Often DDoS attacks are tied to ransomware, hactivism, and nation-state to nation-state cyberwarfare. And, to top it off, repeat attacks against the same organization are also on the rise
Millions Of Web Servers Vulnerable To ImageMagick Attack (Dark Reading) US-CERT issues advisory on 0-day flaws found in popular image processing tool
Video Malvertising Bringing New Risks to High-Profile Sites (Proofpoint) Exploit kits are powerful tools for cybercriminals, downloading malware onto vulnerable PCs whenever users surf to a compromised or malicious site
Google denies email injection flaw can bypass filters and pwn users (SC Magazine) srael-based cyber-threat specialists Cyberint insists it has found a serious flaw in Google security despite the tech giant's denials that email injection can bypass security filters
Hacker collects 272m email addresses and passwords, some from Gmail (Guardian) Security firm announces it has persuaded fraudster to give up database of email addresses along with passwords users use to log in to websites
Major Security Breaches Found In Google And Yahoo Email Services (HuffpostTech) Hundreds of millions of usernames and passwords have been stolen
Hacker trades 272 million passwords for social media likes (C|Net) Security researchers find a hacker bragging online that he'd amassed a mountain of passwords. And he didn't want much in return for them
IT security expert offered 272mn hacked Google, Microsoft, Yahoo passwords for $1 (RT) A prominent security expert says he acquired a database with info for 272.3 million email accounts from a hacker on a Russian underground forum in exchange for a nice review. The stolen IDs contain data for Gmail, Yahoo Mail and Microsoft email addresses
Cyber-criminals really “Like” Facebook (Panda Security) With 1,590 million active users per month, Facebook is the Social Network. In fact, they just posted their quarterly earnings and they are up 50%. Cyber-criminals are aware of their success
How cybercrooks hit you where you live using country-specific attacks (Naked Security) Cybercrime today is a global threat, and it’s costing victims tens of millions of dollars each year – at minimum
Location-based threats: How cybercriminals target you based on where you live (Sophos Blog) Much like legitimate businesses, cybercriminal enterprises have to be dynamic – standing still means falling behind. A significant example of how cybercriminals are evolving is the growing trend of location-based targeting, through what we call “geo-malware” and regionalized email attacks
iPhone Users Hit with iCloud Account Deactivation Phishing Scam (HackRead) Crooks are targeting iPhone users in the United Kingdom with a sophisticated phishing scam through text messages containing malicious link designed to steal login credentials of their iCloud accounts. Recently, several celebrities and normal users have been complaining about a text message supposedly sent by Apple informing them about deactivation of their iCloud account and in order to reactivate it they have to click on a link and login with their iCloud email and password. You guessed it right! it’s not the Apple sending messages but the crooks
SCC data breach may have compromised employee W-2 information (Vacaville Reporter) A data breach discovered Thursday at Solano Community College may have compromised W-2 data of more than 1,000 employees who worked for the school during 2015, SCC officials said
Sea Ray, Boston Whaler parent company reports cyber attack (Daytona Beach News Journal) Employees at local boat makers Sea Ray Boats and Boston Whaler are facing a different kind of fishing expedition
Security Patches, Mitigations, and Software Updates
Apple patches vulnerable OS X Git version that put developers at risk (IDG via CSO) A month and a half later, Apple imports Git patches for critical remote code execution flaws
Cisco Patches Critical TelePresence Vulnerability (Threatpost) Cisco Systems said it has patched a critical flaw tied to its TelePresence hardware that allowed unauthorized third-parties to access the system via an API bug. The networking behemoth also alerted customers to a duo of denial of service attack vulnerabilities that represent a high risk for its FirePOWER firewall hardware
OpenSSL Fixes Two “High” Severity Vulnerabilities (Tripwire: the State of Security) OpenSSL has issued fixes for six vulnerabilities, including two flaws with a “high” severity rating
Google turns on HTTPS for all blogspot blogs (IDG via CSO) Blog owners will have the option to automatically redirect all visitors to the HTTPS version
Cyber Trends
Microsoft: Windows Malware Up, Stuxnet Shell Attack Most Popular (Dark Reading) New Security Intelligence Report (SIR) shows increase in vulnerability disclosures, and re-emergence of old Stuxnet attack bug
IT Chiefs Worry Aging Data Will Grow ‘Toxic’ (GovTechWorks) Global data storage needs are growing at 20 to 25 percent annually, and Cisco Systems forecasts that by 2019, the world will add another 10.4 trillion gigabytes of new data every year
‘Internet of Things’ Could Pose Infrastructure Threats (GW Today) Former director of national intelligence warns against complacency at Center for Cyber and Homeland Security conference
New Appthority Report Reveals Shifts in Security Landscape (PRNewswire) Mobile Threat Team finds increasing iOS risk while Google tries to shore up Android security
Kaspersky Lab CEO Eugene Kaspersky: We're still living in the dark ages of cyber security (Information Age) Antivirus king Eugene Kaspersky believes that we have some way to go before we enter the age of 'cyber security enlightenment'
Marketplace
Why CEOs Are Failing Cybersecurity, And How To Help Them Get Passing Grades (Forbes) The buzz at yesterday’s inaugural Cyber Investing Summit – held on Wall Street at the New York Stock Exchange – was that most CEOs and board members don’t get cybersecurity
IBM and Cisco Have the Same Security Strategy (Motley Fool) With typical organizations dealing with dozens of different security vendors, both companies aim to offer diversified, integrated solutions
EMC and Dell begin to paint a picture of post-merger world (MicroScope) A raft of new solutions unveiled at EMC World this week are eclipsed by a rather large, Dell-shaped, elephant in the room
1+2+1 Reasons Why Huawei Could Be An Industrial IoT Sleeping Giant (Forbes) Having returned from Huawei’s annual analyst conference freshly updated with “all things” Huawei, I have to say my mind has been opened, at least a bit, to the potential for Huawei to be one of the leaders in Industrial IoT (IIoT) applications
This Could be FireEye Inc.'s Most Important Product (Motley Fool) The cybersecurity firm's growth could depend on its success in transforming into a security-as-a-service company
One Small Cap Stock Dominating a Multi Billion Dollar Industry (Investor Guide) I recently recommended buying Gigamon (GIMO) heading into earnings. I had first recommended buying Gigamon in February and the stock has since shot up 35%. The stock rallied almost 10% after the company delivered a stellar earnings report last week
Va.-based Encryption Startup Lands Huge Tech Partnership (DCInno) Virgil Security, a Manassas, Va.-based cybersecurity firm that specializes in crypto technology and which graduated from the commonwealth-backed Mach37 accelerator in 2015, has entered into an important partnership with San Francisco, Calif.-based Twilio, the cloud-based communications platform
Israeli cybersecurity firm CyberInt enters Philippine market () As various enterprises in the Philippines now beefing up their IT infrastructure, Israeli cybersecurity firm CyberInt has now entered the market
Start-up Technology Announces Expansion in the U.S. and Offers Innovative Solutions for Defending Industrial Infrastructure and Smart Grid Environments (MarketWired) Nation-E opens two U.S. offices to provide cybersecurity solutions for U.S.-based critical infrastructure
Ex-Sourcefire execs place bets on ThreatQuotient as it launches in channel (ChannelWeb) Threat intelligence vendor targeting 'market-making' security VARs after emerging from stealth mode
Augusta Canal Authority announces new plans for historic Sibley Mill (WTOC) The Augusta Canal Authority, in conjunction with Cape Augusta Digital Properties, announced their plans to build a new cyber campus on the site of the historic Sibley Mill, dubbed The Augusta Cyber Works
LockPath Joins Cloud Security Alliance (MarketWired) Compliance and risk management software provider to bring expertise to leading consortium
Rapid7 Recognized by Cybersecurity Excellence Awards for Innovative Products and Outstanding Industry Leadership (Globe Newswire) Company wins Security Analytics, Application Security, and EMEA Professional of the Year categories
Blue Coat and Elastica Named Winners in 2016 Cybersecurity Excellence Awards (MarketWired) Companies recognized by LinkedIn Information Security Community as Leaders in Enterprise Security and Data Science Powered™ Cloud Access Security
iovation Named "Service Provider of the Year" for Insurance Claims Fraud Detection (MarketWired) Modern Claims Award judges recognize iovation for detecting organized fraud, policy manipulation, ghost broking and claims fraud
Symantec Is on the Lookout for a New CEO (MarketRealist) Symantec’s board formed ‘office of the president’ while it searches for new CEO
Contrast Security Appoints Surag Patel as Chief Strategy Officer (PRNewswire) Silicon Valley executive to drive adoption of contrast security's groundbreaking application security solutions
Products, Services, and Solutions
Balabit's syslog-ng Store Box Earns 2016 Cybersecurity Excellence Award for Forensics (MarketWired) Innovative provider of contextual security technologies recognized in multiple categories, including Forensics, Privileged Access Management and Security Analytics
Trend Micro Launches Plug-in for Kaseya VSA™ (BusinessWire) Solution enables Managed Service Providers (MSPs) to easily administer security
RAD and Check Point Unveil Joint End-to-End Cyber Security Solution for Utility Operational Networks (BusinessWire) Provides multi-tier protection complying with new NERC-CIP directives
AppSense Speeds Windows 10 Migrations and Endpoint File Sync With New DataNow 4.0 (MarketWired) DataNow 4.0 delivers file sync and migration for on-premises file storage with complete end-to-end encryption, zero-disruption sync of Outlook PST files, and centralized management
Hypori Named First Virtual Mobile Device Approved by NSA for U.S. Government Classified Use (PRNewswire) Listing on NSA Commercial Solutions for Classified Program confirms security standards across Hypori's Platform
Technologies, Techniques, and Standards
Tactical, cyber hybrid training paying off for Army (C4ISR & Networks) A recent pilot to incorporate cyber into tactical training exercises is showing positive results, according to Army officials. Through the first-ever program, experts from Army Cyber Command provide training on offensive and defensive cyber operations
Cyber Blitz: The Good, the Bad and the Ugly (SIGNAL) A U.S. Army exercise will affect the future of cyber and spectrum warfare
Starke Passwörter sind wichtig (Pressebox) G DATA gibt Sicherheitstipps zum World Password Day
Expert tips on how to protect your personal information online (WLFI) We put a lot of information about ourselves in the digital world: filling out surveys, applications, registries not to mention what we say about ourselves on social media
Research and Development
The Pentagon Wants to ‘Fingerprint’ the World’s Hackers (Defense One) By tracking their tools and behaviors, DARPA aims to solve one of the thorniest problems of cybersecurity: attribution
Will artificial intelligence revolutionize cybersecurity? (Christian Science Monitor Passcode) With criminal hackers becoming more effective at breaking into computer systems, cybersecurity researchers, government agencies, and academics are looking to artificial intelligence to detect – and fight – cyberattacks
Academia
New Stanford class targets U.S. national security problems with Silicon Valley-style innovation (Stanford University) Student teams at Stanford use "lean launch pad" startup methodology to innovate at speed and find technological solutions for critical challenges facing America’s defense and intelligence agencies
UWF cybersecurity program in exclusive company (Pensacola News Journal) Universities usually move methodically when launching a program. The University of West Florida opted against the methodical approach and instead rushed to secure National Security Agency and Department of Homeland Security designation for its fledgling cybersecurity program
Will Hack for Bikes (Digital Guardian) Anyone who has kids of a certain age is likely familiar with the constant fight to get them to put down their damn iPads and Xbox controllers and go outside or read a book. The struggle is real, and it’s only becoming more difficult as computing and electronics become ever more pervasive parts of modern life
Giving back: Center for Cyber Safety and Education (CSO) This year is the first time in three years that I have not served on the board of directors of (ISC)2. When my term ended and I decided to step aside and collect myself. It was a worthy endeavour in many ways. But the detractors, such as one glorified tool punk who was convinced that the realm of information security began and ended with his favourite 'click, click, next’ tool, finally wore me down. If you kick a dog enough eventually it won’t bark anymore
Legislation, Policy, and Regulation
Government putting $22m aside for cyber attack taskforce (OneNewsNow) The government is committing $22m over four years in an effort to fight cyber attacks which can cost millions
Understanding the Internet of Things (Heritage Foundation) The term “Internet of Things” (IoT) refers to all electronic devices that are connected and communicate information across a network or networks
How private Internets of Things could secure critical infrastructure (Federal Times) No reasonable person would question the fact that we are entering a phase of explosive growth in consumer, commercial and industrial automation. Many of these applications have been rebranded under the popular catchphrase the Internet of Things, or IoT. However, for the nation’s critical infrastructure assets and the agencies responsible for them, the wide-scale implementation of the IoT isn’t straightforward
Litigation, Investigation, and Law Enforcement
UN diplomat says Islamic State seeking new revenue streams (AP) The Islamic State extremist group is looking to increase revenue from taxation, smuggling antiquities "and potentially kidnap for ransom" after losing some territory and oil revenue following the destruction of significant oil facilities, the chair of the U.N. committee monitoring sanctions against the militant group and al-Qaida said Wednesday
Canada cites espionage risk from two Huawei employees, saying it plans to reject their immigration applications (South China Morning Post) Two employees face visa rejection in world-first targeting of telecom giant’s staff, but they categorically deny being spies, immigration consultant says
Warrantless searches against Americans doubled from 2013 to 2015, report says (Washington Times) The National Security Agency and the Central Intelligence Agency searched an intelligence community database designed to target foreigners more than 4,000 times last year without warrants using queries explicitly linked to U.S. people, the Office of the Director of National Intelligence acknowledged in a transparency report released Monday
Gozi Creator Released From Prison (Dark Reading) Russian serves 37 months for malware charges; ordered to pay fine of $6.9 million
Gozi banking malware mastermind ordered to pay $7 million in damages (ZDNet) The creator behind the malware has been sent behind bars and ordered to pay a hefty fine
Judge: It 'May Be Necessary' to Depose Hillary Clinton in Email Case (NBC News) A federal judge said Wednesday that it "may be necessary" to depose Hillary Clinton about the nature of her personal e-mail server, in a freedom-of-information lawsuit over the employment of top aide Huma Abedin
Poland charges Russian-born lawyer with spying for Moscow (AP via Washington Post) Poland has charged a Warsaw lawyer with dual Polish-Russian citizenship with spying for Russian military intelligence, a prosecutor said Thursday
Dutch police seize the Ennetcom encrypted communication network (Cyber Defense Magazine) The Dutch police in an international effort with Canadian authorities seized the Ennetcom encrypted communication network used by 19,000 users