Cyber Attacks, Threats, and Vulnerabilities
Anonymous DDoS Attacks Spread, But What's the Impact? (InfoRisk Today) 'Operation Icarus' targets numerous banks, but interruptions apparently limited
Terror Groups Using Legit, Home Grown Tools To Communicate, Proselytize (Dark Reading) Trend Micro says its research shows that terror, cybercrime groups often use same tools to operate
Osama bin Laden’s son says jihad in Syria key to ‘liberate Palestine’ (Long War Journal) Al Qaeda’s propaganda arm, As Sahab, has released a new message from Osama bin Laden’s son, Hamzah. It is the second time Hamzah has spoken on behalf of al Qaeda since last August. Hamzah’s message has been paired with a speech by Ayman al Zawahiri on both occasions.
Taliban claims to have ‘thousands of fully armed martyrdom seekers’ (Long War Journal) The Afghan Taliban said it would give “top priority” to retaliate against government agencies involved in the execution of jihadist prisoners and claimed it has “thousands of fully armed martyrdom seekers” at its disposal who are “awaiting to take revenge.” The Taliban issued the statement yesterday on its official website, Voice of Jihad, after the Afghan government executed six jihadists, including a member of al Qaeda, for various attacks in the country
Panama Papers database of offshore companies goes public (Chicago Tribune) A group of investigative journalists made live the names of thousands of offshore companies based on a massive trove of data on the finances of the rich and powerful that has become known as the Panama Papers
Live Panama Papers database dump reveals 200,000 secret offshore account details (Telegraph) The "Panama Papers" database went live today - the largest ever release of secret offshore companies and the people behind them
You can now search the Panama Papers – the secret accounts of the global rich – yourself (Washington Post) Some of the information from the Panama Papers, a vast trove of more than 11 million leaked documents that have cast a light into the shadowy world of offshore finance, is now available to the public for the first time. The Washington Post is joining a group of global media organizations in publishing a searchable database of more than 300,000 opaque offshore entities
Panama Papers Include Dozens of Americans Tied to Fraud and Financial Misconduct (ICIJ) Mossack Fonseca's files include offshore companies linked to at least 36 Americans accused of serious financial wrongdoing, including fraud and racketeering
Viking Horde: A New Type of Android Malware on Google Play (Check Point) The Check Point research team uncovered a new Android malware campaign on Google Play it calls Viking Horde
Lost Door Remote Access Trojan Distributed via Facebook, YouTube, Blogspot (Softpedia) A Tunisian hacker known as OussamiO has been busy for the past nine years distributing his Remote Access Trojan (RAT) via ads on the Dark Web, but also on popular networks such as Facebook, YouTube and Google's Blogspot
Attackers are probing and exploiting the ImageTragick flaws (IDG via CSO) Security companies have observed attacks trying to exploit recently disclosed remote code execution flaws in the ImageMagick Web server library
Attackers keep flinging assorted ImageMagick 0day exploits (Help Net Security) It’s been a week since the existence of several flaws affecting popular image processing library ImageMagick have been made public
This unusual botnet targets scientists, engineers, and academics (ZDNet) The Jaku campaign performs a "highly targeted operation" to infect systems and carry out DDoS and phishing attacks, warn researchers from Forcepoint
CryptXXX 2.0: Ransomware Authors Strike Back Against Free Decryption Tool (Proofpoint Insight) In mid-April, Proofpoint researchers discovered CryptXXX, a new malware variant developed by the authors of the Reveton malware and closely tied to Angler and Bedep [1]. Our colleagues at Kaspersky quickly released a decryption tool with which infected users could recover encrypted files without paying the CryptXXX ransom. However, the latest version of CryptXXX, which appeared in the wild today, renders that tool ineffective, returning the focus on CryptXXX to detection and prevention
Bucbi Ransomware Makes a Comeback After Two Years (Softpedia) Crooks are brute-forcing RDP servers to spread Bucbi
Ransomware, Phishing Attacks Rise as Cyber-Crime Increases (eWeek) A Verizon report found most attacks exploit known vulnerabilities that have never been patched despite patches being available for months or even years
5 Email Campaigns Evading In-Market Security Solutions (IT Business Edge) Email is still the primary attack vector for many cybercriminals. In addition to malicious attachments and URLs, credential phishing is also on the rise and placing everyday users at the root of the attack. Why? Cybercriminals are using advanced attack methods that are consistently evading traditional detection tools. As such, organizations are beginning to realize that these advanced attacks can only be detected through multi-dimensional behavioral analytics that operate on diverse data sources and use a full spectrum of machine learning techniques
Beware: fake emails are becoming more realistic (Business IT) A security vendor reports that fake emails are getting harder to spot, as cyber criminals become more effective at spreading malware and stealing passwords. Criminals are crafting increasingly realistic emails using local brands and logos to impersonate postal companies, tax and law enforcement agencies and utility firms, according to security vendor Sophos
10 Years Of Human Hacking: How ‘The USB Way’ Evolved (Dark Reading) After a decade of clicking without consequence, users still haven't gotten the message about the dangers of rogue USB devices with malware hidden inside
WordPress Cross-Site Scripting and Security Bypass Vulnerabilities (Secunia) Multiple vulnerabilities have been reported in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions
FDIC reports five ‘major incidents’ of cybersecurity breaches since fall (Washington Post) The Federal Deposit Insurance Corp. (FDIC) on Monday retroactively reported to Congress that five additional “major incidents” of data breaches have occurred since Oct. 30. FDIC also is launching “a new initiative to enhance security”
IRCTC Denies Hack, But Leaked Data Could Be Genuine (InfoRisk Today) IRCTC's MD says data theft needs verification, but no intrusion took place
Security Patches, Mitigations, and Software Updates
Aruba fixes networking device flaws that could open doors for hackers (IDG via CSO) The flaws affect ArubaOS, the AirWave Management Platform (AMP) and Aruba Instant (IAP)
Cyber Trends
Top 2016 Cybersecurity Reports Out From AT&T, Cisco, Dell, Google, IBM, McAfee, Symantec And Verizon (Forbes) The biggest players in cyber have published their annual security reports for 2016. Each one brings its unique view on cybercrime, and cyber defense strategies
EventTracker Publishes SIEM Expertise Survey Report (Marketwired) Study finds a significant percentage of companies lack resources to manage IT security challenges
Manufacturing Sector Identified as Leading Target of Infrastructure Cyber-Attacks (ENGINEERING.com) The US Department of Homeland Security (DHS) recently identified the manufacturing sector as the leading target of infrastructure cyber-attacks, accounting for one third of total attacks
What Are the Security Risks of the Cloud? (eWeek) Andy Ellis, chief security officer at Akamai, details some of the challenges and opportunities for security in the cloud
How secure are the devices connecting to enterprise assets? (Help Net Security) Most enterprises have accepted that its employees will use their own various, often mobile devices to access company assets, and have realized that the defined, more easily secured network perimeter is a thing of the past. All that remains for them is to make sure these devices are secure as they can be
Report examines general state of security on 2 million devices (CSO) Mac users typically have the most updated software installed
Managing Cyber Risk a Top Priority in Asia Pacific, Yet Vulnerability Management Strategies Lag According to New Research (Businesswire) Regional survey of information security professionals found 80 percent of companies attacked in 2015 lacked sufficient vulnerability management capabilities
Cyber Attacks in Retail Sector Highest in 2015, Reports Dimension Data (Spamfighter News) A report from an Information Technology security firm in Wellington reveals that the number of cyber-assaults on the retail market was the highest in 2015 therefore consumers and businesses must remain watchful while worldwide cyber-crime gets increasingly refined
Australian health sector an easy target for cyber criminals, says IBM (ComputerWeekly) A push to encourage greater adoption of electronic health records has raised the spectre of online record theft
Marketplace
Hackers get big paychecks from multiple sources (The Hill) The FBI isn’t the only one paying hackers huge price tags to hand over ways to hack into personal devices
Microsoft's cyber security strategy: How it is using Bing, Azure and machine learning to build a secure platform (Computer Business Review) C-level briefing: How Microsoft's broad portfolio is feeding data back into its cyber security offerings
Palantir co-founder blasts report that CIA-backed company is struggling (Silicon Valley Business Journal) Palantir Technologies co-founder Joe Lonsdale over the weekend accused Buzzfeed of taking some facts out of context and "bad journalism" in a less-than-flattering report on Friday
FireEye Inc. Announces Leadership Changes (Motley Fool) Incoming CEO Kevin Mandia says he expects the company to "dominate" the cybersecurity arena in the years ahead
Here's Why Palo Alto Networks Is Better Than FireEye (Investor Guide) Cyber security stocks have been very volatile. For instance, FireEye (FEYE), which is off considerably from its 52-week highs, fell almost 20% yesterday after reporting bleak quarterly report. Investors need to be very careful when choosing a stock in this space. Since the companies are focusing on growing market share, they spend more money than they generate, which is why stocks in the sector are very volatile
NEWS ANALYSIS: Hacking fears as Google chops ‘freeloading’ security firms (Business Day) A number of young technology security companies are losing access to the largest collection of industry analysis of computer viruses, a setback industry experts say will increase exposure to hackers
NRC to sole-source cyber simulation contract ... unless (Federal Times) The Nuclear Regulatory Commission is planning to award a sole-source contract for evaluating and training its cybersecurity staff, however the commission is giving other prospective vendors a chance to show they can meet the requirements
CSC Completes Acquisition of UK’s Xchanging (Insurance Journal) CSC, the TYSONS, Va.-based technology solutions and services provider, announced it has completed the acquisition of Xchanging plc
Raytheon Opens New Campus in Richardson (WPAB News) Raytheon has opened a campus in Richardson along Bush Turnpike, east of Highway 75. The facility will house Raytheon’s Intelligence, Information and Services
An Innovation Jason Bourne Would Love (Forbes) You know that scene in the 2002 movie The Bourne Identity, when Jason Bourne (Matt Damon) dispatches a CIA assassin sent to kill him at his French farmhouse hideout — and then uses the guy’s phone to make a zero-click encrypted phone call to CIA headquarters in Langley?
Start-up, Vera, welcomes Mark Leslie to board of directors (ARN) Company also cements Series B funding from Capital One Growth Ventures
Products, Services, and Solutions
AKUA's Secure Gateway Solution Selected by Parkinson Seed Farm (PRNewswire) Persistent cargo monitoring and tracking will facilitate improved logistics
ESET security solutions top independent spam filtering tests (Security Bureau) ESET has come out tops as the highest security solution for anti-spam protection according to not one, but two, testing authorities
Malwarebytes Anti-Malware Explained: Usage, Video and Download (Softpedia) Learn how to use this powerful virus removal application
Swimlane Selected as a Gartner "Cool Vendor" (PRNewswire) Swimlane, a developer of cybersecurity automation solutions, today announced that it has been named to Gartner's list of "Cool Vendors 2016" in the category of Security Infrastructure Protection
Two Great Apps Arrive To Stop Hackers Spying On Your iPhone (Forbes) Apple AAPL +0.12% provides plenty of protection for iPhone users, as the FBI learned over the last few months. But it can never offer total security
Lieberman Software Partners With Aikya Security (MarketWired) Partnership extends privileged access management offerings to Canadian enterprises
Updated: Microchip’s hardware-encrypted micro for IoT (Electronics Weekly) Microchip has launched a hardware crypto-enabled 32bit microcontroller which can add security to IoT devices, offering encryption and authentication
Ixia Announces CloudLens Platform to Deliver Visibility Across Private, Public, and Hybrid Clouds (BusinessWire) Ixia (Nasdaq: XXIA), a leading provider of network testing, visibility, and security solutions, today announced CloudLens™, a platform consisting of existing Ixia solutions and planned products that will integrate network visibility across private, public, and hybrid cloud environments
Quick Heal upgrades its line-up of security products (Times of India) Quick Heal Technologies Limited has released version 17 of Quick Heal Total Security, Quick Heal Internet Security and Quick Heal Antivirus Pro
GIAC Launches New Certification for Python Coders, GPYC (PRNewswire) Provides employers ability to identify experts that have needed Python skills
Technologies, Techniques, and Standards
Let’s stop talking password flaws and instead discuss access management (Help Net Security) A good bit of attention has been given to a new report that suggests that there are organizations that don’t change their administrative passwords at all, ever
Vaizey urges businesses to adopt Cyber Essentials to combat malware threats (SC Magazine) As UK government vows to boost cyber-defences, its own research finds majority of successful attacks could have been prevented by adopting Cyber Essentials
The IT Checklist to Prevent Data Breach (Aim.ph) A big part of data security is the proactive prevention of data loss, theft, and security breach, and it is always better to prevent these from happening instead of mitigating attacks
Preventing user-based attacks (ITWeb) Today, an enormous percentage of business is conducted via the Internet on a multitude of devices and platforms. End users share more information than ever and connect to numerous outside networks, increasing the potential attack surface exponentially
Guardsman conduct large-scale cyber training (Defense Systems) The potential threat to infrastructure was one focus of the recent Cyber Shield 2016, a national cyber exercise in which National Guard units took part along with Army, Reserve and Marine Corps cyber warriors
Why cyber tools are not total solutions (Federal Times) I had the opportunity to attend this year’s RSA Conference in San Francisco and I was impressed with the hundreds of cybersecurity exhibitors on display there. If you ever have the chance to go and haven’t been already, do yourself a favor and take the trip. It’s absolutely worth the investment
Design and Innovation
IBM's Watson is going to cybersecurity school (CSO) Eight universities will help train it to tackle cybercrime
Why ONI May Be Our Best Hope for Cyber Security Now (Datanami) Huge volume of network data has made it all but impossible for the good guys to detect new security threats, which has created space for the bad guys to operate. But thanks to a new Apache big data project called Open Network Insight (ONI), the good guys now have a powerful way to cut through the noise and identify bad guys and their malicious schemes
Research and Development
DARPA calls for help to improve cyber attack attribution (Help Net Security) Reliable cyber attack attribution is currently almost impossible, and the Defense Advanced Research Projects Agency (DARPA) wants to find a solution for that problem
GO-Trust Works with the National Cybersecurity Center of Excellence (NCCoE) (Sys-Con Media) Today GOTrust Technology Inc. (GO-Trust) announced it is collaborating with the National Cybersecurity Center of Excellence (NCCoE) on its Derived Personal Identity Verification (Derived PIV) Credentials project
CYREN Awarded Second Cybersecurity Grant from Israeli Government (PRNewswire) CYREN (NASDAQ: CYRN) today announced it was awarded a grant of ILS 3.22 million (approximately USD 0.85 million) by the Office of the Chief Scientist (OCS) at Israel's Ministry of Economy and Industry. The grant is part of Israel's ongoing initiative that provides benefits to Israeli companies in order to encourage R&D activity aimed at developing technological solutions in the field of cybersecurity. CYREN received a similar grant last year as well
Academia
The search for next gen cyber security experts starts in high school (Portland Business Journal) Several Portland companies and Portland State University are teaming up for a cybersecurity camp aimed at high school students. And, as guest columnist Rob Wiltbank notes, applications are open
Legislation, Policy, and Regulation
Senator Wants Definition on Cyber Act of War (Federal News Radio) The United States is constantly attacked in the cyber realm, but when do those attacks mean war?
Presidential Advisers Recommend Countering Cyberattacks, Shootings with Big Data (Nextgov) An adversary has spent months executing a cyberattack on an unnamed part of the nation's critical infrastructure, after years of planning. Now, the disruption to daily American life is reaching its climax. First, there is a distributed denial of service, or DDoS," attack that masks a massive theft of data crucial to plotting the final coordinated strike. No one notices because security personnel are too busy trying to revive systems overwhelmed by a deluge of bogus network traffic
Influencers oppose expanding federal hacking authorities (Christian Science Monitor Passcode) Nearly two-thirds of Passcode’s Influencers said US judges should not be able to issue search warrants for computers located outside their jurisdictions
IoT security: not ripe for regulation (The Hill) Media reports regularly offer frightening stories about security vulnerabilities in the emerging “Internet of Things,” from the hack of a Jeep to the specter of bad guys accessing “smart homes” or exploiting industrial IoT to compromise utilities
Defense Business: These Are Nervous Times for Contractors (National Defense) Speaking to a room of government contractors recently, defense officials insisted that there is no witch-hunt
Litigation, Investigation, and Law Enforcement
Canada Revenue Agency scouring Panama Papers for possible tax cheats (CBC) 'If we can lay criminal charges, we will lay criminal charges,' minister says
Reuters: Police Say SWIFT Techs Made Bangladesh Bank More Vulnerable Before Heist (Dark Reading) SWIFT rejects 'baseless allegations' that software company's negligent security procedures had anything to do with $81 million wire transfer heist
SWIFT rejects Bangladeshi claims in cyber heist, police stand firm (Reuters) SWIFT has rejected allegations by officials in Bangladesh that technicians with the global messaging system made the nation's central bank more vulnerable to hacking before an $81 million cyber heist in February
Bangladesh central bank hack may be an insider job, says FBI (IDG via CSO) Financial network SWIFT has denied earlier allegations its technicians contributed to the hack
Twitter bars intelligence agencies from key data service (The Hill) Twitter has barred U.S. intelligence agencies from accessing a service that monitors and sorts the entire worldwide volume of tweets in real time
U.S. Reaping the Results of a Poisoned Relationship With IT Industry (eWeek) The U.S. government is learning that it badly needs the technology industry's cooperation, but it's given the industry little incentive to do its civic duty
Privacy and the New Math (Linux Journal) In the Apple vs. FBI case, the real disputes are between math and architecture, and between open and closed. Linux can play an important role in settling those disputes, because it is on the right side of both
Apple, Google, AT&T, Verizon Face FTC And FCC Scrutiny Over Slow Mobile Security Updates (Hot Hardware) When it comes to the often slow pace of security updates being pushed to the mobile devices that are at center of our daily digital lives, both the Federal Communications Commission (FCC) and the Federal Trade Commission (FTC) are looking for some answers
FTC orders Apple, Google, Microsoft, Blackberry, Samsung to divulge mobile security practices (Network World) FTC wants 8 leading mobile communication vendors to understand policies regarding mobile device security
Syrian hacker extradited to the United States from Germany (Washington Post) An alleged hacker with the Syrian Electronic Army, a group that supports the Syrian government, has been extradited to the United States from Germany on charges of conspiracy linked to a hacking-related extortion scheme, U.S. officials said Monday
State Department claims it can't find any Clinton texts or email file for IT aide (Politico) The State Department maintains that it cannot find any text messages sent to or from former Secretary of State Hillary Clinton and cannot locate any emails received or sent by a key information technology staffer during her tenure, lawyers for the Republican Party said in a court filing Monday
Recidivism Watch: Clinton’s claim on ‘material marked classified’ (Washington Post) One of Clinton’s standard lines about her email system popped up again over the weekend. We had examined this claim in detail back in August, noting that Clinton’s very careful and legalistic phrasing raises suspicions
Afognak Native Corporation Recovers $3.665M of Cyber Fraud Funds (Globe Newswire) Afognak Native Corporation announced today that it has recovered nearly all of the stolen funds that were fraudulently obtained by an international criminal ring during a sophisticated cyber crime attack against the corporation in May 2015
This Hacker was Arrested for Exposing Flaws in Lee County elections website (Hack Read) David Levin, the 31-year old political consultant from Estero, was been jailed for over six hours for hacking into the Lee County election website on December 19, 2015
Liberty Reserve Founder Gets 20 Years For Money Laundering (Dark Reading) Convicted for virtual currencies laundering operations worth $8 billion