New York City: wrapping up the Second Annual Cyber Investing Summit
Pitches: Innovation from Young Companies (The CyberWire) In a crowded market, how can you put innovation in front of prospective customers and investors? Four young companies making a name for themselves address the 2017 Cyber Investing Summit.
Investors and Customers: What they're looking for in cybersecurity vendor (The CyberWire) There was a consensus at the Summit that cybersecurity is fundamentally an exercise in risk management. The sector remains relatively young, and the sorts of actuarial data, well-established best practices, and regulatory systems that have shaped risk management in other areas are still emerging.Early stage investors help start-ups, the venture capitalists at the Summit believed, with close engagement and advice, particularly in matters affecting management and communication. If a start-up wonders what value these investors bring, they should think of expertise and guidance as much as they think of capital. An interesting trend noted by DataTribe's Mike Janke: the big investment firms have consolidated their investments, which has pushed them out of the A round. That's left the early stages to the angels and the incubators.
Cyber Attacks, Threats, and Vulnerabilities
Russian Hackers Are Using ‘Tainted’ Leaks to Sow Disinformation (WIRED) A group of security researchers present the most systematic analysis yet showing Russian hackers mix fakes in with their hacked revelations.
E-mails phished from Russian critic were “tainted” before being leaked (Ars Technica) Campaign targeting more than 200 people also spread disinformation, report says.
Tainted Leaks: Disinformation and Phishing With a Russian Nexus - The Citizen Lab (The Citizen Lab) Documents stolen from a prominent journalist and critic of the Russian government were manipulated and then released as a “leak” to discredit domestic and foreign critics of the government. We call this technique “tainted leaks.”
In Modern Cyber War, the Spies Can Become Targets, Too (Wall Street Journal) Over the past eight months, a mysterious hacking group released what it says are National Security Agency computer-espionage secrets. Former intelligence officials now fear the hackers are taking a new tack: exposing the identities of the NSA computer-hacking team.
Florida GOP consultant admits he worked with Guccifer 2.0, analyzing hacked data (Ars Technica) Voting models and other leaked data were “worth millions,” consultant told Guccifer 2.0.
Vietnam-linked hackers likely targeting Philippines over South China Sea dispute: FireEye (Reuters) Hackers linked with Vietnam's government are likely targeting Philippine state agencies to gather intelligence related to the maritime dispute in the South China Sea, cybersecurity company FireEye (FEYE.O) said on Thursday.
An Up-Close View of the Notorious APT32 Hacking Group in Action (WIRED) Cybersecurity company Cybereason has shared new details about how one of the world's most mysterious hacking groups operates.
Author shuts down EternalRocks worm that could have out-damaged WannaCry (Computing) The developer of a worm using four different NSA exploits to spread has thrown in the towel.
Forget North Korea's Nuclear Arsenal. Its Chemical and Cyber Weapons Are Already a Threat. (The National Interest) Pyongyang’s VX attack and cyber hijinks suggests a regime bent on acquiring multiple weapons of mass disruption and destruction.
WannaCry Ransom Note Written by Chinese, English Speaking Authors (Threatpost) A linguistics analysis of the 28 ransom notes included with WannaCry indicate that native Chinese and English speakers wrote the original note, Flashpoint said.
WannaCry Ransom Notes Penned by Chinese-Speaking Authors, Analysis Shows (Dark Reading) But a Chinese-language link doesn't shoot down theories of the North Korean Lazarus Group's involvement in the ransomware worm attacks, say language experts at Flashpoint.
Symantec's claims that North Korea is behind WannaCry ransomware blasted as 'distracting' (Inquirer) ICIT claims connection is 'premature and not wholly convincing',Security ,Symantec,ransomware,wannacry,north korea,Hacking
Symantec cites links between WannaCry ransomware and Lazurus, but ICIT calls report a 'distraction' (Healthcare IT News) The security firm stressed the connection to North Korea-linked hackers was purely technical, but there were substantial commonalities in the tools, infrastructure and techniques used.
WannaCry Gives Consumers a First Look into Ransomware (Dark Reading) Although ransomware has been around for two years, it took the fast-moving and expansive WannaCry to provide a majority of consumers their first glimpse, according to a study released today.
Newly Discovered Vulnerability Raises Fears of Another WannaCry (NDTV Gadgets360.com) A newly found flaw in widely used networking software leaves tens of thousands of computers potentially vulnerable to an attack similar to that caused by WannaCry, which infected more than 300,000 computers worldwide, cyber-security researchers said on Thursday.
Kelly: DHS halted the march of WannaCry in the U.S. (FCW) The DHS Secretary told a Hill panel that the agency was key to curtailing the historic cyberattack.
Bogus anti-WannaCry apps cropping up on Google Play (Help Net Security) While the world is still battling WannaCry, fraudsters are exploiting users' confusion to make them install Android apps that supposedly protect against it.
Yup, the Android app store is full of useless, unwanted anti-WannaCry apps (Graham Cluley) Apps claiming to protect Android users against WannaCry ransomware are popping up on Google Play, but all of them are a bunch of hogwash.
New Samba Bug Dangerous But No WannaCry (Dark Reading) The administrators of the open-source Samba software have fixed a newly discovered vulnerability that lets attackers upload malicious files to vulnerable systems and servers.
WannaCry: the rush to blame XP masked bigger problems (Naked Security) Many pointed the finger at Windows XP, but the worst hit computers were unpatched Windows 7 machines
In a throwback to the ’90s, NTFS bug lets anyone hang or crash Windows 7, 8.1 (Ars Technica) It's like the c:\con\con bug all over again.
Critical Vulnerability in Samba from 3.5.0 onwards (SANS Internet Storm Center) Developers of Samba[1] disclosed a critical vulnerability that affects the file sharing component. Samba is a suite of tools that helps in the interoperability between UNIX with Microsoft Windows. The vulnerable component is the daemon that offers file sharing capabilities.
Password Breaches Fueling Booming Credential Stuffing Business (Threatpost) The market for automated credential stuffing tools is growing fast, because of a record number of breaches.
RANSOMWARE IS LOUD & GETS THE HEADLINES while credential stealing malware is quiet - as they take the keys to your kingdom... (LinkedIn) In this video learn all about how hackers are reeking havoc on US enterprises with credential stealing malware.
Victims Lost US$1B to Ransomware (TrendLabs Security Intelligence Blog) Over the course of 2016, ransomware operators trailed their sights on bigger targets and raked in US$1 billion for their efforts.
Kentucky workers comp carrier survives ransomware (CSO Online) An overzealous Web surfer brings employee training to the forefront. See how they have tightened up the network.
Ransomware: Carding's Replacement for the Criminal Masses (Dark Reading) Ransomware is not only here to stay, it's going to proliferate by orders of magnitude and cause substantial risk to businesses for the foreseeable future.
Trump’s Dumps: ‘Making Dumps Great Again’ (KrebsOnSecurity) It’s not uncommon for crooks who peddle stolen credit cards to seize on iconic American figures of wealth and power in the digital advertisements for their shops that run incessantly on various cybercrime forums.
Houdini on Paste Sites (Recorded Future) Recorded Future analysts found a threat actor from Germany that appears to be partially responsible for the malicious VBScripts posted to paste sites.
A Rising Trend: How Attackers are Using LNK Files to Download Malware (TrendLabs Security Intelligence Blog) PowerShell is a versatile command-line and shell scripting language from Microsoft that can integrate and interact with a wide array of technologies. It runs discreetly in the background, and can be used to obtain system information without an executable file. All told, it makes an attractive tool for threat actors. There were a few notable instances...
How does Gooligan malware compromise Google accounts? (SearchSecurity) Gooligan malware can steal authentication tokens from an infected Android device to access a user's Google account. Find out how to prevent this attack.
New class of attacks affects all Android versions (Help Net Security) Researchers have demonstrated how a malicious app with two specific permission can stealthily compromise users' Android devices. Attack Android.
Samsung Galaxy S8 not as secure as you think, a German team shows how it can be hacked (The News Minute) This should be the last thing Samsung might want to hear. Just when they would have been celebrating back in Seoul the huge victory with the latest flagships Galaxy S8 and S8 Plus, comes the bad news from Germany. The Iris Scanner on the Samsung Galaxy S8 and S8 Plus is not that secure after all.
People who were impersonated by anti-net neutrality spammers blast FCC (Ars Technica) FCC should investigate and throw out fake comments, impersonation victims say.
When Technology Takes Hostages: The Rise of 'Stalkerware' (Motherboard) NSA zero-days and sophisticated state surveillance tools get all the headlines. But we’re overlooking the dangerous, life-threatening, rise of “stalkerware,” which enables domestic violence.
5 Unsettling cyberthreats (Malwarebytes Labs) Cyberthreats are typically boring, repetitive, and require a reasonably predictable remediation process. Here are 5 cyberthreats that if you’re not frightened by, you should be.
Security Patches, Mitigations, and Software Updates
Critical Samba code execution hole plugged, patch ASAP! (Help Net Security) The Samba code execution flaw could allow a malicious client to upload a shared library to a writable share, and cause the server to load and execute it.
Security Firm Releases Windows XP Patch for NSA Exploit ESTEEMAUDIT (BleepingComputer) Cyber-security firm enSilo has released a patch for Windows XP and Windows Server 2003 that will protect against attacks via ESTEEMAUDIT, a hacking tool dumped online by the Shadow Brokers last month, and allegedly developed by the NSA.
Keybase Extension Brings End-to-End Encrypted Chat To Twitter, Reddit, GitHub (Threatpost) A recently released extension for Chrome, developed by the public key crypto database Keybase, brought end-to-end encrypted messaging to several apps this week.
SCADA HMI Devs Take 150 Days to Release Patches (Infosecurity Magazine) SCADA HMI Devs Take 150 Days to Release Patches. Trend Micro report urges more secure development to minimize SCADA bugs
Cyber Trends
12 Key Takeaways From 6 Cybersecurity Insights Reports (BitSight) Take a look at new trends and pertinent data from six BitSight Insights reports on cybersecurity.
Cybersecurity ROI: Still a tough sell (CSO Online) Cybersecurity is a wise investment. But as a panel of experts at the MIT Sloan CIO Symposium said, it is difficult to put an exact number on it.
AI: The promise and the peril (CSO Online) Two panels at the MIT Sloan CIO Symposium this week focused on how to embrace the almost magical productivity benefits of artificial intelligence without leaving workers behind.
‘Sometimes it is necessary to bend the rules a bit’ (CSO Online) A recent survey asked employees why they didn’t follow the rules and much of the response sounded a bit like a child answering their parent. They might have been bored or there were too many rules to deal with.
Cyber attack threat to law firms prompts warnings (Financial Review) Big law firms have beefed up cyber protections, but they're asking questions about smaller ones.
Marketplace
5 Proven Cyber Security Certifications That Will Skyrocket Your Salary (HackRead) With rising salaries and a massive global demand for qualified professionals, cyber security is an incredibly attractive industry to work in. There are tho
Report: Microsoft to buy security firm Hexadite for $100M as Cloudyn still in progress (TechCrunch) While we wait to get more news on Microsoft closing a reported acquisition of Cloudyn, another report has emerged of one more enterprise startup that the..
Poll: Microsoft's Brand Appears Stronger Than Data Breach - Morning Consult (Morning Consult) Despite people’s concern for their online safety, the security breach of a well-loved brand such as Microsoft Corp. did not deter its most dedicated customers.
Defence supplier QinetiQ revamps as global security steps up (Evening Standard) Ministry of Defence supplier QinetiQ promised to crack on with a shake-up today by targeting increasingly “sophisticated” customers facing a cocktail of global security threats. The FTSE 250 supplier of weapons systems and technology, which recently won a £1 billion amendment to a long term MoD contract, saw revenues rise 4% to £783.1 million and pre-tax profits up to £123.3 million for the year ending March.
Czech-Based Avast Looks to Number One Position in Global Security (Radio Praha) It’s probably a surprise to most outsiders that the Czech Republic is a world leader in terms of computer and mobile phone security but that’s undoubtedly the case as Avast wraps up its takeover of rival company AVG.
ThreatQuotient Takes Gold for Best IT Software and Hottest Company in 2017 IT World Awards (BusinessWire) ThreatQuotient™, a trusted threat intelligence platform innovator, today announced that they have been named the winner of four Network Products
A10 Networks Appoints New Chief Financial Officer (Techwire.net) Tom Constantino will start in the new position of executive vice president and chief financial officer on June 12.
Products, Services, and Solutions
New infosec products of the week: May 26, 2017 (Help Net Security) Here's an overview of new products from the following infosec vendors: BH Consulting, Circadence, IBM, NopSec, Skyport Systems, and Vera.
Cyphort Introduces the Quilt Security Ecosystem (Sys-Con Media) Leveraging the open architecture of its Anti-SIEM software platform, Cyphort has completed product integration with more than 30 technology vendors
Zscaler Reveals Insights from the World’s Largest Cloud Security Platform at Cloud Expo Asia conference in Hong Kong (China Newswire) More than 5,000 organizations are escaping legacy security appliance overload with Zscaler
New Jersey Hospital Association Selects Sensato Cybersecurity Solutions as Strategic Partner (PRNewswire) The New Jersey Hospital Association (NJHA) has selected...
Superyachts face tidal wave of cyber-attacks (St. Lucia News Online) One of the country’s leading cyber-security companies that has worked with the Royal Navy is seeing a steep rise in demand for its expertise from superyacht...
Rapid7 Launches New Partner Program, Puts Services Play Front And Center (CRN) The security vendor's new program will allow partners to deliver professional, deployment and training services, recognizing that's where partners can 'provide the most value to our mutual customers,' says Rapid7's John Ryan.
SparkCognition Solutions Products Now Available on GSA Schedule (PRNewswire) SparkCognition, a global leader in cognitive computing analytics, today...
Technologies, Techniques, and Standards
You Have One Year to Make GDPR Your Biggest Security Victory Ever (Dark Reading) The EU's new razor-toothed data privacy law could either rip you apart or help you create the best security program you've ever had. Here's how.
As GDPR deadline looms, time for compliance is running out (Help Net Security) GDPR is a game-changing piece of data protection legislation that goes into effect on May 25, 2018. While the legislation includes various components relat
EU GDPR Final Countdown: How to Prepare Your Security Program (Infosecurity Magazine) GDPR will have real-world impact, and not just for EU member states.
Guidance for connected vehicle security: Attack vectors and impacts (Help Net Security) "Observations & Recommendations on Connected Vehicle Security" is report that provides a comprehensive perspective on vehicle security connectivity design.
NATO Releases IoT Draft Report (SIGNAL Magazine) The Parliamentary Assembly will discuss a report urging governments to take a more proactive role in defining the IoT's future at its spring session.
EU security body calls for a security trust mark for IoT devices (Bitdefender) For all the excitement and buzz around the Internet of Things, spurred on by connected gadgets being sold in great numbers both online and on the high street, there is no denying that it has a serious problem. And the problem is that often IoT devices are found to be lacking when it comes to …
Why can’t security have SLAs? (CSO) Sure 100 percent uptime is a pipe dream, but some vendors believe it is unrealistic to even place parameters on security.
In the Future, Internet-Connected Car Security Is Only Getting Tougher (Tech.Co) Self-driving cars will create an entirely new form of life in major cities across the world. However the concern for security is at the forefront.
Rockwell Automation outlines best practices for industrial security (Mining Review) Rockwell Automation cautions that industrial organisations are operating in ways they scarcely could have imagined a few decades ago. They are converging his
Caught in the breach – what to do first (CSO Online) Since there is no way to prevent every cyber attack, incident response is crucial. Experts at the MIT Sloan CIO Symposium talk about what to do immediately after the bad news hits.
Using threat intelligence tools to prevent attacks on your enterprise (SearchSecurity) Find out how threat intelligence tools can help pre-empt possible attacks on your enterprise and keep your assets secure.
How to build a better SOC team (Help Net Security) What can organizations do to alleviate the strain on its security professionals, better protect the business and build a better SOC team?
In the Cloud, Evolving Infrastructure Means Evolving Alliances (Dark Reading) New opportunities makes for unusual bedfellows. Here's how to navigate the shift in organizational dynamics between security operations, line-of-business managers and developers.
How to Prevent Hackers From Hijacking Memorial Day (Infosecurity Magazine) How not to fall victim to a hoax on Memorial Day, and the solutions to solve this.
Design and Innovation
Walk this way: Researchers claim new authentication technology based on the way people walk (Computing) Could walking become the latest form of biometric authentication?
Academia
Virginia Tech Designated NSA Center For Academic Excellence In Cyber Operations (Alexandria News) Governor Terry McAuliffe today announced that the National Security Agency has designated Virginia Tech as a Center for Academic Excellence in Cyber Operations. The first university to receive this status in the Commonwealth, Virginia Tech joins an exclusive list of 16 other universities in the nation in bearing this designation. Virginia Tech will hold the CAE-CO designation for five academic years, from 2017 to 2022.
NZ Herald: New Zealand's Latest News, Business, Sport, Weather, Travel, Technology, Entertainment, Politics, Finance, Health, Environment and Science (The New Zealand Herald) Latest breaking news articles, photos, video, blogs, reviews, analysis, opinion and reader comment from New Zealand and around the World - NZ Herald
Legislation, Policy, and Regulation
Revised Active Defense Bill Allows Victims to Recover or Destroy Stolen Data (Threatpost) Rep. Tom Graves has revised a draft of the Active Cyber Defense Certainty Act with new provisions that include mandatory notification and permission to recovery or destroy stolen data on the attack…
Proposed 'hack back' law would not have stopped WannaCry (CSO Online) On Monday, the Financial Times published a story concerning a proposed bill form Representative Tom Graves, a Republican from Georgia's 14th district. Graves has proposed changing the Computer Fraud and Abuse Act (CFAA) to allow organizations to fight back when being attacked online. But is this a smart, or even workable solution for enterprise operations?
GOP chair eyes DHS cyber reorganization bill next week (TheHill) Bill to organize DHS cyber unit has backing from Trump administration, McCaul says.
Cyber Command’s Move to Full Combatant Command Still in Works (Sea Power) The future growth of U.S. Cyber Command and the need to get ahead of adversaries were subjects of a May 23 hearing in Washington of the House Armed Services emerging threats and capabilities subcommittee.
Trump’s First Cybersecurity Scorecard (Infosecurity Magazine) ‘C for effort – could try harder’ seems to be the overall judgment of Trump’s first quarter as President, reports Danny Bradbury
Trump wants capability to track, hack and destroy drones (C4ISRNET) If these new powers do come into law, we can expect a whole new range of drone-capture kit to hit the market for law enforcement agencies.
Lieberman withdraws from FBI director consideration (CNN) Former Sen. Joe Lieberman, once considered a front-runner, formally withdrew his name from consideration. Ex-TSA Admin John Pistole may be under consideration
SECURITY: Slim TSA cyber staff takes on rising pipeline threat (EnergyWire) As the cyberthreat facing the nation's biggest natural gas pipelines grows and evolves, a small group of federal workers tasked with protecting the sprawling, hidden energy matrix is woefully outnumbered.
Litigation, Investigation, and Law Enforcement
Bomber Salman Abedi planned Manchester attack for a year (Times (London)) The Manchester bomber is believed to have planned the attack for at least a year and bought nails and screws for the atrocity in two trips to DIY stores in the city, The Times has learnt. Salman...
Manchester bomber probably had ISIS training, US official says (CNN) Manchester suicide bomber Salman Abedi likely received some ISIS training by traveling to Syria in the months before the bombing, according to information gathered in the preliminary investigation into the attack, a US official told CNN on Thursday.
Manchester bombing latest: Teenager among suspects in custody amid fears Salman Abedi made second device (The Telegraph) Counter-terror police investigating the Manchester Arena bombing have carried out fresh raids today amid fears the attacker might have built a second device that is now in the hands of fellow jihadists.
Think Before You Tweet In the Wake of an Attack (WIRED) Terrorists use social media to recruit, but they also depend on you and the media to use it to amplify their message.
Twisted logic drives terrorists to target children (Times (London)) As a cultural phenomenon, suicide bombing is comparatively new, astonishingly virulent and remarkably complex — an explosive combination of ideology and psychology that has made it the terrorist...
Trump calls for investigation of U.S. leaks in Manchester bombing probe (Washington Post) In Brussels, Trump responded to British outrage over the leaks and vowed to “get to the bottom of this” to preserve intelligence sharing.
The U.S. Intelligence Ship Is Too Leaky To Sail (Bloomberg) The U.S. services have lost credibility by becoming the leakiest in the world.
Norwich hospital and airport cyber-attack: Man charged (BBC News) A 30-year-old man will appear in court charged with unauthorised access after two incidents in 2015.
Wasserman Schultz Threatened Police Chief For Gathering Evidence On Her IT Staffer’s Alleged Crimes [VIDEO] (The Daily Caller) Rep. Debbie Wasserman Schultz threatened the chief of the U.S. Capitol Police with "consequences" for holding equipment that she says belongs to her in order to build a criminal case against a Pakista
3 Nigerian Cyberthieves Sentenced to Total of 235 Years in Prison (Dark Reading) Using love-struck girlfriends found on the Internet to help them carry out their schemes, three Nigerian cyberthieves and their cohorts made off with tens of millions of dollars in pilfered goods before they were ultimately sentenced to a collective total of 235 years in prison.
The Silk Road Creator’s Life Sentence Actually Boosted Dark Web Drug Sales (WIRED) A new study raises questions about the deterrence value of harsh sentencing for dark web crimes.