Cyber Attacks, Threats, and Vulnerabilities
MITA suspicion that Kremlin-friendly hackers attacked government servers – The Observer (MaltaToday.com.mt) British newspaper The Observer has seen a confidential MITA external risk assessment claiming that the Fancy Bears – a hacking collective that is often associated with the Kremlin – would have carried out attacks on government servers
Foot Soldiers in a Shadowy Battle Between Russia and the West (New York Times) Freelance agitators promote Russia’s agenda abroad, getting their backing from tycoons and others, not the state itself.
NSA tools hacking group Shadow Brokers starts up monthly security subscription service (Computing) Hacking group changes tack in bid to 'monetise' its trove of US National Security Agency tools and exploits.
Follow the Bitcoin From the Shadow Brokers NSA Hacking Tool Auction (Motherboard) Is the hacking group finally cashing out?
PHL government, firms target of nation state cyber espionage–FireEye (Business Mirror) Government and private organizations in the Philippines and other Asia-Pacific countries are in the crosshairs of nation-state groups conducting cyber espionage for other states, FireEye Inc. executives said.
Assessing the Global Impact of WannaCry Ransomware (BitSight) This blog examines data on the spread of WannaCry ransomware and the security culture of organizations affected.
The Many Faces of Ransomware (NSS Labs) f you’ve been following the news, you know that the new ransomware, WannaCry, has crippled organizations and end users across the world. Within several hours, WannaCry infected tens of thousands of computers in more than 99 countries and in 27 languages.
Ransomware: A Detailed Analysis of an Emerging Threat (SecurityScorecard Insights & News) One of the most dangerous emerging trends in the malware world is ransomware...
Hospital IT team praised for response to NHS cyber attack (Eastern Daily Press) A hospital IT team has been praised for how it handled the cyber attack which hit the NHS two weeks ago.
New Android Exploit 'Cloak and Dagger' Lets Attackers Steal User Data (HackRead) Gone are those days when Google play store was a trusted place for downloads and it seems like hackers are bypassing the security protocols of Google play
Researchers Demonstrate Android 'Cloak And Dagger' Malware Attacks (Silicon UK) The attacks use 'design shortcomings' in Android to silently take over devices and steal credentials, say Georgia Tech and UC Santa Barbara academics
Google Boots 41 Apps Infected with "Judy" Malware off the Play Store (BleepingComputer) Google has removed 41 Android apps from the official Play Store. The apps were infected with a new type of malware named Judy, and experts estimate the malware infected between 8.5 and 36.5 million users.
Check Point says Judy is "possibly the largest malware campaign found on Google Play" (Neowin) Already plagued by security issues, Android has received another dose of malware through some apps in the Google Play Store. Known as 'Judy', it was discovered by security specialists Check Point.
Chrome Bug Allows Sites to Record Audio and Video Without a Visual Indicator (BleepingComputer) Ran Bar-Zik, a web developer at AOL, has discovered and reported a bug in Google Chrome that allows websites to record audio and video without showing a visual indicator.
Over 8,600 Security Flaws Found in Pacemaker Systems (BleepingComputer) Security researchers from WhiteScope have uncovered over 8,600 vulnerabilities in pacemaker systems and the third-party libraries used to power various of their components.
Synopsys And Ponemon Study Highlights Critical Security Deficiencies In Medical Devices (Information Security Buzz) Synopsys, Inc. (Nasdaq: SNPS) today released the results of the study “Medical Device Security: An Industry Under Attack and Unprepared to Defend,” which found that 67 percent of medical device manufacturers and 56 percent of healthcare delivery organisations …
British Airways outage creates London travel chaos; power issue blamed (The Economic Times) The airline cancelled all its flights from London's two main airports until Saturday evening after a global computer system outage caused massive delays.
British Airways rejects claims that cost-cutting India outsourcing was to blame for bank holiday weekend 'global IT outage' (Computing) BA blames power surge and failure to restore from back-ups for weekend of travel chaos at Gatwick and Heathrow.
British Airways chief vows IT collapse won't happen again (ZDNet) British Airways CEO has said the airline will take steps to ensure there is no repeat of the computer system failure that stranded 75,000 passengers in the United Kingdom over a holiday weekend.
British Airways says no evidence global IT outage caused by cyber attack (Reuters) British Airways said on Saturday there was no evidence that a global breakdown of its IT systems had been caused by a cyber attack.
BA faces £150m loss after chaos at Heathrow (Times (London)) British Airways is facing losses of more than £150 million after the most serious IT failure in UK aviation history. On the third day of disruption today, short-haul passengers at Heathrow and...
Veteran Security Analyst Warns Windows 10, Even With Tracking Off, Still Tracks Too Much (Hot Hardware) Microsoft has gone to great lengths to foster adoption of its Windows 10 operating system, and for good reason.
Microsoft Master File Table bug exploited to BSOD Windows 7, 8.1 (Register) The 1990s called: they want their filepath hack back
Hackers upgrading malware to 64-bit code to evade detection (SC Media UK) Detecting 64-bit malware is more difficult than signature scanning for 32-bit malware, and despite a slow start cyber-criminals are starting to update their tools.
German Threat Actor Spreads Houdini Worm on Pastebin (Infosecurity Magazine) This individual is also actively editing an open source ransomware variant called MoWare H.F.D.
Anonymous Member Playing with Houdini RAT and MoWare Ransomware (BleepingComputer) A self-proclaimed member of the Anonymous hacker collective is behind a campaign to spread the Houdini RAT and is currently looking into deploying the MoWare H.F.D ransomware.
Chipotle Hacked: California, Florida, Illinois, And Texas Restaurants Are Most Affected By Security Breach (The Inquisitr) Customers who had paid by credit card at Chipotle restaurants in major cities across the nation between March 24, 2017 and April 18, 2017, are at risk of a being victim of a massive security breach ...
Molina Health Exposes Scores of Patient Records to Open Internet (Infosecurity Magazine) Countless patient medical claims were available online without requiring any authentication.
Yara Used to RickRoll Security Researchers (TrendLabs Security Intelligence Blog) For most security researchers, Yara, a tool that allows them to create their own set of rules for malware tracking, is an invaluable resource that helps automate many processes. However, despite Yara’s reliability, it shouldn’t be the only tool used to monitor new versions of malware.
Awfully Polite Hackers Allegedly Hijacked This Mall Billboard (Motherboard) "Sincerely, your friendly neighborhood hackers."
Red on Red: The Attack Landscape of the Dark Web (Trend Labs Security Intelligence Blog) We’ve frequently talked about how limited-access networks such as the Dark Web is home to various cybercriminal underground hotspots.
Types of Cyberattacks Hitting the Dark Web – A Research Paper (Deep Dot Web) The dark web represents parts of the internet that only exist on darknets and overlay networks.
8 Most Overlooked Security Threats (Dark Reading) Businesses know the obvious security threats to watch for, but some of the biggest dangers may not at top-of-mind.
FTC: It Takes Criminals Just 9 Minutes to Use Stolen Consumer Info (Dark Reading) Federal Trade Commission experiment lured hackers to learn about how they use stolen consumer information.
How fast will identity thieves use stolen info? (US Federal Trade Commission) If you’ve been affected by a data breach, or otherwise had your information hacked or stolen, you’ve probably asked yourself, “What happens when my stolen information is made public?” At the FTC’s Identity Theft workshop this morning, our Office of Technology staff reported on research they did to find out.
Security Patches, Mitigations, and Software Updates
Microsoft Quietly Patches Another Critical Malware Protection Engine Flaw (Threatpost) Microsoft quietly patched a critical vulnerability found by Google’s Project Zero team in the Malware Protection Engine.
FreeRadius Authentication Bypass (SANS Internet Storm Center) The RADIUS protocol was originally introduced to authenticate dial-up users.( "Remote Authentication Dial-In User Service). While dial-up modems are gone, RADIUS has stuck around as an all-around authentication protocol for various network devices. RADIUS itself assumes a secure connection, which was fine during dial-up days, but in modern networks, RADIUS usually relies on TLS.
Samba exploit – not quite WannaCry for Linux, but patch anyway! (Naked Security) SMB is the Windows networking protocol, so SMB security holes like the one that led to WannaCry can’t happen on Linux/Unix, right? Wrong!
FileZilla FTP Client Adds Support for Master Password That Encrypts Your Logins (BleepingComputer) Following years of criticism and user requests, the FileZilla FTP client is finally adding support for a master password that will act as a key for storing FTP login credentials in an encrypted format.
Cyber Trends
Critical infrastructure the next cyber battleground (ReinsuranceNe.ws) As cyber threats increase, alongside the exponential advancements being seen in technology which can heighten cyber risk there is also an increasing threat
SECURITY: Gas industry says 'trust us' on tracking cyberthreats (null) Federal agencies have not yet created the metrics that would allow the government to measure the strength of its defense against efforts to sabotage the United States' critical infrastructure.
Trend Micro Reveals State of Human Machine Interface Vulnerabilities (eWEEK) New report looks at over 250 Supervisory Control and Data Acquisition (SCADA) system vulnerabilities and reveals some common trends.
The Economic Benefits of Emerging Technologies (Cylance) Malcolm Harkins discusses the economic benefits and security challenges of new and emerging technologies, including an overview of the internet of things (IoT), quantum computing and qubits, blockchain and bitcoin, artificial intelligence and machine learning.
Cloud Environments Suffer Widespread Lack of Security Best Practices (Infosecurity Magazine) Organizations fail 55% of compliance checks established by the Center for Internet Security (CIS).
Brazil Primary LatAm Target of DoS Cyber Attacks in 2016 - Nearshore Americas (Nearshore Americas) Brazil was the main target of denial-of-service (DoS) attacks in Latin America in 2016, with the country suffering an average 21 attacks every month.
Jamaica lost US$100m to cyber crimes during 2016 (Jamaica Observer) The National Security Council (NSC), in a meeting yesterday, learnt that Jamaica, in 2016, lost approximately US$100 million to cyber-criminal activity.Head of the Computer Incident Response Team (CIRT), Dr Moniphia Hewling revealed the data during her presentation to the NSC while highlighting the need for public education as well as individuals and entities reporting incidents of cyber crime.
Microsoft: Malaysia can be key cybersecurity player (The Nation) Malaysia has the potential to be a key cybersecurity player in the South-East Asian region.
Marketplace
Cybersecurity startups will be funded at slower pace and lower valuations than last year (VentureBeat) The current cycle of investment in cybersecurity began in 2012, catalyzed by three major IPOs: Proofpoint, Splunk, and Palo Alto Networks. As is typical, big exits in a space significantly increase investor confidence and drive up supply of capital as additional investors rush in hoping to find the “next big thing.”
DDoS Mitigation Becomes Key Managed Security Service (Infosecurity Magazine) About 37% ranked DDoS mitigation as more important than other managed security services.
StarHub buys controlling stake in Accel in cybersecurity boost (ZDNet) Singapore telco buys 51 percent stake in Accel Systems for S$19.38 million, in a move it says is aimed at bolstering its cybersecurity offerings.
Tanium Raises $100M With Endpoint Security Platform Set to Expand (eWEEK) Security firm has now raised $407 million in funding, with CEO Orion Hindawi saying incidents like WannaCry reinforce his company's value proposition.
Controversial Tanium CEO explains why he and his dad have total control of their $4 billion startup (Business Insider) Orion Hindawi, CEO of Cyber security startup Tanium, doesn't believe in pampering employees.
HLS Sector Burning - Another Israeli Surveillance Company Reaches Breakthrough (iHLS) An Israeli cyber group is paying dividends while guarding secrecy concerning its products. NSO Group
How did NCA pay $2m to Israeli company without a contract? Lawyer asks (Joy) The controversial $8 million deal between the NCA, an Israeli company and Infraloks Development Limited (IDL), appears to be getting murkier.
EY Announces Ken Levine of Digital Guardian as an Entrepreneur Of The Year® New England 2017 Finalist (BusinessWire) EY Announces Ken Levine of Digital Guardian as an Entrepreneur Of The Year® New England 2017 Finalist
Lunarline, Inc. Named One of 2017's Most Valuable Brands (PRNewswire) Lunarline, Inc., a leading provider of cybersecurity products, services...
Kaspersky Lab appoints new MD for APAC (Gizmodo) Global cybersecurity firm Kaspersky Lab has appointed Stephan Neumeier as Managing Director of Kaspersky Lab Asia Pacific, effective from Monday.
Products, Services, and Solutions
Banks Benefit from Behavioral Biometrics: BioCatch (FindBiometrics) While banks have always seen security and fighting fraud as a key priority, they've also been eager to adopt innovative solutions like behavioral...
Forcepoint Fights Shadow IT with Cybersecurity Analytics Functions (eWEEK) Human-centric cloud security solution for web, email and cloud-access security brokers provides reporting and context to address biggest risks--internal and external.
Higher Ed Security Org Uses DNS Database to Track Criminal Action (Campus Technology) An organization that provides security services to the research and education community at large has gone public with its adoption of an historic DNS database service.
The need for internet security on your devices (Future Five) At home or at work, on a mobile device or on a network, Trend Micro covers all aspects of cybersecurity.
Kaspersky Lab Unveiles Advanced Protection of Linux Servers (PCQuest) Kaspersky Lab has recently unveiled a major update to its dedicated security product for data centers, Kaspersky Security for Virtualization Light Agent. In addition to the virtualization platforms and operating
ATF launches IoT security device for construction industry (ZDNet) Site safety company ATF Services has launched a connected alarm system to help minimise theft on construction zones.
Technologies, Techniques, and Standards
Crysis ransomware master keys posted to Pastebin (Naked Security) Why would someone release the keys to victims? Who knows, but as the poster who uploaded them says, ‘Enjoy!’
EternalPot — Lessons from building a global Nation State SMB exploit honeypot infrastructure (DoublePulsar) Aweek ago I started building #EternalPot, a honeypot for the Equation Group SMB exploits leaked by the Shadow Brokers last month.
Elections, Deceptions & Political Breaches (Dark Reading) Political hacks have many lessons for the business world.
5 incident response practices that keep enterprises from adapting to new threats (Help Net Security) To fill gaps, security teams will need to adopt a new mindset in regards to security analytics and incident response practices.
New awareness study reveals what you need for the best security programs (ZDNet) Third annual report educates security awareness professionals on how time, the right talent, and good communications make for the best, most effective programs.
Don’t wanna cry after meeting Judy? How to secure your mobile from malware (Money Control) A Korean firm developed 41 such malicious apps and was able to bypass Google's security protocols on the Play Store, thereby making the app available for download.
explo - Human And Machine Readable Web Vulnerability Testing Format (Новости информационной безопасности) explo is a simple tool to describe web security issues in a human and machine readable format. By defining a request/condition workflow, explo is able to exploit security issues without the need of writing a script. This allows to share complex vulnerabilities in a simple readable and executable format.
Sun Tzu's 'The Art of War' for Cybersecurity. (Infosecurity Magazine) As warfare moves from the battlefield to the realm of cyber-space, its principles are being seen as especially applicable to cybersecurity.
Design and Innovation
Internet Archive 'carbon dated' using Bitcoin technology (Digital Journal) The entire Internet has been timestamped using a cryptographic technique based on the blockchain technology that characterises digital cryptocurrencies like Bitcoin. The work allows Bitcoin timestamps to be downloaded for almost any online content.
Blockchains are the new Linux, not the new Internet (TechCrunch) Cryptocurrencies are booming beyond belief. Bitcoin is up sevenfold, to $2,500, in the last year. Three weeks ago the redoubtable Vinay Gupta, who led..
Academia
UT San Antonio Kicks Off Online Cybersecurity Degree Program (Infosecurity Magazine) The program includes 30 industry-aligned certificates in specializations such as cyber-intrusion detection and cyberattack analysis.
Maxwell's Cyber College is next step in cyber warfare (The Montgomery Advertiser) The new Cyber College at Maxwell is the next step in cyber warfare.
Cyber Huntsville teaching the youth the world of cyber (WHNT.com) Huntsville City Schools has partnered with Cyber Huntsville and the United States Army Cyber Command.
Legislation, Policy, and Regulation
A Geneva Convention for cyber security (The Daily Star) Cyber security and the threat by hackers have been in the news headlines in the recent past. Two of the most recent incidents are well known: the Bangladesh Bank cyber theft in February 2016 and the recent WannaCry attacks for ransom in May 2017.
China’s tough cybersecurity law to come into force this week (South China Morning Post) Foreign firms have criticised the legislation, saying it forces them to share sensitive data with the authorities and favours domestic technology firms
Could the UK be about to break end-to-end encryption? (TechCrunch) Once again there are indications the UK government intends to use the law to lean on encryption. A report in The Sun this week quoted a Conservative minister..
Cyber security agencies kept in the dark by lack of threat intelligence sharing (The Mandarin) Federal cyber security agencies are being kept in the dark because Australian organisations -- including other government agencies -- are not compelled to share threat intelligence. A former government cyber guru speaks out.
Israel a model of innovation, readiness in military, academic cyber (Fifth Domain | Cyber) A report from the NATO Cooperative Cyber Defence Centre of Excellence on Israel’s national organizational model for ensuring cybersecurity offers examples of how measures and institutions can fuel transparency, innovation and investment in digital security infrastructure.
Campaigners demand halt to Vermont’s use of facial recognition (Naked Security) Despite use of facial recognition being banned under state law, Vermont’s DMV is ‘overstepping’ the legislation, say campaigners
Litigation, Investigation, and Law Enforcement
Huge scale of terror threat revealed: UK home to 23,000 jihadists (Times (London)) Intelligence officers have identified 23,000 jihadist extremists living in Britain as potential terrorist attackers, it emerged yesterday. The scale of the challenge facing the police and security...
Salman Abedi: the Manchester killer who was bloodied on the battlefields of Libya and brought evil back home (Times (London)) They had both been looking forward to the concert, for cruelly different reasons. Nell Jones, a 14-year-old farmer’s daughter from Cheshire, had for days been playing Ariana Grande’s music at home...
Power to ban UK jihadis has been used just once, Rudd confirms (Times (London)) A key terrorism power intended to control British jihadists has been used on only one occasion despite the return of about 350 fighters from Islamic State. Amber Rudd, the home secretary, confirmed...
The Manchester Bombing and British Counterterrorism (Foreign Affairs) The main implications of the bombing in Manchester will be political.
Containing ISIS' Online Campaigns After Manchester (Foreign Affairs) Taking down pro-ISIS social media accounts is an impossible battle to win. There is a simpler solution that could severely cripple ISIS’ online recruitment and incitement operations, should U.S. policymakers and tech companies choose to implement it.
How Terrorists Slip Beheading Videos Past YouTube’s Censors (Motherboard) Other jihadi propaganda on the video-sharing platform may be visually more low-key, but are just as insidious in their own ways.
The Cynical Conspiracy War on Egypt’s Christians (Foreign Policy) The Muslim Brotherhood isn’t behind the callous mass murder of Copts, but it’s certainly fanning the flames of hatred.
DHS Sec. Kelly Calls Manchester Leaks 'Outrageous' (Washington Free Beacon) The latest in the series of leaks from the White House are "outrageous," according to Secretary of Homeland Security Gen. John Kelly.
Clapper: Leaks Are 'Damaging,' 'Damage Relationships' (Washington Free Beacon) Former Director of National Intelligence James Clapper called leaks “damaging” and “corrosive” Sunday on “Meet the Press,” saying the issue is particularly serious now due to U.S. reliance on foreign intelligence partners.
FBI probing attempted hack of Trump Organization, officials say (ABC News) The FBI is investigating an attempted overseas cyberattack against the Trump Organization, summoning President Donald Trump’s sons, Don Jr. and Eric, for an emergency session with the bureau’s cybersecurity agents and representatives of the CIA, officials tell ABC News.
Bad intel from Russia influenced Comey's Clinton announcement: report (TheHill) Former FBI Director James Comey’s controversial decision to detail the FBI’s findings in the Hillary Clinton email case without Justice Department input was influenced by a dubious Russian document that the FBI now considers to be bad intelligence, The Washington Post reported Wednesday.
Did Admiral Mike Rogers tell the NSA that Trump colluded with the Russians? (null) Reports surfaced on Friday that National Security Agency (NSA) chief Mike Rogers told NSA workers that there is evidence that President Donald Trump and his 2016 campaign colluded with the Russian government to defeat Democratic nominee Hillary Clinton in 2016.
Former CIA Director: 'Now we know' why Trump officials talking to the Russians may have been 'unmasked' (Business Insider) Michael Hayden, the ;former director of the...
Secret court rebukes NSA for 5-year illegal surveillance of U.S. citizens (Miami Herald) Court ruling reveals frictions with U.S. intelligence agencies over surveillance of citizens. Judge calls matter “very serious Fourth Amendment issue.”
Memorandum Opinion and Order (US Foreign Intelligence Surveillance Court) These matters are before the Foreign Intelligence Surveillance Court...
Barack Obama's team secretly disclosed years of illegal NSA searches spying on Americans (Circa) The National Security Agency under former President Barack Obama routinely violated American privacy protections while scouring through overseas intercepts and failed to disclose the extent of the problems until the final days before Donald Trump was elected president last fall, according to once top-secret documents that chronicle some of the most serious constitutional abuses to date by the U.S. intelligence community.
Few public answers to puzzle in Congressional IT investigation (WFTV) An inquiry into possible wrongdoing by IT staffers employed by a number of Democrats in Congress has garnered more attention in recent days, after a prominent lawmaker gave a public tongue lashing to the Capitol Hill police chief, vowing “consequences” over his refusal to return computer equipment that is evidently part of the ongoing investigation.
Criminal probe on Capitol Hill staffers remains eerie (New York Post) The criminal probe into a cadre of Capitol Hill techies who worked for dozens of Democratic lawmakers remains shrouded in mystery, months after their access to congressional IT systems was suspende…
Kaspersky says no idea why company targeted by US govt (iTWire) The head of anti-malware company Kaspersky Lab says he had no idea why the US is taking aim at his company but thinks it may be due to the current cri...
Kaspersky willing to give US anti-virus 'source code' to disprove Russia spying claims (International Business Times UK) Software CEO claims 'sometimes it smells like some guys are not happy with our success.'
Chinese Scam Website Caught Selling Hacked Xbox Accounts (HackRead) In-game currencies are certainly addictive and we all know how hard it is to get such currencies the right way. However, a Chinese website has been selling
Scamster village: 1,000 homes, 900 cyber crooks (Gadget Now) Giridih in Jharkhand has earned the sobriquet of “Cyber Zone”, as have Deogarh and Jamtara in that state. But the appellation does not signify digital revolution; it reflects the emergence of these places as the hubs of cyber crime.