Cyber Attacks, Threats, and Vulnerabilities
Macron, Standing Alongside Putin, Says Russian Media Spread 'Falsehoods' (The Atlantic) The French president accused Russia Today and Sputnik of being “agents of influence.”
And Now, a Brief Explanation as to Why Russia and Ukraine Are Fighting on Twitter: (Foreign Policy) It all started in 1051...
Group linked to NSA leaks says will release more data in July (Reuters) A group that published hacking tools that security experts believe were stolen from the U.S. National Security Agency said on Tuesday it plans to sell a new batch of stolen code in July to customers willing to pay more than $22,000 for it.
Shadow Brokers double down on zero-day subscription service (Naked Security) Should you dive in and help with the crowdfunding move to access the data they claim they have? It’s not what we’d advise – but what do you think?
The Shadow Brokers Announce Details About Upcoming Monthly Dump Service (BleepingComputer) In a message posted online early this morning, the Shadow Brokers — the cyber-espionage group believed to have stolen hacking tools from the NSA — announced new details about their upcoming "monthly dump service."
New Shadow Brokers 0-day subscription forces high-risk gamble on whitehats (Ars Technica) Mysterious group with cache of NSA exploits promises new release to those who pay.
Banned outfits in Pakistan operate openly on Facebook (Dawn) Activity of 41 sectarian, terrorist, anti-state organisations is accessible to every user on the social network.
Jihad during Ramadan is ‘obligatory,’ Taliban spokesman says (FDD's Long War Journal) An official Taliban spokesman described jihad as "obligatory worship" and said that there would be no cease-fire during the Muslim holy month of Ramadan.
What Happens After ISIS Goes Underground (The National Interest) Eradicating the Islamic State's dominant presence in the Middle East will merely push the caliphate further into the dark corners of the cyber world.
NORK spy agency blamed for Bangladesh cyberheist, Sony Pictures hack (Register) Group-IB IDs Lazarus Group
New Evidence Cements Theory That North Korea is Behind Lazarus Group (BleepingComputer) A 53-page report released today by Group-IB, a Russian cyber-security vendor, contains new evidence that cements the theory that the North Korean government is behind the Lazarus Group, a cyber-espionage outfit.
Lazarus Arisen: Architecture, Techniques and Attribution (Group-IB) The only in-depth report outlining multiple layers of Lazarus infrastructure, thorough analysis of hacker’s tools and evidence leading to North Korean IP addresses
Analysis of Competing Hypotheses, WCry and Lazarus (ACH part 2) (SANS Internet Storm Center) In my previous diary, I did a very brief introduction on what the ACH method is , so that now all readers, also those who had never seen it before, can have a common basic understanding of it.
Threat Spotlight: “Enable Macros” Phishing Attack (Barracuda) As if we didn’t know that ransomware was bad news — we learned just how big of an epidemic this stuff is becoming with the WannaCry attack earlier this month. The scope of this particular attack was truly astonishing, reaching hundreds of thousands of users in over 150 countries worldwide. From a security perspective — we have to learn from attacks like WannaCry in order to help prevent or mitigate them in the future. And even though WannaCry seems like it may be in our rearview mirror now, cyber criminals are incredibly creative and always looking for a new angle
Why you should avoid Star Hop and Candy Link in Google Play (Naked Security) Both games look harmless enough, but they contain a payload that ensures you’ll be hammered with spam
Hackers blackmail patients of cosmetic surgery clinic (Help Net Security) Hackers has been trying to blackmail patients of a Lithuanian plastic surgery clinic, by threatening to publish their nude "before and after" photos online.
Disney ‘Hackers’ Were Bluffing: Iger (Infosecurity Magazine) Disney ‘Hackers’ Were Bluffing: Iger. Media giant was never breached, says CEO
Surprise! Extortionists have no qualms about claiming they ‘hacked’ your business (HOTforSecurity) No one likes to have their company hacked. No one is going to be happy if hackers manage to break into systems and steal away their intellectual property. In the case of companies like Disney, having a $230 million blockbuster like the latest Pirates of...
Ransomware - The Non-Technical But Fascinating Ripple (ThreatQuotient) One of the silver-lining effects of a global cyber scare such as WannaCry ransomware is the trigger to catch up with friends to discuss fact vs. fiction of the threat research and other ‘bigger picture’ observations.
The new crime model: why criminals are now holding our data for ransom rather than stealing or selling it (Computing) Ransomware has changed the economic model of cybercrime, argues Paul Farrington.
Ransomware challenges every SMB faces (Computing) UK SMBs are low-hanging fruit; and for cybercriminals, they're ripe for the picking. It's no longer a question of 'when' they will be hit, but 'how often'.
‘Lone Wolf’ Criminal Hacker Gets Doxed Thanks To Series Of Dumb Mistakes (Motherboard) A cybercriminal from Eastern Europe who has been hacking a Chinese company for years appears to have carelessly exposed his own real identity.
Economic analysis reveals cyber-criminals make bad business people (SC Media UK) Ransomware users could be making a lot more money, according to a new report from the University of Kent.
Cybercriminals Regularly Battle it Out on the Dark Web (Dark Reading) People operating criminal services on Tor and other darknets attack each other frequently, a study by Trend Micro shows.
Trusts yet to confirm financial impact of cyber-attack (Digital Health) Recovery costs from the recent global cyber-attack are yet to be calculated, according to some trusts. A total of 48 trusts were affected by the attack.
Protegrity Warns That NIST-Approved Format-Preserving Encryption (FPE) Standard May Leave Organizations Vulnerable to Attack (BusinessWire) Protegrity warned data security practitioners to closely inspect how and where they are using the FF3 format-preserving encryption standard that is no
7 nightmare cyber security threats to SMEs and how to secure against them (DDoS Info) Small businesses face a range of cyber threats daily and are often more vulnerable than the larger organisations.
Analyzing phishing attacks against 500,000 mailboxes at 100 organizations (Help Net Security) When it comes to analyzing phishing attacks, Ironscales offers lessons learned from 500,000 mailboxes at 100 organizations located worldwide.
Chipotle Admits Cyber Attack Affected 'Most' U.S. Stores (TheStreet) Customers in as many as 48 states could have their data exposed.
Security of medical devices ‘is a life or death issue’, warns researcher (Naked Security) Concern rises as one study finds more than 8,000 vulnerabilities in seven pacemakers while another highlights wider issues in medical devices
The Top Ten DDoS Attacks of all Time (Infosecurity Magazine) The DDoS attack has moved from a sign of cyber-protest to something tactically used to bring websites, applications and even DNS providers offline.
Security Patches, Mitigations, and Software Updates
Privacy Issue Fixed in Yopify Ecommerce Notification Plugin (Threatpost) Ecommerce sites using the Yopify plugin were leaking customers’ names, locations and purchases.
FreeRADIUS Update Resolves Authentication Bypass (Threatpost) Developers behind FreeRADIUS, an open source implementation of the networking protocol RADIUS, are encouraging users to update to address an authentication bypass found in the server.
What will it take to keep smart cities safe? (Help Net Security) The development of secure smart cities depends on two key factors: the limitations of the technologies used and how they are implemented.
Get hacked, and watch your company’s share price plummet (Business Insights (Bitdefender)) Data breach impact. hacked, and watch your company’s share price plummet
Staving off the hackers as target base grows wider (The Straits Times) When an 11-year boy managed to obtain the phone numbers of dozens of participants at a cyber security conference two weeks ago with nothing more than a laptop and a self-programmed Bluetooth scanner, it was a reminder to both the cyber security community and regular users on just how easy it is for a dedicated hacker to steal information off personal devices.. Read more at straitstimes.com.
Manufacturers, providers fear attack likely on med devices (Health Data Management) Product testing frequently is insufficient to ensure security, Larry Ponemon says.
IT and Biz Leaders: Boards Don’t Take Security Seriously (Infosecurity Magazine) IT and Biz Leaders: Boards Don’t Take Security Seriously. Control Risks says IT teams need to communicate better with C-level
Cisco and IBM announce historic cybersecurity partnership (CSO Online) Cisco Security and IBM Security join forces to battle cybercrime, helping customers reduce the time to detect and mitigate threats.
4 vectors transforming the security software market (Help Net Security) The overall security software market is undergoing a period of disruption due to the rapid transition to cloud-based digital business and technology models.
Waltham cybersecurity firm CounterTack tacks on $20M from strategic investors (Boston Business Journal) CounterTack Inc., a Waltham-based cybersecurity firm that has already raised more than $70 million from Goldman Sachs and others, announced Tuesday it has tacked on another $20 million in a Series D round of funding.
Why Microsoft Acquired Hexadite (Market Realist) Microsoft targets cybersecurity space via Hexadite
NeuStar mulls next steps after losing court bid to retain $500M annual contract (Washington Business Journal) Sterling-based NeuStar Inc. (NYSE: NSR) is reviewing its options after losing a court battle to retain a key contract worth more than $500 million — nearly half of its annual revenue last year.
Former FBI director Robert Mueller wrapping up security review of local contractor (Washington Business Journal) A review of Booz Allen Hamilton Inc.’s (NYSE: BAH) security, personnel and management practices by former FBI director Robert Mueller is “substantially complete,” a company spokesman confirmed to me.
Grote Molen, Inc., d/b/a BlackRidge Technology, a Leader in Cyber Defense, Holds First Annual Shareholder Meeting (Street Insider) Grote Molen, Inc. (OTCQB: GROT), d/b/a BlackRidge Technology, a leader in cyber defense, is pleased to announce the reelection of Robert Graham, John Hayes and Robert Lentz to the Board of Directors and the election of new board members J. Allen Kosowsky, Thomas Bruderman and Robert Zahm.
Ntrepid Wins 2017 IT World Award for Best IT Products and Services for Government (BusinessWire) Ntrepid Corporation today announced that Network Products Guide has named the company’s secure isolated browser, Passages, the Silver winner for
The No. 1 Cybersecurity Vendor, According to MSPs (MSP Mentor) As more high-profile hacks make headlines each day, it’s no wonder cybersecurity is a top concern for businesses worldwide. Clarity Channel Advisors reviewed last year’s MSPmentor 501 survey for MSP trends and their choices in cybersecurity vendors. One stat stood out: Webroot is winning with MSPs. The question is: Why?
Jeff Nolan Joins SecureAuth as Chief Marketing Officer (GlobeNewswire News Room) Nolan to help organizations understand that shutting down attackers’ most common tactics can be of immediate value and require low lift
BooleBox Appoints New North American Leadership (Digital Journal) BooleBox is a global leader in providing customers with the most efficient, secure and easy to use file and information sharing systems.
Fortinet (FTNT) Appoints Peter Cohen to its Board of Directors (Street Insider) Peter Cohen, principal and founder at Xendota, Inc. and Fortinet Board Member “Fortinet has experienced tremendous growth through its differentiated Security Fabric architecture that extends its leading-edge security capabilities to any network environment, from on-premise, to IoT endpoints and out to the cloud. I am honored to be joining its board to help provide strategic counsel on the cloud technology priorities, partnerships and innovations that will help contribute to the company’s continued momentum with enterprise customers.”
Products, Services, and Solutions
Netwrix Launches Netwrix Auditor Free Community Edition (Netwrix) The new freeware enables small businesses to monitor user activities across hybrid IT environments and minimize security and operational risks
EclecticIQ Platform significantly broadens scope of available cyber threat intelligence to allow for more comprehensive threat analysis, new hires (EclecticIQ) New integrations include AlienVault OTX, Cisco Threat Grid, DHS AIS, DomainTools, Farsight Security, FireEye iSIGHT Intelligence, IBM X-Force Exchange, NCSC UK CiSP, PhishMe IntelligenceTM, Recorded Future.
STEALTHbits Announces Free Shadow Brokers Vulnerability Utility (Marketwired) Arms organizations to win against WannaCry ransomware
Global Security Intelligence Centre launched in Australia (The Lead South Australia) NEC opens its cyber security centre in Adelaide, South Australia.
Cyber adAPT launches patented network analytics platform (Cyber adAPT) Cyber adAPT seamlessly and securely enables the new hyper-connected, decentralized enterprise, protecting the mobile-first business generation.
CrowdStrike Extends Falcon Platform with Enhanced Cloud and Data Center Coverage (CrowdStrike) CrowdStrike® Inc. announced new features of the CrowdStrike Falcon® platform custom-built for cloud providers and modern data centers.
Area 1 Security stops phishing campaigns before they become attacks (Network World) Area 1 Security scours the web to find signs of brewing phishing campaigns in order to stop them before they can become actual attacks.
Technologies, Techniques, and Standards
Fixating on the Kill Chain Model is Misleading (Infosecurity Magazine) CISOs must forget about preventing attacks and focus on dealing with the ones which have already breached their networks
Military Meets Commercial Threat Intelligence (Recorded Future) Threat intelligence has always played a vital role in the military. In this episode, learn how commercial teams compare to their military counterparts.
Prevalent Security Control Mechanisms To Protect Files - And What Needs To Be Done To Truly Fight Data Leakage - Information Security Buzz (Information Security Buzz) In today’s cyber world, it is much easier for files containing sensitive, regulated or confidential data to be accidentally exposed or purposefully exfiltrated. There are a lot more ways for authorized personnel to use and share files, for network share resources to be unintentionally exposed, for files to be readily emailed, and for hackers and …
Password Sharing and Actions Against Disgruntled Employees Who Exploit Access (Ice Miller LLP) The team at Ice Miller provides legal counsel for various industries including antitrust litigation, government law, real estate & intellectual property.
Rethinking Vulnerabilities: Network Infrastructure as a Software System (Dark Reading) Increasing complexity is putting networks at risk. It's time to shift our security approach and take some lessons from software development.
Reconfiguring Your Workflow to Enable Shift-Left Security (Twistlock) Reconfiguring Your Workflow to Enable Shift-Left Security from Twistlock. Dev-to-Production Docker and container security for enterprises.
Securing the Human a Full-Time Commitment (Dark Reading) Encouraging the people in your organization to make safer cyber decisions requires dedicated brainpower to pull off, SANS study shows.
Fort Meade Brigade Provides Cyber Capabilities to Tactical Units (US Army) Cyber Soldiers from the 780th Military Intelligence (MI) Brigade, conducted expeditionary cyberspace operations in support of an armored brigade combat team at the National Training Center (NTC), Fort Irwin, Calif., April 22 to May 19.
How to Spring Clean Your Digital Clutter to Protect Yourself (WIRED) You don't have to get your hands dirty to do the most important spring cleaning of the year.
Design and Innovation
Can Johnny Build a Protocol? Co-ordinating developer and user intentions for privacy-enhanced secure messaging protocols (Eurosec 2017) As secure messaging protocols face increasingly widespread deployment, differences between what developers “believe” about user needs and the actual needs of real-existing users could have an impact on the design of future technologies.
Bitcoin Has Come Roaring Back—But So Have the Risks (WIRED) The bitcoin boom is back. But the only real rule with cryptocurrencies is uncertainty.
First post-quantum cryptography on a contactless security chip (Help Net Security) In a world of quantum computers, post-quantum cryptography should provide a level of security that is comparable with what RSA and ECC provide today.
Infineon claims readiness for post-quantum cryptography chip security (eeNews Europe) Due to their computing power, quantum computers have the disruptive potential to break various currently used encryption algorithms.
Instead of Banning Lzzy Cheaters, Pokémon Go Trolls Them (WIRED) A new "shadowban" leaves Pokémon Go bot runners stuck in a sea of Pidgeys.
McAuliffe announces winners of NSA Day of Cyber challenge (Augusta Free Press) Governor Terry McAuliffe today announced the winners of Virginia’s NSA Day of Cyber School Challenge.
Legislation, Policy, and Regulation
NATO Cyber-Defense Group Adds New Nations to Its Ranks (Infosecurity Magazine) NATO CCD COE has added two new member states, and two more will soon follow.
Containing ISIS' Online Campaigns After Manchester: The Simple Tools We Can Use But Choose Not To (Foreign Affairs) The suicide attack at a Manchester teen pop concert on Monday, which killed nearly two dozen people and injured many more, was the latest reminder that the Islamic State (also known as ISIS) is waging the most aggressive and effective worldwide recruitment and incitement campaign of any terrorist group in history.
Germany brushes off US help on election cybersecurity: report (TheHill) Germany's September elections are assumed to be a Russian target.
Spies, companies to share intelligence for national firewall (The Australian) Critical cyber intelligence held by the Australian Signals Directorate will be declassified for the first time and shared with the country’s leading telecommunications companies to build a national digital firewall that would protect millions of Australians from cyber attacks.
Why the NSA Makes Us More Vulnerable to Cyberattacks (Foreign Affairs) There is plenty of blame to go around for the WannaCry ransomware that spread throughout the Internet earlier this month, disrupting work at hospitals, factories, businesses, and universities.
Congress Fast-Tracks Bill That Would Give DHS Agencies Access To NSA Collections (Techdirt.) As a parting gift to the incoming president, Barack Obama approved information-sharing rules which gave sixteen federal agencies access to unminimized NSA collections. The whole list of agencies involved in the information sharing can be found at the...
Cyber Security Executive Order - it took a while, but it's finally here (CyberDB) A post reviewing the President’s Executive Order (EO) “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure”.
How Congress dismantled federal Internet privacy rules (Washington Post) Lawmakers in more than a dozen states have proposals to restore consumer protections.
SECURITY: States 'awaken' to critical infrastructure cyberthreats (EnergyWire) A cyberattack on the power grid would be devastating but "especially in Las Vegas," said Pat Spearman.
Trump's use of private cellphone raises security concerns (KLTV) President Donald Trump has been handing out his cellphone number to world leaders and urging them to call him directly, an unusual invitation that breaks diplomatic protocol and is raising...
Litigation, Investigation, and Law Enforcement
German police arrest suspect allegedly planning suicide attack in Berlin | News | DW | 30.05.2017 (Deutsche Welle) A teenage asylum-seeker suspected of planning a suicide attack in Berlin has been arrested in the German state of Brandenburg. He reportedly wrote to his mother about his intentions.
Ex-Gitmo Inmate Among 6 Detained from French Jihadi Network (VOA) Sabir Mahfouz Lahmar was freed from the US detention center in Cuba in 2009 after France agreed to accept him
National Security Experts Divided In Response To White House Leaks (WUMW) As we heard, this White House is concerned about leaks.
Elijah Cummings demands DNI, NSA leaders turn over documents on Trump Russia conversations (Washington Examiner) The Maryland Democrat's requests follow a report from earlier this month that said Trump asked Rogers and Coats to deny any existence of col...
Was Obama administration illegal spying worse than Watergate? (USA TODAY) The Obama administration's program of illegal spying and corrupt intelligence agencies may have been worse than Watergate. Donald Trump and Congress will have to decide whether or not to investigate them.
Target's data breach settlement sets a low bar for industry security standards (CSO Online) Target’s multistate data breach settlement over its 2013 data breach outlines the kind of security measures enterprises should have in order to not be found negligent with customer data. The problem is, the settlement doesn’t go far enough to improve organizational security. For the pro-active CSO, the settlement should indicate the bare minimum and not what they should aspire to.
Russian suspected hacker moves step closer to US extradition (the Guardian) FBI accuses Yevgeniy Nikulin of hacking LinkedIn, Formspring and Dropbox, and Russia has also filed extradition request
Uber engineer Levandowski, accused of massive theft from Google, has been fired (Ars Technica) Engineer is accused of grabbing 14,000 files before founding his own startup.
Is “I forget” a valid defense when court orders demand a smartphone password? (Ars Technica) This week, a judge considers possible jail for alleged extortionists who pled the Fifth.