Cyber Attacks, Threats, and Vulnerabilities
WikiLeaks Dumps CIA Patient Zero Windows Implant (Threatpost) Pandemic is a Windows implant built by the CIA that turns file servers into Patient Zero on a local network, infecting machines requesting files with Trojanized replacements.
Britain's nuclear submarines vulnerable to 'catastrophic' cyber attack that could spark nuclear warn, experts warn (The Independent) The UK’s nuclear submarines are vulnerable to a “catastrophic” cyber-attack that could potentially spark a nuclear war, a think tank has warned. The report, titled “Hacking UK Trident: A Growing Threat” and published by the British American Security Information Council (Basic), said such an attack could “neutralise operations, lead to loss of life, defeat or perhaps even the catastrophic exchange of nuclear warheads (directly or indirectly)”.
Hacking UK Trident: A Growing Threat (British American Information Security Council) This paper reviews the growing potential for cyber-attack on the UK’s operational fleet of Vanguard-class submarines armed with nuclear-tipped Trident II D-5 ballistic missiles, and some of the implications for strategic stability.
Defence Secretary refuses to deny nuclear submarines run outdated system exploited by hackers (The Independent) Defence Secretary Michael Fallon has refused to deny that Britain’s nuclear submarines use the outdated Windows XP program amid the ongoing WannaCry ransomware attack. Instead he simply insisted the subs were “safe”, adding that they operated “in isolation” when out on patrol, which possibly suggests the vessels at sea were unaffected only because they were not connected to the internet.
Global Elections, Global Problems (Anomali) The next in a series of pivotal elections is set to take place on June 8th in the United Kingdom, replacing Members of Parliament (MPs) and the Prime Minister. Previous elections in the United States, the Netherlands, and France were marked by an unprecedented number of cyber attacks, releases of private information, and proliferation of fake news that aimed to disrupt and skew public opinions of candidates and their political parties. The candidates of these elections reflect a stark
Putin Hints at U.S. Election Meddling by ‘Patriotically Minded’ Russians (New York Times) The Russian president denied any state role, but said that cyberattacks might have been the work of private citizens.
Don’t Buy Into Putin’s Latest Misdirection (WIRED) Vladimir Putin says "patriotic" Russian hackers may meddle in elections, but he's just creating more noise.
Welcome to The Machine: Inside the Secretive World of RT (Moscow Times) RT is often accused of being a propaganda agency, but a culture of secrecy has made insider accounts difficult to come by. The Moscow Times spoke with several sources to get a rare glimpse inside.
Vietnamese hackers appear to be researching an NSA backdoor tool (Cyberscoop) A hacker group with suspected ties to the Vietnamese government appears to be researching a leaked National Security Agency tool codenamed ODDJOB, based on documents uploaded to the repository VirusTotal and tied to a source already identified as OceanLotus group, otherwise known as APT32.
A stolen Trump-Duterte transcript appears to be just one part of a larger hacking story (Cyberscoop) A leaked transcript of a phone conversation between President Donald Trump and his Philippine counterpart was available online for weeks before surfacing in news reports, and it now appears to be just one of a series of sensitive Philippine government documents acquired by a hacker group with suspected ties to the Vietnamese government, according to research conducted by multiple cybersecurity experts and evidence gathered by CyberScoop.
MS-17-010: EternalBlue’s Large Non-Paged Pool Overflow in SRV Driver (TrendLabs Security Intelligence Blog) The EternalBlue exploit took the spotlight last May as it became the tie that bound the spate of malware attacks these past few weeks.
Hackers shelve crowdfunding drive for Shadow Brokers exploits (Naked Security) ‘Legal reasons’ cited for decision to drop the plan to crowdfund a security community subscription to a promised monthly dump of exploits
Whatever happened to NSA warez crowd funding idea? (@hackerfantastic) Statement on why we pulled the plug on the opensource crowdfunded #ShadowBrokers purchase
I'm retracting from the crowdfunding of the #ShadowBrokers dump. (@x0rz) Due to legal reasons I'm now retracting from the crowdfunding started to acquire the #ShadowBrokers dump
Kittens, bears or pandas: who’s behind the biggest cyberattacks? (Naked Security) WannaCry is just the latest attack where everyone wants to know who’s behind the outbreak – but how much do we really know about the cybercrooks? And how can we be sure?
US defense contractor secures Amazon S3 bucket after leaving sensitive data publicly exposed (Graham Cluley) A defense contractor has secured an Amazon S3 bucket containing sensitive intelligence data after accidentally leaving it publicly exposed.
Booz Allen Hamilton leaves 60,000 unsecured DOD files on AWS server (Cyberscoop) Leading U.S. government contractor Booz Allen Hamilton has been found to have left more than 60,000 sensitive files on a publicly accessible Amazon Web Services server, according to a leading cybersecurity researcher. The files were discovered by Chris Vickery, an analyst at the cybersecurity firm UpGuard...
Man Linked to Auto Parts Store Behind Bachosens Malware (BleepingComputer) A man linked to an auto parts store in a disputed territory of Moldova is behind the Bachosens malware, a backdoor trojan used in a very small number of attacks, but one of the most advanced threats of its kind.
Cyber Criminals Acquire Government Cyber Tools (PYMNTS.com) Sophisticated government spying tools are spreading like wildfire in the underground criminal market. As a result, amateur hackers are being mistaken for high-profile, government groups. Symantec Security, a leading security research firm, raised this concern in a recent blog post. Researchers highlighted the case of a Russian cybercriminal, who was nicknamed Igor by Symantec analysts. […]
Rapid7 Finds Security Vulnerability In Ecommerce Plugin, Yopify (Information Security Buzz) Rapid7 disclosed a found vulnerability in Yopify, an ecommerce notification plugin utilised by a number of websites including Shopify, that indirectly leaks the first name, last initial, city and purchase data of recent online shoppers – all without user authorisation. The various plugin sites show over 300 reviews of Yopify, which suggests that the number of …
Insecure Backend Databases Blamed for Leaking 43TB of App Data (Threatpost) More than 1,000 mobile apps are leaking personal information via unsecured backend platforms such as MongoDB, MySQL and others.
Fireball malware infected 250 million computers worldwide (Help Net Security) Fireball malware takes over target web browsers, turning them into zombies, and has infected over 250 million computers worldwide.
Palo Alto Networks Unit 42 Vulnerability Research May 2017 Disclosures (Palo Alto Networks Blog) Unit 42 researcher uncovers two new Adobe Flash Vulnerabilities.
Phishing Campaigns Follow Trends (SANS Internet Storm Center) Those phishing emails that we receive every day in our mailboxes are often related to key players in different fields...
British Airways power meltdown blamed on IT contractor pulling the plug (Computing) BA source suggests that IT worker inadvertently switched off the power supply - and that UPS failed to cut in
Kmart Point of Sale Hacked with 'Undetectable' Malware (Infosecurity Magazine) In Kmart's second breach in three years, chip-and-PIN card readers significantly contained the fallout.
Hackers Demand Ransom for Stolen Surgery Photos (Infosecurity Magazine) Hackers demand Bitcoin ransom payment for stolen cosmetic surgery photos.
OneLogin Breach Reignites Concerns over Password Managers (Dark Reading) Entrusting all your passwords to a single organization creates a single point of failure, experts say in the wake of a new data breach at OneLogin.
Security Patches, Mitigations, and Software Updates
Google Purges Malware-Tainted Mobile Apps From Play Store (eWEEK) DAILY VIDEO: Google expunges apps tainted with ad fraud malware From Play Store; Panasonic unveils Its Latest Toughbook 2-in-1 hybrid; Trend Micro reveals state of human machine interface vulnerabilities; and there's more.
R7-2017-05 | CVE-2017-3211: Centire Yopify Information Disclosure (Rapid7) This post describes a vulnerability in Yopify (a plugin for various popular e-commerce platforms), as well as remediation steps that have been taken.
Cyber Trends
Weak DevOps cryptographic policies increase financial services cyber risk (Help Net Security) Weak DevOps cryptographic policies are a particular issue for financial services organizations, which have been early adopters of DevOps technology.
FTSE companies lack secure data collection methods (Help Net Security) More than one-third of all public web pages of FTSE 30 companies capturing PII are in danger of violating the regulation by doing so insecurely.
RSA: Digital Security Sets Organizations Apart | PYMNTS.com (PYMNTS.com) An annual report by RSA shows how consumers perceive the security of their digital experience, where those perceptions are well (or poorly) founded and how organizations can capitalize on opportunities to distinguish themselves in the market by providing stellar security. Is your information secure online? Are you sure? RSA takes a closer look at consumer […]
Bot.Me: A revolutionary partnership (PWC) How AI is pushing man and machine closer together
Marketplace
Cyber risk aggregation a threat to re/insurer solvency (ReinsuranceNe.ws) While underwriting cyber risks is seen as one of the biggest opportunities in insurance and reinsurance right now, the risks to re/insurers could be equall
DHS wants help to identify, attribute major web outages (Cyberscoop) DHS wants help identifying, attributing and combatting major internet disruptions — and will pay up to $15 million for research over the next three years.
Application of Network Measurement Science: Predict, Assess Risk, Identify (and Mitigate) Disruptive Internet-scale Network Events (PARIDINE) (US Department of Homeland Security Science and Technology Directorate) Research in such areas as Network Mapping and Measurement, Resilient Systems, Network Attack Modeling and Embedded System Security is essential for protecting critical infrastructure throughout the United States and the world.
YouTube bans ‘hateful’ videos from making money via its advertising network (TechCrunch) Following a backlash around brand advertising on controversial content, YouTube is making a move to clean up which videos are part of its ad network. The..
What Romeo and Juliet Can Teach Us About Security Market Confusion (Security Week) Recently, I was reminded of the well known quote from William Shakespeare’s play “Romeo and Juliet”: "A rose by any other name would smell as sweet". What exactly was I doing that reminded me of this quote? I was reviewing the different markets in the security space. How exactly does this bring this famous quote from “Romeo and Juliet” to mind? Allow me to elaborate.
Accenture acquires consulting firm LabAnswer (ZDNet) Accenture will use the acquisition to establish the new Accenture Scientific Informatics Services division.
Palo Alto Networks set for biggest rally since 2012 after strong results (Financial Times) Palo Alto Networks shot higher on Thursday, putting it in position for its biggest rise since its market debut almost five years ago after the US cyber security company unveiled upbeat results that bolstered expectations for a recovery after recent disappointments.
Check Point Software: My Cyber Security Pick (Seeking Alpha) Check Point’s recent earnings report shows that the company has a lot of room for growth, since it has no debt on its books. High margins and growth of cyber se
Data recovery firm Zerto doubles size of Boston HQ, plans hundreds of new hires (Boston Business Journal) Founded in 2010, Zerto is one of a number of young Massachusetts companies experiencing rapid growth by helping other firms store, manage and protect their data in the cloud. It's also been floated as a potential IPO candidate.
Dug Song (Crain's Detroit Business) Changing how Silicon Valley looks at Michigan
Ciao Group Announces New Cryptography Division to Develop Blockchain and Bitcoin Solutions in Addition to Other Emerging Cryptocurrency and Cryptographic Enterprises (PRNewswire) Ciao Group, Inc. (USOTC: CIAU) today announced launching a new Cryptography...
Malwarebytes seeks to cement Middle East footprint (ITP.net) Security vendors uses debut GISEC appearance to raise awareness around its solutions.
Radware lands largest-ever deal (NJBIZ) Mahwah-based cybersecurity firm Radware said Thursday it has secured its largest contract ever, a multimillion-dollar, three-year deal with a content delivery network service provider.
Israeli Government Awards Cyren with Cybersecurity Grant (PRNewswire) Cyren (NASDAQ: CYRN), a leading internet Security as a Service provider,...
LR Data Looks to Nominum to Deliver Managed Security Services for its Online Gaming Hub (BusinessWire) LR Data, Asia's first gaming jurisdiction, is securing the internet experience for millions of online gamers around the world with Nominum N2 ThreatAv
ESET Launches Year-long Campaign To Honor Three Decades of Innovation and Progress in IT Security (SatPR News) Today, cybersecurity leader ESET announces the launch of a global campaign commemorating its 30-year anniversary.
Exclusive Networks and Sophos part ways (ARN) Distributor and vendor agree mutual termination following 16-month partnership.
Pulse Secure Announces Distribution Agreement with Spectrami (Miltech) Dubai, United Arab Emirates – Under the terms of the agreement, Spectrami will offer its innovative Vendor Extension Model (VEM) to serve a channel community of Middle East regional partners through a full multi point engagement from pre-sales, sales, marketing, delivery and channel fulfilment.
Products, Services, and Solutions
New infosec products of the week: June 2, 2017 (Help Net Security) Plenty of new infosec product released this week. Featured vendors include Axis, CrowdStrike, EclecticIQ, Nest Labs. Nominum, WISeKey, and ZoneFox.
Microsoft warning over accidental release of Windows 10 test build to Insider Program members (Computing) Microsoft taking steps to ensure that 'rogue' builds aren't released in future
Microsoft Surface devices are immune to Intel AMT security vulnerability (BetaNews) Intel revealed in early-May that there is a critical security vulnerability in its Active Management Technology, which can be exploited to gain remote access to PCs. The feature is designed to help system administrators manage devices, so, due to its nature, it is more likely to affect enterprise users than consumers.
Beyond Security Joins LogPoint as Technology Partner (Banking Press Releases) The integration of security solutions hope to provide optimum security for customers.
Tenable Delivers Vulnerability Management Platform to Unify IT and OT Security (Dark Reading) Expanded Tenable.io platform incorporates Nessus Network Monitor alongside new container and web application security products for discovery and vulnerability management of operational technology assets, including ICS/SCADA.
Deloitte and LogRhythm Join Forces to Provide Advanced Cyber Security Solutions (BusinessWire) LogRhythm today announced that Deloitte in Canada has selected its Threat Lifecycle Management (TLM) technology to support Deloitte’s Managed Se
PhishMe® Offers Full-Service Phishing Response Service in EMEA with London Phishing Defence Centre Launch (BusinessWire) PhishMe, the leading provider of human phishing defence solutions, today announced the opening of their London Phishing Defence Centre (PDC).
Nominum announces availability of N2 Secure Business (Telecompaper) Nominum announced the availability of N2 Secure Business, a new cloud-based DNS security platform. Nominum said the platform can be offered as a network-based service by ISPs to protect their enterprise and small and mid-sized business (SMB) customers from IT security threats.
Raytheon Anschutz launches Synapsis Naval (Shephard) Raytheon Anschutz has launched a new naval navigation and bridge system called Synapsis Naval, the company announced on 30 May.
Tempered Networks makes it HIP to connect the unconnectable (Network World) Tempered Networks’ Identity-Defined Networking platform enables wide-area micro-segmentation without the age-old network barriers of address-defined networks.
Osprey Security Defends Global Ransomware Outbreak (IT Business Net) How Osprey Security's Endpoint Intelligence Platform protected its clients from a new wave of ransomware equipped with weaponized NSA exploits.
Verint Releases New CX Consulting and Service Offerings (MarTechSeries) Through CX strategy consulting, contact optimization, Omni-channel and digital experience, Verint customers can now take actions on the VoC Actionable Intelligence solutions provider, Verint Systems Inc. has announced a series of advanced Customer Experience (CX) consulting and packaged services which are specifically designed to help companies enhance their own customer experiences across interaction channels and customer […]
New York JFK international airport to enhance security with Thales (SatPRNews) John F. Kennedy International Airport (JFK) Terminal 4 is planning to modernise their Security Operations Center (SOC) with Thales – a world leader in airport security, providing smart airport solutions. This three-year contract is part of an extensive security modernization project at JFK Terminal 4 to enhance the situational awareness of its security operations.
Carbon Black Comes Out Swinging Against Cylance, Slams New EDR Solution (CRN) Just a week after the launch of its first EDR solution, Cylance has drawn fire from Carbon Black, which said in a blog post that the new competitor has a "lot of work ahead" if it wants to catch up to EDR leaders.
Technologies, Techniques, and Standards
In Remote Southern California Desert, U.S. Army Tests Advanced Cyber Weapons (NPR) In the remote southern California desert, Army soldiers are testing advanced new cyberweapons. The question is - are they too complicated to use on top of all the other equipment soldiers need in the field? Steve Walsh with member station KPBS spent a couple of days at Fort Irwin.
Cyber Mission Forces try to manipulate cyber terrain with new policy (FederalNewsRadio.com) DoD is reassessing the equipment cyber soldiers use and how it will fit in with the Pentagon’s goal of maintaining technological superiority.
Five essential pillars of big data GDPR compliance (DatacenterDynamics) The path to compliance through data governance
Improve incident response with SOPs for cyber threat intelligence (SC Media US) When it comes to improving cyberincident response, security teams can learn a valuable lesson from the military about the importance of standard operating
Report: Threat hunting is more SOC than intel (SearchSecurity) Early threat hunting is primarily SOC-driven. Despite the immaturity of some programs, 60% of those surveyed cited measurable security improvements.
10 Things to Consider Before Making a Security Software Purchase (PC World) Top tips to finding the right security solution for your needs
Citi Private Bank Issues New White Paper "Family Offices and Cybersecurity" (BusinessWire) Citi Private Bank released today a white paper focused on the growing cybersecurity threat and its relevance to Family Offices. The white paper survey
Are you creating cloud services security islands? | Networks Asia (Networks Asia) Cloud computing today is increasingly becoming the “de facto” technology for enterprises looking to stay agile and relevant in an increasingly disruptive economy powered by consumer trends and technologies.
OTA Members Reflect on Accomplishments Driving Online Security and Responsible Privacy (Benzinga) For more than a decade, the Online Trust Alliance has enhanced online trust and is now building for the future as an Internet Society initiative
Design and Innovation
The premature quest for AI-powered facial recognition to simplify screening (Ars Technica) "This technology at the airport... is premature. It’s not the right way to go."
Blockchain: What it Means for Cybersecurity (Infosecurity Magazine) Are Blockchains redefining cybersecurity or do they pose more security challenges than they solve?
Inside Google’s Global Campaign to Shut Down Phishing (WIRED) It's not easy keeping billions of devices safe from phishing attacks. Here's how Google pulls it off.
YouTube bans ‘hateful’ videos from making money via its advertising network (TechCrunch) Following a backlash around brand advertising on controversial content, YouTube is making a move to clean up which videos are part of its ad network. The..
Research and Development
Researchers from National University of Singapore and Caltech Discover Quantum States Fingerprint to Prevent Quantum Computing Error (Science Times) The international team of researchers has discovered that all entangled states of quantum objects have a distinctive fingerprint. This finding of entangled quantum state fingerprint is able to prevent error in the quantum computing and cryptography.
Draper’s DragonflEye cyber-bug takes flight (TechCrunch) Back in January we heard about Draper's efforts to outfit a living dragonfly with a sort of solar-powered mind control backpack. This project, known as..
Academia
Illinois State University Upgrades Cyber Security Program With A $3 Million Funding [VIDEO] (University Herald) Illinois State University receives $3 million from State Farm to enhance its Cybersecurity Program.
Legislation, Policy, and Regulation
The US Has Officially Blacklisted North Korea’s Tech And Defense Contractor (Motherboard) The US government just forbid any American citizen and company from dealing with North Korea’s unofficial tech department, but this will probably not change anything about North Korea’s internet.
Why Internet Access Is a Human Right (Foreign Affairs) Repressive governments around the world are increasingly turning to digital surveillance and Internet blackouts to stifle dissent.
Facebook, Google Urge Congress to Reform NSA Surveillance (Government Technology) Microsoft and Twitter also are among the 30 tech companies, trade groups and lobbyists asking Congress to reform Section 702 of the 2008 Foreign Intelligence Surveillance Act Amendments Act.
Who Benefits from the Backdoor in Technology? (Infosecurity Magazine) Governments want backdoors in encrypted communications, people want privacy, providers don't want to play ball - what's the solution?
Agencies Can Meet Challenges of Cyber Executive Order, MGT Act (MeriTalk) Government officials predict that though getting all Federal agencies to comply with the recent Cybersecurity Executive Order and the Modernizing Government Technology (MGT) bill will be difficult, the outcomes will be very beneficial for government.
BUDGET: Trump's spending plans keep DHS in cyber spotlight (EnergyWire) President Trump has called for slashing funds for most federal agencies while holding officials accountable for their cyberdefenses.
US visa applicants will have to provide social media handles (Help Net Security) Form DS-5535 requires visa applicants to share all social media handles. The decision of who'll be asked to fill it out rests with consular officials.
Litigation, Investigation, and Law Enforcement
What the House Subpoenas of Rice, Brennan, and Power in the ‘Unmasking’ Probe Mean (National Review) It’s not all about Russia.
Samantha Power Unmasked (Wall Street Journal) Why would a diplomat need to know the names of Trump officials?
Actually, There Was Extensive Improper NSA Collection Under Obama (National Review) President Trump, this morning: “The big story is the ‘unmasking and surveillance’ of people that took place during the Obama Administration.”
Fact Check: Why did the NSA breach privacy protections? (Weekly Standard) National Security Agency analysts under the Obama administration improperly searched Americans' information, but the searches were conducted largely out of error, according to a review of publicly available intelligence documents reported on by Circa last week.
FACT CHECK: Did 17 Intel Agencies ‘All Agree’ Russia Influenced The Presidential Election? (The Daily Caller) During an interview Wednesday with the tech news outlet Recode, former Democratic presidential candidate Hillary Clinton discussed at length her belief that Russian interference in the 2016 election
He didn’t give police his iPhone pass code, so he got 180 days in jail (Miam Herald) Christopher Wheeler of Hollywood, who is accused of hitting his daughter, insisted that he gave investigators what he remembered to be the right code to his phone.
Right to speak freely about engineering is subject of 1st Amendment lawsuit (Ars Technica) Engineer was fined $500 for discussing traffic-light engineering without a license.
ICO handed out £3.2m worth of data breach fines in 2016 (Computing) Human error cited as the main cause of most data breaches
Symantec Takes Rival Zscaler to Court at a Crucial Juncture (Market Realist) Symantec (SYMC) recently stepped up its legal battle against rival Zscaler by making seven more patent infringement claims against its competitor.
CMS IT boss Angelo Millena dodges jail time in trade union fraud scheme (CRN Australia) Judge says he is unlikely to re-offend.
Alleged Dark Web Gun Runners Smuggled Weapons in DVD Players, Karaoke Machines (Motherboard) The arrests come more than three years after their alleged last sale.