Cyber Attacks, Threats, and Vulnerabilities
ISIS claims responsibility for London Bridge attack (ABC News) ISIS has claimed responsibility for the attack that killed seven people in London on Saturday night.
London terrorist attack hours after Islamic State outlet called for knife and vehicle assaults on civilians (The Telegraph) An Islamic State group propaganda outlet exhorted would-be jihadists to carry out vehicle and knife attacks on civilians, just hours before three terrorists went on a rampage in central London.
Hackers Vow to Release Apparent Trove of U.A.E. Ambassador’s Emails (Daily Beast) The hackers are offering a sample of alleged messages they claim demonstrate “how a small rich country/company used lobbyists to hurt American interests and those of it allies.”
Recap: News agency hack blamed for diplomatic meltdown in Qatar (CSO Online) Early Monday morning in Bahrain, the country's Foreign Affairs Ministry said the nation has severed diplomatic ties with Qatar. Within minutes of Bahrain's announcement, the United Arab Emirates, Saudi Arabia, and Egypt followed suit. The diplomatic break between four of the Gulf Cooperation Council states is being partially blamed on a security incident at Qatar News Agency. The alleged hack resulted in a fake news article that inflamed leaders in the region.
Bahrain minister hacked hot on heels of Qatar cyber attack (News24) Hackers have taken over the Twitter account of the Bahraini foreign minister, just 10 days after a cyber attack on the Qatar official news agency.
Concerns deepen about cyber attack on Su 30, IAF starts inquiry (Sunday Guardian) Indian Air Force has started a court of inquiry to investigate the crashing of one of its Sukhoi 30 fighters in Assam, amidst concerns that the aircraft’s flying was “interfered with from outside” while it was still airborne, and that this may have led to the pilots suffering “spatial disorientation”. The aircraft went down last week near the India-China border after taking off from the Tezpur airbase in Assam.
Chinese Company Behind Adware That Infected Over 250 Million Computers (BleepingComputer) A Chinese digital marketing company named Rafotech is behind a wave of inter-connected adware families that found their way onto the computers of millions of users.
CIA Malware Can Switch Clean Files With Malware When You Download Them via SMB (BleepingComputer) After taking last week off, WikiLeaks came back today and released documentation on another CIA cyberweapon. Codenamed Pandemic, this is a tool that targets computers with shared folders, from where users download files via SMB.
"EternalBlue" vulnerability has been exploited to spread malware Gh0st RAT & Nitol backdoor (Penetration Testing) FireEye security researchers have recently discovered that ExternalBlue (Eternal Blue) vulnerabilities have been exploited by hackers using Nitol backdoor with malware Gh0st RAT. Malware Gh0st RAT is a Trojan program for Windows, which is...
EternalBlue NSA Exploit Becomes Commodity Hacking Tool, Spreads to Other Malware (BleepingComputer) ETERNALBLUE, an alleged NSA exploit targeting the SMBv1 protocol leaked by the Shadow Brokers in mid-April, has become a commodity hacking tool among malware developers.
Microsoft Lists Products Using Insecure SMB 1 Protocol (Redmondmag) Microsoft this week started publishing a list of devices and software products that use Server Message Block 1.
Another Spy Program Leaked onto the Dark Web, Second Web Attack Imminent (Deep Dot Web) The WannaCry ransomware infected over 300,000 computers worldwide including those operated by the Na...
WannaCry might be the tip of the iceberg states Digital Shadows (Security Middle East) WannaCry might be the tip of the iceberg states Digital Shadows. The attack on 200,000 plus computers across more than 120 countries around the world by...
QakBot Banking Trojan Causes Massive Active Directory Lockouts (Security Intelligence) IBM X-Force attributed a recent wave of malware-induced Active Directory (AD) lockouts across several IR engagements to the operators of the QakBot Trojan.
Centrelink partly blames 42m missed calls on cyber attack (iTWire) The Department of Human Services has claimed that part of the reason 42 million calls to Centrelink went unanswered in the period from June 2016 to Ap...
Jaff Malware Probe Uncovers Link to Cybercrime Marketplace (Threatpost) Researchers have discovered a shared backend infrastructure between the Jaff ransomware and a black market carder shop.
Hackers Behind Jaff Ransomware Selling Victims' Data on Dark Web (HackRead) The dark web marketplaces and undergrown marketplaces are full of vendors selling databases, weapons, illegal drugs and malicious software. Now security re
Security Alert: Jaff Ransomware Operation Tied to Cyber Crime Marketplace (Heimdal Security Blog) The ties between cyber criminal operations run deep. This alert reveals the connection between Jeff ransomware and a criminal marketplace:
Ads in Google Search Results Redirect Users to Tech Support Scam (BleepingComputer) Malicious ads displayed in Google search results for Target — the US retailer — redirected users to a tech support scam.
Man Accidentally Destroyed Production Database on First Day of His Job (HackRead) We all make mistakes, but some mistakes are fatal ending up with devastating consequences just like one of those Amazon engineers who's typo error caused a
Security Patches, Mitigations, and Software Updates
Apple test hints that iOS 11 will be the end-of-life for outdated, 32-bit applications (TechCrunch) Ahead of Apple's Worldwide Developer Conference today, and the expected announcement of iOS 11, the company briefly removed older, 32-bit iOS applications..
Duo Study Finds Millions of Devices Running Out-of-Date Systems, Despite High-Profile Breaches (Duo Security) Duo Security today released The 2017 Duo Trusted Access Report, analyzing the security health of 4.6 million endpoint devices, including 3.5 million mobile phones across multiple industries and geographic regions.
Symantec Offers Financial Malware Insights (PYMNTS.com) Symantec, a cybersecurity firm that specializes in research and cloud-based security, released new insights surrounding financial malware and ransomware in its latest Internet Security Threat Report (ISTR). According to the company, financial threats, with more than 1.2 million detections per year, are up to 2.5 times more widespread, compared to ransomware. Attacks that use ransomware […]
Patch-me-if-you-can: security teams struggle to apply updates in time (SC Media UK) Research from Bromium says security teams aren't being cut any slack on the patching front.
New Report Quantifies Time’s Impact on Costs of Data Breaches and Disruption Attacks (McAfee Blogs) New analysis from the Aberdeen Group, based on data provided by Verizon, provides fresh evidence quantifying the cost of time in two different incident typ
The cost of IoT hacks: Up to 13% of revenue for smaller firms (Help Net Security) Could IoT hacks cost an organization more than $20 million? Firms with annual revenues above $2 billion can look forward to this if not secure.
Japan to hawk home-grown cybersecurity tech at Interpol World next month (The Japan Times) Japan will set up its own pavilion at Interpol World 2017 in Singapore next month to show off home-grown cybersecurity technologies with government aid, pr
Cryptocurrencies go way beyond Bitcoin, and way out of reach (Financial Review) More than $US500 million has been raised in new crypto sub-markets.
Krypt.co scores a $1.2M seed round to simplify developer encryption key security (TechCrunch) Krypt.co, a new security startup founded by two former MIT students and one of their professors, is launching today with a free product called Kryptonite,..
Pulse Secure To Acquire Brocade's Virtual Application Delivery Controller Business (CRN) The acquisition is just the latest in a series of business spinoffs for Brocade, and helps Pulse Secure expand its secure access portfolio to services and applications.
Palo Alto Crushes Earnings, Finds Itself in Limelight After Cyber Attack (TheStreet) The Santa Clara-based company's stronger-than-expected first quarter earnings results have been the primary catalyst driving the shares higher this week.
Booz Allen Can’t Regain $27M Navy Cyber Contract At GAO (Law360) Booz Allen Hamilton Inc. has lost its attempt at the Government Accountability Office to claw back cyber support work consolidated by the U.S. Navy and doled out to a competitor for $27 million, with a bid protest decision made public Thursday signing off on each evaluation of price and capabilities.
Kaspersky Lab and AVL Software shake hands for automotive cybersecurity (Data Driver) A steadily increasing number of vehicle features – such as remote diagnostics, telematics and infotainment – are using communication cha...
'Shark' Robert Herjavec Secures A Place As An Entrepreneurial Icon (Investor's Business Daily) TV’s "nice Shark," Robert Herjavec, shows companies why they need to take cybersecurity threats much more seriously right now.
High-Tech Bridge Named a “Gartner Cool Vendor 2017” (BusinessWire) High-Tech Bridge, a leading provider of web and mobile Application Security Testing services, has been named a "Cool Vendor” in Gartner&rsq
Huawei Shores up cyber security (iTWire) Huawei Technologies (Australia) has announced the appointment of Dr Malcolm Shore as its Cyber Security Officer. Shore was born in England and studied...
Kensington Names Ben Thacker Vice President and General Manager (CIO Today) Years of experience with the industry and channel partners, as well as a deep understanding of our market sector will be invaluable
BAE's US arm adds former Senator Ayotte to board (Washington Technology) BAE Systems' U.S. subsidiary adds former Sen. Kelly Ayotte to board of directors for a three-year term.
Products, Services, and Solutions
NH-ISAC and Perch Security Aim to Revolutionize Information Sharing (PRNewswire) The National Health Information Sharing and Analysis Center, (NH-ISAC), a...
Security-intelligence deal will feed Cisco’s threat data to IBM’s cybersecurity AI (CSO) Vendors learning to play well together so users can focus on threats instead of integration
Technologies, Techniques, and Standards
Cyber warfare events begins Monday at Fort Gordon (Augusta Chronicle) The U.S. Cyber Center of Excellence will again host an event on the exploration of cyberwarfare and electronic warfare at Fort Gordon beginning Monday.
Army’s Cyber Quest Focuses on Industry Input (SIGNAL) The annual 26-day event runs through June 30 at Fort Gordon, Georgia.
Preparedness & Cyber Risk Reduction Part Two: Preparedness and Operational Planning (SurfWatch Labs, Inc.) In part one of this blog series, “Introduction to the Preparedness Cycle,” we took a general look at threats, risks, and preparedness. Recognizing that there will be undesired threats that develop …
Prudence over panic (FCW) A seasoned CISO explains why focusing too much on zero-days can distract from older vulnerabilities.
It's time for a common sense security framework (Help Net Security) Privacy Rights Clearinghouse maintains a database of every data breach made public since 2005, and as the total number of records rapidly approaches one bi
Securely Managing Employee Turnover: 3 Tips (Dark Reading) Don't let the process spiral into organizational chaos. Here are steps you can take to keep your company safe.
Design and Innovation
Machine learning in attack detection - what it can and can't do (Computing) MWR InfoSecurity's Luke Jennings examines how machine learning should - and shouldn't - be applied to security.
The Way You Walk Could Be the Best Biometrics Authentication Solution as of Yet (BleepingComputer) A person's gait, or the motions of his feet and body as he walks, could be used as a very reliable authentication method for offline security systems.
Research and Development
Research looks to make machines a little more human (C4ISRNET) DARPA-funded researchers created a “model of human norms” that gives machines a basic sense of manners and could eventually improve how unmanned systems interact with people across all sectors, including the military.
IBM creates a new transistor type for 5nm silicon chips (TechCrunch) IBM Research has created a new type of transistor for chips that enable 5nm construction, the smallest ever for a silicon processor. This new method, created..
Legislation, Policy, and Regulation
Theresa May says the internet must now be regulated following London Bridge terror attack (The Independent) New international agreements should be introduced to regulate the internet in the light of the London Bridge terror attack, Theresa May has said. The Prime Minister said introducing new rules for cyberspace would “deprive the extremists of their safe spaces online” and that technology firms were not currently doing enough.
May wants Britain to follow European lead emphasizing cybersecurity (Washington Post) But increasing cyber-surveillance does not necessarily curb terrorist violence, analysts say.
We want to limit use of e2e encryption, confirms UK minister (TechCrunch) The UK government has once again amped up its attacks on tech platforms' use of end-to-end encryption, and called for International co-operation to regulate..
London attack: Internet firms provide safe space for terrorists, claims PM (Ars Technica UK) Home secretary again demands "limit to the amount of end-to-end encryption."
Tech firms: We’re trying to make our sites hostile to terrorists (Ars Technica) Facebook, Twitter, and Google react to UK prime minister's call to limit encryption.
London attack: Tech firms criticise PM's condemnation (BBC News) Tech giants say they are working to fight extremism, after Theresa May calls for more regulation.
Theresa May's Terrorism Strategy (The Atlantic) In the Prime Minister’s speech Sunday, she said, “There is, to be frank, far too much tolerance of extremism in our country.”
The Manchester Bombing and British Counterterrorism (Foreign Affairs) Familiar patterns, fresh consequences
What the Government Can Offer British Cybersecurity (Infosecurity Magazine) There is no question that the uptake of Government resources is disappointingly low
Does the UK Need an Information Security Royal Charter? (Infosecurity Magazine) The information security profession needs to be identified as a key broker for all data assets.
Arab powers sever Qatar ties, citing support for militants (Reuters) The Arab world's strongest powers cut ties with Qatar on Monday over alleged support for Islamists and Iran, re-opening a festering wound just two weeks after U.S. President Donald Trump's demand for Muslim states to fight terrorism.
Asia ‘must unite’ against terrorism in region (South China Morning Post) Southeast Asian delegates at Shangri-La Dialogue in Singapore call for more cooperation against growing menace of Islamic State in the region
Putin says Snowden is not a traitor (The Times of India) Russian President Vladimir Putin has said he believes former US National Security Agency contractor Edward Snowden was wrong to leak US spy secrets, but is no traitor.
Vladimir Putin: election hackers could be American (euronews) Russian President Vladimir Putin says hackers could be from "anywhere", even America
ES Views: We must take the threat of cyber attacks seriously (Evening Standard) There is no silver bullet for protecting against ransomware and the overwhelming concern for personal data is exactly what cyber-criminals are counting on. The individual ransom demands seem low, around $300 (£230), but this will add up quickly if hundreds or thousands of computers are affected.
'Tallinn Manual 2.0'—the rulebook for cyberwar (Phys.org) With ransomware like "WannaCry" sowing chaos worldwide and global powers accusing rivals of using cyberattacks to interfere in domestic politics, the latest edition of the world's only book laying down the law in cyberspace could not be more timely.
Should CYBERCOM Split From the NSA? (International Policy Digest) There's a push to separate CYBERCOM from the NSA.
Wanted: DISA cyber warriors (C4ISRNET) The agency is vying for skilled cyber professionals — and developing their own.
Regulators doing 'more harm than good' on cybersecurity: The Clearing House (American Banker) The group representing large banks argued in a report Friday that overlapping regulations are hurting the industry's efforts to deal with cyberthreats.
Hack Back law would create cyber vigilantes (CSO Online) The Active Cyber Defense Certainty Act revision demonstrates what happens when you rely upon limited information and a cowboy mentality.
In Russian Region, A Soviet-Style 'People's Patrol' For The Cyber Age (RadioFreeEurope/RadioLiberty) A governor in Russia's southern Belgorod region has moved to set up the first official network of cyber-informers to root out illegal online content, an initiative that comes amid a broad crackdown on online speech that rights groups have denounced.
A Laptop Ban Leaves Everyone Scared and No One Safer (WIRED) In the rush to fetishize airplane attacks above all else, America's distorted perception of risk ultimately leaves everyone more scared and no safer.
China’s Weibo restricts overseas users on Tiananmen anniversary (TechCrunch) This weekend marked the anniversary of the Tiananmen Square massacre in China in 1989, one of the most infamous dates in the country's modern history. The..
Litigation, Investigation, and Law Enforcement
London attack: 12 arrested in Barking after van and knife incidents (BBC News) Seven people were killed and 48 others injured in a van and knife attack on London Bridge and Borough Market, in which three suspects were shot dead by police.
London Bridge terror attack extremist was reported to police for trying to radicalise children (Times (London)) One of the London Bridge terrorists tried to recruit children to join Islamic State and was twice reported to police over his extremist views, it was claimed yesterday. The Pakistani-born radical...
Burka women among a dozen arrests in armed police raids over London Bridge attack (Times (London)) Counterterror police raided two more properties this morning as they continue to dismantle the alleged network of the three jihadists who spread terror through London Bridge. A “number of people”...
‘You won’t break us. You won’t break us, ever.' A defiant London carries on after latest attack (Los Angeles Times) May calls for tough measures as police report 12 arrests in London rampage
Afghan Intelligence Arrests 'Would-Be Suicide Bomber' As Kabul Protest Continues (RadioFreeEurope/RadioLiberty) Afghanistan's intelligence agency says it has arrested a would-be suicide bomber who planned to detonate his explosives at the funeral of an antigovernment protester in Kabul.
Kabul funeral suicide bombers trained in Pakistan, Afghan intelligence says (FDD's Long War Journal) The three suicide bombers who killed 20 people and wounded scores more during a complex attack at a funeral at a Kabul cemetery trained at a Pakistani madrassa, according to Afghanistan's National Directorate of Security.
Rosenstein to testify next week (TheHill) Deputy Attorney General Rod Rosenstein is set to go before the Senate Intelligence Committee on Wednesday — just a day ahead of former FBI Director James Comey's first congressional testimony before the panel since his abrupt firing last month.
Ex-spy says NSA did mass surveillance during Utah Olympics (Washington Post) A former top spy agency official who was the target of a government leak investigation says the National Security Agency conducted blanket surveillance in Salt Lake City during the2002 Winter Olympics in Utah, according to court documents.
Cybercrime and security: A Russian perspective (al Jazeera) Kaspersky Lab responds to US allegations of doubt and addresses the rise in internet-based crime worldwide.
Police dismantle organised crime network suspected of online payment scams (Help Net Security) The action days for Operation MOTO on 29-31 May 2017 resulted in 9 arrests including the criminal network’s masterminds, as well as 25 house searches.
Supreme Court agrees to rule if cops need warrant for cell-site data (Ars Technica) Justices to clarify protections of the Fourth Amendment in the digital age.
Researchers Use Ridesharing Cars to Sniff Out a Secret Spying Tool (WIRED) University of Washington researchers put sensors in 15 ridesharing cars, and uncovered new evidence of how stingrays are being used and how to detect them.
Students Lose Acceptance to Harvard Over Racist Memes (Motherboard) At least 10 incoming freshmen have had their admission revoked for sharing offensive content in an exclusive Facebook chat.