Cyber Attacks, Threats, and Vulnerabilities
Comey: Russians Targeted ‘Hundreds’ of Entities in Election Hacking (Motherboard) Former FBI director James Comey's testimony is a solid reminder that the Russian hacking campaign went far beyond the Democratic National Committee and John Podesta.
Everything We Know About Russia's Election-Hacking Playbook (WIRED) Just when the cybersecurity world thinks it's found the limits of how far Russian hackers will go to meddle in foreign elections, a new clue emerges that suggests another line has been crossed.
Online Voting Is a Terrible Idea (Motherboard) An ode to pen and paper.
Russian hackers to blame for sparking Qatar crisis, FBI inquiry finds (the Guardian) Gulf state isolated by neighbours after freelance hacking operation planted fake news to discredit emir over his Islamist links
Al Jazeera Media Network Battling Cyber Attack (Fortune) The hacking attempts are "systematic and continual," the network said.
Al-Jazeera claims to be victim of cyber attack as Qatar crisis continues (Ars Technica) Broadcaster targeted after hackers planted “fake news” on Qatar’s state news service.
Al Jazeera Media Network Hit by Massive Hack (Foreign Policy) Is this the latest in a series of unfortunate events in Gulf state relations?
Motorola Moto G4, G5 Vulnerable to Local Root Shell Attacks (Threatpost) Moto G4 and Moto G5 model Motorola phones are vulnerable to kernel command line injection vulnerabilities.
Android Malware with Code Injecting Capability Found on Google Play Store (HackRead) Google Play Store has been found harboring another malware and this one has the ability to disable the security settings on Android devices.
Malicious Android app installs 'impossible to remove' adware (HackRead) The IT Security researchers have discovered a new malware that is essentially an Android Package or APK masked as a cleaner app called Ks cleaner and trick
Malicious Android Applications Raise Concerns for Enterprises (Recorded Future) Malicious software targeting Android applications is far too common, raising the insider threat concern for enterprises.
Sneaky hackers use Intel management tools to bypass Windows firewall (Ars Technica) Serial ports don’t have firewalls.
Malware Uses Obscure Intel CPU Feature to Steal Data and Avoid Firewalls (BleepingComputer) Microsoft's security team has come across a malware family that uses Intel's Active Management Technology (AMT) Serial-over-LAN (SOL) interface as a file transfer tool.
Authentication Bypass, Potential Backdoors Plague Old WiMAX Routers (Threatpost) WiMAX routers manufactured by several companies, including Huawei and ZyXEL, are vulnerable to an authentication bypass and potential backdoors.
Linux Malware Mines for Cryptocurrency Using Raspberry Pi Devices (BleepingComputer) A Linux trojan detected under the generic name of Linux.MulDrop.14 is infecting Raspberry Pi devices with the purpose of mining cryptocurrency.
Boatload of Security Flaws Make Fosscam IP Cameras Absolutely Useless (BleepingComputer) IP cameras manufactured by Chinese vendor Fosscam are riddled with security flaws that allow an attacker to take over the device and penetrate your network.
Move Over, Mirai: Persirai Now the Top IP Camera Botnet (Dark Reading) Mirai's success has spawned a flurry of similar IoT malware.
The Reigning King of IP Camera Botnets and its Challengers (TrendLabs Security Intelligence Blog) Early this month we discussed a new Internet of Things (IoT) botnet called Persirai (detected by Trend Micro as ELF_PERSIRAI.A), which targets over 1000 Internet Protocol (IP) camera models.
Bitcoin, Litecoin Exchange BTC-E Suffers Massive DDoS Attacks (HackRead) After Internet of Things (IoT) devices, the favorite target of cyber criminals is cryptocurrency exchanges. In the latest, the popular Bitcoin and Litecoin
New PowerPoint malware delivery technique tested by spammers (Help Net Security) A spam run detected by several security companies has attempted to deliver malware through an innovative technique: a link in a PowerPoint slideshow.
Zusy Malware Spreading via PPTs, No Clicking Required (Infosecurity Magazine) The malware that executes when the user “mouses over” a link—no clicking or macros required.
Mouse hovering malware delivery scheme spotted, called potentially very dangerous (SC Media US) Cybercriminals have started using a new technique to infect computers that only requires the victim place their cursor over a malicious hyperlink for the malware to be injected.
Cyber Threats 101: Fileless Attacks (The Stealthiest of All) (Infosecurity Magazine) Malicious scripts that hijack legitimate software, without installing themselves on the hard drive at all.
I admit it, I'm a cyber security professional and I fell for a phishing email (CRN Australia) [Comment] Don't call me an idiot: misplaced arrogance is the biggest problem in today's cyber security world.
TheDarkOverlord Targets Entertainment Sector with Leak of Unaired ABC Show (SurfWatch Labs, Inc.) On Monday, the extortion group known as TheDarkOverlord released the first eight episodes of ABC’s soon-to-be-aired television show “Steve Harvey’s Funderdome” on the torren…
Cyberpunk 2077 developers blackmailed after hackers steal plans... (HOTforSecurity) Are you such a video game fanatic that you simply can't wait to get your paws on sneak previews of upcoming hit titles? If so, your fervour may be fuelling the criminal activities of an unnamed group of who have targeted a developer of highly popular video...
'Witcher' Developer Says Hackers Have Compromised Its Next Big Game (Motherboard) Life imitates art.
Security Patches, Mitigations, and Software Updates
June’s Android Security Bulletin Address Critical Vulnerabilities in Media Framework and Qualcomm Components (TrendLabs Security Intelligence Blog) Google recently released their June security bulletin for Android, which addresses critical vulnerabilities found in Media framework, as well as various critical vulnerabilities that are based on Qualcomm components.
Google Removes Rooting Trojan Dvmap From Play Store (Threatpost) Google removed a rooting an Android Trojan called Dvmap from Google Play that injects malicious code into an infected device’s system library.
VMware Patches Critical Vulnerabilities in vSphere Data Protection (Threatpost) VMware fixed two critical vulnerabilities in its vSphere Data Protection solution this week that could have allowed an attacker to execute commands on the appliance, among other outcomes.
Cisco Patches Critical Flaws in Prime Data Center Network Manager (Threatpost) Cisco patched two critical flaws in its Prime Data Center Network Manager, including one that could be exploited remotely and allow an attacker root access.
Cyber Trends
Exclusive: New SEC enforcement chiefs see cyber crime as biggest market threat (Reuters) Hackers are increasingly breaking into brokerage accounts to steal assets or make illegal trades, prompting U.S. securities regulators to start tracking cyber crimes more closely, two newly appointed enforcement officials said in an interview on Thursday.
Q1 Midmarket Threat Summary Report (eSentire) The Q1 Midmarket Threat Summary Report provides a quarterly snapshot of threat events investigated by the eSentire Security Operations Center (SOC).
GDPR a “huge business opportunity, not a compliance thing.” (Infosecurity Magazine) GDPR a “huge business opportunity, not a compliance thing.”
Global Cybersecurity Workforce Shortage to Reach 1.8 Million as Threats Loom Larger and Stakes Rise Higher ((ISC)²) Report calls for employers to look for new recruitment channels and consider workers with more diverse skillsets and non-technical backgrounds to attract and retain cybersecurity talent
Snyk - XSS Attacks: The Next Wave (Snyk) It’s been over 10 years since Cross Site Scripting (XSS) became big news, awareness has grown and defenses have become much more sophisticated. But, as we show in this post, recent data indicates XSS attacks are only increasing.
Thousands of Organizations Run the Majority of their Computers on Outdated Operating Systems, Nearly Tripling Chances of a Data Breach (PRNewswire) BitSight, the Standard in Security Ratings, today released a new...
Attack rates are increasing across the board (Help Net Security) Vectra looked at the prevalence of strategic phases of the attack lifecycle across 13 industries, and found finance and technology to be the most resilient.
Don’t like Mondays? Neither do attackers (CSO Online) You can reduce potential damage by paying attention to when attackers are most likely to strike.
Email-borne threats: Watch your inbox closely on Thursdays (Help Net Security) Malicious email attachment message volume spikes more than 38% on Thursdays over the average weekday volume, Proofpoint has discovered.
Marketplace
Cyber security can make or break mergers: study (iTWire) Cyber security concerns rank high on the list when corporates and private equity firms consider mergers and acquisitions of software companies, accord...
Yahoo $4.5 billion sale to Verizon to close Tuesday, golden parachutes approved (Mercury News) Yahoo shareholders also approve $23 million golden parachute for CEO Marissa Meyer.
With path cleared to close Yahoo deal, Verizon prepares the pink slip printer (Ars Technica) Deal to close June 13, as Yahoo stockholders approve endgame.
Microsoft confirms acquisition of security automation firm Hexadite (CRN Australia) May estimates valued the deal at US$100 million.
Cloud security firm Illumio raises $125m to expand 'adaptive segmentation' platform (ZDNet) The Sunnyvale, California-based company has raised $267 million in total from investors such as JPMorgan, Andreessen Horowitz, and Accel Partners.
Blockchain technology and cryptography provider Stratumn raises €7m (CryptoNinjas) Stratumn, a provider of network solutions securing processes between enterprises and their stakeholders through blockchain technology and ad...
Better Buy: FireEye Inc. vs. Check Point Software (The Motley Fool) It’s been a profitable year for shareholders of both data security firms, though for different reasons.
Symantec's CEO Says the Company's Got Its Groove Back (Fortune) Never mind what competitors might say.
Symantec and the changing of the guard in cybersecurity (CIO Dive) Traditional vendors can't always keep up with the malicious actors plaguing enterprise systems. What does that mean for established security companies?
Leidos and Cray Inc. Announce Strategic Alliance to Offer Multi-Level Security Solutions (EconoTimes) Leidos (NYSE:LDOS) a global science and technology solutions leader, and global supercomputer leader Cray Inc. (Nasdaq:CRAY) today announced the companies have signed a...
Webroot and ConnectWise Expand Partnership to Help Customers Reduce Web Browsing Risks (PRNewswire) Webroot, the market leader in endpoint security, network security,...
Webroot Announces Thirteenth Consecutive Quarter of Double-Digit Business Growth (PRNewswire) Webroot, the market leader in endpoint security, network security,...
Raytheon Lands $600M Army Software Sustainment Contract; Dave Wajsgras Comments (GovCon Wire) Raytheon (NYSE: RTN) has received a potential $600 million contract to provide software sustainment
We plan more acquisitions in tech, digital, cyber space: EY (DealStreetAsia) The 'big four' are evolving into technology consultancies as indicated by EY's acquisition of Melbourne-based Open Windows Australia
Ernst & Young denies that major redundancies in IT consulting are planned (Computing) A consultation is underway, admits E&Y, but nothing of the scale reported
Cyber Security Growth Network wants the world to buy Australian (ZDNet) The Cyber Security Growth Network's CEO wants to make it easier for Australian cyber firms to enter international markets without having to relocate.
Trustwave Announces Expansion in Chicago (Lawndale News) Mayor Rahm Emanuel joined Trustwave to open the company’s new and expanded headquarters in downtown Chicago.
Products, Services, and Solutions
New infosec products of the week: June 9, 2017 (Help Net Security) Absolute expands its self-healing endpoint security and compliance solutions for Android devices Absolute expands its support for Android to provide uncomp
ARC, SANS to collaborate on cybersecurity workforce education (Plant Services) The two organizations will work together to support cybersecurity workforce education and development for industry, energy, utilities, government, academia, and infrastructure
Oxygen Forensic Detective 9.4 Goes all in for Android Device Capabilities (PRNewswire) Oxygen Forensics, a worldwide developer and provider of advanced forensic data examination tools for mobile devices and cloud services, is going all in on Android devices by adding Samsung cloud extraction capabilities for its flagship product, Oxygen Forensic Detective 9.4, and through a partnership with Passware, Inc. to overcome data encryption on Android devices.
Keeping Threat Intelligence Ahead Of The Bad Guys (Forbes) Over the course of my recent series on establishing a cybersecurity portfolio, I’ve recommended five steps for businesses to engage in as they determine the security investments that are right for them: 1) Determine Needs; 2) Allocate Spending According to Risk; 3) Design Your Portfolio; 4) Choose the Right Products; and 5) Rebalance as Needed.
Juniper Security Platform Now Supports Cisco Switches (SDxCentral) Juniper Networks updated its network security platform, which now supports Cisco switches and integrates with Microsoft Azure and VMware NSX.
High-Tech Bridge ImmuniWeb named Best Emerging Technology (Help Net Security) Web and mobile application security testing services provider High-Tech Bridge has won the “Best Emerging Technology” category at the SC Awards Europe 2017.
Comodo AEP Eschews Tradition to Bring a New Level of Protection to the Enterprise (eSecurity Planet) Comodo’s Advanced Endpoint Protection (AEP) brings AI-powered analysis and a default-deny containment approach to the enterprise.
Frost & Sullivan Applauds the Unparalleled Accuracy of Deep Instinct's Deep Learning-Based Endpoint and Mobile Security Solution (PRNewswire) Based on its recent analysis of the endpoint and mobile security market for...
Centrify Fortifies Platform Security with Bugcrowd Bug Bounty Program (Sys-Con Media) Centrify to award up to $3,000 per vulnerability to ensure the security of the Centrify Identity Services platform
PhishMe Adds New GDPR Compliance Module to Their Complimentary Computer Based Training Program (BusinessWire) PhishMe®, a global provider of phishing defence and intelligence solutions for the enterprise, today announced the availability of a complimentary
EventTracker launches improved threat intelligence platform (BetaNews) The rapidly changing world of cyber security means that companies need to be able to respond quickly to threats.
Zenedge Launches API Security Solution with SDK (ProgrammableWeb) Zenedge has launched Zenedge API Security, a product designed to protect APIs from DDoS attacks and malicious bots.
How to buy Bitcoins, and where you can do it (Graham Cluley) Here are some basics to get you started…
Technologies, Techniques, and Standards
InfoSec 2017: how to protect yourself against the next WannaCry (Naked Security) What made WannaCry different from other ransomware attacks? We explain how it happened – and look at what lessons we’ve learned
Security Orchestration Fine-Tunes the Incident Response Process (Dark Reading) Emerging orchestration technology can cut labor-intensive tasks for security analysts.
Using History to Overcome the Challenge of Threat Intelligence Data Overload (Security Week) Applying unfiltered threat intelligence to defenses generates significant false positives
Insider Threat Detection in a Borderless World (Infosecurity Magazine) Detecting insider threats in this new environment also requires a different approach. One that combines securing applications, locking down identities and monitoring how identities use applications.
What the hacking of Gordon Ramsay’s email teaches us all (The State of Security) It doesn’t matter if you’re a regular user or a short-fused celebrity chef, we all need to harden the defences of our email accounts.
Design and Innovation
Apple’s Safari is going to use AI to track who’s tracking you (Naked Security) Safari will use machine learning to decide which third-party cookies to block, with the aim of reducing how much your footsteps around the web are followed by advertisers
To Stop Terrorists, Google Jigsaw’s Radical Strategy is Talking to Them (WIRED) Yasmin Green heads R&D at Jigsaw, a think tank at Google's parent company. Her radical strategy? Tackle the web's dark side by talking to its creators.
Cisco Patches Critical Flaws in Prime Data Center Network Manager (Threatpost) Cisco patched two critical flaws in its Prime Data Center Network Manager, including one that could be exploited remotely and allow an attacker root access.
Research and Development
Quantum-powered random numbers could provide key to better cryptography (SC Media UK) True randomness is impossible to achieve with conventional hardware, and some applications are terrible at it, but are our current random number generators 'good enough' and is it worth using quantum technology to achieve better randomness?
Academia
Summer STEM for Kids (SANS Internet Storm Center) It's summertime and your little hackers need something to keep them busy! Let look at some of the options for kids to try out. I’ve tried out each of these programs and have had good luck with them.
Legislation, Policy, and Regulation
Experts, Microsoft Push For Global NGO To Expose Hackers (NDTV) As cyberattacks sow ever greater chaos worldwide, IT titan Microsoft and independent experts are pushing for a new global NGO tasked with the tricky job of unmasking the hackers behind them.
The Roots of a Failing War Against Extremism, At Home and Abroad (War on the Rocks) Governments across the world are aware of the need to win the war of ideas with Islamism. However, many governments in the West have chosen to prosecute th
May to try to form government after UK election debacle, uncertainty over Brexit talks (Reuters) British Prime Minister Theresa May will ask Queen Elizabeth for permission to form a government on Friday after an election debacle that saw her Conservative Party lose its parliamentary majority days before talks on Britain's EU departure are due to begin.
Lawmakers to Pentagon: Tell Us When You Use Cyber Weapons (Defense One) A proposed law would require congressional notification when DOD conducts external cyber operations — offensive or defensive.
How New Social Media Background Checks Could Enhance Homeland Security (The Daily Signal) The Department of Homeland Security will now conduct social media background checks on the most high-risk individuals coming into America.
Task force tells Congress health IT security is in critical condition (Ars Technica) Report warns lack of security talent, glut of legacy hardware pose imminent threat.
The US Needs to Get Serious About Securing the Internet of Hackable Things (Motherboard) In an exclusive Motherboard op-ed, US Senator Mark Warner says last month's global WannaCry ransomware attack should be a wake up call for connected device security.
Litigation, Investigation, and Law Enforcement
People in the UAE Can Now Be Jailed for 15 Years for ‘Liking’ Qatar (Motherboard) In the wake of Saudi Arabia's row with Qatar, the United Arab Emirates is cracking down on social media dissent.
Iran says 5 Tehran attackers had fought for Islamic State (Military Times) Five of the men who launched an attack in the heart of Iran's capital previously fought for the Islamic State group, the country's Intelligence Ministry said Thursday, acknowledging the first such assault by the extremists in the Shiite power.
Accused leaker, an Air Force vet, ordered to remain jailed pending trial (Military Times) A federal judge ordered a young woman charged with leaking classified U.S. documents to remain jailed until her trial after prosecutors argued Thursday she might possess more stolen government secrets.
Case 1:17-mj-00024-BKE Document 5-1 Filed 06/05/17 AFFIDAVIT IN SUPPORT OF APPLICATION FOR ARREST WARRANT (US Department of Justice) I, Justin C. Garrick, being first duly sworn, hereby depose and state as follows
Alleged NSA leaker Reality Winner to plead not guilty (NBC News) Reality Winner, intelligence contractor who is accused of leaking a highly classified report, will plead not guilty, her lawyer told NBC News on Wednesday.
REALITY WINNER: Prosecutors: Alleged NSA leaker wanted to 'burn the White House down' (WSBTV) A federal magistrate judge held a detention hearing for Reality Winner Thursday afternoon.
WikiLeaks Declares War on The Intercept (The Daily Beast) The FBI says a reporter led it to an NSA leaker. Julian Assange says that person, whom he suspects is an Intercept reporter, is a ‘menace’ to sources, journalists, and democracy.
Statement for the Record Senate Select Committee on Intelligence (Senate Intelligence Committee) Chairman Burr, Ranking Member Warner, Members of the Committee. Thank you for inviting me to appear before you today.
James Comey Said Exactly What You Wanted Him to Say (WIRED) As you may have heard, earlier today, Trump's special guy he has that thing with sat before the Senate to answer questions about his brief tenure working with the Trump administration.
Comey: 'A foreign government used technical intrusion to try to shape the way we think' (Computing) Former FBI director gives evidence before the US Congress, claiming that Russia attempted to hack the recent US presidential elections
Chris Matthews: Trump-Russia collusion theory 'came apart' with Comey testimony (Washington Examiner) Matthews said that first Comey revealed 'Flynn wasn't central to the Russian investigation,' and secondly, he said that kills the idea that...
Comey: Trump told ‘Lies, Plain and Simple’ (Foreign Policy) The former FBI chief goes on the attack in his first public account of his firing, accusing the president of pressuring him to drop Flynn…
The ‘Private’ Jim Comey (Wall Street Journal) Some good questions the former FBI chief prefers not to answer.
Comey's Latest Statement Is An Indictment Of Comey, Not Trump (The Federalist) In his latest statement, former FBI director James Comey makes clear that he was playing a game with Donald Trump, and that Trump called his bluff.
James Comey Goes Back to Washington (WIRED) Recently fired FBI director James Comey’s unprecedented Senate hearing Thursday morning riveted official Washington and left reporters, members of Congress, and the American public with almost more questions than before...
Did Another Intelligence Director Lie to Wyden About Surveillance? (US News & World Report) Dan Coats said 'not to my knowledge' in an echo of James Clapper's infamous 'not wittingly' response.
It is not OK to break the law to catch criminals, judge rules (Naked Security) The ‘flagrancy of the FBI’s misconduct’ in obtaining the warrant and deploying malware in a fishing expedition to catch child abusers was ‘truly staggering’, said the judge…
Army colonel, others charged in alleged bribery scheme (Army Times) A U.S. Army colonel, his wife and a former defense contractor are accused of participating in what federal prosecutors call a bribery and kickback scheme connected to a Georgia military base.
Thailand jails man for 35 years for Facebook posts that insulted its royal family (TechCrunch) A man in Thailand has been sentenced to 35 years in prison after he was found guilty of insulting the country's royal family on Facebook. Identified only..