Cyber Attacks, Threats, and Vulnerabilities
'Crash Override': the Malware that Took Down a Power Grid (WIRED) At midnight, a week before last Christmas, hackers struck an electric transmission station north of the city of Kiev, blacking out a portion of the Ukrainian capital equivalent to a fifth of its total power capacity.
Newly Discovered ‘Nightmare’ Cyber Weapon Is Already Causing Blackouts (The Daily Beast) The first hack was small, cutting power to part of Kiev. But security experts now warn that was just the start—the malware is a genuine cyber weapon that threatens the U.S.
Qatar-Gulf crisis: All the latest updates (Al-Jazeera) The latest news after Arab Gulf countries cut diplomatic ties with Qatar and suspended Doha-bound flights.
Qatar reveals preliminary results of QNA hacking probe (Al-Jazeera) Investigation team identified sources through which the cyber-attack was carried out, interior ministry says.
Al-Jazeera claims to be victim of cyber attack as Qatar crisis continues (Ars Technica UK) Broadcaster targeted after hackers planted “fake news” on Qatar’s state news service.
UAE email leak: Yousef al-Otaiba criticises Trump (Al-Jazeera) New round of leaked emails show repeated criticism of then presidential candidate Trump by UAE ambassador to the US.
Zawahiri lectures on global jihad, warns of national boundaries (FDD's Long War Journal) Sometime in the last few years, al Qaeda emir Ayman al Zawahiri got an editor. Known for his long-winded lectures, Zawahiri has increasingly recorded shorter messages with more focused arguments.
The “Doubleswitch” social media attack: a threat to advocates in Venezuela and worldwide (Access Now) Our Helpline discovered a new hijacking attack on social media that places users at risk worldwide -- especially journalists and human rights defenders.
Information Warfare: THAAD The Hack Attack Magnet (Strategy Page) In May 2017 the United States revealed that it had sent one of its few cyber protection teams to defend the THAAD (Terminal High Altitude Area Defense) battery sent to South Korea earlier and declared operational in April.
CertLock Trojan Blocks Security Programs by Disallowing Their Certificates (BleepingComputer) A new Trojan called CertLock blocks Windows security vendor's programs from being installed or running by blocking their certificates in Windows.
MacRansom and MacSpy Malware-as-a-Service Portals Put Mac Users on Alert (BleepingComputer) Security researchers have finally got their hands on samples of two new strains of Mac malware that have been offered through Malware-as-a-Service (MaaS) portals on the Dark Web for almost two weeks now.
MacRansom: Offered as Ransomware as a Service (Fortinet Blog) Many Mac OS users might assume that their computer is exempt from things like ransomware attacks and think that their...
IBNS Malicious Infrastructure Targets Financial Institutions (Wapack Labs) In the last days of May, Wapack Labs identified a large email delivery infrastructure targeting multiple industries including finance...
Android ransomware hides in fake King of Glory game (Naked Security) Taking design cues from WannaCry, a fake copy of the popular King of Glory game is being used to spread ransomware
Sophos: Beware the rise of the super-professional cyber-criminal (IT Pro Portal) Ransomware is getting more professional, and we should all be doing more to prepare for it, Sophos expert tells ITProPortal.
ForcePoint: TrickBot spreading using Necurs botnet (Computing) TrickBot malware shifts from malvertising to Necurs botnet to spread, warns Malwarebytes,
Platinum APT First to Abuse Intel Chip Management Feature (Threatpost) Microsoft has found a file-transfer tool used by the Platinum APT that leverages Intel Active Management Technology to stealthily load malware onto networked computers.
PLATINUM continues to evolve, find ways to maintain invisibility (Windows Security) Back in April 2016, we released the paper PLATINUM: Targeted attacks in South and Southeast Asia, where we detailed the tactics, techniques, and procedures of the PLATINUM activity group.
GameStop Online Shoppers Officially Warned of Breach (Threatpost) Some customers are irked it took GameStop months to inform them that their personal and financial information could have been compromised in a breach of GameStop.com that began in August 2016.
How End-User Devices Get Hacked: 8 Easy Ways (Dark Reading) Security experts share the simplest and most effective methods bad guys employ to break into end-user devices.
Half of ICS Firms Suffered Security Incident Last Year (Infosecurity Magazine) Half of ICS Firms Suffered Security Incident Last Year. Kaspersy Lab claims ineffective security costs them $497K each year
Ogdensburg working to shift funds to make up for cost of recent cyber attack (North Country Now) The City of Ogdensburg is working to shift around funding in the wake of a cyber attack in April, according to a report.
Security Patches, Mitigations, and Software Updates
Virgin Media rushes to patch security flaw in Super Hub routers (Computing) One encryption key to rule all routers clearly a bad idea,
Microsoft's Next Windows 10 Security Feature Looks to Be Exploit Guard (Petri) Microsoft is working on a new security feature for Windows 10 called Exploit Guard that will allow admins to block users and applications from accessing dangerous domains.
Cyber Trends
Companies more prone to cyber attack, 60% software unregulated: EY (The Economic Times) Last month, over 100 countries were hit by 'WannaCry' ransomware in one of the most widespread cyber attacks in history.
PhishLabs Releases Phishing Trends & Intelligence Report for Q1 2017 | 06/08/17 (Business Insider) PhishLabs, the leading provider of 24/7 phishing defense and intelligence solutions, today announced the release of its Phishing Trends & Intelligence (PTI) Report for the first quarter of 2017.
Cisco VNI: DDoS Attacks to Increase 2.5-Fold By 2021 (Infosecurity Magazine) The average DDoS attack size is approaching 1.2Gbps—enough to take most organizations completely offline.
Bored employees seen as biggest potential data security risk (Help Net Security) Employees who become distracted at work are more likely to be the cause of human error and a potential security risk, according to a Centrify poll.
Pirate Bay founder: We’ve lost the internet, it’s all about damage control now (The Next Web) TNW spoke with Pirate Bay's Peter Sunde about the miserable state of the internet and how we've lost the chance to decentralize it.
What Marketers Need To Know About Cybersecurity (Forbes) What do marketers need to know about cybersecurity?
Marketplace
The Behavioral Economics of Why Executives Underinvest in Cybersecurity (Harvard Business Review) And how to change their minds.
Here’s what the top accelerators in North America are funding (TechCrunch) The top startup accelerators have a history of seeing the future in ideas that sounded silly at the time. After all, who would have foreseen billion-dollar..
No known ransomware can infect Windows 10 S, but Microsoft remains worried, buys Israel's Hexadite (International Business Times, India Edition) Cyber threats like ransomware are growing in sophistication and reach, leaving Microsoft worried about Windows 10's security.
Better Buy: Palo Alto Networks, Inc. vs. Check Point Software (The Motley Fool) The two upstart data security providers are taking decidedly different paths to growth.
Palo Alto: Recovery Or Mediocrity? (Seeking Alpha) About a week ago, Palo Alto reported the results of its fiscal Q3. Many sub-headline metrics continued to deteriorate in a very noticeable fashion.
Diversify from FireEye Inc (FEYE) Stock to Win in Cybersecurity (InvestorPlace) Given the uncertainty in the value of FEYE stock and its peers, it might be a better idea to more widely invest in the space.
Trump-linked US firm at heart of French intelligence (EU Observer) French counter-terrorism services have begun work with a US firm that is close to Trump and to the CIA, posing questions on French data security.
Booz Allen secures Navy network contract (C4ISRNET) Booz Allen Hamilton has been awarded a $96.1 million Navy tactical network deal.
Thales opens a new cybersecurity training centre in Belgium (Military Technologies) Thales is inaugurating a new Cyberlab today in Tubize, in the south of the Brussels region...
Lookout Makes Key Hires to Support Record Company Growth (PRNewswire) Lookout, the global leader in securing mobility, has added two key...
Products, Services, and Solutions
Infoblox and Rapid7 Deliver Security Orchestration to Bridge Silos (Infoblox) Infoblox Inc., the network control company that provides Actionable Network Intelligence and Rapid7, Inc. (NASDAQ: RPD), a leading provider of analytics solutions for security and IT operations, today announced new solution integrations to provide enhanced security orchestration capabilities.
Google game teaches kids about online safety (Help Net Security) Talking to kids about online safety is a difficult undertaking for many adults, and making the lessons stick is even harder.
Comodo AEP Applies AI to Constant Battle Against Ransomware, Malware (eWEEK) Comodo Advanced Endpoint Protection provides an enterprise endpoint security platform that uses artificial intelligence to ferret out ransomware and other types of malware hidden in application and data files.
Ixia to deliver visibility into subscriber traffic for mobile operators (Financial News) Ixia, a provider of network testing, visibility, and security solutions, has extended the capabilities of CloudLens...
Merck KGaA, Darmstadt, Germany, Selects illusive networks' Deceptions Everywhere Cybersecurity (PRNewswire) illusive networks, the leader in Deceptions Everywhere®...
Deloitte, LogRhythm to advance cyber security solutions (ITP.net) Deloitte has chosen LogRhythm's Threat Lifecycle Management technology to support its cyber security offerings .
PerimiterX Looks Beyond the WAF to Protect the Web Against Bots (eSecurity Planet) There was a brief period of time when defending a web server application simply required a Web Application Firewall (WAF).
Kaspersky Lab, Injazat sign MoU (Arabian Industry) The two companies to extend cooperation in cybersecurity
Qualys Container Security: Discover, track, and secure containers (Help Net Security) Qualys Container Security performs inventory and real-time tracking of changes to containers deployed across on-premises and elastic cloud environments.
FairWarning Launches Onsite North Carolina User Group (PR Newswire) FairWarning is proud to announce an additional customer program for its growing number of North Carolina based health systems.
Technologies, Techniques, and Standards
Computer printers have been quietly embedding tracking codes in documents for decades (Quartz) Imperceptible yellow dots identifying the specific device and time of printing are used by governments to track who printed documents.
OCR Issues a Cyberattack Response 'Checklist' (GovInfo Security) HHS has issued a checklist and other materials to aid healthcare organizations and their vendors in their “quick response” to cyberattacks. The move comes as
Lessons from TV5Monde 2015 Hack (Comae Technologies) Watch-out for compromised third party accounts and bad Active Directory configuration.
CEOs' risky behaviors compromise security (CSO Online) If shadow IT is a problem with business decision makers, that may be a sign your senior security person isn't engaged at a high enough level.
IoT Security: Are Universities’ DNS and DHCP Ready for the Challenge? (EfficientIP) Read about the network challenges higher education institutions face due to the Internet of Things, plus a preparedness checklist to follow to handle the IoT wave.
Building a strong cybersecurity program for the long haul - Help Net Security (Help Net Security) Is it possible to reduce the impact of an event like WannaCry? With a good security program in place companies can weather an attack like WannaCry.
Design and Innovation
Google Releases reCAPTCHA API for Android (Threatpost) Google has released a reCAPTCHA API for Android, a first for the mobile applications.
Apple Is Trying To Make Your iMessages Even More Private (Motherboard) Apple wants to make its cloud as secure and private as its devices, starting with iMessage.
Researcher Wants to Protect Whistleblowers Against Hidden Printer Dots (BleepingComputer) Gabor Szathmari, a security researcher for CryptoAUSTRALIA, is working on a method of improving the security of leaked documents by removing hidden dots left behind by laser printers, which are usually used to watermark documents and track down leakers.
The Economics of Software Security: What Car Makers Can Teach Enterprises (Dark Reading) Embedding security controls early in the application development process will go a long way towards driving down the total cost of software ownership.
Apple's Don't Disturb While Driving Mode is a Blunt Answer to a Nuanced Problem (WIRED) Apple announced a bunch of whizz-bang thingamabobs at its Worldwide Developers Conference this week—a new iPad, the Homepod, smart security upgrades
The Paranoid Style of American Architecture (CityLab) From the mirrored fortress of the National Security Agency headquarters to the new U.S. Embassy in London, the built environment of the security state reflects our national anxieties.
Ai WeiWei Gets Artsy-Fartsy About Surveillance (WIRED) Walk down the street in New York City and your likeness will be captured on camera dozens of times.
Research and Development
New Math Untangles the Mysterious Nature of Causality (WIRED) In his 1890 opus, The Principles of Psychology, William James invoked Romeo and Juliet to illustrate what makes conscious beings so different from the particles that make them up.
Academia
Ivy Tech Honored For Cyber Security 'Excellence' (Inside Indiana Business) Ivy Tech Community College has secured a key federal designation. The National Security Agency and the U.S. Department of Homeland Security have named it a National Center of Academic Excellence in...
Texas A&M receives award during annual cybersecurity summit (The Eagle) Texas A&M University is quickly establishing itself as one of the country's leading academic centers for cybersecurity as the subject continues to permeate a broader scope both nationally and internationally.
Legislation, Policy, and Regulation
Ukraine parliament restores NATO membership as strategic target (Defense News) The Ukrainian parliament has voted to restore NATO membership as the country’s strategic foreign policy objective.
Here’s how Ukraine is a laboratory for both Russia and the US (C4ISRNET) The U.S. is learning from Russia and Russian-supported forces in Ukraine.
Trump publicly commits to NATO mutual-defense provision (POLITICO) Trump has been critical of NATO since his presidential campaign.
Gibraltar develops national cyber security strategy (Gibraltar Chronicle) The Gibraltar Contingency Council is working on developing a national cyber security strategy for the Rock, in a bid to build community-wide awareness of online threats.
Cabinet targets platform for information security (Taipei Times) The Cabinet plans to establish a shared platform for coordination on information-security efforts aimed at operators of the nation’s critical infrastructure, a source said yesterday.
Fort a growing center of military intelligence (Augusta Chronicle) The facility where accused classified document leaker Reality Winner worked is the nerve center for the growing intelligence and cyberwarfare operations based at Fort Gordon.
Where does the cyber security buck stop? (Help Net Security) Governments should fine-tune laws to criminalize specific cyber attacks and create regulations that incentivize businesses to secure their products.
Keep Calm and Comply: One Year and Counting Until GDPR (Infosecurity Magazine) Practical tips from the experts on how to get in shape ahead of GDPR
20 Million Reasons for C-Suite to pay Attention to Data Loss (Infosecurity Magazine) Fines of up to €20 million for breaches of personal data will be enabled by GDPR which comes into force on 25 May 2018.
What is 'personal data'? IT leaders debate the GDPR definition (Computing) The GDPR's definition of 'personal data' is so broad that it is causing concern across the IT industry.
Litigation, Investigation, and Law Enforcement
French Police Seize Two Tor Relays in WannaCry Investigation (BleepingComputer) Two days after the WannaCry ransomware outbreak wreaked havoc across the world, French police seized a server running two Tor relays belonging to French activist Aeris...
Syrian Accused of Working for ISIS News Agency Is Arrested in Germany (New York Times) The 23-year-old man, identified only as Mohammed G., is believed to have been a conduit between terrorists and the Islamic State’s Amaq news agency.
Festnahme eines mutmaßlichen Mitglieds der ausländischen terroristischen Vereinigung „Islamischer Staat“ (IS) (Generalbundesanwalt) Die Bundesanwaltschaft hat gestern (7. Juni 2017) aufgrund eines Haftbefehls des Ermittlungsrichters des Bundesgerichtshofs vom 24. Mai 2017
London Bridge attack: eight minutes that shot down Britain’s strategy on terror (Times (London)) As units of armed police swarmed through the alleys of Borough Market in the aftermath of last weekend’s terrorist attack at London Bridge, officers arrived at the locked doors of Southwark...
A grim pattern in European attacks: Missed chances to pinpoint terrorism suspects beforehand (Los Angeles Times) European nations have built massive watch lists of potential terrorists. But the lists are so extensive it is often unclear who poses the most serious threats, and thus merits close surveillance.
Tech firms could do more to help stop the jihadists (The Economist) But legal restrictions must be proportionate and thought through
Can U.S. Spies Reinvent Themselves After the Russia Hacks? (The Daily Beast) The first step in taking corrective action is to admit that the Russians were successful in interfering in the 2016 election.
Reality Leigh Winner’s trial won’t come soon (Augusta Chronicle) Reality Leigh Winner’s trial on an allegation that she leaked a National Security Agency’s classified document won’t be anytime soon.
Editorial: Reality Winner's arrest is a first step to rebuilding trust (Richmond Times-Dispatch) We applaud the arrest of Reality Leigh Winner, a federal contractor who leaked classified NSA documents about Russian efforts to hack the 2016 election.
Ron Martz: US has too many secrets, too many with access to them (Gainsville Times) The arrest last Monday in Augusta of 25-year-old Reality Leigh Winner for allegedly passing top-secret government documents to an online news site says as much ...
NSA leak affords privacy reminder (Northwest Arkansas Democrat-Gazette) It took just days for authorities to arrest and charge a federal contractor with leaking classified intelligence to the media.
Why Trump Wins (Wall Street Journal) Will Robert Mueller investigate intelligence agencies for playing in domestic politics?
Full text: James Comey testimony transcript on Trump and Russia (POLITICO) A transcript of Comey's testimony before the Senate Intelligence Committee.
Alan Dershowitz: History, precedent and James Comey's opening statement show that Trump did not obstruct justice (Washington Examiner) Comey's statement may provide ammunition to Trump opponents, but unless they are willing to stretch his words, and unless they are prepared...
After Comey Testifies, One Scandal Gets Smaller, Another Gets Bigger (National Review) There is much to unpack in former FBI director James Comey’s almost three hours of live testimony today, but my summary is rather simple.
‘Total and Complete Vindication’? No Way. (Foreign Policy) There are reams of evidence pointing toward Trump's collusion and obstruction — and we don’t even know what James Comey said in closed session.
Did James Comey's Leaks Violate The FBI Employment Agreement? (The Federalist) Former FBI director James Comey's decision to leak FBI documents to a friend may have violated the FBI's employment agreement regarding unauthorized leaks.
A Shining Comey on a Hill (Foreign Policy) Can the former FBI director lead us back to our better selves?
A Pro-Trump Conspiracy Theorist, a False Tweet and a Runaway Story (New York Times) The journey of one tweet shows how misinformed, distorted and false stories are gaining traction far beyond the fringes of the internet.
OPINION: The damaging case against James Comey (TheHill) OPINION | President Trump was able to bait the former FBI director into diminishing his own credibility.
Sessions getting sucked further into Trump’s Russia mess (POLITICO) The attorney general is set to appear before his former colleagues after Comey hinted at more ‘problematic’ issues with Sessions and Russia.
Republicans urge Trump on tapes; Sessions to testify Tuesday (Military Times) Fellow Republicans pressed President Donald Trump on Sunday to come clean about whether he has tapes of private conversations with former FBI Director James Comey and provide them to Congress if he does...
Homeland Security Secretary Defends Plan for Russia Back Channel (Apps for PC Daily) Lindsey Graham (R-SC), are questioning the veracity of the articles, first reported by the Washington Post Friday, others, like Department of Homeland Security Secretary John Kelly, are making the remarkable case that Trump's son-in-law secretly communicating with the Kremlin would be a "good thing".
NSA backtracks on sharing number of Americans caught in warrant-less spying (Reuters) For more than a year, U.S. intelligence officials reassured lawmakers they were working to calculate and reveal roughly how many Americans have their digital communications vacuumed up under a warrant-less surveillance law intended to target foreigners overseas.
Congress Getting Pissed Off Over Failure Of Intel Community To Reveal How Many Americans Are Being Spied On (Techdirt.) As we've pointed out for many, many years, Senator Ron Wyden has been banging the drum, asking the Director of National Intelligence to reveal how many Americans are having their communications swept up under Section 702 of the FISA Act.
EFF Sues DOJ Over National Security Letter Disclosure Rules (Threatpost) The Electronic Frontier Foundation sued the United States Department of Justice demanding to know whether the agency is complying with rules that mandate a periodic review of National Security Lett…
Former Official: Obama Admin 'Systematically Disbanded' Units Investigating Iran's Terrorism Financing Networks (Washington Free Beacon) The Obama administration "systematically disbanded" investigative units focused on disrupting terrorism networks out of concern over friction with Iran.
Screenshots and a Terrorism Case – Hunchly (Medium) R. vs. Hamdan
Chinese Cops Cuff Suspects in Apple Insider Scam (Infosecurity Magazine) Chinese Cops Cuff Suspects in Apple Insider Scam. The £6m ring sold personal data from iOS customers
Supreme Court to rule on warrants for cellphone location data (Naked Security) Should you be surprised if location data is used as evidence against you? Should police need a warrant for it? It’s time for some overdue clarity
Legal Privilege for Data Security Incident Investigation Reports (Lexology) Data security incident response activities usually involve the creation of sensitive communications and documents that might be subject to legal…