Cyber Attacks, Threats, and Vulnerabilities
WikiLeaks Reveals How the CIA Could Hack Your Router (WIRED) Your Wi-Fi router, sitting in the corner of your home accumulating dust and unpatched security flaws, provides an attractive target for hackers. Including, according to a new WikiLeaks release, the CIA.
US intelligence links WannaCry ransomware attack to North Korea (Scroll) The NSA analysed tactics, techniques and targets that suggest the Reconnaissance General Bureau, North Korea’s spy agency, was behind the attack.
The NSA has linked the WannaCry computer worm to North Korea (Washington Post) A ‘moderate confidence’ assessment points to Pyongyang’s spy agency.
NHS cyber-attack was 'launched from North Korea' (BBC News) The Lazarus group - who targeted Sony Pictures in 2014 - believed to have been behind NHS cyber-attack.
‘Failure of the imagination’: Malwarebytes on WannaCry and future of cybersecurity (Tech Wire Asia) Malwarebytes got together with Tech Wire Asia to talk about the recent WannaCry ransomware attacks, and the way cybersecurity is evolving to deal with increasingly sophisticated malware writers.
DHS and FBI Publish Details on DeltaCharlie, North Korea's DDoS Botnet (BleepingComputer) In a US-CERT report released yesterday afternoon, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have published IOCs about a malware family known as DeltaCharlie, used by North Korea to create its private DDoS botnet.
North Korea's Sloppy, Chaotic Cyberattacks Also Make Perfect Sense (WIRED) North Korea is arguably the least-understood nation on the planet. And that also applies to its state-sponsored hackers whose global cyberattacks have been almost as erratic and inscrutable as the government they work for.
Metadata Analysis Draws its Own Conclusions on WannaCry Authors (Threatpost) Researchers at Telefonica’s cybersecurity unit ElevenPaths conducted an analysis of WannaCry metadata.
Facebook Exposed Moderators to the Very Suspected Terrorist Groups They Were Monitoring (Motherboard) One moderator fled the country and went into hiding.
Facebook staff had their identities exposed to suspected terrorists due to security lapse (Graham Cluley) You might imagine it's all very exciting and glamorous to be able to boast that you work for the world's biggest social network, but the reality may be rather different.
Hackers Using Chinese Malware to Rob ATMs Using Outdated Windows XP (HackRead) As technology progresses, it seems that hackers and hacking methods do too. It wasn't that long ago when hackers had to steal your credit card info or your
Cyber extortionists target North American companies (Help Net Security) Hackers are hitting North American companies, threatening to leak stolen info and disrupt their networks if they don't pay a hefty ransom.
FIN10: Anatomy of a Cyber Extortion Operation (FireEye) FireEye has identified a set of financially motivated intrusion operations being carried out by an actor we have dubbed FIN10.
Nigerian BEC Scams Hit 500 Companies in 50 Countries (Threatpost) A Kaspersky Lab report on Thursday said an especially potent Nigerian Business Email Compromise campaign has stolen sensitive data from over 500 companies in 50 countries.
The Ethereum Network Is DDoS-ing Itself (Motherboard) The network experienced huge delays following its largest ever crowd sale, leaving some to wonder if there’s a better way.
Turf War Erupts Between Crypto Currency Miners (Cyphort) Cyphort has been monitoring how threat actors are exploiting computing resources from compromised victims to mine various crypto currencies. In our latest discovery, it seems these threat actors are aware …
Former Major Player Neutrino Exploit Kit Has Gone Dark (BleepingComputer) The Neutrino exploit kit, a former leader of the exploit kit market, appears to have shut down, with the last activity recorded at the start of April, well over two months ago.
Top Exploit Kit Activity Roundup - Spring 2017 (Cloud Security Solutions | Zscaler) This is the fifth in a series of posts in which we're examining recent activity of the current top exploit kits. An exploit kit (EK) is a rapidly deployable software package designed to leverage vulnerabilities in web browsers to deliver a malicious payload to a victim’s computer. Authors of EKs offer their services for a fee, distributing malware for other malicious actors.
Erebus Ransomware Targets Linux Servers (HackRead) The IT security researchers at Trend Micro recently discovered malware that has the potential to infect Linux-based servers. The malware, called Erebus, ha
More evidence Mac ransomware exists (Naked Security) Mac ransomware is rare but Apple computers are far from immune – here’s how to protect yourself.
Top university under 'ransomware' cyber-attack (BBC News) UCL, one of the world's top ranked universities, has come under a major ransomware cyber-attack.
Ulster University Also Suffered Ransomware Outage This Week (Infosecurity Magazine) Ulster University Also Suffered Ransomware Outage This Week. Northern Ireland uni was hit on the same day as UCL
US restaurants targeted with fileless malware (Help Net Security) Morphisec researchers have spotted another attack campaign using fileless malware that is believed to be mounted by the infamous FIN7 hacking group.
Uberscammers (SANS Internet Storm Center) E-mail scams, phishing and social engineering is something that we (security people) became really used to. Even from the penetration testing engagements I do, when we utilize social engineering, it’s almost always extremely successful showing that, unfortunately, people still do not pay enough attention to validity of e-mails they received.
Samsung KNOX Takes Some Knocks (Dark Reading) Researcher at Black Hat USA will reveal Samsung KNOX 2.6 vulnerabilities and bypass techniques, and notes that new KNOX 2.8 may be at risk as well.
Inside a Porn-Pimping Spam Botnet (KrebsOnSecurity) For several months I’ve been poking at a decent-sized spam botnet that appears to be used mainly for promoting adult dating sites. Having hit a wall in my research, I decided it might be good to publish what I’ve unearthed so far to see if this dovetails with any other research out there.
Risk of major database attack, warns Rapid7 (ComputerWeekly) There will be a major database attack in the next year, unless businesses act to put in appropriate protection measures, a security firm has warned
Security Patches, Mitigations, and Software Updates
It's time to update XP, Windows Server 2003 despite Microsoft's emergency patch (CSO Online) Windows XP and Windows Server 2003 are supposed to be dead, but Microsoft's emergency update to address serious vulnerabilities gives organizations another excuse to hang on to these legacy operating systems a little longer.
Most Organizations Not Satisfied with Threat Intelligence (Dark Reading) Information Security Forum survey finds just one quarter of companies surveyed say threat intelligence technology is delivering on its promise.
World heading towards 'permanent cyber war', France warns (The Independent) The world is heading towards a “permanent war” in cyberspace, the head of France’s digital security agency has warned. Guillaume Poupard, director general of the National Cybersecurity Agency of France (ANSSI) said intensifying attacks were coming from unspecified states, as well as criminal and extremist groups. “We must work collectively, not just with two or three Western countries, but on a global scale,” he added, saying attacks could aim at espionage, fraud, sabotage or destruction.
Perception and reality: The role of AI and automated cyber defenses (Help Net Security) New Radware research looks at important global trends as well as intriguing perceptions and nuances among U.S. and European executives.
Radware Survey: C-Suite Trusts AI for Security (Light Reading) Annual survey of top executives globally shows growing support for AI and machine learning over human skills.
Most corporate finance leaders expect to change fraud-fighting strategies (Help Net Security) Vesta Corporation surveyed 155 U.S. senior finance executives to assess their experience with and expectations to change fraud-fighting strategies.
Zangardi: Better Cybersecurity Needs Technology, Talent (SIGNAL Magazine) Improved cybersecurity means a future with better technology and talent, acting DOD CIO John Zangardi shares to close out DCOS.
Struggle is real: UK businesses unprepared for cyber-attack response (SC Media UK) Businesses in the UK are struggling to face the looming threat of cyber-attacks
Cloud bigger than ever, biz suddenly keen to fork out for security. Put 'em together... (Register) Let's just say cloud security on the up - Gartner
Palo Alto Networks Execs: The Security Market Is Ripe For Disruption (CRN) Palo Alto Networks executives said at Ignite 2017 that there needs to be a new security consumption model, one that pushes security-as-a-service offerings instead of on-premise appliances.
One Year Of Kevin Mandia: Partners Say FireEye Is Evolving Under New CEO, But Still Has Work To Do (CRN) On the one year anniversary of Kevin Mandia's appointment as CEO of FireEye, CRN spoke with partners, analysts, and Mandia himself to see how the company has changed (and where it still has to go) under its new leadership.
Wall Street Journal names Darktrace one of the ‘Top 25 Companies to Watch’ (Cambridge Network) News from Cambridge businesses. Network members upload news here about their products, services and achievements.
PaloAlto Networks partners with US Girl Scouts on security skills (ComputerWeekly) Palo Alto Networks is partnering with the Girl Scouts of the USA to develop cyber security badges to foster knowledge of the topic and support interest in the profession
Former Symantec Channel Leads Join Comodo's Global Channel and Business Development Team (PRNewswire) Comodo, a global innovator and developer of cybersecurity solutions...
Cylance Deepens Executive Team to Drive Global Growth (BusinessWire) Cylance® Inc., the company that revolutionized the antivirus industry with AI-powered prevention that blocks everyday malware along with today&rsq
Products, Services, and Solutions
New infosec products of the week: June 16, 2017 (Help Net Security) The infosec products featured this week include BH Consulting, Logitech, Palo Alto Networks, Toshiba, Uplevel Systems, Vera, Vidder and Waterfall Security.
SafeNet Assured Technologies Launches New High Assurance Certificate-Based Authentication Solution for Critical U.S. Government Applications and Networks (PRWeb) High assurance USB authenticator that combines the capabilities of a traditional smart card and smart card reader in one easy-to-deploy device
In Era of Snooping, We Need Unblockable, Impenetrable and Strong Messenger (CoinTelegraph) While traditional messengers have been falling like dominoes, we need a strong messenger platform like Crypviser that can protect us from prying eyes.
FireEye Updates Endpoint Security Suite (Channel Partners) FireEye announced Wednesday new cloud and virtual versions of its endpoint security product along with enhanced capabilities for channel partners. The updates, due early in the third quarter, build on announcements around the company's Endpoint Protection Platform and come on the heels of modest sales growth in the first quarter as FireEye benefited from fear over WannaCry.
Malwarebytes brings new approach to malware detection (ITWire) Security vendor Malwarebytes has released its new, single endpoint agent cloud platform for business.
Android Security Apps for BYOD Users (Dark Reading) With Android-toting employees increasingly infiltrating the workplace as part of the growing BYOD corporate culture, CISOs at large organizations as well as security managers at small organizations face an increasing security challenge.
Technologies, Techniques, and Standards
Two New Ransomware Decryptors Give Victims a Free Out (BankInfo Security) Victims of Jaff and EncrypTile ransomware can take advantage of new free tools from security firms that exploit weaknesses in the malware crypto to forcibly crack
Why Your AppSec Program Is Doomed to Fail & How to Save It (Dark Reading) With these measures in place, organizations can avoid common pitfalls.
CYBERCOM defensive cyber arm adds intel/ops fusion cell (Fifth Domain | Cyber) U.S. Cyber Command's defense cyber arm, JFHQ-DoDIN, has stood up a fusion cell for intelligence and operations.
The Motherboard Bitcoin and Ethereum Primer (Motherboard) Your entry portal to the world of cryptocurrency.
Okay, WTF Is Ethereum? (Motherboard) A beginner’s guide to the world’s second most popular cryptocurrency.
Design and Innovation
Facebook sics AI on terrorist posts, but humans still do the dirty work (Ars Technica) "We don't want Facebook to be used for any terrorist activity whatsoever," says FB.
Facebook deploys AI to fight terrorism on its network (Military Times) Facebook has started deploying its artificial intelligence capabilities to help combat terrorists' use of its service.
The Technology Crutch: How Will Innovative Technology Improve Our Cybersecurity Defenses? (In Homeland Security) One consistent theme throughout Cybertech Fairfax 2017, which took place on Tuesday, June 13, was the critical need for innovative technology that safeguards against cyber intrusion. However, cybersecurity experts warn that as information technology (IT) improves, human interaction will continue to be a primary point of cybersecurity vulnerability unless leaders improve workforce policies and training.
Research and Development
US gov’t taps The Machine to beat China to exascale supercomputing (Ars Technica) US has lagged behind China for years. Can HPE's new architecture help the DoE catch up?
Civil Air Patrol Cyber Summer Camp More Popular Than Ever (Texas Public Radio) A volunteer cyber security expert instructs a class of more than a dozen students clad in military fatigues. This is the Civil Air Patrol's cyber warrior
Legislation, Policy, and Regulation
MHA mulls depts to check radicalisation, cyber crime (The Indian Express) A home official said the ministry considers communal violence, growing radicalisation of youths as emerging threats.
Germany mulls sweeping surveillance bill, crypto backdoors and fingerprinting kids (Boing Boing) Germany mulls sweeping surveillance bill, crypto backdoors and fingerprinting kids
Germany Ready to Undermine Encryption in Terror Fight (Infosecurity Magazine) Germany Ready to Undermine Encryption in Terror Fight. Report suggests legislation could be on its way
Australian push to make decryption easier 'could threaten global internet security' (The Guardian) George Brandis’s proposal criticised by advocates who say it could undermine privacy and free speech
James Clapper calls for 'screening and filtering' of social media (CNET) James Clapper says Silicon Valley has a "responsibility" to work with law enforcement, including opening access to encryption.
James Clapper Says Nerd Magic Can Solve Terrorist Content Filtering, Create Safe Encryption Backdoors (Techdirt.) Former Director of National Intelligence James Clapper went from having a comfortable, shadowy job in a comfortable, shadowy office to being the face of the American surveillance state after the Snowden leaks. Instead of only being periodically...
Erosion of ISP Privacy Rules Sparks New Anti-Snooping Efforts (Threatpost) After lawmakers struck down ISP privacy protections earlier this year, new efforts are underway to help consumers win back control of their personal information from their service providers.
BAE sold mass surveillance equipment to Saudi Arabia, Qatar and Algerian regimes that could be used against UK (The Independent) British arms giant BAE Systems has reportedly made huge sales of sophisticated surveillance technology to repressive regimes across the Middle East, which could be used to threaten the UK’s own national security.
EXCLUSIVE: NBC News looks inside Cuba's military cyber command (NBC News) Cubans worry President Trump's restrictions on U.S. travel will hurt their economy — and also harm cooperation with the U.S. on cybersecurity.
The Executive Branch Takes Stock of Data Security (Infosecurity Magazine) If department heads are held accountable for their agencies data security, what will the assessments show?
Joint Chiefs: 70 Percent of U.S. Cyber Command Force Teams Are ‘Fully Operational’ (Executive Gov) Seventy percent of U.S. Cyber Command’s Cyber Mission Force teams have reached initial operating cap
Litigation, Investigation, and Law Enforcement
Senators seek answers on alleged NSA leaker’s security clearance (TheHill) McCaskill: 'We need to determine ... if we missed any red flags.'
Jeh Johnson, former DHS chief, to testify before House Intel Committee (CBS News) Jeh Johnson led the Department of Homeland Security amid Russian cyberattacks against last year's presidential election
GOP Rep: Let's call controversial antivirus expert Kaspersky to testify (TheHill) Also offers Pyongyang's malware programmers a chance to testify about Wanna Cry, should they so want.
Interpol Says There Really Are Dark Web Rhino Horn Traffickers (Motherboard) One of the dark web’s most pervasive myths may have an element of truth behind it.
Booz Allen Hamilton Says It Is Under Federal Investigation (New York Times) The Virginia-based consultant said the Justice Department is reviewing its billing procedures in a civil and criminal investigation.
It’s criminal charges and leg shackles for man who shared Deadpool on Facebook (Ars Technica) A single Facebook post resulted in 5 million views and a federal investigation.
Police Arrest Owner and Six Customers of Malware Crypter Service (BleepingComputer) Europol announced today that police across Europe arrested six users who were customers of a malware crypter service and a counter anti-virus platform developed by a 22-year-old German man.
UK Hacker Pleads Guilty to Stealing US Satellite Data (Infosecurity Magazine) UK Hacker Pleads Guilty to Stealing US Satellite Data. Sean Caffrey admitted hacking DoD user account details