Cyber Attacks, Threats, and Vulnerabilities
UK parliamentary email compromised after 'sustained and determined cyber attack' (Register) Brute force attack on weak passwords, cracked [less then] 90 email accounts
Parliament cyber-attack 'hit up to 90 users' (BBC News) Fewer than 1% of 9,000 parliamentary accounts were affected, says the House of Commons.
Parliament cyber-attack hits fewer than 90 email accounts (the Guardian) Spokesman says number affected is less than many feared but that investigation is under way into potential data loss
Cyber-attack on UK parliament: Russia is suspected culprit (the Guardian) Fewer than 90 email accounts with weak passwords are believed to have been hacked in ‘sustained’ attack
Parliament cyber-attack: blackmail danger after foreign state hacks MPs (Sundaty Times) MPs and peers have been warned that they face blackmail threats after hackers working for a foreign state launched a “brute force attack” on the parliamentary computer system. More than 10,000...
How hackers hacked the West (Newsweek) Officials said the cyber attack on the U.K.'s parliament targeted vulnerable email accounts and follows a series of similar attacks on other governments.
New Russian Cyber Weapon Can Wipe Out Power Grids (Temporarily) (TrendinTech) A new cyber weapon has been created by the Russian government (with a little help from hackers) that could cause havoc with our electric systems if it gets into the wrong hands. It’s a type …
UK electricity grid cyber-attack risk is 'off the scale' (the Guardian) Energy industry says current threat coming to the fore because of trend towards decentralised power plants
It’s the Russians Wot Done It (Op-ed) (Moscow Times) BuzzFeed's investigation plays into a dominant narrative within the West where "Russia is to blame."
Why So Many Top Hackers Hail from Russia (KrebsOnSecurity) Conventional wisdom says one reason so many hackers seem to hail from Russia and parts of the former Soviet Union is that these countries have traditionally placed a much greater emphasis than educational institutions in the West on teaching information technology in middle and high schools, and yet they lack a Silicon Valley-like pipeline to help talented IT experts channel their skills into high-paying jobs. This post explores the first part of that assumption by examining a breadth of open-source data.
What is BlackTech? Hacker group using leaked Hacking Team tools to steal Asian targets' tech (International Business Times UK) BlackTech hackers are involved in multiple cyberespionage campaigns against targets in Taiwan, Japan and Hong Kong.
Following the Trail of BlackTech’s Cyber Espionage Campaigns (TrendLabs Security Intelligence Blog) BlackTech is a cyber espionage group operating against targets in East Asia. BlackTech’s campaigns are likely designed to steal their target’s technology.
Pro-ISIS group hacks Ohio Governor' site with anti-Trump message (HackRead) Team System DZ, a pro-ISIS (Daesh) hacking group from Algeria is back in the news. This time the group has targeted the government of United States and def
Ohio Governor John Kasich the Latest Target of Cyber-Attack (Infosecurity Magazine) Many Ohio state government websites attacked with defacement
Cyber attack affected Honda networks in North America (AL.com) The WannaCry worm shut down production in a plant near Tokyo this week.
48 Percent of U.S. Companies Using IoT Have Suffered Security Breaches (eSecurity Planet) The cost of those breaches ranged from hundreds of thousands to tens of millions of dollars, a recent survey found.
Hackers threaten cyber attack against S.Korean banks (BGR) A hacker group has threatened a cyber attack against seven major South Korean banks if they do not pay 360 million won ($315,000) in the virtual currency bitcoin. The group, called Armada Collective, has threatened to carry out a distributed denial-of-service (DDoS) attack if the demanded money is not paid by June 26, South Korean news agency Yonhap reported.
Protecting against DoublePulsar infection with InsightVM and Nexpose (Rapid7) After WannaCry hit systems around the world last month, security experts warned that the underlying vulnerabilities that allowed the ransomworm to spread are still unpatched in many environments, rendering those systems vulnerable to other hacking tools from the same toolset.
SambaCry vulnerability to attack Linux! (TechWorld) SambaCry is using a vulnerability in Samba installations to compromise Linux machines and use them as victims in a large cryptocurrency (Bitcoin or Monero or any other currency) mining process, also enables a remote attacker to hack into affected Linux systems.
Someone leaked 32TB of Windows 10 internal builds and source code (HackRead) It looks like Microsoft is in trouble again. This time not for its critical vulnerabilities in Windows operating system but for a massive data leak in whic
Windows 10 source code leaked, Microsoft confirms (SlashGear) Microsoft is dealing with a significant Windows 10 security headache this weekend, as the company has confirmed that a portion of the operating system’s source code was in fact posted online.
Check Point says Fireball malware hit 250 million; Microsoft says no (Ars Technica) Either way, Microsoft assures us that Windows 10 S would have been immune.
Thanks to Word macros, Windows 10 S isn't as secure as Microsoft would have you believe (BetaNews) With Windows 10 S Microsoft has made the bold claim that this locked down version of its operating system is immune to all known ransomware. This may well be true, but that's certainly not to say that Windows 10 S is completely secure. Lock up your Surface Laptop!
New GhostHook attack technique outsmarts Microsoft PatchGuard (Security Brief) CyberArk Labs researchers made the proof-of-concept last week, saying that GhostHook could be a major threat once attackers have control of devices.
Inside NZ's 'ethical hacking' firm and its quest to make systems safer (Security Brief) "For organisations running Windows 7 or older, upgrading to Windows 10 will bring enhancements that help to protect against such vulnerabilities."
Android Marcher Variant Makes Rounds as Adobe Flash Player Update (Dark Reading) Zscaler researchers discover a new variant of the Android Marcher malware, which aims to steal online banking credentials and credit card information.
RAT Vulnerabilities Turn Hackers into Victims (Dark Reading) A small number of Remote Administration Tools have vulnerabilities which can enable attack targets to turn the tables on threat actors.
PRMitM: Attackers Can Hide Password Resets Inside Account Registrations (BleepingComputer) A research paper published by four Israeli scientists details a new attack called PRMitM, or the "Password Reset Man-in-the-Middle," in which attackers hide password reset interactions for a user's legitimate profile inside account registration interactions on another site.
Password Reset MITM: Exposing the need for better security choices (Help Net Security) Attackers that have set up a malicious site can use users' account registration process to successfully perform a password reset on popular websites.
Kaspersky : Attackers Hiding Ztorg Trojan Inside Trojan SMS (Tech ARP) Kaspersky Lab experts have discovered Ztorg apps on the Google Play Store that appear to show cybercriminals trying different ways to get their malware past security – in this case by installing their
Koler Android Ransomware Targets the US with Fake PornHub Apps (BleepingComputer) During the past week, US users visiting adult-themed sites were targeted by ads for a fake PornHub app that contained a version of the Koler ransomware.
Journalists, Activists: Slack Doesn’t Strip Image Metadata (Motherboard) Slack and image metadata may only matter in particular circumstances, but it's always good to know the limits and implications of the tech you're using.
Dating app boss sees ‘no problem’ on face-matching without consent (Naked Security) ‘When you have a bunch of single guys in the office, it goes in that direction’, says Dating.AI founder as he dismisses concerns about scraping other dating apps for faces for users to …
Did you know your superyacht can be cyber-pirated? (Security Brief) white-hat hacker at a recent super-yacht investor conference demonstrated how he took control of a super-yacht’s satellite communications system.
Got Robocalled? Don’t Get Mad; Get Busy. (KrebsOnSecuritiy) Several times a week my cell phone receives the telephonic equivalent of spam: A robocall.
Microsoft Enlists AI in Fight Against Tech Support Scams (eWEEK) The software giant aided the FTC in its recent tech support scam crackdown by setting its AI loose on fraudsters.
Security Patches, Mitigations, and Software Updates
Microsoft Patches Another Windows Defender Bug (Infosecurity Magazine) Microsoft Patches Another Windows Defender Bug. Ormandy found vulnerability which could crash malware engine
Google researcher pokes new holes in Windows Defender (iTnews) x86 emulator in anti-malware causes problems again.
Siemens Patches Vulnerabilities in SIMATIC CP, XHQ (Threatpost) Siemens patched two vulnerabilities in products, SIMATIC CP and XHQ, commonly found in industrial control system setups this week
Google purges private medical records from search (Engadget) The big G has added "confidential, personal medical records of private people" to the list of information it may remove.
Enable Ghost Mode in Snapchat NOW if you want to keep your location private (WeLiveSecurity) Some will find Snapchat's latest feature a bit stalkerish and creepy. Here is how to turn it off and preserve your privacy.
Cyber Trends
The right tools in cybersecurity (Manila Bulletin Technology) If the recent ransomware outbreak tells us something, cybercrimes are exploding through the roof. Having the right tools to prevent malware infection is not enough to keep computers safe.
Marketplace
Bankers Are Hiring Cyber-Security Experts to Help Get Deals Done (Bloomberg) Executives and investors are hiring an unlikely crowd to help them do deals: computer geeks.
CEO of Raytheon's Forcepoint eyes IPO: Boersen-Zeitung (Reuters) U.S. missile maker Raytheon's (RTN.N) cybersecurity unit could thrive were it to be listed separately, the head of the unit, Forcepoint, told German business daily Boersenzeitung in an interview published on Saturday.
Top 100: How Raytheon's big cyber bet is paying off (Washington Technology) Raytheon is known as one of the world's biggest weapons makers but its big bet on cybersecurity is expanding its reputation into another lucrative market area.
Cisco: Set To Rise As A Turnaround Is Close (Seeking Alpha) Cisco Systems has not demonstrated impressive revenue growth over the last years. Currently, the company shows a promising exposure to such attractive segments
KeyW Wins Aviation Collection Services Contract (NASDAQ.com) Awards further extend company's advanced ISR business
Products, Services, and Solutions
New infosec products of the week: June 23, 2017 (Help Net Security) New products for this week include releases from Elastic Beam, Entrust Datacard, Neurotechnology, Raytheon, and Wheel Systems.
Aircraft Systems Connectivity Has Never Been Riskier (iHLS) The increased scope and complexity of connectivity technology on aircrafts and in aviation infrastructure, such
Roqos® Fills the Gap in Parental Controls With Support of Mobile Devices Outside Home (PRNewswire) Roqos, an innovative leader in residential cybersecurity, VPN and...
Tanium: EDR Product Overview and Insight (eSecurity Planet) We review Tanium's EDR solution, which can scale to millions of endpoints with requiring additional infrastructure.
CrowdStrike Falcon Insight: EDR Product Overview and Insight (eSecurity Planet) We review CrowdStrike Falcon Insight, a cloud-based EDR platform that analyzes more than 30 billion endpoint events per day from millions of sensors deployed across 176 countries.
Complex threats? Coordinated response! (Channel Life) Ingram Micro’s Andrew Khan will be highlighting Fortinet’s Security Fabric at this year’s Showcase. Read about it here.
Technologies, Techniques, and Standards
With ransomware, pay up if you want to keep paying (Help Net Security) So there you are, staring at a locked computer screen demanding a ransom. Do you pay? There are really powerful reasons not to.
Look, But Don't Touch: One Key to Better ICS Security (Dark Reading) Better visibility is essential to improving the cybersecurity of industrial control systems and critical infrastructure, but the OT-IT cultural divide must be united.
Inability to correlate network anomalies to process conditions leads to self-inflicted denial-of-service or worse (Control Global) Given how sophisticated hackers are able to bypass cyber security protections such as CrashOverride, viewing the raw process becomes even more important.
Challengers, leaders continue to explore new territory at 2017 Cyber X-Games (DVIDS) PITTSBURG, Pa. – Cyber defenders and leaders explore new challenges while seeking to enhance skills at Cyber X-Games 2017, held June 15-19 at Carnegie Mellon University.
How to Protect Against WannaCry Worm That's Still Wreaking Havoc (eWEEK) Companies need to take steps to prevent against an attack from the WannaCry worm. Inaction is not an option.
How to Remove Vanguard Ransomware (SpywareTechs.com) Vanguard Ransomware Removal Guide and Removal Tool by SpywareTechs. Follow our guide on how to remove Vanguard Ransomware.
Common sense is rare with cybersecurity, and it will be for a long time (CNET) More than a million people still think '123456' is a good password.
Risks, Threats and Adversaries: How to Prioritize (BankInfo Security) From nation states to organized crime and malicious insiders, organizations are under siege from a variety of adversaries and threats. But how do they focus on the
Hacker Lexicon: What is Steganography (Wired) You know all too well at this point that all sorts of digital attacks are lurking on the internet.
Design and Innovation
A Prototype for an Encrypted Uber that Can't Track You (WIRED) Few tech companies can rival Uber in its combination of blurred ethical lines and data-fueled power to invade people's privacy.
Research and Development
Getting Processors to Speak a Unified Cyber Tongue (SIGNAL Magazine) A government-academia collaboration has researchers working to streamline different computer programming languages so that processors can speak in a single cyber tongue.
CIS researchers receive $2.5M NSF grant for cybersecurity (Cornell Chronicle) Four Cornell computer science researchers will receive $2.5 million from the National Science Foundation to develop software tools that will improve cybersecurity.
Academia
Purdue, IU offer wealth of cyber security programs (Terre Haute Tribune Star) In the field of cyber security, Purdue and Indiana universities offer academic programs and research centers.
Television series inspires a Masters of Cyber Security (Voxy) Craig Scoon’s introduction to cyber security began as a burnt-out, unemployed McDonald’s restaurant manager binge watching NCIS on Australia’s Gold Coast. Five years on, he has a Master of Cyber Security (MCS) from the University of Waikato and is working as a Risk Advisory Consultant for the Cyber Team at Deloitte.
Cyberterrorism is on the rise. These California students are learning how to fight it (San Luis Obispo Tribune) High school teams from across the state visited the California Cyber Training Complex at Camp San Luis for the Cyber Innovation Challenge.
Legislation, Policy, and Regulation
Australia asks Five-Eyes partners to ‘tackle encryption' with tech firms (CSO) Australia will push Five-Eyes partners to create laws that make it easier for local intelligence agencies to gain cooperation from US tech firms.
Cyber security set to dominate at 'Five Eyes' meeting in Canada (SBS) Australia’s Attorney General and Immigration Minister are on their way to Canada for the latest intelligence summit.
The 'Five Eyes' Intelligence Network backed by the U.S. and UK are Set to Tackle the Problem of Encrypted Messaging (Patently Apple) On June 19, Patently Apple posted a report titled "The EU Rolls the Dice and Sides with No Decryption, No Reverse Engineering of Communications." Now the U.S. along with the top Commonwealth countries are set to push efforts that are contrary in nature to those proposed by the EU. Today Australia said it will push for greater powers to tackle the use of encrypted messaging services used by terrorists ...
Government seeks greater powers on encrypted messaging (CRN Australia) Will push for greater powers at 'Five Eyes' meeting.
How China's cyber command is being built to supercede its U.S. military counterpart (Cyberscoop) China’s rival to U.S. Cyber Command, the ambiguously named Strategic Support Force, is quietly growing at a time when the country’s sizable military is striving to excel in the digital domain.
China Agrees to Cease Cyber-Attacks on Canadian Private Sector (Infosecurity Magazine) Both countries have agreed to not conduct cyber-attacks that target commercial proprietary data
Australia in new rebuff to Chinese telcos (Telecom Asia) Australia welcomes Chinese business, as long as it’s not in the telecoms sector
House Bill to Restrict Pentagon Contracts With Chinese Telecoms (Washington Free Beacon) The pending House defense bill contains provisions that would restrict the Pentagon from buying equipment from Chinese or Russian telecommunications firms.
German law enforcement gets new hacking powers (Help Net Security) German law enforcement hacking powers have received an update. A new amendment will allow them to use "federal Trojans" to hack into targets' computer.
Senators Push Trump for Answers on Power Grid Malware Attack (WIRED) In one of his first public statements on his priorities as president, Donald Trump promised to develop a "comprehensive plan to protect America's vital infrastructure from cyberattacks."
Senators question Trump’s approach to cybersecurity (Engadget) Senators are calling on Trump to take security action after research finds Russia could wipe out US infrastructure with sophisticated malware.
Election hacking fears turn heat on Homeland Security (TheHill) Growing concerns about threats to U.S. election systems have put the heat on the Department of Homeland Security (DHS) and its efforts to boost national cybersecurity.
Congressional chairmen battle to lead cybersecurity fight (Washington Examiner) Congress has a growing opportunity to lead on cybersecurity after years of playing catch-up, but it remains to be seen which committees will...
Tenable's Yoran offers steps for Congress to fix cyber 'market failure' (Inside Cybersecurity) Tenable Network Security Chairman and CEO Amit Yoran says the nation faces a “market failure” in cybersecurity because of an inability to clearly identify threats from emerging technologies and an integration of cyber and physical operations in industry and consumer products, and is suggesting specific steps lawmakers can take to help alleviate these risks.
Litigation, Investigation, and Law Enforcement
Manchester Arena killer Salman Abedi used YouTube to build bomb (Times (London)) The Manchester suicide bomber used videos from YouTube and other websites to help to build the device that killed 22 people, The Times has learnt. Salman Abedi viewed clips on YouTube, Google’s...
Trump acknowledges Russian meddling in tweet criticizing Obama (CBS News) Obama "knew far in advance of November 8th about election meddling by Russia," the president said
Obama’s secret struggle to punish Russia for Putin’s election assault (Washington Post) The White House debated various options to punish Russia, but facing obstacles and potential risks, it ultimately failed to exact a heavy toll on the Kremlin for its election meddling.
Report: Obama ordered cyber 'implants' for Russian network in response to hacking (USA TODAY) The White House anguished over how and when to report publicly about Russian hacking out of concern it could impact the presidential election.
Docs: Dems Urged Obama to Act on Russia Before Election (Normangee Star) While the Russian Federation investigation focuses on last year’s election, it’s not at all clear that the Trump administration much cares about the security of the next one.
Obama reportedly directed the NSA to infect Russia with cyber weapons to cause ‘pain’ (Business Insider) The National Security Agency infected key Russian networks with remotely-controlled "implants" that would cause "pain and discomfort" if they are ever used, according to a new report in The Washington Post.
Evidence is mounting that Russia took 4 clear paths to meddle in the US election (Business Insider) Russia's interference was a multi-faceted, coordinated, and well-planned campaign aimed at undermining the backbone of democracy.
Today we’ve added a newly declassified documents to a prior post: (IC on the Record) Today we’ve added a newly declassified documents to a prior post:
NSA Fail: Massive Holes Exposed in US Spy Agency Security (Sputnik News) Until the Snowden leaks, the United States had no idea how many people had access to its top secret files.
Virginia Consultant Charged with Espionage (Dark Reading) Federal authorities charged a consultant with espionage for transmitting top secret and secret documents to China.
Bumbling Ex-CIA Officer Charged With Selling Secrets to China (Foreign Policy) A prestigious Chinese think tank provided cover for the intelligence operation that ensnared Kevin Mallory.
Anthem ready to pay $115 million to settle data breach lawsuit (Help Net Security) The Anthem data breach settlement is ready. They will pay $115 million to settle a class-action suit mounted in the wake of the 2015 data breach.
Internet crime: The continuing rise of the BEC scam (Help Net Security) In 2016, FBI's IC3 received a total of 298,728 complaints with reported losses over $1.3 billion. Victims of BEC scams lost larger sums than most others.
FBI: Victims Aren't Reporting Ransomware Attacks (BleepingComputer) Despite being an expanding threat, ransomware infections are rarely reported to law enforcement agencies, according to conclusions from the 2016 Internet Crime Report, released yesterday by the FBI's Internet Crime Complaint Center (IC3).