Cyber Attacks, Threats, and Vulnerabilities
Ukraine scrambles to contain new cyber threat after 'NotPetya' attack (Reuters) The Ukrainian software firm used to launch last week's global cyber attack warned on Wednesday that all computers sharing a network with its infected accounting software had been compromised by hackers.
Ukraine says it foiled 2nd cyberattack after police raid (Fifth Domain | Cyber) Ukraine's national cybercrime unit seized servers belonging to a small company at the center of a global outbreak of malicious software after "new activity" was detected there, the service said in a statement early Wednesday.
[Statement by Interior Minister Arsen Avakov] (Facebook) Сьогодні спеціальні агенти департаменту кіберполіції, разом з фахівцями СБУ та міської прокуратури - припинили другий етап кібератаки Petya.
Updates to NotPetya Lead to Server Seizure at Ukrainian Software Firm (Dark Reading) Police seized servers from Ukraine's Intellect Service as the country scrambles to control a cyberattack allegedly conducted by advanced hackers.
The MeDoc Connection (Talos Blog) The Nyetya attack was a destructive ransomware variant that affected many organizations inside of Ukraine and multinational corporations with operations in Ukraine.
Backdoor built in to widely used tax app seeded last week’s NotPetya outbreak (Ars Technica) Operation that hit thousands was “thoroughly well-planned and well-executed.”
NotPetya authors prove that they can decrypt some files - but analysts think it's a false lead (Computing) The hackers took the money, but didn't run.
Hackers Linked to NotPetya Ransomware Decrypted a File for Us (Motherboard) The hackers successfully decrypted a file provided by Motherboard, but that does not necessarily mean victims will be able to get their files back.
NotPetya Group Moves All Their Bitcoin, Posts Proposition on the Dark Web (BleepingComputer) The person or group behind the NotPetya ransomware has made its first move since the outbreak that took place eight days ago.
Firms struggling to get back to business after NotPetya struck (SC Media UK) AP Moller-Maersk, WPP, Reckitt Benckiser and FedEx are struggling to resume normal operations following the NotPetya ransomware attack.
Protecting your fleet from a cyberattack (Freight Waves) Nothing can prevent attacks which can cripple businesses for weeks, but simply steps do help
Reckitt Benckiser blames NotPetya outbreak for £100m revenue loss that took down key applications and systems, and disrupted factories (Computing) Consumer goods giant admits that some factories still haven't recovered from NotPetya a week after the attack
Saint-Gobain officials say global cyber attack missed Granville plant (Manchester Newspapers) Corporations in countries throughout the world were infected last week by a malicious software known as ransomware, including the French-based manufacturer Saint-Gobain, but the Granville branch was not affected. Called NotPetya, because initially it looks like a ransomware named Petya, the ransomware locks down computers, prohibiting all access. In this instance …
Germany warns of Russian cyberattacks ahead of election (Fifth Domain | Cyber) The head of Germany's domestic intelligence agency and Germany's interior minister warn that Russia is engaged in hacking attacks and that officials "assume there will be such attempts on Germany" ahead of national elections on Sept. 24.
The Same Twitter Bots That Helped Trump Tried to Sink Macron, Researcher Says (Motherboard) Emilio Ferrara analyzed pro-Trump bots during the 2016 election and found a link to anti-Macron bots in 2017.
Threat Actors Target Chinese Language News Sites (Threatpost) Citizen Lab investigates the targeting of Chinese language news websites in a phishing attack that leveraged the NetWire remote access Trojan.
Insider Information: An intrusion campaign targeting Chinese language news sites (The Citizen Lab) This report reveals a campaign of reconnaissance, phishing, and malware operations that use content and domains made to mimic Chinese language news websites.
Struggling with Cyber: A Critical Look at Waging War Online (War on the Rocks) If media coverage is to be believed, we are in the midst of a cyberwar with daily attacks occurring across several theaters. Between dropping “cyber-bombs”
Libgcrypt ‘Sliding Right’ Attack Allows Recovery of RSA-1024 Keys (Threatpost) GnuPG recently patched cryptographic library Libgcrypt, preventing a local side-channel attack; something that could have allowed full key recovery for RSA-1024.
South Korean bitcoin exchange hacked, user accounts plundered (Help Net Security) Bithumb, a South Korean bitcoin and ether exchange, has suffered a data breach that resulted in customer losses potentially reaching billions of won.
How did some Ethereum users find themselves with empty wallets? (Naked Security) There’s nothing you can do to protect yourself if domain admins haven’t taken some necessary security steps
How Bitcoin and cryptocurrencies are hurting gamers (pcgamer) Bitcoin has gone from proof of concept to a major alternative financial movement.
Industrial Cyber Security: Why IT & OT collaboration is no longer an option but a necessity (IIoT World) Since the mid-1990s, many industrial companies have interconnected their industrial control systems (ICSs) to improve productivity, maintenance, and safety.
Could Your Industrial Robots Go Rogue? (Supply Chain Quarterly) Cybersecurity experts warn that many robots in factories and distribution centers have outdated software and weak authentication systems, leaving them open to being hacked. An attack could harm companies, products, and even people.
Threats to Linux IoT devices on the rise (iTWire) Malware detected by the security firm WatchGuard Technologies in the first quarter of 2017 indicated that there is a sharp rise in Linux threats direc...
IoT Fuels Growth of Linux Malware (Linux Insider) Malware targeting Linux systems is growing, largely due to a proliferation of devices created to connect to the Internet of Things.
Palo Alto Networks: Evolving Ransomware Is Currently The Biggest Cyber Security Threat (Silicon UK) INTERVIEW: Silicon talks cyber security threats with Aaron Miller, senior technologist at Palo Alto Networks.
Technology: Ransomware Is Just The Latest Trend In Cyber Crime (Fraud Report) In response, individuals, government, and industry developed protection mechanism to address these attacks using solutions like LifeLock, HIPAA, and anomaly reporting and prevention technologies for credit card authorizations.
'Cyber criminals have upped their game' admits worried CIO (Computing) 'I'm wearing eight bullet-proof vests and hoping one of them stops the bullet, and often it's the last one. I'm getting nervous,' says Nick Ioannou, head of IT, Radcliffe Groves Partnership
“Smishing” Isn’t A New Dating Term, But A Scary Text Message Scam On The Rise (Bustle) We all know what phishing is, right?
Report: NHS Doctors Sending Patient Scans via SnapChat (Infosecurity Magazine) Report: NHS Doctors Sending Patient Scans via SnapChat. DeepMind report claims digital revolution has bypassed the Health Service
Experian upgrade causes glitches in service (ComputerWeekly) Credit scoring company recently upgraded its systems and introduced a new mobile app that caused temporary issues for some customers.
Sabre Update on Cybersecurity Incident (PRNewswire) Sabre Corporation (NASDAQ: SABR) issued the following statement...
Security Patches, Mitigations, and Software Updates
July security patch rolling out to Nexus/Pixel devices, factory images & OTAs live (9to5Google) The July security patch is beginning to rollout for Google Pixel and Nexus devices not running the latest Android O developer preview as part of the Beta Program. Still on 7.1.2, this update featur…
Cyber Trends
Latest SANS Survey Finds ICS Security Risks Reach All-Time High (GlobeNewswire News Room) Nozomi Networks, the pioneer in real-time cybersecurity and operational visibility for industrial control systems (ICS), today announced ICS cybersecurity threats are growing and identifying attacks continues to be a major challenge according to the annual SANS Institute ICS survey set to be released next week
Current Trends in Identity and Access Management: July 2017 (Security Intelligence) At the midpoint of 2017, five trends are emerging in the identity and access management, and with these waves comes an opportunity for security teams.
IBM quantifies the benefits of business continuity management for companies suffering a data breach (Computing) Companies with BCM identified breaches almost three months faster,Business Software,Security ,Data breach,IBM,ibm-storage,Business Continuity
Ponemon: Business continuity management vital for data breach recovery (Healthcare IT News) Average cost per lost or stolen record is less for organizations employing BCM, group finds.
66% of US law firms reported a breach in 2016 (Help Net Security) The majority of US-based law firms are not only exposed in a wide variety of areas, but in many cases, unaware of intrusion attempts.
Cloud computing security: This is where you'll be spending the money (ZDNet) As cloud computing moves into the mainstream, companies are looking at new ways of securing their data.
Companies Do More to Prepare for Data Breaches, Employees Still Engage in Risky Behavior (IT Business Edge) Well, here is a glimmer of good news in the world of cybersecurity.
Australia drops four places in UN cyber security top ten (iTnews) Downgraded for "co-operation".
Singapore tops ITU global cybersecurity preparedness index - The Next Silicon Valley (The Next Silicon Valley) The ITU has published the Global Cybersecurity Index 2017 (GCI-2017), which measures the commitment of ITU's 193 member states to cybersecurity
Marketplace
At $30,000 for a flaw, bug bounties are big and getting bigger (ZDNet) Hackers can make a full time living from spotting holes in software and claiming a payout.
Symantec to Buy 'Browser Isolation' Firm Fireglass (Dark Reading) Fireglass's emerging Web security technology will become modular component in Symantec's Integrated Cyber Defense Platform.
Vision Solutions Completes Acquisition of Enforcive Systems (GlobeNewswire News Room) IT Security investment drives a unique convergence of business resilience solutions – high availability, disaster recovery and security – to envelop and protect companies
FTC imposes special provisions on Broadcom's $5.9bn Brocade acquisition (Global Telecoms Business) Restrictions will see Broadcom establish a firewall that will limit Brocade’s ability to access the commercially sensitive data of rival Cisco Systems
The cyber startups working to stop the next big attack (WIRED UK) London's cybersecurity startup scene is booming – here are some of its leading lights
Maryland’s New Center Of Opportunity (Business Facilities) Robust logistics, a highly skilled workforce, a business-friendly environment and available sites makes Harford County, MD a magnet for new projects.
How Cisco is establishing itself as a cybersecurity leader (CSO Online) Cisco demonstrated its commitment to cybersecurity at its annual customer event. Good position, but lots of work ahead.
Illumio to use recent funding for global expansion against cyber threats - SiliconANGLE (SiliconANGLE) Illumio to use recent funding for global expansion against cyber threats - SiliconANGLE
KnowBe4's Record Performance in Q2 2017 Signals Accelerated Demand (Benzinga) Demand for its new-school Security Awareness Training and Phishing Platform drives 17th-straight quarter of growth and 232% year-over-year sales increase.
Corero Network Security wins US contract for cyber security technology (Proactiveinvestors UK) Corero Network Security PLC (LON:CNS) - Corero Network Security has received a US$0.3mln order for its SmartWall Defence System in the US
SolarWinds Participates in 2017 Army Cyber Quest Exercise (GlobeNewswire News Room) Company demonstrates solutions to combat system and network issues during multi-week initiative hosted by the Army Cyber Center of Excellence
CISOs Choose Verodin as Winner of Security Current's Security Shark Tank® New York City (KTEN) Chief Information Security Officers (CISOs) select cybersecurity innovator for its vision
SailPoint Named a “Best Place to Work” for 8th Consecutive Year (BusinessWire) SailPoint, the leader in enterprise identity management, was named a “Best Place to Work” for the 8th consecutive year by the Austin Busin
Blue Cedar Expands European Presence, Appoints Lars Ronning Vice President and General Manager (BusinessWire) Blue Cedar moves to expand its presence outside the U.S. with the appointment of Lars Ronning as VP/GM for EMEA
Former Head of CERT-EU joins EclecticIQ Board of Directors (EclecticIQ) Freddy Dezeure, a pioneer in cyber threat intelligence (CTI) and former head of the European Union Computer Emergency Response Team (CERT-EU), has joined the Board of Directors for EclecticIQ, an industry-leading cyber threat intelligence technology provider.
Retail Cyber Intelligence Sharing Center Names Exec Director (ProgressiveGrocer) Suzie Squier previously worked at RILA
New CSO, CISO appointments (CSO Online) Find up-to-date news of CSO, CISO and other senior security executive appointments.
Products, Services, and Solutions
Microsoft LAPS locks down local admin passwords (SearchWindowsServer) Need more security for users on workstations? Microsoft LAPS gives end users local administrator access for a set time period before the password expires.
Microsoft Says This Magic Ring Could Make Passwords Obsolete (Small Business Trends) Could the days of requiring passwords to log on to operating systems be over? According to Micro...
Egnyte Focuses on Content to Prevent Data Breaches (eSecurity Planet) Egnyte's new data governance service prevents leaks and breaches in distributed, cloud-enabled workforces.
See Which Mac Antivirus Protects Best (and Worst) (Laptop) MacOS is susceptible to everything from Trojans to ransomware, and if you don’t get a security suite, you could be the next victim.
Top 5 Reasons to Protect Your Site Against DDoS Attacks with Incapsula (Small Business Trends) Online security continues to be a concern for all organizations. Not only is it top of mind for ...
Wannacry, Petya, NotPetya, Vault 7, Dark Matter, Show Numerous Key Flaws in Popular Devices (Marketwired) Purism Librem laptops are immune to such threats because of a deeply rooted philosophical difference about security
Virtru Brings End-To-End Encryption To G Suite | Androidheadlines.com (AndroidHeadlines.com |) Google has partnered up with Virtru Corporation to bring customizable end-to-end email and messaging encryption, on both server side and client side, to al
Spot (and Remedy) the Rotten Apple Before It Spoils the SIEM Barrel (Security Intelligence) It can be hard to determine false alarm security events with SIEM solutions. Through IBM's new partnership with AlgoSec, your team has a new tool to help.
Intact Software to distribute Group-IB (IT-Online) Intact Software Distribution has won the distribution rights to Group-IB, which provides high-grade threat intelligence and anti-fraud solutions.
Bitdefender Internet Security 2017 – One of the Most Efficient Security Suites (Game Sinners) With Bitdefender Internet Security 2017 you can truly protect your system
Demisto, Vectra Networks solution reduces security operations workload from days to minutes (Financial News) Demisto, Inc., an innovator in Security Automation and Orchestration technology, and Vectra Networks, a leader in automating the hunt for in-progress cyber attacks, have made available the Vectra Active Enforcement application for Demisto, the companies said.
RSA Identity Governance and Lifecycle Receives Common Criteria Certification (PRNewswire) RSA® Identity Governance and Lifecycle 7.0 (inclusive of applicable service packs) receives Federal certification
Panasonic and partners ready shield for 'internet of things' (Nikkei Asian Review) Package including software, insurance aims to defend against growing cyber threat
Technologies, Techniques, and Standards
Cyber Warfare: How Militaries Defend Themselves Online (Infosecurity Magazine) As hackers make use of increasingly destructive cyber weapons, how are militaries fortifying their digital defences?
Teams Defend Against Simulated Attacks in Cyber Guard Exercise (U.S. DEPARTMENT OF DEFENSE) A weeklong exercise tested U.S. Cyber Command
Allies, Partners Observe Cyber Guard Exercise (U.S. DEPARTMENT OF DEFENSE) More than 40 participants from 22 different countries, including several NATO allies, were invited to observe the complex, advanced training environment of Cyber Guard 2017, a weeklong exercise co-led
Cyber Flag exclusive: What Cyber Command learns from the annual exercise (C4ISRNET) U.S. Cyber Command is applying lessons learned from operations and training exercises to refine the deployment of cyber teams and effects.
All you need to know about the move from SHA-1 to SHA-2 (CSO Online) The PKI industry recommends that every SHA-1 enabled PKI move to the vastly more secure SHA-2. Here's why and how.
In Cybersecurity: A.I. vs. Machine Learning (Bricata) A recent panel of cybersecurity professionals suggested substantial differences between AI and machine learning; where machines still require human intervention to learn.
How to create an effective application security budget (Help Net Security) Here are some helpful tips on how to create an effective application security budget, one that can scale to meet application security and business goals.
GDPR: 12 steps businesses can use to prepare right now (Help Net Security) In this podcast, Darron Gibbard, Chief Technical Security Officer, EMEA, Qualys, talks about the 12 steps businesses can use to prepare for the GDPR.
Could European Data Protection Regulation Give FHIR a Boost? (Healthcare Informatics) New right to data portability requires that personal data be transmitted in a structured, commonly used and machine-readable format
Don't fear GDPR - it's the key to create a culture of secure IT (SC Media UK) Gordon Morrison discusses how GDPR is a once in a lifetime opportunity to overhaul cyber processes.
Security team leadership – the 'X' factor (CSO Online) Cybersecurity headhunter and leadership advisor Stephen Spagnuolo of ZRG Partners discusses how strong fundamental leadership can have a force multiplier effect on info security teams achieving optimal performance. There are several practical and deployable measures that the thoughtful security leader can take to strengthen her/his team's capability.
The evolution and woes of data protection in fin-tech (SiliconANGLE) The evolution and woes of data protection in fin-tech - SiliconANGLE
Advanced Cyber Monitoring (FederalNewsRadio.com) Given the seemingly unending growth in cyber threats – agencies have got to up the game into what might be called advanced cyber monitoring.
Five crucial ways to help keep a system safe from harm (Help Net Security) In order to remain steps ahead of criminal hackers you need to take a preventive approach in protecting information. Here are five crucial suggestions.
How to deal with ransomware: A blue team's reference guide (CSO Online) Ransomware has been around since 2013, but it was the success of CryptoLocker that spawned a booming vertical market for criminals. Last week, as June came to a close, criminals leveraged the fear associated with the Petya Ransomware family to create chaos across the globe.
How to Remove Malware – An Epic Guide (PureVPN Blog) You may probably be aware of cyberattacks and breaches transpiring all around the world. In fact, chances are that you may have also been a victim of an attack, whether you are aware of it or not.
Design and Innovation
Artificial Stupidity: Learning To Trust Artificial Intelligence (Sometimes) (Breaking Defense) In science fiction and real life alike, there are plenty of horror stories where humans trust artificial intelligence too much.
Gunshot detector automatically turns on stingray surveillance devices (CSO Online) A proposed gunshot detection system automatically turns on stingray surveillance devices to identify and track 'perpetrators of gun crime,' but it raises privacy concerns.
Research and Development
Synthetic, Microscopic Fingerprints Turn Tiny Plastic Particles Into Security Keys (Futurism) Researchers have developed a technique for creating unique synthetic "fingerprint" like patterns on tiny plastic particles.
IARPA explores easy-to-use cryptography (GCN) A new program will look at developing tools that architects and programmers can use without having to understand the nuances of specific cryptographic concepts.
Academia
Guide to the top college and university cyber security degree programs (CSO Online) CISOs and CSOs should be heartened by the fact that more colleges and universities are offering academic programs and degrees in cyber security specialties. They are also doing their best to place young professionals into the workforce.
Marshall conducts cybersecurity camp with grant from National Security Agency (West Virginia Record) Marshall University conducted a GenCyber camp after receiving a National Security Agency grant to hold the “first-ever camp of its kind in West Virginia,” according to Joshua L. Brunty, assistant professor of digital forensics and information assurance at Marshall.
Virginia Robotics and Cyber Academy helps teens with disabilities gain technology skills (Richmond Times-Dispatch) Some of the robots climb hills and others tell jokes.
At GenCyber Boot Camp, Memphis students get lessons in coding — and exposure to hot careers (Chalkbeat) Summer camps offered at the University of Memphis provide important training about cybersecurity and coding for that purpose.
Legislation, Policy, and Regulation
Arab states angry over Qatar's dismissal of their demands; Trump calls for constructive negotiations (Military Times) Four Arab nations seeking to isolate Qatar over its alleged support for extremist groups were angered Wednesday by what they said was a "negative" response by the tiny Gulf nation to their demands for ending the crisis roiling the region.
The European Parliament Wants Europeans to Have the Right to Repair (Motherboard) It might soon be easier for Europeans to fix their own electronics.
The World Economic Forum Thinks We Need Better Governance for Blockchain (Motherboard) A new report suggests a framework for international collaboration should be built around the technology.
Cyber-Security Executive Order Implementation Deadlines Near (eWEEK) NEWS ANALYSIS: Security experts provide insight on the impact of President Trump's cybersecurity executive order as the first set of deadlines near.
Air Force 'chronically undermanned' in cyber (C4ISRNET) The Air Force was recently criticized by top congressional leaders for appearing to not retain cyber warriors within the cyber mission force.
Illinois poised to ban geolocation tracking without consent (Naked Security) Great news, right? But is it a waste of time, or a welcome step towards greater privacy?
Litigation, Investigation, and Law Enforcement
NATO cyber center, DHS probe Petya attack (FCW) Kevin Scheid, a 32-year veteran of the DOD and OMB, takes over NATO's Communications and Information Agency as investigations continue into who launched the Petya attack and what to do about it.
Leaks, Lies, and Chinese Politics (Foreign Affairs) Guo Wengui's allegations have signaled the emergence of a new tool in Chinese politics: weaponized leaks.
DNC email server most wanted evidence for Russia investigations (The Washington Times) It is perhaps the key piece of forensic evidence in Russia’s suspected efforts to sway the November presidential election, but federal investigators have yet to get their hands on the hacked computer server that handled email from the Democratic National Committee.
As Mueller builds his Russia special-counsel team, every hire is under scrutiny (Washington Post) The president has sought to cast Robert Mueller’s team as being full of partisan Democrats, based on some members’ donations and past work.
Chinese Police Arrest Ransomware Devs Spreading WannaCry Lookalike for Android (BleepingComputer) Chinese authorities have arrested two men who have distributed a version of the SLocker Android ransomware that was customized to look like WannaCry, the Windows ransom-worm that spread across the world in the middle of May.
No Sanctions for Unintentional, Automatic Deletion of Web History and Related Infomation (Electronic Discovery Law) Eshelman v. Puma Biotech., Inc., No. 7:16-CV-18-D, 2017 WL 2483800 (E.D.N.C. June 7, 2017)
CNN implied threat against redditor over Trump-CNN GIF ignites Internet (Ars Technica) After extracting apology from “HanAs**holeSolo”, CNN reserves right to expose him.
Operators of decade-old Malware-as-a-Service outfit charged (Help Net Security) Ruslans Bondars and Jurijs Martisevs have been charged this week for running a Malware-as-a-Service operation since late 2006.