Cyber Attacks, Threats, and Vulnerabilities
Perry: Hacking threat to US nuclear reactors 'real,' ongoing (Fifth Domain | Cyber) Energy Secretary Rick Perry said Tuesday that "state-sponsored" or criminal hackers are targeting U.S. nuclear power plants and other energy providers, but said the government has resources to safeguard the nation's electric grid.
Was Petya a Cover-Up for Prior Attacks? (Booz Allen Hamilton) Analysis of malicious M.E.Doc updates tied to the Petya suggest that the ransomware that wreaked havoc on Ukraine provided cover for traditional espionage.
Telebots Group may have used PETYA variant to destroy evidence of long-term campaign. (Booz Allen Hamilton Cyber4Sight®) The Booz Allen Cyber4Sight® threat intelligence solutions team investigated the Script2Exe-compiled TeleBots backdoors identified by ESET researchers and identified evidence that suggests that the TeleBots actors may have compromised the MEDoc update service with the goal of performing more traditional intrusion activities across multiple organizations.
EternalBlue vulnerability scanner statistics reveal there are exposed hosts worldwide (Help Net Security) EternalBlue vulnerability scanner statistics show that after the NotPetya attack, people's awareness of the threat did increase.
Recent cyber attacks out to sow distrust: Darktrace (Techgoondu) This new trend in digital attacks is sowing distrust, leading people to lose confidence in organisations and businesses, according to cyber security firm Darktrace.
Industrial control security practitioners worry about threats ... for a reason (WeLiveSecurity) Recent research from the SANS Institute confirms that security of industrial control systems is increasingly seen and understood to be a serious issue.
IOT Security Risks Begin With Supply Chains (GovTechWorks) The Internet of Things (loT) greatly expands the attack surface of federal networks – and many connected components may be purchased outside of the normal technology supply chain. Developing standards and best practices is essential to balancing the power of IoT with government’s growing security needs.
Millions of Verizon customer records exposed in security lapse (ZDNet) Customer records for at least 14 million subscribers, including phone numbers and account PINs, were exposed.
Verizon Suffers Cloud Data Leak Exposing Data on Millions of Customers (Dark Reading) Six million of Verizon's US customers had their personal and account information exposed, including PIN numbers.
Exposed Verizon customer data could be a shortcut for hijacking many online accounts (Help Net Security) Names, phone numbers, and account PINs of some 14 million Verizon customers have been found exposed on an unprotected "bucket" on an Amazon AWS server.
One Backdoor in the Amazon Cloud That Companies Frequently Leave Unlocked (Observer) How good websites do bad.
Bupa Suffers Data Breach (Infosecurity Magazine) Data includes the names, dates of birth and nationality of customers
Magala Trojan Uses Virtual Desktops to Secretly Click on Search Results Ads (BleepingComputer) A new click-fraud trojan is infecting Windows computers and using virtual desktops to click on ads in search results to earn a profit for its creator(s).
New Point-of-Sale Malware LockPoS Hitches Ride with FlokiBot (Threatpost) Botnets distributing FlokiBot point-of-sale malware are back in business spewing a new malware dubbed LockPoS.
Examining CVE-2017-9791: New Apache Struts Remote Code Execution Vulnerability (TrendLabs Security Intelligence Blog) The Apache Struts framework is useful for building modern Java-based web applications, with two major versions, Apache Struts 1 and Apache Struts 2, released so far. Support for Apache Struts 1 ended in 2008 with the adoption of Apache Struts 2, which reached its first full release at the start of 2007. A Struts 1 plugin is available that allows developer to use existing Struts 1 Actions and ActionForms in Struts 2 web applications. A vulnerability has been found in this plugin that could allow remote code execution on the affected server, if used with Struts 2.3.x. (Versions 2.5.x are not affected.)
The Second Most Popular Mac Malware Is a Cryptocurrency Miner (BleepingComputer) According to statistics released by Symantec today, the second most widespread Mac malware today is a cryptocurrency miner called DevilRobber, which saw a huge spike in activity last month.
SAP E-Recruiting: Is Your Recruitment Application Secure? (Bowbridge) New research shows most implementations of E-Recruiting, the SAP recruitment application, are highly vulnerable to cyberattack. See if your company is at risk.
New SQL Injection Tool Makes Attacks Possible from a Smartphone (Dark Reading) Recorded Future finds new hacking tool that's cheap and convenient to carry out that old standby attack, SQL injection.
PSA: Don't Open SPAM Containing Password Protected Word Docs (BleepingComputer) I wanted to alert everyone of a new malware distributing SPAM that I just received that contains a password protected Word document, which pretends to be about a payment I would be receiving shortly. As I always love free money, I had to take a look and see what I was getting for free.
WhatsApp in the NHS: symptomatic of a few poor choices, or a chronic problem? (Computing) Web-based contextual communications can replace existing unified communications tools to aid traceability and raise security at work
Businesses warned of insider cyber threat (Financial Review) While companies focus on external cyber threats, the risks presented by employees and contractors within their own walls cannot be ignored.
24% of companies suffered data breaches by former staff members (Infosecurity Magazine) Study finds businesses fail to adequately protect networks from potential threat posed by ex-employees
Security Patches, Mitigations, and Software Updates
SAP Patches High-Risk Flaws in SAP POS, Host Agent (Threatpost) SAP fixed 23 vulnerabilities across roughly a dozen products on Tuesday, including a series of high-risk flaws in SAP POS and SAP Host Agent.
Uber Patches Authentication Bypass Vulnerability on Custom SSO Solution (Threatpost) Uber patched an authentication bypass vulnerability in its homegrown SSO solution that allowed attackers to take over subdomains and steal session cookies.
Microsoft releases Windows 10 build 15063.483, 14393.1480 and 10586.1007 - here's what's new (Neowin) Today is Patch Tuesday, which means that it's time for Microsoft to release cumulative updates for all versions of Windows 10, including builds 15063.483, 14393.1480, 10586.1007, and 10240.17488.
Cyber Trends
Half of Corporate Web Apps Contain Flaws That Are at Least a Year Old (eWEEK) A WhiteHat Security study finds that corporate web applications have fewer security flaws overall this year, but more than half of the flaws remain unfixed for at least a full year.
Look at the Past to Fight Today’s Attacks (Infosecurity Magazine) Even with stringent controls and up-to-date security software, malicious actors are adept at breaking through barriers.
Security analytics and operations are becoming more difficult (Help Net Security) Organizations are facing more cybersecurity challenges than ever, but 72% are experiencing more challenges now than 2 years ago despite increased spending.
Which countries are most exposed to cyber threats, surveillance? (Fifth Domain | Cyber) It’s difficult to determine the net level of exposure of individuals and organizations globally, and until recently, few tried.
Mauritius, Rwanda and Kenya – Africa's top cybercrime fighters (ITWeb Africa) The Global Cybersecurity Index 2017 has placed Mauritius, Rwanda and Kenya as the top three countries in Africa that have a sustainable framework in fighting cybercrime.
One in four will consider not voting in elections due to cybersecurity (TheHill) Twenty-seven percent of voters say that cybersecurity will influence their decision whether to vote, according to a new report from the cybersecurity firm Carbon Black.
Security specter still haunts cloud computing (GCN) Security for cloud services is improving, but some significant hurdles remain, security experts say.
Marketplace
ZeroFox secures $40m Series C to help manage social media risk (TechCrunch) ZeroFox, a startup that helps companies manage social media risk including scams, malicious links and account hijacking, announced a $40 million Series C..
Cybersecurity co Deep Instinct raises $32m (Globes) The Tel Aviv based startup says it is the first company to apply deep learning to cybersecurity.
Nvidia Invests In Deep Instinct, A Deep Learning-Based Cybersecurity Startup (Tom's Hardware) Nvidia announced that it invested in "Deep Instinct," an Israeli company that uses deep learning technology to detect 99% of cyber threats.
OwnBackup grabs $7.5M Series B investment for SaaS data backup service (TechCrunch) One of the great advantages of the cloud is that your vendor is supposed to takes care of all the hard management bits for you -- including backup. While..
Behind the scenes with Tezos, a new blockchain upstart (TechCrunch) With a whopping $200m raised (at current btc and eth prices) Tezos breaks all Initial Coin Offering records to date. That’s saying something given over $1..
Cisco acquires network security startup Observable Networks (TechCrunch) Cisco has made another acquisition in the enterprise security space -- underscoring the ongoing market demand for security services amid a growing threat of..
Booz Allen Hamilton wins $40 million BPA to enhance DoD cybersecurity automation (Military Embedded Systems) McLean, Va. Defense Information Systems Agency (DISA) officials selected Booz Allen Hamilton for a $40 million single-award Blanket Purchase Agreement to help improve Department of Defense (DoD) cybersecurity and risk management using automated security solutions for the agency’s Enterprise Mission Assurance Support Service (eMASS).
Post-Breach Share Prices Plummet Below NASDAQ Average (Infosecurity Magazine) An analysis shows that Apple, Home Depot and others have under-performing stocks after high-profile breaches.
Look beyond job boards to fill cybersecurity jobs (CSO Online) The cybersecurity staffing shortage is reaching crisis proportions, and companies are looking beyond the traditional channels of job boards and headhunters to find and hire new talent. Here are some of the unconventional ways companies are identifying talent.
Majority of IT Security Professionals Work Weekends (Dark Reading) A survey finds that 57% of IT security professionals work weekends, and most say they still find their jobs rewarding.
Symantec Corporation (NASDAQ:SYMC) Looking To Sell Website Certification Unit (Market Exclusive) Reports indicate that Symantec Corporation (NASDAQ:SYMC) is considering plans to dispose of its web certification business potentially earning the cybersecurity company over $1 billion. The move could also extricate the cybersecurity firm from an ongoing feud with Google’s parent company, Alphabet Inc (NASDAQ:GOOGL).
Sun Valley: Verizon Chief Shoots Down Disney Purchase Reports (Variety) Verizon CEO Lowell McAdam didn’t mince words when asked if the telecom giant will buy Disney. “No,” was his blunt response when peppered with questions…
Apple to Build China Data Center to Meet New Cybersecurity Law (Wall Street Journal) The iPhone maker will begin storing all cloud data for its customers in China with a government-owned company—a move that means relinquishing some control over its data.
GDPR is Stifling Innovation, Says Infosec Community (Infosecurity Magazine) New regulation could encourage organizations to cover up security breaches, survey finds
Forcepoint Expands Brand Campaign to Emphasize the Human Side of Cybersecurity (PRNewswire) Introduces "Protecting the Human Point" to mainstream audiences
Corero Announces Edinburgh Office Expansion to fuel DDoS Research & Development (Corero) Corero Announces Edinburgh Office Expansion to fuel DDoS Research & Development
Focal Point Data Risk Appoints Yvette Connor as Chief Risk Officer (Focal Point) Connor leads Focal Point’s Executive Risk Consulting practice, bringing an extensive background including more than 20 years of strategic risk management experience
Products, Services, and Solutions
eSentire Launches Next-generation Logging and Event Management Platform for Managed Detection and Response (MDR) (Marketwired) Purpose-built cloud platform MDR integration empowers elite eSentire security analysts to hunt and kill threats in real-time
WPS Customers Prepared for Petya Ransomware as Virus Infects PCs Globally (Marketwired) Impact of Ukrainian borne virus reduced by business users of WPS Office
RedSeal Further Expands Its Hybrid Datacenter Modeling Capability with Seamless Integration with Cisco ACI (Marketwired) Security teams will gain holistic view of their entire network and boost productivity
AsTech Expands Paragon Security Program Guarantee Against Data Breach-Related Costs to $5 Million (AsTech) AsTech has announced today that that the company is expanding its hallmark Paragon Security Program warranty to $5 million.
Tanium Improves EDR With Threat Response Security Platform (eWEEK) Tanium updates its endpoint detection and response capabilities with a new offering that combines multiple security features to help rapidly find and deal with issues.
Akamai Delivers Cloud-Based Security, Powered by Smart Algorithms, To Thwart DNS, Malware Attacks (Integration Developer News) Akamai Technologies, well known for high-performance content delivery over the Internet, is leveraging that knowledge to deliver a high-impact security service from the cloud. IDN talks with Akamai’s Frank Childs to learn how its Enterprise Threat Protector thwarts DNS, malware and bot attacks.
Kaspersky offers cyber-protection for Kamaz (Telecompaper) Kaspersky Laboratory has started providing cyber-protection services for the Russian automotive company Kamaz. Kaspersky Endpoint Securityfor businesses has been integrated into the corporate network of the automotive company. The project was carried out by the company Softline, a partner of Kaspersky Laboratory.
Hoboken's eMazzanti Technologies Brings Customer-tracking Guest Wi-Fi to Area Retailers (Benzinga) A NYC area retail technology consultant and MSP shows how high-tech guest Wi-Fi can boost sales for retailers by tracking customers to generate real-time offers on customer's devices—in a new article on the eMazzanti Technologies website.
Gemalto kiosks help retailers authenticate customer ID for branded credit cards (BiometricUpdate) In a Q&A interview with FierceRetail, Gemalto’s SVP of banking and payments, Paul Kobos, discussed how the company’s biometrics-based, self-serve credit card kiosks can help retailers authentic…
Thales provides database encryption solution for Beyond Platform's peer-to-peer lending service (PRNewswire) Thales, a leader in critical information systems, cybersecurity and...
Grab offers hackers bug bounty (Tech in Asia) Grab is offering rewards of up to US$10,000 to hackers who are able to identify security weaknesses in its ride-hailing platform.
Atlassian launches public bug bounty with Bugcrowd (ZDNet) The economics of bug bounties are too overwhelming to ignore, Atlassian's head of security says.
Bitdefender Home Scanner: Scan your Home Network for vulnerabilities (The Windows Club) Bitdefender Home Scanner scans your home for all kinds of network vulnerabilities. This tool can take out security flaws and weaknesses of your network.
Technologies, Techniques, and Standards
NIST pulling together best practices for boosting federal cyber workforce (Fifth Domain | Cyber) The National Initiative for Cybersecurity Education has released a request for information document asking for ideas and viewpoints on efforts to educate and train a cybersecurity workforce.
Why linguistics can't always identify cyber attackers' nationality (CSO Online) The security whodunnit: analyzing the language used in an attack is just one tool to assign attribution, and it’s not always reliable.
Your industrial control system is vulnerable to cyber attack (PLANT) Manufacturers beware – your industrial control systems (ICS) are vulnerable to cyber attack. Isolation as a complete security solution won’t work.
Decrypted: Emsisoft Releases a Decryptor for NemucodAES Ransomware (BleepingComputer) Fabian Wosar of Emsisoft has been able to crack the decryption used by the NemucodAES ransomware so that victims can get their files back for free. This guide will walk you through using the decryptor and provide a brief explanation on the NemucodAES Ransomware.
4 ways to avoid the next Petya or WannaCry attack (CNET) These tips will keep your computer safe from the next wave of ransomware.
Exploit attacker playbooks to improve security (CSO Online) Rick Howard lines up a Security Slap Shot on improving security by going after attacker playbooks.
Backup Scripts, the FIM of the Poor (SANS Internet Storm Center) File Integrity Management or "FIM" is an interesting security control that can help to detect unusual changes in a file system. By example, on a server, they are directories that do not change often.
The Rise of Ransomware is Far From Over, How to Fight Back (Shaun Murphy) It seems like ransomware attacks are becoming more and more common. This is not surprising because in the grand scheme of things for cyber criminals this type of attack is one of the easiest, simplest and most lucrative to execute.
Security by Obscurity [Infographic – Updated Q2 2017] | (The SiteLock Blog) When businesses, especially SMBs, take the...
Companies must hire a CISO to address cyber threats at the executive level (Financial Review) Many top listed companies have hired specialist cyber security executives, others are yet to have the epiphany.
CISOs Should Build Situational Awareness to Thwart Cyber Threats: Study (CXO) CISOs and IT leaders in India should hone their situational awareness skills in order to better defend their organizations against cyber threats, said cyber security solutions firm Fortinet.
Incident Response in Government (FederalNewsRadio.com) How cyber incident response benefits from orchestration
BEC scams: How to avoid them and how to fight back (Help Net Security) Companies might not want to be just sitting ducks for BEC scams, and do their part to actively frustrate and discourage scammers now, and in the future.
How Active Intrusion Detection Can Seek and Block Attacks (Dark Reading) Researchers at Black Hat USA will demonstrate how active intrusion detection strategies can help administrators detect hackers who are overly reliant on popular attack tools and techniques.
How IoT Device Discovery and Activity Detection can Work (Infosecurity Magazine) IoT device discovery offers a critical foundation to an IoT security solution.
Design and Innovation
DoD sends industry its cyber wish list (Fifth Domain | Cyber) In a notice this week, the Pentagon provided a variety of technologies it desires in the cyber realm.
The Fraud Management Solution: Biometrics (PYMNTS.com) Teach a man to phish and he’ll launch a phishing attempt every 30 seconds for the rest of his life. So what can businesses do to keep customers from biting, yet still provide a convenient platform for them to conduct digital payments and financial services? Customers want to conduct these activities through a digital portal, […]
Here’s How Comics Can Boost Cyber Training (Nextgov) A DHS grantee created a web comic template for cyber training.
Research and Development
China makes quantum leap forward by 'teleporting' data from Tibet to satellite (The Sydney Morning Herald) The breakthrough gives China a significant edge in developing unbreakable codes.
Google pays academics millions for key support (Times (London)) Google has paid millions of dollars to academics at British and American universities for research that it hoped would sway public opinion and influence policy in favour of the tech giant. A...
IARPA wants to know when someone tries to trick biometric scanners (C4ISRNET) SRI will develop "dynamic biometrics" that can detect attempts to evade or deceive biometric systems such as fingerprint, iris and face scanners.
Academia
ASUMH faculty recently speaks at Community Cyber College Summit (The Baxter Bulletin) Conference helps educators with best practices on what's been used in technology
Legislation, Policy, and Regulation
Cyber security: What the new ECB requirements mean (Director of Finance Online) Palo Alto Networks' Greg Day explains what the European Central Bank's (ECB) new cyber security requirements mean for your business.
The country with the world’s best cybersecurity is planning a new law to license hackers (Quartz) Hacking without a license will land you two years' jail and a fine of up to $36,000
GDPR, the Cloud, and Government Spying (AlienVault) Infosecurity 2017 took place against a backdrop of change; so much change in fact, that some might call it chaos. The deadline for the GDPR moves ever-closer, but the British government is in a state of disarray at a time when negotiations to leave the EU are underway, all while it’s trying to increase its surveillance capabilities as well.
How Saudi Arabia Botched Its Campaign Against Qatar (Foreign Affairs) The best hope for Saudi Arabia and its allies is that some face-saving resolution to the conflict with Qatar can be found.
Why Mexican Security is Crumbling – and How That Matters Here (The Cipher Brief) Mexico was ranked the most-worsened country this year on the Fund for Peace's Fragile States Index (FSI), tying with Ethiopia for the bottom spot.
If FCC gets its way, we’ll lose a lot more than net neutrality (Ars Technica) Beyond no-blocking rules, Title II plays big role in overall consumer protection.
Senators call on Army undersecretary nominee to get new tech to soldiers faster (Army Times) The Army may be in a readiness crisis, Sen. John McCain said Wednesday, but the Senate is reluctant to pour more money into the service as it blows billions of dollars on failed acquisitions programs.
NHS trusts handed extra £21m to improve IT security as Department of Health responds to CQC review (Computing) Government accepts all ten of Dame Fiona Caldicott's recommended data security standards
NHS systems to be strengthened after cyber attack (Financial Times) Ministers announce new funds and seek to make hospital heads more accountable for IT
German military aviation command launches cyber threat initiative (Reuters) The German military's aviation safety chief has launched a new initiative against cyber threats, citing research that he said shows hackers can commandeer military airplanes with the help of equipment that costs about 5,000 euros ($5,700).
Where Trump’s FBI nominee stands on tech’s hot privacy issues (TechCrunch) While questions about Russia attracted more initial scrutiny at his Senate confirmation hearing today, Trump's proposed James Comey replacement Chris Wray did..
Litigation, Investigation, and Law Enforcement
Duma passes bill on protection of Russian state data networks (Newsline) Russia’s lower house has approved a bill that defines which of the country’s informational infrastructure is to be considered critical, while setting a maximum sentence of 10 years imprisonment for hackers that attack it.
Kaspersky axed from governmentwide contracts (FCW) Russian cybersecurity vendor Kaspersky Lab has been taken off key government contract vehicles NASA SEWP and GSA Schedule 70 as part of an overall move to address possible risks posed by the firm.
Kaspersky claims that it's 'a pawn in a geopolitical game' after US government de-listing (Computing) 'Kaspersky has no ties to any government, and has never helped any government with cyber-espionage,' argues company
Kaspersky Lab says it has become pawn in U.S.-Russia geopolitical game (Reuters) Russian cyber security firm Kaspersky Lab, reacting to a U.S. government move restricting its activities, said on Wednesday it had fallen victim to U.S.-Russia global sparring while the Kremlin criticized the U.S. action as politically-motivated.
Islamist extremism funded by donations from public (Times (London)) Hundreds of thousands of pounds in small donations from within the UK are the main source of income for some Islamist extremist organisations, according to a secret government report. Extremists...
New Information In A Bizarre Story About A Quest To Hunt Down Hillary Clinton’s Deleted Emails (The Daily Caller) New details have emerged about a Republican opposition researcher's failed attempt to get Hillary Clinton deleted emails from Russian computer hackers who claimed to have the documents. Earlier thi
Dershowitz: Did Donald Trump Jr. commit a crime or merely political sin? It depends (Fox News) The entire issue of alleged collusion with, and interference by, the Russians should be investigated openly by an independent nonpartisan commission, rather than by a prosecutor behind the closed doors of a grand jury.
Alan Dershowitz: Who will guard the guardians? (Washington Examiner) James Comey should be rebuked by the Justice Department for violating their rules, but there isn't enough evidence at the moment to warrant...
Russians told to log in to Pornhub using verified social media accounts (Naked Security) Russians need a passport to get a SIM card, a cell number to get a VK account, and the VK account to log into Pornhub. What’s behind this new requirement?
Sophos joins global alliance to fight the cybercrooks (Sophos) Along with law enforcement, educational institutions and financial organizations, Sophos becomes part of the Global Cyber Alliance.
Creators of dark web chat room arrested for facilitating child abuse (HackRead) Brett McBain, 51 and David Buckley, 54 were arrested for creating a dark web chat room called £1TheOtherPlace which was used to share images of children be
EFF offers legal advice to researchers at Black Hat, B-Sides and DEF CON (Help Net Security) Security researchers attending Black Hat, B-Sides and DEF CON can visit the EFF booths to have their research-related law questions answered.
‘Share Until This Pig Is Caught’: Germany’s Far Right Hunts an Innocent Man Online (Motherboard) A right-wing Facebook page started a witch hunt by claiming that a protester had blinded a policeman at the G20 protests.