Cyber Attacks, Threats, and Vulnerabilities
Vault 7: CIA Developed Android Malware That Works as an SMS Proxy (BleepingComputer) WikiLeaks published today the manual of another CIA hacking tool part of the Vault 7 leak series. This tool is referenced internally at the CIA under the name of HighRise and is an Android application for intercepting and redirecting SMS messages to a remote web server.
How CIA Agents Covertly Steal Data From Hacked Smartphones (Without Internet) (The Hacker News) WikiLeaks has unveiled that how CIA covertly steal data from hacked Smartphones using highrise project without Internet
The Unfortunate Many: How Nation States Select Targets (Recorded Future) Every nation is developing cyber capabilities, and each has its own objectives. Threat intelligence helps determine whether your organization is a target.
Analysis | Cyberwarfare has taken a new turn. Yes, it’s time to worry. (Washington Post) Cyber attacks create chaos, and challenge the prevailing international order.
No Free Pass for ExPetr (SecureList) Recently, there have been discussions around the topic that if our product is installed, ExPetr malware won’t write the special malicious code which encrypts the MFT to MBR. Some have even speculated that some kind of conspiracy might be ongoing. Others have pointed out it’s plain and simple nonsense.
Cyber Attack Likely Cost Saint-Gobain 1% of First Half Sales (TheStreet) The French building firm probably lost about $230 million of sales from the cyber attack but said it might make some of them back in the third quarter.
Schumer: nuclear power plants vulnerable to cyber attack (Watertown Daily Times) U.S. Sen. Charles E. Schumer, D-N.Y., said Wednesday that upstate New York’s nuclear power plants are vulnerable to cyberattack.
Experts Warn Too Often AWS S3 Buckets Are Misconfigured, Leak Data (Threatpost) An analysis of Amazon Web Services storage containers reveals troubling trend of misconfigured S3 buckets that leak data.
How did the data of 14m Verizon customers end up online? (Naked Security) Verizon says the loss is ‘overstated’, but if you’re a customer, you might want to change your PIN – just to be on the safe side
Security experts recommend Verizon customers change their PINs (KREM) SPOKANE, Wash. -- Verizon confirmed Wednesday about six million customer accounts were made publicly available.
"Particle" Chrome Extension Sold to New Dev Who Immediately Turns It Into Adware (BleepingComputer) A company is going around buying abandoned Chrome extensions from their original developers and converting these add-ons into adware.
LeakerLocker ransomware threatens to leak victims' smartphone secrets (Computing) Android malware was embedded in two popular apps
751 domains hijacked to redirect visitors to exploit kit (Help Net Security) An unknown attacker has managed to modify the name servers assigned to 751 domains, redirecting visitor to a site hosting the Rig Exploit Kit.
NemucodAES and the malspam that distributes it (SANS Internet Storm Center) During the past two weeks or so, I've noticed a significant increase in malicious spam (malspam) with attached zip archives disguised as delivery notices from the United Parcel Service (UPS). These zip archives contain JavaScript files designed to download and install NemucodAES ransomware and Kovter malware on a victim's Windows computer.
Bupa: Rogue staffer stole health insurance holders' personal deets (Register) Names, phone numbers, emails released into the wild
Bupa Employee Fired After 547,000 Customers' Data Compromised (Infosecurity Magazine) Employee inappropriately copied and removed information from one of the company’s systems
Industrial Robots Vulnerable To Cyberattacks, Study Finds (Industrial Distribution) Recent analysis by security software firm Trend Micro found that the software used to operate industrial robots is often outdated, reliant on weak authentication or based on vulnerable operating systems or libraries.
Gone Phishing: The Top 10 Attractive Lures (Credit Union Times) What are the most-clicked email subject lines for phishing attacks? A new report lists the top 10.
Beware of These Top 10 Phishing Emails. Would You Fall for Them? (Fortune) Always be on guard.
Thieves Used Infrared to Pull Data from ATM ‘Insert Skimmers’ (KrebsOnSecurity) A greater number of ATM skimming incidents now involve so-called “insert skimmers,” wafer-thin fraud devices made to fit snugly and invisibly inside a cash machine’s card acceptance slot.
If you use public Wi-Fi, you've probably put your private info at risk (NBC News) Almost 70 percent of Americans feel their personal information is safe when using a Wi-Fi hotspot — but we've almost all put ourselves at risk.
Study: Backdoors Found on 73% of Compromised Websites (Dark Reading) No such thing as 'too small to hack,' according to research from SMB security provider SiteLock.
Security Patches, Mitigations, and Software Updates
Microsoft Adds Protection Against Process Hollowing and Atom Bombing (BleepingComputer) Microsoft has worked on adding security protections against two forms of code injection techniques known as process hollowing and atom bombing.
Cyber Trends
Improving The Return On Investment Of Identity Governance (Information Security Buzz) Research firm, the Ponemon Institute, recently presented the findings of its study, “Global Trends in Identity Governance & Access Management,” a study designed to understand companies’ ability to protect access to sensitive and confidential information and what they believe is necessary to improve the protection. The report offers several insights and trends have been picked up …
Machine Learning Is Transforming Data Security (CIO) Ever-changing security attacks and the rising volume of threat data make it impossible for security teams to keep up on their own. They need to continuously protect sensitive data without inhibiting business innovation and growth. A data-centric security strategy aided by artificial intelligence will help.
Poll result: What’s stopping Aussies from preparing for cyber attacks? (CRN Australia) We asked, you answered.
Marketplace
CFOs Can Expect Pain When Hit With a Security Breach - Financial Executives International Daily (Financial Executives International Daily) The CFO of cybersecurity company Centrify reveals the shocking cost of a data breach on a company’s bottom line based on recent research.
SC Media asks the industry: Is cyber attack insurance worth it? (SC Media UK) With warnings about stress testing response mechanisms, the Prudential Regulation Authority is putting the insurance industry on notice as to what it expects from the cyber risk market.
Cybersecurity Breaches Have Shed Light On This ETF (Benzinga) Over the past several years, and even months, a spate of high-profile cybersecurity breaches have turned attention to investments focused on the cybersecurity theme, allowing some...
Eugene Kaspersky reassures partners after US feud (CRN Australia) Cyber security founder essentially calls the claims fake news.
Jolera poised to transcend anonymous IT service success (Financial Post) Toronto-based IT solutions provider Jolera focuses its efforts on developing and delivering cloud-based services available by subscription
Teradata Acquires San Diego’s StackIQ to Strengthen Cloud Business | Xconomy (Xconomy) Dayton, OH-based Teradata (NYSE: ]), which has roughly 1,000 employees at its Teradata Labs engineering unit in San Diego, says today it has acquired Stack
Security Startup HyTrust Secures $36 Million (NewsCenter.io) HyTrust announced the close of $36 million in Series E financing. Nine investors participated in the round: Advance Venture Partners, Sway Ventures, EPIC Ventures, Vanedge Capital, Trident Capital Cybersecurity, Cisco Investments, Fortinet, Intel Capital, and VMWare. HyTrust offers IT managers and administrators of virtual infrastructure …
Why 4 Cybersecurity CEOs Are Backing This Carbon Black Vet's New Startup (BostInno) A new cybersecurity startup founded by former Carbon Black CTO Harry Sverdlove and former Endeca exec Peter Smith has come out of stealth mode with $7 million in funding from three venture capital...
If we could just get a word in Edgewise... New kid says it can do data center firewalls better (Register) Upstart exits stealth this week with 'reinvented' protections
Microsoft-Backed Security Startups Outsmart Hackers with Hackers (WIndows Pro) To beat a hacker, you have to think like a hacker, and in some cases, even work with them, according to two Microsoft Ventures’ startups who spoke during the Microsoft Inspire 2017 event this week.
Microsoft is forming a grand army of experts in the artificial intelligence wars with Google, Facebook, and Amazon (Business Insider) Microsoft has gathered 100 AI experts into a new unit within its elite Microsoft Research labs.
Indian firm explores secure quantum communications from Russia (The Economic Times) Moscow, July 13 (IANS) Kolkata-based Srei Infrastructure Finance is currently exploring acquisition of Russian technology emerging from research at the frontiers of science and which will shape the future of computing and cyber security.
GCHQ Launches Second Security Accelerator for Start-ups (Infosecurity Magazine) GCHQ is launching its second cyber security start-up scheme - a nine month programme
Rapid Reaction Technology Office Seeks Cyber Solutions (SIGNAL Magazine) The U.S. Defense Department’s Rapid Reaction Technology Office (RRTO) will conduct a solutions meeting in late October.
A Golden Age in Federal Technology Procurement (SIGNAL Magazine) The National Institute of Standards and Technology's benchmark for encryption modules has seen recent innovation, opening the playing field for competition.
Lockheed Martin officially opens £3m UK Cyber Security Centre in Gloucester (BDaily) Lockheed Martin, the US-headquartered global aerospace, defense, security and advanced technologies company, has opened a £3m Cyber Security Centre in Gloucester.
Why this cloud security vendor is now 100 per cent channel (Channelweb) The vendor was 100 per cent direct less than three years ago. CRN spoke to its channel boss to find out why it is now exclusively channel-focused.
Women necessary in closing cyber security skills gap (Information Age) The issue of the gender gap pervades most industries, but within cyber security the problem is hitting new lows
Hackers can take a hidden test to become mid-grade officers in the US Army's Cyber Command (Business Insider) In the next few months, qualified hackers could undergo "direct commissioning" and become "mid-grade officers" in the Army's Cyber Command.
With cybersecurity in-vogue, GCHQ is hunting for more spies (The Memo) Cybersecurity has never been so sexy.
Singtel moves to boost cyber security talent (iTWire) The parent company of Optus, Singtel, has set up a cyber education portal, called Singtel Cyber Security Experience or CSX, to strengthen Singapore's...
Stephen Moore Joins SecureAuth’s Advisory Board (SecureAuth) SecureAuth Corp., the leader in adaptive access control, today announced the addition of Stephen Moore to its Advisory Board. Moore, the Staff Vice President of Cyber Security Analytics at Anthem, Inc., will provide advice to the SecureAuth team, board and customers on innovative ways to address cybersecurity challenges by addressing white space between security and identity solutions.
Ryan Naraine Joins Bishop Fox as Chief Marketing Officer (PRNewswire) Bishop Fox announced today that Ryan Naraine has joined the firm in the newly...
Products, Services, and Solutions
New infosec products of the week: July 14, 2017 (Help Net Security) New infosec products for this week include releases from Bitdefender, Entrust Datacard, HPE, IDrive Online, Pramati Technologies, and Twistlock.
Aetna Adds Behavior-Based Security to Customer Application (Wall Street Journal) The insurance giant is rolling out a new security measure to its mobile and web applications that will monitor user behavior in real time.
Beyond Platform Achieves Commercial-Grade Security for Peer-to-Peer Lending Platform with Best-in-Class Encryption (Thales) Korea-based, Beyond Platform is an internet-based financial services technology company offering an innovative platform for peer-to-peer (P2P) lending. Beyond Platform entered into a memorandum of understanding with NongHyup Bank (NH Bank) an agricultural and retail bank in South Korea, to develop a mid-level interest loan product: the 30CUT-NH Loan.
BanduraONE™ Global Management Console Launches (PRNewswire) Bandura®, LLC, a trusted cybersecurity innovator and maker of...
Cybersecurity Solutions Provider FoxGuard Protects Nation's Power Grid (PRNewswire) FoxGuard Solutions, Inc. and partner TDi Technologies recently...
DOJ Moves to Get Rid of Passwords via Okta’s Single Sign-On (FedTech) The Justice Department starts to reap the benefits of putting its identity management system in the cloud.
SandBlast Mobile simplifies mobile security (CSO Online) Check Point's SandBlast Mobile fits in between mobile device managers and security event log analyzers, and actually makes it easier to manage the overall security footprint of your entire mobile device fleet.
Forcepoint enhances government IT modernization and security capabilities (Financial News) Global cybersecurity leader Forcepoint has made enhancements and third-party validations that advance the mission of government agencies worldwide to modernize their IT systems and harden cyber defense capabilities, the company said.
Technologies, Techniques, and Standards
US Army Looking to Integrate Network Soldiers with Tactical Units (Defense One) Brigades are working out various ideas at training centers, says the head of the service’s Cyber Command.
EAS-SEC. Oracle PeopleSoft Security Configuration. Part 5: Open remote management interfaces (ERPScan) In most cases, enterprise applications provide functionality for remote administration of the systems as well as access to various technical services. Such services can be available for connection from the Internet, and, in case of unsafe settings, be remotely managed without any authentication procedure.
Expert: Corporate culture may have to change to improve cyber security (Midland Reporter-Telegram) “The situation, as it stands today, is that all companies, all networks, are getting scanned,” said Philip Lieberman, president and chief executive officer of Lieberman Software.
Design and Innovation
Blockchain becoming an integral part of some defence technology (Financial Review) Experts say blockchain's compelling element for military commanders is its distributed node system, with participants being allowed layers of activity inside a cryptographically-sealed network.
Cardless ATMs are cool, but you still may get ripped off (CNBC) Major banks are hoping smart ATMs will help protect consumers' cash. Will they?
Research and Development
BluVector Receives Patent for Zero-Day Malware Detection (NewsFactor) BluVector, a leader in network security monitoring and analytics, today announced that it has been issued a new patent for "System and Method for Automated Machine-learning, Zero-day Malware Detection" (U.S. Patent 9,665,713). BluVector is the first company to obtain this type of patent in the cybersecurity industry.
Research findings not driven by marketing, says security pro (iTWire) Marketing has no influence on the findings that security researchers make; in fact, it is the other way around, according to Noushin Shabab, a securit...
Is IBM's Watson Overhyped & Soon to Be Outdone? (Light Reading) While Watson is an early and mature AI platform, it's facing increased competition and challenges, according to a note from Jefferies.
Legislation, Policy, and Regulation
China’s National Cyber Threat Response Plan -part of Cyber arsenal (CyberDB) China’s National Cyber Threat Response Plan is another Arrow in Its Cyber Diplomacy Quiver
What Singapore can learn from Israel’s cyber security playbook (ComputerWeekly) A former Unit 8200 captain from the Israel Defense Forces shares what Singapore can learn from Israel’s approach to cyber security
Hackers wannacry? Cyber cops are here to track you (The Economic Times) “The Centre will monitor the flow of traffic and analyse if there is some attack coming and take action in real time,” said Ajay Kumar, Additional Secretary, ministry of electronics and IT.
Why cyber capabilities are more important than strategy (FCW) The Senate version of the 2018 defense bill calls for the creation of a cyber strategy, but one former DOD official says the U.S. must focus on capabilities and authorities first.
Opinion | The question about Islam that has vexed the world for a decade (Washington Post) To resolve the Middle East turmoil over the Qatar boycott, the United States must deal with the anger that fueled it.
Why you should care about the govt's encryption crackdown (iTnews) And why the new laws are unlikely to make a difference.
Democrats back effort to block U.S.-Russia cyber deal (The Washington Times) A Democratic bid to block the United States from establishing a cybersecurity alliance with Russia is gaining steam in Congress after President Trump discussed and then dismissed creating an “impenetrable” cybersecurity unit this week with his Kremlin counterpart.
Securing Elections Remains Surprisingly Controversial (WIRED) One would think that keeping elections safe would be an issue everyone backed. It's not that simple.
Democrats signal support for quick vote on FBI nominee Wray (POLITICO) Feinstein, the top Democrat on the Judiciary Committee, said she believes Wray should get a committee vote next week.
Navy Information Operations Command Texas Holds Change of Command (DVIDS) Capt. Clarence Franklin Jr. relieved Capt. David M. Houff as commander, Navy Information Operations Command (NIOC) Texas during a change of command ceremony held July 7 at Mitchell Hall on Joint Base San Antonio, Tx.
Litigation, Investigation, and Law Enforcement
The Biggest Dark Web Takedown Yet Sends Black Markets Reeling (WIRED) But law enforcement's raid on AlphaBay won't end the darknet's vibrant drug trade.
Canadian drug suspect found hanged in cell (Bangkok Post) Canadian drug suspect Alexander Cazes, 26, found dead in a cell at the Narcotics Suppression Bureau in Laksi district on Wednesday morning, is believed to have hanged himself, police said.
DNC Server May Hold Key to Investigation into Russian Involvement in 2016 Election (In Homeland Security) Many members of Congress still believe Russia was responsible for the hacking of the DNC servers. But why has no federal investigator seen or examined the DNC servers?
Special counsel brings on FBI official who oversaw Clinton email investigation (CNN) Justice Department Special Counsel Robert Mueller has brought on Peter Strzok, a senior FBI official who oversaw the Hillary Clinton email investigation.
Exclusive: DOJ let Russian lawyer into US before she met with Trump team (TheHill) The Russian lawyer who penetrated Donald Trump’s inner circle was initially cleared into the United States by the Justice Department under “extraordinary circumstances” before she embarked on a lobbying campaign last year that ensnared the president’s eldest son, members of Congress, journalists and State Department officials, according to court and Justice Department documents and interviews.
Trump: Son's Russia meeting 'standard campaign practice' (WBIR) The president wrote off his son's meeting with a Russian attorney as standard campaign practice.
Edward Snowden's leaks has NSA in damage-control mode, spy agency official tells Lancaster audience (LancasterOnline) A high-ranking official of the National Security Agency said in a talk here Wednesday that the electronic surveillance agency is working to improve its public relations in the wake of
The CIA’s Secret 2009 Data Breach, Revealed For The First Time (BuzzFeed) The inspector general’s 2010 report, obtained by BuzzFeed News through a Freedom of Information lawsuit, details an incident that “could have caused irreparable damage.”
Leopold FOIA CIA Source Code Inspector General Report (CIA Inspector General) Disposition memorandum: unauthorized dissemination of classified material
Putin critic Navalny says security service tracking his children (Reuters) Russian opposition leader Alexei Navalny complains his wife and two children are being tracked by the security services, but says he's not afraid to challenge Vladimir Putin for the presidency whatever the risks.
Hawaii soldier held without bail on terrorism charges (Army Times) A U.S. soldier accused of wanting to commit a mass shooting after pledging loyalty to the Islamic State group believed the moon landing was faked, questioned the assassination of President John F. Kennedy and thought the Sept. 11 terrorist attacks were an inside job coordinated by the U.S. government, according to a former Army bunkmate.
Release of the FISC Opinion Approving the 2016 Section 702 Certifications and Other Related Documents (IC on the Record) Today the ODNI, in consultation with the Department of Justice, is releasing three sets of Foreign Intelligence Surveillance Act (FISA) Section 702 documents in redacted form.
Who gets gold stars for looking after your privacy? (Naked Security) Who’s got your back when it comes to willingness (or otherwise) to hand over your data to third parties? Some of the results from the EFF’s report are surprising
Biometrics catches violent fugitive 25 years on the run (Ars Technica) Like it or not, facial-recognition tech has become an everyday part of society.
Dark Web Child Pornographer Avoids Jail Due To Asperger Syndrome (HackRead) In normal circumstances, a pedophile receives harsh punishments, but in this case, a 24-year-old child abuse pornography offender has skipped jail time bec
Not for the first time, Microsoft’s fonts have caught out forgers (Ars Technica) If you’re going to pretend a document is from 2006, you should use Times New Roman.