Cyber Attacks, Threats, and Vulnerabilities
UAE orchestrated hacking of Qatari government sites, sparking regional upheaval, according to U.S. intelligence officials (Washington Post) Hackers planted news stories with false quotes attributed to Qatar’s emir, which were then cited to condemn his government.
UAE behind hacking of Qatari sites - US spies (Sky News) Fiery but false quotes attributed to Qatar's emir were published on government websites in a UAE plot, US intelligence claims.
Qatar crisis: UAE denies hacking news agency (BBC News) The incident in late May helped spark the current diplomatic rift between Qatar and its neighbours.
Opinion: 'Islamic State' jihadism could live on | Opinion (Deutsche Welle) With Mosul and Raqqa retaken, the fate of "Islamic State's" territorial caliphate is sealed. Yet Loay Mudhoon says that's no reason to give the all clear, as IS is nothing more than a symptom of a crisis of statehood.
Russian Foreign Ministry Says it Suffered ‘Large-Scale’ Cyber Attack (Moscow Times) Russia’s Foreign Ministry experienced “large-scale” cyber-attacks originating in Iran and Hungary last month, its spokesperson said
Private Email of Top U.S. Russia Intelligence Official Hacked (Foreign Policy) As concerns about cyberattacks grow, hackers are going after Russia wonks.
'It was always going to happen': Inside the cyber-attack on parliament (BBC News) The inside story of the day hackers attacked parliament - and how the security team fought back.
Blame Human Error for WWE and Verizon’s Massive Data Exposures (WIRED) What's behind the recent spat of database vulnerabilities? Good ol' fashioned human error.
NemucodAES Ransomware, Kovter Click-Fraud Malware Spreading in Same Campaigns (Threatpost) Researchers have spotted malicious email campaigns using Zip archives to spread NemucodAES ransomware and the Kovter click-fraud Trojan, simultaneously distributing both pieces of malware.
Keeping up with the Petyas: Demystifying the malware family (Malwarebytes Labs) Last June 27, there was a huge outbreak of a Petya-esque malware with WannaCry-style infector in the Ukraine. Since there is still confusion about how exactly this malware is linked to the original Petya, we have prepared this small guide on the background of the Petya family.
Who is a target for ransomware attacks? (CSO Online) While any enterprise is a possible ransomware target, some are more likely than others to be caught in a cybercriminal’s crosshairs.
Cyber attacks a wake-up call: Keenan (NewsComAu) Recent global ransomware attacks must act as a wake-up call for Australia as the digital economy grows, Justice Minister Michael Keenan says.
Windows, Linux distros, macOS pay for Kerberos 21-year-old 'cryptographic sin' (ZDNet) Researchers find an authentication protocol bug that affects Windows, Linux and Apple.
Malware installs Signal as part of scheme to steal macOS users' banking credentials (Graham Cluley) A piece of malware is currently installing the Signal messenger app on macOS users' mobile devices as part of a scheme to steal their banking credentials.
OSX/Dok malware hits Macs; bypasses Apple’ Gatekeeper (HackRead) IT security researchers at Checkpoint recently discovered that a new malware has started to rise and is targeting Mac devices. The malware is considered qu
SQL injection attacks controlled using Telegram messaging app (Naked Security) This weaponising of an encrypted messaging app prompts us to remind you that you should really be focusing on how to avoid SQLi attacks in the first place
751 domains hijacked to redirect visitors to exploit kit (Help Net Security) An unknown attacker has managed to modify the name servers assigned to 751 domains, redirecting visitor to a site hosting the Rig Exploit Kit.
Android Backdoor GhostCtrl can Silently Record Your Audio, Video, and More (TrendLabs Security Intelligence Blog) The information-stealing RETADUP worm was actually accompanied by another threat, GhostCtrl—an Android malware that can stealthily take over the device.
CopyCat adware uses Amazon Web Services, APK segmentation to evade detection (SC Media US) The CopyCat adware that infected over 14 million Android devices has been using advanced evasion techniques , according to new researcher from Appthority.
SMS Phishing induces victims to photograph its own token card (SANS Internet Storm Center) Today I faced quite an unusual SMS phishing campaign here in Brazil. A friend of mine received a SMS message supposedly sent from his bank asking him to update his registration data through the given URL. Otherwise, he could have his account blocked, as seen in Figure 1.
Cloud AV Can Serve as an Avenue for Exfiltration (Dark Reading) Black Hat USA researchers show how bad guys can use cloud AV connections to bypass air-gaps and extremely segmented networks to keep stolen data flowing.
Office maldoc + .lnk (SANS Internet Storm Center) Reader nik submitted a malicious document. It's an Excel spreadsheet containing a Windows shortcut. As Windows shortcuts can contain interesting metadata like the MAC address of the computer that created the .lnk file, I took a closer look.
Porn Spam Botnet Has Evil Twitter Twin (KrebsOnSecurity) Last month KrebsOnSecurity published research into a large distributed network of apparently compromised systems being used to relay huge blasts of junk email promoting “online dating” programs — affiliate-driven schemes traditionally overrun with automated accounts posing as women. New research suggests that another bot-promoting botnet of more than 80,000 automated female Twitter accounts has been pimping the same dating scheme and prompting millions of clicks from Twitter users in the process.
BUPA breach – why names and addresses matter (Naked Security) UK healthcare company BUPA just had an employee run off with half a million names and addresses – here’s what we can learn from the breach.
IoT 'Smart' Alarm has Vulnerabilities (Infosecurity Magazine) iSmartAlarm has several vulnerabilities which could enable cyber-assisted crime
Detroit Medical Center blames data breach on outside agency (Detroit Free Press) A data breach at the Detroit Medical Center that might affect 1,529 patients was the result of a contract employee turning over information to an unauthorized third party, officials said Thursday.
Let the cyber games begin: why big events are now trophy targets (Mandarin) Hacking has always been a competition. But do today’s big sports events still have what it takes to beat the bad guys?
White House released voter-fraud commenters' sensitive personal information (CSO Online) The White House published voter-fraud comments, including voters' sensitive personal information.
Hackers did not breach computer system, says ESB (RTE.ie) The ESB said there has been no breach of its computer system after hackers targeted it.
Security Patches, Mitigations, and Software Updates
No big deal. You can defeat Kaspersky's ATM antivirus with a really fat executable (Register) After you've gained arbitrary execution on the cash machine, natch
Lloyd's says cyber-attack could cost $120bn, same as Hurricane Katrina (the Guardian) World’s oldest insurance market warns cost to global economy of cyber-attack could be as much as worst natural disasters
A UK business will spend more than £1m recovering from a data breach (Help Net Security) Companies are right to worry about the financial impact of a data breach – both in terms of short-term financial losses and long-term brand damage.
Whose job is it to keep us safe from online harassment? (Naked Security) As more of us report having been the focus of abuse online, what steps can be taken to make the web better while protecting freedom of speech?
The gap between the haves and the have-nots in D.C.’s tech scene is getting bigger (Washington Post) The region is getting more venture funding than in the past, but it’s going to fewer and fewer firms.
Could e-discovery pros fill the insatiable demand for cybersecurity talent? (Help Net Security) As the industry commoditizes, opportunistic experts in electronic discovery are looking at cybersecurity as their next logical career path.
Six entry-level cybersecurity job seeker failings (CSO Online) More cybersecurity job openings mean more entry-level candidates are entering the market. These are the common mistakes they make when apply and interviewing for an opening.
Israeli cyber firm Votiro raises $11.2 million from Aussie investors (Financial Review) Votiro Cybersec has closed an oversubscribed capital raise ahead of an imminent Australian expansion and ASX IPO.
CyberArk Software | $CYBR Stock | Shares Crash as Company Posts Disappointing Guidance Numbers (Ticker TV) CyberArk Software Ltd. (CYBR), a global software-based IT security solutions yesterday reported their preliminary second quarter 2017 financial results.
Russian Cyber Firm Kaspersky Aches Amid Strained U.S. Relations (Fortune) The company is being punished for the sleights of the Kremlin.
Partners Could Feel Impact With Kaspersky Lab Caught in U.S.-Russia Cyber Beef (MSPMentor) Partner IT services provider partners could be left in a lurch as Kaspersky Lab appears to be paying the price for Vladamir Putin’s cyber campaign against the 2016 American presidential election, with the security software vendor this week losing key approvals to sell IT products to U.S. government agencies.
Atlassian Launches Public Bug Bounty Program (Security Week) Team collaboration and productivity software provider Atlassian announced this week the launch of a Bugcrowd-based public bug bounty program with rewards of up to $3,000 per vulnerability.
Products, Services, and Solutions
IBM unveils new mainframe capable of running more than 12 billion encrypted transactions a day (CNBC) IBM has launched a new mainframe system capable of running more than 12 billion encrypted transactions per day, in a bid to wade further into the financial cybersecurity market.
IBM dangles carrot of full encryption to lure buyers to new z14 mainframe (TechCrunch) IBM is doing its damnedest to keep the mainframe relevant in a modern context, and believe it or not, there are plenty of monster corporations throughout the..
IBM reboots iconic mainframe: Encrypt data all the time, at any scale (Help Net Security) IBM Z has an encryption engine that makes it possible to pervasively encrypt data associated with any application, cloud service or database all the time.
IBM's Plan To Encrypt Unthinkable Amounts of Sensitive Data (WIRED) The new IBM Z mainframe uses "pervasive encryption" to stop data breaches in their tracks.
Twistlock 2.1 Container Security Suite Released (InfoQ) Twistlock announced the general availability of version 2.1 of their container security product. Highlights of the release include an integrated firewall that understands application traffic, vulnerability detection, secrets management via integration with third party tools, and compliance alerting and enforcement.
DB Networks Aids GDPR Readiness for Structured Data (CIO Today) DB Networks Supports GDPR Readiness Assessments for Structured Data -- AI-based DBN-6300 dramatically reduces the time and effort necessary to discover structured data stores and create an accurate Personal Data Inventory
Darktrace & CITIC Telecom CPC to take "disruptive AI" security to APAC (Security Brief) This new partnership will further strengthen our ability to respond to the overwhelming demand for our cutting-edge machine learning technology."
Technologies, Techniques, and Standards
Verizon Data Exposure - A Lesson in Cloud Security Hygiene (SC Media US) According to reports, Verizon potentially exposed up to 14 million customers' personal information in a public-facing Amazon S3 (storage) bucket which was
How to protect yourself from the Verizon data breach (ZDNet) To be safe, you must change your Verizon PIN.
Launch your own cybersecurity sprint: 30 days to improved security (Help Net Security) Use these lessons to establish a realistic plan for achieving “quick wins” to prioritize risk reduction, quantify progress, and retain management support.
Design and Innovation
What is gamification? Lessons for awareness programs from Pokemon Go (CSO Online) Gamification is a way to reward people for exhibiting a desired behavior. It is not merely creating a game for people to play, nor making training a game. As Pokemon Go turns a year old, here are some of the things awareness programs can learn from the massively popular game..
How to make computer science education fun (CSO Online) Games that focus on concepts over programming languages teach students to think like a computer while having a little fun
Someone Made a Tool That Turns Twitter Threads Into Blogs 1/87 (Motherboard) It’s time for some Thread Theory.
Research and Development
New firewall designed to protect Android cellphones (Digital Journal) A security threat to smartphones comes from phone components, like touchscreens, chargers, and battery or sensor assemblies. These 'field replaceable units’ have weak security settings; but there is a new solution for this vulnerability.
To Truly Fake Intelligence, Chatbots Need To Be Able To Change Your Mind (Motherboard) To achieve social intelligence, AI needs to be able to be persuasive, argues researcher.
What an artificial intelligence researcher fears about AI [Commentary] (Fifth Domain | Cyber) As an artificial intelligence researcher, I often come across the idea that many people are afraid of what AI might bring. As an AI expert, what do I fear about artificial intelligence?
Dimension Data and Deakin University open cybersecurity accelerator (ZDNet) The six-month accelerator program designed to help early-stage cybersecurity startups is funded by the Victorian government's LaunchVic kitty.
Cybersecurity Education Takes Center Stage at Cyber Innovation Challenge (PRNewswire) Today, government, education and industry partners announced...
Legislation, Policy, and Regulation
Defense Ministry plans to boost strength of unit tasked with countering cyberattacks (The Japan Times) The Defense Ministry is considering strengthening its unit tasked with responding to cyberattacks by increasing the number of staff to around 1,000 from...
Dutch Senate votes to grant intel agencies new surveillance powers (Register) Privacy groups concerned by data-slurping 'tapping' law
Australian government to introduce laws forcing tech companies to decrypt communications (CRN Australia) Legislation will force tech companies to open up encrypted messages.
White House leaves door open to U.S.-Russia cyber ‘dialogue’ (POLITICO) The Trump administration is still open to a cyber dialogue with Russia — despite having no plans to form the joint U.S.-Russian election security team that President Donald Trump float…
Encryption: It's not just for governments, it's for everybody (RedShark News) Quis custodiet ipsos custodes? More and more, governments seem to be calling for backdoors to be established into encryption programs in the name of p...
We Need 21st Century Responses – DFRLab (Medium) Secretary Albright Speaks At #DisinfoWeek
Military Cyber Operations Headed for Revamp after Long Delay (VOA) Under plans, US Cyber Command would eventually be split off from intelligence-focused National Security Agency
House Boosts CYBERCOM Budget But Cuts NIST Funds (Nextgov) The House version of the defense authorization bill requires a Pentagon and State Department cyber strategy.
Intel bill directs report on cyber-vulnerability disclosure process (C4ISRNET) The House Intelligence Committee's Intelligence Authorization Act calls for a report on the disclosure process for vulnerabilities.
Litigation, Investigation, and Law Enforcement
Co-founder of firm behind Trump-Russia dossier will not testify before Senate next week (POLITICO) The committee on Wednesday announced a July 19 hearing that listed Glenn Simpson as a witness.
The Hacker Hunters Chasing Russian Shadows (Moscow Times) U.S. investigators are stepping up the fight against Russian cybercriminals. But are they going after the right guys?
Telegram agrees to delete terrorist content in Indonesia following partial block (TechCrunch) Messaging app Telegram has agreed to block terrorist-related content in Indonesia after the government threatened to block the service over fears it was..
Russian cyber criminals identified by Australian spooks (Courier and Mail) Australian spooks have identified 10 cyber criminals – the majority from Russia and Eastern Europe – responsible for hundreds of online attacks on Australians.
US Border Patrol isn't allowed to search travelers' data stored in the cloud (Help Net Security) When searching travelers' mobile phones at the border, CBP officers do not have the authority to rifle through data stored solely "in the cloud".
US border agents: We won’t search data “located solely on remote servers” (Ars Technica) What does that mean in practice? CBP isn't saying for now.
Ashley Madison Reaches Proposed Settlement with Exposed Users (Infosecurity Magazine) Leaked data included usernames, first and last names, email addresses, passwords and credit card data
Congresswoman’s iPhone contained nude images, and an aide put them online (Ars Technica) Staffer allegedly accessed images while taking lawmaker's phone in for repair.