Cyber Attacks, Threats, and Vulnerabilities
5 New CIA Malware Unveiled By WikiLeaks — HTTPBrowser, NfLog, Regin, HammerLoss, Gamker (Fossbytes) As a part of the ongoing CIA Vault 7 series, WikiLeaks has published some new documents. The leaks share details regarding CIA's partnership with Raytheon Blackbird Technologies
The #StayCurrent Report: analyzing the impact and legacy of WannaCry (1E) In May 2017, the WannaCry virus entered the history books as one of the most destructive ransomware attacks of all time. 1E asked 400 US IT professionals about their experiences of the attack.
Maersk still feeling effects of cyber attack, but FMC provides breathing space (Loadstar) Maersk is to conduct a “full post-mortem” on last month’s Petya cyber attack that crashed its global computer information systems.
WannaCry Fallout: 80% Of Brits More Worried About How Organisations Store Their Data Following Latest Attacks (Information Security Buzz) 29% of UK firms will add cyber security to the boardroom agenda following WannaCry attack 58% of UK organisations now feel another attack is imminent UK less likely than USA, Australia and Germany to proactively read, seek advice or change passwords in the wake of the attack Theale UK – New research by leading information security …
UAE issues warning on possible return of GreenBug cyber attack (ArabianBusiness.com) Central Bank urges firms to take actions to protect their systems
Kaspersky Lab reveals NukeBot: The new bank hacker (Software Testing News) Kaspersky Lab researchers have found a new malware called NukeBot, which contains a code designed to steal online banking customer information from specific banks, mainly from France and the United States.
«Доктор Веб»: опасный Android-банкер получает контроль над мобильными устройствами (Доктор Веб) Вирусные аналитики компании «Доктор Веб» исследовали многофункционального банковского троянца Android.BankBot.211.origin, который вынуждает пользователей предоставить ему доступ к специальным возможностям (Accessibility Service). С их помощью вредоносная программа управляет мобильными устройствами и крадет конфиденциальную информацию клиентов кредитно-финансовых организаций. В самом начале наблюдения троянец атаковал только жителей Турции, однако вскоре список его целей расширился, и теперь он угрожает пользователям десятков стран.
API Hooking – Evading Detection with Stealthy Techniques (Infosecurity Magazine) API hooking is one of the memory-resident techniques cyber-criminals are increasingly using.
SambaCry vulnerability exploited by SHELLBIND ioT malicious ware on NAS devices. (Socnexus) Thecybers is an information security tent, keeps you update with cybersecurity news and tips from around the globe.
Skyhigh Networks Reveals Sophisticated Cyber Attack Campaign on Enterprise Office 365 Users (BusinessWire) Skyhigh Networks, the world’s leading Cloud Access Security Broker (CASB) platform, today announced it has detected and remediated one of the fi
ProMediads Malvertising and Sundown-Pirate Exploit Kit Combo Drops Ransomware and Info Stealer (TrendLabs Security Intelligence Blog) We’ve uncovered a new exploit kit through the ProMediads malvertising—Sundown-Pirate. It’s a bootleg of its precursors and named so by its back panel.
Beware: New Bank of America Phishing Scam Stealing Card Data (HackRead) Exclusive: The Bank of America is the 2nd largest bank in the United States by assets which makes it a lucrative target for cyber criminals. Today, HackRea
“Orpheus’ Lyre” – where it came from, and what to do [VIDEO] (Naked Security) From how the “Orpheus’ Lyre” bug got its weird name all the way to what we can learn from it. No jargon, just plain English. Enjoy…
DarkHotel 2.0: Inexsmar attack targets politicians via target-specific phishing emails (Inquirer) New attack pairs social engineering with a multi-stage Trojan downloader
New Netsparker Survey Finds Vulnerable Web Applications Make Web Developers an Easy Target, Even When Working Behind a Firewall (Netsparker) Failure to keep test environments opens doors to attackers and allow them to bypass network firewalls.
Symantec Tricked Into Revoking Certificates Using Fake Keys (Security Week) Researcher Hanno Böck has tricked Symantec into revoking TLS certificates by falsely claiming that their private keys had been compromised. Comodo was also targeted, but the company did not fall for the same ruse.
Destruction of Service attacks could shut down organizations for good (Help Net Security) A new Cisco report forecasts potential Destruction of Service attacks, which could eliminate organizations’ backups and safety nets.
New Grid Study Sees United States Vulnerable to Cyberattacks (Morning Consult) A national study on electric grid security released Thursday called on the United States to do more to protect its grid against high-impact attacks, highlighting large gaps in U.S. technology and infrastructure.
Process sensor cyber issues have contributed to catastrophic events (Control Global) Compromising process sensors can, and have, contributed to unintentional and malicious cyber events. There is a need to monitor process sensors to validate process conditions and know whether malware or other issues have caused impacts to the process.
A smart fish tank left a casino vulnerable to hackers (CNNMoney) As smart devices proliferate, hackers will get creative.
Greed for free wi-fi luring you towards cyber criminals (The New Indian Express) The Norton Wi-Fi Risk Reports exposes how vulnerable our online lives are when you connect online 74 percent of Indians believe their personal information is safe when using public Wi-Fi...
IOActive shows how easy it is to hack a Segway (http://www.theinquirer.net) They see them rollin', they hatin'
Surprise: pairing your Segway hoverboard to an app isn't a great idea (The Verge) Hoverboards are still a thing, apparently, and they're still terrible. Researchers at IOActive have found that security oversights in the Ninebot by Segway miniPRO hoverboard could allow an...
The inner workings of eight Apple iOS vulnerabilities exposed (ZDNet) A total of eight Apple iOS security flaws were discovered by a single researcher.
Newcastle University plagued by fake phishing site that accepts payment for courses (International Business Times UK) Scammers want to trick prospective Newcastle University students into paying tuition fees on a phishing site.
"Siren" botnet silenced after spamming Twitter users with porn links (SC Media US) A social media botnet that spams Twitter accounts with links to pornographic content sent more than 8.5 million posts from 90,000 unique accounts before it was finally neutralized, according to a new report.
Security Patches, Mitigations, and Software Updates
Valve Patches Security Flaw That Allows Installation of Malware via Steam Games (BleepingComputer) A vulnerability in Valve's Source SDK, a library used by game vendors to support custom mods and other features, allows a malicious actor to execute code on a user's computer, and optionally install malware, such as ransomware, cryptocurrency miners, banking trojans, and others.
Apple patches critical Broadpwn vulnerability in its various OSes (Help Net Security) Apple Broadpwn patch included in latest security updates for the company's computers, smartphones, Apple Watch and Apple TV.
Apple Releases Security Updates, Fixes Broadpwn Bug (BleepingComputer) On July 19, Apple released security updates for seven of its products, such as iOS, macOS, watchOS, tvOS, Safari, iTunes for Windows and iCloud for Windows.
Oracle’s monster update emphasizes flaws in critical business applications (CSO Online) Oracle hasn’t been “just” a database company in a long time, and nowhere is that more evident than in its quarterly critical patch update release, where the bulk of the fixes are in business applications like PeopleSoft and E-Business Suite.
Waratek Offers Guidance on Oracle's Critical Patch Update for July 2017 (PRNewswire) Waratek, the virtualization-based application security company,...
Speed of Windows 10 Adoption Not Affected by WannaCry (Dark Reading) WannaCry has motivated security teams to stay current on patching but Windows 10 adoption remains the same.
Cyber Trends
Every organization is only one click away from a potential compromise (Help Net Security) Attackers look for users who already have access to an organization's most sensitive data and aren't as hard to fool as security systems.
US Retailers Feel Like Targets, Even as Breach Rates Drop (Infosecurity Magazine) The majority (88%) consider themselves vulnerable to data threats.
Marketplace
Broadcom's acquisition of Brocade held up by regulation (CRN Australia) Purchase could be delayed for months.
WatchGuard Technologies CEO: We're On The Hunt For Acquisitions (CRN) Prakash Panjwani says partners can definitely expect to see the security vendor make some acquisitions around CASB, access control and layered defense.
Cybersecurity Stocks Near Buy Points Are Selling Off Today: Here's Why (Investor's Business Daily) Check Point was one of six cybersecurity stocks on the verge of breakouts, including Proofpoint and Palo Alto Networks.
Deloitte's cybersecurity arm has consistent growth in revenue, headcount (Houston Business Journal) "It’s really been this whole digital revolution. Hand in hand with that there’re just enormous cybersecurity risks."
Christopher Ahlberg: The Full Xconomy Voices Interview (Xconomy) The second episode of Xconomy’s new podcast, Xconomy Voices, features Recorded Future co-founder and CEO Christopher Ahlberg. His Somerville, MA-based cybe
Deep Instinct Eyes Deep Learning Cybersecurity (PYMNTS) Machine learning is perhaps the hottest buzzword in cybersecurity today. The artificial intelligence technology is deployed by cybersecurity firms in an effort to keep pace with the evolution of cyberattacks, as machine learning algorithms are able to improve predictability the more it is used. But according to Guy Caspi, CEO of cybersecurity company Deep Instinct...
Surging Demand for SecurityScorecard's Risk Ratings Platform Drives Record First Half 2017 Growth (PRNewswire) SecurityScorecard, the leader in security ratings, today announced...
Illumio Appoints Christopher Khadan VP of Customer Success as Demand For Large-Scale Deployments Grows (Illumio) Illumio news release: Illumio Appoints Christopher Khadan VP of Customer Success as Demand For Large-Scale Deployments Grows
Netronome Announces the Appointment Dr. Nils Rix as Senior Vice President of Sales (BusinessWire) Netronome Announces the Appointment Dr. Nils Rix as Senior Vice President of Sales
ForeScout Snags New Executives From FireEye, Fortinet To Build Up 'Powerhouse' Team Around IoT (CRN) The company has hired three security veterans from FireEye and Fortinet as it aims to build up new growth, sales and educational initiatives around its Internet of Things security practice.
BlackRidge Technology Advisor Whitfield Diffie Elected to Join The Royal Society (PRWeb) BlackRidge Technology International, Inc. (OTCQB: BRTI), a leader in cyber defense, is pleased to congratulate Dr. Whitfield Diffie, BlackRidge Advisor known for discovering the concept of public key cryptography, which underlies the security of internet commerce and all modern secure communication systems, for his election into The Royal Society.
Products, Services, and Solutions
New infosec products of the week: July 21, 2017 (Help Net Security) This week's security products include releases from Awake Security, CyberX, Lastline, RSA, StackRox and HackerOne.
ElcomSoft Tool Decrypts WhatsApp iCloud Backups (PRNewswire) ElcomSoft Co. Ltd. updates Elcomsoft eXplorer for WhatsApp, the company's...
Google has had enough of hackers and is hunting them down with Play Protect (Alphr) The tech giant is now offering the Play Protect security service on every Android running Google Mobile Services 11 or newer
#HackTor: Tor Opens up its Bug Bounty Program (Dark Reading) The popular identity-cloaking service has expanded its private, invite-only vulnerability discovery program to an open one via HackerOne.
BlackBerry gets NSA approval to sell secure messaging tools to US govt (CRN Australia) Fear of eavesdroppers has risen sharply.
Luma Introduces Luma Guardian, Your Personal IT Team (BusinessWire) Luma is once again redefining the home network experience with the debut of Luma Guardian, the world’s first personal IT team. The subscription
Waterfall Security and FireEye Partner to Secure Industrial Control Systems (ICS) (PRNewswire) Waterfall Security Solutions, a global leader in cybersecurity...
Kryptowire Integrates with MobileIron to Provide Automated Mobile Application Security and Compliance Monitoring to Enterprise Clients (BusinessWire) Kryptowire, the mobile app security testing platform used by Federal agencies, is now available to enterprises and integrated with MobileIron EMM.
Lastline Unveils Unprecedented Breach Protection Capabilities (BusinessWire) Lastline, Inc., the leader in advanced network-based malware protection, today introduced Lastline Breach Defender™, the industry’s only s
Darktrace AI empowers global sporting goods manufacturer to detect cyber-attacks in real time (Cambridge Network) News from Cambridge businesses. Network members upload news here about their products, services and achievements.
Leidos to Install, Manage Smart Grid for Lansing Board of Water & Light (Guru Focus) Leidos Smart Grid Select™ delivers business efficiency, customer satisfaction
Technologies, Techniques, and Standards
Cybersecurity Merger & Acquisition Advisement (SecureWorks) Ensure cybersecurity due diligence is part of the strategic merger and acquisition conversation early, assess your exposure and mitigate risk
An Insider’s View on Outside Cybersecurity Threats (Financial Executives) A traditional information security model aimed at securing the back-office no longer addresses the realities of business today.
CGE and CREATe.org Launch 'Cyber Readiness Institute' with Industry Leaders to Improve Cyber Risk Management and Help Secure Value Chains (PRNewswire) The Cyber Readiness Institute (CRI) launches today to enable the...
Onapsis and Cloud Security Alliance Establish ERP Security Working Group to Securely Migrate SAP and Oracle to the Cloud (BusinessWire) Onapsis and Cloud Security Alliance establish ERP Security Working Group to securely migrate SAP & Oracle to the cloud, with CISOs, IBM and Deloit
HITRUST CSF v9 Enhancements Extend "Assess Once, Report Many" Approach as a Standard Security Framework for Multiple Critical Infrastructure Industries (BusinessWire) Enhancements extend HITRUST CSF as a standard security framework for critical infrastructure industries and includes NIST Cybersecurity certification.
In an era of global malware attacks, what happens if there's no kill switch? (CIO Dive) Unlike May's WannaCry attack, most cyberattacks do not come with a kill switch. To avoid panic, make preemptive actions and not reactionary ones.
How to make your cybersecurity training succeed (L&D) A new report reveals where many organisations are going wrong with cybersecurity training
What Really Happens Inside a PR Crisis War Room (WIRED) A veteran of corporate disasters tells you what to do when all hell breaks loose.
Design and Innovation
The thorny issue of verifying humans (CSO Online) Customer identity access management and how verification of users is not working. A look at the concept of levels of assurance (LOA) as an integer based system that needs a rethink. How probability based identity is the way forward. How this can improve the online identity registration process. How simple, but still assured identity systems, make for better customer engagement.
Beware the machines that try to be human (Times (London)) And was the day of my delightAs pure and perfect as I say?The very source and fount of dayIs dash’d with wandering isles of nightFacebook poetry generator — “Grief” themed Microsoft’s public...
TSB plans to unlock bank accounts with the blink of an eye (the Guardian) Bank customers will be able to use iris recognition software on some Samsung Galaxy phones to log into their accounts from September
Parting Shots: The 'Death' of the Password (Infosecurity Magazine) Passwords do still play a big role in securing much of our data
Research and Development
Army Opens Collaborative Cybersecurity Research Center (Electronic Component News) The U.S. Army Research Laboratory opened the Army Cyber-research Analytics Laboratory, or ACAL, on Monday. The facility is unlike any other lab, since it provides industrial and federally-funded partners...
U.S. Army Opens Cyber Analytics Lab (SIGNAL Magazine) The U.S. Army Research Laboratory opened the Army Cyber-research Analytics Laboratory.
Legislation, Policy, and Regulation
Kremlin claims Russia and US are discussing cyber security working group (Washington Examiner) Intelligence and security officials in the U.S. told Reuters, however, that they were not participating in the talks.
Russia and US in joint talks on cyber security, says Putin envoy (Financial Times) Moscow says work on forming bilateral group under way despite anxiety in Washington
CIA director: Moscow loves to 'stick it to America' (Military Times) CIA Director Mike Pompeo said Thursday that Russia is interested in staying in Syria, partly because they "love to stick it to America."
Tillerson cuts high-profile cyberdiplomacy office in State Dept. reorg (Ars Technica) Move demotes US cyber diplomats as part of department overhaul.
As Cyberattacks Destabilize the World, the State Department Turns a Blind Eye (WIRED) "It's manifestly ridiculous."
Congress likely to tie Trump’s hands on Russia sanctions (POLITICO) A bill allowing lawmakers to block the president from easing sanctions on Moscow is likely to move forward despite White House resistance.
Senate panel approves Wray's nomination as FBI director (Reuters) The U.S. Senate Judiciary Committee on Thursday unanimously approved the nomination of Christopher Wray to be FBI director following the dismissal of the agency's former chief, James Comey, by President Donald Trump.
First crisis for French president Macron as army chief General Pierre de Villiers quits over cuts (Times (London)) President Macron faced the most serious test yet of his fledgling administration yesterday after the chief of the armed forces resigned following a dressing-down over defence cuts. General Pierre...
Singapore’s new cybersecurity bill: A work in progress (Enterprise Innovation) Singapore’s Ministry of Communications and Information and the Cyber Security Agency have recently proposed a Cybersecurity Bill, which is open for public feedback until the 3rd of August 2017.
Spyware merchants: the risks of outsourcing government hacking (The Conversation) The Australian government is using spyware. Is that legal?
How Western spyware is being used to shut down Arab rights activists (The Christian Science Monitor) Since the Arab Spring seven years ago, autocratic regimes have spent millions on Western firms' technology to steal activists' contacts, listen in on their conversations, and more.
Litigation, Investigation, and Law Enforcement
Massive blow to criminal Dark Web activities after globally coordinated operation (Europol) Months of preparation and coordination have resulted today, 20 July 2017, in the takedown of two of the largest criminal Dark Web markets, AlphaBay and Hansa.
Dark web Hansa Market shut down after being run for a month by law enforcement (Help Net Security) After the recent Alpha Bay's shutdown, many users flocked to Hansa Market, which was touted as the most secure on the dark web.
Authorities Take Down Hansa Dark Web Market, Confirm AlphaBay Takedown (BleepingComputer) Today, in coordinated press releases, the US Department of Justice (DOJ) and Europol announced the takedown of two Dark Web marketplaces — AlphaBay and Hansa Market.
Exclusive: Dutch Cops on AlphaBay ‘Refugees’ (KrebsOnSecurity) Following today’s breaking news about U.S. and international authorities taking down the competing Dark Web drug bazaars AlphaBay and Hansa Market, KrebsOnSecurity caught up with the Dutch investigators who took over Hansa on June 20, 2017.
Europol Head Tells Us About its Dark Web Market Sting (Motherboard) “This is a massive hit—two of the top three."
International operation takes down AlphaBay, Hansa dark web markets (SC Media US) The globally coordinated, sophisticated operation, in the works for months, severely hobbled the underpinnings of a criminal economy that has seen 350,000 illicit commodities traded. Among the items sold - cybercrime malware
Global Police Spring a Trap on Thousands of Dark Web Users (WIRED) Cops sent unsuspecting users scrambling from one dark web site's takedown to another site—that they controlled.
Alpha Bay Takedown Shows Government Collaboration Capability (Infosecurity Magazine) International cooperation takes down dark web markets Alpha Bay and Hansa.
AlphaBay and Hansa Brought Down by Basic Mistakes, Indictment Reveals (SurfWatch Labs, Inc.) On Thursday morning, the Department of Justice, Europol, and Dutch authorities announced a coordinated law enforcement takedown of AlphaBay and Hansa Market, two of the three largest dark web marke…
How to Win the Online War Against Islamic State (Bloomberg.com) Western governments should empower local partners to take the lead in fighting terrorist propaganda.
ISIS’ Core Helps Fund Militants in Philippines, Report Says (New York Times) The Islamic State’s central command in Syria has sent tens of thousands of dollars to groups that seized a southern Philippine city, a research group said.
Kushner to speak to Senate intelligence panel Monday as part of Russia probe (Washington Post) Paul Manafort and Donald Trump Jr. have also been invited to testify before the Senate Judiciary Committee on July 26.
Putin’s Hackers Now Under Attack—From Microsoft (The Daily Beast) Microsoft is going after Fancy Bear, the Russian hacking group that targeted the DNC, by wresting control of domain names controlled by the foreign spies.
Microsoft is quietly fighting a clever war against Russian hacking group Fancy Bear (TechCrunch) While the White House mulls striking up a joint cyber program with Russia, an unlikely vigilante is taking care of business. As the Daily Beast reports,..
Russian behind Citadel banking malware that led to $500m losses jailed for five years (Computing) Mark Vartanyan - who was working for an e-healthcare firm when he was arrested - follows fellow Russian Dimitry Belorossov into an American slammer
Palantir Contract Dispute Exposes NYPD’s Lack of Transparency (Just Security) News that the New York Police Department (NYPD) is in a fight with Palantir Technologies over access to analytic data the company produced, raises a host of troubling questions.