Cyber Attacks, Threats, and Vulnerabilities
Islamic State's Russian-language Propagandists Show Little Sign of Slowing Down (VOA) Assessment comes as some IS propaganda operations appear to be in decline
Cracks in the Online “Caliphate”: How the Islamic State is Losing Ground in the Battle for Cyberspace (Perspectives on Terrorism) This article argues that the Islamic State’s cyber jihad, fully launched in 2014, is currently undergoing a regression that is demonstrated by the weakening of its quality, coverage and effectiveness.
The Myth of ISIS's Strategic Brilliance (Defense One) The group has adapted to battlefield setbacks. But that doesn't mean it factored territorial losses into its master plan.
Russians Suspected in NotPetya Malware Attacks (Washington Free Beacon) A recent international cyber attack that began in Ukraine involved sophisticated malware and was likely carried out by the Russian government or hackers.
Motivation Mystery Behind WannaCry, ExPetr (Threatpost) A shift in APT tactics is emerging as characterized by the destructive ExPetr attacks hidden in ransomware, and WannaCry, which also failed to turn a profit.
'NotPetya' and 'WannaCry' cyberattacks on international government infrastructure and organisations a wake-up call (Security News Desk) After ‘NotPetya’ and ‘WannaCry’ cyberattacks on international government infrastructure and organisations, we explore how future attacks might be mitigated.
A cyberattack is going to cause this tech company to miss earnings (CNBC) Nuance Communications sees third-quarter earnings and revenue below Wall Street estimates.
Maersk: No Data Lost amid Cyber Attack (World Maritime News) Responding to the latest cyber security queries, Danish shipping conglomerate Maersk reassured that no data had been lost due to the cyber attack.
The #StayCurrent Report: analyzing the impact and legacy of WannaCry (1E Enterprise Software Lifecycle Automation) In May 2017, the WannaCry virus entered the history books as one of the most destructive ransomware attacks of all time. 1E asked 400 US IT professionals about their experiences of the attack.
Top Ten Lessons Learned from WannaCry (Infosecurity Magazine) The WannaCry ransomware variant changed the view of ransomware globally, mainly due to its ability to capture multiple major businesses and critical infrastructure.
WikiLeaks: CIA analyzed Russian and Chinese malware to inspire its own hacking and surveillance tools (BetaNews) Some four months after the first Vault 7 leak, WikiLeaks continues to publish revealing CIA documents that detail the agency's ability to hack, infiltrate and surveil targets. The latest batch goes under the banner
WikiLeaks Release Documents on How CIA Uses 5 Different Malware (Hakcitech) WikiLeaks has released a trove of data belong to the American intelligence agency CIA (Central Intelligence Agency) – The latest batch shows how CIA uses five different malware to target unsuspecting users.
Lessons to learn from the Qatar crisis before a cyber war breaks out | Opinion (Newsweek) Without regulation, the use of cyberspace for attacks will contribute to an online arms race.
Emotet takes wing with a spreader (Fidelis Cybersecurity) The recent Wannacry and Petya outbreaks have demonstrated the potency of ransomware coupled with a propagation component (spreader). While typical ransomware infections lead to the denial of access of data on a single victim system, it becomes an enterprise threat when it can propagate out, via mounted shares or the use of exploits (WannaCry - EternalBlue/MS17-010) or even both (Petya).
Mysterious Mac Malware Has Infected Victims for Years (Motherboard) The mystery of a Mac malware called “FruitFly.”
Wells Fargo Accidentally Releases Trove of Data on Wealthy Clients (New York Times) A plaintiff suing an employee of Wells Fargo Advisors was sent a CD containing thousands of sensitive client records — which came from a lawyer for the bank.
The Stantinko Botnet is Back After Years Under The Radar (Virus Guides) ESES researchers alert that Stantinko – a huge botnet which hasn’t been detected for the past five years – is now not only back but it also managed to infe
Hacker made off with over 5.5 million Social Security Numbers across 10 states (CSO Online) The PII of 6,367,467 users from 10 states was exposed when America's JobLink Alliance Technical Support was breached, according to records obtained via an open records request.
Stealthy Botnet with Half a Million Slaves Represents 'Major Threat' (Infosecurity Magazine) ESET said that it can send a fully featured backdoor, and perform brute-force attacks on Joomla and WordPress panels.
Stantinko Modular Backdoor Infected Over 500,000 Computers (BleepingComputer) Over 500,000 users have had their computers infected with a stealthy malware named Stantinko, according to a 99-page report released yesterday by Slovak antivirus maker ESET.
Watch out for the Android malware that snoops on your phone (Naked Security) GhostCtrl, being distributed by rogue versions designed to look like legitimate apps, can monitor what you do and lock up your device – beware!
No one still thinks iOS is invulnerable to malware, right? Well, knock it off (Register) As platform's popularity rose, so did its allure to miscreants
Your Old Phone Number Can Be Used To Hack Facebook Account (HackRead) We all know that in most cases, Facebook users are required to submit their phone number while registering with the social network. This is how they can li
DDoS Attack Still Targeting Final Fantasy 14 (Information Security Buzz) The online game Final Fantasy 14 has been plagued by DDoS attacks for more than a month, since its release in June, with the developer saying that the DDoS attacks targeting its North American data centre have shown no signs of stopping and are increasingly difficult to contain. Stephanie Weagle, VP at Corero Network Security commented …
UCC hit by €110,000 attack from cyber gang - Independent.ie (Independent) Cyber criminals mounted a major attack to steal €110,000 from University College Cork (UCC), the Sunday Independent can reveal.
Ricoh Australia printer guides exposed online (CRN Australia) Run-up guides for multifunction devices were accessible for a period.
Ocean's Eleven: How hackers tried to steal from a casino by hijacking a smart fish tank (International Business Times UK) Security experts said that hackers managed to steal some data and send it to a device in Finland before the attack was stopped.
Security Patches, Mitigations, and Software Updates
QNAP keeps quiet on critical flaw that corrupts data (CRN Australia) Bug goes without mention.
Segway MiniPro patched to stop hackers hijacking remote control (The State of Security) Critical security vulnerabilities have been discovered in the Segway MiniPro Hoverboard - but don't worry, they have been fixed!
You Should Update Your Apple Devices Immediately to Fix a Major Security Flaw (Fortune) Otherwise, hackers can take over your devices via WiFi chips
Cyber Trends
Dump the snake oil and show security researchers some respect (ZDNet) Hacker Summer Camp kicks off this weekend, and with many conferences, there's a very noticeable "race to first" by marketing teams. In that race, marketers need to first revere the research and respect the researchers, especially heading into the next 10 days. Here's why.
Ethereum Miners Are Selling Their Graphics Cards (Motherboard) Miners lose, gamers win.
Cisco on cybersecurity threats: We must ‘raise our warning flag even higher’ (FierceTelecom) Cisco’s latest report on the state of cybersecurity opens with a lament that would be astonishing if anyone were paying attention. That is, in fact, the lament: The world doesn’t seem to appreciate how bad the cybersecurity threat is getting.
AI Cyber Wars: Coming Soon To A Bank Near You (Forbes) The battle between cyber criminals and banks is an intensifying arms race.
Soon, your most important security expert won’t be a person (CSO) Trained continually by ever-expanding masses of security data, AI promises to finally help CSOs keep up with the flood
Monetising the IoT is a bigger concern than securing it (Computing) Canonical has found that understanding and 'monetising' the IoT are the top priorities of business professionals today - not security
GDPR confusion is still widespread - but Brexit is no excuse (Computing) Mistakenly thinking Brexit provides exemption and not reading the new definition of personal data are just two factors stopping companies preparing for the General Data Protection Regulation
Marketplace
Cyber Insurance and DDoS (Neptune Web, Inc.) This past spring American International Group (AIG), one of the largest cyber insurance companies, surveyed cyber security and risk experts to gain a deeper understanding of their views of the likelihood and impact of a systemic cyber-attack.
Protenus adds $3M to Series A round (Technical.ly Baltimore) The new investment led by Kaiser Permanente Ventures brings the round total to $7 million.
Nyotron Raises $21 Million Funding Round (Benzinga) Appoints former McAfee executive Peter Stewart to Chief Executive Officer
Blackstone in talks to buy 40 pct of Israel cyber firm NSO -report (Reuters) Blackstone Group (BX.N) is in advanced talks to pay $400 million for 40 percent of privately held Israeli firm NSO Group, a maker of spyware for mobile devices, Israel's Calcalist business newspaper reported on Sunday.
Second act for cybersecurity commissioners: Pritzker, Palmisano, Nadella form nonprofit (Cyberscoop) The Cyber Readiness Institute was launched to help the private sector better address cybersecurity, especially for small and medium-sized enterprises.
Israel - a cybersecurity powerhouse (Canada Free Press) According to the June 15, 2017 Wall Street Journal, six Israeli startups (three in the cybersecurity sector) are among the top 25 tech companies, which may be the global leaders of tomorrow.
Cisco deal is big win for local tech entrepreneurs (stltoday.com) CEO of Observable Networks, founded in 2011, praises St. Louis' talent pool
Q&A: CHRIS COLEMAN (Las Vegas Magazine) Outsourcing to third parties isn’t new, especially as businesses expand and look for ways to lower costs. However, large organizations and government agencies continuing to fall victim to vendor breaches begs the question: Why are we still being compromised by third parties?
Harvard PhD Andy Yen provides tips to governments on cybersecurity protections (CIO) Harvard PhD provides thoughts on innovative Cybersecurity hacks and protections.
Cyberbit Opens Singapore Office (PRNewswire) Cyberbit, whose cybersecurity solutions protect the...
Cyber firm Blue Ridge promotes Gray to COO (Washington Technology) Government and commercial cyber outfit Blue Ridge Networks moves Maureen Gray from the vice president ranks up to chief operating officer.
Products, Services, and Solutions
Microsoft Security Risk Detection is Ready for Customers (Petri) Microsoft Security Risk Detection, a new Azure-hosted "whitebox fuzzing" service, is now generally available following several months of external testing.
Acalvio Partners with Splunk to Deliver Industry’s First Active Deception-Based Ransomware Solution (Alcavio) Acalvio Technologies, an innovator in Advanced Threat Defense, today announced the immediate availability of ShadowPlex-R, a comprehensive, distributed-deception solution for early, accurate and cost-effective detection and mitigation of ransomware. ShadowPlex-R is based on Acalvio’s patented Deception 2.0 technology, which delivers automated and authentic enterprise-scale deception with low IT impact
SKT Develops Hacking-Proof Core Chip for Quantum Cryptography (BusinessKorea) Key equipment was developed for the popularization of quantum cryptography known to be impossible to hack. SK Telecom announced on July 23 that it developed a prototype chip for generating ultra-small quantum random numbers.
Internet Bug Bounty Receives New Funding to Expand Internet Safety Program (Dark Reading) Facebook, Ford Foundation and GitHub donate $300,000 to award hackers who improve internet infrastructure
Industry reacts to Symantec certificate authority trust remediation (SearchSecurity) As the Symantec certificate authority rushes to transfer certificate issuance to a subordinate certificate authority, Symantec needs to watch its back.
Exabeam integrates with ThreatConnect to Improve Enterprise Security (GlobeNewswire News Room) Combination of ThreatConnect’s Threat Intelligence Platform and Exabeam’s Security Automation Improves Incident Response
Cylance Gets Federal Certification (SoCalTech) Irvine-based cybersecurity developer Cylance has received a federal certification for the company's CylancePROTECT software, its artificial-intelligence powered software used for protecting against advanced persistent threats and malware. According to Cylance, it received a "Moderate" certification from the Federal Risk and Authorization Management Program (FedRAMP), which allows it to deploy its software to United States government agencies.
CyberX Rises to Industrial Control System Security Challenge (IT Business Edge) One of the biggest concerns business and IT leaders alike share when it comes to anything to do with Internet of Things (IOT) projects is security. The more devices that get connected to the internet, the bigger the attack surface that needs to be defended becomes.
Card issuer adds new security feature (NerdWallet) Company will alert cardholders when their Social Security number appears on risky websites on the so-called 'dark web.' Here's how it works and what you can do if you get such alerts.
Dashlane review: This password manager makes you smarter about security (PCWorld) With its top-notch password auditing, Dashlane teaches you to better protect yourself online.
Invincea receives perfect score from SC Magazine (Sophos) Invincea gets 5 stars in SC Media’s 2017 Endpoint Security Group Test.
Malwarebytes review (TechRadar) Veteran malware hunter adds even more layers of PC protection
Jetico Disk Encryption Delivers Safe and Easy Upgrade to Windows® 10 Creators Update (IT News Online) Jetico, leading-edge developer of encryption software, announced today version 3.75 of BestCrypt Volume Encryption. By removing the time-consuming and risky need to decrypt and re-encrypt the boot drives, Jetico’s long-trusted solution for disk encryption now enables safe and easy upgrade to Windows® 10 Creators Update, also referred to as RedStone 2 (RS2).
Briar Tor-Based Messenger Passes Security Audit, Enters Beta Stage (BleepingComputer) Briar, an instant messaging service that works over the Tor network, has reached beta stage today, the app's creators announced.
CyberTraining 365 Partners with the Women in CyberSecurity (WiCyS) to Provide Training Opportunities to Aspiring Women in the Field (PRNewswire) Due to the increase in demand for a skilled cybersecurity workforce,...
Spirent Demonstrates Comprehensive Range of Security Solutions and Expertise at Black Hat and DEF CON 2017 Conferences | 07/24/17 (markets.businessinsider.com) Spirent Communications plc (LSE:SPT) will highlight its comprehensive range of security solutions at the upcoming Black Hat and DEF CON 2017 conferences at the Mandalay Bay and Caesars Palace Convention Center in Las Vegas, July 24–30.
Technologies, Techniques, and Standards
Study: Zero days rediscovered much faster (Cyberscoop) The Harvard study shows up to a third of zero days found in the wild might have been secretly known to U.S. agencies, meaning they could have been fixed.
Analysis Of The RANDom Report on Zero-days and Vulnerability Rediscovery (Risk-Based Security) On March 9, 2017, RAND released a report (PDF) titled “Zero Days, Thousands of Nights; The Life and Times of Zero-Day Vulnerabilities and Their Exploits” by Lillian Ablon and Andy Bogart that received a fair amount of press. The RAND press release goes on to describe it as “the first publicly available research to examine vulnerabilities that are still currently unknown to the public“. While the report covers many topics and angles around this discussion, one specific bit that caught our attention was the data put forth around vulnerability rediscovery.
ICS Cybersecurity: 3 Reasons Why Periodic Technical Assessment (Still) Matters (Revolutionary Security) “Our SCADA communications use AES256 and are 100% secure so we don’t worry too much about security.” That’s a real quote from a real Industrial Control System (ICS) manager from this decade. A technical assessment of that system proved otherwise—there were in fact real cybersecurity vulnerabilities that required immediate and long-term remediation.
What is mobile app wrapping? (Computerworld) In a mobile application management strategy, app wrapping allows developers and administrators to apply security enforcement policies to a mobile app without changing its look or functionality.
A leopard can't change its spots: Why physical security appliances can’t move to the cloud (Cato Networks) Palo Alto’s recent introduction of its firewall as a service (FWaaS), GlobalProtect Cloud Service, is the latest example of how firewall appliance vendors are moving to the cloud. Appliances are not aligned with the new shape of business that involves private and public cloud platforms and a mobile workforce needing fast access to business data … Continue reading "A leopard can’t change its spots: Why physical security appliances can’t move to the cloud"
Turn Off Your Push Notifications. All of Them (WIRED) RIP my mentions.
Design and Innovation
Securities blockchain will raise trust among European SMBs, claims IBM (Computing) The system is intended to make it simpler for SMBs to obtain funding by sharing secure financial information
Antivirus for Android Has a Long, Long Way To Go (WIRED) A new study shows that 94 percent of Android antivirus failed to stop a comprehensive set of malware attacks.
Norway Takes Lead in Race to Build Autonomous Cargo Ships (Wall Street Journal) Two Norwegian companies are taking the lead in the race to build the world’s first crewless, autonomously operated electric ship, an advance that could mark a turning point in seaborne trade.
Bitcoin May Have Just Solved Its Scaling Problem (Motherboard) Okay, WTF is BIP 91 and what does it mean for bitcoin?
Twitter says it’s cracking down on the abuse – but is it? (Naked Security) Twitter’s moves to tackle abuse on the platform seem to be making their mark – but there’s a way to go before everyone feels safe there
Academia
Boeing invests in cyber warriors, gives 50 computer servers to new WWU CyberRange (bellinghamherald) Western Washington University students in the Computer Information System Security program will practice cyberwarfare training in its new CyberRange, thanks to a gift of 50 computer servers from Boeing, Western officials said.
Big Island Now: Students Can Test Aptitude Through CyberStart (Big Island Now) Gov. David Y. Ige today announced a partnership between the State of Hawai‘i and SANS Institute to offer high school and college students the opportunity this summer to participate in a free online cybersecurity assessment and exercise called CyberStart.
Cybersecurity game offered to Delaware high schoolers (Cape Gazette) A cybersecurity game is giving Delaware high schoolers a chance to learn about a growing industry
Cyber-security competition uncovers new talent to meet growing need for defence against threats (The Straits Times) Almost invisible yet highly dangerous, a cyber attack is nightmare for computer scientists, let alone a 17-year-old boy.. Read more at straitstimes.com.
Antivirus is dead, and young talents must fight Trojan war (South China Morning Post) Winnie Tang says with cyberattackers becoming ever more aggressive and global, rules and battle plans have to be redefined, and the government must urgently step up talent training in schools
Legislation, Policy, and Regulation
South Korean Foreign Ministry plans to upgrade cybersecurity measures (India) Seoul, July 23 (IANS) South Korea's Foreign Ministry will soon craft a mid-term plan to beef up cybersecurity measures, an official said on Sunday.
Defense ministry mulling over reform on cyber security, anti-espionage bodies (Yonhap News Agency) South Korea's defense ministry has been making a push to adjust the functions of its cyber security and anti-espionage units, each criticized for getting involved in politics and undue monitoring of individual soldiers, a military source said Sunday.
Saudi king overhauls security services following royal shakeup (Reuters) Saudi King Salman on Thursday decreed the consolidation of counter-terrorism and domestic intelligence under a new body, in a major overhaul of the security apparatus weeks after the interior minister was ousted from the royal succession.
Top U.S. General: Russia Just One Of Many Security Threats Facing Country (RadioFreeEurope/RadioLiberty) The top U.S. military officer has told a security conference that Russia is the “most capable state actor” that the United States faces, but it is just one of many security challenges in today’s environment.
NSA chief: 'Not the best time' for cyber unit (CNN) Adm. Mike Rogers, the director of the National Security Agency, said Saturday that "now is probably not the best time" to pursue a joint cybersecurity initiative with Russia -- an idea that President Donald Trump floated following his meeting with Russian President Vladimir Putin earlier this month.
Mike Rogers: NSA not about particular parties, viewpoints (UPI) National Security Agency Director Mike Rogers said he won't serve political purposes in his job because "I will not violate the oath that I have taken."
Letting Cyberattack Victims Hack Back Is a Very Unwise Idea (WIRED) Opinion: Retaliating against hacks is the wrong way to prevent them.
Trump's nominee for intel job backs ODNI role in intelligence integration (C4ISRNET) “As I look at it now, the integrated functions that the ODNI provides, particularly over time, have been remarkable in bringing together in ways we couldn’t have.”
Senator blasts FCC for refusing to provide DDoS analysis (Ars Technica) FCC is either too secretive or is unprepared for future attacks, senator says.
Pennsylvania's cybersecurity efforts, IT infrastructure might get an overhaul (LancasterOnline) As concerns rage at the national level about Russian hacking attempts in the 2016 U.S. election, Pennsylvania government could be on its way to revamping its own cybersecurity efforts and
Local governments keep using this software — but it might be a back door for Russia (Washington Post) The U.S. warning about Kaspersky leaves officials in the dark about possible risks.
Litigation, Investigation, and Law Enforcement
Microsoft’s secret weapon in ongoing struggle against Fancy Bear? Trademark law (Ars Technica) "Redirecting…Strontium domains will directly disrupt current Strontium infrastructure."
Interpol circulates list of 173 suspected members of Isis suicide brigade (the Guardian) Agency believes the fighters could have been trained to attack Europe as revenge for military defeat in Middle East
German girl arrested in Mosul is missing Linda Wenzel, say authorities (the Guardian) Wenzel disappeared from her home near Dresden last year and is believed to have been fighting for Islamic State in Iraq
Dark web markets shutdown may lead to more arrests (SearchSecurity) Shutdown of AlphaBay and Hansa dark web markets leads to potential data on hundreds or thousands of site vendors and users.
Family of dead AlphaBay suspect says he was a “good boy” (Ars Technica) Alexandre Cazes, 26, also apparently spent a lot of time in a "pickup artist" forum.
Intelligence director says agencies agree on Russian meddling (NBC News) Daniel Coats, the director of national intelligence, tells NBC's Lester Holt there is no dissent among U.S. spy agencies that Russia meddled in the election.
In break with Trump, top intelligence and homeland security officials affirm Russia's election meddling (USA TODAY) President Trump still won't say whether he believes Russia meddled in the presidential election. But his top homeland security officials affirm it did.
Russian who met Trump Jr. represented intelligence agency (KLTV) The Russian lawyer who met Donald Trump Jr. during the 2016 campaign has represented a military unit operated by Russia's intelligence agency, according to court filings obtained...
Co-founder of firm behind Trump-Russia dossier to plead the Fifth (Fox News) Glenn Simpson, whose Fusion GPS firm has been tied to anti-Trump efforts and pro-Russian lobbying, will not talk to lawmakers in response to a subpoena, the leaders of the Senate Judiciary Committe said Friday.
Fusion GPS Illuminates the Brave New World of Manufactured News for Hire (Tablet Magazine) Donald Trump, Jr. appears to be the latest figure in President Donald Trump’s inner circle to be caught in the giant web of the Great Kremlin Conspiracy. Trump the younger said he was promised dirt on Hillary Clinton, but that all he got in his June 2016 meeting with a Russian lawyer was an earful about dropping the Magnitzky Act, which sanctions Russian officials involved in the death of a Russian lawyer who was killed in detention.
Trump blames 'intelligence leak' for damaging report on Sessions (POLITICO) "These illegal leaks, like Comey's, must stop!" Trump tweeted.
Trump’s options on Russia probe: Discredit, pardon, fire (POLITICO) When it comes to responding to the Russia probe Trump and his advisers do not have many options. And the ones they have carry big political risks.
Spying in Mexico (Houston Chronicle) Martinelli is fighting extradition to his homeland where he faces charges of illegally spying on political rivals with the same Israeli-produced spyware the Mexican government now is accused of using for the same purpose.
New book explores how protesters—and governments—use Internet tactics (Ars Technica) The protest frontiers are changing. An entrenched researcher explains why they work.
Investigation launched into data breach after hacking of MPs' emails (The Independent) A cyber attack targeting the Houses of Parliament has caused a data breach after email accounts including a select committee’s mailbox were compromised. Investigators found that under 0.5 per cent of 9,000 accounts were compromised during the “sustained and determined” attempt last month, which resulted in part of the parliamentary email system being taken offline.
Hacker "BestBuy" Admits to Hijacking Deutsche Telekom Routers With Mirai Malware (BleepingComputer) A 29-year-old man pleaded guilty in court on Friday to hijacking over 900,000 routers from the network of Deutsche Telekom, according to several reports in the German press.
Briton admits to cyber-attack on Deutsche Telekom (the Guardian) Liberian telecoms company commissioned attack but had not asked for German firm to be hacked, 29-year-old tells Cologne court
45,000 Facebook Users Leave One-Star Ratings After Hacker's Unjust Arrest (BleepingComputer) Over 45,000 users have left one-star reviews on a company's Facebook page after the business reported a security researcher to police and had him arrested in the middle of the night instead of fixing a reported bug.
Sysadmin Gets 18 Months in Prison for Shutting Down Former Employer's Network (BleepingComputer) Joe Vito Venzor, 41, from El Paso, was sentenced this week to 18 months in prison for hacking and destroying the IT network of his former employee on the day he was let go.
ICO Fines Moneysupermarket £80K for Nuisance Emails (Infosecurity Magazine) ICO Fines Moneysupermarket £80K for Nuisance Emails. Price comparison site flaunted PECR rules
Director who outsourced Swedish government database to the cloud, where critical data was compromised, fined just £6,500 (Computing) Government database migrated to the cloud with IBM and NCR leaked witness protection details and military information to unauthorised people
27,482 Cases of Cybercrimes Reported in 2017, One Attack in India Every 10 Minutes (India.com) A total of 1.71 lakh cybercrimes were reported in India in the past three-and-a-half years.