Las Vegas: the latest from Black Hat, Defcon, and BSides
Las Vegas UPS Store makes risk adjustments due to DEF CON (CSO Online) The UPS Store in Caesars Palace is preparing to host thousands of hackers this weekend by issuing a warning to hotel guests who are looking for printing services – no USB printing and no links.
7 Hardware & Firmware Hacks Highlighted at Black Hat 2017 (Dark Reading) Researchers will hammer home potentially devastating attacks, and demo a range of vulnerabilities, techniques and tools.
Zscaler Reveals Insights From the World's Largest Security Cloud at Black Hat USA 2017 (Marketwired) Zscaler, Inc., the leading cloud security company, today announced that it will host a series of presentations on ThreatLabZ research and secure network transformation at Black Hat 2017 in booth #1160. Presentations will include such subjects as IoT and mobile risks in the enterprise, evolving ransomware tactics, and the latest trends in exploit kits.
Why We Need Guardians of the BIOS (Cylance) The move to UEFI and the spread of the Secure Boot scheme changed the bootkit landscape, drawing more attention to BIOS firmware from security researchers. In my upcoming Black Hat talk, I focus on BIOS protection technologies, and why it’s important to protect the platform boot process properly.
Best of Black Hat: 20 Epic Talks in 20 Years (Dark Reading) In celebration of Black Hat's 20th birthday, we take a look back at the most memorable presentations and demos since the show's inception in 1997.
Anybody Can Fire This 'Locked' Smart Gun With $15 Worth of Magnets (WIRED) One smart gun model's protections turn out to be easily overcome–by cheap magnets.
Cyber Attacks, Threats, and Vulnerabilities
CopyKittens: A New Report Details Possible Iranian Threat Group (Infosecurity Magazine) CopyKittens: A New Report Details Possible Iranian Threat Group. Cyber espionage group uses in-house and commercial tools to target wide range of victims
Operation Wilted Tulip: Exposing a cyber espionage apparatus (ClearSky Cyber Security and Trend Micro) CopyKittens is a cyberespionage group that has been operating since at least 2013. In November 2015, ClearSky and Minerva Labs published the first public report exposing its activity. In March 2017, ClearSky published a second report2 exposing further incidents, some of which impacted the German Bundestag.
Configuration errors blamed for sensitive data exposed via Google Groups (CSO Online) Researchers at RedLock, working within the Cloud Security Intelligence team, say they've discovered hundreds of organizations exposing sensitive data via Google Groups, pinning the cause on basic configuration issues.
Weather.com, Fusion Expose Data Via Google Groups Config Error (Dark Reading) Companies that leaked data accidentally chose the sharing setting public on the Internet, which enabled anyone on the Web to access all information contained in the messages
Veritaseum Hack: Another Ethereum ICO Hacked; Loses $8.4 Million (HackRead) Another day another Ethereum related breach - This time its Veritaseum platform, whose Initial Coin Offering (ICO) suffered a data breach in which around U
How Coders Hacked Back to ‘Rescue’ $208 Million in Ethereum (Motherboard) "We were in the zone. We'd done this before."
Devil’s Ivy and the Future of IoT Security (Digital Guardian) Security researchers have discovered a serious, remotely exploitable vulnerability in a code library that’s present in potentially tens of millions of devices, mainly Internet-connected security cameras.
“Perverse” malware infecting hundreds of Macs remained undetected for years (Ars Technica) Surveillance malware dubbed Fruitfly was easy to spot but flew under the radar anyway.
MacOS malware used to spy on home users in the US (Help Net Security) A new variant of the macOS malware Fruitfly has been found on some 400 machines of (mostly) home users located in the US.
macOS Fruitfly Backdoor Analysis Renders New Spying Capabilities (Threatpost) This week at Black Hat, Mac malware expert Patrick Wardle will describe how he used a custom-built command and control server to analyze new spying capabilities in a variant of the FruitFly backdoo…
New Form of Cyber-Attack Targets Energy Sector (Infosecurity Magazine) The approach has the potential to cause power cuts, disrupt vital facilities and even cost lives.
WannaCry, Petya ransomware attacks were 'non-events' for DoD systems (FederalNewsRadio.com) Pentagon cybersecurity officials say two global ransomware attacks highlighted improvements the Defense Department has made to its own networks.
Reckitt Benckiser still dealing with fallout from cyber attack (Financial Times) Consumer goods giant Reckitt Benckiser reported a rise in profits in its second quarter, but confirmed it was lowering its full-year revenue guidance as it adjusted to a “challenging” trading environment exacerbated by a cyber attack last month.
Cyber attack costs weigh on Reckitt revenue forecast (NASDAQ.com) CEO calls full-year target "challenging." Not yet at normal operations everywhere after attack. Shares down 2 percent
Global Cyber Attack: The New Natural Disaster (Enterprise Mobility Exchange) The financial impact of a cyber attack could be worse than some of the most devastating storms in history, according to Lloyd's of London.
Voter Registration Data from 9 States Available for Sale on Dark Web (Dark Reading) Nearly 10 million voter records sold for just $4 over last few days, according to LookingGlass Cyber Solutions.
Leaked Exploits Spark Major Cybercrime Incidents According to 2017 Mid-Year Report By Surfwatch Labs (PRWeb) Ransomware, large-scale data dumps and cybercrime-as-a-service dominated first half of 2017
Comodo publishes strategic analysis of 97M malware incidents in Q2 (Comodo News and Internet Security Information) Comodo detected and analyzed nearly 100 million incidents in Q2 2017, almost quadruple the number from its Q1 report. Download the Q2 threat report.
Comodo Threat Research Labs Q2 2017 REPORT (Comodo Threat Research Labs) Comodo detected 97 million (M) malware incidents in every corner of the globe.
Malware takes stealth approach to global content delivery networks (Security Brief) 'Domain fronting' is rampant across tens of thousands of high-reputation domains, including one that controls 15-30% of the world's web traffic.
Malware Growth for Apple iOS Outnumbers Android’s (Spamfighter) Android devices across the world far outsell Apple devices; despite so hackers seek to attack iOS devices. Indeed, with Cisco Systems and IBM partnering with Apple for providing business associated services intended for corporate users, it's expected that iOS devices will more-and-more become targets of malicious software.
Atlantis warns guests after cyber attack (Tribune 242) A recent data security incident “may have compromised” the security of payment information of some customers who used debit or credit cards at food and beverage and retail locations at the Atlantis resort on Paradise Island between November 1, 2016 and April 3, 2017, the hotel said.
Bots Make Lousy Dates, But Not Cheap Ones (Dark Reading) The danger of dating sites: If a beautiful woman asks men to click on malware, they'll probably click.
Security Patches, Mitigations, and Software Updates
Verizon Rolling Out July 2017 Security Patch For The LG V20 (AndroidHeadlines.com) The LG V20 on Verizon's network is now receiving a software update, and it happens to come with the Android Security Patch for the month of July.
Custom Source Code Accounts for 93% of App Vulnerabilities (Dark Reading) A new study finds that third-party libraries account for 79% of the code found in apps, but only 7% of the vulnerabilities found in the software.
Changing motivations have made profit-minded hackers a clear and present danger (CSO) Hacking for fun and profit? Not so much; these days it’s mostly just about profit.
As GDPR approaches, retail data breaches remain unacceptably high (Help Net Security) As GDPR approaches, 43 percent of retailers had experienced a data breach in the last year, with a third claiming more than one.
Compliance and Employee Behavior Bother Data Security (Infosecurity Magazine) Compliance and regulation and the unpredictable behavior of employees have the biggest impact on data security
Majority of Security Pros Let Productivity Trump Security (Dark Reading) A survey found that 64% of IT security professionals will tweak security to give workers more flexibility to be productive when asked to make that move by top executives.
Why security automation should be welcomed, not feared (Computer Business Review) As part of CBR's Tech Express series, Huntsman Security CEO Peter Woollacott sits down with CBR's Ellie Burns to discuss security automation.
Is cyber insurance worth the paper it's written on? (Help Net Security) Is cyber insurance worth it? Is there any point spending good money on cyber insurance when you could put that money into robust protection instead?
From hacked casino fish tanks to malicious links, cybersecurity threats are everywhere — and startups are raking in the dough (Business Insider) Cybersecurity is a $81.7 billion market, which means plenty of venture capital for boutique startups.
Top 10 cybersecurity acquisitions so far this year (CRN) CRN ranks 2017's biggest acquisitions in cybersecurity
Israel's Checkmarx buys security education firm Codebashing (Reuters) Israel's Checkmarx, which provides application security testing technology, said on Monday it acquired UK-based Codebashing, an application security education company.
Opposition critic calls for security review of offer to acquire Sandvine Corp. (TheRecord.com) The federal government must do a complete and formal security review of the proposed sale of Waterloo-based Sandvine Corp., says the Conservative party’s public safety critic.
Snopes seeks crowdfunding in ownership battle (TechCrunch) How many times have you heard some urban legend, chain letter or misleading bit of news repeated and immediately found a thorough, fact-based debunking on..
Darktrace gains momentum in South Africa (Cambridge Network) News from Cambridge businesses. Network members upload news here about their products, services and achievements.
Products, Services, and Solutions
Webroot Launches Worldwide Certification (Webroot) Program Includes Best Practices and Tools to Help Partners Sell to and Support
TruSTAR Partners with Retail Cyber Intelligence Sharing Center (R-CISC) to Power Intelligence Exchange (TruSTAR) TruSTAR is partnering with R–CISC to enhance their threat intelligence exchange infrastructure for members.
Core Security Continues its Position as Industry Leader in Penetration Testing (PRNewswire) Core Security, a leader in Vulnerability, Access Risk Management and Network...
NetScout, Arbor Team on Security Data (Light Reading) NetScout's ISNG platform will be integrated into Arbor Networks' advanced threat detection platform.
Fortinet Launches Global Threat Intelligence Service (NASDAQ) FortiGuard Threat Intelligence Service arms CISOs with actionable and prioritized threat intelligence enabling a quick and proactive response to targeted attacks
Mastercard and Cisco Join Enterprise Ethereum Alliance (Bitcoin Magazine) The Enterprise Ethereum Alliance (EEA) was recently joined by 34 new members, including Mastercard, Cisco, Scotiabank and the Government of Andhra Pradesh, ...
Fighting Ransomware and Malware Attacks with Improved Security and IT Ops--Endpoint Visibility and Management Identified as Key Factors (Benzinga) New Ziften Zenith features empower security and IT operations teams in the fight against ransomware attacks
Defending the domain (ITP) Infoblox expertise is in protecting DNS, a foundational Internet technology that regional organisations are starting to pay greater attention to
Technologies, Techniques, and Standards
Making Sense of Artificial Intelligence and Machine Learning (Recorded Future) Will artificial intelligence (AI) and machine learning (ML) be our virtual saviors or can we expect killer bots? In this episode we try to sort it all out.
5 reasons to take a fresh look your security policy (CSO Online) Evolving ransomware and DDoS attacks, new technology such as IoT, and changing user behavior are all good reasons to revise your security policy.
The Threat Taxonomy: A Working Framework to Describe Cyber Attacks (Agari) facebook Twitter Google+ LinkedIn Imagine going to the doctor and only being able to say “pain” or “sick”. You can’t say where you feel the pain, or what type of pain, or what is making you sick. But without this information, it’s impossible for the doctor to know how to treat you. From a cybersecurity …
Learning from the Financial Sector's Cybersecurity Regulations (Infosecurity Magazine) That financial institutions have become critical to the functioning of society is clear with just a glance at the headlines.
The endless hunt: Looking for patterns in malware data (Cyberscoop) New data from Comodo shows that malware incidents map to geo-political crises, as well as revealing the character of a nation's networks.
Design and Innovation
A Clever New Tool Shuts Down Ransomware Before It's Too Late (WIRED) By sniffing out ransomware in real-time, ShieldFS might be the cure to the internet's latest security scourge.
Elon Musk says Mark Zuckerberg’s understanding of the future of AI is ‘limited’ (TechCrunch) It's fascinating to imagine the conversations that happened behind closed doors between the world's richest and most powerful, so when they occur in the open..
A US Firm Will Install Microchips in Employees (HackRead) A Wisconsin based firm that designs break room markets’ software has announced its plan to implant microchips in its employees. The company’s press release
32M Microchips Employees Company-Wide (Thirty-Two Market) Three Square Market will become the first U.S. company to provide implanted microchip technology to their employees.
Research and Development
Netherlands-U.S. Cybersecurity R&D Partnership is Thriving (Newswise) S&T has established active partnerships with cybersecurity organizations in 13 countries—including the United Kingdom, Australia, Canada, Singapore and Israel—and an international body—the European Union.
IBM Patents System to Secure Cryptographic Keys and Codes for Data Protection (PRNewswire) IBM (NYSE: IBM) today announced that its engineers have been granted a...
UK govt urges teenagers to apply for cyber security training programme (Help Net Security) UK cyber security training (Cyber Schools Programme) is offered to teenagers to help the nation address the risk of a future skills shortage.
Legislation, Policy, and Regulation
Putin's representative: Russia is a combat cyber elephant (PravdaReport) Special representative of the Russian president on international cooperation in the field of information security, Andrei Krutskikh, believes that Russia has won respect on the international arena
Most Russians believe Western countries fear and respect Russia (PravdaReport) Many Russians believe that Russia should stay strong and insist on its interests, despite sanctions from the West
Global cyber-security tie-ups critical, says former CIA official (The Straits Times) Mr Gus Hunt deals in a dystopian-sounding space of aggressive cyber attacks, simmering geopolitical tensions and damaging hacking scandals. But the former chief technology officer of the United States Central Intelligence Agency (CIA) is surprisingly affable - and optimistic about the future of the cyber-security industry.. Read more at straitstimes.com.
Cyber expert: Israel, West must be ready to counter-hack adversaries (The Jerusalem Post) Former United States defense official Matthew Devost advises the 'The Jerusalem Post' about the current affairs of cyber warfare.
Don't Mind the Gulf (Foreign Affairs) For all the high drama, the worsening rift in the Gulf between Qatar and the gang of four—Bahrain, Egypt, Saudi Arabia, and the United Arab Emirates—is more intrigue than a real threat to either regional stability or to American interests. That is why Washington should steer clear of the crisis.
Should NSA and CYBERCOM Split? The Legal and Policy Hurdles as They Developed Over the Past Year (Lawfare) In light of Michael Sulmeyer’s excellent recent piece on splitting NSA and CYBERCOM, which ran at War on the Rocks last week, I want to pull together some of the key legal and policy developments of the past year in a single narrative. My aim is to put them in context with each other in a way that will provide useful background for those new to this issue, while also putting a spotlight on the deconfliction-of-equities issue that the split proposal raises.
ITIF Calls on United States to Lead in Developing a New Approach to International Law Enforcement Cooperation for Cross-Border Requests for Data (Information Technology and Innovation Foundation) Outdated laws, court decisions, and treaties make it unnecessarily difficult for law enforcement to access data as part of lawful investigations that traverse borders, according to a report released today by the Information Technology and Innovation Foundation (ITIF), the leading U.S. think tank for science and technology policy.
UK Gov Launches £20m Security Skills Program Website (Infosecurity Magazine) UK Gov Launches £20m Security Skills Program Website. Teachers, students and industry players urged to register interest
Addressing the deficit in cyber security workforce and national policy (Help Net Security) Whether they like it or not, nearly all organizations have to think about their cybersecurity posture and find a way to minimize cybersecurity risk.
Litigation, Investigation, and Law Enforcement
NZ judge: Our spies surveilled Kim Dotcom for 2 months longer than admitted (Ars Technica) "The US extradition case is dying. And someone is going to pay for this mess."
Trump voting commission wins right to collect state voter data (Ars Technica) “The Commission is putting at risk the privacy of millions of registered voters.”
Sweden Tries to Stem Fallout of Security Breach in IBM Contract (Bloomberg) Swedish Prime Minister Stefan Lofven says his government is trying to safeguard sensitive information and minimize damage done by an IT outsourcing deal that could have exposed classified details to foreign powers.
Cyber arm of UK spy agency left without PGP for four months (Register) Meanwhile Huawei gets green light, despite failure to verify source code
Xinjiang Users Arrested over State Spyware Usage (Infosecurity Magazine) Latest crackdown on Uyghurs in the name of anti-terrorism.
Russia's Election Meddling Is Part of a Bigger Story (The Atlantic) To influence U.S. politics, foreign governments don’t have to hack one party and collude with the other.
Jared Kushner denies secret deals with Russia at senate hearing (Times (London)) Jared Kushner denied colluding with Russia during the US election, depicting himself yesterday as an overstretched and media-shy political neophyte who after Donald Trump’s shock win suddenly found...
Even If Kushner Can't Recall His Russia Talks, the FBI Would (WIRED) Anything the Russian ambassador says on the phone almost certainly gets caught on a FISA wiretap.
EXCLUSIVE: FBI Seized Smashed Hard Drives From Wasserman Schultz IT Aide’s Home (The Daily Caller) FBI agents seized smashed computer hard drives from the home of Florida Democratic Rep. Debbie Wasserman Schultz's information technology (IT) administrator, according to two sources with knowledge of
Former prosecutors join accused NSA leaker’s legal defense team (Atlanta Journal-Constitution) Former prosecutors join accused NSA leaker’s legal defense team
Regulators Question Wells Fargo Regarding Data Breach (Dark Reading) Scrutiny a result of a lawyer's unauthorized release of sensitive information on tens of thousands of wealthy Well Fargo customers.
Wells Fargo Asks Judges to Force Return of Leaked Client Data (Infosecurity Magazine) Wells Fargo Asks Judges to Force Return of Leaked Client Data. Bank’s lawyer accidentally sent data on tens of thousands of clients to opposition lawyer
Facebook, Twitter, Google warned over EU consumer rights (TechCrunch) U.S. social media giants have been warned by Europe's consumer rights commissioner that she's running out of patience with their failure to comply with the..
The Google Machine Barrels Along Despite Record EU Fine (WIRED) Note To Regulators: It'll Take More than Fines to Slow Down the Search Giant
Spiderman pleads guilty to knocking 900,000 German broadband routers offline (WeLiveSecurity) It seems that Spiderman is in a spot of trouble, tangled in a web of his own making.
Hungarian hacker arrested for pressing F12 (TechCrunch) The Budapest Transport Authority (BKK, in Hungarian) recently launched an online payment system with the help of a T-Systems, Deutsche Telekom's consulting..