Las Vegas: the latest from Black Hat, Defcon, and BSides
Photo gallery: Black Hat USA 2017 (Help Net Security) Black Hat USA 2017 is underway at Las Vegas, and here are a few photos from the Business Hall and the Arsenal.
Academia’s Role in Security Skills Gap Examined (Threatpost) At Black Hat, two RIT professors are expected to deliver a talk about the professional skills gap in security and how academic programs are falling short.
The Wild West of Security Post-Secondary Education (Dark Reading) Black Hat researchers will show how inconsistent security schooling is at the university level.
Facebook Security Boss: Empathy, Inclusion Must Come to Security (Threatpost) At Black Hat, Facebook CSO Alex Stamos’ keynote message was one of bringing empathy and inclusion to security, and that it’s time to stop being insular.
Facebook’s CSO: the security industry needs to change (TechCrunch) Every summer, suited and/or black-clad security geeks flock en masse to the sun-drenched surreality of Las Vegas for "Hacker Summer Camp": a full week of..
Defending Against Drone Incursions Isn't Easy, Black Hat Session Reveals (eWEEK) In the Game of Drones session at the Black Hat USA security conference, researchers from BishopFox provide insight into the current state of drone defences.
APT Group Uses Catfish Technique To Ensnare Victims (Threatpost) APT Cobalt Gypsy or OilRig, used a fake persona called “Mia Ash” to ensnare tech-savvy workers in the oil and gas industry into downloading PupyRAT malware.
Android Spyware Still Collects PII Despite Outcry (Threatpost) Spyware called Adups found on millions of low-end phones is still collecting personal identifiable information of users despite public outcry.
Hacker Says He Broke Through Samsung's Secure Smartphone Platform (Motherboard) When his rooting exploit worked on plenty of Android devices but failed on the Samsung Galaxy S7 Edge, researcher Di Shen decided to dig into KNOX.
Radiation detection devices open to cyber attack, researcher finds (ComputerWeekly) A security researcher has discovered numerous security flaws in multiple devices that are used to detect radiation in critical facilities.
Vulnerable Radiation Monitoring Devices Won’t Be Patched (Threatpost) Three radiation monitoring device vendors will not patch a handful of vulnerabilities that could be abused by hackers, including a backdoor that affords high privileges on one device.
Ransomware Profits Worth More than $25 Million (At Least) (Infosecurity Magazine) Research shows the rise of 'ransomware impostors'
Behind hackers’ love affair with unofficial conference badges (The Parallax) Unaffiliated, limited-edition conference badges are utilitarian status symbols and educational tools for hackers.
Black Hat 2017: Hackers using free apps to hack your phone (Fox5 Vegas) Thousands of cyber security experts came to the Black Hat convention at the Mandalay Bay Convention Center this week.
SentinelOne Expands Business Development Practice With Launch of S1 Nexus Technology Alliance and Integration Program (SentinelOne) New program will create extended ecosystem of partners able to leverage SentinelOne’s advanced endpoint protection technologies
CrowdStrike Debuts Cybersecurity Search Engine Technology at Black Hat (eSecurity Planet) Security vendor debuts a new capability that will accelerate time to resolution for incident investigations.
IntSights to Launch "All-in-One" Threat Intelligence Platform at Black Hat USA 2017 (PRNewswire) Combines tailored and generic threat intelligence with automated remediation to protect companies against dangers on the dark, deep and open webs
Cyber Attacks, Threats, and Vulnerabilities
WikiLeaks drops another cache of ‘Vault7’ stolen tools (Naked Security) Latest dump is a trove of malware from Raytheon used for surveillance and data collection
Germany warns of nation-state cyber espionage threat (CSO Online) Report from Germany's domestic intelligence and security service says Russia, China and Iran are targeting German companies and interests.
Wirtschaftsschutz in der digitalen Welt (Bundesamtes für Verfassungsschutz (Bitkom Research)) Datenklau, Spionage, Sabotage: Jeder Zweite ist betroffen: War Ihr Unternehmen in den letzten 2 Jahren von Datendiebstahl, Industriespionage oder Sabotage betroffen?
The Iranian Cyberthreat Is Real (Foreign Policy) As Trump increasingly boxes in Tehran, U.S. allies should be worried about the potential for a devastating cyberattack from the Islamic Republic.
Tick threat group linked to multiple malware families (SC Media US) The Tick hacking group known for its Daserf backdoor program has been linked to campaigns leveraging an eclectic assortment of malwares, including three ba
From Chrysaor to Lipizzan: Blocking a new targeted spyware family (Android Developers Blog) The latest Android and Google Play news and tips for app and game developers.
Google May Have Just Uncovered An Israeli Surveillance Start-Up Spying On Androids (Forbes) Google has found another malware targeting Android that it believes may be the product of the bustling Israeli surveillance scene. Whereas it previously found Android devices infected with malware it claimed came from NSO Group, it's now detailed a spy tool it says is linked to a start-up called Equus Technologies.
Google Discovers New Lipizzan Android Spyware (BleepingComputer) Google's Android Security team announced today the discovery of a new powerful Android spyware — named Lipizzan — which Google claims to be linked to Equus Technologies, an Israeli company.
Android malware Lipizzan could spy on users' every move - until Google shut it down (Computing) Android being targeted by malware crafted by cyber arms merchants, warns Google
Google Finds and Blocks Spyware Linked to Cyberarms Group (WIRED) A new, targeted malware called Lipizzan could completely take over an Android device until Android Security shut it down
CowerSnail Backdoor Targeting Windows Devices (HackRead) Kaspersky Lab has identified the presence of a backdoor designed primarily for attacking Windows systems. When the backdoor successfully infects the system
Cracking the Lens: Targeting HTTP's Hidden Attack-Surface (Portswigger) Modern websites are browsed through a lens of transparent systems built to enhance performance, extract analytics and supply numerous addi...
Sweden Accidentally Leaks Personal Details of Nearly All Citizens (The Hacker News) A Massive data breach in the Swedish Transport Agency Accidentally Leaks Personal Details of Nearly All Citizens
Statliga hemligheter kunde nås av främmande makt (Dagens Nyheter) Miljontals svenskars körkortsdata och statliga hemligheter har legat lätt åtkomliga för dataexperter i Tjeckien och Serbien som aldrig säkerhetskontrollera
Swedish Government Scrambles to Contain Damage From Data Breach (New York Times) Confidential information was exposed because a government contractor was not properly supervised, officials said.
Philadelphia RaaS: our map of how it works (and how to prevent it) (Naked Security) At $400, the Philadelphia ransomware kit isn’t cheap – but crooks buying it will get a lot of bang for their buck, as we’ve discovered from digging in to how it works
ECMC spent nearly $10 million recovering from massive cyberattack (The Buffalo News) ECMC officials estimate they've spent $10 million battling a recent cyberattack — but the hospital says it will still end 2017 in the black.
6 billion records hacked in 2017 so far; ransomware victims paid $25 million (HackRead) With every passing day, hackers and cyber criminals are becoming more sophisticated in their attacks. Resultantly, they are getting their hands on highly c
22% of SMBs hit by ransomware had to cease business operations (Help Net Security) More than one-third of SMBs have experienced a ransomware attack in the last year, and 22 percent of them had to cease business operations immediately.
Downtime from Ransomware More Lethal to Small Businesses Than the Ransom (Dark Reading) New survey of small-to midsized businesses (SMBs) shows half of SMBs infected with malware suffer 25 hours or more of business disruption.
How does ransomware work? Understanding the economics (CSO Online) Operating a piece of ransomware is really just a business. An illegal business, but a business none the less. And criminals employ standard business practices to maximize profits. Here's how they ply their tricks of the trade.
Companies Warned of Cyber Security Dangers Caused by Employees Working While on Holiday (PRNewswire) T-Systems, the corporate IT and cyber-security...
How HTML Attachments and Phishing Are Used In BEC Attacks (TrendLabs Security Intelligence Blog) Traditionally, BEC attacks have used keyloggers to steal saved account information from target machines. However, using an executable file for the attachment usually flags a user not to click them as there is a high chance that the file is malicious. As a result, we’ve seen a trend wherein the attached files are no longer executable files but HTML pages.
Cloud-Based Email Security Systems From Microsoft And Symantec Miss Thousands Of Unsafe Emails (Forbes) Email is the primary attack vector threatening corporate security. Companies of all sizes are bombarded every day with an email containing spam, malicious attachments, dangerous file types and impersonation attacks.
Gas Pump Skimmer Sends Card Data Via Tex (KrebsOnSecurity) Skimming devices that crooks install inside fuel station gas pumps frequently rely on an embedded Bluetooth component allowing thieves to collect stolen credit card data from the pumps wirelessly with any mobile device.
The Galt House Hotel Notifies Guests of Payment Card Cybersecurity Incident (Sys-Con Media) Today, the Galt House Hotel announced that it has addressed an incident involving unauthorized access to its payment card system. The Galt House Hotel greatly values its relationship with guests and understands the importance of protecting their payment card information.
Security Patches, Mitigations, and Software Updates
Flash Will Never Die (Motherboard) Hobbyists and internet historians will never forget—or stop using—everyone's least favorite browser plugin.
Corporate Cyber Risk Disclosures Jump Dramatically in 2017 (Bloomberg Big Law) By Shira Stein, Bloomberg BNA More public companies described “cybersecurity” as a risk in their financial disclosures in the first half of 2017 than in all of 2016, suggesting that board and C-suite fears over data breaches may be escalating. A Bloomberg BNA analysis found 436 companies cited “cybersecurity” as a risk factor in their...
Bots have dominated internet traffic in 2016, and most of them are bad (DATAQUEST) Bots are back at dominating internet traffic, according to web security and CDN provider Incapsula. Its 2016 bot traffic report, which surveyed 100,000 domains under its network revealed that 51.8...
Has big data reached a tipping point in the cloud? (CIO) Development of cloud-based in-house analytical systems has effectively become the tipping point for businesses to commit to a big data solution.
#RSAC: Cybersecurity Industry Keeps Making the Same Mistakes (Infosecurity Magazine) IBM Security’s global executive security advisor recommends looking at the past to shape the future of the cybersecurity industry
Why it's Time for a Cybersecurity Sharing Economy (Infosecurity Magazine) Reasons why more companies should consider joining the cybersecurity sharing economy.
What Are Security Buyers Looking For? (Security Week) The information security market has been a topic of acute interest for quite some time now.
Surprising Moves in Cybersecurity 500 List for Q2 (IT Business Edge) Cybersecurity Ventures has released its Cybersecurity 500 List for Q2 2017. root9B and Herjavec Group remained number one and two, respectively, from the Q1 cybersecurity listing,
OpenText to Acquire Guidance Software (Sys-Con Media) OpenText™ (NASDAQ: OTEX) (TSX: OTEX), a global leader in Enterprise Information Management (EIM), announced today that it has entered into a definitive agreement to acquire Guidance Software (NASDAQ: GUID), the makers of EnCase®, the gold standard in forensic security, that includes digital discovery solutions and endpoint information security.
Concerns raised over secretive spyware company's rumoured sale (CBC News) NSO Group sells spy software that has been used to target activists and journalists — but will the company's potential buyer care?
Why HPE Might Want to Move on Gigamon (Market Realist) Gigamon (GIMO) could sooner or later sell itself to the highest bidder. According to a Reuters report, Gigamon hired Goldman Sachs (GS) to help it explore a sale.
Why Cisco-IBM Partnership Could Get Even Stronger (Market Realist) Using security to revive network gear business
Will Kaspersky's free antivirus software set a precedent? (PCR) With Kaspersky finally launching its much-hyped free antivirus software, it begs the question whether or not other security firms will feel the pressure and follow suit.
Akamai aims to secure digital assets, in talks with government (ETTelecom.com) Malik also said that the company is in discussions with the Digital India stakeholders to add value to the ambitious state-driven initiative in terms ..
Engility unseats Booz Allen for potential $39M Navy, Coast Guard ship IT contract (Washington Technology) Engility scores a potential five-year, $39 million takeaway contract win for IT services to Navy and Coast Guard ship fleets.
GSA buys more time to plan for civilian cyber campus (Washington Business Journal) The FBI won't be getting a new headquarters anytime soon, following the recent scrapping of the years-long search, but the federal government's real estate arm appears to be eyeing another big project for somewhere in the D.C. region.
After breaking free from Intel, McAfee lays off some Portland-based employees (GeekWire) Security software developer McAfee has laid off an undisclosed number of employees in marketing-related roles based in its Portland office, GeekWire has learned. Although it’s not clear how many…
Cybersecurity Veteran Art Coviello Joins Capsule8 Board of Directors (Sys-Con Media) Retired RSA Chief Joins Company's Leadership Team Following Beta Product Release at Black Hat USA 2017
Meg Whitman steps down from HP Inc board as Uber rumours mount (Computing) Meg Whitman to remain as CEO of HPE
Products, Services, and Solutions
MDISS Launches ‘WHISTL’, an Independent, Non-Profit Network of Security Testing Labs for Medical Devices (PRWeb) WHISTL will focus on vetting complex multi-vendor, multi-device critical care environments like Hospital Intensive Care Units, Operating Theatres and Emergency Rooms
ComplyAssistant and Sensato form strategic alliance to offer comprehensive cybersecurity solutions for health care (DotMed) ComplyAssistant and Sensato, both located in New Jersey, form a strategic alliance to provide information security solutions to the healthcare industry. The combined solutions offer healthcare organizations of all sizes a comprehensive approach for managing risk to their protected health and business confidential information.
Thales strengthens its multi-cloud data security portfolio (Thales) New encryption, tokenization and key management capabilities simplify control and ensure compliance over data security in multi-cloud environments
Using AI to spot malware patterns (CSO Online) Traditional antivirus can't keep pace with today's threats. Here's how one start-up is using machine learning to fight a better fight.
Utimaco Hardware Security Modules Achieve Payment Card Industry Compliance (Marktewired) Cryptoserver CSe 10 & CSe 100 PCI HSM compliance ensures secure transactions for payments industry
Lacework Bolsters Cloud Security Platform, Adds Docker Support (SDxCentral) Recently launched cloud security platform provider Lacework added deeper support for its Polygraph product and coverage for Docker.
WhatsApp vs. Signal – Which app is more secure? (Neurogadget) In the age of smartphones, everyone wants to use a messaging app that guarantees superior security and privacy at the same time. In this regard, you have a few options...
JASK Unveils AI-Enabled Platform for Cyber-Security Threat Identification (Database Trends and Applications) JASK, which supports security analysts with artificial intelligence (AI), has announced the general availability of Trident, a new platform to help increase operational efficiency in security operations.
Capsule8 Goes Cloud-Native and Container-Aware for Threat Prevention and Response (eSecurity Planet) Built for production clouds, Capsule8 Protect provides continual threat detection and blocks attacks on containerized environments.
Cost Saving for Securing Cloud Hybrid Cloud Infrastructures with Security as a Service Solution (BW CIOWORLD) Total economic impact study shows nearly $1 million in cost benefit, 348 percent RoI with Alert Logic Cloud Defender
BYU adds extra security for employees, students (Daily Universe) BYU will now require the use of two-factor authentication for employees accessing secure information, creating an added layer of online security.
Technologies, Techniques, and Standards
Copyright Royalty Board Launches E-Filing, Case Management System (Corporate Counsel) Designed by solution provider NIC, the new system will seek to automate the cumbersome and manual process of filing claims and tracking case progress.
Non-technology solutions to achieving 20/20 cybersecurity vision (StateScoop) On the latest edition of StateScoop’s Priorities podcast, three state government tech experts note how new technology is not the only answer to improved visibility over the organization.
ICS Networks Not Immune To Insider Threats (Security Week) Organizations need specialized monitoring and control technologies for ICS networks
A Business-Driven Approach to Prioritizing Security Alerts (Security Week) Security analysts are faced with an overwhelming number of alerts to investigate across a widening array of endpoints, computing platforms and devices. To handle this mounting workload efficiently and effectively, they must prioritize. But how?
Three things every shipper should know about cyber security (Loadstar) The Maersk cyber attack sounded bad enough. But this blog post on cyber security by DB Schenker is even more frightening. It points out that increased use of computers on things such as trucks makes them a possible victim. “Technologies also open the door to potential cyber hackers eager to gain control of these ‘computers on wheels’.”
Design and Innovation
Bitcoin facing August split as miners, developers and users come down in favour of 'hard fork' (Computing) Need to make bitcoin more scalable looks like provoking a fork between bitcoin and 'bitcoin cash'
After a series of hacks, cryptocurrency issuers may turn to old-school bank vaults for security (Quartz) "Cold storage" keeps private keys offline, away from the reach of online hackers.
Polymaths Shaking the World With Asymmetric Cryptography (Sputnik News) On today’s episode of Double Down, hosts Max Keiser and Stacy Herbert are joined by early bitcoin investor, Trace Mayer, to discuss the latest in cryptocurrencies.
Research and Development
China Set To Launch An 'Unhackable' Internet Communication (Information Security Buzz) As malicious hackers mount ever more sophisticated attacks, China is about to launch a new, “unhackable” communications network – at least in the sense that any attack on it would be quickly detected. Leigh-Anne Galloway, Cyber Security Resilience Lead at Positive Technologies commented below. Leigh-Anne Galloway, Cyber Security Resilience Lead at Positive Technologies: “In the field of quantum cryptography, …
China's New Quantum Communication Network Will Be "Unhackable" (Futurism) Photons could be the key to securing the internet.
Qubitekk Licenses ORNL Single-Photon Source Approach for Quantum Encryption (Newswise) An existing Qubitekk prototype will leverage ORNL’s single-photon source approach, bringing the device closer to generating pairs of quantum light particles in a controlled, deterministic manner that is useful for quantum encryption.
DCMS to launch cyber security training programme (London School of Business and Finance) As part of the government’s National Cyber Security Programme, the Cyber Schools Programme will be supported by Cyber Security Challenge UK, BT and the SANS Institute. It will help young people develop skills they need to protect industries such as banking and public services from criminals.
Legislation, Policy, and Regulation
The Right to Be Forgotten & the New Era of Personal Data Rights (Dark Reading) Because of the European Union's GDPR and other pending legislation, companies must become more transparent in how they protect their customers' data.
Australia Calls to Fight Back Against Attempts to Control Internet (Infosecurity Magazine) Governments “should resist the compulsion to control and restrict the flow of data
Consumers Don’t Trust Governments to Protect Data or Fight Cybercrime (Infosecurity Magazine) Consumers Don’t Trust Governments to Protect Data or Fight Cybercrime. Venafi study says majority disagree with encryption backdoors
Germany Strengthens Its Cyber Defense (Foreign Affairs) Recent cyberattacks against Germany match the pattern of earlier attacks elsewhere in the West. In response, Germany has taken a number of steps in response, including opening a cyber command in Bonn.
Australia 'tells Solomons to drop cable project' after Huawei gets deal (IT Wire) Australia is reportedly putting pressure on the Solomon Islands to withdraw from the Project Honiara undersea cable project after the contract was awarded to Chinese telecommunications giant Huawei.
Australia refuses to connect to undersea cable built by Chinese company over spying fears (The Sydney Morning Herald) Australia's top spy has warned a 4000 kilometre-long cable could be torpedoed over Chinese firm Huawei's involvement.
Using a blockchain doesn’t exempt you from securities regulations (Ars Technica) A $150 million Ethereum crowdfunding project broke the law, SEC says.
US regulators just dealt a blow to the most hyped area in tech investing right now (Business Insider) Startups are raising hundreds of millions of dollars in 'Initial Coin Offerings' — but this free-for-all might soon be at an end.
Lawmakers approve ‘cyber vulnerability’ bill (TheHill) Bill would require report from DHS on how it discloses cyber vulnerabilities to the private sector.
2 Cyber Bills Pass House Homeland Security Committee (Meritalk) The House Homeland Security Committee on July 26 unanimously passed two bills to improve the government’s cybersecurity posture: the Cybersecurity and Infrastructure Security Agency Act of 2017 and the Cyber Vulnerability Disclosure Reporting Act.
Section 702 Surveillance Authority: No Extension Unless the Fourth Amendment Honored (The Washington Times) Section 702 of the Foreign Intelligence Surveillance Act Amendments of 2008 (FAA) authorizes the government to seize and search the international communications of American citizens without probable cause or warrants in violation of the Fourth Amendment. Section 702 should not be extended beyond its current expiration date of December 31, 2017 unless Congress cures its constitutional infirmity.
Opinion | The CIA is entering a danger zone. Here’s the map. (Washington Post) Can Pompeo keep the agency out of the ditch?
Here's how cyber service component CYBERCOM mission sets differ (Federal Times) This is part two of a series exploring the differences between military cyber forces, capabilities, mission sets and needs.
Litigation, Investigation, and Law Enforcement
Chinese Police Arrest 11 Over Fireball Adware (BankInfo Security) Police in Beijing have arrested 11 employees of a Chinese digital marketing agency on charges that they developed and distributed Fireball, malicious adware with
Our National Security Whistleblower Crisis (Cato Institute) Is the Trump-run Pentagon a hostile workplace for Defense Department whistleblowers? Or is there simply an anti-whistleblower organizational tradition at the Pentagon that stretches back decades? The evidence suggests it's both.
Lawsuit seeks Ajit Pai’s net neutrality talks with Internet providers (Ars Technica) FCC accused of not complying with FoIA request for Pai's talks with ISPs.
Trump ex-campaign chair talks with Senate investigators (KLTV) President Donald Trump's former campaign chairman met with Senate investigators Tuesday, providing his recollection of a Trump Tower meeting with a Russian lawyer and agreeing to turn over...
Law drawing focus in Russia probe rarely ends in prosecution (KLTV) Criminal prosecutions are rare for people who fail to register as foreign agents, according to a top Justice Department official who testified Wednesday about an obscure law receiving new...
The Known Unknowns Swirling Around the Trump-Russia Scandal (WIRED) What we know so far about the Trump-Russia scandal only suggests more questions—questions Special Counsel Robert Mueller is digging into.
Wasserman Schultz aide arrested trying to leave the country (POLITICO) A senior House Democratic aide confirmed Awan was still employed by Wasserman Schultz as of Tuesday morning.
Stanart questions Russian hacking claims, says elections secure (Houston Chronicle) Despite reports from federal intelligence agencies and media outlets of Russia's widespread targeting of state and local elections around the country and in Texas, election administrators in the nation's third-largest county say Vladimir Putin's government does not pose a unique or heightened cybersecurity threat.
Feds say they caught a key figure in the massive Mt. Gox Bitcoin hack (Ars Technica) Feds say a Russian man laundered criminal proceeds through the BTC-e exchange.
State AGs Launch Anti-Malware Ad Campaign (Mediapost) A bipartisan group of 15 state attorneys general have debuted a campaign to warn consumers about hacking.
Glassdoor pushes back against moves to identify anonymous reviewers (Naked Security) Would you contribute to sites like Glassdoor if law enforcement could demand that the company turned over your ID details?
Verizon accused of violating net neutrality rules by throttling video (Ars Technica) FCC has no comment on petition to investigate Verizon slowing video to 10Mbps.