Cyber Attacks, Threats, and Vulnerabilities
Venezuela: Hackers backing rebel group launch cyber attack (One India) Hackers lending support to an armed rebel group launched a cyber attack on over a dozen website, mostly belonging to the state, in Venezuela.
Anti-Israeli wiper malware locks data that can't be restored (HackRead) Researchers of an Israeli cyber security firm Intezer have discovered a dangerous wiper malware targeting users and spreading anti-Israeli content over the
Malware targets North Korea following nuclear ICBM tests (Cyberscoop) Researchers have stitched together two malware campaigns targeting North Korea, raising suspicion over counteractions tied to the country's aggressive weapons testing.
OnionDog is not a Targeted Attack—It’s a Cyber Drill (TrendLabs Security Intelligence Blog) In this blog post, we will look into smaller scale attacks in which an actor group allegedly attacked high profile targets working in the energy and transportation sector of South Korea for more than three years in a row. These attacks, which are known as OnionDog, received some publicity in the media. A perfunctory look into these actors' activities might easily lead to hasty conclusions on attribution. We had a more thorough look, in which we reached an interesting conclusion: OnionDog is not a targeted attack. OnionDog is a cyber drill.
Flaws in ISP gateways let attackers remotely tap internet traffic (HackRead) Defcon is the most important event for the DIY hacking community and this year too, the conference was held in the same spirit. We got to learn about a var
HBO Hackers Dump Script for Game of Thrones Episode 5 (BleepingComputer) The group who announced they hacked HBO last week have leaked new files from the company's servers, via private emails to the press and a website for everyone else.
HBO 'Game of Thrones' cyber hack: Same scam, different players (Fox Business) Time Warner’s $85B merger may be tainted by the HBO breach.
Pentest firm calls Carbon Black "world’s largest pay-for-play data exfiltration botnet" (CSO Online) On Wednesday, DirectDefense, Inc. disclosed that they've discovered hundreds of thousands of files from Carbon Black customers. The discovery is said to pose a significant risk to Carbon Black's clients, because of the company's dependence on third-party multiscanners in the Cb Response product.
FireEye Says Network Secure After Analyst Accounts Compromised (Security Week) On July 31, 2017, a hacker claimed to have been deep inside Mandiant's infrastructure. FireEye, which bought Mandiant for $1 billion in January 2014, responded: "Our investigation continues, but thus far we have found no evidence FireEye or Mandiant systems were compromised."
FireEye's Post Mortem: Analyst Didn't Change Passwords (BankInfo Security) It’s a red-faced moment for FireEye. The company says an investigation reveals that an attack against an analyst’s personal online accounts was enabled by the
Attacks on manufacturing industry continue to rise (Help Net Security) The manufacturing industry was the most heavily targeted industry across NTT Security clients during Q2 ’17, accounting for 34 percent of attack activity.
Bitcoins lost from wallets disappear into the unknown (Software Testing News) More than US$140,000 worth of bitcoins have been removed from online wallets, previously paid by WannaCry victims.
Three-quarters of firms upped cybersecurity after WannaCry (Irish Tech News) DataSolutions today announced the results of a survey, which found that 73% of companies have made changes to their IT security as a direct result of the WannaCry ransomware incident.
Updates to Sofacy, Turla Highlight 2017 Q2 APT Activity (Threatpost) Attackers behind APT campaigns have kept busy in Q2 2017, adding new ways to bypass detection, crafting new payloads to drop, and identifying new zero days and backdoors to help them infect users and maintain persistence on machines.
More pseudo-ransomware attacks are probably on the way (TechCrunch) The last few months saw some major malware moments, most notably the WannaCry and NotPetya (a.k.a. ExPetr/Nyetya/Petya) attacks. Kaspersky Labs' quarterly..
Engineering Firm Leaks Data on Dell, SBC and Oracle (Threatpost) Power Quality Engineering publicly exposed sensitive electrical infrastructure data on the public internet tied to Dell Technologies, SBC, Freescale, Oracle, Texas Instruments and the City of Austin.
Aussie Blood Data Breach Stemmed from Third Party Error (Infosecurity Magazine) Aussie Blood Data Breach Stemmed from Third Party Error. Australian Information Commissioner passes judgement
Malicious code in the Node.js npm registry shakes open source trust model (CSO Online) Bad actors using typo-squatting place 39 malicious packages in npm that went undetected for two weeks. How should the open source community respond?
iPhone users suffer twice as many mobile phishing attacks as Android users (Wandera) 25% of all web-based mobile phishing attacks come from games
Android vs iOS: Which is more secure? (Computerworld) While all mobile devices have inherent security risks, Android has more vulnerabilities because of its inherent open-source nature, the slow pace with which users update the OS and a lack of proper app vetting.
How are people fooled by this? Email to sign a contract provides malware instead. (SANS Internet Storm Center) Many security professionals often review malicious spam (malspam) as part of their daily work. If you fall in this category, every once in a while you run across an email so obviously malicious, you wonder how people could be fooled by it. I saw one such email on Tuesday 2017-08-08.
Chances are "You've Got Mail" Problems (SC Media US) You've Got Mail was on the big screen nearly 20 years ago. Thinking back to the excitement of the “ding!” and “you've got mail” each time a message appeare
Defense agencies top list of U.S. government with stolen data on darknet, Denver company finds (The Denver Post) U.S. defense agencies ranked higher than non-defense agencies for the amount of stolen data available in the online underworld where cyber criminals often hawk stolen credit cards, according to a n…
Overwatch DOWN as Blizzard servers facing technical problems (HackRead) The official Twitter account of Blizzard Customer Support has revealed that their servers are facing issues affecting Overwatch. Therefore, Summer Games 20
ESET changes torrents post after charges of spreading FUD (iTWire) Anti-virus firm ESET has made changes to one of its posts about torrent files and clients, after an op-ed published on iTWire gained an airing on...
Security Patches, Mitigations, and Software Updates
Critical Security Fixes from Adobe, Microsoft (KrebsOnSecurity) Adobe has released updates to fix dozens of vulnerabilities in its Acrobat, Reader and Flash Player software. Separately, Microsoft today issued patches to plug 48 security holes in Windows and other Microsoft products. If you use Windows or Adobe products, it’s time once again to get your patches on.
Plenty to as Microsoft and Adobe Fix 115 Bugs (Infosecurity Magazine) Plenty to as Microsoft and Adobe Fix 115 Bugs. At least none are being actively exploited in the wild
Patch now: These "critical" security bugs affect all versions of Windows (ZDNet) Microsoft patched 48 separate vulnerabilities — the majority of which were the highest "critical" rating.
Microsoft's August Patch Tuesday Fixes 48 Security Issues (BleepingComputer) Microsoft released the August 2017 Patch Tuesday security bulletin, and this month the company fixed 48 security issues in six of its main product categories.
Microsoft issues out-of-band security updates for Outlook, Office (Naked Security) If you haven’t picked up these updates, now is a good time to do them
The Patching Dilemma: Should Microsoft Fix Flaws in Older Tech? (Dark Reading) When researchers find vulnerabilities that leave older systems exposed, should the software giant create patches or encourage upgrades? Experts weigh in.
Cyber Trends
Get Ready for the 2038 'Epocholypse' (and Worse) (Dark Reading) A leading security researcher predicts a sea of technology changes that will rock our world, including the Internet of Things, cryptocurrency, SSL encryption and national security.
Emerging ‘hyperwar’ signals ‘AI-fueled, machine-waged’ future of conflict (Fifth Domain) Imagine wars fought by swarms of unmanned, autonomous weapons across land, air, sea, space and cyber.
Security leaders: Prepare now for the convergence of IT, OT and IoT (CSO Online) Adi Dar, CEO of Cyberbit, talks about what happens when IT, OT and IoT combine and how security leaders need to prepare.
10 most influential figures of the cybersecurity world (IT Pro Portal) One of the best ways to stay updated with the most recent industry changes is to follow the top giants in the security industry.
Majority of Cybersecurity Experts Agree: Fake News Influenced US Elections; Only Education Can Prevent it from Happening Again (PRNewswire) DomainTools, the leader in domain name and DNS-based cyber threat intelligence,...
The Human Side of Cybersecurity (Sys-Con Media) As the waves of ransomware hitting the shores of companies around the world prove, today’s cybersecurity balance still tips toward the bad guys.
Marketplace
Symantec to Obtain Fireglass—the Israeli Cyber Security Company (Monotone) Symantec Corp. is purchasing Fireglass, the Israeli cyber security startup, the company claimed this week, in a small contract developed to drive its products that safe guards web browsing and corporate email from threats.
Cybersecurity Services Provider BlueteamGlobal Raises $125 Million (eSecurity Planet) The company will offer threat monitoring and cyber defense security services to enterprises and SMBs.
Five Hot Atlanta Startups (NewsCenter.io) Silicon Valley has long been hailed as the country’s largest and hottest startup hub, but other cities are quietly emerging as powerful regional centers of innovation and entrepreneurship. From Los Angeles’ Silicon Beach to Colorado’s Silicon Slope, up-and-coming tech hubs are challenging the notion that …
The Symantec-Google feud can't be swept under the rug (TechTarget) The feud between Symantec and the web browser community, most notably Google, appears to be over now that DigiCert has agreed to acquire Symantec Website Security for close to $1 billion.
How Peter Thiel's Secretive Data Company Pushed Into Policing | Backchannel (WIRED) A Backchannel investigation reveals the difficult issues police and communities face when they adopt the secretive firm’s data-scooping software.
NAO wins Navy cyber contract (C4ISRNET) If all options are exercised, the contract is scheduled to be completed by August 2023.
From the Battlefield to the Security Operations Center: A New Collar Approach to the Skills Gap (Security Intelligence) Many companies, including IBM, are taking a new collar approach and recruiting ex-military personnel to fill woefully understaffed cybersecurity positions.
Citing 'confidence gap' in American tech workforce, CompTIA creates professional association (Cyberscoop) CompTIA's new workforce play — the Association of Information Technology Professionals — will advocate and offer certifications for would-be IT employees.
Trusona Brings THE #NoPasswords Revolution to Asia Pacific Markets (NBC 12) Identity authentication trailblazer hires experienced managing director to lead the expansion
IBM sues CIO Jeff Smith to stop him moving to Amazon Web Services (CRN Australia) Telstra, Suncorp veteran accused of hiding secret communications.
McAfee promotes Adam Boreham to channel director (CRN Australia) Replaces outgoing director Luke Power.
Products, Services, and Solutions
School District Combats Ransomware and Saves over $60,000 with Netwrix Auditor (Netwrix) Complete visibility into activity across the environment enabled Whiteriver Unified School District to withstand a ransomware attack and secure vital information
Tripwire Launches Industry-First Advanced Docker Container Vulnerability Scanning, Reducing Security Blind Spots (BusinessWire) Tripwire's IP360 vulnerability management solution expanded to offer innovative scanning of non-running containers for better visibility into DevOps.
Comodo Launches Online Certification Academy to Help Users Maximize Impact of Powerful IT and Security Management Platform (Business Insider) Comodo, a global innovator and developer of cybersecurity solutions and the world's No. 1 certificate authority, today announced the launch of the Comodo Academy, an online educational portal, to grant certification to thousands of managed service provider (MSP) and IT department users of Comodo ONE, its comprehensive IT and security management (ITSM) platform.
How Windows to Go can keep data secure for business travelers (Computerworld) Worried about workers traveling internationally with sensitive company data on a laptop? A Windows to Go USB stick might be the answer for intrusive searches or bans on airplanes.
Schneider Electric and Claroty partner to address safety and cybersecurity challenges in global industrial infrastructure (WebWire) Claroty, an innovator in Operational Technology (OT) network protection, and Schneider Electric, the global specialist in energy management and automation, announced today that they are partnering to address safety and cybersecurity challenges for the worlds industrial infrastructure. Under the terms of the agreement, Claroty will market its real-time OT/ICS network monitoring and detection solution to Schneider Electrics customers through the companys Collaborative Automation Partner P...
NetWorks Group Joins “Carbon Black Connect” Partner Program as an MSSP Partner (IT Business Net) NetWorks Group, a leading provider of security monitoring and ethical hacking services, today announced it has joined the “Carbon Black Connect” Partner Program as a managed security services provider (MSSP) partner.
RedLock Announces a 100 Percent Commitment to the Channel (BusinessWire) RedLock announces its CloudView Channel Program to enable partners to grow their business by offering the most comprehensive cloud security solution.
Technologies, Techniques, and Standards
The Man Who Wrote Those Password Rules Has a New Tip: N3v$r M1^d! (Wall Street Journal) Bill Burr’s 2003 report recommended using numbers, obscure characters and capital letters and updating regularly. As his advice is overturned, he feels regretful.
Best practices for passwords updated after original author regrets his advice (The Verge) A vast majority of the trusted tips and tricks we employ when crafting a custom password actually make us more vulnerable to hackers, according to the expert who popularized the tips back in 2003.
Dashlane's 2017 Password Power Rankings Reveal How Consumer and Enterprise Websites Handle User Security (PRNewswire) Today, password manager Dashlane releases its 2017 Password Power Rankings,...
When it comes to mobile, are passwords too risky but smartcards too cumbersome? (WTOP) Today, advances in IT security make it more difficult for criminals to access business or government computer systems.
New Consortium Promotes Proper Data Sanitization Practices (Dark Reading) The International Data Sanitization Consortium (IDSC) will create guidelines and best practices for sanitizing data on hardware devices.
Automating Defenses Against Assembly-Line Attacks (Dark Reading) A manual approach just won't cut it anymore. Here's a toolset to defeat automation and unify control across all attack vectors to stop automated attacks.
Social media exploitation key in Trump’s 'extreme vetting' program (CSO Online) Trump administration seeks help from tech firms to create an "extreme vetting" program for immigrants to the U.S. Documents indicate IBM is interested.
Don’t be a sitting duck as IoT threats mount (IT-Online) As the Internet of Things (IoT) continues to gain traction, organisations will have to reassess their security practices to accommodate the increase in security alerts.
Simplicity: The Most Overlooked Principle of Warfare (SIGNAL Magazine) “I need solutions that are simple and intuitive and do not require field service reps, to be very blunt.”-- Lt. Gen. Paul Funk II, USA, commander, III Corps
U.S. Army Cyber Doctrine Making a Difference (SIGNAL Magazine) The Army’s first doctrine for fighting in the cyberspace and electronic warfare domains already is changing the way the service operates.
Clearing Your Digital Advertising to Avoid Liability (Galkin Law) Digital advertising raises many unique legal issues. Perspectives from an Internet lawyer for avoiding liability.
Design and Innovation
High hopes for ‘more secure’ forked version of Bitcoin (Naked Security) Forking Bitcoin gives the cryptocurrency a new direction – but although there are high expectations for Bitcoin Cash, it faces threats
Yes, Bitcoin Has No Intrinsic Value. Neither Does a $1 Bill (WIRED) Fears about virtual currency bitcoin echo concerns about earlier financial innovations, like paper money.
Sony wants to digitize education records using the blockchain (TechCrunch) Sony said today that it has finished developing a digital system for storing and managing educational records on the blockchain. The Japanese firm is now..
Research and Development
AI Will Make Fake News Video — and Fight It As Well (Defense One) Just weeks after one research team appeared to put words in a leader’s mouth, here comes a new tool that can check questionable video for a pulse.
Legislation, Policy, and Regulation
Putin Heads to Occupied Georgia Territory on War Anniversary (Foreign Policy) It’s a slap at Mike Pence and Georgia itself nine years after the Russian invasion.
NATO criticizes Putin visit to disputed Georgia territory (POLITICO) Russian president visits Abkhazia on anniversary of brief war over the territory.
Russland: Wirtschaftliches Kriegsrecht (Frankfurter Allgemeine) Der Kreml hat in der russischen Wirtschaft das Kriegsrecht verhängt, und er fühlt sich sehr wohl damit. Das musste auch Siemens feststellen. Ein Kommentar.
Russia and the US are jittery about spies. But facts are hard to come by (the Guardian) Amid the allegations swirling around Washington sits a private company called the Kaspersky Lab. But beyond that, nothing is clear
We can't rely on black swans: Three areas to improve cyber policy now (Help Net Security) What will it take for cybersecurity policy to finally catch up to the digital age? Learn more how you can improve cyber policy right now.
New UK data protection law to offer more control to users (Help Net Security) UK citizens will have more control over how their personal information is used by businesses, and the right to demand from social media companies and onlin
UK essential service operators with poor cyber security face massive fines (Help Net Security) Organisations who fail to implement effective cyber security measures could be fined as much as £17 million or 4 per cent of global turnover.
NotBeingPetya: UK critical infrastructure firms face huge fines for lax security (Register) Makes you WannaCr... we mean WannaPatch
NIS Directive plans show UK is serious about tackling cyber threats (ComputerWeekly) UK government plans to implement the EU’s network and information systems (NIS) directive have been welcomed for assuring its commitment to cyber defence post-Brexit
Security industry welcomes planned UK Data Protection Bill (ComputerWeekly) The cyber security industry has generally welcomed planned UK data protection legislation, but some say it is hypocritical in the light of the Investigatory Powers Act.
Army cyber general: ‘What a difference a year makes’ (Fifth Domain) Maj. Gen. John Morrison, commander of the Army Cyber Center of Excellence at Fort Gordon, Georgia, highlighted some of the flashpoints for progress within the last year during his opening keynote address at TechNet Augusta.
EFF files court brief urging warrants for digital device searches at borders (TechCrunch) The EFF has filed a court filing pressing for warrants be required for searches of mobile phones, laptops and other digital devices by federal agents at..
ACLU: Absent warrant standard, police could monitor anyone via location data (Ars Technica) Opening brief filed in Carpenter, an important privacy case pending at Supreme Court.
Former CIA operative Valerie Plame says privacy is precious — and she should know (TechCrunch) Back in 2003, Valerie Plame was working for the CIA overseas trying to protect the world from rogue nuclear proliferation -- nothing too important or..
New Law Requires State Employees To Undergo Cybersecurity Training (CBS Local) Every day there are attacks on state government computer systems.
Litigation, Investigation, and Law Enforcement
Arraignment postponed for UK expert who halted WannaCry (Fifth Domain) The arraignment planned for Tuesday of a British cybersecurity researcher, who was arrested last week in Las Vegas on federal charges that he created and distributed a malware program to obtain banking passwords from unsuspecting computer users, has been postponed until next week.
Police bust cyber attack ring accused of causing millions in damage (The Times of Israel) Pair of key suspects believed to have earned over $600,000 from website offering service that crashes internet servers on demand
The Trump Administration’s Leakers Deserve to Be Investigated (Foreign Policy) But Jeff Sessions might not be up for the job.
Backlash over RBS bank chief’s online fraud remarks (Scotsman) The head of the Royal Bank of Scotland has warned that victims of bank fraud should not expect automatic refunds.
California man charged in 2015 Plainfield cyber death threats (13 WTHR Indianapolis) Charges will be announced in the case that began with a Facebook profile under the name of "Brian Kil" making threats against Plainfield students and a mall.
FBI account of tracking and arresting an online ‘sextortionist’ is grimly satisfying (TechCrunch) Tales of internet trolls and worse things are common to hear about — that is, if you're not experiencing their effects yourself, as many are. But while..
Suspected sextortionist hiding behind Tor is outed by booby-trapped video (Ars Technica) "Brian Kil" terrorized minors for years. Last month, a hack gave agents a big break.
Hotspot Shield VPN accused of redirecting user traffic to advertisers (HackRead) A renowned privacy group Center for Democracy & Technology (CDT) has accused Hotspot Shield VPN developed by AnchorFree, Inc. of violating user privacy
Prison Time for Manager Who Hacked Ex-Employer's FTP Server, Email Account (BleepingComputer) Jason Needham, 45, of Arlington, Tennessee was sentenced last week to 18 months in prison and two years of supervised release for hacking his former company's FTP server and the email account of one of his former colleagues.
The Police Loves Naming Its Spying Tools 'Skynet' (Motherboard) Why would anyone name their project this?