Cyber Attacks, Threats, and Vulnerabilities
North Korea Hit By Konni and Inexsmar Malware After Missile Tests (HackRead) An unknown hacking group has been targeting organizations in North Korea with Konni Malware. It is a RAT/remote access Trojan having all those features tha
Malware targets North Korea following nuclear ICBM tests (Cyberscoop) Researchers have stitched together two malware campaigns targeting North Korea, raising suspicion over counteractions tied to the country's aggressive weapons testing.
Ukrainian postal service hit by 48-hour cyber-attack (BBC News) Hackers targeted the system that tracks customer parcels on Ukrposhta's website two days in a row.
FireEye: Some hacking claims exaggerated, others false (TheHill) Last week, a hacker or hackers adopting the nickname "31337" released 32 megabytes of files purportedly from FireEye and one of its analysts, Adi Peretz.
Flaw Or Feature? CarbonBlack Refutes DirectDefense Report Of Data Leak From Endpoint Detection And Response Product (CRN) CarbonBlack says the solution provider is 'incorrect' in saying that it has an architectural flaw that exfiltrates data, while DirectDefense says thousands of files and customer data have been exposed.
Carbon Black Data Leaks – A Good Reminder to Protect Keys (Secplicity - Security Simplified) A security firm published a blog post today explaining how they compromised an endpoint security system. The vendor, Carbon Black, responded in a blog post explaining that this feature is off by default and customers receive a warning when they turn it on. Setting aside the topic of responsible disclosure for the moment, take a look …
Hackers release mobile numbers of 'Game of Thrones' stars and demand millions to stop more leaks (ShortList Magazine) "Mr. Smith" is holding the entire show to ransom
How a port misconfiguration exposed critical infrastructure data (Help Net Security) Nn open port used for rsync server synchronization has left the network of a Texas-based electrical engineering operator wide open to malicious attackers.
Signed Mughthesec Adware Hijacking Macs for Profit (Threatpost | The first stop for security news) Mughthesec, a variant of the OperatorMac adware, has been turning hijacked Macs into revenue-generating machines for the authors.
Can Online Dating Apps be Used to Target Your Company? (TrendLabs Security Intelligence Blog) People are increasingly taking to online dating apps to find relationships—but can they be used to attack a business?
USB connections exposed as 'leaky' and vulnerable (The Lead South Australia) Tests in South Australia reveal USB security issues
When is a VPN not private? When you’re not paying for it (Naked Security) A complaint to the FTC alleges that the free Hotspot Shield VPN isn’t as private as you might think
Take down: Hackers looking to shut down factories for pay (Fifth Domain) AW North Carolina stood to lose $270,000 in revenue, plus wages for idled employees, for every hour the factory wasn't shipping.
How leaked exploits empower cyber criminals (IT Pro Portal) Access to leaked state-sponsored and cybercriminal hacking tools and exploits lead to the surge of cyber attacks during the first half of 2017.
Customers ‘furious’ with TNT after cyber-attack meltdown (FedCyber.com | Information Security Event & Community) “Businesses in Ukraine were hit hardest, and since many TNT operations and communications are based in the country, a significant proportion of its systems were infiltrated and data encrypted – locking employees out – as a result. ‘Manual processes’ are still being used to put packages through the system, and Via OODA Loop
Tech Wisdom: Beating Cyber Risks (Port Technology) Ongoing digitalization of ports is predicted to result in even more complex and networked IT systems, impacting on the ability to manage cyber threats, according to a recent paper.
Cyber experts missed opportunity to pre-empt WannaCry, NotPetya (CRN Australia) If only researchers had paid more attention to Shadow Brokers dump.
Biggest problem is knowing what devices are on the network (Infosecurity Magazine) Two-thirds of security pros not confident organizations have made necessary security improvements since WannaCry and Petya
Cyber Threats, Backdoors and More: 3 Lessons from NotPetya (News Factor) Cyber Threats, Backdoors and More: Three Lessons from NotPetya -- How can organizations protect their software from exploits and backdoors similar to the ones involved in the NotPetya ransomware attack?
PACER vulnerability allowed hackers to access legal docs while sticking others with the bill (Help Net Security) A CSRF vulnerability that allowed attackers to access court documents on the PACER system while making legitimate users pay for it has finally been plugged.
No signs of manipulation of Kenya vote: EU observers (Reuters) The head of the European Union's election observer mission in Kenya said on Thursday it had seen no signs of "centralised or localised manipulation" of the voting process.
Data breach numbers ‘could be four times higher than reported’ (Jersey Evening Post) Reported data security breaches in the Channel Islands are just the ‘tip of the iceberg’ and the number of attempted hacks could be four times higher than official figures, an IT security expert has warned.
DC couple loses $1.5 million in home-buying cyber attack scam (WTTG) A couple in the District has lost $1.5 million after hackers appear to have directed the money to an account they owned instead of the account of the title company the couple worked with during closing.
Real Estate Is Not Above the (Cyber Attack) Risk (Commercial Observer) CRE folks have been slow to invest in cybersecurity and that needs to change, as technology and real estate become more complex each day.
How to Avoid a Cyberattack: Real Estate Checklist (Commercial Property Executive) Smart homes and advanced building management systems make the industry more relatable, suitable and attractive for young people, but those things that also make it riskier.
Synopsys Fuzzing Report Identifies IoT and Industrial Control Systems Software as Most Vulnerable to Exploits (Business Insider) Synopsys, Inc. (Nasdaq: SNPS), today released its fuzzing report, which provides deep analysis on potential zero-day exploits in the open source protocols and common file formats used across six key industries, including automotive, financial services, government, healthcare, industrial control systems, and Internet of Things (IoT).
DHS Issues Cybersecurity Alert Over Siemens' Medical Scanner Software (Investing News Network) According to the US Department of Homeland Security, a "low skill" attacker would be able to exploit the vulnerabilities of these products.
Sophos advises companies to tread carefully with IoT (Digital News Asia) Sophos researcher finds that many IoT devices pose security risks. Lack of regulation and use of outdated operating systems are root of problems
Amber Rudd tricked by email prankster who duped White House officials (Tripwire: The State of Security) Amber Rudd has been duped into sharing her personal email address with a prankster who has previously embarrassed White House officials.
Security Patches, Mitigations, and Software Updates
SAP Patch Tuesday Update Resolves 19 Flaws, Three High Severity (Threatpost) SAP released 19 patches on Tuesday, including a trio of vulnerabilities marked high severity in its business management software.
Scanners to be patched after government warns of vulnerabilities (Naked Security) Siemens says that there’s no evidence its scanners have been compromised – but the patches will be ready by the end of the month
Microsoft Removes Trust from Chinese CAs (Infosecurity Magazine) Microsoft Removes Trust from Chinese CAs. Move follows same decision by Apple, Google and Mozilla
Yahoo! Games' Demise Shows What the Death of Flash Could Feel Like (Motherboard) The parlor games hosted by Yahoo! once represented some of the internet’s best efforts at interactivity—at a time when that interactivity was new. But you can't find those games online anymore.
Cyber Trends
Taking Down the Internet Has Never Been Easier (Dark Reading) Is there a reason why the Internet is so vulnerable? Actually, there are many, and taking steps to remain protected is crucial.
Emerging ‘hyperwar’ signals ‘AI-fueled, machine-waged’ future of conflict (Fifth Domain) Imagine wars fought by swarms of unmanned, autonomous weapons across land, air, sea, space and cyber.
Cyber Threats: key insights from the best reports (Cyber Rescue Ltd.) Threats - understanding Cyber Attacks
Immer mehr Malware im Umlauf (Channel Partner) In der ersten Jahreshälfte wurde jeder Rechner im Schnitt 47,4-mal angegriffen, so oft wie noch nie. Das haben IT-Security-Forscher von G Data beobachtet.
Who is better prepared for IoT-related attacks, SMEs or large organizations? (Help Net Security) When it comes to cybersecurity, it is usually assumed bigger organizations with larger IT budgets have better defenses. In reality, they don't.
Marketplace
Mystery Company Offers $250,000 Bounty for VM Escape Vulnerabilities (Threatpost) An unnamed firm is paying up to $250,000 for vulnerabilities related to its virtualization platform.
Insurance Matters: Cyber liability – there’s insurance for that! (Napa Valley Register) The phrase “Cyber Liability” has a science fiction chill to it. And it should.
Salesforce fires red team staffers who gave Defcon talk (ZDNet) "As soon as they got off the stage, they were fired."
KeyLogic Systems acquires CrossResolve to expand biometrics services (BiometricUpdate) Engineering firm KeyLogic Systems, Inc. has acquired CrossResolve, a government advisory and strategy services organization focused on biometrics, forensics, and identity programs. The terms of the…
This Maryland firm helps cyber companies get acquired (Technical.ly Baltimore) SC&H Capital helps advise companies as they go through the acquisition process. Director Greg Hogan took us through the process on a recent deal, and provided some thoughts on the current market.
FireEye: Regaining Market Share (Seeking Alpha) Stagnancy in price action after the last earnings beat provides a buying opportunity as FireEye positions to capture gains in key growth niches.
Centrify hits US$100M milestone in annual sales (CSO) Centrify tops US$100M in sales during FY 2017 from strong customer demand for Identity and Access Management (IAM) security to stop data breaches
BlackRock Inc. Acquires 3,362,985 Shares of Qualys, Inc. (QLYS) (BNB Daily) BlackRock Inc. raised its stake in Qualys, Inc. (NASDAQ:QLYS) by 157,222.3% during the first quarter, according to its most recent disclosure with the Securities and Exchange Commission (SEC). The firm owned 3,365,124 shares of the software maker’s stock after buying an additional 3,362,985 shares during the period. BlackRock Inc. owned approximately 9.26% of Qualys worth […]
Air Force awards $24 million research contract to KeyW (Baltimore Sun) U.S. Air Force Research Lab awards $24 million research contract to KeyW
Cyber Command to Hold First Industry Day (Meritalk) The U.S. Cyber Command (CYBERCOM) will begin to exercise its newly granted acquisition authority by the end of 2017 with its first industry day on Oct. 27.
Scottsdale cybersecurity firm opens first international office (Phoenix Business Journal) Fresh off its $10 million Series B round, Trusona has opened its first international office in Tokyo and attracted new, large corporate customers for its secure identity authentication technology.
SparkCognition Adds Former U.S. Defense Department Chief of Staff, Wendy R. Anderson, as General Manager, Defense & National Security (Business Insider) SparkCognition has announced the addition of Wendy R. Anderson to its executive team.
Senior Information Security Leader Steve White Joins ForgeRock as Chief Security Officer (Benzinga) ForgeRock®, the leading open platform provider of digital identity management solutions, today announced that veteran information security expert Steve White has joined the company as Chief Security Officer.
Products, Services, and Solutions
Oxygen Forensic® Detective 9.5 Now Supports 40 Cloud Services w/Addition of Telegram Cloud (Oxygen Forensics) Oxygen Forensics, a worldwide developer and provider of advanced forensic data examination tools for mobile devices and cloud services, announced today that it now supports data extraction from 40 different cloud services with the addition of Telegram cloud for its flagship Oxygen Forensic® Detective 9.5 product.
InfoArmor: Actionable intelligence, comprehensive protection (Help Net Security) Protecting corporate assets against cyber attacks requires a combination of sophisticated technology, accurate threat intelligence data and expert strategy.
HashiCorp Vault 0.8 Expands Secrets Management and Security Across Multiple Clouds (Marketwired) HashiCorp, a leader in cloud infrastructure automation, today released HashiCorp Vault 0.8 which includes significant updates to both the open source and enterprise versions, including new secure plugins, disaster recovery, mount filtered replication capabilities, and multi-factor authentication (MFA).
Duo Security partners with VMware to improve cybersecurity for employees working remotely (Concentrate) Employees using their own laptops and tablets can be a big security headache for IT departments. Duo's partnership with VMware aims to change that.
Seattle’s Versive teams up with Cloudera in post-pivot AI security push (GeekWire) Three months after changing its name and deciding to focus exclusively on security, Versive is partnering with Cloudera to bring its artificial-intelligence powered security technology together with…
PhishMe offers free phishing training tool to SMBs (TechCrunch) There are lots of reasons scammers send a phishing email. They may want to get access to the company network or perhaps a quick payout with ransomware. Maybe..
MagTek and DishOut Partner to Deliver Mobility Toolkit for Easier Integration for Pay-at-the-Table, Pay-at-the-Door, Line-busting and Loyalty/Reward Programs (IT Business Net) MagTek, Inc., the world's leading supplier of secure payment technology and transaction web services, announces a partnership with DishOut, LLC, a payment technology company leading the way in mobile and stored-value programs, to offer a toolkit for faster mobile payment offerings.
Consumer Reports pulls recommendation for Microsoft Surface laptops (USA TODAY) Consumer Reports estimates that 25% of Microsoft laptops and tablets will break within two years of ownership.
Technologies, Techniques, and Standards
GDPR: full compliance is impossible - but here are the processes that can get you close (Computing) The GDPR is too much of a legal document to meet every requirement
Security ‘blind spots’ in corporate networks will affect GDPR readiness as race to the cloud speeds up - IBS Intelligence (IBS Intelligence) New research from Gigamon shows that blind spots are leaving organisations struggling to identify the data travelling across their networks.
To Manage Risk Understand Adversaries, Not Just Activity in Your Environment (Security Week) Six years ago the US National Institute of Standards and Technology (NIST) put forth a framework for information security continuous monitoring (ISCM), defined as maintaining ongoing awareness of information security, vulnerabilities and threats to support organizational risk management decisions.
Preparedness & Cyber Risk Reduction Part Five B: Discussion-Based Exercises (SurfWatch Labs, Inc.) Continuing our series on Preparedness, and this mini-series — exercises (see previous post for the intro to exercises) — this installment and the next build on our introduction, and in …
Army field manual provides cyber, electronic warfare template (Fifth Domain) “It’s not perfect, but we didn’t intend it to be perfect. We intended to make sure it could get out so our commanders could have an ability to leverage it,” Lt. Gen. Paul Nakasone, commander of Army Cyber Command, told C4ISRNET.
44% of sampled websites fail password protection assessment (SC Media US) An analysis of 48 popular websites determined that 46 percent of consumer services sites and 36 percent of business services sites had
Password Power Rankings: A look at the practices of 40+ popular websites (Help Net Security) Dashlane created the Password Power Rankings to make everyone aware that many sites do not have policies in place to enforce secure password measures.
Banks join forces to crack down on fraudsters (Financial Times) ‘Phone-printing’ software among tactics to tackle identity theft and cyber attacks
The untapped potential of machine learning for detecting fraud (Help Net Security) E-commerce fraud protection company Signifyd has recently signed up behavioral analytics expert Long-Ji Lin to fill the position of Chief Scientist.
Bug bounties: Crowdsourcing hackers to strengthen cybersecurity (Healthcare IT News) Inviting hackers to attack your network and then paying them for discovering weaknesses seems dangerous. But the U.S. Department of Defense is succeeding with the practice and some infosec firms are specializing in it.
Engaged Leadership Is Key to Effective Security (CIO Insight) Many companies have difficulty assessing the risks versus the rewards, but organizations must ensure that they have standard security measures in place.
Working Against the Tide [declassified] (NSA) Important as it is in peacetime, communications security becomes even more important in wartime. Ultimately, we must reckon wartime failure to secure communications against a background of u.s. casualties and of battles won and lost. As it did in World War II and the Korean War, the United States in Southeast Asia has failed to provide communications security of a sufficiently high degree to deny tactical advantages to the enemy. Once more the United States has lost men and materiel as a result.
Design and Innovation
Reuters: Tesla looking to start testing autonomous semi in “platoon” formation (Ars Technica) The company’s CEO has mentioned that a formal announcement will come in September.
Securing the cockpit: How the military is tackling avionics cybersecurity (Fifth Domain) The cyber threat to systems on individual platforms, particularly weapons, position, navigation and timing systems embedded in U.S. military aircraft, is garnering increased attention.
Sensor overload is overloading the network (C4ISRNET) This problem is expected to get worse in the next 10 years with the increase in boxes and sensors.
A Brief History of 'NSFW' (Motherboard) And how arguably the internet’s most influential acronym is changing.
Research and Development
Chinese quantum satellite sends 'unbreakable' code (Reuters) China has sent an "unbreakable" code from a satellite to the Earth, marking the first time space-to-ground quantum key distribution technology has been realized, state media said on Thursday.
China Has Its DARPA, But Does It Have the Right People? (The Diplomat) China has the institution to fuse civil-military R&D. Now can it attract the necessary talent?
Biohackers Encoded Malware in a Strand of DNA (WIRED) Researchers planted a working hacker "exploit" in a physical strand of DNA.
Legislation, Policy, and Regulation
France names new chief of procurement office (Defense News) A burning issue for the incoming DGA chief will be how to implement the €850 million defense budget cut this year, as decisions will be needed on which programs will be delayed.
Internet of Things Cybersecurity Act – An ‘A’ for effort [Commentary] (Fifth Domain) We all know that the internet is rooted in one “A” (Availability) but not in another very important “A” (Authentication).
Can the U.S. stop malware and buy it at the same time? (FCW) The U.S. government walks a fine line of prosecuting alleged hackers and buying malware and other software vulnerabilities.
Litigation, Investigation, and Law Enforcement
Tracking terrorists online might invade your privacy (BBC) Criminals brew their plans online and in texts. Authorities want to stop this – but an act in the UK shows the complication between keeping the public safe and respecting its privacy.
Hero or villain? Questions cloud Milwaukee charges against British cyber security expert (Milwaukee Journal Sentinel) Marcus Hutchins, 23, was to appear in court in Wisconsin Tuesday but hearing was postponed
Israeli Teen Accused of Running Bomb Threat Service Against Jewish Community Centers On Dark Web (HackRead) The authorities believe he is part of a larger bomb-threat-for-hire scheme on the Dark Web Jewish centers received over a hundred bomb threats this year du
The JCC Bomb-Threat Suspect Had a Client (The Atlantic) Newly unsealed FBI documents suggest the Israeli arrested for sending the threats was selling his services for a fee.
Alleged vDOS Operators Arrested, Charged (KrebsOnSecurity) Two young Israeli men alleged by this author to have co-founded vDOS — until recently the largest and most profitable cyber attack-for-hire service online — were arrested and formally indicted this week in Israel on conspiracy and hacking charges.
Iranian nationals charged with hacking, extorting US merchant (Fifth Domain) An indictment filed in Columbia, South Carolina alleges the criminal acts and intentions of two Iranian nationals.
FBI unmasks Tor-using suspected sextortionist (Help Net Security) A California man that stands accused of sextortion has been identified by the FBI through the use of a so-called Network Investigative Technique (NIT).