Cyber Attacks, Threats, and Vulnerabilities
WikiLeaks: CIA' CouchPotato Tool Remotely Collects Video Streams (HackRead) WikiLeaks has released yet another CIA hacking tool as part of its Vault 7 series documents belonging to the American Central Intelligence Agency (CIA).
A Russian Hacker Group Used a Leaked NSA Tool to Spy on Hotel Guests (WIRED) The same hackers who hit DNC and Clinton campaign are now apparently spying on high-value travelers via Wi-Fi
Unsecured Wi-Fi hotspots and troubling browsing behaviors - Help Net Security (Help Net Security) Unsecured Wi-Fi hotspots
Bitglass Study: One in Five Put Data at Risk by Using Unsecured Wi-Fi Hotspots (Marketwired) 72 percent of data Stored in Box, Google Drive, and OneDrive is shared in some capacity
HBO Hacker Leaks Message From HBO Offering $250,000 ‘Bounty Payment’ (EXCLUSIVE) (Variety) The HBO hacker has struck yet again. Variety has obtained a copy of another message released Thursday by the anonymous hacker to select journalists in which HBO is apparently responding to the init…
HBO breach: Centrify says ‘winter is coming’ for passwords (Security Brief) HBO’s soft underbelly was laid bare to the world after hackers stole 1.5 TB of data from its systems - Centrify says passwords' days are limited.
So you're thinking about becoming an illegal hacker – what's your business plan? (Register) Some insights from the HBO hack and bomb threat claims
Hackers Are Taking Dead Aim at Manufacturers as Cyber Attacks Rise Globally (Security Sales & Integration) Motivations for the attacks are often criminal in nature and include extortion via ransomware and industrial espionage, NTT Security says.
SonicSpy: Over a thousand spyware apps discovered, some in Google Play (Lookout Blog) Lookout researchers have identified over a thousand spyware apps related to a threat actor likely based in Iraq. Belonging to the family "SonicSpy," these samples have been aggressively deployed since February 2017, with several making their way onto the Google Play Store. Google removed at least one of the apps after Lookout alerted the company.
Libpurple flaw: How does it affect connected IM clients? (SearchSecurity) A flaw in the library providing core functionality for several IM clients enables code execution attacks. Find out more on the libpurple flaw.
Watch out for Emotet, the trojan that’s nearly a worm (Naked Security) Emotet arrives as a malicious email attachment and tries to steal your online banking credentials
Stealthy Mughthesec Mac adware exposed: What it does, how to protect yourself (Help Net Security) Mughthesec Mac adware got its name after the name of the app and the launch agent it installs on the target machine.
Nasty Mamba ransomware that encrypts entire hard drive resurfaces (HackRead) Mamba Ransomware Resurfaces in Brazil and Saudi Arabia With Nefarious Objectives Last year we informed you about Mamba ransomware that attacked computers a
Locky Ransomware Returns with Spam Campaign Pushing Diablo6 Variant (BleepingComputer) A large malspam campaign is underway that is pushing a new Locky variant that appends the .diablo6 extension to encrypted files. Is this the return of Locky or just a brief resurgence?
Hackers use 'cloud-on-cloud' attacks to evade detection, attribution (Cyberscoop) The attacks appear to be early examples of criminal or other malefactors using cloud infrastructure to hide not only their identity, but the attack itself.
Top 12 cloud security threats to watch out for (JAXenter) The convenience of cloud technology also has some drawbacks. In this article, Jenny Harrison goes over 12 important cloud security threats to watch out for.
Carbon Black denies its IT security guard system oozes customer secrets (Register) Not a bug, it's a clearly labelled switched-off feature, we're told
Carbon Black and DirectDefense are fighting. Such is life lately in the endpoint protection business. (Cyberscoop) The two cybersecurity companies disagree over whether Carbon Black has been leaking terabytes of sensitive customer data.
Beware of Security by Press Release (KrebsOnSecurity) On Wednesday, the security industry once again witnessed an all-too-familiar cycle: I call it “security by press release.”
eScan Says MIUI Riddled With Security Flaws, Xiaomi Responds (NDTV Gadgets360.com) Security solutions company eScan on Thursday in a 36-page report alleged that Xiaomi's MIUI custom Android ROM has multiple flaws that affected the security of user data. Xiaomi system apps such as the uninstall mechanism and Mi Mover were some of the flawed aspects of MIUI, the report stated. The Chinese smartphone company has refuted the allegations however, in a statement to Gadgets 360.
Multiple Flaws in Xiaomi’s Miui System Apps Introduce Un-Intentional Vulnerabilities into End-User Apps and Security Apps (eScan) A comparative study, between Xiaomi’s MIUI System Apps and various Security/Backup-restore apps, vis-à-vis the functional working of the end-user apps and the security controls implemented by them.
Your Favourite Apps Could Be Seriously Compromising Your Personal and Financial Security (Huffington Post India) How safe is your personal information?
Patched Flash Player Sandbox Escape Leaked Windows Credentials (Threatpost) One of Tuesday's Flash Player patches was a do-over after the researcher who privately reported the problem earlier this year discovered the original patch incompletely resolved the issue.
Don't Let Malware Hit You on the Way Out (Infosecurity Magazine) Enterprises are not doing enough to secure their organizations when it personnel leave.
Customers 'furious' with TNT after cyber-attack meltdown (BBC News) The courier is still struggling to return operations to normal more than a month after the NotPetya attack.
Hackers have been targeting 3 major Hungarian banks with series of phishing attacks since June (International Business Times UK) A recent study by PhishMe found that 91% of targeted cyberattacks begin with a spear phishing email.
Pernod Ricard confirms cyber security incident, says no impact (Reuters) Pernod Ricard SA waspotentially targeted by a cyber attack but the incident wasfully contained and had no impact on operations, the companysaid on Thursday.
Security Patches, Mitigations, and Software Updates
Juniper Issues Security Alert Tied to Routers and Switches (Threatpost) Juniper warned Thursday of a high-risk bug in the GD graphics library used in several versions of its Junos OS.
SAP cleans up more than a dozen troubling CRM security blunders (Register) 19 vulnerabilities squished this month – get patching
SAP CRM, Flex patched in monthly security update (Inside SAP) A vulnerability in SAP CRM has been highlighted in this month’s SAP critical patch update, released this week.
Debian move marks beginning of the end for TLS 1.0 and 1.1 (Naked Security) TLS 1.20 fixes a vulnerability so now’s the time to check that the software you use and the software you manage supports it
New in Windows security: Automatically log off suspicious users (Computerworld) The Cloud App Security subscription service will boot users off the network, and out of apps and services, at the first sign of anomalous behavior.
This Xiaomi smartphone is getting Android Nougat update in India (Gadget Now) Recently, we reported that Xiaomi will soon start rolling out Android Nougat update for its Redmi Note 4 smartphone.
Cyber Trends
Top 5 cybersecurity flaws in organisations (AMEInfo) Most companies worldwide are failing to measure cybersecurity effectiveness and performance, according to a study released late July. The study by Thycotic found that nearly a third of the companies were blindly making cybersecurity investments. More than half of the 400 respondents in the survey – 58 per cent – scored an “F” or “D” …
Hackers: Privileged Accounts Provide Fastest Access to Sensitive, Critical Data (Dark Reading) Nearly 75 percent state traditional perimeter security firewalls and antivirus are now irrelevant or obsolete.
What hackers think of your cybersecurity efforts (CIO) A survey of 250 self-identified hackers at the twentieth annual Black Hat conference in Las Vegas last month has revealed the security technologies they find toughest to beat.
What security looks like in a cloud-native world (CRN Australia) Defending cloud-native apps requires a new way of thinking.
HIMSS survey: Hospitals ramping up cybersecurity efforts (Healthcare Dive) More than 70% of health IT leaders said their organization budgets specific funds for cybersecurity.
Companies in Singapore are not protected against cyber-attacks. Why and what needs to happen? (MIS Asia) Research by IDC revealed that 91 per cent of Singapore companies in the early stages of security preparedness. We speak with Simon Piff, VP of IDC's APAC IT Security Practice to learn why.
Marketplace
DIUx, SCO given special hiring and contracting authorities (Defense News) Two of the Pentagon’s innovation offices have been granted special authorities to help speed the hiring of staff and awarding of contracts in a move that could allow the groups to flow commercial technology into the department quicker.
CYBERCOM plans to exercise new acquisition authority by end of fiscal year (Inside Cybersecurity) U.S. Cyber Command will use its new acquisition authority to buy cybersecurity tools by the end of this fiscal year, and the organization plans to hold its first industry day later this fall, according to a command official.
The Race to Cyberdefense, Artificial Intelligence and the Quantum Computer (Government Technology) I've been following cybersecurity startups and hackers for years, and I suddenly discovered how hackers are always ahead of the rest of us — they have a better business model funding them in their proof of concept (POC) stage of development.
Greater China cyber insurance demand set to soar after WannaCry attack: AIG (Reuters via Business Insider) Demand for cyber insurance from firms in Greater China and elsewhere in Asia is poised to soar, based on enquiries received after the "WannaCry ransomware" attack earlier this year, executives at American International Group Inc said.
Opaque nature of cyber risks makes captives managers wary (Intelligent Insurer) Companies looking to better utilise their captive to take on more risks such as cyber, need to adopt a risk-based approach and define an optimal risk financing strategy, according to Adam Peckman, global practice leader at Aon Risk Solutions, speaking at a cyber security panel at the Vermont captive Insurance Association (VCIA) annual conference in Burlington, Vermont.
Hack the Air Force Bug Bounty Program Finds 207 Vulnerabilities (eWEEK) Security researchers find 207 vulnerabilities in U.S. Air Force code, as part of the monthlong Hack the Air Force bug bounty program.
Check Point set to surpass Teva as Israel's biggest company (Globes) The gap in value between the two companies on Thursday afternoon was only $206 million.
Lastline's Market Momentum Dramatically Accelerates During Q2 2017 (BusinessWire) Record setting sales performance, Series C funding, and high-impact strategic partnerships reinforce company’s leadership position in advanced malware protection
When NeuStar went private, its executives cashed out. Here's how much they made. (Washington Business Journal) The stock and options buyback reached into the tens of millions of dollars, according to SEC filings.
Cylance® Appoints Brian Robins as Chief Financial Officer as Company Hits 283 Percent Year-Over-Year Revenue Growth (Cylance) Veteran security industry CFO brings broad experience in scaling financial infrastructure at growing software companies
Sales Leaders Join Bandura Executive Team (PRNewswire) Bandura®, LLC, a trusted cybersecurity innovator, today...
Data analytics firm adds former DoD officials to advisory board (Defense News) A big-data analytics company has appointed former deputy secretary of defense Bob Work and former vice chairman of the Joint Chiefs of Staff Adm. James “Sandy” Winnefield to its advisory board.
Products, Services, and Solutions
New infosec products of the week: August 11, 2017 (Help Net Security) This week's infosec products include releases from the following vendors: Absolute, Cellebrite, Imanis Data, Toshiba, and Tripwire.
Core Security Unveils Core Role Designer to Streamline Access Governance (PRNewswire) Core Security, a leader in Vulnerability, Access Risk Management and Network...
Comodo Announces Comodemia, an Industry-first Cybersecurity Research Service for Academia (Sys-Con Media) Comodo, a global innovator and developer of cybersecurity solutions and the worldwide leader in digital certificates, today announced that it is launching a new cybersecurity research service for university, governmental, and non-profit educators and researchers.
Darktrace Releases Version 3 of its AI Cyber Defense Solution (Dark Reading) Productivity boost for novice and expert analysts, and executives.
Self-hosted search option is a new approach to bursting the filter bubble (Naked Security) An open-source, self-hosted search aggregator might be a good way both of avoiding being tracked and getting away from the echo chamber
Does the GDPR have a technology answer? Blue Cedar injects code to protect data - not the device (Computing) There's no silver bullet, but Blue Cedar can be part of the shotgun blast of technology solutions
Microsoft Surface fails reliability report, while Apple is most reliable (CRN Australia) Microsoft hits back against the findings.
What you need to know about Microsoft Surface's 'not recommended' rating (CRN Australia) Five key takeaways from the report.
Symantec Announces Plesk Will Integrate Symantec Encryption Everywhere Security Into Its Website Management Platform, Simplifying Encryption for Small Businesses (IT Briefing) Symantec Corp. (NASDAQ-NMS:SYMC), one of the world's leading cyber security companies, today announced that Plesk, a leading WebOps platform, will now incorporate Symantec's Encryption Everywhere security offerings into its website management platform and control panel, giving web professionals, small businesses, and cloud service providers one-click access to website encryption and customized security offerings.
Secude Halocore Secures Sensitive SAP Purchasing Processes (E3zine - E-3 Magazine International) Secude announced the implementation of its solution Halocore for SAP at the Research Centre Imarat (RCI) in Hyderabad, India.
GCI Taps Synacor for Hosted Email and TV Authentication (BusinessWire) Synacor Inc. (Nasdaq:SYNC) and GCI today announced that the companies have expanded their partnership. The multiyear agreement includes an upgrade to
Datacipher accredited as a check point authorized training centre (Hindu Business Line) Datacipher, a Professional Services Company specialized in next generation networking and security
Technologies, Techniques, and Standards
Man + Machine is the winning combo for combatting cyber threats (Vectra) To understand the maturity & effectiveness of security operations teams, we conducted a survey at Black Hat to understand their response times and capabilities
Why SOCs are not comprehensive enough for ICS cyber security (Control Global) For ICS cyber security, Operations, cyber security, physical security, and risk management organizations need to coordinate and training is required for Operations to know when to work with IT Security following upset conditions.
.why .it’s .time .to .fix .localhost (Naked Security) When you type in “localhost” it refers to your local host – this very computer right here. Or not. And Mike West wants to fix that.
Let 'localhost' be localhost. (IETF) This document updates RFC6761 by requiring that the domain "localhost." and any names falling within ".localhost." resolve to loopback addresses. This would allow other specifications to join regular users in drawing the common-sense conclusions that "localhost" means "localhost", and doesn't resolve to somewhere else on the network.
Eight Myths Not to Believe About Penetration Testing (Security Intelligence) Penetration testing can help organizations across all industries identify vulnerabilities before cybercriminals have a chance to exploit them.
Is Cloud the new home for Cyber Criminals? How to be Safe? | HostReview.com (Host Review) We remain on the edge of the digital age, where innovation moves rapidly, and our lives have been ch,Cloud Computing
5 Ways to Make Threat Analysis Actionable (ThreatConnect) Lights, Camera, All Quiet on Threats (Set) - Action! - What goes into the creation of your favorite movies? They have a director, editor, post-production effects, actors, and a ton of extras. A lot goes on behind the scenes to make a film possible. Editor's piece together shots to create the films we all enjoy. The role of an editor isn't solely reserved for Hollywood; threat analysts work in the same landscape each and every day.
Prioritizing Threats With Real-Time Threat Intelligence (Recorded Future) The element of surprise plays a huge part in successful cyberattacks, and the role of threat intelligence is to minimize it.
Six Ways to Help Improve your Security Posture (Anomali) A strong cybersecurity program is quickly becoming one of the most important investments a company can make. In the wake of numerous corporate breaches over the last few years, all users are on higher alert about the safety of their sensitive data. Whatever the size or maturity level of your security infrastructure, there are a few key steps that you can take to keep your data and organization safe.1) Educate your employeesIt’s an unfortunate truth that security isn’t really a
'Security is the only team that when given more budget finds more problems' (Computing) Raj Samani, chief scientist at security firm McAfee explains why some firms are deterred from investing in security
Focusing on Employee Training for Stronger Health IT Security (HealthITSecurity) A Most Wired hospital CIO discusses why employee training has become such a critical aspect to improving health IT security measures.
Design and Innovation
Microsoft reveals new blockchain efficiency technology (CRN Australia) Claims it can make blockchain-based systems faster, more private.
Bitcoin Price Will Likely Increase to $5,000 Post SegWit: Reasons & Trends (Cointelegraph) Bitcoin price will likely increase to $5,000 post SegWit activation, considering current upward momentum of Bitcoin and the cryptocurrency market.
Buoyant Bitcoin stirs fears of a crypto-currency bubble bursting (The Independent) Bitcoin and other "cryptocurrencies" are big money, virtually as big as Goldman Sachs and Royal Bank of Scotland combined. The price of a single bitcoin hit an all-time high of above $3,500 (£2,699) this week, dragging up the value of hundreds of newer, smaller digital rivals in its wake. Now some investors fear a giant crypto-bubble may be about to burst.
B2B APIs: FinTech, Bank Rivalry (PYMNTS) The rivalry between banks and FinTechs has, at times, been tense if not downright combative. Enter APIs to help the two sides coexist more peacefully. API solutions are doing more than helping two different types of financial institutions find ways to collaborate. By integrating artificial intelligence and machine learning capabilities, companies are relying on API […]
Research and Development
IBM Just Achieved a Deep Learning Breakthrough (Futurism) Researchers are taking big leaps in deep learning.
World's Leading Physicist Says Quantum Computers Are "Tools of Destruction, Not Creation" (Futurism) With great power comes great peril.
ICF wins cybersecurity contract (Fifth Domain) Under the contract, valued at up to $93 million, ICF will support Army Research Laboratory’s Defensive Cyber Operations (DCO) and Defensive Cybersecurity Research.
DIUx reports surge in pilot program funding (Defense News) The Pentagon’s Defense Innovation Unit-Experimental (DIUx) awarded $71 million in funding for 37 pilot programs over the last year, and the group expects to transition its first demonstrator program to higher-rate production.
Academia
Online radicalisation and cyber attacks to be tackled by new university facility (Bradford Telegraph and Argus) A HIGH tech centre dedicated to cyber security has been opened at the University of Bradford, and one of its first projects it to look at how to…
Mastercard Joins CyberPatriot as Cyber Silver Sponsor (GlobeNewswire News Room) The Air Force Association’s (AFA) CyberPatriot program announced today that Mastercard has become the program’s newest sponsor.
Legislation, Policy, and Regulation
New ministry to tackle terrorism (Mercury) The primary responsibility of a national government is the defence and security of its citizens.
Weakening encryption would damage the UK's wider interests says former MI5 chief (Computing) Weakening encryption would open the country up to more threats, says Jonathan Evans
Sorry, who did you say you were? We’ve forgotten about you (Naked Security) Britain’s data proposals will enshrine GDPR’s right to be forgotten in domestic law – but what’s the situation elsewhere?
Cybersecurity Bill deadline for comments looms (IT-Online) The Cybersecurity Bill, set to have massive implications for South African companies and individuals, is open for public comment until Thursday 10 August 2017.
Cyber Security Bill's success lies in how rules apply to each sector (The Straits Times) We live in an age of rapid digitisation where mobile communication and cloud computing have dramatically increased cyber connectivity.. Read more at straitstimes.com.
Solomons Government ‘committed’ to Huawei high-speed internet cable despite ‘concerns’ (Solomon Islands Broadcasting Corporation) The Solomon Islands Government says it is committed to providing high speed internet submarine cable for the country, ahead of Prime Minister Sogavare’s trip to Australia next week.
Blumenthal: North Korean Cyber Attack on Sony 'Should Have Prompted a More Aggressive Response' From Obama Admin. (Washington Free Beacon) Sen. Richard Blumenthal (D., Conn.) told MSNBC host Andrea Mitchell on Thursday that the Obama administration should have responded more aggressively against North Korea in November 2014 after they reportedly waged a cyber attack against Sony Pictures Entertainment.
Federal CISO to get second hat as National Security Council's cyber director (Cyberscoop) Acting federal CISO Grant Schneider, is getting a second hat as a senior director for cybersecurity at the NSC, raising questions among former officials.
Air Force CISO: Cyber workers 'crippled' by overload of regs (FederalNewsRadio.com) Air Force cybersecurity officials worry that the rank-and-file may be too preoccupied with the nuts and bolts of compliance.
Litigation, Investigation, and Law Enforcement
Ukrainian Man Arrested, Charged in NotPetya Distribution (Threatpost) The Ukranian Police suspect was arrested by the Ukrainian Police in connection with spreading the Petya ransomware.
ISIS Used eBay As Part Of Terror Network, Unsealed FBI Affidavit Shows (NPR) The network operated by a senior Islamic State official used fake eBay and PayPal transactions to funnel money to an alleged U.S. operative, who has pleaded not guilty to supporting a terror group.
A New Report Raises Big Questions About Last Year’s DNC Hack (The Nation) Former NSA experts say it wasn’t a hack at all, but a leak—an inside job by someone with access to the DNC’s system.
Blowback from staffer scandal burns Wasserman Schultz (POLITICO) "We wish she would go away and stop being so public by doubling down on negative stories," said one Florida DNC member.
Attorney for Loretta Lynch at Justice Department now at committee investigating Lynch (Washington Examiner) The attorney worked on editing Lynch's emails before going to work at the committee.
Judge tells State Dept. to search for more Clinton Benghazi emails (CNN) A federal judge has ordered the State Department to search for any additional Benghazi-related emails then-Secretary of State Hillary Clinton may have sent or received from aides Huma Abedin, Cheryl Mills or Jake Sullivan at their state.gov addresses.
Some Complicated Thoughts on Leaks and Leak Investigations (Lawfare) On Lawfare@FP, Benjamin Wittes and Susan Hennessey consider Attorney General Jeff Sessions' press conference on prioritizing leak investigations.
China investigates domestic social media sites in attempt to police content (Computing) The Great Firewall locks the country off from external influences, and now China is cracking down on internal dissidents
ACCC accuses Domain Name Corp Pty Ltd and Domain Name Agency of deception (CRN Australia) Alleges deceptive practice to sell new registrations masquerading as renewals.
TalkTalk fined £100,000 for putting THOUSANDS of customers at risk from scammers (The Sun) TalkTalk has been fined £100,000 for putting thousands of customers at risk from scammers. An investigation by the Information Commissioner’s Office (ICO) found that the telecoms giant failed…
HackinItaly: The Story Behind the Takedown of a 2,500-Strong QNAP NAS Botnet (BleepingComputer) Last Friday, on August 4, a jury in the US found Fabio Gasperini, an Italian citizen, guilty of building a botnet that he used to hijack remote servers and surreptitiously click on ads for his personal profits.
Microsoft agrees to Windows 10 security demands as Kaspersky Lab drops its antitrust complaint (VentureBeat) Russian security software company Kaspersky Lab has dropped its antitrust complaint against Microsoft after the U.S. technology giant agreed to demands to give third-party antivirus (AV) software providers more time to prepare for Windows updates.
Microsoft agrees to change Windows 10 after Kaspersky’s antitrust claims (The Seattle Times) The Russian anti-virus software company had accused Microsoft of favoring its own tools at the expense of other security software in Windows 10.