Cyber Attacks, Threats, and Vulnerabilities
OpDomesticTerrorism: Anonymous shut down Charlottesville city website (HackRead) The online hacktivist group Anonymous has claimed responsibility for carrying out a distributed denial-of-service (DDoS) attack on the official website of
Twitter users are calling out participants in the Charlottesville white supremacist rallies (TechCrunch) As the nation recovers from yesterday's tragic violence caused by pro-nazi and white supremacist rallies that took place in Charlottesville, Va., Twitter..
GoDaddy tells white supremacist site Daily Stormer to find a new domain provider (TechCrunch) White supremacist site Daily Stormer needs to find another domain provider after getting the boot from GoDaddy. In a tweet, the company said “We informed..
Hackers Mock Cybersecurity Firm FireEye with Second Data Dump (Motherboard) The dump is relatively small, containing around 3MB of files.
How national campaigns ended in boardroom cyber fights (Mobile Nation) Technology was the key to everything: voter identification, results transmission and cyber warfare.
Cyber attack affects 7 million mobile phones in Venezuela (www.oneindia.com) Seven million mobile phone users were left without service due to a massive cyber attack that took down government websites in Venezuela earlier this week.
Source Code Management Tools Affected by Severe Vulnerability (BleepingComputer) Three of the most popular version control systems (VCSs) used in managing source code projects are vulnerable to a flaw that allows an attacker to run code on a victim's platform, potentially leading to the theft of source code or the hijacking of the underlying machine.
TheShadowBrokers Continue to Leak Exploits and Generate Profits (SurfWatch Labs, Inc.) A few weeks ago, our team at SurfWatch Labs released its mid-year threat intelligence report, which largely focused on how leaked exploits have helped to fuel cybercrime over the first half of the …
WannaCry Helps Push Cyber-Crime Attacks to New Heights in 2Q17 (eWEEK) ThreatMetrix's second-quarter 2017 cyber-crime report reveals the latest fraud trends, with attackers taking advantage of WannaCry fears to further their aims.
Motivation roulette: Is pseudo-ransomware a term? (Help Net Security) Attackers now have an arsenal of tools that can assist their ability to obfuscate the true purpose of a destructive attack.
Investigation uncovers Iran-backed cyber-espionage group in MENA region (Middle East Online) CopyKittens’ activities mostly centred on espionage of strategic targets, particularly Saudi Arabia, Jordan, Turkey, Israel, Germany and the United States.
How threat actors weaponized Mia Ash for a social media attack (SearchSecurity) Dell SecureWorks uncovered a complex social media attack that leveraged a fake online persona known as Mia Ash. Here's how it worked.
Hackers Leak More HBO Shows but No Game of Thrones This Week (BleepingComputer) Earlier today, the hacker group that goes by the pseudonym of Mr. Smith has leaked more data from HBO servers. This time around the hackers leaked a plethora of unaired episodes from ten different HBO shows.
Cerber ransomware using Magnitude EK and binary padding (SC Media US) Malwarebytes researchers spotted Cerber ransomware delivered in a Magnitude exploit kit (EK) using an interesting technique.
Magnitude exploits file size to infect machines (Enterprise Times) Malwarebytes identifieschanges to the way the Magnitude EK works including a technique designed to fool security scanners into not checking a file
Researchers report >4,000 apps that secretly record audio and steal logs (Ars Technica) SonicSpy family of apps pose as benign programs. Behind the scenes, they spy on users.
Bitcoin hacking: Should it make you reconsider investing? (Finder) We chat cryptomining malware with Benjamin Cruz, principal threat researcher at Cylance, and how new bitcoin investors can protect themselves.
Russia’s High Tech Tool Box for Subverting US Democracy, A (Semi-Complete) Guide (WIRED) Putin’s government draws on a century of espionage tradecraft to influence Western society. Now it’s updated for the digital age.
Amid Washington Russia Frenzy, Kaspersky Faces Backlash (Foreign Policy) U.S. spies see a global intelligence network in the making in company’s anti-virus software.
eScan highlights serious flaws in MIUI; Xiaomi dismisses the findings in the report (Firstpost) A spokesperson from Xiaomi pointed out that taking a smartphone in an unlocked state is a ‘very high barrier’ and unlikely to happen in day-to-day life.
Xiaomi rejects eScan report that alleged security flaws in MIUI system apps (Hindustan Times) Xiaomi says the security vulnerability pointed out by eScan is “theoretical.” So, are the Xiaomi smartphones safe enough? Here’s what the two sides have to say.
Feature or Flaw, the Risk Still Exists: Our Response to Carbon Black (DirectDefense) Carbon Black’s assertion that this only affects Cb Response: Carbon Black’s response to our post is just more validation of our findings. In general, vendors need to be more careful with how they handle customer data, even if it is an optional feature. As we stated in the blog post, we were unsure if this...
Here's How Ugly Infosec Marketing Can Get (BankInfo Security) Security vendors are known to sprinkle hyperbole amongst their claims. But the strategy has backfired for DirectDefense, which mistakenly cast endpoint protection Carbon Black as a contributor to the "world's largest pay-for-play data exfiltration botnet."
Cylance blamed for DirectDefense’s ‘botnet’ disclosure (CSO Online) Twenty-four hours after Carbon Black responded to a report from DirectDefense that their Cb Response product was leaking customer information (it doesn't), one company executive is pointing the finger at Cylance as the source of the disclosure.
Android libraries can share personal information with apps that lack permissions (Computing) Intra-library 'collusion' occurs when libraries are shared between multiple apps
'Iraqi' Developer Spawns 1,000 Android Spyware Apps (Forbes) A developer believed to hail from Iraq has created more than 1,000 Android malware samples, with a handful of samples making it onto the official Google Play store, researchers from mobile security firm Lookout warned Thursday.
Apps Infected With SonicSpy Spyware Removed From Google Play (Threatpost) A spyware family called SonicSpy was found on three apps available on the Google Play store as well as on over 1,000 apps available on third-party app stores.
CVE-2017-0199: New Malware Abuses PowerPoint Slide Show (TrendLabs Security Intelligence Blog) CVE-2017-0199 was originally a zero-day remote code execution vulnerability that allowed attackers to exploit a flaw that exists in the Windows Object Linking and Embedding (OLE) interface of Microsoft Office to deliver malware. It is commonly exploited via the use of malicious Rich Text File (RTF) documents, a method used by the DRIDEX banking trojan discovered earlier this yea
SMS touch a security and privacy nightmare for iOS users (Graham Cluley) Plaintext data transmissions make $1.99 app a spoofer's delight...
Process sensors have no security yet are effectively being ignored by the security community (Control Global) Dale Peterson had a twitter poll on DigitalBond.com asking what people think about the availability of security in sensors, actuators, instruments (Purdue Model Level 0 devices). The response was that most people agreed there was no security. So why isn’t there more of a drive to address this deficiency?
‘Thingbots’ Set to Underpin the Darknet of the Future (Infosecurity Magazine) Although IoT botnets like Mirai are known for launching DDoS attacks, they’re also being used in vigilante thingbots.
Many Factors Conspire in ICS/SCADA Attacks (Threatpost) A report on the state of SCADA and ICS security points out that critical infrastructure operators are caught between hackers and a lack of vendor and executive support.
Black hat hack risk (Australia's Mining Monthly) Companies need to be proactive about their security measures in light of the rapid evolution of malware targeting specific industrial control systems and critical infrastructure around the world.
Who’s defending our IoT borders? (Australian) The evolution of botnets is one of the most significant trends that has happened in the cyber security space over the last couple of years.
Spies Could Outsmart Free Stingray-Detector Apps (WIRED) Researchers tested their own stingray against five free Android apps. It beat them all.
Hackers target Bournemouth’s community centre websites in “damaging” cyber attack (Bournemouth Echo) A cyber-attack has left Bournemouth’s community centres without a website just as their clubs and courses approach a crucial time of year.
The Showdown: Hackers vs. Accountants (HackRead) A showdown between hackers and accountants is unlikely to have the same action-packed appeal as the latest summer superhero blockbuster, but the stakes in
Cyber attacks on online retailers double in a year as hackers try to steal shoppers' details (The Telegraph) The numbers of online shops hit by serious losses of customer data has doubled in the past year as hackers try to plunder retails sites for valuable personal details, a law firm has warned.
Security Patches, Mitigations, and Software Updates
Symantec Patches Code Execution Flaw in Email Security Product (Security Week) Symantec has released an update for its Messaging Gateway email security product to address remote code execution and cross-site request forgery (CSRF) vulnerabilities.
Firefox 55 makes Flash click-to-run, fixes security bugs (Naked Security) The long march towards the death of Flash takes another step in Firefox’s latest version
Gmail iOS App Gets New Phishing Warning Protection (App Informers) The Gmail iOS app has added a new phishing warning protection feature that is going to help keep you away from bad websites and links. The phishing protections were first put on Android devices back in May, and now iOS is getting the same warnings to help keep you safe if you use Gmail. Read …
Full release of Android O expected next week (Computing) Rumours suggest 21 August for the big day
Cyber Trends
Point Sadly Proven: WannaCry Ransomware (And The Rest) Shows Why Enterprises Need To Plan For Chaos (Business Computing World) While the WannaCry ransomware infections now seem to be declining from their peak last month, the chaos following the global attack is far from over. The malware that swept around the world infected more than 300,000 computers in 100 countries, and continues to hit companies such as Honda, shutting down production.
Security reality check: The real threat is closer to home (IT Pro Portal) Organisations and governments often underestimate insider threats and the damage they can do.
SMEs are fighting fires rather than tackling cyber defences (Computing) Only looking to cyber security after a breach is setting yourself up for failure, warns Node4's Steve Nice
Software and Hard Consequences, Review: 'The Darkening Web: The War for Cyberspace' by Alexander Klimburg (Washington Free Beacon) World War III has started on the internet, and almost no one seems to have noticed. Or perhaps the Cold War is a better analogy.
Is Cyber-Begging Becoming A Culture? (Guardian) Ariyike Akinbobola, in her Ariyike Weekly vlog, recently talked about a trend she had noticed on the Internet where people are found begging for money or free stuff in this video: “It’s a different thing,” she said, “if you are trying to raise money on Go Fund Me for a sick person or for a […]
CERT report captures just the tip of the iceberg (Scoop) Kiwis need to keep talking about cyber security as criminals are using technologies to find new ways to undertake crime, NZTech chief executive Graeme Muller says.
Marketplace
Why the majority of MSPs struggle to find enough cybersecurity pros to hire (TechRepublic) Some 92% of MSPs now offer cybersecurity services, but a shortage of qualified staff may put customers at risk of ransomware attacks, according to a Kaspersky Lab report.
Ex-NSA Analyst Raises $10 Million To Stop Hackers Destroying Power Grids (Forbes) In 2013, a U.S. dam was targeted by digital mercenaries working on behalf of Iran's Revolutionary Guards Corps, forming part of an espionage mission to infect and disrupt the nation's critical services. Or, at least, that was the fear-inducing narrative at the time.
Wickr Raises $8.8 Million (NewsCenter.io) Mobile startup Wickr just closed $8.8 million in financing from an undisclosed investor. Wickr is a free messaging app that allows its users to send and receive top-secret messages, pictures, videos, audios, and files. It provides a free and easy way for anyone to send …
Cisco Could Raise Its Dividend (Barron's) The company has strong cash flow and the ability to boost payout, especially in the event of a repatriation holiday.
Gigamon: It Has Been A Long, Long Time (Seeking Alpha) Gigamon recently reported the results of its Q2 operations. While the headlines were not a substantial beat and presented a dismal picture of operations, guidan
Boost For Partners: 7 Ways Sophos Is Raising The Innovation Bar (CRN) The security vendor will tackle the endpoint, network, cloud, machine learning and more as it aims to rev up its platform of security offerings, says Sophos' Dan Schiappa.
FireEye’s Value Proposition in the Cybersecurity Space (Market Realist) FireEye’s scale in the cybersecurity space
3 Reasons FireEye, Inc. Stock Could Rise (The Motley Fool) In an increasingly unsafe world, the cybersecurity leader's future looks bright.
How Pwnie Express is Positioning to Secure Enterprises from IoT Risks (eWEEK) VIDEO: Pwnie Express CEO Paul Paget discusses where he sees opportunities in the market to secure enterprises from Internet of Things (IoT) device risks.
Meet the Russian-American Hacker Who's on Your Side (OZY) Hacking isn't just technical. It's political.
This is the one corner of the D.C. area’s tech scene that’s doing really well (Washington Post) As computer hacks mount, new investments pour into the region’s cybersecurity firms.
Center for Innovative Technology's Herndon campus up for grabs (Washington Business Journal) The offering is likely to draw significant interest from developers given the CIT's location adjacent to the Silver Line's planned Innovation Center.
Cylance Hires CFO; Says Sales Climb 283% (Orange County Business Journal) Cylance Inc., the fast growing Irvine-based maker of artificial intelligence software to combat computer viruses, named Brian Robins chief financial officer.
Products, Services, and Solutions
Lacework Brings Zero-Touch Anomaly Detection to AWS Accounts (PRNewswire) Lacework™, the industry's first zero-touch cloud security...
Core Security Unveils Core Role Designer to Streamline Access Governance (Core Security) New Role Designer Product Provides Revolutionary Visualizations, Fundamentally Changing Role Based Access Control
Staying ahead in the cyber arms race (ComputerWeekly) Darktrace’s Asia-Pacific managing director, Sanjay Aurora, offers insights on what organisations can do to reverse the odds against them in combatting cyber threats.
SecuLore Solutions Unveils New Version of Paladin™ at APCO 2017 (PRWeb) Filling the cybersecurity gap in our public safety infrastructure.
Sandboxing and threat intelligence: Proactive defence against ransomware (Channel Life) Ingram Micro’s Swapneil Diwaan explains the need for speed in preventing fast-moving cyber threats including ransomware.
Former Military Cybersecurity Platform to Be Applied in MSB Sector (iHLS) This post is also available in: עברית (Hebrew)Recent cyber attacks have increased awareness security on the net. The cyber security market is
Technologies, Techniques, and Standards
How to protect personally identifiable information under GDPR (CSO Online) The EU's General Data Protection Regulation requires companies to protect the privacy of their EU customers. Here's what you need to know.
What's the ROI on attribute-based access control? (CSO Online) Despite the predicted growth of attribute-based access control (ABAC), misconceptions about it leave decision makers concerned about ROI
Maersk CEO Soren Skou on how to survive a cyber attack (Financial Times) After a stormy summer, the chief is shaking up the world’s biggest shipping company
Gray Scale: The Looming Shadow Of Self-Governance (ETHNews.com) You might be surprised to learn that there are individuals who, of their own accord and often at great risk, take on the challenge of protecting cyber space for the greater good. One of the best examples of this behavior is exemplified by a team of hackers specific to the Ethereum ecosystem and known only as “The White Hat Group.”
STIX and TAXII: Sharing cyber threat intelligence (Help Net Security) STIX is a language for describing cyber threat information, TAXII defines services and message exchanges that enable organizations to share the information.
For good cyber hygiene, organizations must continuously monitor third-party risk (LookingGlass Cyber Solutions Inc.) In the past couple of years, third-party risk has grown from a topic only discussed by cybersecurity circles to a companywide concern. The tipping point may have been in 2014 when Target’s point-of-sale (POS) system was compromised, and the details of 110 million in-store customers were stolen., August 11, 2017
Radio navigation set to make global return as GPS backup, because cyber (Ars Technica) GPS killed the radio nav in 2010, but a high-def version is set to return.
Snake Oil Security: Signs of Security (& Crypto) Snake Oil (Hashed Out) Tips for spotting bogus claims about security and encryption
Q&A with Duo Security: Why are organisations struggling with patching? (IT Pro Portal) Cyber attackers prey on vulnerabilities in out-of-date software, yet many organisations are still running old, unsupported or unpatched software despite the risk.
Rolling with the Punches: A Cyber Security Approach (Tech Exec) Cyber security has taken on increased importance in the last few years due to the high profile nature of global cyber-attacks. It has gone from an ‘after-thought’ of the technology, to a subject which is regularly mentioned by CEO’s as an element of business strength to its shareholders. To discuss these developments, Paul Byrne, the
U.S. Cyber Command’s 3 Largest IT Challenges (FedTech) The command’s CIO says that integration between branches and commands, the speed of cybersecurity acquisitions and proper analysis are key concerns.
Cyber crime vigil: companies need to roll out security lessons (The Times of India) Rattled by the current string of cyber attacks, IT experts have now advised companies to enhance their data protection mechanisms to ensure that it does not fall prey to malicious ransomware like Wannacry and Petya.
Terrorists, hackers and scammers: Many enemies as L.A. plans Olympics security (Los Angeles Times) Come the 2028 Olympic Games, technology will play a central role in protecting the city and the games as law enforcement evolves to keep pace with changing threats.
Legal Hacking Tools Can Be Useful for Journalists, Too (Motherboard) Open source research tools used by security professionals can help journalists connect the dots.
Design and Innovation
Microsoft Goes Ethereum: $561 Bln US Company Releases Ethereum-Based Protocol ‘Coco’ (Cointelegraph) Microsoft, the $561 bln US-based technology company, has released the Confidential Consortium (Coco) Framework, an Ethereum-based protocol.
Microsoft and Intel unite to bring blockchain to businesses with Coco Framework (Digital Trends) Intel and Microsoft are working together to bring blockchain into the workplace, and it's contingent on Coco Framework.
Former Bitcoin Developer Shares Early Satoshi Nakamoto Emails (Motherboard) Mike Hearn has “moved on,” just like Bitcoin’s anonymous creator.
Instagram’s CEO Wants to Clean Up the Internet—But Is That a Good @&#$ing Idea? (WIRED) If you can't say something nice, Instagram will make sure you say nothing at all.
Research and Development
This Is Why Quantum Computing Is More Dangerous Than You Realize (Forbes) Quantum computing may still largely reside in the realm of scientists, but assuming it’s too many years off to be relevant today would be a serious mistake.
Hacking cybersecurity to anticipate attacks (News@Northeastern) Imagine two groups at war. One defends every attack as it comes. The other anticipates threats before they happen. Which is more likely to win?
Academia
Delhi University to start admission in Cyber Security course next month (ExamsWatch) Delhi University has decided to launch 'Institute of Cyber Security and Law' to address the consistent issue of hacking
College of Marin offers ‘cybersecurity’ training (Marin Independent Journal) Everyone from auto mechanics seeking retraining for lucrative high-tech jobs to college-age geeks who yearn to someday foil hackers can sign up now for a new computer course at College of Marin’s Indian Valley Campus in Novato.The progra
Legislation, Policy, and Regulation
Privacy a Fundamental Right, But it Cannot be Absolute: BJD MP Jay Panda (News18) Jay Panda said the Supreme Court deliberating on the source and contours of right to privacy is a historic step, but the discussion must go beyond just Aadhaar.
United States: Proposed Internet of Things Cybersecurity Bill May Create Hurdles for Government Contractors (Mondaq) The federal government dramatically has increased its spending in recent years on Internet of Things ("IoT") devices, including biosensors that can gather medical and security data from soldiers and vehicles in the field; smart-building applications that reduce energy (such as desks that automatically power on when an employee scans his or her identification badge upon entering the building); and myriad other devices. Despite its rapid increase in procurement of IoT devices, the government has yet to adequately address critical issues, including risk and uncertainty about privacy and security of the devices.
The feds need to stop keeping secrets on national security (TheHill) OPINION | Those in power must be held to account for upholding the Freedom of Information Act.
Should the EB-5 Investor Visa Program Recognize Cyber Workers? (CircleID) The EB-5 Investor Visa Program was created by Congress in 1990 to "stimulate the U.S. economy through job creation and capital investment by foreign investors."
Litigation, Investigation, and Law Enforcement
Beijing Probes Web Giants for ‘Illegal’ Content (Infosecurity Magazine) Beijing Probes Web Giants for ‘Illegal’ Content. Clampdown continues ahead of Party Congress
Marcus Hutchins: cybersecurity experts rally around arrested WannaCry 'hero' (the Guardian) The 23-year-old has fallen from grace as he battles accusations of involvement in a malware scam, but the cyber community has protested his innocence
Ukraine Police Arrest Man for Spreading NotPetya Ransomware in Tax Evasion Scheme (BleepingComputer) Ukrainian authorities have arrested a 51-year-old man from Nikopol, Dnipropetrovsk region, on accusations of distributing a version of the NotPetya ransomware.
In Washington, it is an article of faith that Russia hacked the DNC (iTWire) Security companies in the US tend to see a Russian hand in everything these days. The latest firm to come up with a Russian bogeyman is FireEye, which...
Powerful Venezuelan lawmaker may have issued death order against Rubio (Miami Herald) A possible death threat from powerful Venezuelan government leader Diosdado Cabello prompted Florida Sen. Marco Rubio to get a security detail.
Police Can Hurt Dark Net Drug Rings by Leaving Dealers Bad Reviews, Study Suggests (Motherboard) A seller's reputation goes a long way on the dark net.
Digital exchange joins law enforcement in hunt for WannaCry ransom bitcoins (HackRead) Patrick O’Neill, a journalist at CyberScoopNews, has claimed that since August 3rd, ShapeShift has been helping law enforcement to trace bitcoin transactio
Talktalk fined after customer details stolen again (Click Lancashire) During the investigation, the ICO ascertained that the issue was with a TalkTalk portal through which customer data could be accessed.
Telit CEO leaves after links emerge to decades-old fraud (Computing) Is CEO Oozi Cats really fugitive Uzi Kats?