Cyber Attacks, Threats, and Vulnerabilities
Decryption key for Apple iOS Secure Enclave Processor firmware revealed (Help Net Security) A hacker has apparently figured out the decryption key for Apple's Secure Enclave Processor (SEP) firmware, and made it available online.
Hacker Publishes iOS Secure Enclave Firmware Decryption Key (Threatpost) A hacker identified only as xerub published the decryption key unlocking the iOS Secure Enclave Processor.
LG Hit by WannaCry-Like Ransomware (Infosecurity Magazine) LG Hit by WannaCry-Like Ransomware. Experts urge companies to patch SMB flaw
LG hit by WannaCry ransomware after IT staff fail to apply security patches (Computing) D'oh.
Scottish Parliament Cyber Attack (Information Security Buzz) With the news that Scottish Parliament has been hit by a cyber attack similar to that which affected Westminster a couple of months ago, security expert Dr Guy Bunker, SVP Marketing at cyber security specialists Clearswift commented …
Software maker admits attackers hid backdoor in entire suite of products (Computing) South Korea's NetSarang holds hands up to 'ShadowPad' backdoor hack of its server management products
ShadowPad How Attackers Hide Backdoor in Software Used by Hundreds of Large Companies Globally (BW CIOWORLD) Security-ShadowPad is one of the largest known supply-chain attacks and the backdoor allows attackers to download further malicious modules or steal data
Chinese hackers 'built back door hack into software to spy on Britain’s top businesses' (Express) The National Grid could be at risk of a cyber attack after a hacker group linked to China create a “back door” in software used by big businesses.
SyncCrypt Ransomware Hides Inside JPG Files, Appends .KK Extension (BleepingComputer) A new ransomware called SyncCrypt was discovered that is being distributed by spam attachments pretending to be court orders. This ransomware uses a interesting approach of embedding a zip file in a jpg image in order to avoid detection.
Notorious 'Mamba' ransomware returns, India also threatened (The Economic Times) Cyber security firms like Kaspersky Labs and Trend Micro have confirmed the rise of 'Mamba' this year. How many Indian firms were hit is yet to be confirmed.
Locky ransomware returns in two new variants (Computing) Locky, once one of the most widely distributed forms of ransomware, has returned, warns Malwarebytes
It’s baaaack: Locky ransomware is on the rise again (Naked Security) Locky had been quiet until new variants started appearing last week. Here’s what you need to know
Locky Ransomware Returns with New IKARUSdilapidated Phishing Campaign (eSecurity Planet) Over 62,000 phishing emails delivered the new threat in the first three days of the campaign alone.
Security Alert: Locky Adds the .lukitus Extension, Spreads through Waves of Malspam (Heimdal Security Blog) New variant of Locky Ransomware spreads through waves of malspam.
Successful White House Spear Phishing Attacks Show No One is Safe (Graphus) No one is safe from spear phishing attacks. Not even the highest-ranking government officials. CNN reported recently that a self-described email...
Cyber-security researchers warn of messenger apps with spy software (The Irish Times) SophosLabs researchers have found three dangerous apps on Google Play
Mobile banking Trojan 'Faketoken' is back and targeting Uber users (http://www.theinquirer.net) More fubar for Uber,Security ,APPLICATIONS,uber,Security,malware,Kaspersky
Auto-Clicking Android Adware Found in 340 Apps on the Google Play Store (BleepingComputer) The developer(s) of an Android adware family named GhostClicker has managed to sneak his malware on the official Google Play Store on several occasions, hiding it in as much as 340 mundane Android apps.
Voting machine supplier exposes 1.8 million voter records (Engadget) The company says the leak didn't include ballot information.
Don't panic, Chicago, but an AWS S3 config blunder exposed 1.8 million voter records (Register) Personal info spills from another poorly secured Amazon service
Google Chrome remote code execution flaw detailed, PoC released (Help Net Security) Vulnerability broker Beyond Security has released details about and Proof of Concept code for a Google Chrome remote code execution flaw.
'Indefensible' hack could leave modern cars vulnerable to critical cybersecurity attack (TechRepublic) The attack, which can disable airbags and other safety systems, affects the CAN standard for connected cars, affecting a large number of vendors and models.
Vendor-neutral smart car bug has 'dangerous' and 'even fatal' consequences (Graham Cluley) What about a fix? Yeah, it’s not that easy…
Speakers and Mics hacked to turn Music Into Surveillance Tool (HackRead) University of Washington’s Paul G. Allen School of Computer Science & Engineering research team has concluded that it is possible to use music for trac
Hacker Sells 2FA bypass flaw in Poloniex exchange after 2 months wait (HackRead) The sold vulnerability facilitates Bypassing 2FA on Poloniex - The hacker sold the flaw after they waited for Poloniex's reply for 2 months. The security r
LeakTheAnalyst incident an attempt to damage FireEye stock (Cyberscoop) A hacker leaked stolen material in an effort designed to damage the company's stock value, people familiar with the matter told CyberScoop.
HBO Hacks and Leaks: How Much Have They Hurt the Business? (Variety) HBO has endured an uncomfortable bummer of a summer of hacks and episodes of original series leaking out into the internet wild, including from its tentpole “Game of Thrones” franchise.…
'Game of Thrones' actor has an easy solution to fix HBO's script hacking problem (Fox News) While HBO is in the throes of its ongoing battle with hackers that have stolen some sensitive information, one star of its most popular show seems to have the answer to stopping leaks in the future.
Terror and Scripture (Times) Through the heart of Barcelona at the height of summer, another rented vehicle leaves another trail of destruction. Spanish police and security services have been on heightened alert for a...
Charlottesville is a tipping point in Silicon Valley's approach to hate speech (Business Insider) Apple, Facebook, Twitter, Spotify, and more have now taken long-overdue action against white supremacists and neo-Nazis.
OkCupid bans white supremacist “for life,” asks daters to report others (Ars Technica) A white supremacist featured in a Charlottesville documentary can’t use OKC anymore.
Neo-Nazi Daily Stormer loses its Russian domain, too (Ars Technica) Russian official cites "strict regime" for combatting extremism online.
Alt-social network Gab booted from Google Play Store for hate speech (TechCrunch) Gab, the conservative social network that has acted as a haven for people banned from the usual platforms, has been removed from the Google Play Store for..
Cloudflare CEO calls for a system to regulate hateful internet content (TechCrunch) Cloudflare CEO Matthew Prince has called for the implementation of a framework to govern how the internet's gatekeepers deal with cases like The Daily..
How the tech sector can legally justify breaking ties to extremists (Ars Technica) Generally speaking, private enterprise may refuse service on ideological grounds.
Security Patches, Mitigations, and Software Updates
Cisco Patches Privilege Escalation Bugs in APIC (Threatpost) Cisco patched two high-severity vulnerabilities in its Cisco Application Policy Infrastructure Controller (APIC) that could allow an attacker to elevate privileges on the host machine.
Drupal Patches Critical Access Bypass Bug (Threatpost) A critical flaw in Drupal CMS platform could allow unwanted access to the platform allowing a third-party to view, create, update or delete entities.
RCE Vulnerability Affecting Older Versions of Chrome Will Remain Unpatched (BleepingComputer) A remote code execution vulnerability affects older versions of the Google Chrome browser, all except the current version — Chrome 60.
Cyber Trends
Microsoft Report: User Account Attacks Jumped 300% Since 2016 (Dark Reading) Most of these Microsoft user account compromises can be attributed to weak, guessable passwords and poor password management, researchers found.
Tom Ridge talks Trump’s cyber team, the ongoing digital war, and why patient safety is an infosec problem (Healthcare IT News) The first Homeland Security Secretary explains that hospitals need to focus their finances and accept that they must invest in creating not just a culture of security but one of resiliency.
Marketplace
Can the security community grow up? (TechCrunch) As the times change, the security community needs to adapt. We live in an imperfect world, as Alex Stamos, Chief Information Security Officer of Facebook..
What is an enterprise-class cybersecurity vendor? (CSO Online) To be an enterprise-class cybersecurity vendor, it takes industry, business process and operations expertise. But they must also demonstrate “soft power” to the market.
Hiring More People is Top Need for Better Security in 2017 (Infosecurity Magazine) Almost a third of security pros willing to hire inexperienced staff to tackle workforce shortages
It's Up to Employers to Close the Cybersecurity Skills Gap (Security Intelligence) When recruiting talent to close the cybersecurity skills gap, employers must demonstrate their commitment to security research, education and knowledge.
IoT Security Startup ZingBox Raises $22 Million (eSecurity Planet) Dell lends some funds to the IoT security specialist's latest round of financing.
Outside the Box: Holly Rollo is crafting RSA’s new image (Boston Business Journal) Several stints as the head of marketing at high-profile cybersecurity companies, like FireEye and Fortinet, during periods of corporate transition have given Rollo a reputation as a specialist in brand transformation.
CSPi Adds Technology Heavy Weights to Drive Growth of Cybersecurity Products (NASDAQ) Innovator in automated data breach detection and response solutions recruits best-of-breed talent
Optiv Security's Head Of Americas Sales Departs (CRN) Chris Scanlan reveals his departure from Optiv Security on LinkedIn, saying he is taking a sabbatical and will begin looking at new opportunities in mid to late October.
Ex-Dimension Data Australia boss to lead 'military-grade' cyber security firm (CRN Australia) Alata Group appoints Rodd Cunico as chief executive.
Morphisec Names Channel Leader for North America (Channel Partners) Paul Laracy, a former employee of Lieberman Software, now serves as senior director of U.S. channel sales for Morphisec, the Israel-based endpoint security provider.
Products, Services, and Solutions
New infosec products of the week: August 18, 2017 (Help Net Security) New Firebox M Series appliances help SMBs keep up with encrypted traffic WatchGuard Technologies announced hardware upgrades to its Firebox M Series to han
Flashpoint Launches Intelligence Academy (Security Week) New Intelligence Academy aims to help organizations reduce risk by better understanding threats and prioritizing response
Arctic Wolf Networks Launches MSP Program For SOC-as-a-Service Offering (CRN) Arctic Wolf Networks CEO Brian NeSmith sees the opportunity for managed security services skyrocketing, and the new program will allow partners to capture that opportunity with a recurring revenue model.
Kaspersky launches information hungry VPN app for Android - gHacks Tech News (gHacks Technology News) Kaspersky Secure Connection: VPN service is a new application by Russian security company Kaspersky for the Android mobile operating system.
Norton's Core wants to be the ultimate watchdog for your home tech (Yahoo! Tech) The Norton Core is a Wi-Fi router designed to protect all of your connected devices.
How to use Firefox Send for secure file sharing (TechRepublic) Firefox Test Pilot is now kicking the tires of a new file sharing service. Jack Wallen shows how to use Send and explains why this might be one of the best options for the average user.
North Korea Critical Infrastructure Cybersecurity Threat Intelligence Briefing (PRWeb) North Korea poses a reputable threat to U.S (and Allied) organizations, including but not limited to those organizations classified as critical infrastructure. Sensato, a cybersecurity solutions firm specializing in advanced cybersecurity strategy and attacker methodologies, has announced the North Korea Critical Infrastructure Cybersecurity Threat Intelligence Briefing (NK-CTIB).
Brainshark Receives Security Designations Providing Customers With Added Safety Assurance (Sys-Con Media) ISO27001 and CSA STAR certifications provide third-party security standards verification
Pulse Secure certified for Federal Information Processing Standard (FIPS) (EconoTimes) Pulse Secure, a leading provider of secure access solutions to both enterprises and service providers, has announced that Pulse Connect Secure and Pulse Policy Secure running on Pulse...
Cisco’s Network Intuitive effort to bring intelligence, machine learning to networking (Financial Post) The new network will be able to translate business intent into action, by automatically generating policies or fixing problems without human intervention
Amazon Macie automates cloud data protection with machine learning (CSO Online) Amazon promises AWS S3 customers that they will be able to identify and protect sensitive data faster with Macie, but is it enough to catch up to what Microsoft and Google offers?
Technologies, Techniques, and Standards
LambdaLocker ransomware victim? Now you can decrypt your files for free (ZDNet) As part of the No More Ransom initiative, Avast Antivirus has released a tool that decrypts files locked by LambdaLocker ransomware.
Mobile device security for the road warrior (CSO Online) Follow these easy, inexpensive tips for keeping your smartphones and computers safe while traveling.
The Yahoo Lesson - Bring your CISO into the Boardroom (Infosecurity Magazine) The easiest way to determine whether your company has a healthy cybersecurity culture is to look at where the CISO sits in the organization.
ESET: Five good questions to ask before buying encryption (Business Insider) ESET shares five good questions that company owners and decision makers should ask themselves before buying encryption.
A former Marine cyber warrior explains how hackers will transform the face of modern combat (Business Insider) Cyber operations are going to play a much larger role in how modern warfare is fought.
Cybersecurity: Is the Air Gap Strategy Making a Comeback? (Automation World) The release of an air gap version of Dell’s Endpoint Security Suite Enterprise software indicates not only the continued prevalence of air gapped industrial systems, but an acknowledgement that such systems also need cybersecurity protection.
‘Ethical’ hackers can be your friend (Manchester Evening News) The managing director of Manchester-based cyber security business Paul Harris gives his professional opinion
Design and Innovation
Three barriers to digital IDs on the blockchain (Help Net Security) There has been a lot of hype around blockchain technology and the benefits it could bring to a wide variety of verticals, including identity verification.
How Blockchain Could Shape International Trade (Foreign Affairs) The widespread adoption of blockchain would benefit importers and exporters, granting them access to the financial backing that many now lack.
Facebook Doles Out $100K Prize for Internet Defense Prize (Dark Reading) Winners developed a new method of detecting spearphishing in corporate networks.
Research and Development
DHS Tests Touch-Free Fingerprint System (SIGNAL Magazine) While contact-based fingerprint technology has existed for some time, non-contact fingerprinting is still a new frontier.
Academia
Air Force Association Announces AT&T’s Continued Support of CyberPatriot as Cyber Diamond Sponsor (GlobeNewswire News Room) The Air Force Association’s (AFA) CyberPatriot program announced today that AT&T will continue their support of the program for the seventh consecutive year.
Students offer hope for narrowing of skills gap in cyber-security (SC Media UK) Maths the most popular A level with maths and further maths having nearly 25 percent more entries than in 2010 - bodes well to narrow skills gap
Triton touts cybersecurity program as 'tremendous opportunity' (Chicago Tribune) Triton College began offering a cybersecurity and information assurance certificate in 2016.
70% of DevOps Pros Say They Didn't Get Proper Security Training in College (Dark Reading) Veracode survey shows majority of DevOps pros mostly learn on the job about security.
Legislation, Policy, and Regulation
Opinion | Russia’s election meddling backfired — big-time (Washington Post) The country’s name is again a toxic word in American politics.
10 GDPR myths debunked (CIO) Don’t be fooled. GDPR implementation is a complex undertaking and being unprepared could have significant and expensive repercussions.
The GDPR: Adding Teeth to Data Privacy (CSO Online) Data breaches and related identity theft have reached epidemic proportion.
Uniformity required to combat cyber threats (Financial Standard) Greater collaboration between regulators across Asia-Pacific is needed to combat an increasing threat of cyber-attacks to financial services organisations.
Will U.S. Cyberwarriors be Ready for Next Big Hack? (Real Clear Defense via Warrior) Hackers around the world see weaknesses in U.S. voting systems, electric grids and other pillars of American society. Russia’s alleged election meddling
How security pros look at encryption backdoors (Help Net Security) The majority of IT security pros believe encryption backdoors are ineffective, with 91% saying cybercriminals could take advantage of them.
Navy’s integration of privacy, cybersecurity part of Foster’s lasting impact (FederalNewsRadio.com) Outgoing Navy CIO Rob Foster’s says Navy is well positioned to ride the technology wave for its sailors, seamen and civilian employees to be successful.
Newly-activated Guard unit to bolster Army Cyber forces (US Army) TF Echo consists of 138 National Guard members from seven states and highlights the Total Army's capability and focus to support cyber operations and carry out defense of the Army network.
Litigation, Investigation, and Law Enforcement
China’s Cyberspace Administration announces first state level investigations under Cybersecurity Law (JD Supra) China’s Cyberspace Administration announced that it has commenced investigations into Tencent Wechat, Sina Weibo and Baidu Tieba for violation of...
Iran denies appeal of jailed Princeton student: university (U.S.) Iranian authorities have denied the appeal of a Princeton University student who had been convicted on espionage charges and sentenced to 10 years in prison, the university and his wife said on Thursday.
FBI pushes private sector to cut ties with Kaspersky (Cyberscoop) The FBI has been telling private sector companies that Kaspersky is an unacceptable threat to national security.
Blowing the Whistle on Bad Attribution (KrebsOnSecurity) The New York Times this week published a fascinating story about a young programmer in Ukraine who’d turned himself in to the local police.
Russian Election Meddling, GRIZZLYSTEPPE, and Bananas (Robert M. Lee) It’s been awhile since I’ve been able to post to my blog (as it turns out doing a Series A raise for my company Dragos has been time consuming so I apologize for the absence in writing). But it is fitting that my first blog post in awhile has something to do with the GRIZZLYSTEPPE report. I almost got sucked back into writing when I saw the Defense Intelligence Agency (DIA) tweet out the Norse cyber attack map.
Did a Ukrainian University Student Create Grizzly Steppe? (OffGuardian) by Petri Krohn 1) U.S. Department of Homeland Security claims that the DNC was hacked by Russian intelligence services using a Russian malware tool they have named Grizzly Steppe or “PAS tool…
WikiLeaks Turned Down Leaks on Russian Government During U.S. Presidential Campaign (Foreign Policy) The leak organization ignored damaging information on the Kremlin to focus on Hillary Clinton and election-related hacks.
Rep. Dana Rohrabacher will consult Trump before giving public Julian Assange information (Washington Examiner) The idea of Rohrabacher privately briefing Trump is likely to alarm critics who point to the president's sometimes evidence-free assertions.
Trump-Russia emails suggest Moscow's attempt to infiltrate the campaign may have gone further than we knew (Business Insider) "You exploit any contact you have, at every level, to see what works," said one former CIA operative.
DEA: ‘There Is No Silver Bullet’ for Going Dark (Motherboard) A presentation obtained by Motherboard shows the Drug Enforcement Agency accepting the reality of encryption.
Don't Turn out the Lights on Dark Web Marketplaces (Security Week) We’ve all heard the phrase: “When one door closes, a window opens.” You can bet that as you’re reading this, those engaged in cyber crime on the dark web are looking for that next ‘market place window’ to open.
FCC’s claim that it was hit by DDoS should be investigated, lawmakers say (Ars Technica) FCC hasn't shown proof that it was attacked, Democrats say in call for probe.
US cops point at cell towers and say: Give us every phone number that's touched that mast (Register) Verizon says basestation dumps increasingly popular
Accused NSA leaker will get to see classified evidence in her espionage prosecution (Augusta Chronicle) The Augusta National Security Agency leak suspect will get to review classified information federal prosecutors might use against her during her upcoming espionage trial.
Sextortion cases in Wilson County prompt meeting with parents, homeland security (WKRN) Wilson County Schools has become aware of cases involving sextortion that impact students within the district.