Cyber Attacks, Threats, and Vulnerabilities
ISIS’s propaganda machine is thriving as the physical caliphate fades (Washington Post) Barcelona attack showcases the power of the ‘virtual’ caliphate to drive terrorism abroad.
Hacking May Have Caused USS John S McCain’s Collision, Say Cyber Experts (International Business Times) Cyber experts said countries like Russia and China might have the capability to launch cyber attacks on warships.
US Navy collisions stoke cyber threat concerns (Tribune Washington Bureau via MSN) The Pentagon won’t yet say how the USS John S. McCain was rammed by an oil tanker near Singapore, but red flags are flying as the Navy’s decades-old reliance on electronic guidance systems increasing looks like another target of cyberattack.
The USS John S. McCain’s Crash Only Seems Familiar (WIRED) The collision with a tanker happened in one of the world's most congested waterways.
The cyber risk for ships (Insurance Business) Security industry says marine sector is too complacent
NotPetya highlights cyber risk in shipping industry (ComputerWeekly) Malware attack has shown that the shipping industry is vulnerable to cyber attacks, with Danish shipping giant Maersk reporting potential cost of up to $300m.
Stuxnet explained: How code can destroy machinery and stop (or start) a war (CSO Online) Stuxnet is an extremely sophisticated computer worm that exploits multiple previously unknown Windows zero-day vulnerabilities to infect computers and spread. Its purpose was not just to infect PCs but to cause real-world physical effects. Specifically, it targets centrifuges used to produce the enriched uranium that powers nuclear weapons and reactors.
New Research Sheds Light on the Mirai Botnet (eSecurity Planet) USENIX paper on Understanding the Mirai Botnet provides seven months of data insights into the IoT botnet.
Understanding the Mirai Botnet (USENIX) The Mirai botnet, composed primarily of embedded and IoT devices, took the Internet by storm in late 2016 when it overwhelmed several high-profile targets with massive distributed denial-of-service (DDoS) attacks
Meeting and Hotel Booking Provider's Data Found in Public Amazon S3 Bucket (Threatpost) Data belonging to meeting and hotel booking provider Groupize was discovered in a publicly accessible Amazon Web Services S3 bucket, which has been locked down.
HBO hackers threaten to leak Game of Thrones' season finale (HackRead) The nightmare for Home Box Office (HBO) is not over yet as Mr.Smith, the hacker or group of hackers who breached and stole a trove of data from Network is
Spyware backdoor prompts Google to pull 500 apps with >100m downloads (Ars Technica) Google killed secret plugin download capability after being alerted by researchers.
Locky ransomware's 'rebirth' puts everyone at risk once again (Security Brief) The Locky ransomware is back and using social engineering in another round of email-based attacks on tens of thousands of users.
Phishing Site Spotted Hosted on .Fish Domain (Infosecurity Magazine) Phishing Site Spotted Hosted on .Fish Domain. Netcraft discovers phishy goings on at the gTLD
Phishing Activity: August 21, 2017 (LookingGlass Cyber Solutions Inc.) Our weekly phishing activity report offers a snapshot into weekly trends of the top industries targeted by phishing attacks, August 21, 2017.
Spam Distribution Follows a Regular Workweek, IBM Reports (eWEEK) New research from IBM X-Force finds that Tuesday is the most popular day of the week for spam as spammers work a regular workweek.
Watch Hackers Hijack Three Robots for Spying and Sabotage (WIRED) An early taste of the hacked robot uprising.
Hacked robots can be a deadly insider threat (Help Net Security) Researchers have probed the security of a number of humanoid home and business robots as well industrial collaborative robots, and have found it wanting.
How to Hack a Robot (Dark Reading) Forget 'killer robots:' researchers demonstrate how collaborative robots, or 'cobots,' can be hacked and dangerous.
Industrial Cobots Might Be The Next Big IoT Security Mess (Threatpost) Researchers at IOActive are sounding an early alarm on the security of industrial collaboration robots, or cobots. These machines work side-by-side with people and contain vulnerabilities that could put physical safety at risk.
Experts Warn Bots Could Herald Third Revolution in Warfare (Infosecurity Magazine) Experts Warn Bots Could Herald Third Revolution in Warfare. IOActive research has already revealed robots as new insider threat
Killer robots are coming, and Elon Musk is worried (Ars Technica) Technology leaders warn autonomous drones could become "weapons of terror."
ACCC warns of fake NBN scammers (CRN Australia) $28,000 already stolen this year.
Cryptocurrency Miner Uses WMI and EternalBlue To Spread Filelessly (TrendLabs Security Intelligence Blog) Fileless malware can be a difficult threat analyze and detect. It shouldn’t be a surprise that an increasing number of new malware threats are fileless, as threat actors use this technique to make both detection and forensic investigation more difficult. We recently found a new cryptocurrency miner (which we detect as TROJ64_COINMINER.QO) that uses this particular technique as well.
Hiking Club Malvertisements Drop Monero Miners Via Neptune Exploit Kit (FireEye) Hiking advertisements are directing users to the Neptune Exploit Kit and ultimately a Monero miner infection as part of a new malvertising campaign.
Ethereum's Biggest Hacking Problem Is Human Greed (Motherboard) The "world computer" has a people problem.
Foxit acknowledges zero-days in its PDF software, but no patches yet (Security Brief) Foxit will not be issuing a patch for the two vulnerabilities. It instead released a statement that encourages users to use “Safe Reading Mode”.
Two zero-day vulnerabilities disclosed after Foxit refuses to patch PDF Reader (Graham Cluley) Researchers have disclosed two zero-day vulnerabilities affecting Foxit's PDF Reader after the vendor revealed it has no plans to fix the security flaws.
Fujitsu suffers "major incident" at Sydney data centre (CRN Australia) Recovery efforts continue after SAN failure.
Data on 1.2 million NHS patients stolen, claims hacker (Computing) Contractor at the centre of the claims says it didn't hold that much data
NHS 1.2 million patient name database hacked 'to expose weaknesses' (SC Media UK) The NHS has suffered a data breach in its SwiftQueue appointment booking system whose database contains confidential records on up to 1.2 million
Not violating India's privacy laws, user data fully safe: Oppo (The Economic Times) Oppo is the first company to officially comment after the government asked all handset makers that sell phones in India to share the security protocols they follow to secure mobile phones.
‘If I don’t receive my Bitcoins I’ll send video’ (NewsComAu) Sophisticated email scammers are targeting Australians with pornography and adult dating links which are then followed up with extortion attempts in an aggressive new form of attack.
N**e photos of Anne Hathaway leaked online by hackers (Graham Cluley) Hollywood actress Anne Hathaway is just the latest in a long line of celebrities who have found their intimate snaps exposed online by hackers.
What if All Your Secrets Went Public? (WIRED) A work of fiction by Joshua Cohen explores the consequences of the worst data breach imaginable.
Security Patches, Mitigations, and Software Updates
Chrome Adds Warning for When Extensions Take Over Your Internet Connection (BleepingComputer) Google engineers have added two neat features to the Chrome browser that will alert users of extensions that hijack proxy settings or the new tab page.
Fuze Patches TPN Handset Vulnerabilties (Threatpost) VoIP vendor Fuze earlier this year patched three vulnerabilities that exposed user account information and enabled unauthorized authentication.
Your failure to apply critical cybersecurity updates is putting your company at risk from the next WannaCry or Petya (ZDNet) Despite warnings and international cyber-incidents, too many organisations still aren't bothering to apply security patches, a report has warned.
Cyber Trends
‘Gloomy times ahead’ for security on critical infrastructure, warn experts (Naked Security) NIST is raising awareness that security through obscurity has become a thing of the past – but are we doing enough to protect infrastructure such as dams and power plants?
Fortify Networks Now Against the Coming Internet of Things Tsunami (SIGNAL Magazine) Amid the Internet of Things hoopla, serious cybersecurity risks cannot be ignored.
Cassandra coefficient and ICS cyber – is this why the system is broken (Control Global) Chapter 9 of Richard Clarke and R.P. Eddy’s book, Warning – Finding Cassandras to Stop Catastrophes, is defining the “Casandra Coefficient”. In reading the chapter, many of the issues that have prevented industry from adequately addressing ICS cyber security becomes evident.
DDoS Attacks on the Rise Again: Akamai (Infosecurity Magazine) DDoS Attacks on the Rise Again: Akamai. Second quarter sees 28% uptick as commoditisation of DDoS continues
Fortinet Threat Landscape Report Reveals Poor Security Hygiene and Risky Applications Enable Destructive Cyberattacks to Spread Infection at Record Pace (GlobeNewswire News Room) Cybercriminals Are Exploiting Known Vulnerabilities and Maximizing Impact With a Hybrid Threat Known as Ransomworms
Cybercrime Losses Continue to Mount (Multichannel News) Reported losses since 2012 total $4.63B, FBI says
Your Handy Guide to the Many Tech Anxieties of Our Time (WIRED) Tech is ruthlessly efficient, endlessly entertaining—and completely panic-inducing.
Marketplace
The Pitfalls of Cyber Insurance (Dark Reading) Cyber insurance is 'promising' but it won't totally protect your company against hacks.
eSentire Announces Growth Equity Investment from Warburg Pincus (PRNewswire) Investment to accelerate growth for leading Managed Detection and Response (MDR) firm
Verisk Analytics to Acquire Sequel (NASDAQ.com) Verisk Analytics, Inc. (Nasdaq:VRSK), a leading data analytics provider, has signed a definitive agreement to acquire Sequel from HgCapital and other Sequel shareholders. Sequel is a leading insurance and reinsurance software specialist based in London.
Aussie cyber security start-up TokenOne heads to US to kill passwords (Financial Review) Local security start-up TokenOne has become the first Australian business to be selected to take part in a consortium of major US cyber firms.
Cybersecurity Firm root9B's Assets Up for Sale (Dark Reading) Move to foreclose comes after company defaulted on repayment terms for over $10.7 millions in loans it owes creditors.
3 Cybersecurity Stocks to Buy Now (Fortune) These cybersecurity companies are cashing in on the scramble to fight hackers. We suggest buying their stocks.
What The Market Is Missing About Cisco (Seeking Alpha) Cisco has established itself as a long-term dividend stock with regular dividend increases. The company is undergoing a dual business transformation: from hardw
Buy General Dynamics Cautiously (Seeking Alpha) General Dynamics is headed to Overvalued and will struggle to meet sales revenue targets in the coming years because of government budget limitations and milita
Zix: Protecting Against Downside (Seeking Alpha) Zix has seen some of the highest amounts of growth in its industry at 10% and is the leader in its area. A strong balance sheet will help Zix carry out addition
New CSO, CISO appointments (CSO Online) Find up-to-date news of CSO, CISO and other senior security executive appointments.
CEO Spotlight: Fortinet’s Ken Xie (Born2Invest) Get to know Fortinet's CEO Ken Xie and what keeps him going.
Learning from success: Brian Honan's infosec journey (Help Net Security) Learn about the infosec journey of CEO Brian Honan, founder of Ireland's first Computer Emergency Response Team and Special Advisor to Europol EC3.
Sophos' Kendra Krause On What Women Bring To The Table In Tech (CRN) At the 2017 XChange Conference, CRNtv spoke with Kendra Krause, VP of Global Channels at Sophos, about what sets women apart in the high tech workplace, and why they should be valued in the industry.
Zscaler appoints Dilshan Sivalingam as first Australian and New Zealand channel manager (CRN Australia) Dilshan Sivalingam joins with more than 18 years of industry experience.
ForeScout hires country manager and regional VP from Palo Alto Networks (CRN Australia) Nabs new country manager and VP.
Products, Services, and Solutions
Baxter Strikes With Matchlight for Dark Web Monitoring, Fraud Detection (Credit Union Times) Dark web monitoring and detection is on the radar for credit unions as concerns grow over data protection.
Skyhigh Networks Unveils Integration with Cisco Spark to Secure and Manage Collaboration in the Cloud (BusinessWire) Skyhigh Networks, the world’s leading Cloud Access Security Broker (CASB), today announced Skyhigh for Cisco Spark, a comprehensive security and
ScienceLogic Announces Technical Services Partner Program (ScienceLogic) ScienceLogic, the leader in hybrid IT service assurance, today announced a new Technical Services Partner Program as part of its overall ChannelLogic partner initiative. The program provides development and enablement for partners who provide technical services to their clients. It also provides system integrators and cloud service providers another entrée into the $24 billion cloud …
Kensington’s New SecureBack Rugged Case for Square Reader Safeguards the iPad in a Mobile Point-of-Sale Environment (Kensington) Users can “protect while they accept,” giving them greater confidence in their POS system, and less worry about possible damage when moving about.
Network forensics tool NetworkMiner 2.2 released (Help Net Security) The NetworkMiner forensics tool has reached version 2.2. It can parse pcap files as well as perform live sniffing of network traffic.
Cisco Systems (CSCO) Reports Four Breakthroughs in Security, Compliance, and Analytics (Street Insider) Cisco (NASDAQ: CSCO) understands the importance of security, compliance, and analytics. We infuse this thinking into everything we do.
Check Point's latest threat research taken from data you can see in real time (Security Brief) Check Point has taken the latest results from its Cyber Attack Trends: Mid Year Report from data that viewers can see happening in real time.
8 top cyber-attack maps and how to use them (CSO Online) Cyber-attack maps can be fun to look at, but are they useful? As usual, when it comes to security context is key, so CSO looked at eight of the web's most popular cyber-attack maps. While the maps themselves are mostly eye candy with limited context, there are some creative ways they can be used.
Technologies, Techniques, and Standards
The Intelligence Community’s Top 3 Cybersecurity Priorities (FedTech) Automated data sharing, greater coordination and more realistic training for cyberincidents can help intelligence agencies respond better, an IC official says.
Defang all the things! (SANS Internet Storm Center) Today, I would like to promote a best practice via a small Python module that is very helpful when you’re dealing with suspicious or malicious URLs.
Using Machines to Understand When Normal isn't Normal (Infosecurity Magazine) Is AI a means to make the incident responder’s job a lot easier?
The Role of CISO in the Face of the GDPR (Infosecurity Magazine) GDPR will create a lot of work in a short time, and the CISO will need help from the whole corporation.
The $500 gizmo that cracks iPhone passcodes – and how to stop it (Naked Security) A gizmo that can work out an iPhone’s passcode sounds pretty scary – but just how much of a risk is it?
Hospitals must band together to beat hackers (Healthcare IT News) Security frameworks and threat intelligence sharing already exist that hospitals can put to work to defeat cybercriminals.
Design and Innovation
Facebook Awards $100K to Researchers for Credential Spearphishing Detection Method (Threatpost) Researchers who identified a real-time way to detect credential spearphishing attacks in enterprise settings won $100,000 from Facebook last week.
Ford outlines plan to build self-driving cars at scale to deploy with partners (TechCrunch) Ford's autonomous driving vision includes fleet manufacturing, and then deploying vehicles at scale with partners working in commercial service areas like..
3 Ways Blockchain Is Revolutionizing Cybersecurity (Forbes) The second quarter of 2017 was a wild one for blockchain companies and investors, with nearly 60 initial coin offerings (ICOs) closed in the quarter for more than $750 million, and it looks like this is just the beginning. It seems that blockchain is about to have an impact on nearly every industry.
IBM, Kroger, Walmart and others team up to improve food safety with blockchains (TechCrunch) IBM today announced that it is working with a consortium that includes Dole, Golden State Foods, Kroger, McCormick and Company, Nestlé, Tyson Foods,..
Cryptocurrency Mining: What It Is, How It Works And Who's Making Money Off It (Benzinga) NVIDIA Corporation (NASDAQ: NVDA)'s second-quarter earnings released earlier this month, though exceeding expectations, elicited cautionary reaction from the investor as well as...
I Tried Being BFFs With an AI (Motherboard) For a week, at least.
Academia
Stand up to cybercrime with a cybersecurity degree (Alamogordo Daily News) Cybersecurity program is now offered at Eastern New Mexico University
Bellevue University Competes in 'ASTORS' Homeland Security Awards (American Security Today) The winner of last year’s 2016 ‘ASTORS’ Homeland Security Awards Program Gold Award for the Best Homeland Security Education Program from American Security Today, has continued to set the pace. International and domestic security threats are rapidly evolving resulting in a variety of risks and vulnerabilities for citizens and organizations. This reality has resulted in rapid …
Legislation, Policy, and Regulation
Russia Revisited: How Did We Get Here? (Recorded Future) In this episode we take a closer look at Russia. What’s the historical context for its cybersecurity strategy and what are our options for dealing with it?
Vietnam looks to bolster its internet censorship (Southeast Asia Globe Magazine) Cybersecurity concerns remain amid Communist Party’s muzzling of free speech
Concerns ignored as Home Office pushes ahead with facial recognition (Naked Security) Picking faces out of a crowd using software is unreliable and fraught with problems – whichever side of the pond you’re on
Return to sender: military will send malware right back to you (Naked Security) ‘The threat could be a large nation-state or a 12-year-old’ – so is weaponizing malware and sending it back the right tactic?
How confident is your agency in the security of the IT it’s buying? (FederalNewsRadio.com) The Committee on National Security Systems released a new supply chain risk management policy in late July.
Litigation, Investigation, and Law Enforcement
Spanish police link 120 gas canisters to suspected terrorist plot (Deutsche Welle) Police suspect jihadis had planned to load three vans with gas to carry out far deadlier attacks than the ones that occurred this week. Authorities are still searching for a 22-year-old Moroccan suspect.
Barcelona attack: Las Ramblas killer Younes Abouyaaqoub shot dead after discovery in vineyard (Times) The man suspected of killing 13 people by driving a van into crowds on Las Ramblas was shot dead by police yesterday as he yelled Allahu akbar while wearing a fake explosives vest. Younes...
U.K. to prosecute online hate crime as seriously as offline hate crime (CSO Online) The U.K. is cracking down on hate crime that is committed online, telling prosecutors to treat online hate crime the same as hate crime committed offline.
Lawsuit against Daily Stormer is stuck; founder can’t be served papers (Ars Technica) They visited seven known addresses, but couldn't find Andrew Anglin.
Danish FM admits to selling mass-surveillance technology to Saudi Arabia, UAE despite human rights concerns (alaraby) Denmark's foreign minister has for the first time acknowledged that...
Peter King: Police surveillance necessary to avoid terrorist attacks 'whether or not that's politically correct' (Washington Examiner) The New York Republican said that strategy was the only way to mitigate terror threats.
Suspect Raising Money for IS Granted Bail in Pakistan (VOA) Release raises concern that fund raising activities will continue
After years of investigation, feds bust one of AlphaBay’s largest drug rings (Ars Technica) Suspect got this text: “Rule 101 in drug dealing... don’t be so f***ing mean to people.”