Palo Alto: the latest from Security in the Boardroom
Security in the Boardroom: Technology Change, Risk Management, and Duties of Care (The CyberWire) Given their responsibility for the health of the business, boards of course are deeply involved with risk management: threat, consequence, and vulnerability. As they grapple with cyber risk, they need help arriving at a clear business understanding not only of unfamiliar technologies, but of the cultures those technologies inhabit and affect.
Former DHS Secretary calls for security experts to raise their game (Blasting News) Michael Chertoff tells gathering in Silicon Valley that security community must respect warnings over vote tampering and other threats.
Cyber Attacks, Threats, and Vulnerabilities
We’re coming to take back Spain, Isis video says (Times) Islamic State has issued its first ever video in Spanish, threatening more terrorist attacks and vowing to reconquer al-Andalus for the “caliphate”. Al-Andalus was the name given to the Iberian...
Boy who claims his father was an American soldier warns Trump in disturbing ISIS video (Military Times) An ISIS propaganda video allegedly features a 10-year American boy named Yusuf — who claims his father fought as a U.S. soldier in Iraq — threatening President Trump.
Migrant crisis: Facebook publishes torture used to extort ransom (Times) People smugglers and slave trading gangs are using Facebook to broadcast the abuse and torture of migrants to extort ransom money from their families. Footage that has remained on the social media...
Hacked Celebrity Nudes Show ‘Freedom of Speech’ Is Arbitrarily Defined By Internet Corporations (Motherboard) The same companies that took action against the Daily Stormer are enabling the dissemination of hacked celebrity nude photos.
DreamHost takes a beating after hosting racist Daily Stormer (Ars Technica) The neo-Nazi site has struggled to find a domain registrar.
Ransomworms on the rise: yet another wake up call for the enterprise (SC Media UK) 90% of enterprises still recording exploits for vulnerabilities that are more than 3 years old, and 60% for vulnerabilities more than 10 years old.
Apps allow novices to craft their own Android malware (iTWire) Security firm Symantec says it has discovered a new trojan development kit, an app that enables even those who know little about coding to create Andr...
Malware rains on Google’s Android Oreo parade (Naked Security) It may be summer here in the northern hemisphere, but Android users face a shower of new threats
Researcher Releases Fully Working Exploit Code for iOS Kernel Vulnerability (BleepingComputer) Adam Donenfeld, a researcher with mobile security firm Zimperium, has published today proof-of-concept code for zIVA — a kernel exploit that affects iOS 10.3.1 and previous versions.
Emonet: Trojan returns to steal Brits' banking credentials (Inquirer) Trojan 'absorbed NSA exploits' to spread via network security flaws,Security ,Security,trojan,malware
Locky Ransomware Keeps Returning After Repeated Absences (PhishMe) It seems that each time the information security community is ready to declare the Locky ransomware dead and gone, phishing threat actors launch new campaigns with new characteristics.
CS:GO Cheat Delivers Cryptocurrency Miner on MacOS (BleepingComputer) Counter-Strike: Global Offensive (CS:GO) players looking to get a leg up on the competition by using the vHook cheating app for macOS were also infected with a cryptocurrency miner.
OSX.Pwnet.A - CS: GO Hack and Sneaky Miner (SentinelOne) OSX.Pwnet.A - a hack for Counter-Strike: Global Offensive on macOS and a trojan that could mine CryptoCurrencies without user consent.
DDoS Attackers Taking Direct Aim at Gaming Companies, Akamai Reports (eWEEK) Akamai's 2Q17 State of the Internet / Security report reveals new trends in the DDoS and web application attack landscape.
Malicous Chrome Extensions Stealing Roblox In-Game Currency, Sending Cookies via Discord (TrendLabs Security Intelligence Blog) Recently, we discussed how cyber criminals are using the popular voice/chat client Discord to steal cookies from the running Roblox process on a Windows PC. Since then, we've noticed another attack going after the same information, only this time it is via Chrome extensions (CRX files).
Are you a student? Your personal data is there for the asking (Naked Security) Your college can – and will – hand over your personal details to anyone who asks, warns a researcher who is calling for better protection for students
Cryptocurrency Wallets Targeted By Attackers (Information Security Buzz) Kyle Lady, Senior R&D Engineer, Duo Security commented below on the story regarding attackers exploiting two-factor authentication by using a phone numbers to gain access to victim’s devices.
Cryptocurrency Mining Malware Hosted in Amazon S3 Bucket (Threatpost) Attackers are using an exploit kit to spread the Zminer executable that downloads a cryptocurrency miner hosted in an Amazon S3 bucket.
Coin mining malware heads to the cloud with Zminer (Netskope) Netskope Threat Research Labs has detected several samples related to a coin miner malware named Zminer. The kill chain begins with the delivery of a drive-by download Zminer executable that...
Neptune EK Still Alive and Well and Driving Malvertising (Infosecurity Magazine) Unfortunately, this indicates a poor patch management posture across the board.
Cyber bank robbers stick up Ethereum owners for$225 million (SF Gate) Here's another reason to be leery of the initial coin offerings being done at a staggering pace in the cryptocurrency world: There's a 1-in-10 chance you'll end up a victim of theft.
Facebook Typosquatting Campaign Harvests User Info (Infosecurity Magazine) Facebook Typosquatting Campaign Harvests User Info. Over 100 brands abused in bid to steal credentials, says DomainTools
Why It’s Still A Bad Idea to Post or Trash Your Airline Boarding Pass (KrebsOnSecurity) An October 2015 piece published here about the potential dangers of tossing out or posting online your airline boarding pass remains one of the most-read stories on this site.
Cyber attack not lone occurrence (The News-Examiner) A cyber attack last week, of the software system used by Franklin County to track its finances, is not the only such occurrence experienced by the county this
Two Weeks Before WannaCry: Surviving a Zero-Day Ransomware Attack (Infosecurity Magazine) There are many factors that can be gained from this experience, not least realizing how capable the attackers were
Cat food shortage after cyber attack hits one of UK's biggest suppliers (Metro) Shortages have been reported across London and the Home Counties.
Security Patches, Mitigations, and Software Updates
Microsoft's Bid to Save PowerShell From Hackers Starts To Pay Off (WIRED) The often-attacked framework finally learns to play defense.
90% of Companies Get Attacked with Three-Year-Old Vulnerabilities (BleepingComputer) A Fortinet report released this week highlights the importance of keeping secure systems up to date, or at least a few cycles off the main release, albeit this is not recommended, but better than leaving systems unpatched for years.
Cyber Trends
You can't even trust your Sysadmins to use complex passwords (SC Media UK) 86 percent of sysadmins use only the most basic username and password authentication to access and protect their main business account on-site.
Security issues of the top and bottom government organizations (Help Net Security) SecurityScorecard released its U.S. State and Federal Government Cybersecurity Report, which showcases the cyber health of the nation's government entities.
Marketplace
7 Tips for Recruiting the Infosec Talent You Need Now (BankInfo Security) Hiring managers will need to get increasingly creative to find talent to fill their vacant information security positions, particularly in a shallow talent pool
Amazon-Backed Scout Soars on ASX Debut (The Bull) Amazon-backed US home security startup Scout Security has made a strong debut on the Australian share market, with its shares climbing 18 per cent on their first day of trading.
Cybersecurity business with SA office up for auction at $10.6M (San Antonio Business Journal) A cybersecurity company with a presence in San Antonio is up for sale to the highest bidder.
Show the proof, or cut it out with the Kaspersky Lab Russia rumors (CSO Online) The United States intelligence agencies have Kaspersky Lab in their crosshairs, but this a case of smoke, but no fire.
Better Buy: FireEye, Inc. vs. Fortinet (Madison) It's been nothing short of a banner year for both FireEye (NASDAQ: FEYE) and Fortinet (NASDAQ: FTNT), with the data security providers' stocks climbing 20% and 25%, respectively, in 2017.
Webroot Announces Significant Growth in Fiscal Year 2017 (Business Insider) Webroot, the market leader in endpoint security, network security, and threat intelligence, announced 15 percent year-over-year bookings growth for its fiscal year ending on June 30, 2017.
CrowdStrike thrives in APAC as it builds out channel & customer relationships (Security Brief) "We are excited to expand our presence in APAC countries and will continue to invest within the region throughout the rest of 2017."
Here’s a way to silence Trump on Twitter: Buy the microblogging service (Ars Technica) White House says it’s a “ridiculous attempt” to silence Trump’s 1st Amendment rights.
Zerodium Offers Half-Million-Dollar Payouts for Secure Messaging Exploits (Infosecurity Magazine) It's looking for fully weaponized 0-days for WhatsApp, Signal, Facebook Messenger, iMessage and others.
SafeBreach Co-Founder, CTO Itzik Kotler Wins Rising Star Leadership Award from SC Media (Marketwired) SafeBreach, the leading provider of Breach and Attack Simulation, announced that company co-founder and CTO Itzik has been named winner of the Rising Star category in the inaugural SC Media Reboot Leadership Awards.
Products, Services, and Solutions
New infosec products of the week: August 25, 2017 (Help Net Security) Malwarebytes for Android features proprietary anti-ransomware technology Malwarebytes released Malwarebytes for Android, featuring targeted defense against
Thales’s newest advanced data security solutions achieve FIPS 140-2 certification (Thales Security) Thales nShield XC hardware security modules and Vormetric Application Encryption certified to security industry benchmark
Illumio 2.0 takes the complexity out of micro-segmentation (CSO Online) The company's “adaptive security platform” (ASP) helps businesses visualize the flows in a data center.
Telstra steps up cyber security ambitions with new operations centres (Financial Review) Telstra has taken a high-profile step in its bid to establish itself as a significant player in the booming global cyber security market.
Telstra lifts lid on security (The Australian) Telstra has expanded its local cybersecurity footprint with its Sydney security operation centre officially open for business and its Melbourne counterpart ready to come online next month.
Cybersecurity Technology Supplier Claroty Inks Another Large Partnership (Automation World) Schneider Electric and Claroty partner to address industrial control system safety and cybersecurity.
Malwarebytes releases versions for macOS, Android (iTWire) Security vendor Malwarebytes has released versions of its anti-malware software for macOS and Android. The company said Malwarebytes for Mac included...
Kaspersky IoT Scanner wants to secure your smart home (IT Pro Portal) Free download monitors your smart home network, and protects against possible botnet attacks.
ZeroDown® Software joins forces with Fortinet to Deliver Always Available and Always Secure Services for the Cloud (Benzinga) ZeroDown Software announced today that it has joined Fortinet's Technology Alliance Partner program, paving the way for ZeroDown's Multi-Cloud with Business-Continuity services to...
Maryland Cyber Jobs platform takes a skills-based approach to hiring (Technical.ly Baltimore) The Cybersecurity Association of Maryland is partnering with SkillSmart on the new tool.
Atomicorp Releases WAF Rule Set for ModSecurity At No Cost (Benzinga) Atomicorp provides the industry leading ModSecurity Web Application Firewall (WAF) Rules and is now offering a substantial portion at no charge to users. Without Rules,...
Verizon ramps up cloud cybersecurity with Check Point pact (FierceTelecom) Verizon is giving its enterprise customers another option to ensure cloud security by adding Check Point’s software to its growing Virtual Network Services suite.
New ship cyber security program unveiled (Marine Electronics & Communication) Shipowners have another solution to thwart cyber attacks on their vessels and offices after Port-IT launched a new service. The company worked with WatchGuard to create a unified threat management package for maritime.
GoDaddy Launches TrustedSite Certificates with McAfee Integration (Web Host Industry Review) The McAfee seal increases trust and increases online conversions by up to 10 percent, GoDaddy says. Read More
KB Life employs AI to enhance security posture (Enterprise Innovation) As one of the largest Korean insurance companies in the country, KB Life Insurance serves over 400,000 customers across 34 branches offering life, health and critical illness products.
Technologies, Techniques, and Standards
Wanted: Metrics for Measuring Cyber Performance and Effectiveness (GovTechWorks) Intense worries about cybersecurity mean system owners are stacking up cyber tools to help protect their organizations, often duplicating features and capabilities in the process.
GDPR and Information Security Arbitrage (International Policy Digest) The European Union's General Data Protection Regulation, or GDPR, will have far reaching ramifications for the UK and Europe.
GDPR Compliance Preparation: A High-Stakes Guessing Game (Dark Reading) It's difficult to tell if your company is meeting the EU's data privacy and security standards -- or US standards, for that matter.
Prepare for the EU Data Protection Law – Start Here (Heimdal Security Blog) The new EU Data Protection Regulation will come into full effect in May 2018. Here's how to start preparing for it:
How to protect against data breaches and comply with Delaware law (Delaware Business Times) The Better Business Bureau reports that as of June 30 there have already been 2,227 data breaches this year resulting in the theft of more than 6 billion records — exceeding the number for all of 2016.
Germany Has Created the World’s First Ethical Guidelines for Driverless Cars (Motherboard) These robots are going to have to make some tough choices.
The 3 Most Common Misconceptions About Cyber Defense -- 'Culture, Complexity, Commitment' (Forbes) Traditionally, tacticians in war have said, “The best defense is a good offense.” However, that statement couldn’t be farther from the truth when it comes to creating a cyberwar defense strategy.
Enterprise security needs a Mother of Dragons to keep attackers out (CSO Online) Some Game of Thrones defense strategies you can apply to your organization's cybersecurity strategy
Netskope says shadow IT and security can co-exist (iTWire) "The credit card is mightier than the firewall," says Netskope's Scott Hogrefe, referencing the ease in which conventional IT departments can be...
Disaster recovery vs. security recovery plans: Why you need separate strategies (CSO Online) Responding to a cyber security incident has its own unique objectives and requires its own recovery plan.
Ransomware: The Tripflare in the Modern Cyberwar (Dark Reading) With the frequency and scale of breaches on the rise, and our legacy security failing to protect us, is ransomware the catalyst we need to trigger improvement in our security postures?
Living in an Assume Breach world (Help Net Security) Watch for enemies within and without, while being ready to respond calmly and totally at a moment’s notice. This is living with the Assume Breach mindset.
Applying proper cloud access control to prevent data exposures (SearchCloudSecurity) A misconfigured Amazon S3 bucket has been behind several recent data exposures. Here's how to set up proper cloud access control.
How Startups Can Source Data To Build Machine Intelligence (Forbes) Data is the fuel of the new AI-based economy.
Using Phishing Intelligence to Reel In Advanced Threats and Protect Corporate Networks (Security Intelligence) By integrating phishing intelligence with an SIEM solution, security analysts can proactively monitor APTs and manage risks related to phishing attacks.
Design and Innovation
qBitcoin: A Way of Making Bitcoin Quantum-Computer Proof? (IEEE Spectrum) Like many other encryption-dependent things, Bitcoin could be vulnerable to hacks by future quantum computers. qBitcoin would use quantum cryptography to keep it safe
This Website Only Works When You’re Offline (Motherboard) Everybody’s gotta log off sometime.
System-of-Systems Approach to Securing the Data Center on Wheels (Infosecurity Magazine) We are rapidly approaching a point in which the automobile will be built around the software, as opposed to the other way around.
General Atomics sheds light on the future of unmanned tech (Defense News) Swarming, automation and an improved version of the MQ-9 Reaper are just some of the technologies where General Atomics is making investments.
Research and Development
A step toward practical quantum encryption over free-space networks (Help Net Security) Researchers have sent a quantum-secured message containing more than one bit of information per photon through the air above a city.
Academia
What Cyberthreats Do Higher Education Institutions Face? (Forbes) It seems there's an endless stream of media coverage on all of the companies that have become been victimized by ransomware attacks. But business isn't the only sector with a target on its back ...
Nominum and CIRA Create (Canada Newswire) CIRA's "Powered by Nominum" D-Zone DNS Firewall protects teachers, students and administrators from ransomware and...
Legislation, Policy, and Regulation
Snoopers’ Charter Could Scupper UK-EU Data Flows: Experts (Infosecurity Magazine) Government releases paper on post-Brexit data transfers, but ignores surveillance apparatus
Protecting Financial Data in Cyberspace: Precedent for Further Progress on Cyber Norms? (Just Security) In terms of norm identification, few issues have proven more problematic than cyber operations targeting data, whether in peace or war. Of particular note are those involving financial data, in large part because of the interdependency of the global financial system.
BIS Implements Wassenaar’s Note 4 Amendment: Accentuate the Positive (ExportLawBlog) Last week the Bureau of Industry and Security published a final rule implementing the changes adopted by the December 2016 Wassenaar Arrangements Plenary meeting. Most of these changes are the usu…
Cyberattacks, not North Korea, pose greatest security threat (TheHill) OPINION | Targeted cyberattacks by state-sponsored advanced persistent threat (APT) groups and terrorist and criminal non-state actors are being overlooked.
We need digital IDs to beat cyber fraudsters (Times) Identity fraud is a nasty crime, but not a new one. In AD69 at least two contenders for the Roman throne impersonated the missing emperor Nero (who had in fact committed suicide a year earlier)...
Could Offering Spy Secrets To State Officials Help Safeguard Future Elections? (NPR) Congress could arrange for state elections officials to view high-level secrets about potential threats to their elections. First, they need security clearances.
At CIA, a watchful eye on Mike Pompeo, the president’s ardent ally (Washington Post) The director’s tendency to play down Russian interference in the 2016 election is seen as a nod to Trump.
Litigation, Investigation, and Law Enforcement
FSB Agents Arrested for Giving CIA Information About Russian Hackers (BleepingComputer) A Russian television station — TV Rain — claims to have obtained insider information about the arrests of Sergey Mikhailov, a Russian intelligence agent that lead the FSB's Center for Information Security, and Dmitry Dokuchayev, also an FSB agent and Mikhailov's deputy.
FBI arrests Chinese national connected to malware used in OPM data breach (CNN) The FBI has arrested a Chinese national who is facing charges related to the malware used in the 2015 data theft from the Office of Personnel Management computer systems ...
Microsoft Wins Court Approval to Combat Fancybear Hackers (WinBuzzer) Microsoft has won the right to prevent Fancybear hackers from using malicious domains with the company’s name. The trademark
Verizon: US government requests for phone records on the up (Naked Security) Cellphone provider warns that it’s increasingly being asked to provide huge and broad data dumps – such as records of every phone that passed by a given tower
Additional Release of FISA Section 702 Documents (IC on the Record) Today the ODNI, in consultation with the Department of Justice, is releasing additional FISA Section 702 documents.
Some In Congress Don't Get The "Gravity" Of Russian Election Meddling, Former CIA Director Said (BuzzFeed) John Brennan, CIA director under President Barack Obama, also bemoaned a "barrage" of "inaccurate and misleading" news reports. He made these statements in an internal memo to CIA
FBI's Manafort raid included a dozen agents, 'designed to intimidate,' source says (Fox News) The FBI’s July raid on former Trump campaign chairman Paul Manafort's Virginia home lasted 10 hours and involved a dozen federal agents, who seized documents labeled “attorney-client,” according to a source close to the investigation.
DoJ Subject to Strict Oversight in Anti-Trump Site Investigation (Infosecurity Magazine) DoJ Subject to Strict Oversight in Anti-Trump Site Investigation. Judge ruling aims to protect First and Fourth Amendment freedoms
Your personal data is yours & nobody else’s (Economic Times Blog) Raise a toast to nine judges of the Supreme Court (SC) who have said your right to privacy is fundamental, ranking right up there with rights to life and freedom of expression. Privacy as a...
Cybercrimes in Russia Rise Sixfold Over 3 Years – Prosecutor General (Sputnik News) The number of cyber crimes committed in Russian from 2013 to 2016 has gone up by six times, Russian Prosecutor General Yury Chayka said on Thursday.
Report Calls for New Cyber-Police Academy to Boost Skills (Infosecurity Magazine) Report Calls for New Cyber-Police Academy to Boost Skills. Thinktank Reform claims major changes are needed to UK law enforcement
Energy firm slapped with a fine after making 1.5m nuisance calls (Naked Security) Think you’ve opted out of robocalls from marketers? So did the people who complained – and got the offender hit with a fine
Hacked Off (Splash 24/7) Does shipping need to thrash out a new legal framework regarding cyber attacks?
Megaupload execs’ extradition may be at risk after new spying revelations (Ars Technica) GCSB couldn't say more without jeopardizing the national security of New Zealand.
Convicted felon Martin Shkreli finds novel way to be a jerk online (Ars Technica) He has offered to sell a New York Post reporter's domain name for $12,000.