Palo Alto: the latest from Security in the Boardroom
From transcendentals to killbots: AI from Ars Magna to Maxim. (The CyberWire) Artificial intelligence and machine learning dominate so much conversation about cybersecurity that any CISO is faced with the necessity of explaining this family of technologies to the board. This is always challenging, especially with technologies so heavily hyped, and so liable to easy misunderstanding.
What do you say when they ask, "Are we secure?" (The CyberWire) Boards are in the business of managing risk, and they're accustomed to quantifying that risk in familiar business domains—financial risk, regulatory risk, and so on. But cybersecurity risk management remains in a relatively immature state. A panel on "Governance, Measurement, and Response" took up the issues surrounding cyber risk management.
Advice for boards: policy and the big picture. (The CyberWire) A fireside chat between Michael Chertoff (Executive Chairman and Co-Founder, The Chertoff Group) and Steve Daily (Chief Executive Officer, Ivanti—a company that traces its roots to Landesk) was nominally a chat about the boardroom's perspective on cybersecurity, but it proved much more far-ranging than that. Jim Pflaging (Principal and Technology Sector and Strategy Practice Lead, The Chertoff Group) moderated their discussion. They took questions from the audience and structured their discussion accordingly.
Cyber Attacks, Threats, and Vulnerabilities
Wikileaks Vault 7: CIA backdoored software updates to spy on allies (Computing) Another embarrassment for US intelligence dished up by Wikileaks.
Vault 7: CIA Used Fake Updates to Spy on Fellow US Intelligence Agencies (BleepingComputer) Wikileaks has released new files part of the Vault 7 series it claims it obtained from the CIA. The files dumped online yesterday reveal details about the inner workings of a biometrics system developed by the CIA, and which the agency has provided to various liaison services, such as the DHS, FBI, and NSA.
WikiLeaks hints at CIA access to Aadhaar data, officials deny it (The Times of India) WikiLeaks published reports on Thursday that claimed to “expose” that CIA is using tools devised by USbased technology provider Cross Match Technologies for cyber spying that may have comprised Aadhaar data. The claim was dismissed by official sources in India.
Aadhaar data base hacked by CIA? How UIDAI reacted to claims of leaks (The Financial Express) IDAI, while dismissing the allegations said, stated that the Aadhaar biometric capture system has adequate and robust security features to prevent the possibility of unauthorised capture and transmission of information linked to any biometric device being used.
WikiLeaks: Hostile is as hostile does (Jamaica Observer) “It is the sense of Congress,” according to the annual Intelligence Authorization Act now working its way through the US Senate, “that WikiLeaks and the senior leadership of WikiLeaks resemble a non-State hostile intelligence service often abetted by State actors and should be treated as such a service by the United States.”
Navy operations chief says there’s no evidence of a cyber attack on USS John S. McCain (Washington Times) Chief of Naval Operations Adm. John M. Richardson said Friday that there is still no evidence of a cyber attack in the accident on the USS John S. McCain.
How to hack a Navy vessel (TheHill) OPINION | A false sense of confidence enables the hacking of U.S. Navy ships.
U.S. Naval Mishaps – Human Error or Cyber Malfeasance? (CyberDB) 4 naval mishaps in 2017 plagued the U.S. Navy, and there is strong speculation that cyber malfeasance may have been the catalyst.
US destroyer collision: Some answers to a mystery at sea (Straits Times) 10 US sailors are presumed dead after the warship USS John S. McCain collided with oil tanker Alnic MC last Monday, in what could be the deadliest naval accident ever to occur in Singapore waters.
Maybe today’s Navy is just not very good at driving ships (Navy Times) The two collisions — and a total of 17 sailors lost at sea this summer — have raised concerns about whether this generation of surface fleet officers lack the basic core competency of their trade.
Cyber-attack alert weeks before USS John S McCain warship crashed (Times) Ship owners were warned about the threat of cyber-attacks only weeks before America began investigating the “possibility” that hackers caused the collision between one of its warships and an oil...
Hackers Will Take Advantage of Outdated Software (IT Business Edge) When the USS John McCain became the second naval ship to be involved with a deadly accident this summer, my first thought went to a potential cyberattack.
The Risk of an Unprotected Website: Ransomware Returns to Ukraine (eSecurity Planet) For the second time in as many months, a software developer's website was compromised and used to distribute malware.
As ‘Death to America’ Chants Lose Power, Iran Retools Propaganda With Rap Videos (New York Times) Forced to adapt or fizzle out, the country’s propaganda machine has embraced the latest trends and technologies to appeal to the sensibilities of young Iranians. Watch some of the most popular.
Russia’s propaganda machine amplifies alt-right (TheHill) Russia’s army of media influencers, social media bots and trolls are giving new voice to the far right.
Critical Vulnerabilities in SAP POS Allowing Hackers to Buy Everything for a Dollar (Payment Week) ERPScan researchers Dmitry Chastuhin and Vladimir Egorov identified several vulnerabilities in point of sale systems developed by SAP and Oracle. The most critical of them affects SAP POS solution allowing attackers not only to compromise customers’ data but gain unfettered control over the POS server.
Watch Someone Buy a Laptop for $1 Thanks to a Severe POS Vulnerability (BleepingComputer) A vulnerability in the SAP POS Xpress Server allows attackers to alter configuration files for SAP Point-of-Sale systems, alter prices, and collect payment card data and send it to one of their servers.
Someone Published a List of Telnet Credentials for Thousands of IoT Devices (BleepingComputer) A list of thousands of fully working Telnet credentials has been sitting online on Pastebin since June 11, credentials that can be used by botnet herders to increase the size of their DDoS cannons.
Race is On To Notify Owners After Public List of IoT Device Credentials Published (Threatpost) A list of device IPs and credentials has gone viral, kicking off an effort by researchers to notify the owners of these connected devices before they're hacked.
This expensive new ransomware targets organisations with specially crafted phishing lures (ZDNet) The Defray ransomware demands $5,000 from victims and has targeted hospitals, manufacturing companies, and even an aquarium with small-scale but highly-customised campaigns.
New ransomware strain targeting healthcare (Healthcare Finance News) The new variant, Defray, uses incredibly targeted attacks with lures that are custom-crafted to appeal to intended victims - making it much harder to spot, Proofpoint says.
WannaCrypt NHS victim Lanarkshire infected by malware again (Register) Infect me once, shame on you. Infect me twice …
Operations cancelled as cyber attack hits NHS Lanarkshire hospitals and GPs (BBC News) Operations are cancelled as services run by NHS Lanarkshire are affected by malware in computer systems.
Health chief says sorry after NHS Lanarkshire cyber attack (Scotsman) A health board chief has apologised after a malware attack led to procedures and appointments being cancelled.
Increase in malicious spam after WannaCry ransonware attack, report says (The National) Cyber criminals using public's fear over cyber attacks to their advantage by sending emails offering protection
Android Banking Trojan MoqHao Spreading via SMS Phishing in South Korea | McAfee Blogs (McAfee Blogs) Last month, a number of users started posting on South Korean sites screenshots of suspicious SMS messages phishing texts (also known as smishing) to lure
HBO hackers leak script and spoilers of Game of Thrones Season Finale (HackRead) Who doesn’t want to know what’s going to happen in Game of Thrones (GoT) Season 7’s upcoming episode? And, when it's The Finale of GoT season 7, viewers wo
HBO hackers made $3.2 million, leak ‘Game of Thrones’ Season 7 (TechObserver) HBO hackers who have been threatening to leak yet to be telecasted Season 7 finale of Game of Thrones, have leaked the data
Chinese Cyber-Espionage Group Uses Game of Thrones as Phishing Lure (BleepingComputer) A cyber-espionage unit is using the recent Game of Thrones episode leaks to lure targets into opening malicious documents sent via email.
Deprecated, Insecure Apple Authorization API Can Be Abused to Run Code at Root (Threatpost) An insecure Apple authorization API is used by numerous popular third-party application installers and can be abused by attackers to run code as root.
Mac Malware On The Rise (Information Security Buzz) It has been reported that more Mac malware has been seen in 2017 than in any year beforehand, according to a new report from information-security firm Malwarebytes says, and one of the company’s security experts told us that Apple’s current strategies may not be enough to stop the rising tide. James, Security Specialist at ESET commented …
Adware Spreading Via Social Engineering, Facebook Messenger (Threatpost) Attackers have taken to Facebook Messenger with a combination of social engineering and malicious JavaScript to spread adware.
Security Alert: Facebook Users, Don’t Click on This Link Spreading on Messenger (Heimdal Security Blog) A recently discovered adware is targeting Facebook users and spreading on Messenger.
App Install Advertising Fraud is a $300M Problem (eSecurity Planet) New report from DataVisor on the underworld of app install advertising reveals the techniques used by fraudsters.
Malicious AutoIT script delivered in a self-extracting RAR file (SANS Internet Storm Center) Here is another sample that hit my curiosity.
Touchscreens ‘at risk from chip in the middle attack’, warn researchers (Naked Security) Researchers call for manufacturers to recognize that compromised hardware is a real possibility
Mac's Biggest Threats Lurk in the Apple App Store (Dark Reading) Mac malware is on the rise, especially adware and potentially unwanted programs in the App Store.
How to hide backdoor in AI software (WIRED) Malicious machine learning can hide nasty surprises.
Apparent cyber attack sheds light on village security (Herald Community Newspapers) The Village of Rockville Centre appears to have been the victim of a broadly targeted cyber attack last month originating from a server in Russia, though cybersecurity experts said the attempt was …
Leaked: Private Photos of Nicole Scherzinger, Dakota Johnson and Addison Timlin (HackRead) Hackers have leaked private pictures of Fifty Shades of Grey's Dakota Johnson, Pussycat Dolls member Nicole Scherzinger, actress Faye Alicia Brookes and Ad
Facebook Figured Out My Family Secrets, And It Won't Tell Me How (Gizmodo) Rebecca Porter and I were strangers, as far as I knew. Facebook, however, thought we might be connected. Her name popped up this summer on my list of “People You May Know,” the social network’s roster of potential new online friends for me.
Smart grids more vulnerable to cyber attack (Digital Journal) Several electricity distribution systems are gradually transposed to smart grids. These allow for two-way communication and computer processing. However, this process makes smart grids increasingly vulnerable to cyberattacks.
9/11 Level Cyber Attack Imminent: Warns President Trump’s National Infrastructure Advisory Council (The Inquisitr) President Trump’s National Infrastructure Advisory Council (NIAC) releases a report to the U.S. National Security Council (NSC) warning of an imminent 9/11 level cyber attack crippling the ...
Artificial intelligence cyber attacks are coming – but what does that mean? (San Francisco Chronicle) The next major cyberattack could involve artificial intelligence systems. It could even happen soon: At a recent cybersecurity conference, 62 industry professionals, out of the 100 questioned, said they thought the first AI-enhanced cyberattack could come in the next 12 months.
Cyber Trends
Why the Honor Code Among Hackers Has Broken Down (Fortune) No rules anymore.
Lax security leaving Japanese information exposed on darknet (Kyodo News+) Japan is playing catch-up in the fight to protect its citizens from having their private information accessed in the internet's darkest corners.
Fire, Maneuver - and FireChat (Small Wars Journal) [Orson-and-H.G.Well(e)sian alert: this article is illustrative fiction, not a factual report of an invasion.] The “little green men” have been filtering into Druskininkai for at least the last eighteen hours. The Lithuanian government first identified the infiltration by mining local dash-cam footage taken from Uber-drivers transporting clientele in vicinity of the Lithuanian-Belarusian border.
Marketplace
Forcepoint Acquires RedOwl, Extends Global Human-Centric Security Leadership (PRNewswire) Global cybersecurity leader Forcepoint today announced the acquisition...
Versive Raises $12.7 Million, Uses AI to Hunt Security Threats (eSecurity Planet) Another company attracts VC funding for AI technologies that help enterprises mount effective defenses against today's complex cybersecurity threats.
Intercede raises £500k (Insider Media Ltd) Lutterworth-based digital identity software business Intercede has raised £500,000 through a share placing.
GenDyn wins $52M Navy contract for IT support (Gears of Biz) General Dynamics Information Technology is to provide cyber-security and IT support to the U.S. Naval Meteorology and Oceanography Command.
Cyber Command Split An Opportunity For Industry (Aviation Week) The direction by President Donald Trump to make U.S. Cyber Command a unified combatant command enables the command to equip its forces, making this a business opportunity for the likes of Raytheon and BAE Systems ...
CSRA Emerges as U.S. IT Powerhouse (EnterpriseTech) A well connected IT services provider formed through the merger of established government contractors is steadily extending its reach from providing cloud
Why Splunk, Inc. Stock Popped Today (The Motley Fool) The operational intelligence platform company jumped after its 11th straight quarterly beat.
Corvid wants to remove the weak link from cyber: the users (Computing) It's unrealistic to train users to recognise every threat, especially with modern hackers' levels of sophistication, argues CTO Andrew Nanson.
Products, Services, and Solutions
DNS Tunneling Detection Feature of Rohde & Schwarz Cybersecurity's Network Traffic Analysis Software Eliminates Weak Spots of Firewalls to Preserve Security (Presse Box) The OEM deep packet inspection software R&S PACE 2 now improves the reliability and credibility of network protection solutions. When embedded in a firewall,...
CenturyLink enhances VMware-based DCC platform, touts software-defined data center approach (FierceTelecom) CenturyLink is giving businesses the option to migrate to a hybrid cloud environment that balances public cloud agility with the security and dedicated infrastructure of a private offering with its DCC (Dedicated Cloud Compute) Foundation.
Technologies, Techniques, and Standards
Integrating GDPR into your day to day IT practices (Help Net Security) Although GDPR comes into force in May 2018, you need to think about integrating GDPR into your IT practices today, in order to be prepared.
Is Your Mobile Carrier Your Weakest Link? (KrebsOnSecurity) More online services than ever now offer two-step authentication — requiring customers to complete a login using their phone or other mobile device after supplying a username and password. But with so many services relying on your mobile for that second factor, there has never been more riding on the security of your mobile account.
R1P P455word: Keeping an eye on the hackers (Metro Newspaper UK) FOR years we’ve been told to make passwords as complex as possible, using upper and lower case characters, numbers and various other symbols to make it as cryptic as an MI5 code — only to find out that most of the trusted tricks we employ when crafting custom passwords actually make us more vulnerable to... View Article
Ransomware Insurance: Cyber Insurance May Be the Best Protection (eSecurity Planet) Next to reliable data backups, a good cyber insurance policy may be your best protection against the damage wrought by ransomware attacks.
Security leaders need better visibility of risk before the board asks (CSO Online) Kevin Cunningham, president of SailPoint, discusses how security leaders need better visibility of risks so they can advise their boards and protect their companies.
Know your adversary: Focus on social engineering (Help Net Security) If you want to truly understand all the threats your organization faces, a focus on social engineering is essential. Tim Roberts from NTT Security explains.
New tack in cyber safety (Perth Now) Parents have been urged not to block websites or ban social media, even when it seems the best way to ensure kids are safe in cyberspace.
Nothing as Safe as Houses From Spear-Phishers (Infosecurity Magazine) Why spear-phishers are now targeting wannabe homeowners.
Design and Innovation
‘Clever’ TapDance approach to web censorship that works at ISP level (Naked Security) The TapDance approach is just a proof of concept at the moment, but observers have welcomed it as a potentially useful tool
Hash of the Titan: How Google bakes security all the way into silicon (Register) Locking down servers and cloud with this itty-bitty chip
Research and Development
Smart algorithms for exploiting mass data will be available this year (Defense Systems) The algorithmic warfare program is embedding smart algorithms in weapons software to augment data analysis.
Why Quantum Computing's Threat To Bitcoin And Blockchain Is A Long Way Off (Forbes) Quantum computing could someday far surpass the processing power of today’s classical computers. And that thought has some cryptographers, and cryptocurrency users, worried.
A step toward practical quantum encryption over free-space networks (Help Net Security) Researchers have sent a quantum-secured message containing more than one bit of information per photon through the air above a city.
Navy seeks lightweight, jam resistant antennae (Defense Systems) Ultra-wideband phased array antennae could reduce costs and electronic footprint of weapons systems
Academia
Rochester students win national computer competition (Rochester Post-Bulletin) Rochester Public School students took first place at the National High School Computer Competition in Cincinnati, Ohio, at the end of July.
Air Force, private sector join in Alabama 'hackathon' (San Francisco Chronicle) The Air Force is joining with the private sector in Alabama to team up against cyber-security threats.
Legislation, Policy, and Regulation
China doubles down on real-name registration laws, forbidding anonymous online posts (TechCrunch) China's crackdown on Internet freedom is getting even more intense. Last Friday, the country's top Internet censor announced a new set of regulations (link..
NY's New Cybersecurity Regs for Banks, Insurers Take Effect (New York Law Journal) Banks, insurance companies and other financials services providers will have to comply with groundbreaking new cybersecurity rules established by the state D...
Victoria pushes whole-of-government approach for cyber security (Computerworld) Victoria’s government today unveiled the state’s first cyber security strategy. At the heart of the strategy is a shift to a whole-of-government approach for information security.
US security aid to Pakistan 'will be conditioned': White House official (The Economic Times) "There have been long standing relationships between the Pakistani intelligence officials and these terrorist groups. So, we don't expect things to change overnight."
Trump Cybersecurity Advisors Resign, Citing 'Insufficient Attention' to Looming Threats (Fortune) The President's denial of Russian election hacking was among their frustrations.
DISA taps rear admiral as its new vice chair - Fedscoop (Fedscoop) The agency selected communications specialist Rear Adm. Nancy Norton to help oversee its information technology and cyber operations.
OP-ED: A Cyber Terrorism Strategy in WV is Important to Safeguarding Election Systems and Voter Databases (Huntington News) The most challenging war we may need to fight in the future will be in cyberspace. It’s a fight I am preparing for as your Secretary of State.
Army breaking down network defense siloes (FederalNewsRadio.com) The Army Cyber Center of Excellence became fully operational and published its first doctrine for how it fights in cyberspace to include electronic warfare.
Litigation, Investigation, and Law Enforcement
Hezbollah Has Been Active in America for Decades (The National Interest) Hezbollah has suffered serious casualties in Syria, but also feels emboldened by its battlefield successes and may seek to flex its muscles globally.
FBI arrest may be first linked to OPM hack (FederalNewsRadio.com) The FBI may have made its first arrest in connection with the OPM hack that stole the data of 21.5 million current and former federal employees.
UNITED STATES OF AMERICA, Plaintiff, v. YU PINGAN a.k.a. "GoldSun" Defendant () COMPLAINT FOR VIOLATION OF: Title 18, U.S.C., Section 371 - Conspiracy; Title 18, U.S.C., Section 1030(a)(5)(A)-Computer Hacking; Title 18, U.S.C., Sections 982 and 1030(i) and Title 21, U.S.C., Section 853 - Forfeiture
U.S. state election officials still in the dark on Russian hacking (Reuters) The federal government has not notified U.S. state election officials if their voting systems were targeted by suspected Russian hackers during the 2016 presidential campaign, and the information will likely never be made public, a top state election chief told Reuters.
MalwareTech’s legal defense fund bombarded with fraudulent donations (Ars Technica) At least $150,000 in donations were from stolen or fake credit card numbers.
DHS has not yet notified states about Russian election hacks (TheHill) The Department of Homeland Security has not yet notified all states whose systems it knows Russian hackers breached during the 2016 elections that they were victims.
Court: Locating suspect via stingray definitely requires a warrant (Ars Technica) But, judge rules in Ellis, cops didn't need warrant due to "exigent circumstances."
Microsoft loses German case over force-feeding Windows upgrades (Computing) But will Microsoft extend the ruling to its twice-yearly operating system updates?
Alt-Right Chat Logs Are Key to Charlottesville Lawsuits (WIRED) Leaked documents describe weapons and cite potential "gunfight."
Guilty in Absence: Pirate Bay Founders to pay €405,000 to Record Labels (HackRead) The file sharing giant, The Pirate Bay, is in the news again for all the wrong reasons. This time, two of its founders Fredrik Neij and Gottfrid Svartholm
VW engineer sentenced to 40 months in prison for role in emissions cheating (Ars Technica) German automaker asked its US employee to perfect the cheat code, and he did it.