Washington, DC: the latest from the Billington CyberSecurity Summit
The view from the ODNI (The CyberWire) Director of National Intelligence Coats describes how cyberspace looks from his perch atop the US Intelligence Community: threats, vulnerabilities, and consequences. He offers a commitment and an invitation to more effective information sharing.
Cyber Looms as Top National Security Threat, DNI Says (MeriTalk) Cybersecurity threats have risen to the top of the nation’s national security concerns, according to U.S. Director of National Intelligence Daniel Coats, who spoke at the Billington CyberSecurity Summit on Sept. 13.
Intelligence director criticizes former officials for speaking out against Trump (TheHill) Director of National Intelligence Dan Coats on Wednesday called it "troubling" to hear outside officials criticize the White House's approach to intelligence.
U.S. ‘incredibly lucky’ to have avoided cyber calamity this long (Miami Herald) State hackers in China and Russia are capable of sabotaging critical U.S. utilities, experts say. But they don’t do so because it would be seen as act of war.
US Military Readying a More Aggressive Approach Against Iran (VOA) Top general says goal is to challenge Tehran in he so-called “gray zone” with a heavy reliance on cyber operations
Ransomware defense depends on product upgrades, patches (GCN) Intelligence officials encouraged IT managers to patch software and retire products at the end of their lifecycles.
Federal CISOs want more education and training to help boost incident response (FCW) To get ahead of cyberthreats, agency CIOs and CISOs want to focus on reducing response times from weeks and months to minutes.
Rep. Hurd stresses need to get ‘ahead of the curve’ on security of AI, quantum computing (Inside Cybersecurity) House Oversight IT subcommittee Chairman Will Hurd (R-TX) says the federal government’s procurement processes need to move more quickly to ensure the government is adopting artificial intelligence and quantum computing technologies -- before adversaries do and can leverage it to conduct cyber attacks.
NIST official says cyber framework update will be ‘light touch,’ finalized during first half of 2018 (Inside Cybersecurity) A National Institute of Standards and Technology official says “version 1.1” of the federal framework of cybersecurity standards will be finalized during the first half of 2018, offering “light touch” updates to help public and private organizations improve their cybersecurity.
Cyber Attacks, Threats, and Vulnerabilities
Over 4,000 ElasticSearch Servers Found Hosting PoS Malware Files (BleepingComputer) The Kromtech Security Center has identified over 4,000 instances of ElasticSearch servers that are hosting files specific to two strains of POS (Point of Sale) malware — AlinaPOS and JackPOS.
Thousands of Elasticsearch Servers Hijacked to Host PoS Malware (Threatpost) Over 4,000 insecure Elasticsearch servers have been hosting the point-of-sale malware Alina and JackPoS.
Billions of devices at risk as Bluetooth-bourne vulnerability exposed (ARN) A Bluetooth vulnerability dubbed BlueBorne, discovered in April, has been made public after companies including Google and Microsoft issued updates.
BlueBorne Vulnerabilities Impact Over 5 Billion Bluetooth-Enabled Devices (BleepingComputer) Security researchers have discovered eight vulnerabilities — codenamed collectively as BlueBorne — in the Bluetooth implementations used by over 5.3 billion devices.
Equifax confirms unpatched Apache Struts flaw was exploited in massive data breach (Computing) Apache Struts patch released two months before hackers struck
Equifax, Bowing to Public Pressure, Drops Credit-Freeze Fees (New York Times) The credit reporting agency, which recently disclosed a data breach affecting up to 143 million people, said it would waive the fees until Nov. 21 after receiving numerous complaints.
Experian Says Still Waiting for Explanation From Equifax (Bloomberg.com) Equifax Inc.’s lack of transparency about its massive data breach makes it difficult for the credit-rating firm’s competitors to check the security of their own information, according to Experian Plc.
Equifax Website Secured By The Worst Username And Password Possible (Forbes) The Equifax breach that leaked data on 143 million Americans and Canadians was about as disastrous as they come. As Forbes' Thomas Fox-Brewster pointed out last week, it wasn't an isolated incident. Equifax has had problems with security before.
Ixia: What can we learn from the Equifax breach? (BusinessWire) Ixia offers organizations advice on how they can learn from the recent Equifax breach and protect their web infrastructure.
New Kedi RAT Uses Gmail to Exfiltrate Data (Security Week) Kedi RAT Pretends to be a Citrix Utility, Transfers Data Using Gmail
Serious Flaws Found in IBM InfoSphere Products (Security Week) IT security services company SEC Consult on Wednesday disclosed the details of several unpatched vulnerabilities affecting IBM’s InfoSphere DataStage and Information Server data integration tools.
Windows 0-day is exploited to install creepy Finspy malware (again) (Ars Technica) Microsoft patches flaw after researchers report it was used by undisclosed country.
Over 1.65 Million Computers Infected With Cryptocurrency Miners in 2017 So Far (BleepingComputer) Telemetry data collected by Kaspersky Lab shows that in the first nine months of 2017, malware that mines for various types of cryptocurrencies has infected more than 1.65 million endpoints.
Bish, bosh, Bashware: Microsoft downplays research on WSL Win 10 'hack' threat (Register) To be fair, it's a hard hack to pull off
Hacker Tactics - Part 2: Supply Chain Attacks (Anomali) Adversaries are constantly changing and improving how they attack us. In this six-part series we'll explore new or advanced tactics used by threat actors to circumvent even the most cutting-edge defenses.On June 27th, 2017, the NotPetya malware campaign initiated in Ukraine and rapidly spread around the globe. NotPetya devastated businesses of all industry verticals as it began wiping large amounts of Windows systems. Cisco’s Talos researchers found that the initial infection vector
Voting machines can be hacked without evidence, commission is told (The Washington Times) The country’s voting machines are susceptible to hacking, which could be done in a way so that it leaves no fingerprints, making it impossible to know whether the outcome was changed, computer experts told President Trump’s voter integrity commission Tuesday.
Editorial: Guarding Virginians' votes (Virginian-Pilot) THE VIRGINIA Board of Elections’ decision Friday to eliminate the use of touch-screen voting machines represents a necessary step to protect the integrity of the vote across the commonwealth in
A Fake-News Warning From a Former Propagandist (Bloomberg.com) Why readers shouldn’t underestimate the power of disinformation.
Security Patches, Mitigations, and Software Updates
SAP Resolves 16 Vulnerabilities with September 2017 Patches (Security Week) SAP on Tuesday released 16 security notes as part of its SAP Security Patch Day, to which it also added 1 out-of-band release and 6 updates to previously released Security Notes, for a total of 23 Notes.
Adobe, Microsoft Plug Critical Security Holes (KrebsOnSecurity) Adobe and Microsoft both on Tuesday released patches to plug critical security vulnerabilities in their products.
Pixel and Nexus September Security Patches Have Started, We Think (Updated) (Droid Life) Ever since Android Oreo dropped, Google has pushed the update out in manner best described as, “Who knows wtf Google is doing.” From betas to stable to images and now into our first security patch, I’m not sure anyone knows if the typical rollout pattern has changed or if Google is simply working through some …
Cyber Trends
Virtualization’s hidden traps: security has become a battlefield for CISOs (Bitdefender) The increasing adoption of hybrid cloud -- a mix of public cloud services and privately owned data centers, already in place for 70 percent of companies on a global level – is giving rise to new security challenges and prompting CISOs to adopt different technologies to fight zero-day exploits, advanced persistent threats, and other devastating types of cybercrime.
Cybersecurity Issues & NIST CSF Taking the Pulse of Information Security Leaders (Rsam) Nearly 1,000 information security professionals registered for Rsam’s NIST CSF: Best Practices for Implementation webinar. We surveyed attendees to uncover what they think about cybersecurity issues in general and NIST CSF in particular. Here is what they said...
Web Application Attack Statistics: Q2 2017 (Positive Technologies) This report provides statistics on attacks performed against web applications during the second quarter of 2017. Sources of data are pilot ...
Poll: Majority of Small Business Owners Perceive Online Marketplaces Like Amazon as a Threat (Biz Buy Sell) BizBuySell, the Internet's largest business-for-sale marketplace, surveyed 762 small business owners to get their perspective on how various economic, political and technological threats are impacting the small business environment.
New Research From Cyber adAPT Reveals CISO Motivations Behind Threat Detection Investment (Sys-Con Media) Mobile, IoT, and cloud use driving need for investment in advanced technology
37 Percent of Global Organizations Unsure if They Need to Comply with GDPR (WatchGuard) 37 Percent of Global Organizations Unsure if They Need to Comply with GDPR
(ISC)² Finds IT Professionals are an Underutilized Cybersecurity Resource ((ISC)²) Largest association of certified cybersecurity professionals enables IT pros to more quickly attain SSCP® certification and bolster their organization’s security posture
Marketplace
Endpoint Cyber Security Defender AppGuard Closes a $30 Million Series B to Accelerate Growth in Enterprise and SMB Markets (AppGuard) Series B funding brings total financing to $100m for AppGuard since April
Silent Circle Acquires Kesala to Strengthen Data Protection for Global Business Operations (BusinessWire) Silent Circle today announced the acquisition of Kesala, a Maryland-based company which gained initial startup support from DataTribe.
Thales announces acquisition of US firm Guavus (India Today) null
Brocade employees flee as Broadcom acquisition looms: report (CRN Australia) Vendor will reportedly shed hundreds of staff before acquisition.
Confusion hits consumer market over US ban of Kaspersky (ABC News) Worries rippled through the consumer market for antivirus software after the U.S. government banned federal agencies from using Kaspersky Labs software on Wednesday. Best Buy said it will no longer sell software made by the Russian company, although one security researcher said most...
Cybersecurity Innovator SecBI Launches U.S. Office (PRWeb) Wes Robinson tapped to serve as VP of Sales, North America
Zerodium Offers $1 Million for Tor Browser Exploits (Security Week) Exploit acquisition firm Zerodium announced on Wednesday that it’s prepared to offer a total of $1 million for zero-day vulnerabilities in the Tor Browser, the application that allows users to access the Tor anonymity network and protect their privacy.
Northrop to continue developing USAF’s Cyber Mission Platform (Airforce Technology) The Air Force Life Cycle Management Center's (AFLCMC) Cryptologic and Cyber Systems Division has contracted Northrop Grumman to continue the development and deployment of the US Air Force’s Cyber Mission Platform (CMP).
Secarma scores big at Defcon global hacking convention (Secarma) On 27-30 July a crack team of Secarma ethical hacking specialists went out to Defcon 25 - the world's largest hacker convention, held annually in Las Vegas.
Startups rave about DHS's Silicon Valley Innovation Program (Fedscoop) Other agencies should take a good, hard look at what the Department of Homeland Security is accomplishing with its Silicon Valley Innovation Program, startup executives reflected on Wednesday at the AFCEA Homeland Security conference. Four early-stage companies, working in areas like Internet of Things security, radar vision for drones and more, joined a panel to …
Digital Defense Named 2018 TAG Cyber Distinguished Vendor (Digital Defense) Digital Defense, Inc., a security technology and services provider with proven success, is proud to announce its designation as a Distinguished Vendor in this year’s 2018 TAG Cyber Security Annual.
Flashpoint - Industry Veteran Seán McGurk Joins Flashpoint to Lead Advisory Services (Flashpoint) I’m thrilled to announce that industry veteran Seán McGurk has joined Flashpoint as our Executive Director of Advisory Services.
Verve Industrial Protection Announces Appointment of Experienced Cyber Security Executive Jim Crowley, as Vice President Sales & Marketing (Sys-Con Media) Verve Industrial Protection, the global leader in industrial control system (ICS) cybersecurity, today announced the appointment of Jim Crowley as Vice President Sales and Marketing. He will be responsible for revenue generation and new customer acquisition globally.
Products, Services, and Solutions
Inky Phish Fence (Google Chrome) Inky eats phish for breakfast. Inky Phish Fence protects you against phishing and other email-based attacks.
Keep The Bad Guys Out: High Caliber Launches Mithril, Its Firewall-As-A-Service Offering (PRNewswire) High Caliber Solutions has just announced national availability of their...
Mercury Systems Announces Industry’s First NIAP-Certified Self-Encrypting Commercial SSD for Classified Programs (Mercury Systems) Low-power SBC brings performance and secure technology to VME legacy systems
SonicWall and SentinelOne Join Forces to Provide Best-in-Class Automated Real-Time Breach Detection, Prevention and Remediation (BusinessWire) Announcing a new agreement to bring together SentinelOne’s next-generation endpoint protection with SonicWall’s next-generation firewall s
Barracuda Amplifies MSP Focus, Unveils New Brand (PRNewswire) Enhancements to ECHOplatform, expanded educational resources to help managed service providers.
Infoblox Enhances Partner Program to Expand Benefits for Valued Channel Partners - Infoblox (Infoblox) Infoblox Inc., the network control company that provides Actionable Network Intelligence, today announced enhancements to its partner program, BuildingBLOX, to offer additional benefits and training for valued channel partners. The new program reinforces Infoblox’s commitment to the channel with increased investment and focus on partners’ go-to-market efforts. Network environments are rapidly …
Ayehu Launches its Next Generation IT Automation and Orchestration Platform Powered by Artificial Intelligence (GlobeNewswire News Room) SaaS-Ready platform is the force multiplier for overwhelmed and understaffed IT and Security operations
McAfee launches new range of consumer security products (BetaNews) With internet threats showing no signs of slowing down, it's vital to keep all of your devices protected and this applies in the home as much as the workplace.
New FinalCode 5.3 Release Extends the Types of Applications Traditional IRM Can Support (FinalCode) FinalCode, Inc., today announced the immediate global availability of the newest release of its persistent, file-centric information rights management (IRM) solution that protects files wherever they go, inside and outside of the organization.
GlobalSign Announces CloudSSL Offering for SaaS Providers (GlobalSign) Leading certificate authority’s new automated offering enables SaaS companies to provide their customers with secure, built-in encryption
VITAL4DATA Releases VITAL4SEARCH, The First of Its Kind FCRA-Compliant Global Background Screening Data and Technology Platform (PRNewswire) VITAL4DATA announced today the release of VITAL4SEARCH SaaS solutions that...
Dashlane To Support Apple's New Face ID Technology (PRNewswire) The world's leading password manager Dashlane proudly continues its...
Comodo Advanced Endpoint Protection Wins 'APT Software of the Year' 2017 CyberSecurity Breakthrough Award (PRNewswire) Comodo, a global innovator and developer of cybersecurity solutions...
Comodo, StackPath Join Forces on Holistic Security Platform (Channel Partners) The new platform will integrate capabilities from the StackPath platform, Comodo cWatch web security management solution and cWatch Office secure web platform. Both companies will also begin offering the others' services as part of their broader solution offerings.
Technologies, Techniques, and Standards
Shipowners need to tighten security against cyber attacks on vessels (LoadStar) In response to the growing threat of cybercrime to the shipping sector, the UK government has launched a new code of practice to help shipowners improve security.
Code of Practice Cyber Security for Ships (UK Government: Department of Transport) This Code of Practice should be read by board members of organisations with one or more ships, insurers, ships' senior officers (for example, the Captain/Master, First Officer
and Chief Engineer) and those responsible for the day-to-day operation of maritime information technology (IT), operational technology (OT) and communications systems. It does not set out specific technical or construction standards for ship systems, but instead provides a management framework that can be used to reduce the risk of cyber incidents that could affect the safety or security of the ship, its crew, passengers or cargo.
CIS Controls Implementation Guide for Small- and Medium-Sized Enterprises (SMEs) (Center for Internet Security) This guide contains a small sub-set of the CIS Controls specifically selected to help protect SMEs.
Ransomware defense depends on product upgrades, patches (GCN) Intelligence officials encouraged IT managers to patch software and retire products at the end of their lifecycles.
Victorian hospitals aim to prevent cyber attack (Technology Decisions) A new cybersecurity trial is being launched in Victorian hospitals, aimed at keeping them safe from hackers.
Cybersecurity In Financial Services: Analyzing Third- & Fourth-Party Best Practices (BitSight) These five best practices will help align your vendor cybersecurity monitoring program with the top financial service organizations.
GDPR: Organisations ignoring paper-based risks, warns Xenith MD Justin Milligan (Computing) Lost and stolen documents a bigger source of data breaches than email, yet UK organisations are ignoring paper in their GDPR compliance strategies
Design and Innovation
Apple Brings FaceID to New iPhone X (Security Week) iPhone X Uses Facial Recognition to Unlock Device, Apple Says 1 in 1,000,000 Chance of False Positive
Research and Development
Encryption-breaking quantum computers getting closer, warns Canadian expert (IT World Canada) With research accelerating around the world on next-generation quantum supercomputers, the odds of someone creating a new machine able to crack current
Legislation, Policy, and Regulation
Saudi calls for social media informants decried as 'Orwellian' (Reuters) Saudi Arabia has urged its people to report subversive comments spotted on social media via a phone app, a move denounced by a human rights watchdog as "Orwellian".
Trump administration orders purge of Kaspersky products from U.S. government (Reuters) The Trump administration on Wednesday told U.S. government agencies to remove Kaspersky Lab products from their networks, saying it was concerned the Moscow-based cyber security firm was vulnerable to Kremlin influence and that using its anti-virus software could jeopardize national security.
Department of Homeland Security orders all Kaspersky products to be purged from government within 90 days (Computing) No evidence cited - order based on concerns
DHS gives agencies 90 days to remove Kaspersky Lab IT from networks (FederalNewsRadio.com) The Homeland Security Department issued their fifth binding operational directive on Sept. 13.
UK Data Protection Bill will exempt journalists and researchers (Computing) New proposals will protect professionals who have to handle personal data without consent
Equifax data breach focuses Washington's attention on security of sensitive personal information (Los Angeles Times) The data breach at credit reporting firm Equifax has put the company in the cross-hairs of congressional committees and fueled a push for stronger consumer protections.
Governments must fix the digital identity mess, says think tank (Naked Security) Digital identity schemes are surely just around the corner – and they’re already in place in India and Estonia. But there are problems to be ironed out
Cyber Warriors and Cyber Spies Struggle to Strike Balance (The Cipher Brief) On May 2, 2011 the agonizing, decade-long hunt for Osama bin Laden finally ended. The raid by U.S. Navy seals on the walled compound in Abbottabad, Pakistan was the culmination of years of intelligence gathering. Following the September 11, 2001 attacks, the CIA stepped up efforts begun years earlier to gather information on al Qaeda’s …
Litigation, Investigation, and Law Enforcement
Chinese billionaire who exposed CCP corruption on social media seeks asylum in U.S. (World Tribune: Window on the Real World) by WorldTribune Staff, September 12, 2017 A Chinese billionaire who received death threats after exposing corruption in the Chinese Communist Party’s (CCP’s) leadership has a “strong cl…
Mueller probe is said to have focus on social media (The Columbian) Russia’s effort to influence U.S. voters through Facebook and other social media is a focus of special counsel Robert Mueller’s investigation into the 2016 election and possible links to
We now know why Susan Rice requested to 'unmask' the names of Trump associates (Business Insider) Susan Rice wanted to know why the crown prince of the UAE visited Trump Tower last December without informing the US government.
How the NSA Built a Secret Surveillance Network for Ethiopia (The Intercept) Amid concerns about Ethiopia's human rights abuses, the NSA forged a secret relationship with the country that expanded exponentially over the years.
'Robot lawyer' takes on Equifax (BBC News) DoNotPay bot prints documents to help users sue Equifax in small claims courts for up to $25,000.
Opinion | The Terrifying Power of Internet Censors (New York Times) Dropping a Nazi website seems fine, but what if Cloudflare suspended security service for a political candidate that its leader didn’t like?
Stop Googling Your Symptoms; It May Just Kill You Faster (Mercola) Sign the "Don't be evil" petition to stop Google's growing monopoly and avoid all Google products, including Gmail, Google docs and Google's search engine.
Amazon in £1.5bn tax fraud row (Times) The tax authorities accused Amazon yesterday of failing to co-operate fully in tackling a multibillion-pound fraud that is putting scores of small British companies out of business. Figures from HM...