Cyber Attacks, Threats, and Vulnerabilities
Deloitte hacked, says 'very few' clients affected (Reuters) Global accounting firm Deloitte [DLTE.UL] said on Monday it was the victim of a cyber attack that affected the data of a small number of clients, providing few details on the breach.
Source: Deloitte Breach Affected All Company Email, Admin Accounts (KrebsOnSecurity) Deloitte, one of the world’s “big four” accounting firms, has acknowledged a breach of its internal email systems, British news outlet The Guardian revealed today.
Deloitte left red-faced by hacking of client details (Times) A hacker infiltrated Deloitte’s email system and accessed confidential information associated with several of its clients, it has emerged. The professional services firm admitted to the cyberattack...
Industry reactions to the Deloitte cyber attack (Help Net Security) Deloitte has been targeted in an attack that compromised the emails and plans of some of its clients. Here's insight from infosec industry executives.
Equifax CEO Richard Smith steps down after massive data breach (Los Angeles Times) Equifax announced Tuesday that its CEO, Richard Smith, has retired. It's the latest fallout of a breach that exposed the Social Security numbers and birth dates of up to 143 million people.
Equifax CEO Richard Smith has ‘retired’ following huge data breach (TechCrunch) Just over a week after Equifax's chief security officer and chief information officer "retired," the bungling company's CEO has made the same move after a..
Thank Equifax for that fake new mortgage on your house, stolen tax refund (McClatchy DC) Massive hack of credit bureau could lead to years of headaches for consumers who lost personal data. But could it also lead to better protection?
Cybercrime wake-up call (Albuquerque Journal) Cybersecurity experts say the massive breach of credit-reporting company Equifax Inc.’s data systems may be a needed wake-up call to galvanize business and government into much more aggressive action to protect online data in today’s hyperconnected cyber world.
Can a Phoenix of Accountability Emerge from the Ashes of Equifax breach (Cyberdb) Equifax breach exposed data of approximately 143 million people and raises public concerns over accountability
Questions emerge about Equifax, SEC breaches (FederalNewsRadio.com) The two entities learned of the breaches eventually, but they didn't rush to sound the alarm and notify government watchdogs or the public.
Mobile Stock Trading App Providers Unresponsive to Glaring Vulnerabilities (Threatpost | The first stop for security news) IOActive analyzed 21 mobile stock trading platforms and found vulnerabilities that put transactions and personal information at risk.
Apple's macOS High Sierra will launch with a major security hole (ZDNet) The vulnerability lets an attacker steal the contents of a Keychain — without needing a password.
Russian hackers exploited a Google flaw — and Google won't fix it (Salon) Hacker team "Fancy Bear" used a Google security flaw to attack journalists, and the tech giant has done nothing
Russian operatives used Facebook ads to exploit America’s racial and religious divisions (Washington Post) A sophisticated influence campaign tried to employ such things as Black Lives Matter and wariness of Muslims as wedges.
What, Exactly, Were Russians Trying to Do With Those Facebook Ads? (The Atlantic) From what we know now, it was too small to seriously influence the election, but too big to be an afterthought.
Nuclear war isn't North Korea's only threat (CNN) The country has invested heavily in cyberattack operations to target Western countries and South Korea, Eric O'Neill says.
North Korea Bypassing International Sanctions with Bitcoin Mining (Bitcoinist.com) New reports are suggesting that the North Korean government is using the digital currency Bitcoin in order to bypass sanctions.
Tech support scam used to run cryptocurrency miner in Chrome, IE (iTWire) Researchers at security firm Trend Micro say they have discovered a new campaign that aims to implant a cryptocurrency miner when users visit infected...
How ISIS Is Transforming (Foreign Affairs) ISIS is transforming from an insurgent organization with a fixed headquarters to a clandestine global terrorist network.
Gov’t Actions, Not Religion, ‘Tipping Point’ for African Youths Joining Violent Extremism (IPS) Government action, rather than religious ideology, is a stronger predictor for radicalization in Africa, according to a two-year landmark study by the United Nations Development Programme (UNDP).
Threat Spotlight: Defray Ransomware Hits Healthcare and Education (Cylance) Defray is a sophisticated, high-price ransomware attack aimed at very specific victims in the Healthcare and Education sectors.
XPCTRA Malware Steals Banking and Digital Wallet User's Credentials (SANS Internet Storm Center) While hunting some phishing emails these days, I came across a malware campaign similar to EngineBox, a banker capable of stealing user credentials from multiple banks
The software flaw that could beam out passwords by DNS (Naked Security) iTerm2 was trying to be helpful.
Avast admits more errors in CCleaner malware analysis (ITWire) Czech cyber security company Avast has had to backtrack again on information that it has released so far about the compromise of CCleaner, a Windows u...
Wordfence names hacker who targeted WordPress plugins (Enterprise Times) Wordfence lists nine WordPress plugins used by Mason Soiza to distribute spam for services such as payday loans and gambling sites.
Display Widgets Plugin Includes Malicious Code to Publish Spam on WP Sites (Wordfence) Note: This post is the first part of a series. The series has a second detailed follow-up which discusses the identity of the person behind the Display Widgets plugin spam. Then there is a third in the series which explains how the same spammer influenced a total of 9 plugins over 4.5 years. If you have …
Android unlock patterns are a boon for shoulder surfing attackers (Help Net Security) The "swiping" unlock patterns typical for Android devices are considerably easier for shoulder surging attackers to discern than PIN combinations.
The Man Behind Plugin Spam: Mason Soiza (Wordfence) This post is part of a series. This is the second post and a follow-up to our first story titled “Display Widgets Plugin Includes Malicious Code to Publish Spam on WP Sites“. There is a third post in this series which explains how the same spammer influenced a total of 9 WordPress plugins over a …
UK Police: Buying Fake Goods Online Can Lead to ID Theft (Infosecurity Magazine) UK Police: Buying Fake Goods Online Can Lead to ID Theft. City of London Police says over 4,000 sites were created using stolen IDs
No, Facebook spies aren’t secretly “following me”, it’s a hoax (Naked Security) Typing “Facebook security” into your block list won’t reveal their names
TV broadcasts in California interrupted to show "end of the world" alert (HackRead) Gear up for Armageddon- Strange Warning Messages Startled TV Viewers in Orange County. Television viewers across the Orange County area were in for a surpr
Security Patches, Mitigations, and Software Updates
Joomla 3.8 fixes serious LDAP authentication issue, update now (Naked Security) The bug allows the extraction of an affected site’s credentials “in seconds”
Oracle Releases Patches for Exploited Apache Struts Flaw (Security Week) Oracle has released patches for many of its products to address several vulnerabilities in the Apache Struts 2 framework, including one that has been exploited in the wild for the past few weeks.
7 things to know before upgrading to MacOS High Sierra (CNET) The latest version of MacOS changes some of the operating system's underlying plumbing, but it's more evolutionary than revolutionary by design.
Apple iOS 11 Starts Causing Problems (Forbes) Apple AAPL -0.88% iOS 11 is packed full of features (including many secret ones), but following reports of several bugs my Upgrade Guide advised iPhone users in particular should hold off updating.
Cyber Trends
McAfee Labs Threat Report (McAfee Labs) I don’t WannaCry no more. Threat hunting like a pro. The rise of script-based malware
2017 Public Sector Cyber Risk Management Report (Telos) This report details the findings of a survey conducted at the Amazon Web Services (AWS) Public Sector Summit in June 2017. Data from the survey reveals strong support for the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF).
Three out of four DDoS attacks target multiple vectors (Help Net Security) Three out of every four DDoS attacks employed blended, multi-vector approaches in the second quarter of 2017, according to Nexusguard. Distribution of DDoS
Sophisticated threats? It's usually the basic ones that get you (Help Net Security) Why are so many companies still facing the same security challenges? For one thing, it’s hard that security had to come at the expense of usability.
All of us are sitting on a ticking time bomb called the internet (The Economic Times) The vulnerability of our cyber systems is a ticking time bomb. It can explode anytime, anywhere. Even in your hands, as your smartphone too is on target.
Marketplace
Improving cybersecurity governance in the boardroom (CSO Online) To tackle increasing data threats, companies need to put cybersecurity at the very heart of the business.
Eugene Kaspersky and his Russian-ness (Financial Review) Eugene Kaspersky comes across as a cheeky, clever person, but his Russian-ness has spooked the Americans.
BlackBerry may be sitting on a $1.6 billion war chest. Here’s what it could do with it (Financial Post) Analysts believe that BlackBerry may make acquisitions of companies to strengthen its business in three areas
MACH37 Announces the Fall 2017 Class of Cybersecurity Startups (GlobeNewswire News Room) MACH37 announces 6 startups participating in its Fall program
root9b Holdings, Inc. Announces Incremental Funding, Foreclosure Status and Nasdaq Notice (PRNewswire) root9B Holdings, Inc. (Nasdaq: RTNB) ("RTNB" or the...
CISOs Select Verodin as Winner of Security Current's Security Shark Tank® Chicago (http://www.prnewswire.com/news-releases/cisos-select-verodin-as-winner-of-security-currents-security-shark-tank-chicago-300525730.html) Security Current, the premier information and collaboration community...
Products, Services, and Solutions
FireEye Endpoint Security (HX) 4.0 – Bringing Advanced Protection to Endpoints (FireEye) A constant concern about Endpoint Protection Platforms (EPP) is that they miss a number of threats, forcing organizations to spend an exorbitant amount of time trying to find and clean up damage.
ThreatQuotient and Flashpoint Partner to Increase Data Enrichment (ThreatQuotient) The custom integration of the ThreatQ™ threat intelligence platform with Flashpoint API v4 will provide incident responders and defenders with a central...
Duo Security Two-Factor Authentication Extends Security Options to Microsoft Azure Active Directory (Duo Security) Accompanying study shows majority of Duo customers prioritize securing Microsoft Office 365
Singapore government awards multi-million-dollar contract for DDoS mitigation services (Open Gov) The companies include telcos Singtel, Starhub and BT, as well as Singapore- based technology companies CHJ Technologies, Evvo Labs and Embrio Enterprises.
Digital Shadows Offers Splunk Customers a Splunk-Certified App to Help Manage their Digital Risks (Digital Shadows) Integrating Digital Shadows SearchLight™ with Splunk Enterprise enables organizations to monitor, manage, and timely mitigate incidents in their broader cybersecurity deployment
Xton Technologies Declares a New Era for Privileged Account Management (PRNewswire) Xton Technologies today announced the release of the XT Access Manager...
CIS Controls Foundational Best Practices Could Have Prevented The Equifax® And Other High-Profile Breaches (Business Insider) Equifax has acknowledged their recent "cybersecurity incident" occurred due to the exploitation of a known vulnerability that had been identified in March 2017 in Apache®'s software called "Struts."
VyprVPN: Golden Frog's VPN delivers high-performance, anonymity, and flexibility (ZDNet) I've been using Golden Frog's premium-priced virtual private network service exclusively for six months to see how it performs in the real world. Here's what I've learned.
Insight Engines Announces General Availability of Cyber Security Investigator (BusinessWire) Insight Engines today announced general availability of Insight Engines Cyber Security Investigator (CSI) for Splunk.
M1 unveils new service to detect and deal with mobile malware (Channel News Asia) Local telecom operator M1 on Monday (Sep 25) unveiled a new service to help smartphone users protect their devices against malware.
Flashpoint Digs Into Dark Web With Security Intelligence API (eWEEK) Security intelligence startup Flashpoint updates its API to provide organizations with more insight into the hidden areas of the internet.
Technologies, Techniques, and Standards
Why Your Business Must Care about Privacy (Dark Reading) It might not have something to hide, but it definitely has something to protect.
FBI's Freese Shares Risk Management Tips (Dark Reading) Deputy Assistant Director Donald Freese advises enterprises to lead with a business case and not fear addressing the C-suite on risk management.
TTPs From A Through Z With Levi Gundert (Recorded Future) The more you know about your adversary, their motivations, methods, and capabilities, the better advantage you’ll have when it’s time to defend yourself.
Firms look to security analytics to keep pace with cyber threats (ComputerWeekly) Traditional approaches to cyber security no longer enable organisations to keep up with cyber threats, but security analytics is an increasingly popular addition to the cyber arsenal.
Blockchains are the wrong solution to data security problems, says MaidSafe (Computing) 'Blockchains are terrible as a mass storage containers, so data still needs to be stored somewhere else'
Cryptography and the Reduced Need for a Centralized Authority (LeapRate) The following guest post is courtesy of Adinah Brown, content manager at Leverate. Do you have an idea for a guest post? Want...
ISA99 initiates 2 new working groups –Level 0,1 devices and IIOT (Control Global) ISA99 initiates 2 new working groups –Level 0,1 devices and IIOT.
Total Recall – Better Security for Your Network (Infosecurity Magazine) Without a level of historical insight, it is impossible to build a complete security posture.
Design and Innovation
An Ambitious Plan to Stop DDoS for Good Has Its Limits (WIRED) Cloudflare's unlimited DDoS protection should help the internet, but its broader ambitions of killing off DDoS for good are more nebulous.
Research and Development
DOE Taps Guardtime, Siemens to Help Develop Blockchain Tech for Energy Grid Security (ExecutiveBiz) Guardtime and Siemens are part of a team that received a multimillion dollar contract from the Energy Department to develop a blockchain-based technology platform that will work to help secure U.S. energy grid from emerging cyber threats. Both companies will also work with DOE’s Pacific Northwest National Labs, Washington State University, Tennessee Valley Authority and the Defense Department‘s Homeland Defense...
Academia
Like Sputnik, Cyber Attacks Demand a New Approach to Education (Defense One) Network breaches should spur a new focus on STEM — and ethics.
Learnings from the CAT (Infosecurity Magazine) The Center of Applied Technology South (CAT South) is a trade school located in Maryland, and it is home to a number of courses.
Northeastern University and IBM partnership first to turn digital badges into academic credentials for learners worldwide (News@Northeastern) Northeastern University and IBM have established a strategic learning collaboration to integrate the company’s in-house education programs with the university’s academic credentials.
Legislation, Policy, and Regulation
Shrinking Anonymity in Chinese Cyberspace (Lawfare) Four new Chinese cyber regulations signal that President Xi Jinping is strengthening China's system of cyber governance and expanding the legal framework for data control.
Why We Must Not Build Automated Weapons of War (Time) The world must keep 'killer robots' from forever changing how we fight
Should the U.S. Require Companies to Report Breaches? (Fox Business) There are two things we can count on in the wake of the Equifax breach, already credited with exposing a majority of American adults to the possibility of identity theft. The first is that more and potentially worse breaches are in our future. The second is that companies will need to be prodded toward smarter cybersecurity practices and faster reporting of breaches.
Is the NSA Doing More Harm Than Good in Not Disclosing Exploits? (Foreign Policy) Inside the complicated national security calculus behind disclosing zero-day vulnerabilities.
Saudi Arabia strives to improve its cyber-readiness: Potomac assessment (SC Media UK) Saudi Arabia is taking significant steps to achieve cyber-readiness, but is being restrained by shortages of appropriately skilled Saudi-labour.
Litigation, Investigation, and Law Enforcement
China's cyber watchdog imposes top fines on tech firms over censorship (Reuters) China's cyber watchdog has handed down maximum penalties to several of the country's top tech firms, including Tencent Holdings Ltd (0700.HK), Baidu Inc (BIDU.O) and Weibo Corp (WB.O), for failing to properly censor online content.
Anthony Weiner Gets 21 Months in Prison for Sexting With Teenager (New York Times) The sentencing was the latest chapter in the long and tortuous downfall of the former New York congressman who sent lewd text messages to a 15-year-old girl.
Canada recognizes Chelsea Manning as a traitor, won’t let her into the country (Military Times) Chelsea Manning has been denied entry to Canada, according to a letter she recently posted to Twitter.
Former Trump adviser Roger Stone set to testify Tuesday at House Intelligence Committee (Washington Examiner) The appearance before the committee, however, could set up a showdown of sorts that Stone has been itching for.
House Republican demands details on Trump aides' use of private email (POLITICO) The request comes after POLITICO revealed that Jared Kushner used a private email account for White House business.
Activist Who Refused to Give Police Passwords Convicted Under Anti-Terror Laws (Infosecurity Magazine) Activist Who Refused to Give Police Passwords Convicted Under Anti-Terror Laws. Muhammad Rabbani said he was protecting legally privileged material