Cyber Attacks, Threats, and Vulnerabilities
Germany: 'No evidence' Kaspersky software used by Russians for hacks (Reuters) Germany's BSI federal cyber agency said on Wednesday it had no evidence to back media reports that Russian hackers used Kaspersky Lab antivirus software to spy on U.S. authorities.
Here's how Russia was secretly spying on the United States (Salon) Two years ago, Israel detected that Russia was searching for sensitive information
The Real Threat from Kaspersky Security Software (Lawfare) It’s far more grave than one compromised NSA contractor.
Kaspersky to share threat intelligence with Interpol in ‘fight against cybercrime’ (RT International) Kaspersky Lab signed a threat intelligence sharing deal with Interpol on Thursday, as the Russian cybersecurity firm continues its fight against US claims of being involved in spying activities.
Shadow Brokers Exploit Dumping Service Allegedly Nets $90,000 (Bitsonline) The shadow brokers exploit dumping service has been an apparent success as it had allegedly netted tens of thousands of dollars in only a few months.
Primetime Politics (Foreign Affairs) The plush blue curtains open, revealing a cluster of cheap eateries.
Defeat as Victory? How the Islamic State Will Rely on Hijrah to Claim a Win (War on the Rocks) The “mini-empire” that ISIL built in Iraq and Syria is collapsing, which fuels a sense of triumphalism in the West. The logic is simple: ISIL made itself s
CIA’s Pompeo calls out WikiLeaks at UT; Assange responds via Twitter (mystatesman) CIA Director Mike Pompeo, speaking at the University of Texas Thursday, called WikiLeaks a non-state agency bent on the destruction of the U.S.
North Korea Escalating Cyber-Attacks With Little Fear of Retaliation (eWEEK) Most North Korean cyber-attacks are directed at South Korean targets, but the global WannaCry ransomware attack in May 2017 has been attributed to a North Korean hacking group.
Pivoting off Hidden Cobra Indicators (Arbor Networks Threat Intelligence) On June 13th 2017, US-CERT issued a joint Technical Alert (TA17-164A) entitled Hidden Cobra – North Korea’s DDoS Botnet Infrastructure. The alert, which wa
A Dragonfly in the Ointment: Energy Sector Cyber Attacks Signal Dark Days Ahead (Legaltech News) Recent attacks may not yet have resulted in damages or disruption, but Dragonfly appears to be positioning itself to learn how the targeted energy facilities...
Equifax rival TransUnion also sends site visitors to malicious pages (Ars Technica) People visiting TransUnion’s Central American site redirected to potpourri of badness.
Equifax says code on its website 'was serving malicious content' (Los Angeles Times) Equifax has taken part of its website offline after code on the site redirected users to a malicious URL. Separately, a top Republican congressman introduced a bill that would stop credit reporting firms from using Social Security numbers to identify Americans.
Equifax website hacked again, this time to redirect to fake Flash update (Ars Technica UK) Malware researcher encounters bogus download links during multiple visits.
Equifax says systems not compromised in latest cyber scare (Reuters) Equifax Inc said on Thursday that one of its third-party vendors had been running malicious code on one its web pages, but that the credit reporting agency was not the subject of another cyber attack and its systems were not compromised.
New Revelations and Website Weirdness Push Equifax from Bad to Worse (Digital Guardian) Driver’s license data on millions may have been stolen, while many more Brits were affected.
Flaming galah: defence data hack puts cyber security in the spotlight (Financial Review) Defence Industry Minister Christopher Pyne has deflected blame from the government over a massive cyber security breach of secret defence data.
The ‘Matrix Banker’ Reloaded (Darktrace) Over the last few weeks, Darktrace has confidently identified traces of the resurgence of a stealthy attack targeting Latin American companies.
Inventive cyber gang steals millions from East European banks (Help Net Security) Trustware researchers have uncovered a series of ingenious bank heists that cost several Eastern European and Russian banks up to $10 millions each.
Hyatt Hotels Suffers 2nd Card Breach in 2 Years (KrebsOnSecurity) Hyatt Corp. is alerting customers about another credit card breach at some hotels, the second major incident with the hospitality chain in as many years.
Researchers go public after BPC Banking’s long silence on SQL injection bug (Gears of Biz) Rapid7 has gone public with news of an e-commerce SQL injection vulnerability, saying it couldn’t raise a response from the vendor.
Akamai Identifies 14K-Strong Fast Flux Botnet (BleepingComputer) Researchers at Akamai have identified a botnet of over 14,000 IP addresses used in malware distribution operations. The botnet is still up and running, and experts believe it will be hard to take it down because its operators are employing a clever technique called Fast Flux.
Microsoft Office Attack Runs Malware Without Needing Macros (BleepingComputer) Malware authors don't necessarily need to trick users to enable macros to run malicious code. An alternative technique exists, one that takes advantage of another legitimate Office feature.
DDoS attacks: Brands have plenty to lose, even if attacked only once (Help Net Security) DDoS attacks continue to be an effective means to distract and confuse security teams while inflicting serious damage on brands.
Unpatched Exploit Lets You Clone Key Fobs and Open Subaru Cars (BleepingComputer) Tom Wimmenhove, a Dutch electronics designer, has discovered a flaw in the key fob system used by several Subaru models, a vulnerability the vendor has not patched and could be abused to hijack cars.
New ransomware family exploiting poor security in remote desktop services (TEISS) Researchers have uncovered a new ransomware family that is exploiting poor security credentials in remote desktop services and encrypting files.
The malware that won't die: Is Locky reclaiming its title as king of ransomware? (ZDNet) Once by far the most common form of ransomware, Locky ransomware is now on the rise again.
Dark web ransomware economy: Sellers pulling in six-figure salaries (Help Net Security) Organizations need to rethink their security strategy since the dark web ransomware economy is growing at a rate of more than 2,500% per year.
These Cities House the Largest Bot Populations in the U.S. (Security Week) Botnets are widespread worldwide, serving whichever purpose they were designed to, and the United States is one of the largest sources of botnet attacks. Across the country, Chicago and Washington D.C. are home to the largest number of bots (infected hosts), Symantec has discovered.
CW500: A perfect storm – the cyber attack that hit Parliament (ComputerWeekly.com) The former director of the Parliamentary Digital Service shares details and lessons learned from the cyber attack hat hit UK parliament in June and explains why it was a “good experience”
Security Patches, Mitigations, and Software Updates
Microsoft's latest Patch Tuesday caused widespread BSOD Wednesday (Computing) Microsoft issues new fix to fix its shonky patches
Cyber Trends
KnowBe4 Releases Q3 2017 Top-Clicked Phishing Report (Broadway World) KnowBe4 Releases Q3 2017 Top-Clicked Phishing Report
Can you be hacked by the world around you? [Commentary] (Fifth Domain) The day is coming when intrusions can happen through normal communications with or sensing performed by a computer or smartphone.
Marketplace
The cyberwars are coming — here’s how to prepare (and make money) (MarketWatch) With billions of hacking events per day, the companies charged with stopping them will only grow, says Jeff Reeves.
Cybersecurity risk-monitoring platform SecurityScorecard raises $27.5 million from Nokia, GV, Intel, Sequoia, others (VentureBeat) Cybersecurity rating and risk-monitoring platform SecurityScorecard has raised $27.5 million in a series C round of funding led by Nokia's global venture capital (VC) arm, Nokia Growth Partners (NGP).
Attivo Networks Raises $21M to Boost Cyber-Deception Tech (eSecurity Planet) Total funding to date stands at $45.7M as the company aims to differentiate in an increasingly crowded deception technology market.
Parsons buys Williams Electric to grow Army, critical infrastructure cyber footprints -- Washington Technology (Washington Technology) Parsons Corp. acquires Florida-headquartered Williams Electric to grow in the Army Corps of Engineers and critical infrastructure cyber markets.
Parsons buys Williams Electric to grow Army, critical infrastructure cyber footprints -- Washington Technology (Washington Technology) Parsons Corp. acquires Florida-headquartered Williams Electric to grow in the Army Corps of Engineers and critical infrastructure cyber markets.
Akamai's Nominum Buyout to Boost Carrier & Enterprise Clients (NASDAQ.com) Akamai Technologies Inc AKAM is strengthening its security product portfolio. The company recently announced plans to acquire Nominum, a leading provider of DNS and enterprise security solutions for carriers.
WhiteHawk wins $1M cyber-security contract with BAE (Finfeed.com) In today’s hyper-digitised corporate landscape, cyber attacks and security breaches are on the rise, and ramifications for businesses can be enormous.
AppRiver staying in GB after sale (Gulf Breeze) Michael Murdoch, CEO of AppRiver With over 260 employees, AppRiver is one of Santa Rosa County's largest employers, so it's comforting to know that those jobs are staying in Gulf Breeze after the company took a majority investment from Marlin Equity Partners.
Cybersecurity Startup Verodin Wins Security Current's Security Shark Tank® Palo Alto (Verodin) Chief Information Security Officers (CISOs) award Verodin third consecutive win, noting its innovation and importance to the industry
Vanguard Integrity Professionals Appoint New President (PRNewswire) Vanguard Integrity Professionals, Inc. cybersecurity experts with...
Products, Services, and Solutions
New infosec products of the week: October 13, 2017 (Help Net Security) New infosec products of the week include offerings from BitSight, LogRhythm, ObserveIT, Secure Channels, ShiftLeft, and ZoneFox.
Informatica Enhances Enterprise-wide Visibility and Control of Critical Sensitive Data (Informatica) Secure@Source empowers customers to execute data-driven digital transformation with confidence and compliance
Aqua Security and PureSec Partner to Secure Container and Serverless Applications | Aqua (Aqua) Aqua Security, the leading platform provider for securing container-based applications, and PureSec, the leading security platform for serverless architectures, today announced a partnership to secure applications based on containers and serverless functions in …
Aqua Security and Carahsoft Partner to Deliver Container Security to the Federal Sector (IT Business Net) Aqua's "Secure Once, Deploy Anywhere" approach streamlines compliance and reduces complexity; Aqua and Carahsoft already enabled one Federal agency to build more secure applications fast...
NSS Labs Conducts First Cross-Platform Test of Leading Web Browsers (P&T Community) NSS Labs, Inc., a global leader and trusted source for independent fact-based cybersecurity guidance, today announced the release of its Web Browser Security Comparative Reports. The reports reveal how effective web browsers are at protecting users from socially engineered malware (SEM) and phishing attacks. To minimize exposure to emerging threats, enterprise have begun to limit the use of legacy browsers to internal and legacy applications.
Digital Shadows Unveils Strategic Partnerships and Launches an Industry-Leading Digital Risk Management Technology Ecosystem (BusinessWire) Digital Shadows, the industry leader in digital risk management, today announced the launch of its Digital Risk Management Technology Ecosystem.
Gigamon Introduces New Integrations with Splunk and Phantom, Bringing Its Defender Lifecycle Model to Life (PRNewswire) Gigamon Inc. (NYSE: GIMO), the industry leader in visibility...
IBM, Google launch open source container security tool for developers (TechRepublic) IBM is partnering with Google on a new project called Grafeas, which offers a central hub of metadata that can be used to manage and secure the software supply chain.
Crafting Cryptography for Tiny Embedded Devices (Electronic Design) "With 8-bit or 16-bit processors, we weren’t thinking about security until someone could take control of the brakes in my car with them," SecureRF's chief said.
Akamai Improves Bot Manager to Defend Against Credential Stuffing (eWEEK) Technology to help protect against bot-driven credential stuffing attacks is now integrated into the premier edition of Akamai's Bot Manager.
Technologies, Techniques, and Standards
Cyber Command stands up planning cells at combatant commands (C4ISRNET) Cyber Command has stood up forward-deployed planning cells within the combatant command staffs to help better coordinate offensive and defensive cyber effects.
A peek inside Army cyber protection teams (C4ISRNET) Members of the Army's Cyber Protection Brigade provided reporters insight into their unique mission set.
Where do cyber and EW fit at the theater level? (C4ISRNET) As the Army looks to employ more cyber effects into battlefield scenarios, integrating planners with commanders and units will be critical.
Enterprises increasingly leveraging endpoint data for security investigations (Help Net Security) Code42 confirmed how critical it is for organizations to access and leverage endpoint data for additional uses above and beyond backup and recovery.
Office 365 Active Usage Soars — Some Still Unclear On Security (Barracuda) If you asked an end user within an organization that recently migrated from Microsoft Office Suite to Office 365, they’d probably tell you that the transition was smooth and hardly noticeable.
The Goldilocks Effect of Cyber Threat Data (Security Week) In the world of big data there’s something I refer to as “the Goldilocks effect” and it’s particularly problematic when it comes to cyber threat data.
Design and Innovation
Replacing Social Security Numbers Won’t Be Easy, But It’s Worth It (WIRED) The Social Security number system is broken. And while fixing it will take a lot of work, there are ways to keep your identity more secure.
Here’s what the Pentagon’s persistent cyber training platform might look like (C4ISRNET) One of the most important components needed in the coming years by the cyber operations community within the Pentagon is its own cyber firing range.
5 reasons the Army can’t replicate Silicon Valley (Defense News) The Army acknowledges these serious deficiencies.
Research and Development
Why these cybersecurity researchers are automating vulnerability assessments (TechRepublic) System complexity is preventing humans alone from finding vulnerabilities, so researchers in the UK and at CMU are working to automate an online cybersecurity system support service to help analysts.
Encryption in a post-quantum world (IT Pro Portal) The long-term security offered by many encryption systems is under severe threat.
Here’s how the Army’s electronic warfare program differs from years past (C4ISRNET) The Army's approach to multifunction in its electronic warfare program of record is a departure from years past.
DHS Invests In a Range of Mobile Security Technologies (FedTech) The Department of Homeland Security awarded R&D contracts to bolster mobile application security across agencies.
Academia
Four ways colleges can strengthen their cybersecurity programs (Help Net Security) If breaches can't be entirely blocked, what can IT professionals in higher education do to prevent these kinds of disaster scenarios? The GovEd team at Log
Main cybersecurity problem for colleges? Gathering diverse kinds of data (Help Net Security) The chief problem colleges is that they gather and store very diverse kinds of data, on both the student and their parents.
Legislation, Policy, and Regulation
Indonesia plans to block 30 million websites with new automated online censorship system (VPNCompare) The Indonesian Government plans to block up to 30 million websites after investing in a new automated online censorship system.
[Editorial] Are we ready? (Korea Herald) The shocking revelation that North Korea hacked war plans prepared by South Korea and the US calls for outside investigation by institutions such as the National Assembly or the state audit agency.
US government becomes the latest to demand 'back doors' in encrypted communications (Computing) US joins UK government in attacking encryption
Congressmen question DoD takeover of security clearance investigations (Federal Times) The Department of Defense’s scheduled takeover of its security clearance investigations from the National Background Investigations Bureau may only add to the clearance backlog rather than alleviate it.
DoD pushing hard to resume responsibility of its own security clearance process (FederalNewsRadio.com) The Defense Department is strongly urging lawmakers to give it the authority to resume responsibility for its own security clearance process.
Army cyber should ‘let nerds be nerds,’ experts say (Army Times) The Army’s cyber organizations need to let “nerds be nerds” without pressure on them to rise into leadership roles, said members of a panel on cyber force management on Wednesday.
Litigation, Investigation, and Law Enforcement
Assange Disputes Congressman’s Story About Potential Deal (The Daily Caller) WikiLeaks founder Julian Assange disputed California Republican Rep. Dana Rohrabacher's statements that Assange would give up the source behind a release of Democratic National Committee emails in 20
'I'm not going to have that debate right now': Chelsea Manning really doesn't want to talk about WikiLeaks (Business Insider) "I can't talk about that," she said loudly, and often, about WikiLeaks at The New Yorker Festival on Sunday.
More pressure put on credit bureaus to make credit freezes free (Lehigh Valley Business Cycle) Three dozen attorneys general ask Experian to waive credit freeze fees after Equifax data breach
NY attorney-general probes Deloitte over cyber attack (Financial Times) Eric Schneiderman is also investigating Equifax hack
Cyber Court Commissioned for London (Acumin) This week it was announced that a new court is set to open to support the City of London. Based in the square mile, the 18 court room new building has been commissioned and will be backed by the City of London Corporation.
Nike, Walmart, Intact Lawyers Offer Advice On Privacy By Design (New York Law Journal) Put yourself in the consumer’s shoes. It may sound trite, but it is a running theme for in-house privacy counsel when making decisions about their companies—...
Efforts to Protect Consumer Data Face Corporate Pushback (New York Law Journal) Corban Rhodes and Ross Kamhi write: We are at a pivotal moment with respect to how the law protects consumer personal information. The public, however, is la...