Cyber Attacks, Threats, and Vulnerabilities
Poland says it repelled 3rd Russian hacking attack (Fifth Domain) Defense Minister Antoni Macierewicz said Friday the recent attack targeted companies in Ukraine that also have offices in other countries, including Poland.
DDoS Attacks Cause Train Delays Across Sweden (BleepingComputer) DDoS attacks on two separate days have brought down several IT systems employed by Sweden's transport agencies, causing train delays in some cases.
Iran blamed for Parliament cyber-attack (BBC News) Security sources believe Iran was behind an attempt to hack into MPs' email accounts in June.
Provoking Iran Could Have Unseen Cyber Consequences (WIRED) By decertifying the nuclear deal with Iran, President Trump could risk provoking hacks from a country that hasn't focused on US cyberattacks in years.
Cyberespionage Group Steps Up Campaigns Against Japanese Firms (Threatpost) Researchers unearth new tactics and strategies used by the criminals behind the hacking group known as Bronze Butler.
Cyber attacks hitting supply chains in Asia Pacific, PH (Manila Bulletin Business) Multinational cybersecurity and anti-virus provider Kaspersky Lab has warned that cyber spy groups across Asia Pacific, including in the Philippines, are no longer “just after data” and that they are now moving towards using supply chain attacks and legitimate tools to attack financial institutions and other sectors.
Microsoft head blames North Korea for 'WannaCry' hospital cyberattack (Washington Examiner) He added that governments need to do more to protect citizens from malicious attacks.
N. Korea stole cyber tools from NSA, carried out WannaCry ransomware attack – Microsoft chief (RT International) The head of Microsoft accused North Korea of carrying out the WannaCry cyberattack which crippled 200,000 computers in 150 countries earlier in 2017. Pyongyang used “cyber tools or weapons stolen from the NSA,” the company’s president believes.
WannaCry Ransomware Sold in the Middle Eastern and North African Underground (TrendLabs Security Intelligence Blog) For $50, one could purportedly get a lifetime license to upgradeable variants of WannaCry.
The World Once Laughed at North Korean Cyberpower. No More. (New York Times) While the world is fixated on its nuclear missiles, North Korea has also developed a cyberattack program that is stealing millions and unleashing havoc.
Millions of high-security crypto keys crippled by newly discovered flaw (Ars Technica) Factorization weakness lets attackers impersonate key holders and decrypt their data.
Key Reinstallation Attacks (KU Leuven) Breaking WPA2 by forcing nonce reuse discovered by Mathy Vanhoef of imec-DistriNet,
Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping (Ars Technica) KRACK attack allows other nasties, including connection hijacking and malicious injection.
New Scam Impersonates VAT Form to Deliver Malware (Infosecurity Magazine) Phishing attack disguised as HMRC doc contains links to the infamous JRAT malware
Fear These Three Types Of Phish: 'Catphishing' Enterprise Targets (Forbes) Earlier this month, Forbes staff writer Thomas Fox-Brewster told the frightening tale of how Iranian hackers used a fake Facebook FB +0.64% profile to target an unsuspecting techie at consulting powerhouse Deloitte .
Locky or TrickBot? Depends Where You Are. Malicious Payload Delivery Tailored by Geographic Location (PhishMe) It is not uncommon for threat actors to deploy malicious payloads from multiple malware families during a single phishing campaign. These malware tools may include ransomware, a financial crimes trojan, or other botnet malware.
DoubleLocker is an innovative ransomware that is misusing Android (WeLiveSecurity) DoubleLocker is an innovative ransomware that is misusing Android accessibility services, encrypt date and lock the device of the user.
Ransomware Sales on the Dark Web Surged by 2,502 Percent in the Past Year (eSecurity Planet) Sales grew from $250,000 in 2016 to more than $6.2 million in 2017, according to a recent report.
Google embarrassed by fake adblocker that served ads (Naked Security) The malware, posing as popular adblocker Adblock Plus, made it past Google Web Store’s security checks
Chrome Extension Uses Your Gmail to Register Domains Names & Injects Coinhive (BleepingComputer) A malicious Chrome extension is being used to inject the CoinHive browser miner, while registering domains for the extension developer using the victim's Gmail address.
Iphone iOS 11 QR code scanner provides 'backdoor' exploitable by criminals (SC Media UK) Apple's new operating system for iPhones and iPads contains a Quick Response (QR)-scanning based 'backdoor' that could be used by criminals.
New Research: QR Codes Threat Landscape (CyberInt) You've heard all about all the "hidden features" Apple's new iOS 11 has to offer, you haven't heard how it provides a 'backdoor' exploitable by criminals.
Down the Rabbit Hole with a BLU Phone Infection (Threatpost) Much-maligned BLU phones have been a privacy and spyware nightmare. Threatpost shares the story of one victim who experienced firsthand a relentless wave of unwanted programs, spyware and frustration.
10 Major Cloud Storage Security Slip-Ups (So Far) this Year (Dark Reading) Accenture is the latest in a string of major companies to expose sensitive cloud data this year, following Verizon, Deloitte, and Dow Jones.
Fake news can inflict financial damage on businesses —Trend Micro (GMA News Online) Apart from damaging reputations, fake news—or maliciously false information—can inflict financial damage on businesses, according cyber security firm Trend Micro Inc.
Why it's hard to trust the U.S. on Russia's alleged Kaspersky espionage (Yahoo! Finance) The Russian government used antivirus software from the private Russian company Kaspersky to steal classified U.S. data. We asked experts about it.
What the Kaspersky Antivirus Hack Means for Consumers (Consumer Reports) Kaspersky antivirus software may have been used to hack into computers all over the world, including many home PCs owned by consumers. Here's what you need to know.
Hacking a Power Grid in Three (Not-So-Easy) Steps (WIRED) After months of reports of energy grid breaches, time to distinguish the elite intrusions from just another spearphishing attack.
Come fly the hackable skies (SecurityInfoWatch.com) Aviation industry faces tangible threats of onboard computer system vulnerabilities, experts say
To Nobody's Surprise, Ships Are Just as Easy to Hack as Anything Else (BleepingComputer) Modern-day ships aren't that hard to hack according to Ken Munro, a security researcher at Pen Test Partners, a UK cyber-security company. Speaking at a conference in Athens, Greece, Munro detailed some of the most appalling security lapses he found while investigating naval ships that had equipment exposed online.
Pizza Hut was hacked, company says (Miami Herald) Pizza Hut has experienced an online hack on customer information. It may affect website and mobile application users who placed orders in early October.
Musgrave cyber-attack highlights security risk to Irish businesses (Independent.ie) The recent cyber-attack at retail giant Musgrave Group is the latest example in a long line of hacker strikes on Irish business in the recent past.
Security Patches, Mitigations, and Software Updates
Mozilla patches three critical issues in Thunderbird and Firefox (SC Media UK) Mozilla issued a security update for Thunderbird 52.4 , Firefox 56 and Firefox ESR 52.4, patches 10 vulnerabilities, 2 rated critical, 5 high and 3 moderate.
Cyber Trends
AI cannot solve all cybersecurity issues: RSA Security (ETtech.com) Zulfikar Ramzan says that it’s difficult to curb out cybercrime completely but possible to bring it down to acceptable terms.
Can you tell a bug from a bot? Know your malware here (The Economic Times) Malware, literally, is a software that's bad. It sneaks into your system, steals your personal data, deletes files and can even disable your system.
Kaspersky news, Equinox security hack push CIOs to trust no one (SearchCIO) What does the Kaspersky news say to CIOs? Something's gotta change.
Cybercrime not an apocalyptic threat (Knoxville News Sentinel) Information security professionals, technologists, politicians and business people need to exchange ideas and insights to start finding real-world solutions to security problems.
Marketplace
After second bungle, IRS suspends Equifax’s “taxpayer identity” contract (Ars Technica) During suspension, IRS says it will review "Equifax systems and security."
Cyber-intelligence staff among nearly 2,000 BAE Systems redundancies (Consultancy) The world’s tenth largest cyber-security consultants have axed 1,900 jobs in the UK, including over 100 in its cyber defence department.
Cyber Command awards first contract under its limited acquisition authority (C4ISRNET) After almost a year of special acquisition authority granted from Congress, Cyber Command has finally flexed those powers, awarding a contract in late September.
Leidos lands nearly $1B contract for work with NGA (Washington Business Journal) The prime IDIQ contract was awarded by the Springfield-based NGA under the Information Technology Enterprise Managment User Facing Services program.
Products, Services, and Solutions
Cisco Stretches ACI Network Fabrics, Eases Management (The Next Platform) For disaster recovery, political, and organizational reasons, enterprises like to have multiple datacenters, and now they are going hybrid with public clou
Dome9 and Allgress Partner to Streamline Compliance Management for AWS Environments (Marketwired) Dome9 Security, the public cloud security company, today announced a partnership and integration with Allgress, the AWS-certified compliance platform, which provides compliance controls mapping for NIST 800-53, PCI DSS, HIPAA, CIS and other critical standards.
Hackin' Away at the Hacken ICO For White-Hat Hackers (BlockTribune) Ukraine’s Hacken is a blockchain community that aims to encourage so-called white-hat hackers to report system vulnerabilities and bugs.
Mullvad Joins One of World's Largest Internet Exchanges (PRNewswire) Mullvad VPN, in its continued efforts to improve its...
Technologies, Techniques, and Standards
'Crypto Anchors' Might Stop the Next Equifax-Style Megabreach (WIRED) There's no foolproof system to keep hackers out. Instead, this increasingly popular security design keeps them in.
Acting on the cyber executive order: 3 keys to compliance (FCW) With the proper technologies in place, agencies can do better assessments and begin to truly address their existing gaps.
Why Identity Protection in the Cloud Matters (Infosecurity Magazine) It is getting harder for companies to know what data is transmitted, who is accessing it, and where it goes.
Cyber operators to commanders: Bring us in early and often (Army Times) The Army’s cyber operators want unit commanders to know they’re ready to deliver tailorable solutions -- and they're bringing their servers with them.
How to Buy Cyber Insurance (CFO) Deciding how much cyber insurance to buy is no trivial matter, and the responsibility rests with the CFO.
US banks to introduce new anti-fraud measures after Equifax hack (Financial Times) Customers face more security controls to combat rising threat of identity theft
Design and Innovation
Replacing US Social Security Numbers With Estonia's Cryptographic Model? (Forbes) Earlier this month White House cybersecurity czar Rob Joyce raised eyebrows when he proposed the radical idea of abandoning the venerable Social Security number (SSN) as a national identifier and replacing it with modern cryptographic identifiers.
The Cryptography of Bitcoin (hack.guides()) Open-source guide from hack.guides() authored by Decent
Academia
Morgan State opens IoT security research lab (Technical.ly Baltimore) The Center for Reverse Engineering and Assured Microelectronics is designed to provide a link between the university and the intelligence community.
Terra State recognized for cybersecurity commitment (The News-Messenger) Terra State Community has been designated as a cybersecurity champion by
The science of spying: how the CIA secretly recruits academics (Guardian) The long read: In order to tempt nuclear scientists from countries such as Iran or North Korea to defect, US spy agencies routinely send agents to academic conferences – or even host their own fake ones
Legislation, Policy, and Regulation
Russia may soon issue its own official blockchain-based currency, the CryptoRuble (TechCrunch) Russia will issue its own official cryptocurrency, the CryptoRuble, capping months of speculation about the country's approach to the technology. While in a..
Russia promises ‘countermeasures’ if Finland joins NATO (Defense News) Russia’s warning to Helsinki is fueled by Moscow’s fear of having large-scale NATO forces along its approximately 840-mile border with Finland.
Ukraine Growing Cyber Capabilities From Within (SIGNAL Magazine) Aimed at protecting itself and other Eastern European countries, Ukraine is developing capabilities against its aggressors.
Coming soon: Ministry of Defence’s cyber, space, special operations divisions (The Indian Express) According to sources, the proposals for the three new formations — Defence Cyber Agency, Defence Space Agency and a Special Operations Division — are with other ministries for approval as the resources for them have to come from “accretion and not under save-and-raise”.
Wikileaks run by the Russians, says Hillary Clinton (Times) Hillary Clinton claimed yesterday that Wikileaks was an arm of Russian intelligence and that a new Cold War was descending on Europe through the weaponising of information. The former US secretary...
Senator wants Kaspersky out of U.S. voting systems (FCW) Amid concerns about election system security, Sen. Amy Klochubar is looking for DHS to help boot Kaspersky from state and local voting systems.
Wary of Hackers, States Move to Upgrade Voting Systems (New York Times) New equipment and security protocols are part of the response to Russian meddling in 2016. But lack of money is an obstacle.
Opinion | Congress members threaten Twitter with regulation if it doesn’t suppress ‘racially divisive communications’ and ‘anti-American sentiments’ (Washington Post) The letter raises the same First Amendment problems as does President Trump's tweet urging changing the NFL's tax treatment because of player protests.
Twitter CEO promises to crack down on hate, violence and harassment with “more aggressive” rules (TechCrunch) Twitter CEO Jack Dorsey took to...Twitter today to promise a "more aggressive" stance in its rules and how it enforces them. The tweet storm was based in a..
The USA Liberty Act: House Judiciary’s Proposed Reauthorization of Section 702 (Lawfare) A summary of the key provisions of the House Judiciary Committee’s proposal to reauthorize expiring FISA authorities including Section 702.
Intel leaders urge Congress to reauthorize NSA surveillance program (CNN) FBI Director Christopher Wray said Friday that members of Congress who are trying to restrict the bureau's access to information obtained through the monitoring of foreign nationals are jeopardizing national security.
FBI director warns against restricting controversial NSA surveillance program (Washington Post) “Any material change . . . would severely inhibit our ability to keep the American people safe.”
New bill would allow hacking victims to 'hack back' (TheHill) Reps. Tom Graves (R-Ga.) and Kyrsten Sinema (D-Ariz.) introduced a bill Friday that would allow hacking victims to "hack back" when attacked.
Trump to stay in Iran nuclear deal, asks Congress to revise enforcement (Military Times) President Trump's proposed alternative would seek to include Iran's ballistic missiles, destabilizing activities in amended sanctions law.
New Government office for cyber security (Energy FM) The Manx Government is setting up a new office to focus on all parts of cyber security.
Litigation, Investigation, and Law Enforcement
French intelligence texts jihadist by mistake, inadvertently warning of surveillance operation (The Telegraph) A French intelligence agent sent a text message by mistake to the mobile phone of a jihadist, inadvertently warning him that he was under surveillance and undermining an investigation, it emerged on Friday.
DHS Now Won't Say How Many Federal Agencies Use Kaspersky Software (BuzzFeed) A month ago, DHS demanded federal agencies stop using the Russian firm's antivirus programs. Now, it says, the public can't know how many federal computers are affected.
Russian trolls were schooled on ‘House of Cards’ (Yahoo! Finance) A former Russian internet troll says the training for influencing the American election included screening "House of Cards," and reading – and writing – comments on the websites of the New York Times and the Washington Post.
Facebook takes down data and thousands of posts, obscuring reach of Russian disinformation (Washington Post) Facebook said it squashed “a bug.” Researchers say it is hiding crucial information.
The Worst Thing About Facebook Is That It Doesn’t Let Us Forget (Motherboard) It compels us to be invested in the lives of people we have no business caring about.
Our National Security’s Millennial Problem (Observer) There are Millennials who possess a radically different take on secrecy laws than previous Americans.
Preventing cyber crime is central to GCHQ’s mission, says chief (Global Government Forum) The head of the UK’s spy agency GCHQ has said that protecting Britain from cyber crime must be as central to its mission as defending the country from terrorism.
Microsoft faces Dutch crunch over Windows 10 private data slurp (Register) Stop us if you've heard this one before: Euros angry over privacy policy
Judge slaps down government’s dragnet trawl of 1.3m website users (Naked Security) DreamHost said the decision “will protect the constitutional rights of innocent internet users worldwide”
Former policewoman who stalked married man is jailed for 11 months (Graham Cluley) A former policewoman will spend the next 11 months in prison for her decision to harass and stalk a married man online.