Cyber Attacks, Threats, and Vulnerabilities
Parsing the North Korean Cyber Threat (The Diplomat) To combat North Korea's cyber activity, we must first understand it.
Could North Korea be framed for global cyberattacks? (International Business Times UK) "Attribution of these attacks is extremely difficult," warns Trend Micro researchers.
Recently Patched .NET Flaw Exploited by China-Linked Cyberspies (Security Week) A cyber espionage group previously linked to China has been using a recently patched .NET vulnerability in attacks aimed at organizations in the United States, including a shipbuilding company and a university research center with ties to the military.
Mysterious cyber espionage campaign uses 'torpedo' lure to trick you into downloading malware (ZDNet) Researchers at Proofpoint say the 'Leviathan' threat group is regularly launching phishing and malware attacks in an effort to steal sensitive data
SourceClear: How we found exploitable zero-days in the open-source GlassFish server with the Security Graph Language (SourceClear) We have long had a thesis that when free open-source software projects are forked into commercial versions, then the free open-source version no longer gets the …
ATM Malware Sold on Underground Markets for $5K (Security Week) A recently discovered piece of malware targeting automated teller machines (ATM) is being sold on underground markets for $5,000, Kaspersky Lab reports.
Here's a Video of the Latest ATM Malware Sold on the Dark Web (BleepingComputer) A hacker or hacker group is selling a strain of ATM malware that can make ATMs spit out cash just by connecting to its USB port and running the malware.
A Look at Locky Ransomware’s Recent Spam Activities (TrendLabs Security Intelligence Blog) Locky ransomware has come a long way since first emerging in early 2016. Despite the apparent hiatuses, Locky remains a relevant and credible threat.
New Locky Ransomware Strain Emerges (Dark Reading) Latest version goes by the .asasin extension and is collecting information on users' computer operating system and IP address.
BoundHook Attack Exploits Intel Skylake MPX Feature (Threatpost) A new attack method takes advantage a feature in Intel’s Skylake microprocessor allowing for post-intrusion application hooking and stealth manipulation of applications.
CyberArk Discovers New Rootkit-Enabling Hooking Technique For Intel Processors (Tom's Hardware) CyberArk discovered a new hooking technique for Intel processors that allows attackers to create persistent malware (rookits) on Windows machines.
Necurs Malware Will Now Take a Screenshot of Your Screen, Report Runtime Errors (BleepingComputer) Malware families evolve on a daily basis, but some updates catch your eye more than others. Necurs has just gone through one of these "interesting" updates, according to US security firm Symantec.
Google Play apps with as many as 2.6m downloads added devices to botnet (Ars Technica) Your periodic reminder: Google is chronically unable to detect untrustworthy apps.
Malicious Minecraft Apps on Google Android Could Turn Devices into Bots (Dark Reading) New 'Sockbot' malware has 'highly flexible proxy topology' that might be leveraged for a variety of nefarious purposes.
Android malware on Google Play adds devices to botnet (Symantec Security Response) Symantec has found eight apps infected with the Sockbot malware on Google Play that can add compromised devices to a botnet and potentially perform DDoS attacks.
88 Percent of Java Apps Susceptible to Widespread Attacks from Known Security Defects, According to New Research from CA Veracode (Marketwired) Study finds that less than 28 percent of organizations are actively monitoring the components that could lead to security breaches
YouTube Suspends Account of Chinese Dissident (Washington Free Beacon) YouTube has suspended the video account of popular Chinese dissident Guo Wengui amid a mounting pressure from the Beijing government.
Domino's blames data breach on former supplier's systems (Guardian) Customers complain about ‘eerie’ personalised spam emails and lack of communication from pizza seller
Reckitt Benckiser sees ongoing impact from cyber attack (Yorkshire Post) Household goods giant Reckitt Benckiser has warned over sales for the second time in three months as it grapples with “challenging” markets and the ongoing impact of a recent cyber attack.
BeyondTrust Reveals SMB IT Cybersecurity Lapses (PYMNTS.com) Corporate fraud is at new highs. Cybersecurity threats are burdening small and large businesses (SMBs) alike. And yet, according to analysts at BeyondTrust, professionals are still using passwords like “12345” to protect their systems. While cybersecurity experts recommend that organizations deploy a Privileged Access Management (PAM) solution — a tool that enables businesses to consolidate and […]
Al-Qaida set to gain as Islamic State group disintegrates (Military Times) Over several nights in September, some 10,000 men, women and children fled areas under Islamic State control, hurrying through fields in northern Syria and risking fire from government troops to reach a province held by an al-Qaida-linked group.
Cyber Trends
Top 5 cybersecurity facts, figures and statistics for 2017 (CSO Online) Predictions and observations provide a 30,000-foot view of the cybersecurity industry.
The Global State of Information Security Survey 2018 (PwC) Strengthening digital society against cyber shocks
Most organizations don't have SSH security policies in place (Help Net Security) Most organizations have not implemented SSH security policies and restricted SSH access configurations because they do not understand the risks.
5 cybersecurity predictions (that might actually come true) (Naked Security) We asked some security professionals what they’re actually planning to deal with
The hard truth about cyberattacks, says Tanium CEO: There’s no complete fix (SiliconANGLE) The hard truth about cyberattacks, says Tanium CEO: There’s no complete fix
How Do Hacked Companies Get Hacked? (Northrop Grumman) Cyberattacks make for big headlines. Hacked companies (and other organizations) get hit with a triple whammy.
Marketplace
Dodging Russian Spies, Customers Are Ripping Out Kaspersky (The Daily Beast) Inadvertently or not, Kaspersky has betrayed customer trust.
Duo Security Raises $70 Million, Earning Valuation of More than $1 Billion (GlobeNewswire News Room) Duo will use round of funding led by Meritech Capital Partners and Lead Edge Capital to expand global operations and fund increased innovation in the Trusted Access space
CSRA To Buy Application Development Firm For $235M To Strengthen Intelligence Capabilities (CRN) Praxis Engineering Technologies is an IBM Tier 1 service provider and holds more than 50 technical certifications around IBM's Rational Software Platform, which govern best practices for software development.
Resolver Acquires RiskVision, a Recognized Leader in Integrated Risk Management Software for Security Operations (BusinessWire) Resolver finalizes the acquisition of RiskVision Inc, increasing their market position in IT Risk and Compliance markets.
SAIC takes in $93M Cybercom support task order (Washington Technology) Science Applications International Corp. wins a potential five-year, $93 million Cyber Command support services task order.
Salient CRGT Awarded Contract to Provide Engineering Support (PRNewswire) Salient CRGT announced the award of a $3.2 million subcontract to...
Fortinet's Underappreciated Growth Story (Benzinga) Fortinet Inc (FTNT) is an underappreciated subscription growth story, Deutsche Bank said in a Tuesday note.
Microsoft Takes Jab Back at Google's Security Team (BleepingComputer) No good deed remains unpunished, they say, and so is the case of the recent spat between Google and Microsoft's security teams.
Boston cybersecurity firm Rapid7 is considering new HQ options (Boston Business Journal) The company first leased 43,000 square feet at 100 Summer St. in late 2013, and has since expanded its headquarters to 66,138 square feet across two floors.
John Czupak: A Serial Entrepreneur’s Adventures in Cybersecurity (Robert H. Smith School of Business, University of Maryland) On this episode of Bootstrapped, we interviewed UMD alumnus and serial entrepreneur John Czupak, the President and CEO of ThreatQuotient. Before ThreatQuotient, John worked at Sourcefire in a variety of roles from 2002 to 2013, until he ultimately engineered a $2.7 billion acquisition with Cisco, the 3rd largest pure play cybersecurity acquisition ever. In this episode, John discusses the approach, mindset and key factors that cybersecurity startups must implement to be successful in a competitive environment.
Goldman Sachs Recognizes Cylance Chairman and CEO Stuart McClure for Entrepreneurship (4-Traders) Cylance® Inc., the company that revolutionized the antivirus industry with AI-powered prevention that blocks everyday malware along with today’s most advanced cyberthreats, announced that Goldman Sachs (NYSE:GS) is recognizing Cylance Chairman and CEO Stuart McClure as one of the 100 Most Intriguing Entrepreneurs of 2017 at its Builders + Innovators Summit in Santa Barbara, California.
Appthority Names Anne Bonaparte as CEO (BusinessWire) Appthority, the global leader in enterprise mobile threat protection, announced that Anne Bonaparte has joined the company as its new CEO.
Products, Services, and Solutions
Duo Security Enhancements Shine Light on Unauthorized Devices and Introduce Single Sign-On for All (Duo Security) On the heels of a $70 million Series D funding round at $1.17 billion valuation, Duo Security today also announced enhancements to its flagship Duo Mobile app and new innovations which help harden user and mobile device security as attackers poke holes in the traditional, perimeter-based security model.
InfoArmor Delivers Operatively-Sourced Advanced Intelligence Feature Sets to SIO4 for Their New Mid-Market Offering of Safe House™ - Total Threat Intelligence (Marketwired) SiO4 to brand SAFE HOUSE in part "Powered by InfoArmor"
Opus Helps Companies Respond to May 2018 Regulatory Deadline with New GDPR Solution (Sys-Con Media) Opus launches Third Party GDPR Compliance solution to prepare for May 2018 deadline, facilitating easy, effective management of third-party risk.
Microsoft adds classified, blockchain, more to government cloud platform (Fifth Domain) At its annual Government Cloud Forum, Microsoft announced new advances for its Azure Government program, a U.S. government based cloud system.
AvePoint Launches the Latest Release of the Privacy Impact Assessment System with Newly Integrated Microsoft GDPR Detailed Assessment at the IAPP P.S.R. Conference 2017 (PRWeb) AvePoint to share its expertise about the importance of metadata and profile three GDPR-focused solutions that will help organizations prepare for regulations on the horizon for May 2018.
Anomali Furthers Collaboration with McAfee to Provide Real-Time Threat Intelligence to Joint Customers (Marketwired) Integrated solutions deliver enhanced threat intelligence capabilities to enable faster cyber threat detection
ZeroFOX Added to UK Digital Marketplace as Official Cloud-9 Vendor to Support Digital and Social Media Security Needs in the UK Public Sector (BusinessWire) ZeroFOX, the innovator of social media security & digital risk monitoring, is proud to announce its inclusion in the UK Digital Marketplace as
OPSWAT Unveils New Offering for Device Security and Access Control for SaaS Application Use (PRWeb) OPSWAT today announced the immediate availability of MetaAccess™, a cloud security solution facilitating an enterprise’s move to the cloud with deeper security checks around managed and unmanaged endpoints.
Tanium Expands Security Platform With Asset Module (eWEEK) Tanium CEO Orion Hindawi wants his customers to focus their efforts on fixing the things they actually can control, to help improve security.
Technologies, Techniques, and Standards
NIST Cybersecurity Framework not just for large organizations (CSO Online) Small and mid-sized businesses are at most risk and so have greater need.
Post Cyberattack: The Next Steps Your Business Needs to Take (HackRead) Technology has transformed the face of modern business, and thanks to the internet, it’s easier and faster to share data than ever before. However, sending
3 Tactics to Avoid Insider Threats Posed by Third-Party Contractors (Force 3) “The balance between too much security and too little is delicate. Overzealous access policies can … Continue reading "3 Tactics to Avoid Insider Threats Posed by Third-Party Contractors"
3 Types of Insider Threats & How to Stop Them (Force 3) When we think about insider threats, we typically think about Edward Snowden and Chelsea Manning … Continue reading "3 Types of Insider Threats & How to Stop Them"
Design and Innovation
Another KRACK in the network perimeter (Help Net Security) If we’re going to get out of this infinite loop, we need a different perspective on corporate security architectures that completely breaks from tradition.
Is security on the verge of a fuzzing breakthrough? (Naked Security) Smart, efficient fuzzing could give every developer the opportunity to find bugs efficiently, during development
Research and Development
The time for quantum computing investment 'is now,' experts say (CIO Dive) In the security sphere, a complete rollout of quantum encryption and post-quantum cryptography requires a retrospective update of old systems.
Quantum computing is coming for your encryption, it’s a matter of when (Fedscoop) Everyone knows the age of quantum computing is coming, when it does, today’s most secure encryption on the planet will shattered.
DARPA announces software defined radio UAV hacking event - Homeland Preparedness News (Homeland Preparedness News) The Defense Advanced Research Projects Agency (DARPA) recently announced a week-long event to challenge teams from academia, industry, and the software defined radio (SDR) enthusiast community through a series of hacking sessions called the DARPA Bay Area SDR Hackfest on … Read More »
Academia
IUP team wins cybersecurity grant, will train Western PA workers (TribLIVE.com) Cybersecurity education in Southwest Pennsylvania is getting a boost from the National Security Agency. A team of faculty from Indiana University of Pennsylvania was awarded ...
Legislation, Policy, and Regulation
Australia’s breach disclosure policy has major holes, expert says (Security Brief) Australia’s breach disclosure policy doesn’t go nearly far enough in protecting consumers and pales in comparison to the European Union’s GDPR.
Deterring Cyberattacks (Foreign Affairs) For years, the United States has failed to devise a strategy to deter or respond to cyberattacks. In the future, it must communicate what behavior is acceptable and what is not—and what Washington will do about it.
European Commission: A Firm “No” to Backdoors (Infosecurity Magazine) European Commission: A Firm “No” to Backdoors. Executive wants more decryption expertise to be shared across region
Trump Team 'Dispels' EU Doubts on Data Protection Deal (Security Week) US President Donald Trump's administration has "dispelled" doubts over whether it will stand by a hard-won personal data protection accord with Europe struck during Barack Obama's presidency, the EU said Wednesday.
Jim Mattis says Senate bill hamstrings US cyber action (Washington Examiner) Mattis objected to language in a bill that would require the U.S. to give prior notification to foreign governments before acting on cyber t...
Legislation would let companies cyber-attack their hackers (Compliance Week) With a backdrop of high-profile breaches and October’s designation as “Cyber-Security Awareness Month,” Rep. Tom Graves (R-Georgia) and Rep. Kyrsten Sinema (D-Ariz.) have announced the formal introduction of the Active Cyber Defense Certainty Act (H.R. 4036). The bipartisan bill makes” targeted changes to the Computer Fraud and Abuse Act to allow use of limited defensive measures that exceed the boundaries of one’s network in order to monitor, identify and stop attackers.”
A Turf War Is Tearing Apart the Intel Community’s Watchdog Office (Foreign Policy) Internal scuffling threatens to dismantle the Intelligence Community Inspector General.
DSCA head looking at creating security cooperation university, among other ideas (Defense News) The new head of the Defense Security Cooperation Agency is seriously considering the creation of a security cooperation university, as he looks for ways to speed the famously deliberate foreign military sales system.
Senator: Why won’t DOJ answer my emails on cyber? (Fifth Domain) Sen. Sheldon Whitehouse criticized the Justice Department’s lack of a cybersecurity representative to coordinate with Congress on legislative issues at a Department of Justice Oversight hearing on Wednesday.
Litigation, Investigation, and Law Enforcement
Many Equifax Hack Victims Had Info Stolen Prior to Breach: IRS (Security Week) The U.S. Internal Revenue Service (IRS) believes the recent Equifax breach will not make a significant difference in terms of tax fraud considering that many victims already had their personal information stolen prior to the incident.
38 attorneys general ask Experian, TransUnion to stop credit-freeze fees (Mortgage Professional America) Illinois’ attorney general also initiated a state bill that would eliminate such fees
OPINION: It’s time we penalize, not reward, corporate negligence (Dayton Daily News) Does the number 143 million sound familiar?
FBI Asks Businesses to Share Details About DDoS Attacks (Threatpost) The FBI has made an appeal to organizations victimized by DDoS attacks to share details and characteristics of those incidents,
Vladimir Putin’s rage triggered by President Obama’s diplomatic moves (The Washington Times) In interview after interview with top U.S. intelligence officials and foreign diplomats about the downward spiral in U.S.-Russian relations, one date keeps resurfacing: January 2012.
What's Next after the SEC 'Insider Trading' Breach? (Dark Reading) Last month's hack of the Security Exchange Commission may prove to be the most high-profile corporate gatekeeper attack to date. But it definitely won't be the last.
Judge shocked to learn NYPD’s evidence database has no backup (Ars Technica) All data would be lost if PETS’ DB2 server went down or data corrupted.