Atlanta: the latest from the ICS Security Conference
2017 ICS Cyber Security Conference (Control Global) The 17th ICS Cyber Security Conference will be held the week of October 23rd in Atlanta, GA (www.icscybersecurityconference.com).
Panel session on using cyber to manipulate physics to cause kinetic damage (Control Global) October 25th at the 2017 ICS Cyber Security Conference in Atlanta, Neil Holloran, Ken Loparo from Case Western, and myself will host a panel session on using cyber means to manipulate physics.
Cyber Attacks, Threats, and Vulnerabilities
Russia’s Election Hackers Use D.C. Cyber Warfare Conference as Bait (The Daily Beast) The Kremlin’s top hackers are turning a gathering packed with NATO and U.S. military cyber defenders into an opportunity for more attacks.
“Cyber Conflict” Decoy Document Used In Real Cyber Conflict (Talos Intelligence Blog) Cisco Talos discovered a new malicious campaign from the well known actor Group 74 (aka Tsar Team, Sofacy, APT28, Fancy Bear…).
Twitter CEO Jack Dorsey Retweeted Alleged Russian Trolls (The Daily Beast) Even Jack Dorsey fell for Moscow’s propaganda, it appears. He retweeted messages from an account identified by an independent Russian news agency as Kremlin-created.
Report: Twitter CEO took a Russian impostor’s bait in 2016 (Ars Technica) The retweets were for innocent, “positive" stories.” And that was the point.
Antisocial media? (TechCrunch) As Facebook finds itself publicly on the hook for enabling Russian agents to spread divisive propaganda via its platform, be it in the form of fake news,..
GCHQ foils Northern Ireland cyber attack (BelfastTelegraph.co.uk) Northern Ireland infrastructure has been hit by
U.S. warns public about attacks on energy, industrial firms (Reuters) The U.S government issued a rare public warning that sophisticated hackers are targeting energy and industrial firms, the latest sign that cyber attacks present an increasing threat to the power industry and other public infrastructure.
US DHS Warns CNI Firms of Dragonfly Attacks (Infosecurity Magazine) US DHS Warns CNI Firms of Dragonfly Attacks. New campaign focused on stealing ICS and SCADA data
India is an unexpected axis of North Korea's suspect cyber activity (Quartz) Researchers have discovered patters of internet use that mirror those of hackers based in China.
‘IOTroop’ Botnet Could Dwarf Mirai in Size and Devastation, Says Researcher (Threatpost) Malware dubbed IOTroop that researchers say is 'worse than Mirai' has already infected one million businesses worldwide.
Hackers scanning for unsecured SSH private keys on WordPress sites (SC Magazine) Lack of key security allows criminals keys to the kingdom after scanning 25,000 systems per day to find unsecured SSH private keys.
Hackers Distribute Malware-Infected Media Player to Hundreds of Mac Users (Motherboard) Yet another software supply-chain attack hits popular applications.
MacOS Proton backdoor delivered via Trojanized media player app (Help Net Security) A Trojanized version of Elmedia Player software for Mac was available for download for who knows how long from the developer's official site.
New Magniber Ransomware Targets South Korea, Asia Pacific (Threatpost) Researchers identified a new ransomware family called Magniber that uniquely only targets users in South Korea and the Asia Pacific regions.
Security Experts Disturbed by Magniber Ransomware (Virus Guides) Security researchers got disturbed by a brand new ransomware family, called Magniber. The malicious threat is being distributed via the Magnitude exploit k
Malware Invaders - Is Your OS at Risk? (AlienVault) Malware Invaders - Is Your OS at Risk?
Kaspersky Lab Hits Back with Global Transparency Initiative (Infosecurity Magazine) Kaspersky Lab Hits Back with Global Transparency Initiative. Russian AV giant will offer source code for independent review
Take our word (Kaspersky Lab) Kaspersky Lab announces comprehensive transparency initiative
Kaspersky Software Hack of US Intelligence Is a New Type of ‘Trojan Horse’ (In Homeland Security) Americans paid Kaspersky Lab for the privilege of using its antivirus software that sucked out their information and sent it to Russia.
Is a telco in Brazil hosting an epidemic of open SOCKS proxies? (SANS Internet Storm Center) I became interested in how criminals and bad actors conceal the origin point of their Internet traffic. TOR, The Onion Router project, is one common way to anonymize Internet traffic. TOR nodes allow any proxy-aware application to send traffic through the encrypted anonymity tunnel...
Cloud Security Alliance Releases Updates to 'The Treacherous 12: Cloud Computing Top Threats in 2016' (PRNewswire) The Cloud Security Alliance (CSA), the world's leading organization dedicated...
Top Threats to Cloud Computing Plus: Industry Insights - Cloud Security Alliance (Cloud Security Alliance) Abstract: The Top Threats to Cloud Computing Plus: Industry Insights serves as a validation of the relevance of security issues discussed in the earlier document as wells as provides references and overviews of these incidents. In total, 21 anecdotes and examples are featured in the document. The references and overview of each anecdote and example...
Cybercriminals focus on the shipping and cloud storage sectors (Help Net Security) APWG found upticks in phishing attacks against companies in the Logistics & Shipping as well Cloud Storage & File Hosting sectors.
How I Socially Engineer Myself Into High Security Facilities (Motherboard) A pentester shares a story that shows how social engineering can get you anywhere.
In leaked audio, Facebook security chief says its corporate network is run "like a college campus" (ZDNet) The source of the recording said Facebook's senior management and executives were apathetic to matters of cybersecurity. Alex Stamos said he used one of the remarks "as a figure of speech."
Infosec shouldn't eat their own, we're better than this (Help Net Security) The foundation of a work relationship is trust. In the absence of trust, there is chaos. In the absence of trust, we all lose.
NBN attacked by pirate internet operators installing shadow networks (Australian) Pirate internet providers who are installing shadow networks for thousands of new apartments around Australia have cost the National Broadband Network tens of millions of dollars in wasted connection fees and are causing the taxpayer-owned company to lose millions more each year in lost subscriptions.
Hackers Take Over Funeral Home's Email Account and Run Online Scams (BleepingComputer) Hackers have taken over the email account of a Louisiana funeral home and are sending email scams to the company's customers, asking for money.
Security Patches, Mitigations, and Software Updates
Google might block embedded cryptocurrency mining with new Chrome feature (HackRead) Google Aims to Put an End to Secret Cryptojacking by Making In-Browser Permissions Necessary. In-browser cryptocurrency mining has become the latest obsess
Cyber Trends
The cyber man v state hackers (Times) Cyber security expert Paul C Dwyer expected a certain amount of scrutiny when he contacted whistle-blower Edward Snowden to ask him to speak at next week’s Cyber Threat Summit conference in Dublin...
Research highlights a record number of conveyancing related cyber thefts (Today's Conveyancer) The Law Society has published its latest roundup, highlighting recent research on the legal services market. The roundup covers information from legal sector bodies, the Ministry of Justice, academics and others interested in the sector. According to the report, the Solicitors Regulation Authority (SRA) has seen a record number of reports of cyber thefts from …
Aviation must rally to fight intensifying cyber threats (tnooz) Aviation industry leaders must fight growing cybersecurity threats according to a leading industry figure.
Cybersecurity tops list of concerns for IN fabricators (KPCNews) bhernandez@kpcmedia.com
Marketplace
Surveying 17 Anti-Virus Firms on Their Security Practices (BankInfo Security) The Kaspersky Lab saga raises questions about how vulnerable any anti-virus products and back-end cloud networks might be to hacking. Asked to detail exactly what
Cybersecurity Tops Venture Capital Funding (PYMNTS.com) With more than $172 million raised in total, it was a healthy week for B2B startups, though one clear winner emerged: cybersecurity, which landed nearly 70 percent of the total funding. Two cybersecurity companies came out on top, but they both focus their enterprise security efforts in different ways. It’s probably a good thing, too, […]
Is Your Business Insured Against A Cyber Attack? (JD Supra) Your business has insurance coverage for flood and fire damage. You are protected if an employee gets into a car accident. But are you covered for a cyber...
Booz Allen Hamilton (BAH) to Acquire Morphick, Inc (Street Insider) Booz Allen Hamilton (NYSE: BAH) today announced that it has entered into an agreement to acquire technology firm Morphick, Inc., a leader in managed detection and response (MDR) services.
Tech Giants Are Paying Huge Salaries for Scarce A.I. Talent (New York Times) Nearly all big tech companies have an artificial intelligence project, and they are willing to pay experts millions of dollars to help get it done.
Google partners with bug bounty platform HackerOne to reward researchers to fix Play Store apps (The Drum) To step up safety of Play Store, Google has announced a $1,000 (£760) bounty for security researchers to hack and fix the apps as part of its Google Play Security Reward Program.
IBM to boost cybersecurity awareness with start-ups (Business Standard) Globally, companies noticed a 10% drop in data breach cost
NATO’s cyber security hampered by old-style cost models and acquisition delays (Jane's 360) Officials at the NATO Communications and Information Agency (NCIA), the alliance’s cyber and information and communications technology (ICT) procurement wing, say they intend to push down the cost of NATO’s contracted cyber security products and services by, among other things, targeting the operations and maintenance (O&M) side to cyber security and shifting more of NATO’s ICT functions to the cloud.
Is Raytheon a Buy? (Madison.com) Raytheon (NYSE: RTN) is a strong company with a healthy order book, yet it is also currently trading at a historically high multiple to earnings. So is now a good
Tourism attracts new Cyber security firm to Savannah (Savannah Now) Savannah’s tourism industry has played a role in attracting a new business to Bull Street.
Cohesive Networks CFO Takes National Role in Fighting Cybersecurity RisksDwight Koop Elected Treasurer of FBI's InfraGard National Member Alliance (Business Insider) Dwight Koop, Cohesive Networks’ COO and CFO, was elected to the Treasurer of the FBI's InfraGard National Member Alliance. Mr. Koop was elected at the InfraGard National Congress in Dallas September 25 - 28, 2017.
Nominet names Whitburn as SVP for cyber security (Capacity Media) Nominet has named Simon Whitburn as its new senior vice president for cyber security services as it looks to expand its presence in the sector on a global level.
Products, Services, and Solutions
Imperva Expands Global Incapsula Network to Increase Performance and Speed Attack Mitigation (BusinessWire) Imperva expands global Incapsula network to increase performance and speed attack mitigation
Find your unprotected Amazon S3 buckets with this free tool (The Next Web) Left your S3 Bucket set to public? I wouldn't.
Technologies, Techniques, and Standards
Breached? The Need for Speed in the Golden Hour (TEISS) The critical first hour or 'golden hour' is after something does slip through the net from a technical and organisational perspective
Boards need battleplan to combat cyber-attacks (Asset Finance International) More than two-thirds of FTSE 350 boards have never received any training to deal with a cyber-attack and 10% have no plans in place to respond to an incident, UK government research has revealed.
What knowledge factors qualify for true two-factor authentication? (SearchSecurity) Applying two-factor authentication to a mobile device can create confusion. Michael Cobb clears the air around knowledge factors and BYOD.
Dev writes Ethereum code for insecure SHA-1 crypto hash function (Register) Interaction with legacy systems but not all think it's a good idea
Code Signing in the Age of Cloud and IoT (Infosecurity Magazine) Code signing is the key to unlocking the IoT’s true potential, ensuring security and safety are embedded in every device.
The 10 misconceptions of using a policy-based approach for access control (Help Net Security) Attribute Based Access Control is the evolution from simple access control lists and role-based access control, to a highly flexible system.
Cyber-security means empowering staff - right down to the caretaker (Independent) The castle wall - the ultimate in safety and protection. And not just as a medieval fortress. For many years now, the castle has been used as a metaphor to teach the basic concepts...
Research and Development
‘Unhackable’ electronic chip being developed in Abu Dhabi (The National) New York University Abu Dhabi researcher says the chip, which could be used in phones, is the first prototype to have security features built into the hardware and he is inviting hackers to try to break the code
Rumbles of the Quantum Computing Revolution in Security (The Cipher Brief) Theoretical ideas appear to be on the brink of spurring a revolution in quantum technologies and, as a result, defense and national security.
Legislation, Policy, and Regulation
China goes looking online for government secrets (CSO Online) China’s president painted a picture of openness and diplomacy, but cyber activity that seems to come from the country indicate Chinese hackers pose a threat.
Hack-back bill would legalize companies hacking their attackers (Naked Security) What could possibly go wrong?
Companies Need to ‘Think Twice’ Before Retaliating Against Hackers (The Cipher Brief) While hacking back may be the most sexy of options, it is one that we should rarely employ.
Rosenstein's "Responsible Encryption" a Fallacy, Experts Say (Bigger Law Firm Magazine) U.S. Deputy Attorney General Rod Rosenstein recently reignited debate around digital encryption and its ability to thwart investigations into increasingly many crimes. In remarks delivered at the United States Naval Academy in Annapolis, Maryland, Rosenstein took Silicon Valley to task, characterizing tech companies as standing in the way of public safety.
Lady officers to be Indian Army's cyber warriors (Business Today) Seeking to open new avenues for women officers in the force, the Indian Army is planning to deploy them as cyber warriors to deal with the threats in the domain.
Litigation, Investigation, and Law Enforcement
Europol calls for cooperation on Darkweb and IOT use by criminals (SC Media UK) A coordinated law enforcement approach to Dark Web called for by Europol and Interpol; Europol/ ENISA warn of IOT use by criminals
Today’s bank heists aren't what they used to be with the battle now fought out in cyberspace (The Telegraph) Bank heists aren’t what they used to be.
UK Fraud Dominated By Cyber (Infosecurity Magazine) The most common type of fraud reported was bank and credit-card fraud, with more than 2.5 million incidents in the period.
Websites 'complicit in cyber-crime' (BBC News) A police chief calls for more to be done to tackle cyber-crime on sites such as Craigslist.
Man arrested after ‘good morning’ post was mistranslated by Facebook as ‘attack them’ (CSO Online) Israeli police arrested a Palestinian man after his “good morning” post was translated by Facebook as “attack them.”
Teen hacker sentenced for serious disruption of Phoenix 911 system (Naked Security) He intended to build a “non-harmful but annoying bug that he believed was ‘funny.’”
