Atlanta: the ICS Security Conference
The Iranians know about the lack of security in Level 0,1 devices (Control Global) Early yesterday morning, I received a Linked-in “Like” of my Defcon presentation on the lack of ICS cyber security of Level 0,1 devices from a Senior Technical Support Engineer from an infrastructure company in IRAN.
Industrial and Critical Infrastructure Networks Are Ripe Targets for Cyberattackers, According to New Risk Data from CyberX (PRNewswire) CyberX, the industrial cybersecurity company safeguarding ICS infrastructures...
Cyber Attacks, Threats, and Vulnerabilities
Multiple Ransomware Infections Reported (US-CERT) US-CERT has received multiple reports of ransomware infections, known as Bad Rabbit, in many countries around the world.
New wave of cyber attacks hits Russia, other nations (Reuters) Cyber attacks using malware called "BadRabbit" hit Russia and other nations on Tuesday, affecting Russian Interfax news agency and causing flight delays at Ukraine's Odessa airport.
BadRabbit ransomware attacks multiple media outlets (CSO Online) On Tuesday, Russian media outlet Interfax said in a statement their servers were offline, due to a virus attack. The news agency shifted their reporting efforts to Facebook while they work to recover. A short time later, Russian security firm Group-IB posted a screenshot of the ransomware in action, calling it BadRabbit. Here's everything that's known so far.
'Bad Rabbit' Ransomware Attacks Rock Russia, Ukraine - and Beyond (Dark Reading) Attack employs new version of infamous NotPetya ransomware used in June attacks on Ukraine targets.
BadRabbit Ransomware Attacks Hitting Russia, Ukraine (Threatpost) A ransomware attack called BadRabbit has put a halt to business inside a handful of Russian and Ukrainian businesses.
New Ransomware ‘Bad Rabbit’ Spreading Quickly Through Russia and Ukraine (Motherboard) There’s a potentially massive new ransomware spreading in eastern Europe.
New malware 'BadRabbit' strain attacks hit Russia, other nations (CRN Australia) Is 'BadRabbit' the new NotPetya?
Bad Rabbit ransomware outbreak (Naked Security) The Bad Rabbit ransomware outbreak is spreading into Europe from Russia
BadRabbit ransomware spreading in Russia and the Ukraine, vaccine posted (SC Media US) Several Russian news agencies and other targets in the Ukraine have reportedly being hit with cyberattacks, which the security firm GroupIB believes to be based on a new variant of Petya called BadRabbit.
An Aftershock of NotPetya Ransomware Sweeps Russia and Ukraine (WIRED) "BadRabbit," linked to the authors of NotPetya, hits hundreds of victims, including subways, an airport, and media firms.
Ukraine airport says tightened security after cyber attack (Reuters) Ukraine's Odessa airport said on Tuesday it had tightened security measures after being hit by a cyber attack, while the metro system in Kiev also reported a hack on its payment system.
Kaspersky detects Lazarus-controlled servers in India (The Economic Times) Kaspersky Lab has uncovered a number of compromised servers being used as part of the threat actor's global command and control infrastructure, the software company said.
Kim Jong-un could attack the West without firing a missile (NewsComAu) NORTH KOREA is capable of unleashing a chaotic attack on Australia or the United States without launching a single missile.
Reaper, a massive new botnet, is a cyberattack waiting to happen (ZDNet) Reaper is on track to become one of the largest botnets recorded in recent years — and yet nobody seems to know what it will do or when. But researchers say the damage could be bigger than last year's cyberattack.
Reaper IoT Botnet (eSentire Managed Detection and Response) Researchers have discovered a large “Internet of Things” (IoT) botnet with similarities to Mirai. Known as “IoT Troop” or “Reaper”, this threat targets IoT devices by exploiting vulnerabilities on internet connected devices such as IP cameras and consumer grade routers.
DUHK attack recovers secret keys from Fortinet devices (iTnews) "Absurd" flaw in government-certified crypto.
DUHK Attack Exposes Gaps in FIPS Certification (Threatpost) The DUHK Attack leverages a 20-year-old random number generator flaw to recover private keys. More pertinent, researchers said, is that the flaw exposes gaps in the FIPS certification process.
DUHK attack, continuing a week of named issues (SANS Internet Storm Center) DUHK (Don't Use Hard-coded Keys) is an attack that exploits devices that use the ANSI X9.31 Random Number Generator and have a hard-coded key. Turns out that hard-coded crypto keys are not that uncommon in products.
FIN7 Spear Phishing Attacks Now Aim At Avoiding Detection (HackRead) The FIN7 hacking group has been targeting organizations from the retail sector of late, and Security Research Team from ICEBERG was busy tracking the activ
Nearly undetectable Microsoft Office exploit installs malware without an email attachment (TechRepublic) Security firm Sophos uncovered a zero day exploit that targets a 24-year-old data exchange protocol, and it can be used to silently attack machines with very little means of detection.
Banking Trojan Uses Malware Macros to Evade Sandbox Detection (Security Intelligence) Security researchers observed a spam campaign that leverages PowerShell's AutoClose feature to deliver a banking Trojan while eluding sandbox detection.
Magnitude EK Targets South Korea with Language-Specific Ransomware (Infosecurity Magazine) The Magniber ransomware payload won’t execute if the system language is not Korean.
Dell Lost Control of Key Customer Support Domain for a Month in 2017 (KrebsOnSecurity) A Web site set up by PC maker Dell Inc. to help customers recover from malicious software and other computer maladies may have been hijacked for a few weeks this summer by people who specialize in deploying said malware, KrebsOnSecurity has learned.
APNIC Whois Database Password Hashes Were Available for Download (BleepingComputer) The Asia-Pacific Network Information Centre (APNIC), the organization that manages domain name information for the Asia-Pacific region, fixed on Monday an error that exposed password hashes needed to access and edit domain ownership details.
Offshore Law Firm Braces for Publicity Bombshell After Security Incident (Infosecurity Magazine) Offshore Law Firm Braces for Publicity Bombshell After Security Incident. Appleby’s clients include super rich and large corporations
Cosmetics Brand Tarte Exposed Personal Information About Nearly 2 Million Customers (Gizmodo) Tarte Cosmetics, a cruelty-free cosmetics brand carried by major retailers like Sephora and Ulta, exposed the personal information of nearly two million customers in two unsecured online databases.
Cyber Trends
Immersive technologies are game changers for cybersecurity job growth (Help Net Security) 74% say that the use of gaming and VR technology in the fight against cybercrime would increase the likelihood of them pursuing a cybersecurity career.
Modern Cybersecurity Totally Futile in Quantum Computing Era (MarketWatch) Quantum computing uses the power of atoms to perform memory and processing tasks and remains a theoretical concept.
GDPR and Reputation Loss Bother Businesses (Infosecurity Magazine) 39% of European respondents identified GDPR as a business risk, compared to PCI DSS and ISO 27001/2.
Marketplace
DoD acquisition ‘slow by design,’ can’t handle cybersecurity defense (FederalNewsRadio.com) It's designed to develop weapons systems while holding to competition, transparency and integrity, but it can’t keep up with cybersecurity defense.
Fifth annual survey by Raytheon, Forcepoint and NCSA finds young adults' interest in cybersecurity careers stagnant (Business Insider) An annual survey commissioned by Raytheon Intelligence, Information and Services, Forcepoint and the National Cyber Security Alliance (NCSA) revealed that despite increased awareness of what a career in cybersecurity might look like, millennials remain unprepared for and uninterested in pursuing a career in the field.
Why one top cybersecurity official thinks millennials aren't flocking to her industry (Washington Business Journal) Government contracting executives say the lack of trained cybersecurity talent among millennials could turn into a national security issue.
Women in Cybersecurity DC Event (null) Diversity in the workforce and being able to support other women in the security field are really important initiatives. Diversity drives creativity and innovation, and companies that support diversity tend to grow, expand, remain competitive, and deliver more meaningful solutions to the marketplace.
Skybox Security Raises $150 Million Led by CVC Capital Partners' Growth Fund with Participation from Pantheon (Globe Newswire) Skybox(TM) Security, a global leader in cybersecurity management, announced today the company signed a definitive agreement to receive a $150 million growth equity investment led by CVC Capital Partners' Growth Fund (CVC Growth) for $100 million, with participation from Pantheon for $50 million.
Kevin Mitnick’s ransomware defense firm, KnowBe4, gets $30M investment (CSO Online) Kevin Mitnick's firm KnowBe4 has secured a $30 million investment led by Goldman Sachs.
How empathy carried Duo Security to a $1 billion valuation (Concentrate) Duo raised $70 million in a recent round of financing, placing the company among the small handful of venture-backed private companies worth $1 billion or more.
Armed with $180M in VC funding, cybersecurity firm Darktrace expands to Ottawa (Ottawa Business Journal) As cybersecurity threats spread like the flu, an international firm claiming to be the cure has expanded its operations to Ottawa.
Averon Banks $8.3 Million, Promises 'Frictionless' Mobile Authentication (eSecurity Planet) San Francisco-based Averon, a mobile authentication startup, announced today that it had secured $8.3 million in an Avalon Ventures-led Series A round of funding.
Early and growth stage cyber technology companies to benefit from new collaboration between VT Partners and Paladin Capital (ResponseSource Press Release Wire) Paladin announces former Carlyle Group Director Nazo Moosa as its new Senior Strategic Partner Europe in a unique collaboration with VT Partners.
Netonomy wants to win in the race to secure the smart home (Stacey on IoT) This week’s KRACK vulnerability brought to light many of the fears around connected gadgets proliferating in our homes. Perhaps the biggest one being that such gadgets could lead to some epic secur…
Products, Services, and Solutions
Legal hackback lets you go after attackers in your network (CSO Online) Security startup Cymmetria has put together a tool and a framework to help security defenders hackback legally as part of incident response activities.
TCS, Palo Alto Networks offer public cloud security (The Economic Times) TCS' global Security Operations Centres will be leveraged to monitor advanced cyberthreats and secure organisations against malicious cyberattacks.
Kromtech launches tool to identify and prevent Amazon cloud server leaks (Healthcare IT News) In response to the influx of data breaches caused by misconfigured cloud databases, the security firm has developed a tool that will let administrators check if their bucket is inadvertently being shared with the public.
Netskope Context-Aware Information Rights Management Program Provides Protection That Follows the Data (PRNewswire) Netskope, the leader in cloud security, today announced the Netskope...
Cygilant Launches New Vulnerability and Patch Management Subscription Service to Support and Equip Lean IT Teams to Effectively Stop Cyber Threats and Exploits (PRWeb) Cygilant’s industry-first ‘One Vendor’ approach to vulnerability and patch management aims to streamline workflows; speeding cyber threat response times and lowering cost of ownership
CRN Exclusive: Tenable Unveils New Partner Program To Help Customers Bridge Their 'Cyber Exposure' Gap (CRN) Tenable on Tuesday launched its Cyber Exposure partner ecosystem, which the company hopes will help customers battle cyber exposure gap as they adopt new technologies like cloud and IoT.
ThreatMetrix, ID.me to partner on government ID services (Security Document World) ThreatMetrix, The Digital Identity Company and ID.me announced a new partnership to deliver integrated identity verification solutions for government and commercial clients.
Ledger, Intel Partner to Boost Blockchain App Security (Block Tribune) Blockchain firm Ledger has teamed with Intel to provide a secure solution for storing digital assets.
Amazon debuts Cloud Cam and Key to take on Nest, August and others in home security (TechCrunch) Amazon wants to be the hub for your connected home, and today the company announced two new products that will help it fill out that ambition, specifically in..
Technologies, Techniques, and Standards
Google: This surge in Chrome HTTPS traffic shows how much safer you now are online (ZDNet) Google's HTTPS-everywhere push is showing results in page loads on Chrome.
Services Ponder How to Train Like They Fight for Cyber (SIGNAL Magazine) The U.S. military must find ways to educate its ranks to respond to cyberthreats.
Legislation, Policy, and Regulation
Putin Will Require Cryptocurrency Miners to Register With the Government in 2018 (Motherboard) After months of conflicting statements, Russia has finally outlined its plan for cryptocurrencies.
Senate Intel advances surveillance reform bill (TheHill) The Senate Intelligence Committee on Tuesday voted to advance a proposal to reform the National Security Agency's (NSA) warrantless surveillance...
Protecting Our Electoral Security - Georgetown Public Policy Review (Georgetown Public Policy Review) Cybersecurity has become an increasingly salient topic in the realm of national defense. The reliance on technology for military, intelligence, and domestic infrastructure has made the disruptive potential of cyber-attacks for national security greater than ever. Elections are uniquely at risk. The aftermath of 2016 highlighted the importance of cybersecurity in election integrity. Almost four-fifths...
Facing Prospect of Regulation, Twitter Plans Ad Disclosures (WIRED) As lawmakers discuss new rules for political ads, Twitter says it will reveal who's paying for ads and who's being targeted.
Political ads on Twitter will now be labeled with lots of spending data (Ars Technica) Follows mounting congressional pressure about social media ads and disclosure.
Legislative Efforts in the Wake of Maritime Cyberattacks (The Maritime Executive) In June the maritime industry experienced what many consider a particularly insidious form of cyber attack known as GPS Spoofing, where global
Consumer Group Calls for Changes to Data Protection Bill (Infosecurity Magazine) Consumer Group Calls for Changes to Data Protection Bill. Which? wants to make it easier for Brits to seek redress in event of a breach
Litigation, Investigation, and Law Enforcement
Worker who snuck NSA malware home had his PC backdoored, Kaspersky says (Ars Technica) Kaspersky presses its case it didn't knowingly help Russia steal NSA secrets.
How Kaspersky Lab got on the US government's bad side (CNET) Here's what we know so far about the investigation into the cybersecurity firm's ties to Russia.
Kaspersky CEO defends security products, claims innocence (CIO Dive) The Russian security firm claimed that the recent allegations seem to be rooted in damaging the security software provider's reputation without the opportunity of due process.
Equifax Faces U.K. Regulatory Investigation Over Cyber Attack (Bloomberg) The U.K. Financial Conduct Authority opened an investigation into the hack of credit reporting company Equifax Ltd. that saw personal data stolen from at least 143 million people.
Spy fears over lost security manual (Australian) Defence giant BAE Systems Australia has become embroiled in an embarrassing blunder after admitting it lost a 1000-page manual that contained draft details of Parliament House’s security overhaul.
Report reveals ‘6 personas’ of money launderers (Lawyers Weekly) An international security company has analysed the characteristics of people involved in the various stages of money laundering, with a view to helping businesses stamp out the criminal practice.
Agencies get involved in Connecticut Cyber Task Force (LMT online) The state of Connecticut now has a task force that’s sole mission is to investigate crimes in cyberspace, according to the Department of Justice.