Atlanta: a look back at the ICS Cybersecurity Conference
World's Most Common Industrial Control Protocol Dates From 1979 (BankInfo Security) Much of the world's critical infrastructure gets controlled by ICS or SCADA systems. But passive network traffic analysis by industrial control system security firm
DHS, FBI Identify Tactics in Cyberattack Campaign Targeting Industrial Control Systems (POWER Magazine) DHS and FBI warned an ongoing cyberattack campaign targeting the nuclear and energy sectors since at least May 2017 employs a number of disruptive tactics.
Quantum, darknet could solve energy sector’s cybersecurity problems (Fifth Domain) Protecting the U.S. energy grid from cyberattack requires the migration to cutting-edge technological tools such as dark fiber and quantum computing.
Cyber Attacks, Threats, and Vulnerabilities
Anonymous targets Spanish government sites in Catalan independence controversy (SC Media US) Hackers from the vigilante group Anonymous targeted websites run by Spain's Ministry of Public Works and Transport on Oct. 21 in support of the Catalan independence movement.
NATO chief says allies concerned about Russian phone jamming (C4ISRNET) A Russian communications ship in the Baltic Sea is suspected of disrupting phone services in Latvia, Norway and Sweden’s Oeland islands during the Sept. 14-20 Zapad exercises that Russia held with Belarus.
Hackers Prepping IOTroop Botnet with Exploits (Threatpost) Researchers warn that hackers have weaponized a vulnerability that could be used in an IOTroop (or Reaper) attack, bringing the likelihood of an attack one step closer.
IoT_reaper: A Few Updates (360 Netlab Blog) Here is a quick follow up post regarding to our initial blog. IoT_reaper Sample History The historical delivery of the IoT_reaper samples we observed through our honeypot are as follow: It is noticeable that most malicious samples for IoT_reaper are located at the following URL:
Infosec expert viewpoint: DDoS attacks (Help Net Security) Infosec experts from Arbor Networks, Corero Network Security, Kentik, Radware, and Trustwave, talk about the threat of modern DDoS attacks.
BACKSWING - Pulling a BADRABBIT Out of a Hat (FireEye) On Oct. 24, 2017, coordinated strategic web compromises started to distribute BADRABBIT ransomware to unwitting users. FireEye appliances detected the download attempts and blocked our user base from infection.
EternalRomance Exploit Found in Bad Rabbit Ransomware (Threatpost) Researchers at Cisco found a modified version of the leaked NSA exploit EternalRomance in this week’s Bad Rabbit attack.
Bad Rabbit Burrowing Into Networks (Infosecurity Magazine) Bad Rabbit is an example of how a small variant is enough to have similar effects comparable to previous scenarios.
Security Firms Say Bad Rabbit Attack Carried Out by NotPetya Group (BleepingComputer) Several security firms have come forward today with evidence that shows links connecting the Bad Rabbit ransomware outbreak that happened yesterday with the NotPetya ransomware outbreak that took place at the end of June, this year.
BadRabbit Attack Appeared To Be Months In Planning (BankInfo Security) The BadRabbit ransomware attack appears to have been designed for smokescreen, disruption or extortion purposes, if not all of the above. So who's gunning for
Ransomware like Bad Rabbit is big business (National Post) October is Cybersecurity Awareness month, which is being observed in the United States, Europe, and elsewhere around the world. Ironically, it began with updates about a large-scale hack, and is ending with a large-scale ransomware outbreak.
This malware turns itself into ransomware if you try to remove it (HackRead) IT security researchers at SfyLabs have discovered an Android banking malware called LokiBot that converts itself into a fully fledged ransomware once the
Lackadaisical NHS trusts to blame for WannaCry ransomware compromise, concludes National Audit Office (Computing) Department of Health warned of rising IT security risks a year before WannaCry, but NHS trusts ignored advice, claims NAO
NHS could have avoided WannaCry simply by patching Windows 7 or securing firewalls, claims NAO (Computing) All organisations infected by WannaCry shared the same vulnerability and could have taken relatively simple action to protect themselves
Regional Internet Registry Leaks WHOIS Database (Infosecurity Magazine) Regional Internet Registry Leaks WHOIS Database. APNIC blames technical error for privacy snafu
Ethereum Phishing Attack Nets Criminals 15K in Two Hours (BleepingComputer) A Ethereum phishing scam netted attackers over $15,000 in just two hours. This was done by creating a site pretended to be a popular online Ethereum wallet site and using it steal people's wallets..
Flashpoint - "Ultimate Anonymity Services" Shop Offers Cybercriminals International RDP Servers (Flashpoint) "Ultimate Anonymity Services" (UAS) is a popular Dark Web marketplace that sells access to compromised Remote Desktop Protocol (RDP) servers
Breaking: Equifax Knew of Security Flaws Months Before It Was Hacked (Motherboard) Last year, a security researcher alerted Equifax that anyone could have stolen the personal data of all Americans. The company failed to heed the warning.
Ursnif Banking Trojan Spreading In Japan (Threatpost) Threat actors behind the pervasive banking Trojan Ursnif made Japan one of their number one targets with fresh waves malspam attacks spotted last month.
Backdoor Account Found in Popular Ship Satellite Communications System (BleepingComputer) A popular satellite communications (SATCOM) system installed on ships across the world is affected by two serious security flaws — a hidden backdoor account with full system privileges access and an SQL injection in the login form.
Two Critical Vulnerabilities Found In Inmarsat's SATCOM Systems (Threatpost) Researchers are warning of two critical vulnerabilities in global satellite telecommunications company Inmarsat's SATCOM systems that could allow attackers to infiltrate a ship's on-board computer system.
Security flaw could have let hackers turn on smart ovens (Phys.org) A security flaw in LG's smart home devices gave hackers a way to control the household appliances of millions of customers, including the ability to turn on ovens, a computer security firm revealed on Thursday.
Oklahoma's public utilities commission detects cyberattack (Sacramento Bee) Officials say a cyberattack on Oklahoma's public utilities commission mostly affected its information technology systems.
Coinhive breached due to old, reused password (Help Net Security) Coinhive's DNS records have been surreptitiously changed by attackers, allowing them to steal cryptocurrency mined via the project's script.
jQuery Blog Gets Hacked - Hackers Compromise CoinHive's DNS (HackRead) In two different incidents, security of high profile platforms was compromised. These platforms include jQuery and CoinHive. jQuery Earlier today, two hack
Apple's Machine Learning Engine Could Surface Your iPhone's Secrets (WIRED) Apple's Core ML is a boon for developers, but security experts worry that it also could make it easier for bad actors to snoop on your private data.
Online dating apps riddled with security risks (IT Pro Portal) Kaspersky Lab investigation finds major security vulnerabilities in popular dating apps which could allow criminals to read messages and even track down user locations.
The Little Black Box That Took Over Piracy (WIRED) After torrenting's long fade,"fully loaded" Kodi boxes became the pirate's method of choice. Now, a legal crackdown looks to stop its rise.
Famous malware threats: Where are they now? (CSO Online) The headlines may be dominated by news of NotPeyta and Wannacry, but watch out for the ‘golden oldie’ malware like Conficker and Zeus. They are still dangerous.
Security Patches, Mitigations, and Software Updates
Slack Plugs 'Severe' SAML User Authentication Hole (Threatpost) Cloud-based communications platform Slack finished patching a severe security hole Thursday affecting portions of its platform that used Security Assertion Markup Language for user authentication.
Cyber Trends
Cyberwarfare: The Most Stealthy Weapon Is Information (Northrop Grumman) Cyberwarfare accelerated over the last decade with stolen secrets, data breaches and even physical destruction of industrial systems. Here's more.
A Tale of An Industry: The Finance Sector & Data Breach Type Trends (BitSight) BitSight’s research on different types of breach trends in the Finance industry highlights a rise in web application compromise.
Lending industry faces higher fraud costs than e-commerce, retail and financial services (Help Net Security) Research has demonstrated that lending industry faces higher fraud costs. Large digital lenders, with over $50 million in revenue, are hit hardest by fraud.
Top threats impacting endpoint security decisions (Help Net Security) Research shows that the majority of businesses across the globe are either currently or planning to incorporate machine learning in their endpoint defenses.
Marketplace
McAfee stops allowing governments to review source code (TheHill) Disclosure follows revelation that U.S. companies allowed Moscow to review source code in order to sell products in Russia.
Unit 8200 hits the road in America (Jerusalem Post) A dozen women, along with seven start-up founders, to speed-date with US investors.
Goodbye uzi, hello big brother: The Israelis arming the world with sophisticated cyber-weapons (Haaretz) The NSO Group, founded by graduates of Israel’s prestigious military intelligence unit, sells surveillance tools to governments around the world – which occasionally use them for political persecution
5 paths to a career in cybersecurity (Naked Security) We asked some professionals how they got into cybersecurity.
A Diverse Cyber Workforce is Critical in the Next Era in Technology & Business (Tenable™) We are at a critical inflection point in technology and business today.
ForeScout IPO: 5 reasons this cybersecurity company will be successful (CSO Online) IoT security company ForeScout is going public today. Its products, its management and the growing IoT market put it in a prime position to succeed.
Zscaler confidentially filed for security IPO (TechCrunch) Zscaler, a nine-year-old, San Jose, Calif.-based company, has filed confidentially for IPO, multiple sources tell TechCrunch. The cloud security outfit is..
Raytheon hits 'big milestone' with $1.2B Domino cyber win (Washington Technology) Raytheon CEO Tom Kennedy is rejoicing that the company has cleared its final bid protest hurdle and can now move forward with the $1.2 billion Domino cybersecurity contract.
Email glitch kills ManTech's bid for $98M cloud contract (Washington Technology) ManTech did nothing wrong but an email glitch effectively killed its attempt to win a $97.8 million cloud migration contract with the National Geospatial-Intelligence Agency.
Security Startup Cryptonite Makes Networks ‘Invisible’ to Attacke (SDxCentral) Security startup Cryptonite emerged from stealth mode and released its flagship product, a network appliance with embedded security software.
ReversingLabs Inducted Into JPMorgan Chase Hall of Innovation (Digital Journal) ReversingLabs today announced that it was inducted into the JPMorgan Chase Hall of Innovation.
Products, Services, and Solutions
LockPath and RiskRecon Partner to Increase Visibility into Third-Party Risk Management (LockPath.com) Through this partnership, joint customers of LockPath and RiskRecon will be able to obtain a verifiable assessment of each third-party’s security practices.
Thales makes unlimited mobile connectivity at sea possible (Defence Web) In a connected, mobile world, naval personnel want to use smartphones at sea without compromising security.
Symantec Expands Endpoint Security with Deception Technology (eWEEK) Symantec refreshes its endpoint protection portfolio with new deception capabilities and a mobile security product based on technology acquired from Skycure.
SaaS Company Ensures the Security of Its Infrastructure while Significantly Reducing Auditing Time (Netwrix) Enhanced control over Active Directory empowers AppRiver to mitigate security risks and minimize business downtime
Bitdefender Security Technology Now Integrated into Leading Network Security Provider (PRNewswire) Bitdefender, a leading global cybersecurity technology company...
New Kudelski Security Suite Aims to Improve Planning, Management and Reporting for Cyber Executives (PRNewswire) Kudelski Security, the cybersecurity...
Technologies, Techniques, and Standards
New PCI standard lets card users self-authenticate by web or mobile (SC Media UK) EMV® 3DS standard lets consumers authenticate themselves with their card issuers when buying online by using web browsers or via mobile applications.
Can DOD overcome its 'data hoarding' problem? (FCW) A senior Pentagon tech official said that when it comes to data protection, the Defense Department and other organizations must learn how to harness their data if they want to stay secure.
Companies buying Dark Web intelligence (Enterprise Times) Recorded Future is seeing increased interest from customers in threat intelligence from the dark web allowing harden their cyber security
How your security budget helps hackers win (SD Times) How has application security spending fallen so far out of line with the actual threats companies now face?
Design and Innovation
Bot-hunting Twitter bot sniffs out bogus political tweets (TechCrunch) If you've ever wondered if the hashtag heavy, politically far afield Twitter user you're about to eviscerate in 140 characters is totally delusional or merely..
Twitter reveals plan for tackling abuse. Again. (Naked Security) A leaked memo detailed Twitter’s latest attempt to crack down on trolls.
Research and Development
The race to quantum supremacy and its cybersecurity impact (Help Net Security) The race to quantum supremacy is real: governmental R&D is accelerating the crystallization of the quantum computer, with $1.6 billion already invested.
Academia
Northrop Grumman engages with students at King Saud University vs cyber-attacks (Saudi Gazette) Northrop Grumman – one of the world leaders when it comes to aerospace, defense, cyber security, command and control, unmanned aircraft, logistics, supply chains and advanced security – underscores the importance of collaborating with the government, local communities and organizations to be successful.
Legislation, Policy, and Regulation
Russian government condemns Twitter’s ad ban for Russia Today and Sputnik (TechCrunch) The Russian government officially slammed Twitter’s decision to ban Sputnik and Russia Today from its advertising products. The Director of the Information..
Raising the Drawbridge with an "International Cyber Stability Board" (The Cipher Brief) Coordinated actions are required to meet global challenges. We propose an International Cyber Stability Board.
Getting Encryption onto the Front Burner (Lawfare) We are fast moving to a world in which customers and users of all stripes become the exclusive gatekeepers of their own data and communications.
Lawmakers: Kaspersky episode suggests need for NIST cyber framework to play greater role (Inside Cybersecurity) Members of the House Science oversight subcommittee expressed bipartisan interest in an expanded role for the National Institute of Standards and Technology in responding to recent revelations about the data vulnerabilities from Kaspersky Lab software products...
U.S. Transportation Command's trailblazing transition to cloud computing enhances cyber processes (US Army) U.S. Transportation Command is the first Department of Defense organization to initiate migration of its cyber domain to a commercial cloud provider to improve mission assurance, while strengthening information technolog...
The US quietly widened government surveillance to include 'homegrown violent extremists' (Business Insider) The US government has expanded its definition of who can be surveilled to include 'homegrown violent extremists.'
Pentagon tech advisers want special career track, ‘innovation elevator’ for big thinkers (Defense News) A group of tech industry heavyweights thinks it is past time for the Pentagon to create a specialized career track for high-tech jobs.
Michigan House votes to exempt cybersecurity info from FOIA (Fifth Domain) Supporters of the bill say the new exemptions are designed to ease companies’ concerns about divulging private and sensitive data to police investigators that could be made public under the Freedom of Information Act.
Litigation, Investigation, and Law Enforcement
Joining the cyber community to conduct independent analysis of the DNC Hack (ThreatConnect) Recently, an article purported that the Democratic National Committee (DNC) turned down requests from FBI forensic units to look at its server and instead opted to use ThreatConnect and two other cyber security firms. While we cannot speak to the veracity of the first part of that statement, we can with certainty say that we (ThreatConnect) were not contracted by, nor did we work on behalf of, the DNC
Congress promises more hearings on Kaspersky (Cyberscoop) Wednesday's Congressional hearing on the ongoing Kaspersky Labs saga offered little substance or identifiable information on why the U.S. government is so hard pressed to get Kaspersky out of the U.S.
NSA contractor leaked US hacking tools by mistake, Kaspersky says (Guardian) User downloaded malware while pirating Microsoft Office before running virus scan on machine containing confidential software, says Russian firm’s founder
How Kaspersky Lab got on the US government's bad side (CNET) Here's what we know so far about the investigation into the cybersecurity firm's ties to Russia.
Isis fighter from High Wycombe wants to return to face justice in UK (Times) Shabazz Suleman was a former grammar school pupil from Buckinghamshire who had recently secured a place at Keele University when he vanished on a family holiday to Turkey three years ago. Since...
Why police agencies should embrace secure cloud storage (PoliceOne) Captain Milton McKinnon of the Hermosa Beach PD says the future of policing is in the cloud, which offers agencies improved data security and technical