Cyber attribution and acts of war. Social media's influence ops echo chamber. Oracle issues emergency patch.

Cyber Attacks, Threats, and Vulnerabilities

China Tests the Limits of Its US Hacking Truce (WIRED) As the Trump administration reups an anti-hacking agreement with China, security researchers say China is inching its toes up to that red line.

North Korea denies involvement in WannaCry cyber attack (The Financial Express) North Korea has slammed Britain for accusing it of being behind a global ransomware attack that hit the National Health Service, calling the allegation a "wicked attempt" to further tighten international sanctions against Pyongyang.

North Korea threat of above-ground bomb test serious, US says (Military Times) North Korea’s threat to detonate a hydrogen bomb above the Pacific Ocean is being treated as credible based on the regime’s past actions, U.S. officials here said.

Hamas-Linked 'Gaza Cybergang' Has New Tools, Targets (SecurityWeek) A threat actor believed to be linked to the Palestinian terrorist organization Hamas continues to target organizations in the Middle East and North Africa (MENA) region, and their operations now include some new tools and techniques, Kaspersky Lab reported on Monday.

Social Media: The Fifth Column in the Fifth Domain (The Cipher Brief) As representatives from Twitter, Facebook, and Google prepare to testify before Congress, we look at how these platforms fit into a larger Russian disinformation campaign.

Fakers have a free rein over political adverts (TImes) Imagine if a deluge of attractive women were to ask to be your friends on social media. Hundreds of them. All are pouting and have profile pictures of themselves in skimpy gym kits, holding coffee...

Google Bug Database Flaws Expose Severe Vulnerabilities (Dark Reading) A security researcher accessed the most critical bugs in Google products and services by spoofing a corporate email address.

Coinhive Miners Found in Android Apps, WordPress Sites (BleepingComputer) The malicious deployment of in-browser JavaScript-based cryptocurrency mining scripts has continued the past week, and we've seen them reach Android applications on the official Google Play Store, but we've also seen the first mass-deployment as part of a botnet of hacked WordPress sites.

Security Alert as USB Found Containing Heathrow Plans (Infosecurity Magazine) Security Alert as USB Found Containing Heathrow Plans. Unencrypted storage device featured highly sensitive info

Massive Identity Data Exposure Leads to Rising Tides of New Account Fraud — What's Next? (Security Intelligence) New account fraud is rising in popularity among cybercriminals due to the frequency with which users are opening new online banking accounts.

T-Mobile USA Calls Customers to Warn on SIM Hijacking (Infosecurity Magazine) A bug allowed hackers to access customers' email addresses, account numbers and phone IMSIs.

Dishwashers on the rampage: LG IoT security bug highlights risks of home automation (CIO) The discovery this week of a security vulnerability within SmartThinQ, a technology touted by LG for automating communication with its range of home appliances and devices, has reinforced the risks of remote Internet of Things (IoT) takeover as attackers progressively master new methods of attacking increasingly smart devices.

Hacking site hacked by hackers (Naked Security) It sounds funny, but remember: if hackers can be hacked, then so can you, if you aren’t careful

Dark Web Marketplace Offers Remote Access to Corporate PCs for $3-15 Each (eSecurity Planet) Ultimate Anonymity Services offers more than 35,000 RDPs for sale, including about 300 from the U.S.

Security Report: Median Price for DIY Ransomware Kit is $10.50 (MSP Mentor) The median price for a do-it-yourself (DIY) ransomware kit is just $10.50, helping to fuel a 2,502 percent year-over-year increase in the size of the ransomware marketplace on the dark web, according to new research from security vendor Carbon Black.

Report: Ransomware Authors Can Earn Double The Salary Of Legitimate Software Developers (Forbes) A recent report from cyber security firm Carbon Black says that software developers can make more money developing ransomware than at traditional software development jobs.

The Ransomware Economy (Carbon Black) How and why the Dark Web marketplace for ransomware Is growing at a rate of more than 2,500% per year

Majority of Employees Hit with Ransomware Personally Make Payment (Dark Reading) Office workers pay an average ransom of $1,400, according to a new report.

Security Patches, Mitigations, and Software Updates

Firefox takes a bite out of the canvas ‘super cookie’ (Naked Security) Finally, one of the major browsers is doing something about canvas fingerprinting

Oracle Patches Critical Flaw in Identity Manager (Security Week) Oracle informed customers on Friday that its Identity Manager product is affected by a critical vulnerability that can be easily exploited by malicious actors.

Oracle scores ten out of ten - for a critical security flaw in Oracle Identity Manager (Computing) Patch without delay, urges Oracle

Cyber Trends

A Lack of Cybersecurity Talent Is Driving Companies to Use AI against Online Attacks (MIT Technology Review) A shortage of humans to fight cybersecurity battles is causing companies to turn to machines.

Recorded Future Raises $25M From Insight Venture Partners to Further Extend Leading Position in Threat Intelligence (PRNewswire) Recorded Future, the leader in threat intelligence (TI), today announced it has...

Government cybersecurity trends and challenges (Enterprise Innovation) Joe Jarzombek was the former Director for Software and Supply Chain Assurance at the U.S. Department of Homeland Security, and former Deputy Director for Information Assurance at the U.S. Department of Defense. Mr Jarzombek shares his insights with eGov Innovation on government cybersecurity trends and the importance of building secure-quality software.

Marketplace

Grossman: Cyberinsurance market is like the 'Wild West' (SearchSecurity) SentinelOne's Jeremiah Grossman discusses cyberinsurance market growth and opportunities, as well as the prospect of software liability.

Deloitte continues enterprise technology acquisition spree with consultancy firm JKVine (CRN Australia) Four co-owners and 30 staff join Deloitte's platform engineering practice.

CenturyLink acquisition of Level 3 receives approval from Federal Communications Commission (CenturyLink) The Federal Communications Commission (FCC) has approved CenturyLink, Inc.'s (NYSE: CTL) pending acquisition of Level 3 Communications, Inc. (NYSE: LVLT). The FCC's approval follows prior...

Continental said to be in talks to buy Argus Cyber Security (Automotive News) Continental is in advanced talks to buy Israel's Argus Cyber Security, which has developed technology to protect connected cars from hacking, for about $400 million, Israeli media reported on Monday.

Moving Target Defense Startup Cryptonite Emerges From Stealth (Security Week) Cryptonite, a Rockville, Maryland-based startup that aims to prevent reconnaissance and lateral movement in the network using moving target defense and micro-segmentation technologies, has emerged from stealth mode.

Startups selected to participate in LaunchVic-backed cyber security accelerator program | OpenGovAsia (Open Gov Asia) Participants will work alongside Deakin University researchers with tech expertise and travel to Israel and the US.

World Class Cybersecurity Expert Joins WRFX As CEO Of Paranotek (TheStreet) WorldFlix, Inc. (OTC:WRFX), a mobile application and end-to-end encryption software company focused on corporate data security, today announced that international cybersecurity expert Mick Davis has been appointed as the new CEO of Paranotek, the company's wholly owned security subsidiary.

Cato Networks Expands Sales Leadership As Global Momentum Grows For Secure, Cloud-Based SD-WAN (Cato Networks) Nick Fan to serve as Vice President of Sales for Americas, Nate Grinnell to serve as Senior Director of Channel Sales

Products, Services, and Solutions

SentinelOne Announces Lateral Movement Detection Engine to Catch Unauthorized Network Movement from Malicious Actors   (SentinelOne) Real life customer story highlights threat of lateral network infiltration in wake of Bad Rabbit ransomware attack

IBM Trusteer New Account Fraud (IBM) Seamlessly assessing the risk of new digital identities

Technologies, Techniques, and Standards

Full Spectrum Highlights the Publication of New Wireless Standard for the Industrial Internet of Things (GlobeNewswire News Room) IEEE 802.16s – New wireless standard lays groundwork for adoption of the industrial internet, addressing key concerns related to security, reliability and robust coverage

Lessons learned from the most impactful breach (Channel Post MEA) Post Equifax threat, Alastair Paterson, CEO and Co-Founder at Digital Shadows reflects on the lessons we can learn before, during and after discovering a bre

Navy enhancing its electronic warfare systems (C4ISRNET) Engility Corp. has been awarded a modification on a five-year contract to perform EW services for U.S. Navy and Australian aircraft.

Blockchain courts will offer effective dispute resolution in smart contracts (The Next Web) Arbitration is a fundamental aspect of human relationships be it social, professional, or business relationships. The emotional and psychological composition of humans cannot be absolutely prevented from interfering during the execution of contractual agreements and processes. Contractual disputes Disputes over contracts aren’t always caused by ulterior motives or deliberate intentions to short-change another party. Sometimes, …

Design and Innovation

Can ARM save the Internet of Things? (Naked Security) Can the IoT be saved from its breakneck growth and breathtaking insecurity?

Research and Development

Artificial intelligence beats Captcha at its own game (Inquirer) Yes, it's been cracked. Again. But this time by a machine,Boffin Watch ,Boffin Watch,AI,Security

'Instant replay' for computer systems shows cyber attack details (Science Daily) Until now, assessing the extent and impact of network or computer system attacks has been largely a time-consuming manual process.

Academia

UMD students won a cybersecurity competition that was like virtual capture-the-flag (The Diamondback) More than 500 teams took part in the competition.

Legislation, Policy, and Regulation

EU to Declare Cyber-Attacks “Act of War” (Infosecurity Magazine) EU to Declare Cyber-Attacks “Act of War”. Member states set to sign new diplomatic framework

EU may struggle to prove cyber attack links, warns expert (ComputerWeekly) EU governments are reportedly planning to respond to cyber attacks as an act of war, but a cyber security expert says links to nation states may be hard to prove.

Attribution is what states make of it (European Council on Foreign Relations) It is high-time for the Europeans to wake up from their hopes and dreams to build norms and rules for state behaviour in cyberspace.

Cybercom Establishes Strategic Concepts to Mitigate Cyber Threats to Natl Security - Executive Gov (Executive Gov) The U.S. Cyber Command has developed an operational approach to defensive cyber operations and strat

The Cyber Cold War (Bulletin of the Atomic Scientists) Is the Cyber Mission Force prepared?

DHS Says Most Agencies On Track To Cut Kaspersky Products (Law360) Most federal agencies are on track to timely find and remove Kaspersky Lab products from their information systems in response to concerns about potential security risks, with less than half having identified Kaspersky products on their systems so far, a U.S. Department of Homeland Security official said Friday.

Agencies complete step one of DHS cyber directive, now comes the hard part (FederalNewsRadio.com) The Homeland Security Department says agencies have 30 days to come up with a plan to remove Kaspersky Lab products from their networks.

Guide to Section 702 Value Examples (IC on the Record) Consistent with the Principles of Intelligence Transparency, the ODNI has released volumes of information to enhance public understanding of Section 702 of the Foreign Intelligence Surveillance Act (FISA).

Kemp Applying For Federal Security Clearance With US Homeland Security (90.1 FM WABE) If his application for “secret” level clearance is approved, Georgia’s top election official would be privy to intelligence from the U.S. Department of Hom

Aadhaar a threat to national security, will approach PM Modi: Subramanian Swamy (Zee News) Subramanian Swamy took to Twitter and tweeted that he will soon write a letter to PM Modi detailing how compulsory Aadhaar poses a threat to the country.

Mozilla Wants to Distrust Dutch HTTPS Provider Because of Local Dystopian Law (BleepingComputer) Mozilla engineers are discussing plans to remove support for a state-operated Dutch TLS/HTTPS provider after the Dutch government has voted a new law that grants local authorities the power to intercept Internet communications using "false keys."

Litigation, Investigation, and Law Enforcement

Robert Mueller’s Opening Salvo Is a Show of Strength (Foreign Policy) A quick and dirty analysis on the Manafort and Papadopoulos cases.

What the Papadopoulos Plea Says About Mueller's Next Moves (WIRED) With a plea agreement from Trump campaign adviser George Papadopoulos, special counsel Robert Mueller showed that he knows how to keep a secret—and that this investigation is just getting started.

Researchers Say Paul Manafort Referenced James Bond in His Adobe and Dropbox Passwords (Motherboard) The ex-Trump campaign chairman was indicted in special investigator Robert Mueller’s Russian probe Monday.

Tony Podesta stepping down from lobbying giant amid Mueller probe (POLITICO) Podesta announced his decision during a firm-wide meeting Monday morning and is alerting clients of his impending departure.

Week ahead: Tech giants to testify publicly on Russian interference (TheHill) Executives from Facebook, Twitter and Google will appear publicly before the House and Senate as lawmakers press forward with their investigations into Russian election interference.

Russian-backed content may have reached 126 million on Facebook (TechCrunch) Facebook has reportedly upped its estimate of how much content was produced by Russian-backed actors during the election and how widely that content was seen...

Tech Giants Disclose Russian Activity on Eve of Congressional Appearance (Wall Street Journal) Facebook, Google and Twitter are set to divulge new details showing that the scope of Russian-backed manipulation on their platforms before and after the U.S. presidential election was far greater than previously disclosed, reaching an estimated 126 million people on Facebook alone, according to people familiar with the matter, prepared copies of their testimonies and a company statement.

What Congress Should Ask Tech Executives About Russia (WIRED) Executives from Facebook, Google, and Twitter will testify to three congressional committees about Russia and the 2016 election.

Bulgarian official calls for integrated efforts against cybercrime (Xinhua) Bulgarian vice interior minister Milko Berner on Monday said responding to cybercrime required a comprehensive cross-border integration of efforts by public, private and non-governmental actors.

ESET research team assists FBI in Windigo case – Russian citizen sentenced to 46 months (WeLiveSecurity) Relating the collaboration between ESET experts and the FBI about the Windigo's operation, which ended with the sentencing of Maxim Senakh.

Police Probe Hack of London Plastic Surgery Clinic (Security Week) British police said Tuesday they were investigating the theft of data from a London plastic surgery clinic, with reports that sensitive images of celebrities have been stolen.

For a complete running list of events, please visit the Event Tracker.

Upcoming Events

Third International Conference on Information Security and Digital Forensics (ISDF 2017) (Thessaloniki, Greece, Dec 8 - 10, 2017) A 3 day event, with presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures.

Cyber Security Indonesia 2017: Shaping National Capacity for Cyber Security (Jakarta, Indonesia, Dec 6 - 7, 2017) Cyber Security Indonesia 2017 exhibition and conference, brought to you by the organisers of the Indonesia Infrastructure Week, will bring cyber security solutions providers together with key government and private sector decision makers, buyers, and influencers in order to meet and do business and to advance resilience against cyber attack.

National Insider Threat Special Interest Group Meeting (Virginia Chapter) (Herndon, Virginia, USA, Dec 5, 2017) The National Insider Threat Special Interest Group (NITSIG) is excited to announce it has established a Virginia Chapter. NITSIG Members and others may attend meetings at no charge. Attendees will receive comprehensive guidance and best practices for establishing and managing an Insider Threat Program. Anyone concerned with employee threat identification and mitigation will gain valuable knowledge from attending meetings. This meeting will focus on human resources interaction with an insider threat program and behavioral indicators of insider threat.

Cyber Security Summit Los Angeles (Los Angeles, California, USA, Nov 30, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Los Angeles. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Los Angeles is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

Cyber Security, Oil, Gas & Power 2017 (London, England, UK, Nov 29 - 30, 2017) ACI’s Cyber Security - Oil, Gas, Power Conference will bring together key stakeholders from energy majors and technology industries, to discuss the challenges and opportunities found in the current systems. The conference will also promote essential collaboration between decision makers and technology experts, in order to streamline solutions to resist cyber threats and attacks.

INsecurity (National Harbor, Maryland, USA, Nov 29 - 30, 2017) INsecurity is for the defenders of enterprise security—those defending corporate networks—and offers real-world case studies, peer sharing and practical, actionable content for IT professionals grappling with security concerns. INsecurity will feature some of the industry’s most recognized and knowledgeable CISOs and IT security experts, in a setting that is conducive to interaction and conversation.You’ll have a chance to meet colleagues in the cybersecurity profession to discuss the everyday challenges you face in protecting enterprise data. And you’ll get in-depth insights on how other organizations perform security best practices, and how they manage their teams.

INsecurity (National Harbor, Maryland, USA, Nov 29 - 30, 2017) Organized by Dark Reading, the web’s most trusted online community for the exchange of information about cybersecurity issues. INsecurity focuses on the everyday practices of the IT security department, and real-life methods that you can use to shore up your own enterprise defenses. It will also feature some of the industries most recognized and knowledgeable CISOs and IT security experts, in a setting that is conducive to interaction and conversation. Use Promo Code CYBERWIRE100 for $100 off the current rate.

AutoMobility LA (Los Angeles, California, USA, Nov 27 - 30, 2017) The Los Angeles Auto Show Press & Trade Days and Connected Car Expo have MERGED to form AutoMobility LA, the new auto industry’s first true trade show. Register to join us in Los Angeles this November.

Global Conference on Cyberspace (GCCS) (New Dehli, India, Nov 23 - 24, 2017) The Global Conference on Cyberspace (GCCS) aims to deliberate on the issues related to promotion of cooperation in cyberspace, norms for responsible behaviors in cyberspace and to enhance cyber capacity building. The fifth conference, planned to be the biggest in magnitude, shall take place at New Delhi, India on 23-24 November 2017.

Aviation Cyber Security (London, England, UK, Nov 21 - 22, 2017) Join us on November 21/22 in London, England for the Cyber Senate Aviation Cyber Security Summit. We will address key issues such as the importance of information sharing and collaboration, supply chain and third party risk, incident response, integrating of cyber security and safety, IT and OT convergence, Security Operations Centres and much more as we further develop our collective insight in how we can mitigate risk and develop resilient end to end networks capable of delivering safety and value to all stakeholders.

Cyber Security Opportunities in Mexico Webinar (Washington, DC, USA, Nov 15, 2017) Learn about the cyber security opportunities in Mexico. Mexico is ranked 28th out of 164 countries in the ITU's 2017 Global Cyber Security Index. Companies spend approximately 3.5% of their IT budgets on cyber security products and services. Currently, the cost to Mexico's overall economy imposed by cyber attacks is more than US$3 billion. The country is a manufacturing powerhouse and is increasingly implementing automated processes. It is also highly integrated with the global financial system.

Federal IT Security Conference (Columbia, Maryland, USA, Nov 14, 2017) The Federal IT Security Institute (FITSI) in partnership with Phoenix TS in Columbia, MD is hosting the second annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private industry will be in attendance discussing the themes and trends that are influencing the Federal/DoD cyber landscape.

Sector (Toronto, Ontario, Canada, Nov 13 - 15, 2017) Illuminating the Black Art of Security. Now entering its 11th year, SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving underground threats and corporate defences. The conference provides an unmatched opportunity for IT Professionals and Managers to connect with their peers and learn from their mentors.

Countermeasure (Ottawa, Ontario, Canada, Nov 9 - 10, 2017) Now into its sixth year in Ottawa, and consistently advancing in both size and content quality, COUNTERMEASURE continues to be the national capital's premier IT security event. As in years past, attendees can expect up to three days of professional skills training prior to the two-day main conference. All content will be delivered by some of the world's most knowledgeable and influential IT security experts in private, public, and research sectors.

2017 ICIT Gala & Benefit (Washington, DC, USA, Nov 9, 2017) The Annual ICIT Gala and Benefit is the year’s most prestigious and intimate gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This black-tie event will celebrate the accomplishments of the most influential members of our community as well as the efforts of today’s most impactful cybersecurity leaders. The funds raised from this Benefit will be used to help sustain and grow the Institute’s research, publications, and educational activities for the communities it serves.

4th Annual Journal of Law & Cyber Warfare Conference (New York, New York, USA, Nov 9, 2017) Join thought leaders across the industry for a day of collaboration and education with an outstanding group of cyber security experts. In this one-day program, we continue JLCW's 5+ year reputation for presenting cutting-edge, practical, and balanced training for cyber security lawyers, in-house legal personnel, cyber security service providers, law enforcement, military, members of the bar, bench, and ambassadors and consul generals from all over the world.

Fourth Annual JLCW Conference (New York, New York, USA, Nov 9, 2017) The 2017 Journal of Law and Cyber Warfare symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from experts on cyber security and cyber warfare from the military, government, private industry, and the public sector. Our panels are designed to provide attendees with thought leadership from a diverse group of experts who will share their experience and knowledge-base regarding topical cyber security issues.

SINET Showcase 2017 (Washington, DC, USA, Nov 8 - 9, 2017) SINET – Washington DC provides a platform to identify and highlight “best-of-class” security companies that are addressing the most pressing needs and requirements in Cybersecurity. As always, this event showcases the SINET 16, the annual list of the most innovative young companies in the industry.

CyCon US (Washington, DC, USA, Nov 7 - 8, 2017) The 2017 International Conference on Cyber Conflict U.S. (CyCon U.S.) will take place 7-8 Nov 2017 at the Ronald Reagan Building in Washington D.C. CyCon U.S. facilitates knowledge generation and information exchange across the cyber community, and includes participation from military, government, academia, and industry from around the world. The conference promotes security initiatives and furthers research on cyber threats and opportunities. CyCon U.S. is a collaborative effort between the Army Cyber Institute at the United States Military Academy and the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia.

RSA Conference 2017 Abu Dhabi (Abu Dhabi, UAE, Nov 7 - 8, 2017) RSA Conference 2017 Abu Dhabi is the leading information security event in the region. This year's Conference will take place 7 to 8 November at the Emirates Palace in Abu Dhabi. Join us for two days of engaging sessions and intense networking. Get exposure to innovative technologies and leadership that will help secure your organization and your future.