Cyber Attacks, Threats, and Vulnerabilities
App Stores that Formerly Coddled ZNIU Found Distributing a New iXintpwn/YJSNPI Variant (TrendLabs Security Intelligence Blog) App Stores that Formerly Coddled ZNIU Found Distributing a New iXintpwn/YJSNPI Variant
Threat Actor Profile: KovCoreG, The Kovter Saga (Proofpoint) KovCoreG, a financially motivated threat actor active since at least 2011, made headlines recently when Proofpoint researchers uncovered a long-running malvertising campaign distributing Kovter ad fraud malware via social engineering.
Silence Gang Borrows From Carbanak To Steal From Banks (Threatpost) A cybercrime outfit stealing from as many as 10 banks in Russia, Armenia and Malaysia has borrowed heavily from one of the kingpins in this realm, Carbanak.
"Silence" Trojan Records Pseudo-Videos of Bank PCs to Aid Bank Cyber-Heists (BleepingComputer) Kaspersky Lab experts have found a new trojan that was deployed to aid cyber-heists of banks in Russia, Armenia, and Malaysia. Experts named the new trojan Silence.
Silence Please: New Carbanak-Like Group Attacks Banks (Infosecurity Magazine) Silence Please: New Carbanak-Like Group Attacks Banks. Kaspersky Lab reveals sophisticated monitoring techniques
Ramnit worm: Still turning up in unlikely places (Symantec Security Response) Over 90 Ramnit-infected apps removed from Google Play.
Apple, Samsung and Huawei phones hacked on day one of Mobile Pwn2Own (CSO Online) Apple's iPhone 7 running iOS 11.1, the Samsung Galaxy S8 and the Huawei Mate 9 Pro were hacked on the first day of Mobile Pwn2Own.
How Wireless Intruders Can Bypass NAC Controls (Dark Reading) A researcher at this month's SecTor conference will demonstrate the dangers of not employing EAP-TLS wireless security.
CryptoShuffler Stole $150,000 by Replacing Bitcoin Wallet IDs in PC Clipboards (BleepingComputer) The operators of a malware strain identified as CryptoShuffler have made at least $150,000 worth of Bitcoin by using an extremely simple scheme.
Popular ‘Circle with Disney’ Parental Control System Riddled With 23 Vulnerabilities (Threatpost) Popular parental monitoring system, called Circle with Disney, receives 23 patches for a wide range of serious vulnerabilities.
Dark Web Marketplace Offers Remote Access to Corporate PCs for $3-15 Each (eSecurity Planet) Ultimate Anonymity Services offers more than 35,000 RDPs for sale, including about 300 from the U.S.
Duo Peers Inside The Phishing Economy (Tom's Hardware) There's an entire phishing economy, and the Duo security company analyzed thousands of sites to see how things operate behind the scenes.
15 real-world phishing examples — and how to recognize them (CSO Online) How well do you know these crafty cons?
Google Doc users locked out of files due to code error (Computing) Issue now fixed, but lasted for around a day, due to code that was not properly checked,Software ,Google,Google Docs
Security Patches, Mitigations, and Software Updates
Apple Patches KRACK Vulnerability in iOS 11.1 (Threatpost) Apple has patched the KRACK vulnerability in iOS and elsewhere in its product line, closing a key re-installation vulnerability in the WPA2 protocol implemented used by its software.
WordPress Delivers Second Patch For SQL Injection Bug (Threatpost) A bug exploitable in WordPress 4.8.2 and earlier creates unexpected and unsafe conditions ripe for a SQL-injection attack.
Cyber Trends
Selected thoughts from 2017 ICS Cyber Security Conference (Control Global) The 17th ICS Cyber Security Conference was held 10/23-26/17 in Atlanta. The detailed agenda can be found at www.icscybersecurityconference.com. CyberWire covered the Conference and provided daily commentary - https://thecyberwire.com/events/ics-security/safety-and-availability.html
Six things the security industry can expect from 2018 (Channel Life) As the end of the calendar year wraps up, the security industry is preparing for what 2018 may bring.
A closer look at hybrid cloud security challenges (Help Net Security) Most enterprises face major challenges when managing security across their hybrid enterprise networks both during and after cloud migrations, according to
Quarter of Firms Allow Password-Only BYOD Security (Infosecurity Magazine) Quarter of Firms Allow Password-Only BYOD Security. Bitglass study reveals weakness in enterprise endpoints
Marketplace
The Race for AI Company Acquisitions: Why It's Happening, and Its Lessons for You (Entrepreneur) The explosion of big data and interest in it have created a need for technology solutions to control, organize and analyze all this information.
Defence broadens engagement with cyber security sector (Defence Connect) Academia and industry are being urged to join Defence as it seeks to expand its partnerships with Australia's innovation and cyber security community. Defence Science and Technology (DST) Group and C
Forging closer links with commercial partners crucial for military (Financial Review) The mindset of the Next Generation Technologies Fund is the realisation that government and defence need to have stronger relationships with commercial partners.
Facebook's Zuckerberg says he's 'dead serious' about Russia, warns security spending will hurt profits (USA TODAY) After being grilled by Washington lawmakers, Facebook CEO Mark Zuckerberg warned new security measures post Russia interference will cut into profits.
Security Stocks Take A Hit: Symantec, FireEye, Check Point Fall (Investor's Business Daily) Symantec said Wednesday that fiscal second-quarter adjusted earnings were 30 cents a share, up 33% from a year ago.
Sheffield cyber security start-up set to work with GCHQ (Star) Sheffield start-up Ioetec has been selected to join an "accelerator" run by government listening post GCHQ to create the next generation of leaders in cyber security.
CSRA team nabs $163M endpoint security contract from DISA (Fedscoop) SRA International, a team under IT contractor CSRA, received a $163 million contract to serve as the primary integrator for the Defense Information Systems Agency’s Endpoint Security Solution program. As the integrator for the ESS program, awarded on the General Services Administration’s Alliant governmentwide contract, CSRA will be in charge of leading the Defense Department’s detection, …
How Sanjay Katkar built India’s most successful IT security firm Quick Heal (YourStory.com) From a chawl in Pune to building Quick Heal, Sanjay Katkar’s journey to being the one of the most successful tech entrepreneurs of India.
Products, Services, and Solutions
Digital Defense’s “Daylight Scanning Time” Helps IT Security Teams Avoid Working Late Nights or Weekends (GlobeNewswire News Room) Frontline Vulnerability Manager™ Scanning Engine enables security scans during business hours
Avanan Selects Lastline to Boost Malware Detection and Visibility for Endpoint and Web Gateway Security (Lastline) Avanan joins a growing community of cybersecurity vendors that integrates Lastline’s industry-leading technology...
Which vulnerability to fix first? Kenna Security has the answer (CSO Online) Kenna's vulnerability management platform is designed to prioritize the most dangerous vulnerabilities. Here's how it works.
Dashlane 5: Designed to Work Everywhere, For Everyone (Business Insider) One of world's most trusted digital security companies unveils latest password management features
Detecting the Cyber Enemy Within (Design News) Once the firewalls are up, it’s time to seek out the latent cyber bug.
EclecticIQ launches Fusion Center Intelligence Essentials (Global Security Mag Online) EclecticIQ launches EclecticIQ Fusion Center Intelligence Essentials, a first-in-the-industry service that merges and normalizes 50+ intelligence sources into a single feed, providing contextual qualification for human analysts.
Technologies, Techniques, and Standards
NAO highlights need for co-ordinated comms within NHS to counter future cyber-attacks (PR Week) The National Audit Office's investigation into this year's WannaCry cyber-attack on the NHS has called for a more co-ordinated comms response from central and national health bodies in the event of a similar attack in the future.
Enrollment for threat sharing program continues to lag (FCW) The federal government has big plans for the Automated Indicator Sharing program, but agency officials and members of Congress continue to express frustration at the sluggish pace of enrollment.
Shadow IT: Assess it, don't just shut it down, say CIOs (Computing) A panel of experts at a recent Computing event explain that shadow IT can help the business, once the security risks have been assessed.
Build an ultra-secure Microsoft Exchange Server (CSO Online) Yes, it's possible to do a Microsoft Exchange Server deployment that is secure enough for all but the most sensitive information. Here's how to do it.
How to secure a software-driven technology stack in a cloud of moving parts (Register) Automate all the things
Cyber insurance becoming a key defense in digital world (Cody Enterprise) If you’ve never thought about buying insurance to protect against losses resulting from phishing, ransomware, unsolicited emails, cookie theft or other hacking tactics in the digital world, you’re not alone.
How shared cloud security assessments can benefit enterprises (SearchSecurity) Explore the benefits of shared cloud security assessments and how they can help service providers become more efficient with expert Nick Lewis.
7 tips to reduce risks of data breaches (Help Net Security) Traditional approaches are not working, and companies need to completely rethink their security approach in order to reduce security risk.
3 Facts Social Media Marketers Should Know About Cloud Security (Nibletz) Social media marketing is a data intensive undertaking that collects sensitive data from both target demographics and the client. Marketers collect information for their clients, have sensitive information about upcoming marketing campaigns, and obtain personal information from those who willingly t
VERIFY: Is The Government Planning a Nationwide Blackout on Nov. 4th? (WFMY) The U.S. military is debunking a claim that says the government has plans to enact a nationwide blackout on November 4th.
One Bitcoin Transaction Now Uses as Much Energy as Your House in a Week (Motherboard) Bitcoin’s surge in price has sent its electricity consumption soaring.
Design and Innovation
Quantum resistant tech wins big at ARM TechCon (Computing) IoT security a major topic at ARM TechCon,Chips and Components ,ARM,Cyber security,SecureRF,IoT,Internet of Things
Now anyone can fool reCAPTCHA (Naked Security) unCaptcha “requires minimal resources to mount a large-scale successful attack”
Research and Development
Quantum particles can transmit perfectly secure messages, but only in theory—until now (MIT Technology Review) Physicists can only tell whether a quantum message has been overheard after the fact. Now they’ve found a way around this problem.
Academia
Over One Million People Enroll in Online Crypto Class (Bitcoin News) Bitcoin's rise in valuation has created new student demand for learning about cryptography. Stanford now offers a free online course.
Northrop Grumman Launches 2017-2018 CyberCenturion Competition (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE: NOC) has launched this year’s CyberCenturion, the U.K.’s national youth cyber defence competition for 12-18 year olds. A record 575 teams, made up of more 2,500 students, including 116...
Local college students receive 'Cyber Warrior Diversity Certifications' (WMAR) Northrop Grumman and Digital All City presented Morgan State and Coppin State University students with Cyber Warrior Diversity Certifications.
Engility, Center For Cyber Safety And Education Announce CyberWarrior Scholarship (Engility) Scholarship program empowers military veterans
Legislation, Policy, and Regulation
Will the United States Ever Set Red Lines in CyberSpace ? (CyberDB) As the global community seeks avenues to collaborate on an array of cyber issues it is imperative that red lines be set to define acceptable state behavior
US government wants “keys under doormat” approach to encryption (Naked Security) It’s not exactly plaintext copies of all your communications, but that doesn’t make it OK
Punching the Wrong Bag: The Deputy AG Enters the Crypto Wars (Lawfare) Deputy Attorney General Rod Rosenstein’s speech on encryption reveals law enforcement’s misunderstanding of risks.
Securing the homeland means reauthorizing bulk surveillance (TheHill) Failure to reauthorize the Section 702 program would put America at risk of another 9/11.
Halloween is over — but surveillance state boosters still want to scare us (Salon) Senate Intelligence Committee hopes to pass off major expansion of NSA's spy powers as "reform." No thanks
The Zero Day Problem (ASIS Security Management) A series of cyberattacks leveraging a vulnerability discovered by the U.S. National Security Agency renews debate about storage of zero-day vulnerabilities
HHS continuing to push for health care cyberthreat sharing (Fedscoop) Sharing cyber-threat information between public and private sector partners is becoming the prescription for the Department of Health and Human Services.
U.S. ports lack key cyber tools (FCW) The NotPetya attack in June that briefly crippled shipping giant Maersk is a reminder that maritime cybersecurity vulnerability is a problem with global reach.
Members of Congress want you to hack the US election voting system (Ars Technica) Bug-bounty program would exempt participants from federal hacking laws.
Electronic security vital to protect the country’s cyberspace (Post Courier) Security of cyberspace is crucial for the country.
Litigation, Investigation, and Law Enforcement
New York truck attack suspect charged with terrorism offense, FBI says he plotted to carry out attack for ISIS (Washington Post) Authorities believe the attacker, who pledged allegiance to ISIS, was a lone wolf.
For Uzbeks, Radicalization Often Begins Abroad (Foreign Policy) The Islamic State has ramped up its Russian-language recruitment.
Analysis: CIA releases massive trove of Osama bin Laden's files (FDD's Long War Journal) The CIA is releasing hundreds of thousands of documents, images, and computer files recovered during the May 2011 raid on Osama bin Laden's compound in Abbottabad, Pakistan. The newly-available material provides invaluable insights into the terrorist organization that struck America on September 11, 2001.
Inside Bin Laden’s Files: GIFs, Memes, and Mr. Bean (WIRED) A newly released trove of 470,000 files seized from Osama bin Laden's compound include some internet classics—and links to Iran.
Eight Revealing Moments From the Second Day of Russia Hearings (WIRED) Two hearings Wednesday revealed new details of how Russia used propaganda to divide and anger Americans.
Social media firms urged to do more to combat 'start of cyberwarfare' (Fifth Domain) Lawmakers demanded answers Wednesday from leading social media companies about why they haven’t done more to combat Russian interference on their sites, and said congressional action might be needed in response to what one Democrat called “the start of cyberwarfare” against American democracy.
Here Are 14 Facebook and Instagram Ads that Russian Trolls Bought to Divide Americans (Motherboard) Lawmakers released some ads purchased on Facebook and Instagram by Russian government-linked entities.
Russian Facebook Trolls Got Two Groups of People to Protest Each Other In Texas (Motherboard) A US Senator revealed on Wednesday that Russian trolls organized a simultaneous protest and a counter-protest in Texas in 2016.
Here are the Kremlin-backed Facebook ads designed to foment discord in US (Ars Technica) Ads bash Clinton before election and cap on Trump after he won the presidency.
Here’s how Russia targeted its fake Facebook ads and how those ads performed (TechCrunch) It's impossible to know just how much stuff being circulated on social networks is Russian state content in sheep's clothing, although tech companies are..
Twitter Buried #DNCLeak, #PodestaEmails Tweets In Last Two Months Of Campaign (The Daily Caller) Twitter buried significant portions of tweets related to hacked emails from the Democratic National Committee and Clinton campaign chair John Podesta in the last two months of the 2016 presidential ca
Why Twitter Is the Best Social Media Platform for Disinformation (Motherboard) It is time for Twitter to confront bots, extremists, and hostile spies by owning up to its own values.
Opinion | The Mueller indictments aren’t proof of Trump-Russia collusion — just bad judgment (Washington Post) And Russia’s spy network sought to exploit that weakness.
Sir Michael Fallon admits falling short and leaves the job he loved (Times) Next February was to be a special month for Sir Michael Fallon. It would mark the moment he became the longest-serving Conservative defence secretary in history — a point that the senior minister...
Georgia insists server deletion was “not undertaken to delete evidence” (Ars Technica) "Narrative asserted in the media that the data was nefariously deleted… is without merit."
Arrest Made In FireEye Corporate Network Hacking Attempt (CRN) "I am pleased that, in this case, we were able to impose repercussions for the attacker and achieve a small victory for the good guys," said FireEye CEO Kevin Mandia.
Hilton Told to Pay Up After Mishandling Data Breaches (Infosecurity Magazine) The hotel giant took nine months to notify customers about a point-of-sale attack in 2014.
Student charged by FBI for hacking his grades more than 90 times (Naked Security) The 22-year-old student used a keylogger he called the “Hand of God.”
Coin offerings using celebrity glitter may not be golden, SEC warns (TechCrunch) A slew of media stars have hitched their stars to various virtual currencies, lending their social media outreach and luster to projects that have seemed less..