Cyber Attacks, Threats, and Vulnerabilities
Pentagon Accidentally Exposes Web-Monitoring Operation (PCMAG) Anyone with a free AWS account could have accessed the data, which was stored on three cloud-based storage servers.
Massive US military social media spying archive left wide open in AWS S3 buckets (Register) Dozens of terabytes exposed, your tax dollars at work
Pentagon contractor spied on social media, had unsecured data in cloud (CSO Online) Researcher discovered three unsecured AWS storage buckets containing at least 1.8 billion scraped social media posts collected as part of military web monitoring program.
Pentagon contractor leaves social media spy archive wide open on Amazon (Ars Technica) Trove included more than 1.8 billion posts spanning eight years, many from US people.
Australian broadcaster hit by data breach (ComputerWeekly) The Australian Broadcasting Corporation is the latest organisation to fall prey to misconfigured Amazon S3 storage buckets, exposing database backups and sensitive data such as login credentials
Aussie Broadcaster Left Two Years of Back-ups Exposed (Infosecurity Magazine) Aussie Broadcaster Left Two Years of Back-ups Exposed. ABC is latest firm to misconfigure Amazon S3 buckets
Barrage of tweets on independence linked to Russia (Times) Almost 400,000 Twitter messages about Scottish independence were posted by fake accounts, most believed to be Russian. Researchers say that hundreds of automated accounts — so-called Twitter bots —...
Embattled Russian IT security company blames Microsoft for NSA hack (Public Radio International) Kaspersky has come under fire, accused of providing back-door access to the Russian government. But the company is firing back.
Pentagon warned of Kaspersky products 13 years before government-wide ban: Report (The Washington Times) The Pentagon’s intelligence agency flagged Russian software company Kaspersky Lab as a potential threat as far back as 2004, thirteen years before the Department of Homeland Security banned the government from using its products, The Wall Street Journal reported Friday.
U.S. Flagged Russian Firm Kaspersky as Potential Threat as Early as 2004 (Wall Street Journal) A Russian cybersecurity firm whose products current and former U.S. officials suspect Moscow has used as a tool for spying was flagged by U.S. military intelligence as a potential security threat as early as 2004.
Russian link to GCHQ alerts (Times) A British intelligence agency has based warnings about hacking threats on research by a controversial Russian cybersecurity company. The National Cyber Security Centre (NCSC), part of GCHQ, has...
British spies citing controversial security company run by a former KGB-trained intelligence expert (The Telegraph) British spies have been citing a controversial security company, which is run by a former KGB-trained intelligence expert, to help warn the public about cyber and hacking attacks.
A second variant of the new Cryptomix Ransomware released in a few days (Security Affairs) Malware researchers at MalwareHunterTeam discovered a new variant of the CryptoMix ransomware, the second one in just a few days.
Beware Catphishing attacks targeting the hearts of security pros (SC Media UK) Malwarebytes researchers are warning IT workers seeking love online to beware
Cybercriminal Abuse of Rewards Points (Flashpoint) Flashpoint has observed cybercriminal chatter about the exploitation of rewards points programs, especially those associated with travel.
Number of DDoS Attacks Have Doubled in Six Months As Criminals Leverage Unsecured IoT Devices (BusinessWire) The number of DDoS attacks has doubled in six months as criminals leverage unsecured IoT devices.
Attack of the cyber-bees: self-learning hivenets to replace botnets in 2018 (SC Media UK) Highly destructive, self-learning 'swarmbots' driven by hivenets will be the threat trend for next year said Fortinet global security strategist, Derek Manky.
Cybersecurity firm warns of advances in cybercrime (Manila Bulletin Business) Cybersecurity company Fortinet issued new warnings in the cybercrime world with threats ranging from the more advanced hivenets and swarmbots built on machine learning and artificial intelligence (AI) technologies which will hit mobile and cloud usage, among other things.
Ransomware Targets SMBs via RDP Attacks (Security Week) A series of ransomware attacks against small-to-medium companies are leveraging Remote Desktop Protocol (RDP) access to infect systems, Sophos reports.
EMOTET Trojan Variant Evades Malware Analysis (Security Week) A recently observed variant of the EMOTET banking Trojan features new routines that allow it to evade sandbox and malware analysis, Trend Micro security researchers say.
One month later, Magniber ransomware is still out there (SANS Internet Storm Center) Last month in October 2017, several sources reported a new ransomware family distributed by Magnitude exploit kit (EK) [1, 2, 3]. Security researchers dubbed the new ransomware "Magniber" because it appears to have replaced Cerber ransomware as distributed through Magnitude EK. Cerber seems to have disappeared since then, but as November 2017 progresses, we're still seeing Magniber.
Cobalt Strikes Again: Spam Runs Use Macros and CVE-2017-8759 Exploit Against Russian Banks (TrendLabs Security Intelligence Blog) The latest spam runs of the Cobalt group use malicious macro and exploit for CVE-2017-8759 to target Russian-speaking financial institutions.
Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks (Threatpost) Hackers using a specially crafted XLS files can trigger several remote code execution vulnerabilities in the LibXL library.
Bug that deleted $300m could have been fixed months ago (Naked Security) The flaw was reported in August 2017 and mistaken for a “convenience enhancement”
How a Wi-Fi Pineapple Can Steal Your Data (And How to Protect Yourself From It) (Motherboard) The Wi-Fi Pineapple enables anyone to steal data on public Wi-Fi networks. Here’s how it facilitates two sophisticated network attacks and how to protect yourself against them.
What you need to know about the cybergang behind Pornhub attack (Somerset Live) Millions of adult site users could have been affected
Hackers could take control of cars and kill millions, ministers warned (Times) Modern cars are an “open door” to hackers, inviting hostile states to use Britain’s roads as a weapon against citizens, ministers have been warned. Deaths are inevitable within five years if...
Child abuse on YouTube (Times) Google has made millions of pounds in advertising revenue from videos that exploit young children and appeal to paedophiles, experts say. Iceland, O2 and Which? are among companies to have...
McAfee Network Mistakenly Sent Malware To Customers Using Anti-Hacking Service (International Business Times) The Emotet banking malware was loaded into a Word file sent to users of the McAfee ClickProtect email protection service.
Skip Black Friday for a Safer Shopping Day: Gray Saturday (Infosecurity Magazine) The number of such attacks can decrease by as much as 33% on the day after Black Friday.
Security Patches, Mitigations, and Software Updates
Patch alert: Microsoft acknowledges printer bug; forced 1709 upgrades continue (Computerworld) Patch Tuesday problems roll out, with a new acknowledgment from Microsoft about a dot matrix printer bug, continued reports of Win10 1703-to-1709 upgrades, one unconfirmed report of a forced 1607-to-1709 upgrade, and a memory violation error with CDPUserSvc. Welcome to the jungle.
How to fix a program without the source code? Patch the binary directly (Ars Technica) Microsoft abandons typical Patch Tuesday playbook to fix Equation Editor flaw.
Microsoft Appears to Have Lost the Source Code of an Office Component (BleepingComputer) The way Microsoft patched a recent security bug has made several security and software experts believe the company might have lost the source code to one of its Office components.
Verizon rolls out Krack fix for its BlackBerry PRIV with September 2017 patch (The Android Soul) News about Android update and devices
GitHub Warns Developers When Using Vulnerable Libraries (Security Week) Code hosting service GitHub now warns developers if certain software libraries used by their projects contain any known vulnerabilities and provides advice on how to address the issue.
Cyber Trends
Ransomware damage costs predicted to hit $11.5B by 2019 (CSO Online) The rising ransomware costs are driven by an uptick in the frequency of attacks, which is expected to rise to an attack every 14 seconds.
2018 Security Predictions, by Forcepoint Security Labs (Forcepoint) A myriad of complex challenges will surface in 2018, threatening your ability to protect your users, data and networks in new ways. In the Forcepoint 2018 Security Predictions Report, our thought leaders assert that cybersecurity needs a forward-thinking, holistic approach to protect data in real-time, one that can transform a vulnerable employee to a defender of data.
Cyberstrategy for 2018: Time to Prepare for the Worst? (Comodo) Are you ready for 2018?
2017 Q3 Quarterly Threat Report (eSentire) The 2017 Q3 Quarterly Threat Report provides a quarterly snapshot of threat events investigated by the eSentire Security Operations Center (SOC).
Security Current Releases CISO-Authored Research Report on Endpoint Security (PRNewswire) Security Current today announced the release of its CISO-authored...
Sad state of enterprise cloud infrastructure governance (Help Net Security) A new survey of more than 300 IT professionals revealed that the state of enterprise cloud infrastructure governance is extremely poor.
Cyber attacks on country's top 20 'magic circle' law firms surge 60pc (Independent) Cyber attacks on the country's top 20 or so called 'magic circle' law firms have surged by 60pc in less than a year, with more than six out of 10 firms reporting attacks.
Kaspersky warns cybersecurity needs attention (The Nation) Thailand may be an example of the classic case of having a huge population of Internet users but also low cybersecurity awareness. Perhaps that makes it fertile ground for Kaspersky, a large cybersecurity firm that is often in the news.
Marketplace
Do you have the AI solutions the intelligence community needs? (C4ISRNET) ODNI puts up a $75,000 prize for AI solutions that can evaluate intelligence products before they're disseminated to troops and decision-makers.
The greatest risk with AI is not moving fast enough to deploy it: Microsoft (ZDNet) If there are only a handful of companies running AI, then it's unlikely that it will be applied broadly enough, according to Microsoft's strategic policy advisor Dave Heiner.
Marvell Technology to buy chipmaker Cavium for about $6 billion (Ars Technica) Two more chipmakers come together to try to compete with Intel, Broadcom.
Chipmakers bet on the ‘big bang’ of artificial intelligence (Financial Times) Broadcom’s $130bn bid for Qualcomm reflects semiconductor companies’ desire to depend less on smartphones and vie for a foothold in AI
What is an IPO pop and why do VCs hate it so much? (TechCrunch) Over the weekend, several VCs tweeted that my headline recapping Stitch Fix's first day of trading was too harsh. The headline read, "Stitch Fix up just 1%..
Equifax results a ‘stern warning’ to industry over cyber-security (Asset Finance International) Finance companies have been urged to consider the costs of cyber-security failures after details emerged of the financial impact of a security breach at Equifax earlier this year
At-Bay Launches from Stealth to Provide Cyber Insurance for the Digital Age (BusinessWire) At-Bay announces today that they are launching from stealth to provide cyber insurance for the digital age.
3 Ways to Retain Security Operations Staff (Dark Reading) Finding skilled security analysts is hard enough. Once you do, you'll need to fight to keep them working for you. These tips can help.
2 Signs Palo Alto Networks Inc Needs New Management (The Motley Fool) An unfulfilled promise and ongoing losses mean it’s time the data security provider consider some tough choices.
Kaspersky Laboratory opens R&D unit in Vladivostok (Telecompaper) Kaspersky Laboratory has launched its new R&D centre in the city of Vladivostok, reports Cnews.ru. The company owns four R&D units across the country.
Iconic hacker booted from conferences after sexual misconduct claims surface (Ars Technica) Professor, reporter say meetings with Draper years ago turned inappropriate.
Products, Services, and Solutions
Zentera's CoIP Enclave™ Solution Addresses Security Across Hybrid Environments at AWS re:Invent 2017 (PRNewswire) Zentera Systems, Inc., a leader in software-defined perimeters for...
How NSS Labs' CAWS finds and fixes network threats (CSO Online) The public instance of the CAWS Continuous Security Validation Platform from NSS Labs is a valuable tool for alerting IT teams about real threats with the ability to breach their defenses. But for networks with high security needs, the product's private instance is worth the high price tag.
Technologies, Techniques, and Standards
Ransomware recovery methods: What does the NIST suggest? (SearchSecurity) Ransomware recovery methods need to be considered by more and more enterprises as these types of attacks spread. Here's a look at what the NIST recommends.
Why Linus is right (as usual) (Errata Security) People are debating this email from Linus Torvalds (maintainer of the Linux kernel). It has strong language, like: Some security people ...
Cyber security collaboration is key to dark web deterrent (Financial Times) Vigilance remains high as cyber intelligence experts anticipate the next big ransomware threat
Risk Assessment in Information Security - An Alternative Approach (Infosecurity Magazine) An alternative approach to information security risk assessment is to use a Value-at-risk analysis.
3 Rules for Communicating Post-Crisis, Cyber Attack 101 (MarTechSeries) Listen up… a cyber-attack is likely to happen to your organization. The majority of attacks to date have focused on
How to talk about cryptocurrency at the holiday dinner table (TechCrunch) You’re sitting down to a nice meal and your aunt, always one step ahead, mentions she wants to start investing in Bitcoin. You freeze, a drip of gravy..
New Guide for Political Campaign Cybersecurity Debuts (Dark Reading) The Cybersecurity Campaign Playbook created by bipartisan Defending Digital Democracy Project (D3P) group provides political campaigns with tips for securing data, accounts.
Design and Innovation
Twitter says it will judge verified users’ offline behavior (The Verge) What losing a badge really means
Twitter gets tough on white supremacists with new policy (Naked Security) Verified user badges are not an endorsement and and you can’t be sure they’ll always be there
Google Chief Says Google News Will 'Engineer' Russian Propaganda Out of the Feed (Motherboard) “It’s basically RT and Sputnik,” he said on Saturday.
YouTube terminated its own channel "Citizentube" for multiple or severe violations (HackRead) In April 2007, YouTube launched its official channel on the site called Citizentube. The details of it were elaborated on YouTube's Google Blog according t
Social media threat: People learned to survive disease, we can handle Twitter (USA TODAY) We don’t know much about what would constitute the equivalent of intellectual indoor plumbing. But civics and skepticism would be a good start.
Research and Development
AFRL, firm to research ways to protect weapons from cyber attack (Dayton Daily) The Air Force Research Laboratory has awarded a $47.
Academia
NSA Grants Bolster Moraine Valley's Cybersecurity Programs (Palos, IL Patch) Moraine Valley received $1.5 million in grants to expand cybersecurity initiatives, the fastest growing speciality in IT industry.
Legislation, Policy, and Regulation
Collapse of German coalition talks deals Merkel blow, raises prospect of new elections (Washington Post) The surprise pullout of the Free Democrats leaves the chancellor with few options for a government.
Germany bans kids smartwatches, asks parents to destroy them (HackRead) Garmany's Telecoms regulator the Federal Network Agency (The Bundesnetzagentur) which oversees the country’s telecommunications has banned smartwatches for
US and Japan Take A Step In Cyber Information Sharing (LookingGlass Cyber Solutions Inc.) The Government of Japan and the U.S. Department of Homeland Security (DHS) took a step to strengthen the cyber relationship between the two nations.
This Island Nation Wants To Become The First Regulatory Body Of ICOs (FXStreet) Anguilla is moving to become the first regulatory authority on initial coin offerings and utility token offerings.
Senators propose limit on FISA files (The Denver Post) A pair of senators on Friday released their bipartisan proposal to renew a powerful surveillance authority for collecting foreign intelligence on U.S. soil, but with a new brake on the government…
Former State Department official talks cyber diplomacy in Bartels lecture (Cornell Chronicle) Returning to Cornell to give the annual Bartels World Affairs Fellowship Lecture Nov. 15, Christopher Painter ’80, former coordinator for cyber issues at the U.S. Department of State, discussed the power – and the limitations – of cyber diplomacy in a public lecture in Kennedy Hall’s Call Auditorium.
Florida May Counter 'Growing Threat' to Election Security (US News & World Report) Calling it a "growing threat" to Florida's election systems, Gov. Rick Scott and state election officials want to spend more than $2 million in the coming year on cybersecurity.
Litigation, Investigation, and Law Enforcement
Skype faces fine after refusing to allow eavesdropping (Naked Security) The trouble began when authorities came knocking, wanting to listen in on organised crime
Everyone has been hacked, say police (Times) Virtually everyone in the country is likely to have had their personal data hacked and placed for sale on the dark web, police have said. Peter Goodman, the National Police Chiefs’ Council lead for...
In Brazil, cybercriminals operate in plain view (The Brazilian Report) Brazil received the fourth-highest number of attacks carried out by cybercriminals in the world during 2016, resulting in losses of $103 billion.
Feds charge man they say worked for 'darknet' marketplace (Washington Post) An Illinois man who federal prosecutors say worked as a spokesman for a “darknet” marketplace for illicit internet commerce has been charged in Atlanta.
Fund Targets Victims Scammed Via Western Union (KrebsOnSecurity) If you, a friend or loved one lost money in a scam involving Western Union, some or all of those funds may be recoverable thanks to a more than half-billion dollar program set up by the U.S. Federal Trade Commission.