Cyber Attacks, Threats, and Vulnerabilities
Saudi agency says country targeted in cyber spying campaign (Reuters) Saudi Arabian security officials said on Monday that the country had been targeted as part of a wide-ranging cyber espionage campaign observed since February against five Middle East nations as well as several countries outside the region.
North Korea's Lazarus Group Evolves Tactics, Goes Mobile (Dark Reading) The group believed to be behind the Sony breach and attacks on the SWIFT network pivots from targeted to mass attacks.
How North Korean hackers may be playing hide and seek by operating from inside India (International Business Times UK) Experts suggest that the North Korean hackers who may be working out of India, could be focused on money-making activities instead of espionage.
Brexit: The Russian Job (Byline) What is the true extent of Russia's interference in Brexit through social media and did it have any impact?
CENTCOM Says Massive Data Cache Found on Leaky Server is Benign (Threatpost) Pentagon contractor left 1.8 billion mostly benign publicly accessible social-media posts scraped from the internet on a publicly accessible Amazon storage bucket.
Terdot Banking Trojan Grows Into a Sophisticated Threat (BleepingComputer) Everything else is new, and there's a lot of it. According to Bitdefender, Terdot can also operate a local MitM proxy server to sniff and reroute web traffic, can target more than just banking sites, and can also download and execute files from a remote server.
Android Flaw Lets Attackers Capture Screen and Record Audio (HackRead) If your Android smartphone has Lolipop, Nougat or Marshmallow, then there is every reason for you to feel alarmed because the MediaProjection service can b
Wp-Vcd WordPress Malware Campaign Is Back (BleepingComputer) WordPress site owners should be on the lookout for a malware strain tracked as wp-vcd that hides in legitimate WordPress files and that is used to add a secret admin user and grant attackers control over infected sites.
Ongoing Adwind Phishing Campaign Discovered (Security Week) A new phishing campaign delivering the Jsocket variant of Adwind (also known as AlienSpy) was detected in October, and is ongoing.
Windows 8 and Later Fail to Properly Apply ASLR (Security Week) Address Space Layout Randomization (ASLR) isn’t properly applied on versions of Microsoft Windows 8 and newer, an alert from Carnegie Mellon University-run CERT Coordination Center (CERT/CC) warns.
Flashlight Apps Snuck Malware Into Google's Play Store, Targeting Bank Accounts (Gizmodo) Active on Google Play Store as recently as last Friday, a mobile banking trojan infected thousands of users who thought they downloading games or innocent-looking apps, according to research published by a trio of cybersecurity firms.
Intel Chip Flaws Leave Millions of Devices Exposed (WIRED) A new set of confirmed vulnerabilities in Intel's Management Engine impacts most recent PCs, servers, and IoT devices.
More than $30 million worth of cryptocurrency was just stolen by hackers, company says (CNBC) Tether, a U.S. start-up, offers dollar-backed digital tokens that can be sent, received or stored across a blockchain.
An Ethereum Startup Just Vanished After People Invested $374K (Motherboard) “These were very good scammers.”
Sacramento Regional Transit Website Goes Down After Cyber Attack (Fox 40) The website of the Sacramento Regional Transit District was taken offline after falling victim to an apparent “cyber ransom attack” Monday.
Russians buy life of luxury with stolen UK air miles (Times) Russian cybercriminals are enjoying five-star holidays at knockdown prices using reward points stolen from unwitting Britons, a report says. The fraudsters buy flights, hotels and car-hire at...
Rewards Points Theft is a Growing Piece of the Cybercrime Pie (Infosecurity Magazine) Fraudulent “booking services” that use stolen points in Russian-language forums are gaining popularity.
Business leaders oversharing on dating apps, putting companies at risk of cyberattack (TechRepublic) Around 25% of business leaders are sharing too many details and trade secrets about their workplace on dating apps, new Kaspersky Lab research said.
No, you’re not being paranoid. Sites really are watching your every move (Ars Technica) Sites log your keystrokes and mouse movements in real time, before you click submit.
Fraudulent Black Friday Apps Spread Malware (Security Intelligence) A recent RiskIQ report found that about 1 in 25 Black Friday apps widely available in official app stores are fraudulent.
Identity theft concerns won't hold back holiday shopping (Help Net Security) Despite concerns about identity theft and fraud, consumers don’t plan to curb their holiday shopping, according to Discover.
Connected Toys Let Creepers Talk to Your Kids (Infosecurity Magazine) It’s child’s play, as it were, to hack the Bluetooth or Wi-Fi connection used by the toy, for a man-in-the-middle takeover.
Consumers Want IoT Toys Regardless of Security, Survey Finds (eWEEK) As the holiday shopping season gets underway, many consumers will pick up new IoT devices, even though many of those devices might come with security risks.
Why hackers reuse malware (Help Net Security) While code reuse in malware frees up time for attackers to do additional work on detection avoidance and attack efficacy.
Vigilante or bug hunter? (Graham Cluley) “False alarm,” declares CityPost as it takes its website down.
Security Patches, Mitigations, and Software Updates
Amazon Echo and Google Home patched against BlueBorne threat (Naked Security) The attack doesn’t require the targeted to be paired to the attacker’s device, or to be in discoverable mode
Flaw in F5 Products Allows Recovery of Encrypted Data (Security Week) A crypto vulnerability affecting some F5 Networks products can be exploited by a remote attacker for recovering encrypted data and launching man-in-the-middle (MitM) attacks, the company told customers on Friday.
October macOS Patch Fixes FAT/USB Vulnerability (TrendLabs Security Intelligence Blog) October’s macOS security update contained a fix for a vulnerability that Trend Micro privately disclosed to Apple earlier this year.
Cyber Trends
Cybersecurity Predictions for 2018 (+ 5-Year Predictions, too!) (BeyondTrust) It’s that time of year again when we look back at what has motivated the market for IT cybersecurity solutions in the last year in order to develop our plans for the next year.
Digital Transformation Barometer: A 2017 ISACA Research Report on Emerging Technologies (ISACA) Are your enterprise leaders digitally literate? The answer to that question has a clear impact on your organization's digital transformation efforts, according to ISACA's 2017 Digital Transformation Barometer.
Most businesses to invest in artificial intelligence by 2020 (Help Net Security) Eighty-five per cent of senior executives plan to invest in artificial intelligence (AI) and the internet of things (IoT) by 2020, according to Deloitte.
‘Zim fertile ground for hackers' (NewsDay Zimbabwe) Zimbabwe is recognised by the global hacking community as a “low hanging fruit” meaning that the country’s information technology systems are an easy target, leaving financial and business systems very vulnerable to attack, a new report has shown.
Marketplace
Why Cybersecurity Unemployment Will Remain at Zero (Security Boulevard) Now that we have a confirmed zero-unemployment problem in Cybersecurity, even with the recent addition of some Equifax, Target and Home Depot professionals, it is time to revisit the mis-configured target for information security professionals.
It’s either Eden or Perdition, there is no middle way for infosec startups (CISO MAG) An astonishing 36 percent startups have already raised seed money while the number was just 15 percent a year ago.
StartCom CA to Shut Down After Ban by Browser Vendors (Security Week) The board of directors of China-based certificate authority StartCom announced on Friday that it has decided to shut down the company following the decision of major browser vendors to ban its certificates.
DISA to Solicit Proposals for $96M IT Products & Services Contract (ExecutiveBiz) The Defense Information Systems Agency plans to issue a formal request for proposals later this month for a range of information technology products and services that will be delivered outside the continental U.S.
CenturyLink wins spot on $50 billion GSA Alliant 2 contract (PRNewswire) CenturyLink, Inc. (NYSE: CTL) recently won a coveted spot on the General...
Lockheed Martin Arm Wins Satellite Communication Security Deal (NASDAQ.com) Defense major Lockheed Martin Corp. 's LMT Space Systems business unit secured a modification contract for providing engineering and interim logistics services as well as delivering spares and associated material, related to Mobile User Objective System (MUOS). Work related to the deal is expected to be over by November 2020.
Warburg Pincus Commences Cash Tender Offer for Ordinary Shares of Cyren Ltd. (Business Insider) Warburg Pincus, a global private equity firm focused on growth investing, announced today that WP XII Investments B.V., an entity controlled by funds affiliated with Warburg Pincus (the "Purchaser"), has commenced a cash tender offer to purchase up to 31,265,358 million ordinary shares ("Cyren shares") of Cyren Ltd., a global Internet Security-as-a-Service provider ("Cyren") (NASDAQ: CYRN), for $2.50 per share.
Palo Alto Networks Earnings Should Answer Two Burning Questions (TheStreet) Is cyber security spending increasing for the whole sector, thanks in part to the Equifax hack? Or is Cisco simply taking market share from its competitors?
Northrop Grumman and bwtech@UMBC Launch Cyber Incubator Tech Champions (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE: NOC) and the bwtech@UMBC Cyber Incubator are launching a new Tech Champions mentorship initiative within the Cync Program to foster strengthened technical engagement with cyber-focused small...
Governor Kate Brown Launches Cyber Oregon Initiative at “Oregon Day of Cyber” Event (NB Herard) Cyber Oregon “With the formal launch of the Cyber Oregon initiative, we're taking an important step forward toward improving cybersecurity across Oregon while highlighting great work already t…
Verodin Appoints Former Cisco Executive Mark Bagley as VP of Products (Verodin) Bagley brings over 20 years of strategic and technical experience to pioneering security instrumentation startup
Leader in Deception Technology Illusive Networks Names Mandiant VP Charles Carmakal as Board Advisor (Business Insider) Illusive Networks, the leader in deception-based cybersecurity, today announced the appointment of Charles Carmakal, a Mandiant Vice President, as an Advisor, sharing his insight and expertise with identifying and combating advanced threat actors.
BeyondTrust Appoints Industry Veteran Paul Christman as Federal Sales Leader (Marketwired) Experienced industry executive to help accelerate public sector business and customer success
Products, Services, and Solutions
Amazon launches new cloud storage service for U.S. spy agencies (Washington Post) The new service will be provided through an existing $600 million contract with the intelligence community.
Amazon announces AWS Secret Region for intelligence agencies (ZDNet) Three years after launching Top Secret Region, Amazon has announced Secret Region for US intelligence agencies, as well as other government agencies dealing with secret-level data.
Chubb reveals new cybersecurity app for commercial clients (Digital Insurance) The smartphone application is a response to recent upticks in ransomware attacks, the company says.
Cybereason and Exabeam Announce Strategic Partnership (NB Herard) Cybereason, creators of the leading cybersecurity data analytics platform including endpoint detection and response, next-generation antivirus, and active monitoring service…
Uplevel Systems Launches Secure SMB Suite (eSecurity Planet) Aimed at small businesses and the MSPs that serve them, the bundle includes a firewall, IPS, secure DNS, VPN and other protections.
Secureworks Releases Open Source IDS Tools (Security Week) Secureworks has released two open source tools, Flowsynth and Dalton, designed to help analysts test rules for intrusion detection systems (IDS) and intrusion prevention systems (IPS) such as Snort and Suricata.
Sophisticated industrial network monitoring without connectivity risks (Help Net Security) SecurityMatters and Waterfall Security Solutions announced a global partnership to protect industrial control systems from the most advanced cyber threats.
Quick Heal enterprise arm Seqrite partners Jetico to develop encryption solutions, expand enterprise security (The Indian Express) Seqrite, the enterprise security solutions brand of Quick Heal Technologies, on Monday entered into a technology collaboration with Finnish company Jetico to develop advanced encryption solutions.
Five next-generation security solutions (Business IT) Take your business security to the next level with advanced threat protection, vulnerability management, machine learning and more.
Technologies, Techniques, and Standards
What Is Threat Modeling? (Motherboard) The first step to online security is figuring out what you're trying to protect, and who you're up against.
Bipartisan Harvard panel recommends hacking safeguards for elections (Reuters) A bipartisan Harvard University project aimed at protecting elections from hacking and propaganda will release its first set of recommendations today on how U.S. elections can be defended from hacking attacks.
5 fireable offenses that could cost CISOs their jobs (CSO Online) Sure, a big preventable breach might easily cost a CISO his or her job--just ask Susan Mauldin, the former Equifax CISO. A few less obvious missteps could do the same.
Cloud Security Alliance Releases New Cloud Security for Startups Report (PRNewswire-USNewswire) The Cloud Security Alliance (CSA), the world's leading organization...
Holiday cybersecurity: Defense tips for hospitals to get systems through the season (Healthcare IT News) More employees work remotely and shop online during the holidays and, as a result, cybercriminals increase their attacks on healthcare and other organizations.
Upskilling – The Forgotten Solution to the Cyber Gap (Infosecurity Magazine) Upskilling staff can prove a viable piece of the solution to the skills shortage.
How to hire top cybersecurity talent for your company (CSO Online) As cyber threats continue to grow in volume and intensity, companies need top-tier cybersecurity talent to successfully fend off these attacks.
Lifecycle management approach to tech, talent could address cyber skills shortfall [Commentary] (Fifth Domain) A magnifying glass has been focused on the significant shortfall in cybersecurity talent in the government.
Keep Cyber Marines in the Fight (US Naval Institute Proceedings) The loss of talented, experienced enlisted Marines in the cyber operations field is a threat to the Corps’ effectiveness in the 21st century.
Design and Innovation
Google exec: Pentagon making slow but steady progress on innovation (Defense News) The Pentagon is moving out on implementing some of the suggestions of its all-star board of thought leaders in science and commercial tech, but the pace of change is still slow compared to the commercial sector, Google’s top executive said.
Research and Development
Stanford's Applied Cryptography Group Aims to Bulletproof Bitcoin - Bitcoin News (Bitcoin News) Stanford University’s Applied Cryptography Group (ACG) is proposing Bulletproofs, a way to drastically reduce blockchain data, roughly ten-fold. The ACG team argues how using aggregation for transaction proofs and reducing block size will result in two goals long sought in Bitcoin, confidentiality and speed.
Experts: "Quantum computers will break Bitcoin security within 10 years" (Futurism) One revolutionary tech could cripple another.
Academia
University gets NSA/DHS grant to expand cybersecurity training (Fifth Domain) One program will teach cybersecurity measures to public safety employees, while another will use common hardware and software to come up with new teaching methods.
UK government trains teenage hackers in £20m scheme (IT PRO) The Cyber Discovery Programme is designed to help bridge the UK's security skills gap
Legislation, Policy, and Regulation
Here’s how NATO is preparing for cyber operations (Fifth Domain) Following last year's declaration of cyberspace as an operational domain of warfare, NATO is still working on developing the details.
An Illustration: Understanding the Impact of Section 702 on the Typical American (NSA) The U.S. Intelligence Community relies on Section 702 of the Foreign Intelligence Surveillance Act in the constant hunt for information about foreign adversaries determined to harm the nation or our allies. The National Security Agency (NSA), for example, uses this law to target terrorists and thwart their plans. In a time of increasing cyber threats, Section 702 also aids the Intelligence Community's cybersecurity efforts.
Protecting U.S. Person Identities in FISA Disseminations (IC on the Record) We are releasing today reports that review how intelligence agencies protect the identities of U.S. persons when disseminating information collected under the Foreign Intelligence Surveillance Act (FISA);
US intelligence can’t break vulnerability hoarding habit (Naked Security) Vulnerabilities: keep them secret as a weapon against the bad guys or tell the world so we can all get patched?
FCC: robocalls can go get BLOCKED (Naked Security) But, it could come at a price
The Robocall Nightmare Is Only Getting Worse—But Help Is Here (WIRED) US consumers suffer 80 million robocalls a day. But a new crackdown—along with some clever apps—could help put a lid on your biggest mobile nuisance.
State CIO Wiggins to retire (FederalNewsRadio.com) State Department chief information officer Frontis Wiggins is retiring after more than 30 years of service.
Litigation, Investigation, and Law Enforcement
(2nd LD) N. Korea conducts rare inspection of key military organ: spy agency (Yonhap News Agency) North Korea is conducting a rare inspection of a key military organ due to its "impure attitude" and has punished its top officials, South Korea's spy agency said Monday.
Seoul: 2 top North Korean military officers punished (Military Times) South Korea’s spy agency told lawmakers Monday that North Korea has punished two of its top military officers, including one widely seen as its second-most powerful official, during a highly unusual inspection of the military’s powerful political bureau.
US sanctions 'network' accused of forging money for Iran (Al-Monitor) The United States on Monday imposed sanctions on a network individuals and companies accused of forging money to help Iran's Revolutionary Guards, officials announced. The sanctions targeted four companies and two individuals involved in printing cou nterfeit Yemeni currency to benefit Iran, including Iranian national Reza Heidari and Mahmoud Seif, whose nationality was not given,...
Apple formally asked to release Texas shooter’s iCloud data (Ars Technica) Texas judge also signs off on search of shooter’s iPhone SE, LG dumbphone.
NY Courts Consider Protecting Against Inadvertent Release of Documents in Commercial Cases (New York Law Journal) It is no secret that lawyers sometimes make mistakes. But with everyone communicating by email and digital information measured in terabytes the stakes of error grow ever larger.
Mueller's Team Raises Questions About Possible Defense Conflicts (New York Law Journal) Special Counsel Robert Mueller III’s team raised concerns Monday that a defense lawyer for Rick Gates a former business partner of Paul Manafort could have a conflict of interest that prevents him from participating in the money laundering case against the two men in Washington federal court.
Five new revelations in the Russian uranium case (TheHill) Evidence gathered by an FBI undercover informant conflicts with several media reports as well as statements by Justice officials concerning the connections between a Russian nuclear bribery case and the Obama administration's approval of the sale
Correcting the Record on vDOS Prosecutions (KrebsOnSecurity) KrebsOnSecurity recently featured a story about a New Mexico man who stands accused of using the now-defunct vDOS attack-for-hire service to hobble the Web sites of several former employers.
Hung Jury, Partial Verdict In Finjan-Blue Coat IP Rematch (Law360) A California federal jury Monday found that Blue Coat infringed two of Finjan’s online security patents, but cleared the Symantec unit on two other patents and hung on two more, awarding $490,000, far less than the $39.5 million Finjan received in prior litigation.
Cisco and INTERPOL Collaborate to Combat Cybercrime (Marketwired) Cisco (NASDAQ: CSCO), the worldwide technology leader, and INTERPOL, the world's largest international police organization, have today announced an agreement to share threat intelligence as the first step in jointly fighting cybercrime.