Cyber Attacks, Threats, and Vulnerabilities
Expert: ISIS video claiming a cyber attack this Friday is credible (WPEC) Terror Warning! A new pro-ISIS video claims a cyber terrorist attack on the United States begins this Friday. A former Central Intelligence Agency agent, Lisa Ruth tells CBS 12 this threat is credible because the terrorist group has hacked into military we
Iranian Hackers Have Set Up a News Outlet to Court Possible Targets, Security Firm Says (CTECH) Hacker group “Charming Kitten” used false identities to ferret out information, says Israel-based cybersecurity firm ClearSky
Flying Kitten to Rocket Kitten, a Case of Ambiguity and Shared Code (Iran Threat) In our most recent post, "iKittens: Iranian Actor Resurfaces with Malware for Mac," the inadvertent disclosure of macOS Keychains from a malware test machine recalled a long dormant group through references to an alias "mb_1986" (a hacker named Mojtaba Borhani that we have tracked since at least April 2013).
Ethiopia Allegedly Spied on Security Researcher With Israel-Made Spyware (Motherboard) The digital rights watchdog Citizen Lab has exposed a new spyware company that sells surveillance technology to governments.
Evidence That Ethiopia Is Spying on Journalists Shows Commercial Spyware Is Out of Control (WIRED) Opinion: A new report from Citizen Lab shows that governments are using commercial spyware to surveil dissidents and journalists.
Satori Botnet Has Sudden Awakening With Over 280,000 Active Bots (BleepingComputer) Security researchers are raising the alarm in regards to a new botnet named Satori that has been seen active on over 280,000 different IPs in the past 12 hours.
Satori botnet: Mirai successor awakens with zero-day powers and over 280,000 bots in 12 hours (International Business Times UK) Security experts say that Satori botnet can propagate rapidly, essentially making it an IoT worm.
What is a botnet? And why they aren't going away anytime soon (CSO Online) Controlling thousands or even millions of devices gives cyber attackers the upper hand to deliver malware or conduct a DDoS attack.
A popular Android keyboard app leaks data on 31 million users (ZDNet) The app maker's database wasn't protected with a password, leaving exposed its users' most private information.
‘Mailsploit’ Lets Hackers Forge Perfect Email Spoofs (WIRED) The attack uncovers bugs in how more than a dozen programs implement email's creaky protocol.
Cybercriminals Switching to Impersonation Attacks to Bypass Email Security Systems (GlobeNewswire News Room) Mimecast ESRA Report Shows Sharp Rise in Impersonation Attacks
Report: Email attacks increasing, but none as much as impersonation phishing (TechRepublic) Email filtration is getting good enough to catch most malware, but it's not anywhere near capable of stopping a well-targeted impersonation attack.
Phishing Schemes Are Using Encrypted Sites to Seem Legit (WIRED) A green padlock might make it seem like a site is secure, but increasingly phishers are using it to lure victims into giving up sensitive info.
Phishing emails have spiked this year, outgrowing malware (Computing) Why try to trick a system when you can just fool the user?
July Systems data leak: Massive trove of sensitive information exposed online via unsecured database (International Business Times UK) Over 1,000 usernames and passwords of Unilever managers in India were also exposed as part of the breach.
Bromium Emotet Banking Trojan polymorphic malware analysis (DABCC) We analyzed samples containing the Emotet banking trojan and broke down the findings in a side-by-side comparison.
Developers Targeted in 'ParseDroid' PoC Attack (Threatpost) A proof of concept attack developed by researchers target users of the development platforms for Android and Java.
Critical Flaw in WAGO PLC Exposes Organizations to Attacks (Security Week) Programmable logic controllers (PLCs) from Germany-based industrial automation company WAGO are affected by a potentially serious vulnerability that could give a remote attacker access to an organization’s entire network.
Bitcoin Exchanges Are Favorite Targets of Global DDoS Attacks: Report (Bitcoin Magazine) Imperva Incapsula, a cloud-based service provider, has released a comprehensive report titled “Q3 2017 Global DDoS Threat Landscape.” The report shows that ...
Cryptocurrency apps have severe security vulnerabilities, but do investors care? (BetaNews) A market cap of over $350 billion, daily volumes in excess of $10 billion, fast rising prices, a growing number of investors and little to no regulation all combine to make the cryptocurrency space a prime target for hackers. What's more, security is not exactly a main priority for many investors and exchanges, as numerous thefts go to show.
Symantec endpoint zero-day unpatched for months (SC Media UK) A vulnerability in Symantec endpoint clients remains unpatched months after disclosure, according to security researchers.
Anti-Skimmer Detector for Skimmer Scammers (KrebsOnSecurity) Crooks who make and deploy ATM skimmers are constantly engaged in a cat-and-mouse game with financial institutions, which deploy a variety of technological measures designed to defeat skimming devices.
Why Nadine Dorries’ Actions Causes Many to Question our Government’s Cyber Security (Acumin) The British public were shocked after the allegations of prnographic content being stored on Damien Green’s government computer earlier this month. To make matters worse, in hope of supporting the politician, Nadine Dorries caused a stir when she sent a tweet claiming all her staff know her computer logins, so how can we be sure Green is to blame.
Do You Want Putin’s Attention? Sanction Sport (Just Security) The popular reaction to targeting symbols of national pride such as sports is something we cannot predict. And, despots hate unpredictability.
Connected Rental Cars Leak Personal Driver Data (Infosecurity Magazine) Connected Rental Cars Leak Personal Driver Data. Privacy International finds firms are failing to protect driver and passenger privacy
Security Patches, Mitigations, and Software Updates
Android's December 2017 Patches Resolve Critical Flaws (Security Week) The December 2017 Android security patches that Google released this week resolve 47 vulnerabilities, including 10 rated Critical severity.
TeamViewer Rushes Fix for Permissions Bug (Threatpost) TeamViewer says it has issued a hotfix to address a bug that allows users sharing a desktop session to gain control of the other’s computer without permission.
EY Global Information Security Survey 2017-18 (EY) Most organizations believe they are at high risk in today’s cyber-threat landscape. Despite tools and processes to repel attacks, they remain wide open.
Brit bank Barclays' Kaspersky Lab diss: It's cyber balkanisation, hiss infosec bods (Register) It's 2017: Is the splinternet nearer than ever?
Top five emerging cybersecurity trends for 2018 (Netwrix) Netwrix sums up the top cybersecurity trends that will define the way organizations develop their IT strategies in the coming year.
The Year to Come in ICS / Critical Infrastructure Security (Security Week) In my previous column, I outlined a series of high-level, prescriptive steps for organizations to follow to better the security posture of their Industrial Control Systems (ICS) networks. Hopefully, you found that helpful to moving the needle forward and are putting some of those steps in place.
54 Percent of Energy Companies Lack Security Skills for IoT (eSecurity Planet) Just 2 percent say IoT presents no new security challenges.
Kaspersky Security Bulletin: Review of the Year 2017 (Cyber Parse) The end of the year is a good time to take stock of the main cyberthreat incidents that took place over the preceding 12 months or so.
API and Security Trends for 2018 (BankInfo Security) Denial of Service, web application layer attacks, credential abuse and IoT - these are the attack trends and vectors that will make headlines in 2018. Ryan Barnett
Emerging Trends in Vulnerability Management (Security Week) Vulnerability management has historically been treated as an engineering exercise that is disconnected from how security flaws relate to the business and the actual threat they pose.
Study: Simulated Attacks Uncover Real-World Problems in IT Security (Dark Reading) Some 70% of simulated attacks on real networks were able to move laterally within the network, while more than half infiltrated the perimeter and exfiltrated data.
How many UK business can defend a cyber attack? (Information Age) Only half (50%) of UK businesses say they have the right skills to combat a cyber attack, according to a report from CW Jobs
More Than Half of UK Businesses Aren’t Prepared to Pay GDPR Fines if Breached (GlobeNewswire News Room) Research shows only five per cent of IT decision makers have all the necessary data governance strategies in place to be compliant ahead of 25th May 2018 deadline
6 Personality Profiles of White-Hat Hackers (Dark Reading) From making the Internet safer to promoting their security careers, bug bounty hunters have a broad range of motivators for hacking - most just like the challenge.
Cyber Security Firm Integrity360 Acquires Specialist UK Security Provider (PRNewswire) Cyber security firm Integrity360 today announced the acquisition...
Just Days Into New Job, Uber's Tony West Tells Employees To 'Stop It Now' With Surveillance (Recorder) Tony West, the newly minted CLO of Uber, has a lot of work on his hands already as he tries to help the ride-hailing company clean up past messes and move on.
Infusing New Perspectives Into the Cybersecurity Workforce With a New Collar Approach (Security Intelligence) A great way to bolster the dwindling cybersecurity workforce is to hire professionals who lack technical degrees but offer fresh perspectives.
Symantec says it will lay off 66 workers at Gateway facility in January (The Register-Guard) Sixty-six Symantec employees will lose their jobs next month as the cybersecurity firm has begun a drastic reduction of its local workforce. The layoffs mark the continued downsizing of Symantec’s once-substantial Gateway workforce.
Why FireEye Is One of the Top Cybersecurity Stocks (Market Realist) FireEye (FEYE) went public in September 2013 and in December 2014, it acquired Mandiant for ~$1.0 billion. Mandiant was considered one of the most prominent data breach and response players in the space.
Webroot Announces Fifteenth Consecutive (Webroot) Company Protects More Than 240,000 Businesses Worldwide, Welcomes New
GlobalPlatform Announces 2018 Board of Directors (GlobalPlatform) Board to drive the association’s vision to create collaborative and open ecosystems in which stakeholders can effectively deliver simplicity and security for digital services and devices
Products, Services, and Solutions
Container Technology Wiki – Your Container Knowledge Hub (Aquasec) A collaboratively-edited resource covering over 200 topics including container architecture, container ops, container orchestration, and container platforms, with a focus on Docker and Kubernetes technologies.
Anomali Partners With Global Resilience Federation for Industry Threat Sharing (BusinessWire) Anomali, the leading provider of market-leading threat intelligence solutions, announced today it has partnered with Global Resilience Federation.
Netskope and Facebook Usher in Secure Collaboration in Workplace (PRNewswire) Netskope, the leader in cloud security, today announced a first of...
Facebook brings Messenger to kids as young as 6 (Naked Security) Do kids that young “need” a parent-sanctioned chat app? Facebook thinks so.
Barefoot Networks launches Deep Insight to illuminate packet visibility (RCR Wireless News) Barefoot Networks revealed Deep Insight today, a network monitoring system that addresses four truths for every packet in a network, including...
Raytheon and Pivotal to accelerate cloud migration and speed software development for the Federal Government (PRNewswire) Raytheon Company (NYSE: RTN) and Pivotal Software, Inc., today announced...
CACI Cyber Range Achieves ISO 27001:2013 for IT Security (BusinessWire) CACI International Inc (NYSE: CACI) announced today that its Cyber Range is now certified against the International Organization for Standardization...
Cloud Security Alliance Announces Launch of CCSK v4 (PRNewswire) The Cloud Security Alliance (CSA), the world's leading organization...
WISeKey Launches WIS.WATCH powered by contactless NFC Technology designed specifically for bitcoin and cryptocurrency users (GlobeNewswire News Room) WISeKey International Holding Ltd (SIX: WIHN) (WISeKey" or the "Company"), a leading cybersecurity and IoT company, today announced the launch of WIS.WATCH, a secure mechanical watch powered by contactless secure hardware enabled wallet, designed to offer security and ease of use to cryptocurrency users.
Technologies, Techniques, and Standards
The best kept secret in cybersecurity for banks (CSO Online) The Sheltered Harbor cybersecurity initiative for U.S. banks and financial services firms protects against hacker attacks.
The Impact of Employee Training on Cybersecurity Breaches (The National Law Review) Every organization is exposed to information security threats daily. It is essential that organizations have an information security protection program that is properly designed, documented, execute
4 Considerations for Evaluating an Intrusion Detection System (Bricata) The cybersecurity landscape is cluttered with tools, many of which are difficult to understand. This conjures up the question: do we really need that?
The key to success with prevention strategies like remote browser isolation (Help Net Security) Remote browser isolation (RBI) is growing in popularity. In order to be successful with RBI, organizations must “always be threat modeling”.
The next step in network security evolution (Help Net Security) In complex computing environments, maintaining even a trust list can be cumbersome. The fact is that static signatures, even partial ones, don’t scale.
How cybersecurity solutions can help with GDPR compliance (Help Net Security) Although not obligatory, the right cybersecurity solutions can help you to secure data and reach compliance with GDPR. Learn which are worth the investment.
Cleaning up security flaws with cyber hygiene (Tahawul Tech) As Cisco’s former CEO John Chambers famously said, there are only two types of companies – those that have been hacked and those that don’t know they have been hacked.
Proofpoint’s Tony D’Angelo: Agencies Need Security Tools for Email, Mobile Device Cyber Defense (GovCon Wire) Tony D'Angelo, vice president of federal business at Sunnyvale, California-based enterprise security
When Routine Isn’t Enough: Why Military Cyber Commands Need Human Creativity (War on the Rocks) Former Secretary of Defense Ashton Carter recently published a report on the campaign to destroy ISIL. Particularly notable was what Carter said about the
Facebook Live panel says culture is the key to startup security (BetaKit) Last week, in partnership with Microsoft, BetaKit hosted a Facebook live chat on how startups can stay agile when it comes to security.
Bitcoin’s insane energy consumption, explained (Ars Technica) One estimate suggests the Bitcoin network consumes as much energy as Denmark.
Design and Innovation
Booz Allen: Artificial intelligence is transforming immersive training (Defense News) While graphics, computing speed and even hardware are improving to make virtual and augmented reality training more realistic, the integration of data science and AI will take immersive training to the next level, according to Booz Allen Hamilton consultants.
Squint at the CV90 and you might see an autonomous weapon (C4ISRNET) BAE's CV90 highlights how easily a weapon with autonomous features could lead to an autonomous weapon.
Juniper and Telefonica building automated network that will discover and fix faults and cyber attacks (Computing) The companies are building the automated network on existing infrastructure in Spain
Research and Development
Raytheon developing superconducting computing technology for intelligence community (Business Insider) A Raytheon BBN Technologies-led team is developing prototype cryogenic memory arrays and a scalable control architecture under an award from the Intelligence Advanced Research Projects Activity Cryogenic Computing Complexity program.
Head of federally funded research lab wants to demystify cyber (TheHill) The new head of a first-of-its-kind, public-private partnership for cybersecurity research believes demystifying the sector for the public might be as important a part of his job as developing new technologies.
Walsh College of Troy launches automotive cybersecurity course program (Oakland Press) Walsh College announced the launch of a groundbreaking academic concentration in automotive cybersecurity. The program will provide an experiential and applied approach to automotive cybersecurity. With the addition of multiple networks, computers, an
Legislation, Policy, and Regulation
#BHEU: Government Agreements Needed on How to Prevent Cyber-Conflict (Infosecurity Magazine) Better understanding of cybersecurity issues, cross-border agreements and the tools to take action will offer better security for governments
China toughens web censorship, encourages others to follow (Nikkei Asian Review) Beijing sees internet controls as a 'question of sovereignty'
Is China's Great Firewall a Political Tool or an Economic Weapon? (Weekly Standard) Over the past couple of years, a succession of American tech executives have decamped to Beijing to pander to the dictatorial leadership there. Mark Zuckerberg, in particular, has shown a penchant for flattering the ruling caste in China; he has repeatedly visited the country that his company, Facebook, remains banned in.
Apple, Facebook find something to praise China for amid internet clamp (Reuters) Top executives at Apple Inc (AAPL.O) and Facebook Inc (FB.O) managed to find something to praise Beijing for at an internet conference in China this week, even as its Communist Party rulers ban Western social media and stamp on online dissent.
Germany Intelligence Wants to Hack Back (CyberDB) German intelligence officials approached lawmakers and argued for greater legal authority to “hack back” in response to cyber attacks by nation states.
Germany's proposed anti-cryptography bill: backdoors and hack-backs (Boing Boing) Germany's proposed anti-cryptography bill: backdoors and hack-backs
Tiger Conference: Cybersecurity panel calls for use of local talent (KyivPost) Even as Russia’s war against Ukraine in Donbas drags on, and cyber attacks on Ukrainian power grids and other infrastructure become more common, Ukraine faces another threat – cybercrimes in the banking sector. Experts at the Cyber Security breakout session of the Kyiv Post’s Tiger Conference on Dec. 5 discussed the main threats, and the …
The UK will soon keep a permanent record of everyone who watches porn (Mother Jones) "It's beyond insane they're even considering it."
Senate confirms Trump's pick for Homeland Security secretary (Reuters) The U.S. Senate on Tuesday confirmed President Donald Trump's choice to lead the Department of Homeland Security (DHS), a post that opened after John Kelly became Trump's chief of staff earlier this year.
The US Claims It Doesn't Need a Court Order to Ask Tech Companies to Build Encryption Backdoors (Gizmodo) Federal authorities say they can request a U.S. tech company build surveillance backdoors into their products without any kind of court order, according to statements from July released this weekend, ZDNet reported.
Why the Marine Corps needed a new deputy commandant (C4ISRNET) The Marine Corps has reorganized its leadership and forces to reflect a new reality: that information will play an outsized role in any future conflict.
Army launches direct commissioning program for civilian cybersecurity experts (Stars and Stripes) The Army has approved a program to recruit experienced cybersecurity experts directly into the service as cyber officers in an attempt to bolster a growing field that military leaders see as vital to national security.
Watchdog questions DoD about Cyber Command's work with private sector, civilian agencies (Cyberscoop) The Defense Department needs to clarify and further define how certain U.S. defense agencies and combatant commands — including the nation’s top cyberwarfare unit, U.S. Cyber Command — should interact with private sector companies and civilian agencies, according to a recent report by the Government Accountability Office (GAO).
How the FCC's Net Neutrality Plan Breaks With 50 Years of History (WIRED) Tim Wu, who coined the phrase "net neutrality," says the FCC's proposal to revoke net neutrality rules ignores history and the law.
Litigation, Investigation, and Law Enforcement
Security services thwart ‘Islamist plot to kill PM’ (Times) An alleged Islamist plot to kill the prime minister at Downing Street has been thwarted by the police and security services, it was revealed last night. Theresa May is understood to have been the...
Alleged Cyber Crime Kingpin Arrested in Belarus (Fortune) Belarus arrests suspected ringleader of global cyber crime network.
Andromeda botnet mastermind arrested in Belarus (Cyberscoop) The prolific hacker behind the Andromeda botnet was brought down by open source intelligence, according to the cybersecurity firm Recorded Future.
Mastermind behind sophisticated, massive botnet outs himself (Ars Technica) Andromeda kingpin is identified by his ICQ number.
Judge Weighs Uber’s Obligations to Produce Controversial Letter in Waymo Battle (Recorder) An Uber lawyer admitted that an email about the letter sat unread in his email inbox for months prior to the latest kerfuffle.
The Spectator Who Threw a Wrench in the Waymo/Uber Lawsuit | Backchannel (WIRED) An unknown techie thinks that Waymo’s key patent should never have been granted—and if he’s right, Waymo might find itself on the other side of a lawsuit.
Wire Fraud is the Fastest Growing Real Estate Cybercrime in the U.S. (Corporate Counsel) According to the FBI, the Internet Crime Complaint Center saw a 480 percent increase in the number of complaints filed last year by those in the real…