Cyber Attacks, Threats, and Vulnerabilities
Following the developing Iranian cyberthreat (Fifth Domain) Like Russia and China, the history of Iran’s cyberspace operations begins with its hackers.
‘Telephone Terrorism’ Cyber Attack Originated in Syria, Russia Says (Moscow Times) More than two million people were evacuated since September
Facebook’s Brexit probe unearths three Russian-bought “immigration” ads (TechCrunch) Facebook has provided more details about the extent of Russian digital interference related to the UK's Brexit vote last year.
Major traffic destinations rerouted to Russia (Computing) Internet destinations rerouted to Russia in new BGP incident
Millions Impacted by Credential-Stealers in Google Play (Security Week) During October and November 2017, Kaspersky Lab researchers discovered 85 applications in Google Play that were designed to steal credentials for Russian social network VK.com. One of the malicious applications had more than a million downloads.
Golduck Malware Infects Classic Android Games (Security Week) Several classic game applications in Google Play have been silently downloading and installing a malicious APK file onto Android devices, Appthority reports.
Stealthy Admin Accounts Found in Hybrid Office 365 Deployments (Security Week) Vulnerability in Azure AD Connect Software Can Provide Stealthy Admins With Full Domain Control
Leading cryptocurrency exchange faces outages as bitcoin rivals surge (Ars Technica) Litecoin, a leading bitcoin rival, has soared 150 percent in four days.
Bitfinex cryptocurrency exchange hit by massive DDoS attacks (HackRead) Bitfinex, known as one of the world largest cryptocurrency exchange was forced to shut down its ongoing operations after suffering a series of non-stop dis
Streaming sites mine cryptocurrency while you watch free movies (CSO Online) AdGuard discovered crypto-jacking schemes at Openload, Streamango, Rapidvideo and OnlineVideoConverter, affecting nearly 1 billion users per month.
Variation of 19-Year-Old Cryptographic Attack Affects Facebook, PayPal, Others (BleepingComputer) Three security researchers have discovered a variation to an old cryptographic attack that can be exploited to obtain the private encryption key necessary to decrypt sensitive HTTPS traffic under certain conditions.
Ransom email scam from ‘hitman’ demands: pay up or die (Naked Security) It’s a horrible email scam that’s supposed to scare the life out of you
New Spider Ransomware Comes With 96-Hour Deadline (Threatpost) A ransomware campaign targeting the Balkans comes with a 96-hour deadline and includes a link to a video that assures victims payments can be made easily.
Ransomware's bitcoin problem: How price surge means a headache for crooks (ZDNet) Ransomware authors are profiting from the rise of the cryptocurrency -- but it's also bringing some unexpected problems for them and other dark web operators.
North Carolina County Goes Public With Ransomware Attack (Bloomberg Law) A North Carolina county went public with its recent ransomware attack and decision not to pay a ransom, providing a rare look inside such crippling hacks, the vast […]
Fake email, stolen log-ins opened door to widespread hack on Mecklenburg County (Charlotte Observer) Mecklenburg County ransomware comes as government spends more to guard against cyber attacks and data breaches. The attack started as phishing email.
This database may be about to spark a cyber crime epidemic (Newsweek) A database of 1.4 billion user passwords compiled from 252 data breaches is suspected to be the largest ever.
Security Patches, Mitigations, and Software Updates
Microsoft December Patch Tuesday Fixes 34 Security Issues (BleepingComputer) Microsoft has released security updates as part of its monthly Patch Tuesday release train, and this month, the company has patched 34 issues affecting eight products.
December Patch Tuesday: Yearender Includes Updates for MMPE Vulnerabilities (TrendLabs Security Intelligence Blog) It was a relatively low-key year-ender for Microsoft’s Patch Tuesday, as the company’s monthly release of updates was relatively light in terms of noteworthy vulnerabilities. With that said, there were still a few notable vulnerabilities that were addressed.
Microsoft Releases a Light Dusting of Patches for December (Infosecurity Magazine) Microsoft Releases a Light Dusting of Patches for December. Most fixes this month affect IE and Edge
Patch Tuesday, December 2017 Edition (KrebsOnSecurity) The final Patch Tuesday of the year is upon us, with Adobe and Microsoft each issuing security updates for their software once again. Redmond fixed problems with various flavors of Windows, Microsoft Edge, Office, Exchange and its Malware Protection Engine. And of course Adobe’s got another security update available for its Flash Player software.
Adobe Patches 'Business Logic Error' in Flash Player (Security Week) The only security update released by Adobe this Patch Tuesday addresses a moderate severity regression issue affecting Flash Player.
SAP Becomes CVE Numbering Authority (Security Week) Released this week with fixes for 11 vulnerabilities, SAP’s Security Patch Day for December 2017 marks a change in the history of SAP patches: it also includes CVE numbers in the titles of the security notes.
Android's poor system update process is putting devices at risk (Security Brief) Singh says that even one year after Android 7.0 Nougat was released, only 17% of devices run the operating system. The statistics are poorer for 7.1.
Making Sense of Apple's Recent Security Stumbles (WIRED) Apple's had some prominent security lapses lately. But is it just a rough patch, or something deeper?
Security Expert Warns That Cryptocurrency Hacking Will Intensify Next Year (Cryptovest) Lee Chen, A10 Networks' CEO, said in an interview today that we could expect the frequency of cyber attacks in the cryptocurrency space "to continue to increase in 2018."
Data Breach Predictions: The Trends to Shape 2018 (PRNewswire) Today's organizations face a cyber security landscape that is more...
Are cyber threats still not a priority? (Information Age) An AlienVault survey analysing the impact of WannaCry and NotPetya has found that attitudes to cyber security have hardly changed as a result
99% of Office Workers Commit Actions that Dramatically Increase the Likelihood of Workplace Data Breach (Intermedia) Part 3 of Intermedia’s new 2017 Data Vulnerability Report finds office workers often ignore data security best practices, putting themselves and their employers at great risk
Email is the biggest source of data breaches (Modern Healthcare) Email has been the biggest source of data breaches this year, with 73 breaches between Jan. 1 and the end of November reported to HHS, affecting 573,698 people.
Healthcare Phishing, Computer Viruses Top Cyber Attack Methods (HealthITSecurity) A recent Accenture and AMA survey showed that healthcare phishing was the most common cause for cyber attacks.
Industry Threat Report: Healthcare It’s Time for a Cybersecurity Check-up (eSentire) In the Healthcare Industry Threat Report, the eSentire Threat Intelligence team looks at why the healthcare industry is a growing target and reveals some common exposures and attack methods used by today’s cybercriminals.
Automation Could Be Widening the Cybersecurity Skills Gap (Dark Reading) Sticking workers with tedious jobs that AI can't do leads to burnout, but there is a way to achieve balance.
Hard things are hard, security will never be easy (CSO Online) There isn’t a skills shortage for security because these are skills you can’t teach.
Lockheed Wins Potential $78M Navy IT Security Support Contract - GovCon Wire (GovCon Wire) Lockheed Martin (NYSE: LMT) has won a potential five-year, $77.7 million contract to provide cyberse
Cisco maintains grip on IT security market after ‘strong channel partner focus’ (Channel Life) Canalys has released its latest predictions surrounding the global IT security market’s performance over the third quarter in 2017.
3 Hot Cybersecurity Stocks to Focus On to Ring in 2018 (NASDAQ.com) As the eventful 2017 comes to a close, we believe this is the right time to make your investment plans for the upcoming year.
Inspecting Barracuda's Private Buyout (Seeking Alpha) Barracuda's tepid growth is justifying the looming buyout. Its product portfolio can generate more value in the absence of market irrationality. I think there i
I used to be a bitcoin bull—here’s why that changed (Ars Technica) With "buy bitcoin with credit card" trending on Google, investors should be wary.
China week in cyberland: US companies ‘kiss the ring’ (AEI) Transfixed by sex scandals, tax legislation, and the president’s Jerusalem gambit, Washington observers may have missed or passed over a truly signal week for Beijing’s emergence as a leader in the global digital world.
Products, Services, and Solutions
enSilo Helps Security Community Detect Far-reaching "Process Doppelgänging" Evasion Techniques Bypassing Popular AV and NGAV Defenses (PRNewswire) enSilo, the company that provides unified endpoint security with NGAV...
KnowBe4 Offers Employees a “Second Chance” to Make Smarter Security Decisions (GlobeNewswire News Room) Employees given a chance to turn back time on a careless click. IT Admins can use this new, unique email security tool to toughen their human firewall.
Hotel chain needs only two days to prove PCI compliance (Netwrix) Netwrix Auditor enables Mountain Park Lodges to achieve sustainable compliance
AIG Launches New Cyber Model That Scores Client Cyber Risk; Introduces CyberMatics℠ in Collaboration with CrowdStrike and Darktrace (BusinessWire) American International Group, Inc. (NYSE: AIG) today announced a new cyber benchmarking model that quantifies and scores client cyber risk. The AIG mo
M-Files 2018 Is Industry’s First Solution to Intelligently Unify and Manage Information Stored in Other Systems without Requiring Migration (The Daily Telescope) M-Files 2018 introduces a new approach we call ‘intelligent information management’ that has driven analysts, industry experts and all types of organizations to completely re-think their traditiona…
M-Files 2018 ou la gestion de l'information nouvelle génération (ITR) M-Files Corporation lance sa nouvelle solution de gestion intelligente de l'information baptisée tout simplement M-Files 2018. Elle offre une interface simple et unifiée permettant aux utilisateurs d’accéder rapidement à leurs documents, quel que soit le système où ils sont stockés.
Blue Cedar Introduces Enforce, a Cloud-Native Solution for In-App Mobile Policy Enforcement (BusinessWire) Blue Cedar Enforce, which launches on the Microsoft Azure Cloud, provides users greater modularity and the nimbleness of cloud-native architecture
Leidos Partners with Nozomi Networks for Passive Monitoring of Cyber Threats to Industrial Control Systems (Nozomi) Integration offers new, passive monitoring for threat detection and enhanced asset discovery capabilities
Passage.AI Partners With Edgewood Networks to Expand Into Key Vertical Markets and Grow Global Footprint (PRNewswire) Passage.AI, a pioneer in AI/NLP-enabled conversational...
Juniper Security Platform Adds Automation, One-Touch Mitigation (SDxCentral) Juniper Networks security platform now automates policy management and includes one-touch mitigation to respond to threats.
CRN Exclusive: Fortinet Tightens IoT Security Focus With New OT Security Solution For Partners (CRN) The new solution will help industrial organizations deliver segmentation, access control and malware protection across their operational technology.
Polaris Alpha, Imprimis, Inc. Partner for Cyber Risk Management and Compliance (PRWeb) With this partnership, the team of Polaris Alpha and Imprimis, Inc. can support a full range of contractors or other organizations from small to very large.
Balabit Launches Integrated ‘Out of the Box’ PAM Solution for Monitoring Privileged User Sessions (BusinessWire) Balabit, today announced the launch of its new Privileged Access Management (PAM) solution.
AWS security services expand, but still room for improvement (SearchAWS) AWS security services continue to expand, but they won't supplant third-party tools or build-your-own compliance software for some large enterprises.
Lastline Announces Threat Intelligence Team Delivering Timely Analysis of New Attacks and In-Depth Reports on Malware-Based Threats (BusinessWire) Lastline Inc., the leader in advanced network-based malware protection, today announced the creation of the Lastline Threat Intelligence Team comprise
Karamba Security Launches End-to-End Automotive Authentication with Zero Network Overhead (Business Insider) Karamba Security, the world leader in automotive cyberattack prevention, today announced SafeCAN, its new security software that seamlessly protects automotive networks from hacking by authenticating in-vehicle communications with zero network overhead.
Technologies, Techniques, and Standards
5 top machine learning use cases for security (CSO Online) Machine learning will make sense of the security threats your organization faces and help your staff focus on more valuable, strategic tasks. It could also be the answer to the next WannaCry.
Coinbase: don’t expect to trade your cryptocurrency at busy times (Naked Security) It’s OK to be excited about Bitcoin and other digital currencies, according to Brian Armstrong, CEO of digital currency exchange Coinbase… just maybe not that excited.
Prevent attacks with these security testing techniques (SearchSecurity) A single software error can leave enterprises open to attack. Learn how to identify vulnerabilities with these security testing techniques.
Don't let the Grinch steal your data: 13 tips to help you avoid a hacked holiday (TechRepublic) Whether you're shopping online or just received a new tech toy, here are some ways to protect your information from cybersecurity threats this holiday season.
Design and Innovation
Asimov's Laws For Artificial Intelligence (Forbes) A week and a half ago I was in Berlin for the hub conference. I had the opportunity to speak on a panel about cybersecurity (no surprise there) and shared my views on how countries and corporate entities can work together.
Research and Development
US researchers develop tool to detect website data breaches (Computing) Tens of millions of websites are compromised every year
Psychologists Want in on Social Media's Big Data Trove (WIRED) A Princeton sociologist wants to use your digital data to solve some of the hardest research problems in social science.
Legislation, Policy, and Regulation
FCA Forces UK Banks to Come Clean on Security Incidents (Infosecurity Magazine) FCA Forces UK Banks to Come Clean on Security Incidents. New rules come ahead of PSD2
Trump signs law banning use of Kaspersky products within US government (Computing) Trump signs law banning Kaspersky products from US government agencies
Kaspersky dragged into US govt's trashcan as weaponized blockchain agile devops mulled (Register) Trump signs defense law with No Eugenes clause, Kaspersky weighs options
A Republican lawmaker urges FCC to delay net neutrality repeal vote (Ars Technica) FCC should wait for Congress to create net neutrality law, Republican says.
How Reddit and others “broke the Internet” to support net neutrality today (Ars Technica) Gallery: Major websites join last-ditch effort to save net neutrality rules.
Opinion: Net neutrality safeguards democracy, the economy and national security (Mercury News) It’s wrong to view equal access to the Internet as just a business decision
Army's first directly-commissioned cyber officers could be on duty by next May (FederalNewsRadio.com) The Army is beginning its first experiment in fast-tracking the officer accession pipeline for civilians with cyber skills, but only five officers per year.
Litigation, Investigation, and Law Enforcement
A Russian hacker admitted to stealing Clinton's emails and hacking the DNC under Putin's orders (Newsweek) Konstantin Kozlovsky says Russia's Federal Security Service told him to hack Clinton's emails.
«Я был завербован»: хакер из Екатеринбурга взял на себя ответственность за взломы в США (The Bell) Один из обвиняемых по делу хакерской группы Lurk утверждает, что это он по заказу ФСБ атаковал Демпартию США.
Mirai IoT Botnet Co-Authors Plead Guilty (KrebsOnSecurity) The U.S. Justice Department on Tuesday unsealed the guilty pleas of two men first identified in January 2017 by KrebsOnSecurity as the likely co-authors of Mirai, a malware strain that remotely enslaves so-called “Internet of Things” devices such as security cameras, routers, and digital video recorders for use in large scale attacks designed to knock Web sites and entire networks offline (including multiple major attacks against this site).
EU proposes to streamline databases across bloc to reduce terror attacks (Deutsche Welle) The proposed service would allow border guards and police to simultaneously search multiple systems across the EU to verify identity documents. EU officials hope part of the system will become operational next year.
US bomb suspect warned Trump on Facebook (BBC News) Akayed Ullah, 27, faces a series of terror charges over Monday's bus terminal attack in New York.
Taiwan's Far Eastern International fined T$8 million over SWIFT hackin (Reuters) Taiwan's financial regulator said on Tuesday it had fined Far Eastern International Bank T$8 million ($266,524) due to deficiencies related to its SWIFT system
The Contractor that Hired Russian Coders for a Pentagon Project Has Struck a Deal with Prosecutors (Defense One) The deal ends a criminal investigation and imposes restrictions and audits on Netcracker Technology.
Australian airport hack was “a near miss” says government’s cybersecurity expert (Hot for Security) A 31-year-old Vietnamese man has been jailed for a hacking attack that compromised the computer network of Perth International Airport, and reportedly resulted in the theft of building plans and sensitive security protocols.
Supreme Court Searches for Fourth Amendment Line for the Digital Economy (Ropes & Gray) On November 29, 2017, the Supreme Court heard oral argument in Carpenter v. United States. The Court’s decision could have critical implications for companies operating in the digital economy and their ability to limit government access to data about consumers, particularly so-called non-content data.
Updated Guide to Posted Documents Regarding Use of National Security Authorities (IC on the Record) On September 19, 2017, we posted a guide with links to certain officially released documents related to the use by the Intelligence Community (IC) of national security authorities.
4 Applied Materials executives fleece company and get indicted (CSO Online) U.S. Attorney for Northern California indicted four former executives for stealing intellectual property and trade secrets from Applied Materials.