Cyber Attacks, Threats, and Vulnerabilities
North Korea’s Bitcoin Play (Bloomberg.com) “It’s the perfect mechanism for North Korean money.”
As Violence Flares in Ethiopia, Internet Goes Dark (Voice of America) Internet shutdowns seen as common government tactic during times of civil strife
Unprecedented Malware Targets Industrial Safety Systems in the Middle East (WIRED) A rare and dangerous new form of malware targets the industrial safety control systems that protect human life.
TRITON Attacker Disrupts ICS Operations, While Botching Attempt to Cause Physical Damage (Dark Reading) TRITON malware is discovered after an attack on a safety monitoring system accidentally triggered the shutdown of an industrial process at an undisclosed organization.
Nation State Attackers Shut Down Industrial Plant with New ICS Malware (eSecurity Planet) The malware was designed specifically to target Triconex SIS controllers.
Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure (FireEye) Mandiant recently responded to an incident at a critical infrastructure organization where an attacker deployed malware designed to manipulate industrial safety systems. The targeted systems provided emergency shutdown capability for industrial processes.
Cyber security firm responds to ICS Attack framework dubbed Triton (Computing) Cyber crooks use Triton malware to compromise critical infrastructure
Synaptics Says Claims of a Keylogger in HP Laptops are False (Threatpost) Synaptics said reports that hundreds of HP laptops contained a secret keylogger that traced back to debugger software made by the company are inaccurate.
Permissions Flaw Found on Azure AD Connect (Threatpost) A permissions flaw in Microsoft’s Azure AD Connect software could allow a rogue admin to escalate account privileges and gain unauthorized universal access within a company’s internal network.
Fox-IT reveals hackers hijacked its DNS records, spied on clients' files (Graham Cluley) Given the nature of Fox-IT's work there are likely to be some interesting theories as to who might have been behind this particular attack, and what they were attempting to spy upon.
Fortinet VPN Client Exposes VPN Creds, Palo Alto Firewalls Allow Remote Attacks (BleepingComputer) It's been a bad week for two of the world's biggest vendors of enterprise hardware and software — Fortinet and Palo Alto Networks. Both companies fixed security issues this week affecting some of their most popular products, with some bugs being quite intrusive and dangerous.
Popular Destinations Rerouted to Russia (BGPMon) Early this morning (UTC) our systems detected a suspicious event where many prefixes for high profile destinations were being announced by an unused Russian Autonomous System.
Air Chief Marshal Sir Stuart Peach fears crippling Russian attack on web cables (Times) Britain’s trade and internet are at risk of catastrophic damage from any Russian attack on underwater communications cables, the head of the armed forces has warned. Air Chief Marshal Sir Stuart...
Dissecting PRILEX and CUTLET MAKER ATM Malware Families (TrendLabs Security Intelligence Blog) For a while now, Trend Micro has focused its efforts on covering ATM malware, especially new families that come up with features that stealthily target banking customers. In this blog post, we're going to cover two that have recently come to our attention: Prilex and Cutlet Maker. Each of them is interesting in their own right, but for different reasons.
85 Credential-Stealing Apps Found on Google Play Store (HackRead) A couple of days ago HackRead exclusively reported on a Fidget spinner app that has been sending other apps data to a server in China. Now, IT security res
Misconfigured Amazon S3 buckets expose sensitive data (SearchStorage) When users fail to properly configure Amazon S3 buckets, they put data on the public cloud service at risk. Experts call for IT admins to keep a close watch.
A Very Malicious Christmas (Anomali) In 2017, Americans are projected to spend $906 million on gifts, up from $785 in 2016. A significant chunk of that total will be spent online. As consumers turn to the internet, those looking to exploit them are increasing at a similar rate.Over the last 5 years, the festive season has seen actors ramping up Christmas themed campaigns to directly target businesses and consumers. This post outlines a very small number of particularly prolific attacks that have been observed over
The Weather Online is Frightful: Holiday Scams Run Rampant on Social (ZeroFOX) Holiday scams on social media are on the rise, and ZeroFOX reports thousands of fake accounts distributing phishing, malware & fame farming.
Cybercrimes have become a business issue: Expert (Asian Age) Traditional methods such as antivirus, firewalls no longer effective.
More Than 90 Percent of Cybersecurity Professionals Concerned About Cybercriminals Using AI in Attacks (Webroot) Cybersecurity Experts Say AI Critical to Protect Digital Assets in the
From buzz to the battleground, AI is everywhere (CSO Online) An open letter to artificial intelligence.
Examining attitudes towards confidential data (Help Net Security) Industry analyst firm Quocirca surveyed 500 IT decision makers in the United States, Canada, United Kingdom, Australia and Japan, examining attitudes towar
Complex regulations and sophisticated cyberattacks inflate non-compliance costs (Help Net Security) Non-compliance costs have significantly increased over the past few years, and the issue could grow more serious in the near future.
List of Cloud Statistics (Clutch) In the past year, we released multiple reports featuring original data on the cloud industry. We’ve collected the most important data points here, offering insights into businesses’ opinions on cloud security trends, spending habits, and more in 2017.
A few cybersecurity predictions for 2018 (CSO Online) Look for cloud computing chaos, high-end services, technology consolidation/integration, machine learning ubiquity, and a GDPR mess.
Cybersecurity market slowdown? Not anytime soon (CSO Online) Despite some analyst speculations to the contrary, cybersecurity spending is rising sharply.
'Unsolicited and unhelpful': End users hounded by 40 IT supplier calls a day (CRN) VAR's research unveils industry's obsession with cold calling end users who are spending up to three hours a day fielding unwanted calls,Reseller ,Probrand,cold calling,Matt Royle
Northrop Grumman Wins Contract Extension to Provide UK’s Forensic and Biometric Capability (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE: NOC) has been awarded an extension to its existing contract with the Home Office to continue providing services, systems operations and maintenance for the Forensic and Biometric Interim...
National Guard still struggling to fill cyber positions (FederalNewsRadio.com) Almost two years after the National Guard announced it was having trouble filling cyber positions, the military component is still stuck in the same spot.
i-House.com and McAfee Coin launch Presale of IHT Token for Real Estate Smart Contract Development (CoinSpeaker) According to the latest news, i-house.com has formed partnership with Mr. John McAfee, to build a blockchain cloud platform for global real estate industry.
Thales Regroups Its Digital Assets and Appoints New Talents (Thales) Beginning January 1, 2018, Thales will regroup its digital businesses and expertise under a transverse Digital Business Unit. David Jones is appointed Senior Vice-president Digital Business Unit, Thales, effective on 8 December 2017. He will be based in California.
Digital Shadows Strengthens Management Team as Business Continues to Expand (Channel EMEA) Digital Shadows, the leader in digital risk management and threat intelligence, today announced several key appointments to its management team designed to scale the business in support of company growth following Series C funding earlier in the year.
Products, Services, and Solutions
New infosec products of the week: December 15, 2017 (Help Net Security) EventTracker 9: New UI and faster threat hunting EventTracker released a new version of its SIEM, which enables faster threat hunting and simplified compli
Best security software, 2017: How cutting-edge products fare against the latest threats (CSO Online) In these security software reviews, we go hands-on with some of the most innovative, useful and, arguably, best tools from today's most important cybersecurity technology categories.
The best antivirus? Kaspersky leads in latest tests, but that's only part of the story (CSO Online) Ransomware and other threats often get through signature-based antivirus protection, giving it a bad rap. However, antivirus tools still play an important role in the enterprise security strategy.
Silent Circle and WidePoint Team to Deliver Secure Mobile Solutions to the U.S. Federal Sector (Business Insider) WidePoint Corporation (NYSE: WYY), a leading provider of Trusted Mobility Management (TM2) specializing in Telecommunications Lifecycle Management (TLM) and Cybersecurity solutions, today announced a strategic partnership with Silent Circle, a pioneer in enterprise-class mobile security, privacy and compliance solutions.
VMware, Carbon Black partner to advance app security (RCR Wireless News) VMware and Carbon Black announced a joint app security solution, which combines three key elements to enhance cloud and data center security, including...
NH-ISAC Ditches Passwords, Links with Trusona (Healthcare Analytic News) The National Health Information Sharing and Analysis Center will use dynamic user authentication going forward.
FBI Cybersecurity Security Expert Abagnale On The Real Cause Of Blockbuster Security Breaches And The Breakthrough Technology That Could Eliminate Passwords (CRN) Frank Abagnale, the teenage check forger turned FBI security expert popularized in the film "Catch Me If You Can," spoke with CRN about the cause of blockbuster cybersecurity breaches, why Equifax is the worst breach he has ever seen, and the revolutionary technology that could eliminate passwords.
Technologies, Techniques, and Standards
Want to really understand how bitcoin works? Here’s a gentle primer (Ars Technica) Ars goes deep on the breakthrough online payment network.
Agencies cautious on blockchain applications (GCN) Agency execs caution that putting policy before technology could 'hijack' future efforts to deploy the technology.
NatWest overhauls web security after online confrontation (Computing) Natwest improves the security of its main website
Is Your Security Workflow Backwards? (Dark Reading) The pace at which information security evolves means organizations must work smarter, not harder. Here's how to stay ahead of the threats.
Tech alone can’t save your business from cyberattacks (The Next Web) Chris Young, CEO of McAfee just spoke at TNW New York. We’re sharing his views on the importance of company culture in cyber security. For a growing number of CEOs, security is now a top concern — but most aren’t doing enough to protect their companies from harm. Data breaches jumped 29 percent in the …
Laptop Security: Not Sexy, But A Real Cybersecurity Imperative (LinkedIn) As an executive at a cybersecurity company, I typically make the rounds to all of the industry’s “must attend” events to stay on top of the latest trends, learnings and industry buzz. These forums are where the good guys go to learn what the bad guys do.
Cyber Hunt Teams: A Necessary Augment to Traditional Security Practices (LookingGlass Cyber Solutions Inc.) “If you know the enemy and know yourself, you need not fear the result of a hundred battles.” -Sun Tzu Cyber hunt teams are becoming an important part of o, December 14, 2017
Staying Safe While Accessing Online Banking (Infosecurity Magazine) MiTB attacks and trojans continue to be a problem for online banking.
Beginner's Guide to Admin Permissions (Business News Daily) Administrator accounts typically fall to IT, but not all small businesses have a dedicated person. Here's what you should know, plus tips for beginner admins.
A Simple Checklist To Help You Not Get Hacked (Fast Company) There are a lot of in-depth guides to staying safe online. Citizen Lab and a group of security gurus built an interactive tool to keep things simpler.
How to Make Adversaries Work Harder, While We Work Smarter, in 2018 (Security Week) 2018 should not be another year where attackers continue to exploit the known
Army eyeing options for long-range electronic attack (C4ISRNET) Army leaders are looking at alternative approaches to meet and field electronic warfare needs.
Design and Innovation
This Software Developer Is Making a Surveillance-Free Cell Phone Network (Motherboard) Denver Gingerich is the brains behind Sopranica, a DIY, surveillance free cell phone network he hopes will one day rival big telecom companies.
How Did Apple Inc. (AAPL) Suddenly Get So Bad At Security? (StockNews.com) A recent string of embarrassing security and other gaffes in iOS and macOS should be concerning for investors.
Why mobile game developers need to say “Game Over” to the man-in-the-middle (IT Pro Portal) Most of the mobile games, including those most popular among children and teens, are highly vulnerable to a breach.
Hyderabad students are planning to protect society from cyber attacks (Deccan Chronicle) Knowledge of Dark Web, Blue Whale and others also opens career prospects in cybersecurity, says a student.
Legislation, Policy, and Regulation
Cybersecurity bill features rare collaboration in House; now comes the Senate challenge (Washington Examiner) Prospect of DHS gobbing up jurisdiction at the expense of other departments has long been a source of concern on Capitol Hill.
Pentagon Delays Deadline For Military Suppliers to Meet Cybersecurity Rules (Nextgov.com) The goal of the new regulations is to secure sensitive data on the computers and networks at smaller companies.
Army vows to reinvigorate electronic warfare by combining it with cyber, intelligence functions (FederalNewsRadio.com) After years of frustrations, the Army says 2018 is the "year of delivery" for its electronic warfare force, which will be subsumed into its cyber branch.
Net Neutrality laws scrapped in US (Computing) Is the death of internet freedom upon us?
Litigation, Investigation, and Law Enforcement
Man gets friend kidnapped to steal $1.8 million worth of Ethereum (HackRead) As you might know, the value of Bitcoin suddenly increased this month and that motivated hackers to target cryptocurrency exchanges and steal user funds or
Barclays Bank Insider Sentenced for Role in Dridex Plot (Infosecurity Magazine) Barclays Bank Insider Sentenced for Role in Dridex Plot. Londoner gets over six years in jail
Business Email Compromise scammer sentenced to 41 months in prison (WeLiveSecurity) A US judge has sentenced a Nigerian man to three years and five months in a federal prison after he pleaded guilty to taking part in a business email compromise scam that targeted organisations around the world.
The FCC Just Killed Net Neutrality. Now What? (WIRED) Groups plan to contest the FCC decision's to repeal net neutrality rules.
FCC votes down Obama-era ‘net neutrality’ rules (The Washington Times) Not even a bomb threat and impromptu evacuation could stop the Federal Communications Commission from voting Thursday to repeal net neutrality, setting up another legal battle between the Trump administration and Democratic attorneys general.
Justice Department Announces Charges and Guilty Pleas in Three Computer Crime Cases Involving Significant DDoS Attacks (US Department of Justice Office of Public Affairs) Defendants responsible for creating “Mirai” and clickfraud botnets, infecting hundreds of thousands of IoT devices with malicious software
Former Botmaster, ‘Darkode’ Founder is CTO of Hacked Bitcoin Mining Firm ‘NiceHash’ (KrebsOnSecurity) On Dec. 6, 2017, approximately USD $52 million worth of Bitcoin mysteriously disappeared from the coffers of NiceHash, a Slovenian company that lets users sell their computing power to help others mine virtual currencies.
OSX.Pirrit Mac Adware Part III: The DaVinci Code (Cybereason) Cybereason researcher Amit Serper discovers a new variant of TargetingEdge's Mac OSX Pirrit malware, now this adware includes remote access tool RAT capabilities.
Senate may put off most anticipated Russian probe findings (Honolulu Star-Advertiser) With no firm conclusions yet on whether President Donald Trump’s campaign may have coordinated with Russia, the Senate intelligence committee could delay answering that question and issue more bipartisan recommendations early next year on protecting future elections from foreign tampering.
New Details Emerge About Discovery Of FBI Agent’s Anti-Trump Texts (The Daily Caller) The Justice Department's office of the inspector general revealed new details Wednesday about how it discovered the anti-Trump text messages that led to FBI agent Peter Strzok's removal from Special C
The FBI’s Trump ‘Insurance’ (Wall Street Journal) More troubling evidence of election meddling at the bureau.