The CyberWire Daily Briefing 12.21.17

Cyber Attacks, Threats, and Vulnerabilities

Cryptocurrency exchange EtherDelta suspends service following alleged hack (TechCrunch) Another day, another hack in the crypto world. This time EtherDelta, a popular exchange for buying cryptocurrencies, has suspended its service after it was..

Massive Brute-Force Attack Infects WordPress Sites with Monero Miners (BleepingComputer) Over the course of the current week, WordPress sites around the globe have been the targets of a massive brute-force campaign during which hackers attempted to guess admin account logins in order to install a Monero miner on compromised sites.

Bitcoin owners and currency exchanges emerging targets for criminals: FireEye (ZDNet) The security firm's Asia Pacific CTO has warned against assuming cryptocurrency is secure or is safe from extortion if stored in a digital wallet.

Cron-Linked Malware Impersonates 2,200 Banking Apps (Infosecurity Magazine) Cron-Linked Malware Impersonates 2,200 Banking Apps. Trojan is out to harvest your financial credentials

Open AWS S3 bucket exposes sensitive Experian and census info on 123 million U.S. households (SC Media US) The sensitive information in the datasets included home addresses, contact information, purchasing behavior, mortgage ownerships and financial histories.

Unsecured Amazon S3 Bucket Exposes Details on 123 Million American Households (BleepingComputer) US data analytics provider Alteryx has left an Amazon S3 storage bucket exposed online, leaking the sensitive details of over 123 million US households in the process.

Cloud security: Why it may be more risky than vendors would have you believe (Techgenix) The vendor looking to put your business in the cloud will tell you all the benefits. But you might not hear about cloud security risks.

Advanced Persistent Adware: Analysis of Nation-State Level Tactics (Booz Allen Hamilton) Booz Allen Dark Labs’ Advanced Threat Hunt team discovered a unique form of adware lurking on client networks that evades all traditional forms of perimeter defense.

North Korea suspected in latest bitcoin heist, bankrupting Youbit exchange (Ars Technica) Breach bankrupts Seoul-based company after it reformed in wake of a previous heist.

North Korea rejects U.S. accusation, says it is not linked to any cyber attacks (Reuters) A spokesman for North Korea's foreign ministry said on Thursday Pyongyang is not linked to any cyber attacks, the North's first response since the United States publicly blamed it for a massive worldwide cyber security breach.

North Korea's threat to global security lies in its formidable cyber prowess - and the winter Olympics could be the next target (The Telegraph) While the world has obsessed over North Korea's rapidly advancing nuclear and weapons programmes, Pyongyang has silently built a sophisticated cyber army capable of plundering international banks, military espionage, and wreaking havoc on critical infrastructure.

Handcuffed by sanctions, North Korea seeks cash via cyber theft (Times of Israel) Some of the 7,000 hackers trained by Pyongyang pose as beautiful women on Facebook, strike online conversations and then send malicious ransomware files

North Korea cyber attacks like 'WannaCry' are increasingly ploys for money, analysts say (USA TODAY) The White House's attribution of last May's 'WannaCry' malware attack to North Korea is a sign that "this is war," analyst says.

Tech Giants Take Steps to Disrupt Lazarus Group (Infosecurity Magazine) Tech Giants Take Steps to Disrupt Lazarus Group. Microsoft and Facebook target North Korea-linked APT group

Should We Trust the U.S. Government When It Blames North Korea for a Cyberattack? (Slate Magazine) Over and over, we have been asked to place blind faith in the U.S. government when it comes to attributing cybersecurity incidents.

Attack Attribution Tricky Say Some as US Blames North Korea for WannaCry (Dark Reading) There's not enough evidence to conclusively tie the rogue regime to the ransomware attacks, some security experts say.

Inside the collapse of Islamic State’s propaganda machine (WIRED) At its peak, Isis ran a powerful media empire extolling the utopian virtues of life in the caliphate, but the group's increasingly erratic strategy now focusses on war and war alone.

Russian Twitter trolls exploited key election moments (NBC News) Russian trolls chose targeted moments during the presidential election to infiltrate and divide the online conversations of millions of Americans.

Don’t Speak, Memory (Foreign Affairs) Russia has never truly reckoned with the horrors of Stalin’s regime. And now the Kremlin is keener than ever to avoid acknowledging past crimes; instead, it is promoting an authoritarian ideology dangerously reminiscent of Stalin’s own.

'Fake News' Fights Back (Foreign Policy) Russian disinformation. A government attacking the media. A populace deeply skeptical of it. These Slovak journalists had seen it all — and decided to do…

China’s Cover-Up (Foreign Affairs) Despite the vast suffering the Chinese Communist Party has caused, it has never admitted guilt, far less memorialized its victims. Nor is it likely to. Too much remembering would risk undermining the party’s legitimacy.

CHM Help Files Deliver Brazilian Banking Trojan (Threatpost) Brazilian firms are the latest targets in a spam campaign delivering CHM help files hiding links to bank Trojans.

Japan cybersecurity survey finds 20,000 fake shopping sites (The Mainichi) A cybersecurity survey has found that around 20,000 fake shopping sites were in operation in the second half of this year, Japan's National Police Agency said Thursday, warning that the sites are designed to swindle money from unsuspecting shoppers.

Trend Micro: Beware of Travel Scammers Offering Huge Discounts (Infosecurity Magazine) Trend Micro: Beware of Travel Scammers Offering Huge Discounts. Black market trade in cheap deals is soaring

New Survey Finds 10 Percent Failure Rate in Email Security Systems (eWEEK) NEWS ANALYSIS: Tests by IT security company Cyren found that on average email security scanners miss about 10 percent of the messages laden with malware and phishing attack scams.

Hackers leak personal videos of WWE Diva Paige (HackRead) Hackers have leaked sex tapes of WWE Diva Paige and vowed to target her again.

Security Patches, Mitigations, and Software Updates

Windows 10 password manager bug is hiding good news (Naked Security) Peer a bit harder through the gloom of the Keeper flaw and you’ll find a good news story

Twitter adds support for app-based two-factor authentication (TechCrunch) Twitter is rolling out an update to its platform security that will allow users to employ third-part authentication apps to receive a two-factor login..

Twitter will tell users if content was blocked to comply with local laws or legal demands (TechCrunch) Twitter will now display messages to inform users if blocked tweets were withheld to comply with local laws or court orders, which it calls Country Withheld..

Facebook will ditch Disputed Flags on fake news and display links to trustworthy articles instead (TechCrunch) Facebook announced two changes today that it hopes will make it easier to staunch the spread of fake news. The first change is to the News Feed, where users..

Cyber Trends

12 top cloud security threats to consider for 2018 (CSO Online) More data and applications are moving to the cloud, which creates unique infosecurity challenges. Here are the "Treacherous 12," the top security threats organizations face when using cloud services.

Massive cyber attacks slated for 2018 will make Petya WannaCry (Fin24) The past year's devastating cyberattacks could soon be dwarfed, with new and better coordinated attacks in 2018 looming large.

9 Banking Trojans & Trends Costing Businesses in 2017 (Dark Reading) New Trojans appeared, old ones resurfaced, and delivery methods evolved as cybercriminals set their sights on financial data.

2017 was a dumpster fire of privacy and security screw-ups (ZDNet) 2016 may have killed every famous person we ever cared about, but it was tame compared to the dumpster fire of security screw-ups and privacy violations that 2017 had in store. Here's our look back.

10 biggest hacks of 2017 (CNNMoney) We look back at the major hacks that rocked 2017.

That was the year that was - technology (MicroscopeUK) In our first look back over the year it's possible to identify which technologies made a difference in the channel

Healthcare Data Security Attacks Account for 40% of Q3 Incidents (HealthITSecurity) McAfee Labs found that healthcare data security attacks led vertical sectors in Q3 security incidents.

Marketplace

Where the Jobs Are: Cybersecurity (Wall Street Journal) Jeremy King, Theresa Payton and Jennifer Steffens say cybersecurity experts are hard to find. But they are out there if you know where to look.

Here’s Why Palo Alto Networks Can Keep Getting Better (The Motley Fool) Palo Alto Networks' focus on boosting both its top and bottom lines is reaping the desired results.

Cryptocurrencies have an everything problem (TechCrunch) A mom from Arkansas, a major donor to Republican causes with very little experience in technology, wants to invest $50,000 in bitcoin. A man from Switzerland..

Coinbase may have given away its own Bitcoin Cash surprise (TechCrunch) On Tuesday, when Bitcoin Cash hit Coinbase, the popular user-friendly U.S.-based exchange, cryptocurrency's reputation as the financial wild west was on full..

The rise of the crypto accelerators (TechCrunch) As cryptocurrency fever grips the tech world, and blockchain technologies gradually become more viable, there is a new wave of accelerators and incubators..

Cybersecurity Services Provider Proficio Secures Additional Investment (eSecurity Planet) The managed security service provider plans to bring its security-as-a-service solutions to more markets.

Atlassian cofounder invests in Sydney IoT security startup (IoT Hub) Cog Systems scores $3.5m to build secure devices.

Cybersecurity Expert Samitha Amarasiri Joins Protiviti as Managing Director in Security and Privacy Consulting Practice (PRNewswire) Samitha Amarasiri has joined global consulting firm Protiviti as a...

Products, Services, and Solutions

Fireware 12.1 Now Available (WatchGuard Technologies) We are pleased to announce the new release of Fireware 12.1 and WSM 12.1! These significant new releases are now available for download from the software download center. The highlight of Fireware 12.1 is the Access Portal, a clientless application portal that is available for SSO integration for cloud assets and internal resources via RDP and SSH.

Roll back time when users click on a bad link with our new free tool, Second Chance! (KnowBe4) Learn more about our newest free tool, Second Chance. It's an email security tool that lets users think twice before clicking on potentially dangerous links.

Apple addresses why people are saying their iPhones with older batteries are running ‘slower’ (TechCrunch) Because of a Reddit post and the loose interpretation of subsequent benchmark tests posted by Primate Labs’ John Poole, the "Apple throttles old iPhones"..

Comodo Partners Tros Technologies On Cyber Security Solutions (Eagle Online) Comodo, a global innovator, developer of cyber security solutions and the worldwide leader in digital certificates, has entered into a strategic partnership with Tros Technologies, a leading Nigerian Information Technology Solutions Company for the West African Region.

Juniper brings AI bots to intent-based networks (Network World) Juniper announced its new artificial intelligence (AI) bots, Juniper Bots, which advance intent-based networks.

ESET launches enhanced consumer products portfolio (Tahawul Tech) ESET has recently launched its latest consumer security product portfolio for Windows. The new range is designed to protect against Internet threats.

Brivo Announces New Cyber Defenses for its Onair Security Platform (Business Insider) Brivo, the global leader in cloud-based physical security solutions, announced today that the company has added new cyber security defenses to its Brivo Onair platform to protect customers from certain malware threats.

ProtectWise Enhances Visibility, Detection and Response For Network Traffic on AWS (PRNewswire) Security leader ProtectWise today announced enhancements to The ProtectWise...

Siemens and Microsoft Announce IoT Development Services (Automation World) In separate efforts to aid the creation of Internet of Things-related products and services, Siemens and Microsoft have launched programs designed to ease the development process.

Gemalto announces single gateway to Trusted Service Hub (Tahawul Tech) Gemalto Trusted Service Hub (TSH) can now offer a single gateway enabling issuers to connect to the Mastercard and Visa tokenisation services

LogRhythm Introduces Standalone User and Entity Behavior Analytics Offering (BusinessWire) LogRhythm today announced it has entered the User and Entity Behavior Analytics (UEBA) market with the introduction of LogRhythm UEBA.

Votiro Rolls Out Significant Product Enhancement for its Secure Email Gateway Solution (Business Insider) Previously all macros whether malicious or not were blocked. This new technology will distinguish between a suspicious macro and a clean one allowing only those macros which are safe to enter an organization

Technologies, Techniques, and Standards

GCHQ: British cyberweapons could paralyse hostile states (Times) Britain has developed sophisticated cyberweapons capable of crippling a hostile state, GCHQ has revealed amid warnings that Russia is launching more aggressive online attacks. Assaults on US...

Are UK Companies Better Prepared than US Companies for GDPR? (Infosecurity Magazine) Among both UK and US privacy professionals, more than 60% of respondents have not begun their GDPR implementation.

The Ultimate GDPR Guide for Marketers and Businesses (AppInstitute) With GDPR just around the corner - this exhaustive guide will answer all your questions when it comes to complying with the new ruling.

How the Marines are mobilizing forces for information warfare (C4ISRNET) The Marine Corps is using wargames and exercises to game how to operationalize their new information environment commands.

Can the Army bring position, navigation and timing tech to the battlefield faster? (C4ISRNET) With the Army's PNT office moved under its chief electronic warfare organization, the service is looking to fast-track PNT capabilities.

USAF’s Network Gateways Changing Hands, Eliminating “Blind Spots” (Air Force Magazine) The Air Force is changing the way it allows web traffic into and out of its networks, relinquishing general oversight and maintenance of these entryways to the Defense Information Systems Agency so it can focus its time elsewhere.

Tick, Tock: New SWIFT Security Regs Take Hold Jan. 1 (Cyber Security Hub) SWIFT, a widely used global banking platform, will be implementing a new cyber security framework that is poised to pad protection for 11,000 institutions across more than 200 countries.

Creating a culture of security: Part 2 (CSO Online) User behavior can sometimes cause CSOs and CISOs to have heart palpitations. In part two of a two-part series, we look at technologies that can safeguard users and enterprises, and how organizations can foster a culture of security.

Smarter weapons needed to fight savvy financial criminals (The New Paper) Money laundering has existed for as long as we have had money. Today, it is estimated that money laundering around the world reaches between US$1 trillion (S$1.35 trillion) to US$2 trillion, around 2 per cent to 5 per cent of global gross domestic product. While many are...

How to Create Secure Passwords For Your Website (Sucuri Blog) Website owners need to enforce strong passwords for all user accounts, especially administrators. Learn how to protect your site from brute force attacks.

Design and Innovation

National Lab offers tech test drives to business (FCW) The Pacific Northwest National Lab is offering short-term licensing agreement that companies can use to take tech out for a spin to see if they like it.

How Bulletproofs Could Make Bitcoin Privacy Less Costly (Bitcoin Magazine) Bulletproofs, presented in a paper titled “Bulletproofs: Short Proofs for Confidential Transactions and More,” describe a new zero-knowledge proof system. ...

Research and Development

A New Type of Computer Could Render Many Software Hacks Obsolete (Motherboard) DARPA is pumping millions of dollars into a computer circuit“Rubik’s cube.”

Researchers Make Google AI Mistake a Rifle For a Helicopter (WIRED) To safeguard AI, we’re going to need to solve the problem of ‘adversarial examples.’

LI firm to study why software has security holes (Newsday) Secure Decisions of Northport will research how coders’ working conditions can lead to software with holes that hackers can exploit.

Academia

NSF awards nearly $5.7M to defend America’s cyberspace (National Science Foundation) CyberCorps: Scholarship for Service (SFS) program adds four universities

Delaware honored for cyber security innovation (Delaware Public Media) The State of Delaware is being recognized for its work in the area of cyber security.

4 Security Resolutions for Higher Education Institutions (EdTech) As the new year approaches, users and IT teams should focus on developing better security habits.

Legislation, Policy and Regulation

Infosec controls relaxed a little after latest Wassenaar meeting (Register) A welcome dash of perspective

U.S. lawmakers seek temporarily extension to internet spying program (Reuters) Republican leaders in the U.S. House of Representatives are working to build support to temporarily extend the National Security Agency's expiring internet surveillance program by tucking it into a stop-gap funding measure, lawmakers said.

Section 702 Overview (Office of the Director of National Intelligence) Section 702 is a key provision of the FISA Amendments Act of 2008 that permits the government to conduct targeted surveillance of foreign persons located outside the United States, with the compelled assistance of electronic communication service providers, to acquire foreign intelligence information.

Sen. Rand Paul threatens to block House surveillance bill (FederalNewsRadio.com) A Republican senator is threatening to oppose and block passage of legislation to reauthorize a soon-to-expire foreign intelligence collection program

Strange bedfellows: critics left and right oppose warrantless wiretapping renewal (The Christian Science Monitor) The statute that allows the National Security Agency to collect electronic communications of foreign intelligence targets will soon expire unless reauthorized by Congress. Some are calling for more privacy protections for US citizens inadvertently snared in the dragnet.

US Lawmaker Behind Fake 'Net Neutrality' Bill Wanted ISPs to Edit Online News and Censor the Internet (Gizmodo) After the FCC’s Republican majority voted successfully to repeal net neutrality protections last week, Rep. Marsha Blackburn gleefully applauded the outcome, cheering what she called the beginnings of a "light-touch regulatory regime."

Vatican official discusses net neutrality, artificial intelligence : News Headlines (Catholic Culture) In a front-page article in L’Osservatore Romano, the priest who serves as a Vatican representative on an ICANN (the Internet Corporation for Assigned Names and Numbers) committee discussed net neutrality.

The FCC's Next Stunt: Reclassifying Cell Phone Data Service as 'Broadband Internet' (Motherboard) The agency is expected to make this change in February, which will make America's broadband situation look better than it actually is.

Aussie’s ban on Chinese technology a wrong decision (Global Times) Major Chinese telecommunication provider ZTE Corp said Wednesday it has always paid attention to protecting users' privacy in response to news that Australian parliamentarians will discontinue using one of the company's phone models in fear they "might be spying on its owners."

Artificial intelligence doesn't require burdensome regulation (TheHill) Regulation is clearly important in the field of artificial intelligence, but it requires a judicious approach that considers the broader implications for technology.

Litigation, Investigation, and Enforcement

Damian Green is forced out over computer porn cover‑up (Times) Theresa May forced Damian Green, her deputy and closest ally, to resign last night after he admitted making “inaccurate and misleading” statements about pornography found on his parliamentary...

Ex-Journalist Who Made Bomb Threats to Jewish Centers Sentenced to Prison (New York Law Journal) A former journalist who pleaded guilty in June to a cyberstalking charge for making bomb threats to Jewish Community Centers as a means of creating chaos in his ex-girlfriend's life has been sentenced to five years in prison.

Kaspersky's legal challenge to software ban could impede DHS cyber operations (Inside Cybersecurity) Kaspersky Lab is challenging the constitutionality of the Department of Homeland Security's decision to ban federal use of its software products, in a lawsuit that -- if successful -- could limit the department's use of key statutes for managing cyber risks to government networks and setting regulatory policies.

5 Arrested for Spreading Ransomware in US, Europe (PCMAG) CTB Locker and Cerber are notorious ransomware strains that have been sold to other hackers in the digital black market.

WhatsApp and Facebook told to stop sharing data (Naked Security) Whatsapp will face sanctions for sharing user phone numbers and usage data for “business intelligence” purposes with Facebook if it doesn’t comply

McCabe draws blank on Democrats’ funding of Trump dossier, new subpoenas planned (Fox News) EXCLUSIVE: Congressional investigators tell Fox News that Tuesday’s seven-hour interrogation of Deputy FBI Director Andrew McCabe contained numerous conflicts with the testimony of previous witnesses, prompting the Republican majority staff of the House Intelligence Committee to decide to issue fresh subpoenas next week on Justice Department and FBI personnel.

Senate probing Jill Stein for possible collusion with Russia (New York Post) The Senate is reportedly probing former presidential candidate Jill Stein for possible collusion with Russia. The head of the Senate Intelligence Committee said Monday that the Stein probe was one …

Teen sentenced for vDOS rampage (Naked Security) He had a “substantial” role in targeting Netflix, Amazon, Verizon, BBC and other big brand sites in extraordinary DDoS attacks

Woman pleads guilty to killing boyfriend in botched YouTube prank (New York Post) A Minnesota woman has pleaded guilty to fatally shooting her boyfriend in a videotaped stunt they planned to post on YouTube. The Star Tribune reports that 20-year-old Monalisa Perez…