Cyber Attacks, Threats, and Vulnerabilities
Cyberattack Targets Safety System at Saudi Aramco (Foreign Policy) One report points to Iran, but the evidence is far from conclusive.
Chinese hackers go after think tanks in wave of more surgical strikes (Ars Technica) When one NGO blocked intrusion, frustrated hackers tried to knock its website offline.
China's Economic Espionage via the Non-Attributable Hand (Security Boulevard) China's not backing off their targeting of companies for economic espionage as evidenced by use of state controlled actors as their proxies
Beijing Builds Its Influence in the American Media (Foreign Policy) How one of America's biggest Chinese-language newspapers amplifies China’s message.
Russia's Fancy Bear APT Group Gets More Dangerous (Dark Reading) Encryption and code refreshes to group's main attack tool have made it stealthier and harder to stop, ESET says.
Fancy Bear continue to operate through phishing emails and much more (WeLiveSecurity) The Sednit group, also known as Fancy Bear, continue to use phishing emails as their flagship backdoor main entry with a great deal of success.
"Give it a go and see what happens" - Russian secret services' approach to foreign cyber attacks (Computing) UK Intelligence and Security Committee report claims Russia is ostentatiously flexing its muscles online
Commentary: Making sense of North Korea’s hacking strategy (Reuters) Pyongyang is ramping up its cyber warfare. Just this week, a White House official blamed North Korea for the WannaCry attack that took down hospitals, banks and businesses in May and noted that Facebook and Microsoft recently took action against the infamous North Korean Lazarus hacker group. And that’s just the tip of the iceberg.
DPRK rejects U.S. accusation of being responsible for WannaCry cyber attack (Xinhua) The Democratic People's Republic of Korea (DPRK) Thursday rejected the U.S. accusation that it was responsible for the Wannacry ransomware attack upon global cyber space in May.
Security researchers not convinced North Korea behind ransomware attack (Salon) Trump officials say unequivocally that North Korea started this. Is this a WMD-esque ruse to start a war?
There have been almost 1 billion WannaCry infections, and they're still growing (Computing) If it hadn't been neutralised, the malware would have cost tens of billions of dollars, says Kryptos Logic
Report: Investigators Eye North Koreans for Exchange Hack (BankInfo Security) South Korean police investigating the hack of a cryptocurrency exchange are eyeing North Korean hackers as the likely culprits. North Korea has also been tied to
North Korea Accused of Hacking South Korean Bitcoin Exchange Youbit (Cointelegraph) Earlier this week, a major South Korean Bitcoin exchange Youbit suffered a large-scale security breach during which one-fifth of user funds were stolen.
VenusLocker Ransomware Gang Switches to Monero Mining (Bleeping Computer) The criminal group behind previous campaigns that have spread the VenusLocker ransomware have now switched their focus to delivering a Monero cryptocurrency miner instead
Crooks Switch from Ransomware to Cryptocurrency Mining (Threatpost) The group behind the VenusLocker ransomware have switched to cryptocurrency mining Monero.
Digmine Malware Spreading via Facebook Messenger (BleepingComputer) Users across several countries are being targeted in a campaign that delivers a new strain of malware named Digmine that installs a Monero cryptocurrency miner and a malicious Chrome extension which helps it propagate to new victims.
Digmine Cryptocurrency Miner Spreading via Facebook Messenger (TrendLabs Security Intelligence Blog) We found a new cryptocurrency-mining bot spreading through Facebook Messenger—Digmine, which we first observed spreading in South Korea.
New virus attacks Vietnamese facebookers (Vietnamnet) Facebook Messenger is reported to be under attack in recent days by a new virus.
I'm All Up in Your Blockchain, Pilfering Your Wallets (SANS Internet Storm Center) With the latest “gold rush” in cryptocurrency, many people are investing (or speculating, depending on your perspective) in Bitcoin and various other currencies.
Windows 10’s face authentication defeated with a picture (The Verge) Attack isn’t as easy as it sounds
Singapore Airlines Warns of New Phishing/Vishing Campaign (Infosecurity Magazine) Singapore Airlines Warns of New Phishing/Vishing Campaign. Fraudsters are even spoofing official airline phone numbers
Nissan Canada Data Breach: 1.1 Million Customers Notified (Infosecurity Magazine) Nissan Canada Data Breach: 1.1 Million Customers Notified. Carmaker’s finance arm is hit by unauthorized access
Threat Spotlight: Clever Cybercriminals Spoof Scanners by the Millions (Barracuda) Aside from the coffee maker and maybe the office water cooler, few devices receive the magnitude of use that the corporate printer is subjected to on a daily basis.
Google Removes Three Fake Bitcoin Wallet Apps From Google Play (eWEEK) Security firm Lookout discovers that three fake cryptocurrency wallets got into the Google Play store and were able to steal Bitcoin from users. How can users avoid the fraud and keep their Bitcoin where it belongs?
Experts Rail Against Internet Password Organizers (Infosecurity Magazine) Experts Rail Against Internet Password Organizers. Consumers urged to invest in online password managers rather than buy offline data stores
Security Patches, Mitigations, and Software Updates
Microsoft confirms stalled downloads, bogus errors in Win10 FCU update KB 4054517 (Computerworld) Microsoft just confirmed two major bugs in this month’s cumulative update for Win10 Fall Creators Update, KB 4054517 — which we described earlier this week. We also have confirmation of bugs in the November Excel 2016 patch and in this month’s Exchange Server patch.
Google fights fragmentation: New Android features to be forced on apps in 2018 (Ars Technica) New Play Store rules give developers one year to adopt any new Android changes.
Opera 50 to introduce anti-cryptojacking features with Opera 50 (Computing) Opera's anti-cryptojacking feature will be added to its ad-blocking technology
Facebook fights imposter accounts with facial recognition (Naked Security) Its facial recognition now finds photos even if you haven’t been tagged in them.
Cyber Trends
New Year’s resolutions for CISOs (CSO Online) Security leaders must move closer to the business, improve staff productivity and modernize security technology infrastructure.
CISO Holiday Miracle Wish List (Dark Reading) If CISOs could make a wish to solve a problem, these would be among the top choices.
The seven most colossal data breaches of 2017 (Security Boulevard) This year saw a handful of spectacularly bad security fails that resulted in massive sets of compromised data. Here are the most colossal data breaches of 2017. Categories: Cybercrime Hacking Tags: data breachesdata breaches of 2017EdmodoEquifaxUberVerizon (Read more...) The post The seven most colossal data breaches of 2017 appeared first on Malwarebytes Labs.
SafeBreach Examines Malware Success Rates (PYMNTS.com) A new report studying the success rates of malware attacks on enterprise suggests a failure among corporations to adequately protect their systems. New research from SafeBreach, released in its Hacker’s Playbook Findings Report, analyzed 3,400 data breach strategies and 11.5 million conducted simulations. According to the report, malware attacks successfully infiltrated enterprises’ systems most of […]
2018 Predictions: ICS Cybersecurity Goes Mainstream (Nozomi Networks) After a year that began with the fall-out from another Ukraine electric grid attack, saw the discovery of the first toolset since Stuxnet to target physical systems (CrashOverride/ Industroyer) and included significant harm from ransomware attacks (WannaCry, Petya/NotPetya), what’s in store for 2018?
Are Your Medical Records Safe? NO. - Security Boulevard (Security Boulevard) Radware’s Web Application Security Report finds security flaws in the healthcare industry What do healthcare institutions, insurance companies, hospitals, pharmaceuticals and manufacturers of medical equipment all have in common? If you guessed room for improvement when it comes to protecting applications, you’re correct. The data records these organizations keep are highly sensitive as they affect The post Are Your Medical Records Safe? NO. appeared first on Radware Blog.
Marketplace
Bitcoin and almost every other cryptocurrency crashed hard today (TechCrunch) Bitcoin has been on a tear this past with the value of the cryptocurrency jumping from $8,000 to nearly $20,000. Well that run hit an abrupt end today as the..
Bitcoin’s price plunges amid broad cryptocurrency sell-off (Ars Technica) Every major cryptocurrency suffered double-digit losses in the last 24 hours.
Thank Kim Jong Un for your crypto gains (TechCrunch) Because of heavy sanctions placed on the country for its nuclear weapons testing, North Korea has long run a series of “side businesses” like drug..
Businesses Go on Pre-Holiday Cloud Acquisition Spree (Dark Reading) VMware, McAfee, and Trend Micro announce a series of acquisitions that indicate a strong focus on cloud security.
Verint buys Next IT: An Early AI Acquisition (Forbes) Much is said about artificial intelligence (AI), but it is still in the early stages.
Are You Ready for DOD's New Mandate? (SIGNAL Magazine) A DOD mandate requires private sector companies to follow a set of cybersecurity best practices.
Corero's joy at record quarterly intake tempered by implementation delays at some customers (Proactiveinvestors UK) Corero Network Security PLC (LON:CNS) - The DDoS mitigation market fundamentals remain strong with a leading technology analyst forecasting double-digit growth and the market to grow to US$1.4bn in 2021
Tea company's shares rocket after adding the word "blockchain" to its name (Computing) Moribund tea maker sees shares leap almost 300 per cent purely by adding blockchain to its name
Eric Schmidt stepping down as Alphabet’s executive chairman to become a ‘technical advisor’ (TechCrunch) A little late in the day news dump for you, ahead of the upcoming holiday. Longtime Google executive Eric Schmidt announced today that he’ll be stepping..
Carbon Black Expands Marketing Leadership with New Senior Vice President (BusinessWire) Carbon Black, the leader in next-generation endpoint security, has named Cate Lochead Senior Vice President of Marketing as the company continues to b
Products, Services, and Solutions
NSS Labs Announces Industry’s First Data Center Security Gateway Group Test Results (GlobeNewswire News Room) Five Products Receive Recommended Rating for IPv4; Four Products Receive Recommended Rating for IPv6
Data Center Security Gateway (DCSG) – Convergence of DCFW and DCIPS (NSS Labs) The digital world has transformed modern business.
Cyber and Physical Security Come Together for First Time with Partnership between AppGuard and UFC Fighter and Green Beret Tim Kennedy’s Sheepdog Response (AppGuard) Through Partnership, Sheepdog will Offer its Physical Security Customers with Access to AppGuard Autonomous Endpoint Security, and AppGuard will provide its Customers with Access to Sheepdog’s Training
AristotleInsight® Announces Vulnerability Gateway GRC in Version 7.9 (PRNewswire) AristotleInsight® has introduced Vulnerability Gateway (VG) GRC in its...
Swimlane Augments Its Automated Security Platform With RSA Archer® Suite Interoperability (Business Insider) Swimlane, a leader in security automation and orchestration (SAO), announced today interoperability with the RSA Archer® Suite.
Radware Wins Another New Top Tier U.S. Carrier For Attack Mitigation (GlobeNewswire News Room) Radware® (NASDAQ:RDWR), a leading provider of cyber security and application delivery solutions, announced an over one million dollar deal with a top U.S. service provider.
VMware-Carbon Black Partnership Expected to Close Data Center Security Gaps (Data Center Knowledge) Short on security professionals, enterprises scream for more automation as attacks increase in number and scope.
Snowden's New App Turns Your Phone Into a Home Security System (WIRED) The NSA leaker's latest project aims to secure your computer—and you—from not just digital but physical attacks.
Technologies, Techniques, and Standards
Incident Response: Your Last Line of Cybersecurity Defence (Information Security Buzz) In 2018, no executive that reads the papers can be unaware of the cybersecurity risks facing their organisation. With the size and frequency of data breaches increasing, companies should be prepared to handle one when it happens. The best way to cope with a security incident is to hit the ground running. A well-structured, efficient …
Get the best botnet protection with the right array of tools (SearchSecurity) The best botnet protection comes from assembling the right array of security tools. Learn how to fight the botnet threat with a layered approach to IT security.
Brazil Organizes First Ibero-American Cyber Defense Exercise (Dialogo Americas) Service members from seven nations improve their electronic warfare techniques.
Design and Innovation
Five blockchain use cases (RCR Wireless News) The potential use cases of blockchain go beyond powering digital currency like bitcoin, including securing patient medical records and...
Blockchain and Quantum Computing (The National Law Review) 2018 promises great inroads in the realm of "quantum computing." While conventional computers use binary data or bits (i.e., 0s and 1s) to store and process information...
Encryption perspectives in a world of quantum computers (eeNews Europe) Potentially, in the connected world, all kind of devices that encrypt data to be sent, received and stored, could be affected by the decoding power of quantum computers. Although realistic threats against today’s encryption algorithms may be 10 to 15 years away, new encryption mechanisms should already be considered for devices with long lifecycles that are installed nowadays.
Siri can’t talk to me: The challenge of teaching language to voice assistants (Ars Technica) Getting voice assistants to speak Slovakian first means getting better AI learning.
Academia
Another Success in the U.S. for the Cyberbit Range: Elbit Systems of America and Metropolitan State University Announce New Cyber Training and Simulation Center (PRNewswire) Elbit Systems of America, LLC, announced that it will partner...
Legislation, Policy, and Regulation
Lithuania bans Kaspersky Lab software on sensitive computers (Reuters) Software from Moscow-based company Kaspersky Lab is a threat to Lithuanian national security and its products will be banned on sensitive computers, Lithuania's government said on Thursday. It is the latest setback for the software maker.
Minister for digital is confident about maintaining smooth UK-EU data transfers in a post-Brexit world (Computing) Matt Hancock urged MPs to support the Data Protection Bill
The Meaning of Sharp Power (Foreign Affairs) China's and Russia's attempts at influence are not examples of soft power—they represent "sharp power."
Why Russia's Leaders Still Honor the Soviet Secret Police (Op-ed) (Moscow Times) As a Russian criminal proverb has it, “confession is fit only for the priest and the fool”
The Facebook Team Helping Regimes That Fight Their Opposition (Bloomberg) Some of the unit’s clients stifle opposition and stoke extremism.
New US Security Strategy Is a Clear Bureaucratic Victory for the ‘Russia Skeptics.’ Has the President Read It? (Russia Matters) The new U.S. National Security Strategy, or NSS, unveiled by President Donald Trump on Dec. 18, seems to reject any possibility for rapprochement between Moscow and Washington. Given the positive statements made by Trump both as a candidate and then as chief executive about the possibility for finding common ground with Russia, the Kremlin was taken aback at the negative tone.
Trump first president to protect electric grid from EMP, cyberattacks (Washington Examiner) President Trump became the first national leader to call for protecting the U.S electric and communications grid against an electromagnetic...
US lawmakers seek temporary extension to internet spying program (CNBC) Republican leaders in the House are working to build support to temporarily extend the National Security Agency's expiring internet surveillance program.
Spotlight: South Korea witnesses 1st presidential by-election after Park's impeachment over scandal (Xinhua) South Korea held its first presidential by-election in May after President Park Geun-hye was impeached for the first time in the country's modern history over an influence-peddling scandal involving her long-time confidante.
Senators Introduce Bipartisan Bill to Secure Election Systems (Gizmodo) A long-awaited election security bill is finally rolling out today with bipartisan support.
Germany Blocks its Largest Telecom Company From Violating Net Neutrality (Motherboard) Regulators are protecting net neutrality after Telekom—which owns T-Mobile—began prioritizing content.
There’s no magic bullet for reversing the FCC’s net neutrality decision (TechCrunch) Huge numbers of people are upset at the FCC's decision to undo its own highly popular net neutrality rules. But the grand plans to undo this mischief being..
Apple's iPhone Throttling Will Reinvigorate the Push for Right to Repair Laws (Motherboard) More states are considering right to repair legislation that will make it easier to fix your electronics.
Litigation, Investigation, and Law Enforcement
‘Russian spy’ Stanislav Yezhov infiltrated Downing Street (times) A suspected Russian spy acted as interpreter between Theresa May and the Ukrainian prime minister when the two leaders discussed security issues in Downing Street this summer, it emerged yesterday.
Deep Pockets, Deep Cover: The UAE Is Paying Ex-CIA Officers to Build a Spy Empire in the Gulf (Foreign Policy) They hired Americans to professionalize their intelligence service. But how far can former U.S. spies go?
Ars Technica's Dan Goodin is being sued by Keeper Security over an article about a defect in its password manager (Boing Boing) Ars Technica's Dan Goodin is being sued by Keeper Security over an article about a defect in its password manager
Keeper CEO Offers Clarity (Keeper Blog) We have great admiration and respect for the InfoSec community, the press that covers this industry, and of course place the protection and security of our customers’ information as the top priority. We want to offer clarity regarding our recent lawsuit directed to the contents of the Ars Technica article, which has undergone revisions since …
Neil Lewis, officer behind Damian Green porn leaks, ‘liked’ anti‑Tory posts (Times) The retired police officer who leaked details about the pornography on Damian Green’s computer had “liked” anti-Tory posts on Facebook, The Times can reveal. Neil Lewis, 48, who assessed Mr Green’s...
FCC Fines Sinclair Broadcast Group $13.4 Million for Running Sponsored Content as News (Variety) The FCC is slapping Sinclair Broadcast Group with a $13.4 million fine for running news stories on a cancer foundation but failing to disclose that the foundation was paying for them to air.
FBI’s top lawyer said to be reassigned (Washington Post) James Baker had been caught up in a leak inquiry, but it is not expected to result in any charges.
Did President Obama Read the ‘Steele Dossier’ in the White House Last August? (Tablet Magazine) News of the News: Why the timeline of the scandalous report that fuels Russiagate matters
Hackers Used DC Police Surveillance System to Distribute Cerber Ransomware (BleepingComputer) A Romanian man and woman are accused of hacking into the outdoor surveillance system deployed by Washington DC police, which they used to distribute ransomware.
5 Romanian ransomware distributors arrested after police raid (Naked Security) Five suspects; two ransomware strains; victims identified in both Europe and the US – cops swoop!
Teen DDoS mastermind walks away from prison sentence (Computing) Stockport teenager who ran what was once the world's biggest DDoS network escapes jail,Security ,Cyber Crime,malware,DDoS,Jack William Chappell,vDOS
U.K. Man Avoids Jail Time in vDOS Case (KrebsOnSecurity) A U.K. man who pleaded guilty to launching more than 2,000 cyberattacks against some of the world’s largest companies has avoided jail time for his role in the attacks. The judge in the case reportedly was moved by pleas for leniency that cited the man’s youth at the time of the attacks and a diagnosis of autism.