Washington, DC: the latest from Cyber 9/12
Cyber 9/12: Not capture-the-flag, but convince-the-executive (The CyberWire) The Atlantic Council and its partners held their Cyber 9/12 competition on Friday and Saturday, March 17th and 18th, 2017, at the American University in Washington, DC. Cyber 9/12 is a contest for student teams that differs from the more familiar capture-the-flag competitions in that its focus is on technically informed policy recommendations.
A major cyber attack has occurred. How should your nation respond? (The Atlantic Council: Brent Scowcroft Center on International Security) We frequently hear the terms “Cyber 9/11” and “Digital Pearl Harbor,” but what might policymakers do the day after a crisis? The Cyber 9/12 Student Challenge is an annual cyber policy competition for students across the globe to compete in developing national security policy recommendations tackling a fictional cyber catastrophe. In 2017, the Student Challenge will take place in Washington, DC in March, Geneva, Switzerland in April, and Sydney, Australia in September.
Cyber Attacks, Threats, and Vulnerabilities
Yahoo breach exposes the drawbacks of state-sponsored hacking (ITworld) When governments turn to private hackers to carry out state-sponsored attacks, as the FBI alleges Russia did in the 2014 breach of Yahoo, they're taking a big risk.
Alexsey’s TTPs (Medium) (.. Tactics, Techniques, and Procedures)
Tory activist: Why is Vladimir Putin’s cyber army trashing my reputation with hateful fake news? (The Telegraph) At the age of 26, Azi Ahmed turned her back on an arranged marriage and
instead chose to sign up to the SAS's Territorial Army unit.
The New Handbook For Cyberwar Is Being Written By Russia (BuzzFeed) “It’s not that the Russians are doing something others can’t do,” a US intelligence officer said. “It’s that Russian hackers are willing to go there, to experiment and carry out attacks that others...
Pranksters gonna prank (Errata Security) So Alfa Bank (the bank whose DNS traffic link it to trump-email.com) is back in the news with this press release about how in the last mont...
Polish Authorities Confirm Hack of Bitcurex Bitcoin Exchange, Launch Investigation (BleepingComputer) Polish authorities in the town of Lodz have launched an official investigation into the closure of Bitcurex, a Bitcoin trading platform that launched in 2012, and closed earlier this year.
WhatsApp, Telegram ‘severe’ security flaw pinpointed following #Vault7 release (RT International) A flaw in popular messenger apps WhatsApp and Telegram, which could allow hackers to gain access to hundreds of millions of accounts using the very encryption software designed to keep them out, has been discovered by cyber security firm Check Point.
300+ Cisco switches affected by critical bug found in Vault 7 data dump (Help Net Security) Cisco has unearthed a critical vulnerability affecting 300+ of its switches and one gateway that could be exploited to take over the devices.
WikiLeaks Says Tech Firms Slow to Co-operate on Patching (Infosecurity Magazine) WikiLeaks Says Tech Firms Slow to Co-operate on Patching. US government contracts could be a roadblock, it claims
Wikileaks Sets Conditions for Helping Tech Companies Close CIA Hacks (Fortune) Some companies have been slow to comply.
Want some zero-day exploits used by the CIA? Talk to Wikileaks about it (The Tech Portal) Wikileaks has made it abundantly clear that it is in possession of documents that contain inside details about exploits affecting a slew of major companies.
WikiLeaks will give tech giants CIA zero-day exploits after they meet mystery demands (TechCrunch) WikiLeaks doesn't ever make things easy. When it became clear that the organization possessed documents that detail exploits affecting a handful of major tech..
Ask.com Toolbar Network Compromised Twice in Two Months (BleepingComputer) The Ask Partner Network (APN) was compromised for the second time in two months, as crooks found a way to deliver malware to computers running the Ask.com Toolbar.
New (but Old) Technique Hijacks User Sessions on All Windows Versions (BleepingComputer) A security researcher has detailed a way to log into any account on the same computer, even without knowing its password. The trick works on all Windows versions, doesn't require special privileges, and the researcher can't figure out if it's a Windows feature or security flaw.
Unpatched flaw opens Ubiquiti Networks devices to compromise (Help Net Security) The vulnerability in many Ubiquiti Networks networking devices can be exploited by attackers to take over control of the device.
Fileless attack framework was used in many recent attacks (Help Net Security) Morphisec researchers say that the three attacks were likely performed by the same criminal group, by using a sophisticated fileless attack framework.
Kirk ransomware – A Star Trek Themed Ransomware that requests Monero payments (Security Affairs) The researchers have discovered a new piece of ransomware featuring a Star Trek theme, dubbed Kirk ransomware, the first one accepting Monero payments.
21 Million Decrypted Gmail, 5 Million Yahoo Accounts Being Sold on Dark Web (HackRead) Last week HackRead exclusively reported on a Darb Web vendor “SunTzu583” selling millions of decrypted Gmail, Yahoo and PlayStation Network accounts. Now,
A cyber attack could cause the next global financial crisis (ABC News) The head of ASIC says it is staggering how many cyber attacks go unreported.
Govt. Cybersecurity Contractor Hit in W-2 Phishing Scam (KrebsOnSecurity) Just a friendly reminder that phishing scams which spoof the boss and request W-2 tax data on employees are intensifying as tax time nears. The latest victim shows that even cybersecurity experts can fall prey to these increasingly sophisticated attacks.
Saks Fifth Avenue Exposed Personal Info On Tens Of Thousands Of Customers (BuzzFeed) Email addresses, phone numbers and product codes were made available on publicly accessible pages.
McDonald’s India asks users to update app after data leak report (CSO Online) McDonald’s India operation asked users to upgrade their McDelivery app as a 'precautionary measure' after a security firm said it had found that it was leaking personal data of over 2.2 million users.
ATM Access For Sale in Spanish Underground (Wapack Labs) An underground seller is marketing ATM maintenance manuals, access keys/codes, and private software for a major ATM manufacturer on an unde...
Malvertising and Exploit Kits Still a Significant Threat: FireEye (Infosec Island) Malicious online ads and the exploit kits (EK) used to infect computers with various types of malware continue to pose a significant threat, FireEye warns.
Organizations still vulnerable to brute force attacks (Help Net Security) While increases in malware are clearly a major threat to both enterprises and service providers, network complexity is creating its own vulnerability, acco
Security Patches, Mitigations, and Software Updates
Cisco to patch 300 devices against flaw found in CIA archives (CSO Online) After digging through the CIA archives released by WikiLeaks, Cisco says they've discovered a previously unknown flaw impacting 318 switch models. The bug, which the CIA has known about for an undetermined amount of time, can allow a remote attacker to execute code or cause a reload of a targeted device.
Microsoft Apparently Ramping Up Heavy-Handed Tactics To Force Windows 10 Migrations (Hot Hardware) The clock is ticking for users holding out on Windows 7 and 8.
Microsoft is killing off its most hated ever product - and it could cause you BIG problems (Dailystar.co.uk) One of Microsoft’s most hated ever products is to finally be killed off, the company has confirmed.
Cyber Trends
Bruce Schneier Calls for IoT Legislation, Argues The Internet Is Becoming One Giant Robot (Slashdot) "We're building a world-size robot, and we don't even realize it," security expert Bruce Schneier warned the Open Source Leadership Summit.
We’re Building a World-Size Robot, and We Don’t Even Realize It (Select All) We’ve created an internet that senses, thinks, and acts. How can we protect ourselves if it goes wrong?
Loss Impact of Third-Party Risks Can Easily Exceed $10 Million Reveals MetricStream Research (PRNewswire) MetricStream Research has released its latest report, "How...
63 Percent of Enteprises Use Advanced Tech Without Securing Sensitive Data (eSecurity Planet) 59 percent of senior security executives are concerned about security breaches due to attacks hitting cloud service providers, a recent survey found.
Marketplace
Want good cyber insurance? Read the fine print | Networks Asia (Networks Asia) Experts describe the cyber insurance industry as “healthy and growing.” But they also say that, given a relatively short history of risk and claims data, pricing and exclusions can be all over the map
6 Things You Didn't Know About FireEye, Inc. (The Motley Fool) Did you know these six things about the struggling cybersecurity company?
Q&A: Check Point Sales Chief On A Big Business Realignment And Competing Against Palo Alto Networks (CRN) Check Point Software Technologies EVP of Worldwide Sales and Global Field Operations Pierre-Paul Allard sat down with CRN to talk about realigning the company's sales force, and how he thinks that will position the company to avoid a sales miss like Palo Alto Networks.
What’s Cisco Plotting with Its Investment in Exabeam? (Market Realist) Cisco helps startup raise $30 million
Can IBM Turn the Tide on Cisco in This $202 Billion Industry? (Market Realist) IBM pursues security spending with Watson
Blockchain-based zero knowledge proof solution QED-it comes out of stealth mode (International Business Times UK) The Tel Aviv-based company combines advanced cryptography, parallel computing and blockchain technology.
DoD cyber crime center to receive support from Lockheed Martin in contract extension (Military Embedded Systems) The General Services Administration (GSA) Federal Systems Integration and Management Center (FEDSIM) tasked Lockheed Martin to continue its role to support the Department of Defense’s (DoD) efforts against cyber criminals.
NSFOCUS launches in Australia, ideally placed to halt cyber attack tsunami from China (PRWire) Threat Intelligence platform defends against sophisticated cyber attacks
National Security Agency chief gives AFA cadets cyber warfare recruiting pitch (Clorado Springs Gazette) America's hacker in chief says his cyber troops are giving as good as they are getting in battles on the internet and he's not worried about perceived conflicts between the Trump administration and the intelligence community.
Digital Shadows Continues to Make Waves with Two Prestigious Award Wins (Zawya MENA Edition) Digital Shadows, the industry leader in external digital risk management, announced that it has been awarded Best Risk Management Product in the Cyber Defense Magazine Infosec Awards 2017 and was recognized as one of the businesses to watch on the Momentum Partners Quarterly Market Report.
Danielle Jackson Joins SecureAuth as Chief Information Security Officer (SecureAuth) SecureAuth Corporation, the leader in adaptive access control, today announced the appointment of Danielle Jackson as Chief Information Security Officer (CISO).
Cylance VP Worldwide Field and Channel Marketing May Mitchell Honored in Cyberscoop’s Top Women in Cybersecurity (Sys-Con) Cylance® Inc., the company that revolutionized traditional antivirus with AI powered prevention that blocks everyday malware along with today’s most advanced cyberthreats, today announced that Cyberscoop has named May Mitchell, vice president of worldwide field and channel marketing, to its inaugural list of Top Women in Cybersecurity.
Passcode signs off (Passcode) Passcode, The Monitor's project on cybersecurity and privacy, winds down on March 31.
Products, Services, and Solutions
How Darktrace is leading Cambridge fightback against global cyber threats (Cambridge Independent) A global arms race is under way – and the dark side has been winning. But a unique weapon is now being unleashed by Darktrace in Cambridge to combat the cyber threats facing every network
Pwnie Express eases security remediation with a risk-assessment tool (Network World) Pwnie Express is adding a tool called Device Risk Scorecard to its Pulse Serivce that ranks the risks its security service finds on customer networks and makes it easier to remediate them.
TopSpin Security's DECOYnet Uses Deception to Defend Networks (eWEEK) TopSpin Security's DECOYnet uses deception to defend networks against hacker intrusions by using deceptive tactics that direct attackers to decoy resources and traps.
Fortinet : launches new MSSP programme | 4-Traders (4-Traders) Fortinet has unveiled a new programme to empower MSSPs (Managed Security Service Providers) with the tools, expertise, training, and support to accelerate profitability, expand growth, increase market leadership and deliver advance security services to its customers.
Cebit showcases security after Snowden (PCWorld) It's almost four years since Edward Snowden leaked U.S. National Security Agency documents revealing the extent of the organization's surveillance of global internet traffic, but he's still making the headlines in Germany.
5 Affordable Security Solutions for SMBs (PCQuest) According to a survey by Avast, SMBs
BlackBerry readies a more secure version of the Samsung Galaxy S7 (CSO Online) Secusmart, the BlackBerry subsidiary that secures the German Chancellor Angela Merkel's smartphone, will roll out a version of its SecuSuite security software compatible with Samsung Electronics' Knox platform later this year.
Technologies, Techniques, and Standards
Do you know how many UK businesses never heard of NCSC? (IT Pro Portal) You'd be surprised.
IoT and the resurgence of PKIs (Help Net Security) PKIs provide every authorized person, device and app with a trusted identity, and enable secure interactions via authentication, encryption and signing.
Standards and Security: The Great DDoS Challenge (DDoSInfo) Whether or not you work in IT security, distributed denial of service (DDoS) attacks are becoming more visible by the day.
Ethical hacking: should you pay a white hat to break in? (Naked Security) Naked Security reporter Paul Ridgewell thinks it’s odd to attach the word ‘ethical’ to an activity that’s usually considered criminal – do you agree with him?
Phishing Scams Even Fool Tech Nerds—Here’s How to Avoid Them (TechNewsDB) Phishing Scams Even Fool Tech Nerds—Here’s How to Avoid Them
How much is a bug worth? (CSO Online) With recent increases in bug bounty amounts in the news, Bugcrowd shows how a bug bounty amount is calculated.
Secrets of a Highly Productive CIO-CISO Relationship (Dark Reading) The dynamic between CIOs and CISOs has evolved along with the technology. How can they ensure they're on the same page while driving value?
Design and Innovation
Why Current Cybersecurity Doesn't Work and Why Blockchain Should Take Its Place (The Sociable) At the North American Bitcoin Conference in 2017, world renowned (and some would say infamous) security expert John McAfee stated that the current iterations of cybersecurity software are “non-functional.” It simply doesn’t work, he stated — and, to a degree, he’d be right. When you look at the fact that the biggest DDoS attack in […]
Blockchain and Financial System Impact (Fortinet Blog) Blockchain is a technology that basically distributes a ledger. For those of you in the financial management world, you know...
Bitcoin Exchanges Have Accepted the Inevitability of a Fork (Motherboard) But they have some conditions.
Research and Development
Can We Turn Our Intuition Into a Real-Life Superpower? (Motherboard) US military scientists are trying to identify where "gut feelings" come from to try and create the perfect soldiers.
Academia
US Cyber Challenge: Cyber Quests Spring 2017 (US Cyber Challenge) Welcome to the Cyber Quests portion of the US Cyber Challenge, sponsored by Cyber Aces! To participate, please click the Registration link on the left and register for an account within the Question Engine.
IDF cyber cadets 'catch em all' in Pokemon themed exercise (Israel National News) Army exercise features popular Japanese animated characters from the Pikachu franchise.
Legislation, Policy, and Regulation
Ahead of elections, French government prepares for Russian cyber attack (India.com) In the council of defence held in early March, President Hollande ordered
What do Islamic State and Tibet have to do with China’s crackdown in Xinjiang? (South China Morning Post) Authorities’ show of force in China’s restive western region follows a spate of terror attacks and an IS video featuring Uygurs
ESET says Australia's mandatory breach disclosure doesn't go far enough (Security Brief) “In 2017, the idea that boards of businesses exempt from the mandatory data breach disclosure laws still don’t need to have plans is very worrying."
Secrets of a Highly Productive CIO-CISO Relationship (Dark Reading) The dynamic between CIOs and CISOs has evolved along with the technology. How can they ensure they're on the same page while driving value?
Trump announces $1.5bn for cyber-security and critical infrastructure (SC Magazine UK) Trump's first budget intends to strengthen the federal state of cyber-security by allotting $1.5 billion to the Department of Homeland Security.
Bipartisan bill looks to aid state and local governments with cyber response (FCW) The legislation would open up new avenues of assistance for state and local cyber incident response and bring resources home for its Texas-based sponsors.
Lawmakers fear infiltration of defense supply chain (TheHill) There's a growing risk of adversaries inserting malicious material into Pentagon weapons systems.
Trump’s Wiretap Accusations Renew Debate About Privacy (New York Times) After the president’s latest attack on American intelligence agencies, questions resurfaced on whether they invade privacy and could undermine democracy.
The Multibillion-Dollar U.S. Spy Agency You Haven’t Heard Of (Foreign Policy) How President Trump might turn an all-seeing spy apparatus on innocent American citizens.
Litigation, Investigation, and Law Enforcement
Some Dark Web 'Crackdowns' Are Just Hot Air (Motherboard) Don't always believe the hype.
Donald Trump fuels diplomatic row with Britain after apology from US officials over GCHQ wiretapping claims (The Telegraph) Donald Trump remained unrepentant amid a diplomatic row with Britain on Friday, hours after US officials made a formal apology for accusing GCHQ of helping Barack Obama spy on the then presidential candidate.
NSA official: Reports that British spied on Trump 'arrant nonsense' (MYARKLAMISS) A top National Security Agency official called allegations that President Barack Obama directed a British spy agency to wiretap Donald Trump during the presidential campaign arrant nonsense.
Fox News: “We Know Of No Evidence Trump Surveilled At Any Time In Any Way” (Deadline) UPDATED with video: “Fox News cannot confirm Judge Napolitano’s commentary; Fox News knows of no evidence of any kind that the now President of the United States was surveilled at any time in…
Lawmakers seek FBI, NSA answers on Trump, Russia at rare public hearing (Reuters) The directors of the FBI and National Security Agency will break their public silence on Monday about investigations into possible links between Russia and President Donald Trump's election campaign at a rare open congressional intelligence committee hearing.
Nunes: New evidence from FBI continues to show no wiretap on Trump (Washington Examiner) House Intelligence Chairman Devin Nunes on Sunday said new evidence the FBI released to the committee on Friday regarding an investigation into President Trump's allegations the Obama administration physically wiretapped Trump Tower in Manhattan during the presidential election last year did not affect the conclusion that there was no interference.
Schiff: Nunes must be willing to subpoena witnesses for Russia probe (Washington Examiner) California Rep. Adam Schiff, the ranking Democrat on the House Intelligence Committee, is pressuring Chairman Devin Nunes to subpoena witnesses for its investigation into possible collusion between Russia and President Trump's campaign.
Peter Thiel’s Palantir Faces an Escalating Court Battle With an Early Investor (Bloomberg) The battle between Palantir Technologies Inc. and a longtime investor just got nastier. KT4 Partners LLC, which first backed Palantir more than a decade ago, sued the privately held data analytics company, saying attempts to sell shares were thwarted and that financial information was withheld.
At Peter Thiel’s Palantir, Allegations of Theft and Deception (Bloomberg) The data mining startup blocked China’s CDH Investments from buying stock, says an un-redacted lawsuit obtained by Bloomberg.
Palantir Enables Immigration Agents to Access Information From the CIA (The Intercept) According to a set of funding documents, ICE agents can use a Palantir system to access data held by agencies that possess highly classified intelligence.
Army pleads for industry to halt filing contract award protests on 'autopilot' (Defense News) High-ranking Army officials pleaded for industry to halt filing protests on a nearly automatic basis over contract awards at the AUSA Global Force Symposium this week.
Md. man accused of sending seizure-inducing tweet to Newsweek writer who has epilepsy (Washington Post) John Rayne Rivello faces a charge of cyberstalking, the Justice Department said. Newsweek said the target was one of its writers, Kurt Eichenwald, an epileptic who has criticized President Trump.
Man accused of sending a seizure-inducing tweet charged with cyberstalking [Updated] (Ars Technica) Allegations are a first for an online attack with an epileptogenic image.
Minn. court mulls sentencing break for tweet-threats (Maryland Daily Record) Are threats made over social media less serious than those communicated by old-school means? That was one of the questions before the Minnesota Supreme Court earlier this month as the…
Corps' new mandatory social media pledge will make UCMJ prosecutions easier (Marine Corps Times) Marines will soon be required to sign a formal policy statement confirming that they have read and understood the new social media guidance issued by Marine Commandant Gen. Robert Neller. The pledge is designed in part to aid the Marine Corps in prosecuting future misconduct on the social media front.
Former IT Admin Accused of Leaving Backdoor Account, Accessing It 700+ Times (BleepingComputer) An Oregon sportswear company is suing its former IT administrator, alleging he left backdoor accounts on their network and used them more than 700 times to search for information for the benefit of its new employer.
Calgary police say rising cyber fraud rates are cause for concern (Calgary Herald) Long gone are the days of stick-‘em-up bank robberies and wild police car chases.
YouTube responds to complaints that its Restricted Mode censors LGBT videos (TechCrunch) After concerns that its Restricted Mode hides videos with LGBT content, YouTube released a statement saying that it “regrets any confusion.”