Cyber Attacks, Threats, and Vulnerabilities
Islamic State Network Focusing On The Recruitment Of Women Detected In Catalonia (Deep Dot Web) Catalonian authorities detected a network of the Islamic State focusing on the recruitment of women ...
Symantec attributes 40 cyber attacks to CIA-linked hacking tools (Reuters) Past cyber attacks on scores of organizations around the world were conducted with top-secret hacking tools that were exposed recently by the Web publisher Wikileaks, the security researcher Symantec Corp (SYMC.O) said on Monday.
Longhorn: Tools used by cyberespionage group linked to Vault 7 (Symantec Security Response) First evidence linking Vault 7 tools to known cyberattacks.
Longhorn Cyber-Espionage Group Is Actually the CIA (BleepingComputer) Security researchers from Symantec have tied the CIA hacking tools leaked by WikiLeaks last month to a cyber-espionage group responsible for at least 40 hacks in 16 countries.
WikiLeaks: CIA used 'Grasshopper' framework to infect Windows users (SC Magazine US) The agency can use custom installers tailored to the version of Windows and antivirus software a user is running.
U.S. Govt. Hackers Get Burned by Online Vigilantes, Researchers (Foreign Policy) Or is Russia retaliating for President Donald Trump’s Syria strikes through one of its cyber-proxies?
Shadow Brokers return with a password and message for Trump (Naked Security) Tools offered by the group ‘apparently date back to the 1990s’
ShadowBrokers Dump More Equation Group Hacks, Auction File Password (Threatpost) The ShadowBrokers’ latest dump of Equation Group hacks focuses on UNIX systems and GSM networks, and was accompanied by an open letter to President Trump.
Shadow Brokers Release More NSA Exploits (Security Week) The hacker group calling itself “Shadow Brokers” has released another round of exploits and tools allegedly used by the NSA-linked threat actor “Equation Group,” along with a message to U.S. President Donald Trump.
US spy agency hacked Pakistani cellular networks, shows leaked data (Geo TV) Leaked arsenal of hacking tools was allegedly used by NSA
Latest Shadow Brokers exploit dump poses little threat (CSO Online) None of the new alleged NSA exploits leaked by the Shadow Brokers hacking group poses an immediate threat to users.
China-based hacker group targeting Indian firms: FireEye (The Hindu Business Line) China-based cyber espionage group APT10 has targeted a number of manufacturing companies...
Cyber attack on Union Bank of India similar to Bangladesh heist: WSJ (Reuters) A cyber attack on Union Bank of India last July began after an employee opened an email attachment releasing malware that allowed hackers to steal the state-run bank's data, the Wall Street Journal reported on Monday.
Nigeria: CBN Asks Banks to Report Cyber Crimes (allAfrica.com) Meanwhile, following a recent report that North Korean hacking operations were growing and getting bolder and increasingly targeting financial institutions in Nigeria and 17 other countries, the central bank has advised financial institutions under its regulation to always report incidents of cybercrime to the CBN.
Amazon’s Third-Party Sellers Hit By Hackers (Wall Street Journal) In recent weeks, hackers have changed the bank-deposit information on Amazon.com accounts of active third-party sellers to steal tens of thousands of dollars from each, according to several sellers and advisers.
Hackers Count on Password Reuse in Amazon Third-Party Seller Campaign (Infosecurity Magazine) Amazon’s ever-growing community of third-party sellers is being targeted by hackers, who are using stolen credentials to steal tens of thousands of dollars from the victims.
Microsoft Word 0-day used to push dangerous Dridex malware on millions (Ars Technica) Blast could give a boost to Dridex, one of the Internet's worst bank fraud threats.
Dridex malspam seen on Monday 2017-04-10 (SANS Internet Storm Center) Malicious spam (malspam) pushing the Dridex banking Trojan disappeared in mid-2016, but it reappeared in January 2017 starting with a small campaign targeting UK financial institutions [1]. Since then, we've seen a handful of reporting about Dridex, but I hadn't noticed the same large-scale distribution like we saw in 2015 and 2016. At least not until recently.
Digital Defense, Inc. Discovers Zero-Day Vulnerabilities in Riverbed Technology Performance Monitoring Platform (Yahoo! Finance) Digital Defense, Inc., a leading provider of Vulnerability Management as a Service , disclosed the discovery of four zero-day security vulnerabilities found in the Riverbed Technology SteelCentral Portal ...
Analysis of the Godzilla Botnet Loader’s Evasive Techniques (Netskope) Netskope Threat Research Labs has recently observed a spam campaign using multi-vector attack methodology. The malicious files are zipped and sent in an email as an attachment.
Breaking Signal: A Six-Month Journey (Threatpost) Researchers spent six months poking holes in Signal and urge a bigger spotlight on security testing.
IBM Discovers Mirai IoT Botnet Deploying Bitcoin Mining Payload (eWEEK) IBM security researchers discover a variant of the Mirai IoT botnet that is being used as a bitcoin mining operation.
Mirai, The Infamous Internet of Things Army, Can Now Mine Bitcoin (CoinDesk) A new version of an infamous botnet has been detected – and this version is equipped to mine bitcoin.
Epic Fail: TP-Link 3G Router Spews Admin Password via SMS (BleepingComputer) A particular TP-Link router model will spew out its admin password in cleatext to anyone that sends an SMS message to the router's SIM card with a particular script inside, according to German security researcher Jan Hörsch.
Sicherheitsforscher: IoT-Hersteller machen es Bugjägern unnötig schwer (Heise online) Ein Sicherheitsexperte hat nicht nur diverse Bugs in Kameras, NAS-Laufwerken, mobilen Routern oder einem Retinascanner gefunden, sondern auch dokumentiert, wie wenig die betroffenen Hersteller mit solchen Meldungen anfangen können.
BrickerBot malware zeroes in on Linux-based IoT devices (Naked Security) BrickerBot is a reminder that the frequency and complexity of Linux malware is on the rise
Hard-coded passwords put industrial systems at risk (Naked Security) Schneider Electric held up its hands to the revelation that it was hardcoding passwords into its equipment, but the problem goes beyond one vendor
From Box to Backdoor: Discovering Just How Insecure an ICS Device is in Only 2 Weeks (Talos Intelligence Blog) Industrial Control Systems provide stability to civilization. They clean our water, deliver our power, and enable the physical infrastructure that we have learnt to rely on. Industrial Control Systems are also highly prevalent in manufacturing. They're the robots who build your cars and assemble T.V's, they're the forklifts that ship your e-commerce purchases. As factories, utilities, and other industrial companies shift to a modern industrial infrastructure, it's vital that those processes and devices remain safe from attackers.
FDA, industry fear wave of medical-device hacks (TheHill) Regulators and medical-device-makers are bracing for an expected barrage of hacking attacks even as legal and technical uncertainties leave them in uncharted territory.
Hospitals put your data at risk, study finds (MSUToday) Lying in a hospital bed, the last thing you should have to worry about is a personal data breach. Yet recent research co-authored by an MSU business scholar found nearly 1,800 occurrences of large data breaches in patient information over a seven-year period.
Rise in hospital cyber attack reports (BBC News) Ransomware attacks on hospitals have become more common, according to internet security experts.
270,000 customers affected in UK loan firm Wonga data breach (Help Net Security) Personal and financial data of some 270,000 customers of UK payday loan firm Wonga have likely been pilfered in a data breach.
WONGA: Response Needed To Protect Longevity Of Company (Information Security Buzz) Following the news that Wonga, the payday lender has experienced a data breach that may affect up to ‘245,000 UK customers’, IT security experts from SailPoint, McAfee, ViaSat Europe, Tenable Network Security, ESET, Micro Focus and Netskope commented below.
Cyber Attack 101: Criminals Go After U.S. Universities (SIGNAL Magazine) Cyber criminals are hacking and sharing millions of U.S. university email addresses and passwords on the dark web.
Hack of emergency siren system kept Dallas citizens up for hours (Help Net Security) When 156 emergency sirens in Dallas started wailing around midnight last Friday, the city's 911 line was flooded with calls by panicked citizens.
That Dallas Siren Hack Wasn’t Novel—It Was Just Really Loud (WIRED) Emergency alert systems get hacked all the time. Consider this one a wake-up call.
Smart cities are going to need to overcome their dumb security (MIT Technology Review) A hack that activated hurricane sirens in Dallas is a harmless warning about a far more serious problem.
Cyber Trends
Network teams spend more time on data security amidst new threats (Help Net Security) Enterprise network teams are expending more time and resources than ever before to battle security threats, according to Viavi Solutions.
Cyber insecurity is pervasive, citizens feeling concerned and vulnerable (Help Net Security) More than three-quarters of U.S. citizens (79 percent) are concerned about the privacy and security of their personal digital data.
Takeaways From the EWI Cyberspace Cooperation Summit (Council on Foreign Relations) On March 14-16, the EastWest Institute (EWI), in partnership with the University of California, Berkeley Center for Long-Term Cybersecurity, hosted a summit featuring over 200 government officials, industry experts, academics, and activists from 30 countries.
Staff complacency among biggest risks to organisations (Misco) Staff complacency is among the biggest threats to an organisation's cyber-security, a new study has found.
Marketplace
John McAfee kicked off NYSE stage at Cyber Investing Summit due to security concerns (CSO Online) John McAfee told he’s a “security risk” and won’t be allowed to keynote an event at The New York Stock Exchange.
Cloud security vendor Okta hits $2bn valuation after IPO (CRN) Vendor expected to see greater success in Europe as GDPR approaches,Security ,Okta
PAS Announces $40 Million Investment to Fuel Its Industrial Control System Cybersecurity Business (PAS) Record ICS cybersecurity investment by Tinicum will accelerate corporate growth
Security startup Synack scores $21 M investment from Microsoft, HPE and Singtel (TechCrunch) Synack, a startup that combines software security tools with a network of white-hat hackers to help keep its customers secure, announced a $21.25 million..
Revenue Growth Prospects And The Residual Income Model Suggest IBM's Rally Will Continue (Seeking Alpha) IBM's stock has gained momentum over the last year. The case for growing revenues through strategic imperatives is strengthening.
Intel Trims Business, Sells Majority Stake in Security Unit (ARC) Intel is spinning off its McAfee cybersecurity unit in a deal worth $4.2 billion, just six years after acquiring the company for $7.6 billion. Intel Corp INTC has finally completed the divestiture of its majority stake in Intel Security division to alternative asset fund manager TPG. The newly spun-off unit has been renamed McAfee, with TPG holding 51 percent stake.
Huawei to spin off cloud business into separate unit - Mobile World Live (Mobile World Live) Huawei stepped up its already strong commitment to the ...
Following visit, Dutch cyber companies want to expand business to Maryland (Baltimore Business Journal) Five cybersecurity companies from the Netherlands "soft landed" in the state as part of a cooperative temporary exchange program through the Maryland Department of Commerce.
Ken Ferderer, Managing Partner of InnoVacient, Selected to Judge Inaugural Maryland Cyber Event (PRNewswire) Ken Ferderer, InnoVacient's Managing Partner, was selected by the...
Malvern company looking to grow and expand with launch of new cyber security product (Worcester News) A Malvern company is hoping to grow and expand with the launch of its latest ground-breaking cyber security product.
HackerOne Strengthens Presence in Europe Amid Growing Demand for Hacker-Powered Security (Businesswire) HackerOne, the world’s leading bug bounty and vulnerability disclosure platform, today announced the expansion of its presence in Europe amid ac
Secure Data Technologies Grows Cisco Practice, Establishes Largest CCIE Delivery Team in St. Louis (Yahoo! Finance) Secure Data Technologies, Inc. (Secure Data) continues its growth in St. Louis, to now include the area's largest and most decorated Cisco delivery team.
QuintessenceLabs Selected as One of 20 High-Potential Businesses of Tomorrow by Westpac (Yahoo! Finance) QuintessenceLabs announced it was selected as one of the top 20 high-potential businesses as part of the Westpac Businesses of Tomorrow program, which selects 200 Australian businesses shaping Australia's ...
National Technical Information Service Names Booz Allen Hamilton among Initial Partners for Joint Venture Program (BusinessWire) The National Technical Information Service (NTIS) has named Booz Allen Hamilton among initial partners for its new Joint Venture Program.
Gary Hayslip Joins Webroot as Chief Information Security Officer (Webroot) Hayslip Brings Expert Focus on Securing the “Internet of Everything” to Webroot’s Portfolio of Security
Farsight Security Expands Executive Team to Accelerate Company Growth (Yahoo! Finance) Following a record-breaking Q1 2017, Farsight Security, Inc., provider of the world’ s largest real-time DNS threat intelligence, today announced the company has expanded ...
Products, Services, and Solutions
Announcement: New Threat Intelligence Podcast Series (Recorded Future) Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence with our new podcast series.
LookingGlass Cyber Solutions Receives Coveted 5-Star Rating in CRN’s 2017 Partner Program Guide (Yahoo! Finance) LookingGlass™ Cyber Solutions, a leader in threat intelligence-driven security, announced today that CRN®, a brand of The Channel Company, has given LookingGlass a 5-Star rating in its 2017 Partner Program Guide.
Malwarebytes Receives CRN 2017 Partner Program Guide 5-Star Rating (Yahoo! Finance) Malwarebytes™, the leading advanced malware prevention and remediation solution, announced today that CRN, a brand of The Channel Company, gave Malwarebytes a 5-Star rating in its 2017 Partner Program Guide.
Distil Networks Launches Free Calculator to Quantify Risk of Bad Bots (Yahoo! Finance) Distil Networks, the global leader in bot detection and mitigation, today announced the availability of The Bad Bot Risk Calculator, an interactive tool designed to help organizations understand and quantify ...
VergX Partners with Versa Networks to offer Network-as-a-Service (NaaS) to MSPs and Resellers (Yahoo! Finance) VergX today announced that it has partnered with Versa Networks to create a turnkey software-defined WAN and security solution for managed service providers and resellers. Leveraging Versa's cloud-native ...
OneStream Chooses Versa Networks for SD-WAN, Security (Channel Partners) OneStream Networks is using Versa Networks to power its SD-WAN and security solutions.
Travelers Offers Customers Cybersecurity Services from Symantec™ (Yahoo! Finance) The Travelers Companies, Inc. today announced that it is making pre-breach cybersecurity services from Symantec Corp. available to eligible Travelers cyber policyholders.
Zurich Insurance signs deal with BAE to target fraud (The Irish Times) NetReveal system uses data analytics to uncover hidden links and potential fraud
Experian to Leverage BioCatch Behavioral Biometrics in Anti-Fraud Platform (FindBiometrics) Credit information specialist Experian will integrate BioCatch's behavioral biometrics technology into its CrossCore identity security platform...
Authentic8 wants to protect users from bad websites (Network World) Authentic8's secure web gateway for Silo lets organizations selectively redirect URLs for safe rendering within an isolated browser.
PlanetRisk and SurfWatch Labs Partner to Help Organizations Manage Their Expanding Digital Risk Footprint (Newswire) Combining strategic and operational cyber threat intelligence with enterprise risk analytics to provide holistic view of threats to digital and physical assets
Security provider Zenedge launches mega-POPs in Equinix data centers (Data Center News) Cloud-based security provider ZENEDGE has invested mega points-of-presence (Mega POPs) in data centers across Asia, Europe, the US and Canada.
Microsoft ignores ransomware in Windows 10 push (iTWire) A new study commissioned by Microsoft and carried out by Forrester Research claims that deploying Windows 10 in a hypothetical organisation will lead...
ESET adds Anyware Corporation to its Australian distributors lineup (CRN Australia) Harris Technology subsidiary gets broad access to licensing and support.
Use Email to Manage Threat Intelligence Collections (Security Intelligence) The IBM X-Force Exchange includes an email inbox feature that cuts down on information overload and enables analysts to easily share threat intelligence.
Canadian Web Hosting Deploys Imunify360 to Protect and Secure Linux Servers (Yahoo! Finance) With Imunify360, Canadian Web Hosting customers will immediately benefit from Imunify360's enhanced threat detection capabilities, including an advanced self-learning firewall, as well as integrated malware scanning engine for detecting and removing malware from websites before they get blacklisted
New Guide Details How to Prevent Cyberattacks (Yahoo! Finance) The digital Cybersecurity Guide 2017 produced by OnCourse Learning Financial Services offers insider knowledge from various leading cybersecurity experts ...
Technologies, Techniques, and Standards
HTTPS Certificate Issuance Becomes More Secure Thanks to New CAA Standard (BleepingComputer) Last week, the CA/Browser Forum voted to implement CAA mandatory checks before the issuance of new SSL/TLS certificates, as a measure to prevent the misissuance of HTTPS certificates.
ICAO stresses need for cyber resilience (Air Transport World) The president of the ICAO Council, Olumuyiwa Benard Aliu, has welcomed a declaration restating the air transport sector’s commitment and unity toward achieving resilience against cyber attacks.
Assessing the Mind of the Malicious Insider: Using Behavioral Model and Data Analytics to Improve Continuous Evaluation (INSA) The model in this paper assumes that an initially loyal employee does not suddenly transform into a malicious insider.
RiskSec NY speaker: More than threat intel (SC Magazine US) LCRA's Dax Streater asks: Isn't there more to sharing than threat intel feeds?
Advanced Malware Detection - Signatures vs. Behavior Analysis (Infosecurity Magazine) Both signature and behavior-based malware detection are important and have advantages.
Setting Up Security as a Business: 3 Best Practices for Security Execs (Dark Reading) Security leaders need to show they provide more than stop-the-bad guys services. Here's how.
Tax Scams Are Absurdly Common. Here’s How to Protect Yourself (WIRED) Tax fraud is a free-for-all, it's time to take back some control.
Research and Development
Computer scientist Adam Smith wins 2017 Gödel Prize (Penn State News) Adam Smith, a computer science and engineering professor for the School of Electrical Engineering and Computer Science at Penn State, has been awarded the 2017 Gödel Prize for his 2006 paper, “Calibrating noise to sensitivity in private data analysis,” which introduced the concept of differential privacy. Smith shares the award with co-authors Cynthia Dwork, Frank McSherry and Kobi Nissim.
Researchers demonstrate how PINs and other info can be gathered through phone movement (TechCrunch) A team of researchers at Newcastle University in the UK has published a paper highlighting some troubling findings linking on-board sensors with privacy..
Similarities in partial fingerprints may trick biometric security systems (Help Net Security) Researchers have found that partial similarities between prints are common enough that the fingerprint-based security systems can be vulnerable.
Academia
CyberPatriot National Winners Receive Northrop Grumman Scholarships (SIGNAL Magazine) The Northrop Grumman Foundation awarded $50,000 in scholarships to high school teams that excelled at the CyberPatriot IX National Finals competition this week in Baltimore.
NSA awards UWF Center for Cybersecurity with designation (Pensacola News Journal) The university's Center for Cybersecurity has been selected as the NSA's regional resource center for the Southeast.
Fortinet Promotes Local Cybersecurity Education to Address Skills Gap in ANZ (CSO) Jon McGettigan, Senior Director, Australia, New Zealand and the Pacific Islands at Fortinet “Offering cybersecurity education to the public for free has significant importance for countries like Australia and New Zealand, where there's a high adoption of new technologies and IT security awareness in everyday life has become an essential skill.
MIT, Manipal and MITE, Moodbidri emerge winners in Unisys technical contest (Nyooz) In addition to the cash prize, Unisys will also offer the finalists internship and job opportunities, subject to winners' eligibility and open positions within the company.
Israeli cyberspace needs more women (Haaretz) Israel needs women to join the high-tech workforce, and the recruitment stage starts in schools
Legislation, Policy, and Regulation
French presidential candidate Macron talks tough on tech firms over terrorism (TechCrunch) French presidential candidate Emmanuel Macron has become the latest high profile European politician to threaten U.S. tech companies over their use of..
Make Encryption Ubiquitous, Says Internet Society (Infosecurity Magazine) Make Encryption Ubiquitous, Says Internet Society. Non-profit responds to political backlash against privacy-enhancing tech
McMaster Urges Russia to Rethink Syria (Real Clear Defense) President Donald Trump's national security adviser is calling on Russia to re-evaluate its support for Syrian President Bashar Assad, leaving open the possibility of additional...
The Balkans Will Be America and Russia's Next (Virtual) Battlefield (The National Interest) If Putin wants to stir up trouble anywhere else, it’s the obvious place to start.
Squaring up leaves Putin no way to save face (Times (London)) A superbly sinister Reagan campaign ad from 1984 shows a bear stalking through undergrowth. Over the drum of a heartbeat a gravelly voice warns: “There is a bear in the woods. For some people the...
Germany Considers First-Strike Cyber-Attacks (Infosecurity Magazine) The capability would be used against those targeting critical infrastructure, said minister Thomas de Maiziere
First round of email records reporting holds mirror to agencies' management practices (FederalNewsRadio.com) Agencies were scored for how easy it is to find and use email records, established email policies, and employee training.
Rollback of FCC privacy requirements could have broad repercussions (CSO Online) Last week's roll-back of FCC privacy regulations was good news for ISPs and marketers and bad news for privacy advocates. But the decision could also have an impact on enterprise cybersecurity, experts say
FCC nixes proposal that would’ve allowed cellphone calls on planes (TechCrunch) The Federal Communications Commission doesn't want to hear you gabbing on your smartphone while on commercial flights. FCC Chairman Ajit Pai wants some quiet..
Litigation, Investigation, and Law Enforcement
C.I.A. Had Evidence of Russian Effort to Help Trump Earlier Than Believed (New York Times) Former government officials said the agency told senior lawmakers last summer that it had information indicating that Russia was working to help get President Trump elected.
Mounties admit to using cellphone-snooping ‘stingrays’ (Naked Security) But other spying devices placed at Montreal’s Trudeau airport and near Parliament in Ottawa nothing to do with government, says minister
Detailing the Adaptive Defense Model for Cyber Security (FireEye) FireEye and the European Law Enforcement Agency (Europol) offer an Adaptive Defense approach to help organizations prevent, protect against and remediate cyber attacks in a diverse, coordinated and agile manner.
US dismantles Kelihos botnet after Russian hacker's arrest (CSO Online) The arrest last week of a Russian man in Spain was apparently for his role in a massive spam botnet and not related to an ongoing investigation into foreign tampering with last year's U.S. election.
Arrest of Russian national in Spain NOT linked to US election hacking (Computing) The only elections Levashov may have tried to 'hack' are Russian ones
Extradition Hearing Expected Soon for Alleged LinkedIn, DropBox Hacker (Dark Reading) Yevgeniy Nikulin is wanted in the US for breaches involving LinkedIn Corp, Dropbox, and Formspring.
Top tip for botnet overlords: Don't vacation in countries that can extradite you to the United States (WeLiveSecurity) There's no doubt that a life of cybercrime can earn its most successful overlords a considerable amount of money, but you will always have to live with the fear that you could be apprehended and - if convicted - spend years in prison.
Twitter Wins Free Speech Battle After DHS Backs Down (Infosecurity Magazine) Twitter Wins Free Speech Battle After DHS Backs Down. Government had requested info on Trump critic
Qualcomm says Apple broke contract, hindered performance of its chipsets (Ars Technica) Chipmaker demands "fair value for our technological contributions to the industry."
Schoolboy cyber criminal aged just 13 tracked down by police (Birmingham Mail) Specialist team has investigated 24 cases - involving 300,000 offenders