Cyber Attacks, Threats, and Vulnerabilities
Callisto Group hackers targeted Foreign Office data (BBC News) The UK's Foreign Office was targeted by highly motivated and well-resourced hackers over several months in 2016.
Foreign Office hit by ‘Russian hackers’ (Times (London)) The Foreign Office has faced a sustained onslaught by cyberattackers believed to be linked to Russia. It was among a string of military and government targets in Europe which were hit last year by...
Nation-State-Linked Hackers Targeted UK Foreign Office (Infosecurity Magazine) Callisto Group is an advanced threat actor whose known targets include military personnel, government officials, think tanks and journalists.
Callisto Group (F-Secure) The Callisto Group is an advanced threat actor whose known targets include military personnel, government officials, think tanks, and journalists in Europe and the South Caucasus. Their primary interest appears to be gathering intelligence related to foreign and security policy in the Eastern Europe and South Caucasus regions.
CIA head: WikiLeaks a 'non-state hostile intelligence service' (TheHill) CIA Director Mike Pompeo on Thursday hammered WikiLeaks, calling the organization a "non-state hostile intelligence service."
CIA director rips Assange, defends foreign surveillance (FCW) In his first public remarks as CIA director, Mike Pompeo defended the work of the agency -- and condemned Wikileaks founder Julian Assange and former intel contractor Edward Snowden for undermining the CIA and national security.
The CIA is really, really mad at WikiLeaks (TechCrunch) Speaking at the Center for Strategic and International Studies today, CIA Director Mike Pompeo went off on WikiLeaks. Pompeo is pretty mad about that whole..
Shadow Brokers Dump Alleged Windows Exploits and NSA Presentations on Targeting Banks (Motherboard) One presentation points to several banks located in the Middle East.
Recent Microsoft 0-Day Used for Cyber-Espionage and Mundane Malware Distribution (BleepingComputer) The saga of CVE-2017-0199, a recently patched zero-day vulnerability affecting Microsoft Office and WordPad, just got a little stranger yesterday after cyber-security firm FireEye revealed the vulnerability was used by both cyber-criminals pushing mundane malware, and also by state-sponsored cyber-espionage groups.
Exclusive: Spyware firms in breach of global sanctions (Al Jazeera) Undercover investigation exposes inner workings of spy equipment companies selling to clients from sanctioned countries.
Selling spyware, making millions, breaking sanctions... (Graham Cluley) Al Jazeera went undercover, approaching three companies on behalf of the governments of Iran and South Sudan - and found it all too easy to buy surveillance technology that could be used to spy on the countries' citizens.
North Korea accuses Donald Trump of 'causing trouble' amid nuclear test crisis (Guardian) Vice-foreign minister says Pyongyang will conduct nuclear test when it sees fit as China appeals to US to avoid pre-emptive strike
BrickerBot – The Dark Knight of IoT (Radware Blog) Over the course of the last week, you have probably heard about the attacks designed to render Internet of Things (IoT) devices across the internet useless. We called the originator of the attacks “Brickerbot,” but should we have called it the “Batman of IoT”? Permanent Denial of Service PDoS is an attack that damages a …
Android malware creators throw up a roadblock to thwart the good guys (Naked Security) Security practitioners often use emulators to dig into Android malware. So what happens when the bad guys work out how to spot that?
Unpatched vulnerability exposes Magento online shops to hacking (CSO Online) An unpatched vulnerability in the Magento e-commerce platform could allow hackers to upload and execute malicious code on web servers that host online shops.
‘High Risk’ Zero Day Leaves 200,000 Magento Merchants Vulnerable (Threatpost) A popular version of the Magento ecommerce platform is vulnerable to a remote code execution bug, putting as many as 200,000 online retailers at risk.
Don’t let hackers ruin your roast! Security flaws found in AGA cooker app (Bitdefender Box) Imagine you work in marketing for a company that has been manufacturing upmarket cookers for almost 100 years.
Is a Smart Oven "Smart" If It Can Be Hijacked via SMS? (BleepingComputer) Security researchers from Pen Test Partners have discovered pretty glaring security flaws in Aga's line of smart ovens.
Stories From Two Years in an IoT Honeypot (Threatpost | The first stop for security news) A researcher at this year’s Security Analyst Summit staged a series of honeypots at his friends’ houses to record IoT traffic, exploit attempts and other statistics.
What is an Open Redirection Vulnerability and How to Prevent it? (Netsparker) Technical & detailed explanation of the open redirection web application vulnerability. This attack also explains to prevent such attacks on your websites.
OLE packages, how criminals distribute malware, are on the rise (Healthcare IT News) Cybercriminals increasingly are using object linking and embedding packages though healthcare executives have options to fight them.
Exploit Kits Surge Worldwide as Rig EK Climbs to Second Place in Check Point’s ‘Most Wanted’ Malware (GlobeNewswire News Room) After several months in decline, Exploit kit infections show sharp uplift and deliver a variety of threats, says Check Point
Exploit Kit Activity Quiets, But Is Far From Silent (Threatpost) Here are the exploit kits to watch for over the next three to six months.
Smartphone sensors offer hackers a way past security PINs (Naked Security) But how likely are you to fall victim to this kind of attack?
Shedding Some Light on the Dark Web (Anomali) Underground markets may have originated in the time of Internet Relay Chats (IRCs), but the appearance of cryptocurrencies and anonymous communications like Bitcoin and TOR have allowed these markets to develop far past their genesis. Darknet forums are now a very efficient platform through which to conduct illegal business. Some forums are accessible only via the TOR network, while others are only accessible via traditional web browsing (clearnet).
Why businesses should care about identity theft (Help Net Security) Identity theft is directed squarely against individuals, but to believe that businesses don't suffer any consequences or costs associated with it is wrong.
Warwick business owner’s warning after cyber attack blackmail (Warwick Courier) A Warwick company’s managing director is warning other businesses to protect themselves from cyber criminals after being held to ransom.
Following serious cyber attack, ECMC restoring online systems (WFBO) It's been a busy week for the information technology department at Erie County Medical Center. Days after an online attack, they're restoring computer
Nintendo Hackers Told Us $20,000 Bug Bounties Aren't Going to Stop Piracy (Motherboard) Nintendo is offering up to $20,000 to white hat hackers who report critical vulnerabilities that could be used to hack its new Switch console.
Security Patches, Mitigations, and Software Updates
New processors are now blocked from receiving updates on old Windows (Ars Technica) The promised update block is now in effect.
Did Microsoft Drop the Ball on the Word Zero-Day Flaw? (Bank Info Security) The recent fix for a zero-day flaw in Microsoft Office appeared more than five months after Microsoft was privately alerted to the flaw, and followed months of it being exploited via in-the-wild attacks. Can Microsoft do better?
Google Making Life Difficult for Ransomware to Thrive on Android (Threatpost) At the Kaspersky Lab Security Analyst Summit, Android Security Team malware analyst Elena Kovakina explained Google’s strategy for countering ransomware on Android.
Cyber Trends
Cloud adoption and escalating threats accelerate encryption deployments, finds latest Thales Global Encryption Study (Thales) For the first time business unit leaders break through as top encryption strategy influencers
2017 Global Encryption Trends Study | Data Security Issues, Risks, Trends, and Concerns | Thales e-Security (Thales e-Security) Driven by escalating cyberattacks, traditional insider threats, privacy requirements and data residency regulations, enterprises around the world are facing increasing pressures to protect their data and reduce the exposure of their organizations to data related risks.
()
Finally, enterprise-wide encryption strategies increase! (Help Net Security) Enterprises have accelerated adoption of encryption strategies, with 41% saying their organization has an encryption strategy applied across the enterprise.
AI Adds a New Layer to Cyber Risk (Harvard Business Review) A breach can cause massive damage in a matter of seconds.
Of machines and men: AI and the future of cybersecurity (Help Net Security) As the number and complexity of threats and attacks increases, organisations are looking to AI and machine learning to transform their security posture.
Neural networks made easy (TechCrunch) If you’ve dug into any articles on artificial intelligence, you’ve almost certainly run into the term “neural network.” Modeled loosely on the human..
The Trends Increasing Military Network Vulnerabilities (SIGNAL Magazine) SDN, BYOA, VDI. This alphabet soup of technologies complicates U.S. Defense Department networks more than ever.
How computing will change amid challenges to Moore’s Law (TechCrunch) We are in the midst of a true inflection point in computing, and the very way we interface with technology daily is changing.
95% of Organizations Have Employees Seeking to Bypass Security Controls (Dark Reading) Use of TOR, private VPNs on the rise in enterprises, Dtex report shows.
So You Want to Be a Security Rock Star? (Dark Reading) While the thrill of crafting attention-grabbing stunt hacks may seem like the coolest job on earth, what our industry needs more of are strong defenders who can fix things as well as break them.
New Cryptocurrencies Gain Traction, Spark Concern For Law Enforcement (SurfWatch Labs, Inc.) Last month a new ransomware emerged known as “Kirk Ransomware.” The malware was interesting not just because of the Star Trek-themed imagery of James Kirk and Spock that it used, but also because…
Alle 4 Sekunden neue Malware (ChannelPartner von IDG) Im ersten Quartal 2017 erschienen 6.834.443 neue Schadprogramme - gegenüber dem ersten Quartal 2016 ist das eine Steigerung um 73 Prozent, das haben die Security-Forscher von G Data herausgefunden.
Every UK business got hit by cyber-attack 43,000 times in Q1 2017 (IT Pro Portal) Beaming is showing some serious numbers.
Majority of SMEs need to increase cyber security funding (The C-Suite) The vast majority of small to medium sized enterprises (86%) have less than a tenth of their total IT budget allocated to cyber security, while 75% have between zero and two IT security staff members, according to the results of a survey by EiQ Networks.
Marketplace
Elbit's Cyberbit hones military technology for commercial market (Reuters) Israeli defense electronics company Elbit Systems forecasts double-digit growth for its Cyberbit business, which is transforming the technology it has long provided for military intelligence to the fast-growing commercial market. Cyberbit took shape after Elbit's $150 million acquisition of the cyber and intelligence unit of Israel's Nice Systems in 2015, blending Nice's technology designed for law enforcement and intelligence agencies with Elbit's military-focused capabilities.
Mimecast's Enterprise Potential Is Underappreciated (NASDAQ: MIME) (Benzinga) “While Mimecast Ltd (NASDAQ: MIME) came into prominence by providing email solutions to midmarket customers (SMB/SMEs), we believe Mimecast’s growing enterprise...
IBM Does Not Compute Just Yet as a Buy (Real Money) The shares of the tech giant seem fully valued for a story that won't play out until 2019.
West Coast computer science firm headed for Dayton (Dayton Daily News) A Portland computer science company interested in deepening relationships with federal customers and...
Security vendor TrapX targets UK Cisco and Palo Alto Networks partners (CRN) TrapX on the hunt for UK partners as it shifts from direct to channel model
E8 Security's Mission to Transform Security Operations Continues with Industry Veteran Madhukar Govindaraju as Senior Vice President of Engineering (Yahoo! Finance) E8 Security, an innovator of behavioral intelligence for cybersecurity, today announced that Madhukar Govindaraju has joined the company as its Senior Vice President of Engineering. In the newly added ...
SailPoint Names Christopher Schmitt as General Counsel (BusinessWire) SailPoint, the leader in enterprise identity management, today announced the appointment of Christopher Schmitt to the role of General Counsel.
Products, Services, and Solutions
ForeScout Delivers Extended Modules for the Palo Alto Networks Next-Generation Security Platform (ForeScout) Download PDF Integrated offering provides joint customers with increased visibility and control of traditional and IoT devices on enterprise networks. Wave of devices connecting to enterprise networks increases need for network segmentation. ForeScout’s Extended Modules help enterprises running on multi-vendor network infrastructures reduce the attack surface, dynamically segment resources, detect advanced threats and automate security …
Intercede And Centrify Ditch The Password (PYMNTS.com) Usernames and passwords are shaping up to go the way of the dinosaur, the dodo and parachute pants. But the transition to stronger authentication measures has largely been uneven. For the most part, strong authentication measures have been largely leveraged by governments and a few major financial institutions, said Richard Parris, founder and CEO of Intercede…
Authentic8 Improves Virtual Web Browser with Web Gateway Integration (eWEEK) Security vendor provides new options to automatically trigger secure browser sessions with a disposable browser.
Rapid7 Defines Next-Generation Analytics Platform For Security And IT Professionals - Information Security Buzz (Information Security Buzz) Rapid7 Insight platform is the first cloud-based platform to combine vulnerability management, user behaviour analytics-powered SIEM, IT log analytics, and application security data Evolved platform centralizes operational and security data from the network, endpoints, and the cloud to unify data, accelerate analysis, and reduce cost of ownership Rapid7 introduces two new solutions, on its platform: …
Thycotic Combats Insider Threats by Giving Security Administrators Behavioral Analytics for Privileged Accounts (Yahoo! Finance) Thycotic, a provider of privileged account management (PAM) solutions for more than 7,500 organizations worldwide, today unveiled Privileged Behavior Analytics (PBA). This cloud-based tool gives IT and security professionals the ability to quickly detect security
NTT Security launches worldwide threat intelligence centre (CRN) Security VAR rolls its research and intelligence units into one global entity
Paladion underlines the importance of security analytics for faster detection and response to cyber attacks (IT Business Net) Paladion, a global cyber security provider, in its commitment to enabling enterprises with the right tools to combat today's advanced cyber threats, sponsored a two day cyber security conference organized by MESCON on the 11th and 12th of April 2017 . The conference hosted over 200 plus CISOs from different business
RedOwl Revolutionizes Behavioral Analytics to Secure Enterprises from Insider Risk with New Insider Risk Framework (Yahoo! Finance) RedOwl, the leader in insider risk solutions, today announced the release of the latest version of its Insider Risk Framework, designed to help enterprises quickly deploy and operationalize programs to ...
Wombat Security Enables Employee Benefits Organization to Reduce Phishing Susceptibility by More Than 89% (PRNewswire) Wombat Security Technologies (Wombat), the leading provider of cyber...
Digital Guardian Receives Highest Product Score for Intellectual Property Protection in Gartner’s Critical Capabilities Report for Enterprise Data Loss Prevention (Sys-Con Media) Digital Guardian, a next generation data protection platform purpose built to stop data theft, today announced that Gartner, Inc., has given the company the highest Product Score in Intellectual Property Protection, scoring a 4.11 out of 5 in the April 2017 Critical Capabilities for Enterprise Data Loss Prevention.
Masters Tournament Avoids Hazards With Watson for Cyber Security (Security Intelligence) With the help of Watson for Cyber Security, we rounded off yet another successful year for the Masters, keeping all IT assets running smoothly.
Technologies, Techniques, and Standards
Priorities clash over the call to encrypt the whole internet (Naked Security) What does ‘encrypting the whole internet mean’: can it be done and is it a good idea?
AMC conducts new cyber assessment (Belleville News-Democrat) Air Mobility Command’s Test and Evaluation Squadron conducted a benchmark C-5M Cybersecurity Adversarial Assessment, becoming the first test of this kind conducted on an AMC aircraft, and among the first conducted on any Air Force major weapons system.
Cloud-based single sign-on means access and security everywhere (Help Net Security) You can easily customize your cloud-based single sign-on solution to ensure additional levels of security measures in your organization.
Evolution of security operations from reactionary survival mode to forced sophistication (Help Net Security) The evolution of security operations has moved from reactionary survival mode to forced sophistication, due to a factors outlined in this article.
NCCIC uses automation technology to flip the script on hackers (FederalNewsRadio.com) DHS’s NCCIC is using new automation technologies to flip the script on script kiddies and black hat hackers by getting proactive about cyber defense.
Assuring Crypto-code with Automated Reasoning (InfoQ) Aaron Tomb describes the capabilities and operation of some open source tools that allow developers to conclusively and largely automatically determine whether a low-level cryptographic implementation exactly matches a higher-level mathematical specification. He focusses on work they have done to integrate these tools into the continuous integration system of Amazon's s2n implementation of TLS.
Got an Industrial Network? Reduce your Risk of a Cyberattack with Defense in Depth (Dark Reading) If an aggressive, all-out cyberdefense strategy isn't already on your operational technology plan for 2017, it's time to get busy.
Can cybersecurity professionals speak the language of the business? (Infosecurity Magazine) How can cybersecurity professionals translate tech speak to the language of the business?
Design and Innovation
Can NATO Weaponize Memes? (Foreign Policy) There’s a small group of experts calling for NATO governments to throw memes into the fight against online iihadi or pro-Kremlin trolls.
Google joins the efforts to halt the spread of fake news (Naked Security) Tech giants’ efforts to identify dubious stories are helpful, but the onus still lies with users
SHA-1 Encryption Has Been Broken: Now What? (Forbes) In February 2017, Google and CWI announced they had broken SHA-1 encryption. This isn't a surprise: The encryption, used for things like digital signatures, had been susceptible to collisions for years. Companies began slowly phasing out SHA-1 after warning signs of its vulnerability started appearing around 2005.
The 7 worst automation failures (CSO Online) A list of the moments when technology monumentally backfired.
Research and Development
DARPA tasks BAE with workaround to secure the power grid in event of massive attack (Defense Systems) DARPA has awarded BAE an $8.6 million deal to engineer secure alternative wireless networks in the event of attack.
The Large Bitcoin Collider Is Generating Trillions of Keys and Breaking Into Wallets (Motherboard) A quixotic, and slightly dubious, quest.
Legislation, Policy, and Regulation
Outer-Space Hacking a Top Concern for NASA’s Cybersecurity Chief (Bloomberg) NASA scientists glean valuable data about powerful space explosions and the energy of black holes from their Swift and Fermi satellites. The projects were supposed to last a few years. Instead, they’ve survived for more than a decade.
National resilience essential to minimise consequences of shocks: Booz Allen Hamilton (Daily News Egypt) The negative consequences of a major disruptive event can affect up to 20% of a country’s GDP, according to a press release issued by the firm
Vital for Sarawak to establish cyber-security defence system — Abg Johari (BorneoPost Online) Chief Minister Datuk Amar Abang Johari Tun Openg said it is imperative for Sarawak to establish a cyber-security defence system in its quest to develop the state into a digital economy and…
Litigation, Investigation, and Law Enforcement
House Intel Committee Member on Susan Rice Probe: ‘This Is Now a Full-Blown Investigation’ (Washington Free Beacon) The House and Senate Intelligence Committees are expanding their investigations into former National Security Adviser Susan Rice's alleged
British spies were first to spot Trump team's links with Russia (Guardian) Exclusive: GCHQ is said to have alerted US agencies after becoming aware of contacts in 2015
Man arrested after Borussia Dortmund attack 'led Isis unit in Iraq' (Guardian) But prosecutor’s office says there is no evidence so far that Islamic State member played part in attack on football team’s bus
Fifth Person Pleads Guilty in $5 Million ID Theft Case (Dark Reading) A total of five Eastern Europeans were arrested for conspiracy involving cyberattacks and fraudulent purchases.