Cyber Attacks, Threats, and Vulnerabilities
Israel Thwarts Major Cyber Attack Believed to Have Been Launched by Foreign Government (The Tower) Israel’s National Cyber Defense Authority on Wednesday revealed that it successfully prevented a major cyber attack on 120 private and public institutions last week.
Iranian Hackers Believed Behind Massive Attacks on Israeli Targets (Dark Reading) OilRig aka Helix Kitten nation-state group leveraged Microsoft zero-day bug in targeted attacks.
Iran-linked hackers used Microsoft Word flaw against Israeli targets, security firm says (Cyberscoop) Hackers allegedly linked to the Iranian government launched a digital espionage operation this month against more than 250 different Israel-based targets by using a recently disclosed and widely exploited Microsoft Word vulnerability, cybersecurity experts tell CyberScoop. The hacking group, dubbed OilRig by security researchers and believed to be tied to Iranian intelligence services, utilized a software flaw in Word officially known as CVE-2017-0199 that allows attackers to execute a remote computer intrusion to take full control of a target device while leaving little or no trace, said Michael Gorelik, vice president of Israeli security firm Morphisec.
McAfee says same group behind recent Shamoon attacks and 2012 incident (ITP.net) McAfee believes the same state-sponsored group carried out attacks in 2012 and 2016.
Trend Micro exposes Pawn Storm's target on French and German Politicians (DATAQUEST) Trend Micro Incorporated, a global provider in cyber security solutions, released its latest research report on the activity of Pawn Storm (aka APT28 and Fancy Bear), an active cyber espionage...
Microsoft took six months to fix an Office exploit (CNET) More than 1 billion Microsoft Office users were at risk from the exploit that let hackers hide malware in Word files.
Attack Method Highlights Weaknesses in Microsoft CFG (Threatpost) As Microsoft hardens its defenses with tools such as Control Flow Guard, researchers at Endgame are preparing for the reality of Counterfeit Object-Oriented Programming attacks to move from theoret…
Lure10: Exploiting Wi-Fi Sense to MITM wireless Windows devices (Help Net Security) Lure10 takes advantage of Wi-Fi Sense to trick wireless Windows devices into automatically associating with a rogue access point.
Backdoor Code Discovered in Popular Bitcoin Mining Equipment (BleepingComputer) An anonymous security researcher has published details on a vulnerability named "Antbleed," which the author claims is a remote backdoor affecting Bitcoin mining equipment sold by Bitmain, the largest vendor of crypto-currency mining hardware on the market.
Russian-controlled telecom hijacks financial services’ Internet traffic (Ars Technica) Visa, MasterCard, and Symantec among dozens affected by "suspicious" BGP mishap.
Forcepoint Identify New Banking Malware Variant Targeting The UK (Information Security Buzz) Forcepoint Security Labs has identified a new variant of the Geodo/Emotet banking malware which has been targeting people in the UK. The campaign recorded appeared to peak on 18 April 2017 and primarily targeted email addresses associated with the .UK domain. The subject line of the emails sent varied slightly but the content took the form …
Facebook Spam Botnet Promises 'Likes' for Access Tokens (Dark Reading) Facebook users can fuel a social spam botnet by providing verified apps' access tokens in exchange for likes and comments.
Malvertising Domain Had So Much Traffic It Reached #517 in the Alexa Ranking (BleepingComputer) A group known as NoTrove is driving massive amounts of traffic to survey pages, scams sites, and shady software download portals, so much so that one of the domains they used in their campaings peaked at #517 in Amazon's Alexa traffic ranking, according to a report released today by digital threat management firm RiskIQ.
FalseGuide Malware on Google Play Store, Penetrates your Device's Security (PPP Focus) This new issue for Android is called FalseGuide malware, which has been found by the security firm Check Point.
FalseGuide Malware Racks Up 2 Million Installs on Google Play (Infosecurity Magazine) Check Point notified Google about the malware, and it was swiftly removed from the app store.
TrickBot Enhances Attack Vector with Handpicked Targets (Infosecurity Magazine) TrickBot operators are focusing on a slew of highly targeted marks, according to analysis from IBM X-Force.
SentinelOne: In memory attacks loom large, leave little trace (SC Magazine UK) In-memory attacks are on the rise according to Sentinel One, and being increasingly adopted by cyber-crime authors to evade security software.
Will fileless malware push the antivirus industry into oblivion? (Help Net Security) SentinelOne believes that in-memory resident attacks, i.e. fileless malware, just might be the thing that pushes AV into oblivion.
ISP Brought Down by Warring Malware Families (The State of Security) A battle between two rival families of malware is being blamed for the downtime that a Californian ISP suffered earlier this month.
Security Experts Worry as Hajime Botnet Grows to 300,000 Bots (BleepingComputer) The ever-growing Hajime botnet is starting to worry security researchers as the botnet has reached a massive size, estimated at 300,000 infected devices.
Cybersecurity: is the office coffee machine watching you? (the Guardian) Artificial intelligence and machine learning can identify threats to an organisation – but at what cost to privacy and whistleblowers?
Why Do IoT Companies Keep Building Devices with Huge Security Flaws? (Harvard Business Review) If they don’t fix the problem, regulators will do it for them.
The Deep Web: Myths And Truths You Need To Know (Panda Security Mediacenter) What is the Deep Web - and what are the truths about it? So should you be worried about the Deep Web? Read on to find out myths and truths you need to know.
Blind Trust in Email Could Cost You Your Home (KrebsOnSecurity) The process of buying or selling a home can be extremely stressful and complex, but imagine the stress that would boil up if — at settlement — your money was wired to scammers in another country instead of to the settlement firm or escrow company.
IRS and Immigration Officials Impersonated in Call Center Scam (Dark Reading) A call center in India was used to scare US residents with threats of imprisonment and deportation in a ruse that impersonated US officials.
Another Day, Another Obfuscation Technique (SANS Internet Storm Center) We got many samples from our readers and we thank them for this. It helps us to find how attackers are improving their techniques to bypass security controls and to fool the victims.
Security Patches, Mitigations, and Software Updates
Chrome to Mark More HTTP Pages ‘Not Secure’ (Threatpost) Starting with Chrome 62, Google will start marking any HTTP page where users may enter data, and any HTTP page visited in incognito mode
Cyber Trends
34 percent of US government agencies have had data breaches in the last year (BetaNews) According to a new report from systems security specialist Thales e-Security and 451 Research, US federal agencies are facing threats caused by legacy systems, spending and staffing issues.
2017 Data Threat Report Federal Government | Data Security Issues, Risks, Trends, and Concerns (Thales e-Security) Driven by escalating cyberattacks, traditional insider threats, privacy requirements and data residency regulations, enterprises around the world are facing increasing pressures to protect their data and reduce the exposure of their organizations to data related risks.
Verizon DBIR Shows Attack Patterns Vary Widely By Industry (Dark Reading) It's not always the newest or the most sophisticated threat you need to worry about, Verizon's breach and security incident data for 2016 shows.
Banks confident of their approach to security – but still get hit by hackers (Naked Security) How well does your bank look after your details? The financial institutions are pretty confident they’re doing a good job
IBM: Financial services industry bombarded by malware, security threats (Network World) IBM X Force says financial services are targeted 65% more by cyber-attacks than the average organization
5 Reasons Why Small Businesses Are Targeted by Cyberattacks (BizTech) What can small businesses do to protect themselves from hackers and malware?
The apparent inevitability of zero-day attacks on businesses is farcical (IT Pro Portal) How can organisations stop cyber attacks when traditional anti-virus solutions are no longer effective?
Employees increasingly allowed to move data onto personal mobile devices (Help Net Security) Corporate data governance programs are difficult to establish and enforce. For the most part, these programs can't effectively fend off security threats.
Why businesses have the wrong cybersecurity mindset, and how they can fix it (TechRepublic) The Evolution of Security Skills, a new report from CompTIA, is calling on IT security professionals to form a more proactive strategy and examine emerging threats.
Users have little confidence their company can protect their mobile device (CSO Online) A survey sponsored by Check Point found that 64 percent of respondents are doubtful that their organization can prevent a mobile cyberattack. What can be done to combat that?
Ars Technica Live: Why it’s important to defend hackers, even the not nice ones (Ars Technica) Lawyer Mark Jaffe has represented weev, Matthew Keys, and Deric Lostutter.
The Time Has Arrived to Embrace Hackers (Threatpost) Source Boston keynoter Keren Elazari sounded a call to action for industry to extend an acceptance of hackers.
Marketplace
Guavus Announces Agreement to be Acquired by Thales (Yahoo! Finance) Combined businesses to strengthen Thales' portfolio of analytic solutions in aerospace; ground transportation; space; security and defense industriesGuavus will operate as a wholly owned subsidiary of ...
Could Kaspersky’s enterprise play change the cyber security game? (ARN) Kaspersky's mid-market and enterprise play should make incumbent cyber security vendors nervous, analysts warn.
Check Point Execs Say They Don't See The Same Sales Headwinds As Palo Alto Networks (CRN) Check Point Software Technologies top executives said on its Q1 earnings call that they don't expect to hit the same sales challenges that primary competitor Palo Alto Networks saw last quarter.
Okta Headed For Another Stock Boost From Quiet Period Expiration (Seeking Alpha) The 25-day quiet period on Okta Incorporated will come to an end on May 2. At this time, underwriters will be able to publish reports and recommendations for th
A Cheap FireEye Trade to Make Before Earnings (Barron's) A collapse in equity volatility means speculators can buy options without paying a fear or greed premium.
Lockheed Martin Contracts Guardtime Federal for Innovative Cyber Technology (Yahoo! Finance) As a follow-on to specialized mission support testing in 2015, Lockheed Martin (NYSE: LMT) has contracted Guardtime Federal as a key supplier to integrate ...
CyberPoint co-founders receive 2017 Distinguished Entrepreneurial Achievement Award from The George Washington University (Greater Baltimore Regional Business Leaders | GBC) The George Washington University (GW) Office of Innovation and Entrepreneurship announced that the GW School of Engineering Applied Science (SEAS) alumni,
Gigamon Appoints Longtime Security Veteran Arthur W. Coviello Jr. to its Board of Directors (PRNewswire) Gigamon Inc. (NYSE: GIMO), the industry leader in traffic...
BAE Systems' Peder Jungck Named President of IT-ISAC (WashingtonExec) BAE Systems' chief technology officer of the intelligence and security sector, Peder Jungck, has been named president of the Information Technology...
Products, Services, and Solutions
New infosec products of the week: April 28, 2017 (Help Net Security) Here's a selection of new infosec products released by Cyberbit, Elcomsoft, Gigamon, Inside Secure, Sparta Consulting, WatchGuard and WISeKey.
E8 Security Launches Free 'Joyride' Program To Demonstrate What Behavioral Analytics Can Do For Enterprises Today (Yahoo! Finance) E8 Security, an innovator of behavioral intelligence for cybersecurity, today introduced 'Joyride', a free program designed to quickly reveal how behavioral analytics can provide important insight into ...
New Duo Security Program Empowers Managed Service Providers to Quickly and Easily Secure Customers (PRNewswire) Cloud-based Trusted Access provider Duo Security today announced the...
Exertis Strengthens Security Portfolio with ESET (ChannelBiz UK) ESET and Exetis team up to provide channel protection against security threats
DarkMatter's Katim Handset Brings Mobile Security To Smartphones (Forbes) What do you buy the person who has everything, especially the person who is responsible for their country's or company's sensitive information? That, probably, would be a cellphone that nobody could listen in on and nobody could hack.
Cloudflare launches service to secure IoT devices from external hacks (PCWorld) Web optimization and security firm Cloudflare launched a service that could allow IoT manufacturers to protect devices from attacks and deploy patches much quicker.
Symantec Rejects Google’s Certificate Plan, Promises To Be Good From Now On (Tom's Hardware) Symantec offered alternative improvements it can make to its certificate validation process to avoid Google's plan to distrust all of its existing certificates.
Technologies, Techniques, and Standards
NSS Labs Announces Call for Input for Advanced Endpoint Protection Group Test Version 2.0 (GlobeNewswire News Room) NSS Labs, Inc., the global leader in operationalizing cybersecurity, today announced a “call for input” for enterprises and vendors to further shape and evolve the design of its next Advanced Endpoint Protection (AEP) Group Test and accompanying Test Methodology.
Lack of Communication Achilles’ Heel for Ransomware Fighters (Threatpost) A member of law enforcement acknowledged at SOURCE Boston that the lack of communication around ransomware remains a serious problem.
The Importance of a Corporate Culture Built Around Security (LIFARS) Building a culture of security is substantial to any organization. Having a culture built around security, can help an organization create and maintain cyber resilience and a strong business environment....
Foiled! 15 tricks to hold off the hackers (TechWorld) To root out persistent hackers, sometimes you have to get a little creative
Design and Innovation
OWASP Top 10 Update: Is It Helping to Create More Secure Applications? (Dark Reading) What has not been updated in the new Top 10 list is almost more significant than what has.
New OWASP Top 10 Reveals Critical Weakness in Application Defenses (Dark Reading) It's time to move from a dependence on the flawed process of vulnerability identification and remediation to a two-pronged approach that also protects organizations from attacks.
The Security Measures Behind Bitcoin Gambling Sites (TG Daily) One of the biggest draws to the crypto currency Bitcoin is that, despite its volatility, it has been said to be a very secure form of currency.
Research and Development
AU to conduct cyber workforce study (Augusta Chronicle) Are you interested in a career in the cyber industry, but unsure what skills employers are looking for – now and in the future?
Academia
Norwich University Earns Two Federal Cybersecurity Designations: Cyber Defense and Digital Forensics (Vermont Digger) News Release April 27, 2017 Contact: Daphne Larkin 802-485-2886dlarkin@norwich.edu Follow us on Twitter @NorwichNews NORTHFIELD, Vt. – Norwich University has been named a Center of Academic Excellence in Cyber Defense Education (CAE-CDE) by the National Security Agency and Department of Homeland Security through 2022. Also, the Department of Defense Cyber Crime Center (DC3) recently certified …
Northrop Grumman Announces Winners of 2017 CyberCenturion National Finals to Find Cyber Security Talent of the Future (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE:NOC) announced the winners of the 2017 CyberCenturion competition following an exciting face-to-face final against the clock between ten teams aged 12-18 years.
Legislation, Policy, and Regulation
How a cyber attack transformed Estonia (BBC News) How, a decade ago, a ground-shaking cyber attack brought Estonia to its knees - and spurred it to rebuild.
Cyber Reform in Israel at an Impasse: A Primer (Lawfare) A leaked letter from the heads of Israel’s major security agencies reveals tensions between the government and the security establishment over the allocation of powers and responsibilities in the cyber realm.
Rebranding Countering Violent Extremism Programs: A Sharper Focus or Missing the Point? (Cipher Brief) U.S. counterterrorism efforts have achieved their fair share of successes – killing terrorist leaders with drone strikes and commando raids, keeping terrorist cells on the run so they can’t plot future attacks, and destroying militants’ underground bases and infrastructure.
Terrorists Are Not Snowflakes (Foreign Policy) The West has started treating would-be terrorists as children in need of protection from radical ideas. That's as dangerous as it is insulting.
Facebook and Information Operations (Facebook) Civic engagement today takes place in a rapidly evolving information ecosystem.
Not a terrorist? Then learn Putonghua, China’s Uygur youth told (South China Morning Post) Young members of China’s Uygur Muslim minority should “love the motherland” and learn Putonghua to help fight a perception they are “terrorists”, Uygur members of the ruling Communist Party said in state media on Thursday....
Donald Trump advisor hints that US cyber attack FOILED North Korean missile launch (Express) A senior adviser to Donald Trump has hinted that North Korea’s failed missile launch could have been down to a US cyber attack.
N.K. unveils footage of simulated missile attacks on White House, flattops (Yonhap News Agency) North Korea's propaganda website on Thursday unveiled footage of the country's simulated missile attacks on the White House and U.S. aircraft carriers amid tensions over its nuclear and missile programs.
Team Trump’s Plan to Squeeze North Korea (The Daily Beast) After weeks of tweeted threats, the White House admits ‘there are no good military options’ against Pyongyang—and tries to turn up the geopolitical heat.
Trump's pick for top CIA lawyer calls for greater cyber, contractor scrutiny (FederalNewsRadio.com) President Donald Trump's pick to run the CIA's legal department earned bipartisan support on Wednesday after promising to address cybersecurity concerns.
America's Security Clearance System Is Broken, Former Spy Chief Clapper Says (Defense One) The problem won't be easy to fix, but it could benefit from better employee monitoring and 'some very aggressive creative and sensitive education.'
Throttling of websites and online services might help customers, FCC says (Ars Technica) The FCC will now take your comments on whether to kill net neutrality.
Litigation, Investigation, and Law Enforcement
Isis faces exodus of foreign fighters as its 'caliphate' crumbles (the Guardian) Exclusive: Two Britons and one US citizen are among dozens who have surrendered or been caught at Turkish border
Armed terror suspect arrested in Westminster (Times (London)) A suspected terrorist reached the heart of Westminster armed with at least three knives yesterday despite having been monitored by police and intelligence agents for weeks. Armed counterterror...
Russian Tor Relay Operator Facing Terrorism Charges (HackRead) The Russian police have arrested Tor node operator Dmitry Bogatov. They charged him with terrorism offense and the reason for this, as they claim...
Behind the Scenes of a $170 Million Payment Card Fraud Operation (SurfWatch Labs, Inc.) On Friday, 32-year-old Russian hacker Roman Seleznev was sentenced to 27 years in prison for running a cybercriminal operation that stole millions of payment cards, resulting in at least $169 million…
House panel refers Clinton server company for prosecution (TheHill) The House Science Committee has referred the CEO of an IT firm to the Department of Justice.
Lawmakers: Former Trump aide Flynn may have broken US law (Aurora Sentinel) President Donald Trump’s former national security adviser, Michael Flynn, appeared to violate federal law when he failed to seek permission or inform the U.S. government about accepting tens of thousands of dollars from Russian organizations after a trip there in 2015, leaders of a House oversight committee say.
Hit internet giants over child safety (Times (London)) Social media companies such as Facebook and Twitter should be fined if they fail to protect children online, the head of the NSPCC has said. Peter Wanless, chief executive of Britain’s leading...
Pirate Site Blockades Violate Free Speech, Mexico's Supreme Court Rules (TorrentFreak) Broad pirate sites blockades are disproportional, Mexico's Supreme Court of Justice has ruled. The Government can't order ISPs to block websites that link to copyright-infringing material because that would also restrict access to legitimate content and violate the public's freedom of expression. The ruling is a win for local ISP Alestra, which successfully protested the Government's blocking efforts.
Discovery of 8,800 servers sends warning to Asian cybercriminals (Naked Security) Move shows the importance of international co-operation to take down cybercrime at its roots
Lawsuit: Fox News group hacked, surveilled, and stalked ex-host Andrea Tantaros (Ars Technica) Lawsuit: After a sexual harassment claim, Fox News planted spyware on ex-host's computer.
Sexual harassment, cyber bullying continue to roil Marine Corps (San Diego Union Tribune) Marines launched new investigation into latest alleged misconduct while attorney Gloria Allred criticized reform efforts.
Murder victim’s Fitbit contradicts husband’s version of events (Naked Security) Police gathered evidence from Fitbit, home alarm, Facebook, phone and credit cards to piece together timeline of events leading up to woman’s death