Cyber Attacks, Threats, and Vulnerabilities
Hacking is now so common that even small nations are doing it (Charlotte Observer) Cyber espionage is cheaper, more efficient and less costly than conventional spying, and tech analysts say smaller countries are building up their capacities. One analyst calls the flurry of global activity part of a “golden age of espionage.”
Inside Russia’s Fake News Playbook (The Daily Beast) Clint Watts is testifying Thursday before the Senate’s armed services committee on how Russia became the kings of black propaganda. Here’s what he told the senators.
Spies in South Africa (Wilson Center) To understand how Russian intelligence views the world, look to its history in Southern Africa
Vulnerability hits Intel enterprise PCs going back 10 years (CSO Online) Intel is reporting a firmware vulnerability that could let attackers take over remote management functions on computers built over the past decade.
Remote security exploit in all 2008+ Intel platforms (SemiAccurate) Updated: Nehalem through Kaby all remotely and locally hackable
IBM Ships Trojanized USBs to Storage Customers (Infosecurity Magazine) The malware is a trojan dropper that can be used to fetch an array of secondary malware, including ransomware and espionage worms.
ShadowWali Malware Discovered, Attacking Japan Since 2015 (Infosecurity Magazine) ShadowWali gathers information about the compromised machines and their networks, in addition to stealing sensitive information and credentials.
Dok Mac malware intercepts victims' web traffic, installs backdoor (Help Net Security) A new piece of Mac malware, more insidious and dangerous that all those encountered before, has been flung at (mostly) European users.
New macOS malware OSX/Dok requires a lot of manual steps (Macworld) OSX/Dok is now blocked, but it didn’t rely on any system exploits to install.
Latest Apple malware on the surge hides in networked printer files (TechNetOnline) A new version of Apple malware has been found and it has started to spread to Apple Macs via the networked printer file files. The malware is a kind of ‘Backdoor Trojan’ and some experts have named this Trojan as ‘Pintsized’. Apple Mac OS X is troubled by this malware but as of now, the …
Scam texts impersonate major retailer (CQ News) Say hello to smishing, the new way of parting people and their money.
The continuing threat of POS malware (Trend Micro: Simply Security) As attacks increase and hackers realize the profit that stolen data from POS systems could bring, cybercriminals are creating more advanced malware to support their nefarious exploits.
Cerber Version 6 Shows How Far the Ransomware Has Come (and How Far it’ll Go) (TrendLabs Security Intelligence Blog) A reflection of how far Cerber has come in the threat landscape—and how far it’ll go—is Cerber Version 6, the ransomware’s latest version we’ve uncovered.
New version of the CryptoMix Ransomware Using the Wallet Extension (BleepingComputer) A new variant of the CryptoMix ransomware was discovered that appends the email addresses shield0@usa.com & admin@hoist.desi along with the .Wallet extension.
Hacker Leaks Episodes From Netflix Show and Threatens Other Networks (New York Times) The hacker or hackers, known as “thedarkoverlord,” demanded ransom after stealing 10 episodes of the next season of “Orange Is the New Black.”
Why That Orange Is the New Black Leak Was Never Going to Pay Off (WIRED) Putting an unreleased series on the Pirate Bay unless Netflix pays up? Good luck with that
Car Hackers Remotely Steal Keyless BMW within Seconds (HackRead) As recently as April 4, a security camera recorded two people simply walking around a car and one of them was holding some type of bag
Malware Author Inflates Backdoor Trojan With Junk Data Hoping to Avoid Detection (BleepingComputer) A malware coder is injecting megabytes of junk data inside his malicious payloads, hoping to avoid detection by some antivirus solutions or delay investigations of infosec professionals.
You've been to 10 concerts and one might be a security risk (WBAL) Security experts are warning people about a popular Facebook meme.
Ciphr blames rival company for partial data dump of its users (Graham Cluley) Ciphr, a company which offers encryption services for smartphone users, claims that a rival firm are behind a data dump of its customers' email addresses and IMEI numbers.
Retina-X admits they have suffered a data breach (Help Net Security) Retina-X Studios, the makers of several consumer-grade monitoring products, have finally announced that they have suffered a data breach.
The Power of Botnets: Amplifying Crime, Disinformation, and Espionage (Cipher Brief) Imagine an army of computers, acting under the instructions of a criminal syndicate, terrorist group, or foreign government. The sheer size of this network of devices augments the computing power of a single hacker, allowing them to coordinate attacks capable of knocking offline crucial websites belonging to banks, social media, and news organizations.
Two Years Later, Still at Least Twice as Likely (BitSight) Companies with botnet grades of ‘B’ or lower are twice as likely to experience a data breach. Learn about the other risk vectors that correlate to data breaches.
Going Dark: Fact vs. Fiction on the Dark Web (Recorded Future) What is the dark web really like? In this episode, we take a tour of the dark halls and back alleys of the dark web to separate fact from fiction.
Barts Health NHS Trust suffers catastrophic IT failure - for EIGHT days (Computing) Critical clinical systems at Barts affected on April 20 and still haven't been fixed
Security Patches, Mitigations, and Software Updates
Intel fixes nine-year-old remote-code execution flaw in its Management Engine technologies (Computing) Reports suggest Intel never took reports of the flaw seriously - until recently
Do you have Intel AMT? Then you have a problem today! Intel Active Management Technology INTEL-SA-00075 (SANS Internet Storm Center) There have been some reports to us about an issue with Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability [1]. It might be a good idea to review Intel’s security bulletin INTEL-SA-00075, which outlines a Privilege Escallation vulnerability.
Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege (Intel Security Center) There is an escalation of privilege vulnerability in Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM), and Intel® Small Business Technology versions firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 that can allow an unprivileged attacker to gain control of the manageability features provided by these products. This vulnerability does not exist on Intel-based consumer PCs.
Storwize USB Initialization Tool may contain malicious code (IBM Support) IBM has detected that some USB flash drives containing the initialization tool shipped with the IBM Storwize V3500, V3700 and V5000 Gen 1 systems contain a file that has been infected with malicious code.
Apple Revokes Certificate Used By OSX/Dok Malware (Threatpost) Apple takes countermeasures to neutralize OSX/Dok HTTPS-snooping malware by revoking a hijacked certificate updating its XProtect built-in anti-malware software.
Microsoft Boosts Safety with Windows Defender Security Center (NewsFactor) The latest update to Microsoft's Windows 10 operating system features a number of changes to its built-in security protection. Rolling out in phases since April 11, the Creators Update adds a new dashboard display for Windows Defender, introduces dynamic locking capabilities and also offers new privacy controls.
Windows 10 adoption is accelerating, many concerns remain (Help Net Security) The vast majority of IT organizations have installed Windows 10, but there is still great variation in the current level of Windows 10 adoption.
Flickr Vulnerability Worth $7K Bounty to Researcher (Threatpost) Yahoo has patched an account takeover vulnerability on its Flickr image-hosting service that earned an independent security researcher a $7,000 bounty.
Cyber Trends
DDoS attacks: $100,000 per hour is at risk during peak revenue generation periods (Help Net Security) When it comes to DDoS attacks, 63% of the respondents stated that at least $100,000 per hour is at risk during peak revenue generation periods.
Worldwide DDoS Attacks & Cyber Insights Research Report: Taking Back the Upper Hand from Attackers (Neustar) The DDoS threat has changed dramatically since I first started the DDoS protection industry years ago. Back then, a 1 Gbps attack was considered large and could take down an enterprise for several days.
What CISOs Need To Know About The State Of Cybersecurity (Forbes) Enterprises are under an endless stream of cyberattacks. The sophistication of these attacks is evolving, and the number is not expected to decrease. Any emerging technology -- be it mobile devices and related BYOD policies, artificial intelligence and machine learning, or IoT -- not only brings new opportunities but also widens the field of possible attack.
Network Security Creates a (Infosecurity Magazine) Eighty-two percent of mid-tier companies spend 20 to 60 hours per week to procure, implement and manage security products
Human weakness enabling financial cybercrime (CSO Online) Cybercrime costs $3 trillion worldwide. One reason, a Boston police detective told a Boston banking audience, is because they make it too easy.
Financial Services Sector the #1 Target of Cybercriminals (Dark Reading) New IBM report finds the most frequently targeted industry in 2016 was financial services - where attacks increased 29% year-over-year.
200 million financial services records breached in 2016, 900% increase from 2015 (Help Net Security) The financial services industry was attacked more than any other industry in 2016 – 65 percent more than the average organization across all industries.
Dan Geer: Cybersecurity, Humanity’s Future ‘Conjoined’ (Threatpost) Dan Geer’s Source Boston keynote included a declaration that cybersecurity and humanity’s future are forever conjoined.
Brocade reveals skills issues for IT (Enterprise Times) Brocade highlights how IT departments have lost their decision-making capabilities and are facing a massive skills shortage in a decade.
Marketplace
Gemalto finalizes the acquisition of 3M's Identity Management Business (NASDAQ.com) The company in-sources biometric technology for governmental and commercial applications
Cisco to acquire software-defined, wide area networking vendor Viptela for US$610 million (CRN Australia) Taking a major stake in SD-WAN.
Equinix completes $3.6 billion deal to buy 29 data centers from Verizon (TechCrunch) Equinix, an international data center company based in Redwood City, California, announced today that it has completed the purchase of 29 data centers from..
If Apple has $250 billion in the bank, is a large tech firm acquisition likely? (Computing) Could Apple buy out Tesla to give its electric car ambitions moving?
Defense contractor Lockheed Martin to incorporate blockchain technology into operations (EconoTimes) Lockheed Martin, a global security and aerospace company headquartered in Maryland, has become the first U.S. defense contractor to incorporate blockchain technology into its development processes.
US Defence Contractor Partners With Guardtime Federal On Blockchain Integration (CoinTelegraph) US defense contractor Lockheed Martin has announced a pioneering venture into Blockchain through a formal partnership with Guardtime Federal.
Siemens, Darktrace form cyber security partnership (OE Digital) Darktrace, a provider of Enterprise and Industrial Immune System technology, and Siemens, a global engineering and technology provider, have entered i...
Should you pay for antivirus software? (The Denver Post) Welcome to the first official Denver Post Tech+ newsletter! The response I (that’s me, Tamara Chuang, a technology writer) get from readers each week tells me you are willing to pay for ̵…
Tenable Network Security opens international HQ in Ireland (Baltimore Sun) Tenable Network Security, the fast-growing Columbia-based cybersecurity company, announced Monday that it has opened a new international headquarters in Dublin, Ireland.
Code Dx Announces Appointment of Curtis Dalton to its Board of Directors (PRWeb) Code Dx, Inc., a provider of an award-winning suite of time-saving and easy-to-use tools that help software developers, testers and security analysts find, prioritize and manage software vulnerabilities, today announced the appointment of Curtis Dalton, chief information risk officer and security services executive.
Bricata Adds Two More Veteran Cyber Security Executives to Roster (Bricata) Bricata, LLC, a developer of network intrusion detection and prevention solutions, announced today it has added two more veteran cyber security executives to its leadership team. Druce MacFarlane joins as vice president of Products and Marketing, while Randy Fallis joins as vice president of Sales and Customer Strategy. The two new executives add more depth to an existing management team with an impressive track record for solving complex problems in the cyber security space.
Finance and government veteran Mark Morrison joins OCC as chief security officer (CSO Online) OCC will look to Morrison to implement security best practices and to minimize risk.
Products, Services, and Solutions
ThreatQuotient and Bandura Integrate to Simplify Threat Defense (ThreatQuotient) Superior Prioritization of Indicators and Noise Reduction Enables Powerful Security Teams
EclecticIQ Simplifies Threat Intelligence with Fusion Center Launch (PRNewswire) EclecticIQ, the cyber threat intelligence technology provider, has announced the launch of EclecticIQ Fusion Center, a revolutionary approach to the collection, analysis, and distribution of cyber threat intelligence.
Optus, LifeJourney launch online cybersecurity experience for students (ZDNet) The Optus Cyber Security Experience is aiming to teach students the skills needed to combat the cybersecurity threats expected to face Australia in the future.
Townsend Security Secures Nonpublic Personal Information (NPI) for Financial Services and Personally Identifiable Information (PII) (Yahoo! Finance) Townsend Security, a leading provider of encryption and key management solutions, today announced that Alliance Key Manager can help businesses in the ...
Deloitte Earns NSA's Certified Incident Response Assistance Accreditation (PRNewswire) Deloitte announced today that it has earned the prestigious National Security...
Sophos Intercept X Thwarts Ransomware Before It Encrypts Files (eWEEK) Sophos Intercept X watches for activity that presages a ransomware-like activity to warn users and system managers of suspicious activity before files are encrypted and ransomware demands are dispatched.
Zscaler Announces FedRAMP "In Process" Milestone (Yahoo! Finance) Zscaler, Inc., the leading cloud security company, today announced that its certification for the Federal Risk and Authorization Management Program is "in process," under the sponsorship of the ...
ESET launches free security awareness training (BetaNews) Cyber attacks are a big problem for businesses and since many of them are caused by human error training employees to spot the signs of an attack is vital.
UBF launches cyber threat intelligence sharing platform (GulfNews) New initiative will enable banks to collect and share data on cyber threats
Waterfall Unidirectional Security Gateways Earn Common Criteria EAL4+ and NITES Certifications for Its Latest Products (Yahoo! Finance) Waterfall Security Solutions, a global leader in cybersecurity technologies for critical infrastructures and industrial control systems, today announced ...
Red Education signs security training deal with Symantec, EC-Council (Security Brief) IT training firm Red Education has signed deals with Symantec and EC-Council, with a third vendor expected to be announced this week.
Technologies, Techniques, and Standards
NSA suggests using virtualization to secure smartphones (CSO Online) The U.S. National Security Agency is now suggesting government departments and businesses should buy smartphones secured using virtualization, a technology it currently requires only on tablets and laptops
Data security and mobile devices: How to make it work (Help Net Security) There has been a lot of hype in the media about messaging tools. But recently, some of the headlines have taken a negative turn.
Defending Against the Quantum Future (SIGNAL Magazine) The government is racing to identify technologies that will resist the threat from quantum computers, which will render today’s encryption obsolete.
GDPR and ePrivacy will impose 'a much higher bar' on website owners, marketers and list brokers (Computing) While the finer points of the new legislation are still being hammered out, the direction of travel is clear
Deception as Defense - Turning the Tables on the Hackers (Infosecurity Magazine) New approaches are emerging in which organizations can turn the tables on the attackers
Czech cybersecurity experts win cyber defense exercise (Fifth Domain Cyber) International security experts focused on protecting national IT systems have competed and completed Locked Shields 2017, the annual live-fire cyber defense exercise organized by the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia.
DISA working on gray network pilot with combatant commands (C4ISRNET) Gray networks would allow for greater connectivity to classified networks in more austere locations.
US Air Force invites British hackers to test its defences (Computing) Only 'vetted computer specialists' from 'Five Eyes' nations invited to participate in USAF bug-bounty program
New Free Shodan Tool Roots Out RATs (Dark Reading) Shodan teams up with Recorded Future to crawl the Net for computers serving as command-and-control (C2) for remote access Trojans (RATs).
8 Considerations in Cybersecurity Risk Management (Bricata) Rigor, diversity, and process in cybersecurity risk management enable organizations to identify and prioritize the true risks in order to provide business assurance.
Cyber Attack Protection Steps for Investment Firms (The National Law Review) We are spreading awareness of an email “spear phishing” scam that has targeted investment firms recently, attempting to lure their personnel into inadvertently revealing their email accoun
Justifying Cybersecurity Investment with a Warfare Mindset (SecureWorks) Learn how healthcare organizations can find security gaps in order to create a Protection Strategy to better control these conditions and protect against future threats.
17 Measures Every Company Should Consider to Reduce the Risk of Cyber-Intrusions (JD Supra) The cars we drive to work every day run primarily on computers that collect thousands of data points. Same goes for the factory that manufactured them...
Why We Should Let Our Walls Down When It Comes to Cybersecurity (Infoblox) With digital threats growing more rampant across the country and from around the world, the idea of building “walls” for cyber defense and protection can seem appealing. But even in this age of hackers relentlessly penetrating our networks, in the information technology security industry, we know ...
Seven truths about network security (Computing) There are many misconceptions surrounding network security requirements
Why You Need Actionable Threat Intelligence - Palo Alto Networks Blog (Palo Alto Networks Blog) Agility and visibility: why you need actionable threat intelligence.
Design and Innovation
Senseless Government Rules Could Cripple the Robo-Car Revolution (WIRED) Opinion: The government is driving automotive innovation into the past.
Research and Development
Doing The Math For Better Encryption (SIGNAL Magazine) They do not necessarily match the hero stereotype, but computer scientists improving methods of generating random numbers just may save the day.
When Confidentiality and Security Collide (SIGNAL Magazine) You might think that homomorphic cryptography, obfuscation techniques and privacy concerns have nothing in common. You would be mistaken.
Academia
Pixel Academy Announces Free Event for Kids to Explore Newly Emerging STEM Technologies (ABNewswire) Reality leaves much to our imagination, and it seems the gap is now being filled up by virtual reality and other emerging technologies. Since these gadgets are new and perplexing even for adults, Pixel Academy has announced a new event called Future STEM Technology Playground. The free event for kids above seven years will be held in Cobble Hill, Brooklyn on Saturday, May 13, 2017 between 12:00-3:00 pm EDT.
Veteran Cyber Security Professional Tina Williams (TCecure, LLC) to Implement USM Cybersecurity Engagement and Innovation Activities with NCCoE (University of Maryland) The University System of Maryland in 2014 teamed with the not-for-profit MITRE company on a successful bid for the National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE) Federally Funded Research & Development Center (FFRDC). To facilitate the FFRDC's goals, USM has contracted with TCecure, LLC, a Maryland-based cybersecurity company, to bring on Tina Williams as the USM's Cybersecurity Academic Innovation Officer for the FFRDC.
Legislation, Policy, and Regulation
Social media firms should face fines for hate speech failures, urge UK MPs (TechCrunch) Social media giants Facebook, YouTube and Twitter have once again been accused of taking a "laissez-faire approach" to moderating hate speech content on their..
US praises China’s efforts to pressure North Korea (South China Morning Post) US National Security Adviser puts Beijing’s cooperation down to Trump’s pledge to take military action against Pyongyang
North Korea: Trump keeps options open against 'smart cookie' Kim Jong-un (Guardian) McMaster reassures South over defence costs as nuclear tensions rise, while president tells CBS: ‘Eventually, he’ll have good missiles’
Putting Hackers on Notice (SIGNAL Magazine) The deftness with which hackers access critical U.S. assets means network defense is a job for government as much as for private businesses and citizens.
Hackers Aren’t the Only Ones Defending Your Right to Federal Data (WIRED) On Thursday, two senators introduced a bill that would make it much, much harder for any administration to disappear public data.
'Cybersecurity resiliency' bill would fund states and cities (StateScoop) If passed, federal dollars funneled through the Department of Homeland Security would help state and local government agencies protect their networks from a growing barrage of attacks.
Changing cyber access on state and local levels (C4ISRNET) Receiving sensitive and sometimes classified cyber intelligence is critical to addressing the growing cyberthreats that target state and local government systems.
National Guard strengthens cyber incident response capabilities (Fifth Domain Cyber) The National Guard kicked off its premier cyber defense training exercise, also known as Cyber Shield 17, at Camp Williams, Utah, on April 23 and will continue until May 5.
Spending deal boosts funds for DHS office securing cyber infrastructure (TheHill) $1.4 billion allocated to secure civilian government networks, stop cyberattacks and foreign espionage.
DHS conducting internal cyber assessment ahead of legislative reorg (FederalNewsRadio.com) Rep. Mike McCaul (R-Texas) is getting closer to introducing a bill to create a stand-alone cybersecurity agency in DHS.
This Trump FCC Transition Official Just Made a Great Accidental Argument for Net Neutrality (Motherboard) Nice work.
Litigation, Investigation, and Law Enforcement
US Federal Court Says Net Neutrality Is Legal. Trump’s FCC Wants to Kill It Anyway (Motherboard) Activists win in US court ahead of battle to defend the internet’s open access principle.
Too little, too late? FCC wins net neutrality court case (Ars Technica) Wheeler's court win over ISPs reaffirmed, but Pai plans to overturn the rules.
()
Election hack? (SC Magazine US) It "could've been China," President Trump told an interviewer who asked about the hack into the 2016 presidential election.
Three young women arrested in London under anti-terrorism laws: police (Reuters) Three young women were arrested under anti-terrorism laws in east London on Monday in connection with a security operation in the capital last week, police said.
Security Researcher and Alleged Spam Operator to Square Off in Court in Ugly Lawsuit (BleepingComputer) River City Media, an email marketing company that was reported last month as allegedly one of the world's largest spam operators, has filed a lawsuit against the security researcher who made the revelations.
Hacker Arrested for Stealing $100 Million from Facebook and Google (eSecurity Planet) Evaldas Rimasauskas allegedly used phishing attacks to trick the companies into transferring tens of millions of dollars to accounts he controlled.
How a Woman' Fitbit Fitness Tracker Helped Solve Her Murder Case (HackRead) A man killed his wife and tried to have someone else convicted of his crime. However, the whole case was solved through Fitbit timeline.