Cyber Attacks, Threats, and Vulnerabilities
Eugene Kaspersky on cyber-espionage: 'The reality is that everyone hacks everyone' (International Business Times UK) "In cyberspace it's much easier to manipulate someone's opinion," says Russian tech pioneer.
Hack Job (Foreign Affairs) The United States has been waging digital warfare for over a quarter century now. But in the future it must use its cyberpower more cautiously. If a cyberwar spun out of control, the United States would have the most to lose.
Russia’s armed forces on the information war front (Ośrodek Studiów Wschodnich) The current militarisation of the public space in Russia is the result of a long process. Since 2000, the so-called information threats have been the subject of widely publicised strategies justifying the military’s information policy and its tasks related to information warfare. Those tasks have not been limited to domestic projects; Russia’s ambition is to act regionally and globally, and is building a common Eurasian information space. The country has put forward drafts of international conventions and codes of conduct concerning the international information space, thus demonstrating its own vision and asserting its right to co-decide on matters of global security.
Shamoon Collaborator Greenbug Adopts New Communication Tool (Threatpost) New clues surface on Shamoon’s ability steal credentials ahead of attacks.
Super Free Music Player in Google Play is malware: a technical analysis (Naked Security) Listening to tunes via Super Free Music Player on your Android phone? If so, get rid of it: it’s malware, and here’s what we’ve learned about it
Powershelling with exploits (SANS Internet Storm Center) It should be no surprise to our regular readers how powerful PowerShell (pun intended) really is. In last couple of years, it has become the main weapon of not only white hat penetration testing, but also various attackers.
Fraudsters draining accounts with ‘SIM swaps’ – what to do (Naked Security) If crooks can get a new SIM issued in your name, they take over your phone number and your text messages… and your phone goes dead.
More and more apps equipped with ultrasonic tracking capability (Help Net Security) Researchers have found 234 Android applications that are constantly listening for ultrasonic beacons in the background, without the users' knowledge.
Hundreds of Apps Can Listen for Marketing ‘Beacons’ You Can’t Hear (WIRED) So-called ultrasonic beacons are becoming even more popular with marketers. Here's how to shut them out.
HideMyAss! privilege escalation flaws exposed (ZDNet) The researcher on the case says the VPN provider will not be fixing them.
Watch Hackers Sabotage an Industrial Robot Arm (WIRED) Researchers were able to take control of a 220-pound robotic arm to damage the products it manufactures---or the person that operates it.
Researchers Hack Industrial Robot (Dark Reading) New research finds more than 80,000 industrial routers exposed on the public Internet.
Compromising Industrial Robots: The Fallacy of Industrial Routers in the Industry 4.0 Ecosystem (TrendLabs Security Intelligence Blog) The increased connectivity of computer and robot systems in the industry 4.0. ecosystem, is, and will be exposing robots to cyber attacks in the future. Indeed, industrial robots—originally conceived to be isolated—have evolved, and are now exposed to corporate networks and the internet.
Breach at Sabre Corp.’s Hospitality Unit (KrebsOnSecurity) Breaches involving major players in the hospitality industry continue to pile up. Today, travel industry giant Sabre Corp. disclosed what could be a significant breach of payment and customer data tied to bookings processed through a reservations system that serves more than 32,000 hotels and other lodging establishments.
Netflix declines to pay Orange is the New Black ransom to hacker (Naked Security) It’s never great when a company has a data breach and IP is stolen – but perhaps this one isn’t so bad for Netflix after all
Report: Average ransomware demand now over $1,000 (CSO Online) The average amount of a ransomware demand has increased from $294 in 2015 to $1,077 last year, according to a new report by Symantec.
Insecure security – do you trust your cameras? (Fos 13 Salt Lake City) Security cameras aren't just for banks and museums anymore, millions of people peek at their property while they're away - catching criminals in the act; trespassers, burglars and porch pirates.
Criminals turning to fraudulent gift cards (CSO Online) As retailers and other businesses increase security measures to prevent the use of gift cards purchased with stolen credit card numbers, cyber criminals have been focusing on fraudulent gift cards, according to a report released this morning.
ATMs have become an attractive site of attack from cyber criminals globally: Aleks Gostev, Kaspersky Labs (The Economic Times) Aleks Gostev, the chief security expert at Kaspersky Labs explains the looming threat on the Indian banking system and what should be done to prevent a major financial loss.
California Auto Loan Firm Spills Customer Data (BankInfo Security) Make sure your Amazon S3 buckets have no holes. A California vehicle financing company has learned the hard way after exposing up to 1 million records online
Researchers Find 300+ Fake UK Banking Sites (Infosecurity Magazine) Researchers Find 300+ Fake UK Banking Sites. Cybersquatting domains often used for phishing, warns DomainTools
As Phishing Attacks Continue to Scam Shoppers, DomainTools’ PhishEye Data Showcases Most Spoofed Retail Websites (SAT PR News) Research reveals many top US retail brands are targeted by phishing emails and false websites
Security Patches, Mitigations, and Software Updates
Critical Android security patches released – but will your phone ever see them? (HOTforSecurity) Google has released new security patches for its Android operating system this week, tackling a wide array of vulnerabilities that could be exploited by malicious attackers. The most critical of the patched vulnerabilities address security flaws in its troubled...
Xen hypervisor faces third highly critical VM escape bug in 10 months (CSO Online) The Xen Project has fixed three vulnerabilities in its widely used hypervisor that could allow operating systems running inside virtual machines to access the memory of the host systems, breaking the critical security layer between them.
GE patches flaws allowing attackers to ‘disconnect power grid at will’ (Naked Security) Patches come in response to notification of a talk at Black Hat discussing how hackers ‘broke the homebrew encryption algorithm
Cyber Trends
Simple exploits have a big impact in cyber crime (FCW) Cyber attackers are leveraging cloud, email and off-the-shelf tools to open more attack windows, according to a new security study.
The False Binary of IoT and Traditional Cyber Security (Security Week) There’s a new challenge in cyber defense and it’s coming from everyday objects that increasingly surround us — the Internet of Things (IoT). From coffee machines and fridges to virtual assistants and video cameras, consumers are embracing a new wave of connected devices. But they seldom consider the host of unforeseen vulnerabilities that come with them.
Watch out IT admins: you're a hacker's new target (iTnews) Why attackers are changing their focus.
Schools among the most sought after cyber targets: ESET report (SC Magazine) When it comes to finding a one-stop shopping experience for a cybercriminal it's hard to find a better target than an educational institution.
Healthcare Breaches Hit All-Time High in 2016 (Dark Reading) More than 300 healthcare businesses reported data breaches in 2016, but a drop in leaked records put fewer Americans at risk.
UK Office Workers ‘Too Trusting’ of Email Attachments (Infosecurity Magazine) UK businesses expose themselves to hackers and zero-day attacks by failing to implement good email security practices
UK not a frontrunner in staff cyber security awareness (Acumin Recruitment, London) A recent study revealed that the UK ranked ninth in the Barclays’ Digital Development Index, behind such countries as South Africa, China, and Brazil.
In the UAE, one in 136 emails is malicious: research (Arabian Business) The country's cybercrime threat ranking has improved in the past two years, says Symantec report
Marketplace
Cybersecurity business continues to solidify at U.S. military contracting giants (Cyberscoop) While stocks and profits at the biggest U.S. military contractors are driving up across the board under the saber-rattling of President Donald Trump, first-quarter financial results for industry giants like Lockheed Martin, Raytheon and Northrop Grumman show that cybersecurity is a growing if still relatively small part of their businesses.
Forcepoint Data Loss Prevention Solutions Drive Strong Business Momentum (Yahoo! Finance) Global cybersecurity leader Forcepoint today announced strong data protection momentum driven by enterprise customers adopting centrally managed data loss prevention ...
Cyber security firm FireEye posts surprise rise in revenue (Reuters) Cyber security firm FireEye Inc reported a surprise 3.4 percent rise in quarterly revenue, helped by strength in its product subscription and services business.
It's Time to Forgive FireEye Inc (FEYE) Stock (InvestorPlace) FireEye (FEYE) has consistently lagged other cybersecurity stocks, but financial discipline and rising global demand should boost FEYE stock.
3 Reasons HP Inc. is a Better Value Stock than Hewlett Packard Enterprise (The Motley Fool) HP’s stronger core markets, better growth figures, and simpler business model all make it a better value play than its enterprise counterpart.
BC Partners and Medina Capital Announce Launch of Cyxtera Technologies (PRNewswire) New Venture Begins Operations Following Completion of Transaction that Combines CenturyLink's Data Centers and...
CACI Awarded $349 Million in Previously Unannounced Classified National Security Contracts (Businesswire) CACI International Inc (NYSE: CACI) announced today that it has been awarded $349 million in previously unannounced awards on classified contracts wit
General Dynamics to Provide IT, Cyber Support to Naval Meteorology & Oceanography Command - GovCon Wire (GovCon Wire) A General Dynamics (NYSE: GD) business unit will provide cybersecurity
Thales joins Industrial Internet Consortium (Thales) Thales’s e-Security business to contribute well-established cryptographic expertise to IIoT security activities
Sophos Teases Launch Of Cloud Security Partner Program, Certifications, Competitive Hotline (CRN) On the heels of strong partner growth, Sophos says it will be rolling out a new cloud security provider partner program, training certifications, channel community, and competitive hotline.
Thycotic Accelerates New Customer Acquisitions through Global Channel Enablement (PRNewswire) Thycotic, provider of privileged account management (PAM) solutions for more...
LogRhythm Announces Technology Alliance Partner (TAP) Program Designed to Facilitate Deeper Engagements with Key Technology Integration Partners and Deliver Greater Protection Across the Full Threat Lifecycle (Yahoo! Finance) LogRhythm, The Security Intelligence Company, today announced the launch of its new Technology Alliance Partner Program. The program is designed to foster interoperability to deliver a more complete security solution for customers, and build awareness around the value of robust technology integrations
Verint Welcomes 2017 Customer Advisory Board (Businesswire) Verint® Systems Inc. (Nasdaq: VRNT) today announced and welcomed the member organizations that comprise its 2017 Americas Customer Advisory Board.
Endace hires new VP Product Management to drive growth of partner program (Channel Life) Cary Wright will be joining the provider of high speed network recording and network history playback with the aim to drive channel growth.
Fidelis Cybersecurity appoints security executive Jason Clark to board of directors (CSO Online) Clark is expected to bring insight into the needs of CISOs.
EY Announces ThreatConnect's CEO Adam Vincent Entrepreneur Of The Year® 2017 Mid-Atlantic Award finalist (ITBriefing.net) EY today announced that Adam Vincent, CEO of ThreatConnect, provider of the industry's only extensible, intelligence-driven security platform, is a finalist for the Entrepreneur Of The Year® 2017 Award in the Mid-Atlantic region. The awards program, which is celebrating its 31st year, recognizes entrepreneurs who are excelling in areas such as innovation, financial performance and personal commitment to their businesses and communities. Vincent was selected as a finalist by a panel of independent judges.
Products, Services, and Solutions
Blue Cedar Redefines Enterprise Mobility Management (Yahoo! Finance) Blue Cedar today redefined enterprise mobility management with a new release of its highly acclaimed mobile security platform, which can extend or completely replace traditional EMM solutions to provide secure mobile data access for all enterprise mobile end users, employees, external partners and customers
Verizon releases software-defined perimeter security service (The Stack) Verizon has launched a new software-defined perimeter solution to allow customers to build a virtual boundary around their network.
Verizon launches Software-Defined Perimeter service to help enterprises proactively prevent cyberattacks (Yahoo! Finance) Verizon Enterprise Solutions has launched a new Software-Defined Perimeter (SDP) service that enables enterprise customers to proactively identify and block cyberattacks ...
Kensington VeriMark Fingerprint Key, Now Generally Available, Offers Best-inClass Cyber Security (Kensington) World’s first fingerprint security key to support both Windows Hello and Fast IDentity online universal second factor authentication to protect against unauthorized access on compromised devices
Palo Alto Networks Expands the Preventive Strengths of Its Traps Advanced Endpoint Protection Offering (PRNewswire) Palo Alto Networks® (NYSE: PANW), the next-generation security...
Shodan search engine starts unmasking malware command-and-control servers (CSO Online) There's now a new tool that could allow researchers and companies to quickly block communications between some malware families and their constantly changing command-and-control servers.
Shodan and Recorded Future Release Malware Hunter (Yahoo! Finance) Recorded Future, the threat intelligence company, and internet search engine Shodan announced today a specialized crawler for security researchers that explores the internet to find computers acting as remote access trojan (RAT) command and control centers. The crawler
Malware Hunter — Shodan's new tool to find Malware C&C Servers (The Hacker News) Shodan launches Malware Hunter search crawler designed for finding botnet command and control (C&C) servers
TrapX Integrates with ForeScout to Contain Active Attackers Inside the Network Perimeter (Marketwired) The combined solution leverages TrapX's deception technology and ForeScout's agentless visibility and control capabilities to detect, divert, quarantine and proactively mitigate advanced threats
Distrix Networks Returns to IoT World Following Innovation of Things Award Win and Successful Year of New Partnerships (PRNewswire) Industrial Internet of Things (IIoT) networking software company, Distrix Networks, will be returning to the IoT World Show in Santa Clara May 16-18, 2017 to share insights and learnings after a year of successful partnerships following their 2016
PasswordPing Releases Free Compromised Password Tool in Honor of World Password Day (PRNewswire) In honor of World Password Day 2017, PasswordPing Ltd. is proud to launch...
KnowBe4 Releases Weak Password Test Tool (Benzinga) New weak password test tool allows IT managers to check active directory for multiple password-related vulnerabilities caused by users
Fox Technologies Launches Release 7.1 of Its Privileged Access Management Solution, Designed to Meet the Operational Challenges for Accelerated Deployments of Enterprise Linux (PRNewswire) Fox Technologies, Inc, a leader in Linux security solutions, today...
Leveraging ThreatQ and AutoFocus to Combat Ransomware (ThreatQuotient) In this post, we will look at “AutoFocus,” which gives access to Palo Alto’s Wildfire data and, when used with ThreatQ, allows you to more effectively and efficiently combat ransomware.
Nominum Offers Analysis of 15.3 Trillion DNS Records to Explain Rapid Growth and Evolution of Cybercrime in New Spring 2017 Security Report (Marketwired) DNS security pioneer's unique position in service provider networks combined with cybersecurity expertise and proprietary data science methods bring deep understanding of cyberthreat landscape
National Police Board of Finland and Gemalto win leading industry award for new ePassports and eID cards (NASDAQ.com) Sophisticated fraud prevention features combined with striking design concepts
Yikes! Antivirus Software Fails Basic Security Tests (Tom's Guide) Your antivirus software may be more vulnerable to attack than the files it's meant to protect, a recent evaluation suggests.
Technologies, Techniques, and Standards
GDPR requirements: Five high-priority actions (Help Net Security) The European General Data Protection Regulation (GDPR) will have a global impact when it goes into effect on May 25, 2018. Gartner predicts that by the end
Making sense of cybersecurity qualifications (CSO Online) Organizations push for equitable and transparent credentials. Several credentialing initiatives are in the works to make cybersecurity credentials easier to understand and classify according to their value.
Crypto-economist Jon Matonis pushes for actual bitcoin protocol status quo (CalvinAyre) The battle to reshape to existing landscape of bitcoin protocol influencers has gained a new ally—leading bitcoin researcher Jon Matonis.
How organizations can protect against new CERBER variations (Trend Micro: Simply Security) It will be important to understand how to protect against new CERBER strains and what is being done to close current vulnerabilities.
7 Steps to Fight Ransomware (Dark Reading) Perpetrators are shifting to more specific targets. This means companies must strengthen their defenses, and these strategies can help.
Beyond the Backup: Defending Against Ransomware (eSecurity Planet) When you're hit by a ransomware attack, it's tempting to think that just restoring from backup can make the problem go away -- but according to DataGravity CEO Paula Long, it's not necessarily that simple.
Do Indicators of Compromise Matter? The Devil is in the Details (Security Week) Instead of discounting indicators of compromise, it’s time to use them more effectively
False positives still cause threat alert fatigue (CSO Online) How you set up and prioritize which alerts to look at and act on is the basis for an effective threat management strategy.
Getting Threat Intelligence Right (Dark Reading) Are you thinking of implementing or expanding a threat intelligence program? These guidelines will help you succeed.
Humans wanted: No such thing as 100% automated threat intelligence, says panel (SC Magazine US) Automation, machine learning and artificial intelligence continue to play a growing role in detecting and diagnosing network threats based on traffic analy
Design and Innovation
Facebook to add 3,000 to team reviewing posts with hate speech, crimes, and other harming posts (TechCrunch) A week after news broke of multiple videos of suicides posted on Facebook remaining on the site for hours, the company has announced a new plan to add..
Userfeeds aims to stop fake news by linking the blockchain to social content (TechCrunch) Userfeeds is a new startup which has a platform which applies blockchain tokens to news discovery. The idea is to combat so-called "fake news" by providing an..
Microsoft’s new head of research has spent his career building powerful AI—and making sure it’s safe (Quartz) Eric Horvitz has been working to make machines self aware for 30 years.
Legislation, Policy, and Regulation
China taking on Wikipedia with online encyclopaedia (South China Morning Post) More than 20,000 scholars involved in country’s biggest publication project
Social media companies "shamefully far" from tackling illegal and dangerous content - News from Parliament (UK Parliament) Home Affairs Committee publishes report on hate crime, criticising biggest and richest social media companies
White House Creates IT Council (SIGNAL Magazine) The White House has created a council charged with tackling federal information technology services.
NSA Commends Navy Task Force Cyber Awakening (DVIDS) The National Security Agency (NSA) recognized the Navy's Task Force Cyber Awakening (TFCA) for its achievements in the realm of national information systems security and defensive information operations, April 6.
Litigation, Investigation, and Law Enforcement
N. Korea Behind 2016 Cyber Attack Against Cyber Command (KBS World Radio) Anchor: Prosecutors have concluded an investigation into the 2016 hacking of the nation's military cyber command, finding that North Korea was behind the attack. A few dozen military officials are now facing punishment for failing to prevent the cyber security breach.
FBI Director Comey, NSA Director Rogers will testify about Russia on Thursday (Newsweek) The hearing on Thursday will be the first since March 20, when Comey confirmed the FBI’s investigation into Russia’s election tampering and possible collusion with Trump associates.
How cybersleuths decided Russia was behind US election hack (CNET) Digital clues led security pros to agencies in Putin's government. It's as close as we'll ever get to proof that Russia did it.
Report: Government officials 'unmasked' more than 1,900 Americans swept up in foreign surveillance (PBS NewsHour) The report showed that even under the new law, the NSA still collected more than 151 million records about Americans' phone calls last year.
Reined-In N.S.A. Still Collected 151 Million Phone Records in ’16 (New York Times) A system created in 2015 to end the bulk collection of calling records took in a large amount of data, but a fraction of what the N.S.A. once gathered, a report shows.
US sought names of 1,934 Americans in intelligence reports (WRCB) Government officials requested to know the identities of more than 1,900 Americans whose information was swept up in National Security Agency surveillance programs last year, according to an...
Statistical Transparency Report Regarding the Use of National Security Authorities for Calendar Year 2016 (IC on the Record) In June 2014, the Director of National Intelligence (DNI) began releasing statistics relating to the use of critical national security authorities, including the Foreign Intelligence Surveillance Act (FISA), in an annual report called the Statistical Transparency Report Regarding Use of National Security Authorities (hereafter the Annual Statistical Transparency Report). Subsequent Annual Statistical Transparency Reports were released in 2015 and 2016.
From Czechia with Love (RealClearDefense) U.S., British and German intelligence have confirmed that Putins spies have been hard at work trying to infiltrate Trumps team. After the FBI had busted a Russian spy ring in New York, media...
Briton who promoted Islamic State with special cufflinks jailed for eight years (Reuters) A British man who stored material about missile systems on data sticks disguised as cufflinks and created an extensive online manual for members of Islamic State was sentenced to eight years' jail on Tuesday.
Policing cybercrime: a national threat (Information Age) How is law enforcement addressing the increasing problem of cybercrime in the UK?
Intel on 'imminent threat' drove airline electronics ban, top lawmaker says (Fox News) Strong intelligence pointing to an imminent threat drove the decision in March to ban large electronics in carry-on baggage on flights into the U.S., according to a senior House Republican.
Fox News ‘hacked Andrea Tantaros’, says lawsuit (Naked Security) Fox ‘hacked’ Tantaros’s devices to install a keylogger, claim her lawyers, and used the information they found to harass her
Clinton: FBI Letter and “Russian WikiLeaks” Cost Me Election (Infosecurity Magazine) Clinton: FBI Letter and “Russian WikiLeaks” Cost Me Election. Former frontrunner in no doubt about impact of last minute “events”
This Is How the Free Press Dies (Motherboard) Former Motherboard editor Ben Makuch has been pursued by the Canadian government since 2014 for doing his job.
Malaysia Is Threatening to Jail WhatsApp Group Admins Over Spread of Fake News (Motherboard) Message apps are the latest technology to fall under the control of Malaysia's controversial Communications and Multimedia Act.
UK Cops Can Now Remotely Disable Phones Even If No Crime Has Been Committed (Motherboard) The power relates to phones suspected of being used for drug dealing, but in some cases, a phone can be disabled even if no offense has taken place.