Cyber Attacks, Threats, and Vulnerabilities
German spy chief issues fresh warning about Russia cyber attacks (The Independent) Germany’s domestic intelligence agency expects new cyber attacks targeting politicians and government officials ahead of federal elections. Hans-Georg Maassen, head of the BfV agency, said spies are keeping a “very close watch” on threats as the country gears up for September’s vote.
Le Pen on the ropes over ‘collusion’ with Kremlin (Times (London)) Today is the final day of campaigning by Marine Le Pen and Emmanuel Macron in the French election but the far-right leader already appears defeated after a bad-tempered TV debate. National Front...
US Sanctions Didn’t Stop Russia’s Election Hacking—Or Even Slow It Down (WIRED) The Fancy Bear group's continued attacks on electoral campaigns shows how easily the Kremlin brushed off Obama's sanctions.
Cyber Vault Highlights (National Security Archive) The National Security Archive posts a sampling of 40+ documents on all aspects of cyber activity taken from its growing collection of key materials every student and expert should have
China tried to hack THAAD system: CNN (Korea Times) “China uses cyber espionage pretty regularly when Chinese interests are at stake to better understand facts on the ground,” John Hultquist, the director of cyber espionage analysis at FireEye, told CNN. “We have evidence that they targeted at least one party that has been associated with the missile placements.”
Update: Google Doc phishing story takes some bizarre turns (Naked Security) Since news began circulating last night of a phishing campaign parading around as Google Doc access links, the tale has taken strange twists and turns. A self-described graduate student claims he w…
Some Twitter Dude Is Trying to Take Credit for the Google Docs Phishing Attack (BleepingComputer) A Twitter user by the name @EugenePupov is trying to take credit for the massive phishing attack that hit Gmail users last night, but currently available evidence isn't lining up with his statements.
Google Doc CloudPhishing Worm Attack Technical Analysis (Netskope) Introduction The Internet was buzzing yesterday over a rapidly spreading attack involving malicious apps masquerading as Google Docs which gained permission to victims’ Google Gmail accounts and...
Google Docs Account Take-Over Worm (Agari) On May 3rd, 2017, cybercriminals launched a large scale phishing worm that executed account takeovers to compromise Google Gmail and G Suite email accounts. The attack enticed users to authorize a malicious application appearing to be Google Docs to take over the victim’s email account. This attack was only successful if all of the following apply to you or your organization:
1 Million Gmail Users Impacted by Google Docs Phishing Attack (Threatpost) Researchers said good social engineering and users’ trust in the convenience afforded by the OAUTH mechanism guaranteed Wednesday’s Google Docs phishing attacks would spread quickly.
Google Was Warned About This Week’s Mass Phishing Email Attack Six Years Ago (Motherboard) Six years ago, a researcher warned about the exact same "dynamite phishing" technique used to phish around one million Gmail users this week.
Google Docs phishing attack underscores OAuth security risks (ITworld) Google has stopped Wednesday’s clever email phishing scheme, but the attack may very well make a comeback.
Google Docs Phishing Scam a Game Changer (Dark Reading) Experts expect copycats that take advantage of passive authentication from third-party applications using standards such as OAuth.
Bondnet botnet goes after vulnerable Windows servers (Help Net Security) A botnet consisting of some 2,000 compromised Windows servers has been mining cryptocurrency for its master since December 2016.
Snake Malware Modified; OS X The Next Target (HackRead) The security researchers at Fox-IT have discovered a modified version of the previously known snake malware. A version specifically designed to target MacO
Fatboy Ransomware-as-a-Service Emerges on Russian-Language Forum (Recorded Future) Recently a member of a top-tier Russian cyber criminal forum posted an advertisement for “Fatboy,” a new ransomware-as-a-service (RaaS) product. Learn more.
WordPress Zero-Day Could Expose Password Reset Emails (BleepingComputer) Polish security expert Dawid Golunski has discovered a zero-day in the WordPress password reset mechanism that would allow an attacker to obtain the password reset link, under certain circumstances.
Unpatched WordPress Password Reset Vulnerability Lingers (Threatpost) A zero day vulnerability exists in WordPress Core that in some instances, could allow an attacker to reset a user’s password and in turn, gain access to their account.
Microsoft says: Lock down your software supply chain before the malware scum get in (Register) Stealthy attack code spotted going after payment systems
Windows Defender ATP thwarts Operation WilySupply software supply chain cyberattack (Microsoft Malware Protection Center Blog) Several weeks ago, the Windows Defender Advanced Threat Protection (Windows Defender ATP) research team noticed security alerts that demonstrated an intriguing attack pattern. These early alerts uncovered a well-planned, finely orchestrated cyberattack that targeted several high-profile technology and financial organizations. An unknown attacker was taking advantage of a silent yet effective attack vector: the compromised...
Bank robbers exploited SS7 weaknesses to drain 2SV-protected accounts (Graham Cluley) A group of thieves exploited weaknesses in Signaling System 7 (SS7) to drain users' bank accounts, including those protected by two-step verification (2SV).
We Were Warned About Flaws in the Mobile Data Backbone for Years. Now 2FA Is Screwed. (Motherboard) Financially-motivated hackers are using SS7 attacks to break into bank accounts.
Exploit Kits Surge Worldwide as Rig makes list of 'Most Wanted' Malware in Africa (bobsguide) After several months in decline, Exploit kit infections show sharp uplift and deliver a variety of threats, says Check Point
Critical RCE flaw in ATM security software found (Help Net Security) Researchers from Positive Technologies have unearthed a critical vulnerability (CVE-2017-6968) in Checker ATM Security by GMV Innovating Solutions.
HTTP Headers... the Achilles' heel of many applications (SANS Internet Storm Center) When browsing a target web application, a pentester is looking for all “entry” or “injection” points present in the pages.
iPhone Phishing Scam Crosses Over Physical Crime (TrendLabs Security Intelligence Blog) Traditional crime and cybercrimes are not mutually exclusive and can, in fact, work together in seemingly bigger attacks or malicious schemes.
Don't believe the social media rumors: Camp Pendleton's 'Darkhorse Marines' aren't dying in Afghanistan (San Diego Union-Tribune) People Twitter, Facebook and other sites keep asking people to pray for combat-plagued 3rd Battalion, 5th Marines, but the grunts aren't in combat or even in Afghanistan.
Payroll shutdown: company denies insolvency as IT contractors pray for payment (CRN Australia) Plutus Payroll speaks out as IT contractors pray for payment.
NYPD: Fraud Ring Recruited Mules Via Social Media (Infosecurity Magazine) NYPD: Fraud Ring Recruited Mules Via Social Media. Sophisticated operation resulted in $2.5m counterfeit check deposits
Barts Health NHS Trust has cancelled 136 operations and hundreds of chemotherapy appointments due to IT failure (Computing) Pathology and image viewing applications have finally been restored across the Trust after two-week outage
DHS warns Congress of security threats to phones (TheHill) Department sends report to lawmakers on mobile device security.
Security Patches, Mitigations, and Software Updates
Microsoft pulls botched Office 2010 nonsecurity patch KB 3128031 (InfoWorld) Mysterious VBA error apparently to blame -- but no confirmation from Microsoft
Verizon brings April security patch for Android to Samsung Galaxy Note5 and Galaxy S6 edge+ (Neowin) After updating its Galaxy Note 5 and Galaxy S6 edge+ to Android 7.0 Nougat last month, Verizon is now rolling out the Android security patches for April to both of the high-end handsets.
Intel Patches Security Threat On Enterprise PCs (PYMNTS.com) Intel has reportedly been operating with what reports called a “critical vulnerability” in its firmware that could allow hackers to infiltrate company systems via Intel’s Active Management Technology, Small Business Technology or Standard Manageability. Reports Wednesday (May 3) said a researcher at IoT startup Embedi identified the vulnerability that has existed within Intel systems since […]
Cyber Trends
Rudimentary Attacks Pose Greatest Risk to Midsized Organizations According to New Threat Report (Marketwired) eSentire SOC analyzes nearly 5 million attacks across hundreds of midmarket organizations in 2016
IT Managers Say Price Most Important When Buying Endpoint Security (Yahoo! Finance) More than 70 percent of SMB IT managers say budget considerations have forced them to compromise on security features when purchasing endpoint security according to a new, exclusive survey by VIPRE®. Overall, price was the top factor in endpoint security
Business Email Compromise Losses Up 2,370 Percent Since 2015 (Threatpost) The FBI says Business Email Compromise scams are growing at astronomical rates, and businesses have lost $5.3 billion since 2013; $346 million in the U.S. alone in the second half of 2016.
Three cybersecurity threat trends that organizations should address today (Help Net Security) The cybersecurity landscape grows seemingly more complex – and dangerous – by the day: Hackers and other bad actors unleash increasingly intricate and form
One in Two Organizations Have Had a SharePoint Data Breach, According to New Study (Yahoo! Finance) The Ponemon Institute and Metalogix, today released results of a report focused on how organizations are keeping sensitive or confidential data safe in collaboration and file sharing environments such as SharePoint, Dropbox, and file sync and share applications
Who's responsible for secure Internet access? (Help Net Security) For those that say Internet access is a human right, 41 percent hold the government responsible for safe and secure Internet access.
India Inc unprepared to deal with cyber attack (Deccan Chronicle) Survey reveals most participants think social media as a potential risk.
Marketplace
What's the key to surviving as a cyber-security start-up? (CSO Online) It’s always a gamble to establish a start-up, but if you were to choose any sector where you’d fancy your chances of success, it would surely be cyber-security.
Signifyd raises $56 million for e-commerce fraud protection (TechCrunch) E-commerce fraud is a growing problem, but Signifyd thinks it has a solution to save businesses money. Their company is growing fast and has closed a $56..
Why Cisco Systems, Inc. Shareholders Have Something to Worry About (The Motley Fool) Will the networking giant be left behind as customers shift towards cloud-based solutions?
HackerOne says 'no' to FlexiSpy stalkerware bug bounty program (Register) Creepy app seller is going to have to QA its own buggy software
Vencore wins NGA contract (C4ISRNET) The contract has a maximum value of $980 million.
Kimberly-Clark Recognized by CSO50 for Excellence in Cybersecurity Awareness (PRNewswire) Kimberly-Clark Corporation has been recognized for its excellence in cybersecurity...
Nehemiah Security Named One of Greater Washington’s Best Places to Work (BusinessWire) Nehemiah Security, an internationally recognized supplier of cybersecurity software and services to enterprise and government organizations, today ann
Digital Shadows Expands Executive Leadership to Support Rapid Growth of the Company (BusinessWire) Digital Shadows announced new appointments to its management team today: Dan Lowden as Chief Marketing Officer, Schwark Satyavolu to the company's boa
Products, Services, and Solutions
New infosec products of the week: May 5, 2017 (Help Net Security) Here's an overview of new products from vendors including: Code42, Crossmatch, CyberArk, EclecticIQ, ThreatQuotient, and Netwrix.
Gemalto’s secure smart chip to be integrated in the Galaxy S8 in selected markets (Deccan Chronicle) The chip has been embedded in other Samsung smartphones including the Galaxy A series globally and the Galaxy C series in China.
Gemini Data Helps Organizations Build Intelligent, Hybrid Infrastructure with SBOX Appliance 2.2 (Gemini Data) Latest version offers integration across cloud, hardware, and software-based offerings, Cloudera support
Ram Group Announces World's First Full-Body Biometric Authentication Technology (PRNewswire) RAM Group, Singaporean based technology firm, has just announced a new...
Verizon Secures The Perimeter With New Cloud-Based Security Service For Business Customers (CRN) Verizon introduced a cloud-based managed security service, Software-Defined Perimeter. The latest service, which lets enterprises ID and block breaches at the network border, is not immediately available through channel partners.
Verizon Open Source White Box ‘Coming Soon,’ VP Says (SDxCentral) A Verizon open source white box solution that runs services from multiple vendors will launch soon, according to Verizon VP Shawn Hakl.
Thycotic Launches Free Browser Stored Password Discovery Tool (Yahoo! Finance) Thycotic, a provider of privileged account management (PAM) solutions for more than 7,500 organizations worldwide, today announced its Browser Stored Password Discovery Tool - a free tool that detects and informs IT professionals if passwords are being stored within
Mocana to Demo Its Industrial IoT Security Platform Integrated with Dell's IoT Gateway at Dell EMC World 2017 (Marketwired) IoT security leader delivers strong security solution on purpose-built Dell Industrial Gateways
CA Technologies Uses AI Tech to Combat Online Fraud (eSecurity Planet) The company's new CA Risk Analytics Network uses machine learning and neural network technologies to curb online credit card fraud.
Technologies, Techniques, and Standards
GDPR: Some organisations are looking forward to it; for others it's a 'pain in the bum' (Computing) Some IT leaders believe GDPR will make their lives easier by forcing their supply chain to tighten up, but others are more concerned about their own organisation's compliance.
How "adversarial engineering" of red teams is strengthening security practitioners (ZDNet) Want to make enterprise security and up-and-coming security leaders stronger? Put a red team on it.
Third parties leave your network open to attacks (CSO Online) With the Target example as the high-water mark, enterprises need to worry about the lack of security on a third parties’ part. How do you tighten things up?
The pitfalls of cybersecurity shopping: hype and shoddy products (CSO Online) Today's cybersecurity market is beset by vaporware, exaggerated marketing claims and shady sales tactics, security managers say.
Top tips for finding the right cybersecurity products (CSO Online) Having trouble finding the right security products for your business? You’re not the only one. We asked experienced buyers for their tips.
Taming the Open Source Beast With an Effective Application Security Testing Program (Security Intelligence) Application security testing is the only way to prevent open source vulnerabilities from becoming a huge problem in the enterprise.
Pitfalls of identity access management (CSO Online) Whether dealing with a third parties access or tracking an insider through your network, action needs to be take to see who goes where. Too few organizations treat IAM as the crucial, secure connective tissue between businesses' multiplying employees, contractors, apps, business partners and service providers.
Going travelling? Don’t drop your guard when you’re on the road (Naked Security) Cybercriminals don’t take holidays, as recent breaches show: here are some tips to keep your data safe while you travel
What's Up with Your Mobile Apps? Identifying and Mitigating Digital Risk (Security Week) I’ll venture to guess you’re using a mobile device to read this. In the most recent Ericsson Mobility Report (PDF), the total number of mobile subscriptions at the end of 2016 was approximately 7.5 billion and growing around 4 percent year-on-year. Greater speed, power and storage capabilities of mobile devices means they are used more frequently for activities previously reserved for laptops or PCs.
How to Stop a Hacker: Disincentivizing Cybercriminals (Security Week) As long as computers have been in existence, there have been people trying to hack them. As technology has evolved and improved, so has the advancements for keeping cyberattacks at bay.
Shifting Left on Security and Software Delivery (Infosecurity Magazine) Under the term ‘shift left testing’, IT teams have learned to collaborate in order to deliver software faster, with fewer flaws.
How to Integrate Threat Intel & DevOps (Dark Reading) Automating intelligence can help your organization in myriad ways.
Threat intelligence today (CSO Online) Fast, accurate threat intelligence is vital in staying ahead of threats from bad actors. Find out how threat intelligence can help your IT security team protect your valuable data today and grow with your organization into the future.
Board members are main targets in a cyber attack (The Economic Times) The best defence against ransomware is to have a back-up which is not connected to the system. Now, when we got the mainframe computers, we were already talking about back-ups.
Design and Innovation
Biometric ID gets a security boost from the blockchain (ATM Marketplace) BitCAD, a cryptographic smart platform, has developed a decentralized blockchain-based system for biometric identification of users.
In the Know: Present and Future of Artificial Intelligence in Security (SentinelOne) You’ve seen that movie, the one where humans fabricate robots that are so human-like they end up taking over the world. What was once the plot line for every other sci-fi film is now leaking into reality of our everyday lives.
There's No Safe Way to Keep Child Porn and Murder Off Facebook (Motherboard) Facebook is hiring 3,000 more people to do what experts say is one of the most psychologically traumatizing jobs in tech.
Academia
IBM and Boston College Host Cybersecurity Day for Local High Schoolers (PRNewswire) IBM (NYSE: IBM) Security is collaborating with Boston College to bring...
Legislation, Policy, and Regulation
New proposals for encryption 'back doors' planned by UK government in extension to internet surveillance (Computing) Plans for encryption back door keys to be held by telcos and ISPs and real-time web surveillance.
UK govt wants real-time communication surveillance powers, courtesy of telcos (Help Net Security) The UK government wants greater communication surveillance powers, and in order to get them, it wants UK telecoms to provide the technical capabilities.
French presidential candidate pushes for stronger intel links with US (Defense News) Emmanuel Macron will launch a strategic review of French defense and security, if the centrist independent candidate wins the presidential election Sunday, his military adviser Jean-Paul Palomeros said May 4.
US, Japan deepen cyber information sharing (TheHill) Japan signs on to join DHS cyber information-sharing program.
Democrats press OPM on cyber hiring (TheHill) Lawmakers say OPM should explore streamlining hiring, offering new training resources to cyber personnel.
New cyber order draft keeps focus on critical grid companies (EnergyWire) A new draft White House executive order on cybersecurity would concentrate federal defenses on a classified list of infrastructure companies that are at greatest risk of a damaging attack.
Implications of IoT Security & Regulation (CyberX) Bruce Schneier's Security and the Internet of things is case for why government needs to regulate IoT security. This article summarizes his points and raises key questions. Read the full post.
Who needs the FCC? Seattle writes its own broadband privacy rule (TechCrunch) Hardly anyone was pleased by the rollback of the broadband privacy rule last month, opening up the possibility of ISPs collecting and selling your browsing..
Litigation, Investigation, and Law Enforcement
350 returning jihadists pose terror threat to UK (Times (London)) The security services have identified 350 people who have returned to Britain from Syria and pose a potential terrorist threat, Whitehall sources have told The Times. The disclosure of a precise...
NSA collected records of 151m Americans – but wait, didn’t bulk collection stop three years ago? (Naked Security) How did the NSA end up collecting the records of so many people on 2015 when it was only authorized to go after 42 suspected terrorists?
President Obama's team sought NSA intel on thousands of Americans during the 2016 election (Circa) The Obama administration distributed thousands of intelligence reports with the unredacted names of U.S. residents during the 2016 election.
Lawyers: How can we scrutinize surveillance records that remain sealed? (Ars Technica) Stanford attorneys make unusual request to a federal court itself, DOJ opposes.
FBI, NSA Directors Testify in Closed House Committee Session (US News & World Report) The directors of the FBI and National Security Agency met for more than two hours behind closed doors with members of a House committee investigating Russian meddling in the presidential election.
Intelligence Panel Takes Another Shot at Creating Committee to Counter Russian Influence (Foreign Policy) But President Trump will get to choose its members and agenda.
Can Trump fire FBI Director James Comey? (Newsweek) The president has hinted at the possibility of dismissing the man whose bureau is investigating possible ties between his campaign and the Russian government.
‘Yes, It’s a Crime’: Dem Senator Calls For ‘Special Prosecutor’ to Investigate Huma Abedin (Mediaite) Over the course of hours of testimony, James Comey confirmed yesterday that top Clinton aid Huma Abedin forwarded classified emails to Anthony Weiner, her twice disgraced sexting husband currently under federal investigation.
Charges of espionage against Navy officer dropped, plea deal reached (Navy Times) Military spying charges against Lt. Cmdr. Edward Lin have been dropped as part of a plea bargain with government.
With a plea deal in hand, disgraced Navy flight officer Edward Lin expresses remorse in court (Navy Times) "I was arrogant," Lin said.
U.S. Department of Justice is reportedly investigating Uber’s controversial ‘Greyball’ program (TechCrunch) It looks like there's more trouble round the corner for Uber. Reuters is reporting that the U.S. Department of Justice has opened a criminal investigation..
Report: Uber faces federal criminal probe over regulator-evading software (Ars Technica) Uber refuses comment but does provide recent letters sent to Portland officials.
Hundreds of suspected paedophiles held after dark net forum hacked (Times (London)) More than 280 suspected British paedophiles have been arrested as part of a huge global operation against child abuse on the dark net.
Cop fakes body cam footage, prosecutors drop drug charges (Ars Technica) Officer said he searched car, then turned on body cam to recreate it for "the courts."
Manchester Police in the Dock After Losing Interview Footage (Infosecurity Magazine) Manchester Police in the Dock After Losing Interview Footage. ICO fines GMP £150,000 after unencrypted DVDs got lost in the post
Europe Pumps Out 50% More Cybercrime Attacks Than US (Dark Reading) Cyberattacks originating from Europe were substantially higher than nefarious activity launched from the US during the first quarter.
The Changing Face of Criminal Behavior (CJOnline) The Internet enables criminals to operate in anonymity and access vast amounts of personal information...