Cyber Attacks, Threats, and Vulnerabilities
Macron hackers linked to Russian-affiliated group behind US attack (Guardian) Cybersecurity firms think group with ties to Russian intelligence was behind leak of emails and other documents belonging to French election winner’s campaign team
#MacronLeaks : à 24h du vote, des opposants au candidat En Marche jouent leurs dernières cartes (Numerama) Des utilisateurs de 4chan viennent de publier 9 Go de documents et emails qui appartiennent à l'entourage du candidat Macron. 24 heures avant le vote, cette publication semble être une volonté de déstabiliser plus que de révéler.
Analysis | Macron’s emails got hacked. Here’s why French voters won’t hear much about them before Sunday’s election. (Washington Post) A pre-election blackout has kept most French journalists quiet.
VIDEO. Macronleaks : le responsable de la campagne numérique d'En marche ! accuse les "supports" du Front national (Franceinfo) Interrogé par franceinfo, dimanche soir, Mounir Mahjoubi, le responsable de la campagne numérique d'Emmanuel Macron, accuse des "supports" du Front national d'avoir organisé la diffusion de documents piratés issus de la campagne Macron.
Hackers Hit Macron With Huge Email Leak Ahead of French Election (WIRED) The campaign of French presidential candidate Emmanuel Macron confirms it's been the target of a successful hacking operation.
Macron emails leaked online after huge hack (Times (London)) Emmanuel Macron’s campaign team said last night that it had fallen victim to a huge hacking operation designed to influence tomorrow’s French presidential election. The announcement comes after...
French candidate Macron claims massive hack as emails leaked (Reuters) Leading French presidential candidate Emmanuel Macron's campaign said on Friday it had been the target of a "massive" computer hack that dumped its campaign emails online 1-1/2 days before voters choose between the centrist and his far-right rival, Marine Le Pen.
Macron Hacking Attack: What We Know and Don’t Know (New York Times) The French presidential candidate Emmanuel Macron was targeted in a large dump of leaked emails and other documents, raising fears of Russian interference.
U.S. far-right activists, WikiLeaks and bots help amplify Macron leaks: researchers (Reuters) U.S. far-right activists helped amplify a leak of hacked emails belonging to leading French presidential candidate Emmanuel Macron's campaign, some researchers said on Saturday, with automated bots and the Twitter account of WikiLeaks also propelling a leak that came two days before France's presidential vote.
French media ordered not to publish Macron's hacked emails (The Independent) France's electoral commission has ordered media not to publish contents of Emmanuel Macron's leaked campaign emails to avoid influencing the election. It warned news outlets in France that journalists could face criminal charges for publishing or republishing the material, under laws that came into effect at midnight forbidding any commentary liable to affect the presidential race.
Media blackout ahead of unpredictable French election with four front-runners (The Sydney Morning Herald) Rules dating back more than half a century impose a 44-hour timeout ahead of the polls' closure on Sunday.
France is nothing like the US: An email hack isn't enough to vote into power a far-right nationalist (The Independent) Despite the silence of the French media’s legally imposed blackout, just days before the country’s 2017 elections, the news has been reverberating clear as a bell.
Emmanuel Macron and how political campaigns will never be the same (TechCrunch) Every major campaign brings its set of changes. Barack Obama used big data and micro-targeting in his 2008 campaign. Then social networks became a great way..
Why Accuracy About WikiLeaks Matters (Empty Wheel) Let me preface this post by saying that I’m perfectly willing to accept that Julian Assange is a narcissist, accused rapist, destructive hypocrite serving as a willful tool of Russia. I’m also happy to concede that his role in publishing the DNC and Podesta emails may have played a significant part in getting Donald Trump elected (though I think it’s down the list behind Comey and Hillary’s own (in)actions). Please loathe Julian Assange–that is your right. But please, also, try to be accurate about him and Wikileaks.
Hacker dumps, magnet links, and you (Errata Security) In an excellent post pointing out Wikileaks deserves none of the credit given them in the #MacronLeaks, the author erroneously stated that ...
Did Macron Outsmart Campaign Hackers? (The Daily Beast) While it's still too early to tell, so far the big document dump by hackers of the Macron campaign has not been damaging.
French officials launch probe into Emmanuel Macron's hacked e-mails (Express) French officials have launched a probe into the hacking of Emmanuel Macron's campaign e-mails just days after the scandal threatened to eclipse the presidential elections.
Putin congratulates Macron, wishing him ‘strong health’ (Financial Times) Russian president Vladimir Putin congratulated Emmanuel Macron on his victory in the French presidential election and wished him “strong health” in his tasks ahead, the Kremlin said Monday morning.
French election: Are Russian hackers to blame for Emmanuel Macron's leaked emails - and could they target UK election? (The Telegraph) The huge trove of hacked emails from Emmanuel Macron's campaign had barely been released online when the spotlight immediately fell on Russia hackers.
Britain, Germany brace for pre-election cyber attacks (The Straits Times) Britain and Germany were already beefing up cyber security ahead of key elections even before the hacking attack on France's Emmanuel Macron, months after Hillary Clinton was caught in the online crosshairs.. Read more at straitstimes.com.
From Russia, with Panic (The Baffler) The more I’ve looked at the hysteria surrounding Russia’s supposed hacking of our elections, the more I’ve come to see it as a case study of the cyber-attribution business.
Cyber-Espionage Malware Is So Advanced It Has Its Own API (BleepingComputer) Russian cyberspies have developed a new breed of backdoor trojan that features several novel techniques, including an API that allows attackers to reverse the C&C communications flow when needed.
New Fatboy Ransomware-as-a-Service Advertised on Russian Hacking Forum (BleepingComputer) A new Ransomware-as-a-Service (RaaS) portal is being advertised on an underground hacking forum, primarily used by Russian-speaking criminals.
'Fatboy' ransomware uses a location-based charging model (BetaNews) A new ransomware-as-a-service product named 'Fatboy' has been advertised on Russian language forums. What makes it different is the way it uses a sliding scale to charge its victims.
FrozrLock Ransomware Advertised on the Dark Web As "Great Security Tool" (BleepingComputer) A new Ransomware-as-a-Service has become available on the Dark Web, named FrozrLock, available for only $220, and advertised under the tagline of "great security tool that encrypts most of your files in several minutes."
If you downloaded HandBrake for Mac, you could be infected with Proton RAT (Help Net Security) A mirror download server of HandBrake has been compromised, and the legitimate app .dmg file switched with a Trojanized version containing the Proton RAT.
Website of HandBrake App Hacked to Spread Proton RAT for Mac Users (BleepingComputer) The website of the HandBrake app has been compromised, and one of its download mirrors modified to host a version of the Proton RAT embedded in the app's Mac client.
Malware warning for Mac users, after HandBrake mirror download server hacked (WeLiveSecurity) A mirror download server for the popular tool HandBrake video file-transcoding app has been compromised by hackers, who replaced its Mac edition with malware.
The hijacking flaw that lurked in Intel chips is worse than anyone thought (Ars Technica) Patch for severe authentication bypass bug won’t be available until next week.
Intel chip vulnerability found to be far worse than thought (SiliconANGLE) Intel chip vulnerability found to be far worse than thought
Vulnerability Spotlight: Power Software PowerISO ISO Code Execution Vulnerabilities (Talos Blog) A blog about the world class Intelligence Group, Talos, Cisco's Intelligence Group
Exploring a P2P Transient Botnet - From Discovery to Enumeration (SANS Internet Storm Center) We recently deployed a high interaction honeypots expecting it to be compromised by a specific malware. But in the first few days, instead of getting infected by the expected malware, it received a variety of attacks ranging from SSH port forwarding to "Viagra and Cialis" SPAM to XORDDoS failed deployment attempts. By the third day, it was insistently hit and compromised by Rakos, a Linux/Trojan.
Anti Public Combo List with Billions of Accounts Leaked (HackRead) There are so many data breaches these days that it's almost impossible to keep a track of them. From billions of Yahoo accounts to millions of LinkedIn and
The Google-phish-that-was-also-a-worm – what happened and what to do (Naked Security) More on that Google-phish-and-worm saga, with some tips on what to do now, and how to avoid this sort of thing in the future.
Bank accounts raided after crooks exploit huge flaw in mobile networks (Naked Security) The SS7 protocol has always been vulnerable – and now the carriers’ complacency has come home to roost
Malware framework using legitimate utilities lobbed at government agencies (Help Net Security) Bitdefender researchers have unearthed the Netrepser malware framework. Unlike those used by most APTs, this framework contains mostly legitimate utilities.
Microsoft's Windows warning: Hackers hijacked software updater with in-memory malware (ZDNet) Advanced attackers are using a blend of in-memory malware, legitimate pen-testing tools and a compromised updater to attack banks and tech firms, warns Microsoft.
SharePoint houses sensitive data, but organizations are not keeping it safe (Help Net Security) SharePoint houses sensitive data, yet 49% had at least one data breach in the SharePoint environment in the past two years.
These are some of the apps for iOS that filter personal data of its users (CydiaPlus) These are some of the apps for iOS that filter personal data of its users
Homeland Security Issues Warning on Cyberattack Campaign (BankInfo Security) The Department of Homeland Security is warning IT service providers, healthcare organizations and three other business sectors about a sophisticated cyberattack
Hackers Find Celebrities’ Weak Links in Their Vendor Chains (New York Times) Big entertainment companies have toughened the security of their computer networks. But often, their suppliers and collaborators are vulnerable.
WWE Divas Charlotte Flair, Victoria Latest Victims of Leaked Photos (HackRead) Earlier this week, private photos and video clip of the famous WWE Divas Lisa Marie Varon known by her WWE name Victoria and Charlotte Flair were leaked on
Cyber attack hits 26,000 Debenhams customers (Sky News) Payment details, names and addresses have been accessed or stolen in the attack on Debenhams Flowers, the retailer has confirmed.
Security Patches, Mitigations, and Software Updates
Patch to fix Intel-based PCs with enterprise bug rolls out next week (CSO Online) Starting next week, PC makers will roll out a patch that fixes a severe vulnerability found in certain Intel-based business systems making them easier to hack.
Google Patches 17 Critical Vulnerabilities in Android May Security Update (eSecurity Planet) Google is out with its fifth patch update of 2017, with mediaserver flaws once again topping the list.
Cyber Trends
Cybersecurity expert Richard Clarke talks about the “sentinel personalities” who will save us all (TechCrunch) Richard Clarke has been watching the world for decades. The cybersecurity czar for the Bush and Clinton administrations, Clarke has been thinking and writing..
Government Joins the Finance Sector at the Top of the Cyber Attack List (BusinessWire) New research: cyber attacks on the government sector doubled from 7% of all attacks in 2015 to 14% in 2016. Attacks on the finance sector also hiked f
Americans Think Russia is More Dangerous Now than During the Cold War (Endgame) In 2012, when then-presidential candidate Mitt Romney suggested that Russia was one of the U.S.’s top geopolitical adversary, most scoffed at the idea, including then-president Barack Obama who noted that the Cold War had been over for more than two decades.
From financial advisers to cybersecurity advocates (Financial Standard) Financial advisers must arm themselves with serious cybersecurity knowhow as more cybercrime networks turn their focus to financial services companies at an alarming rate.
The "Cybersecurity Marketing Scams" worse than Cyber-attacks (PRUrgent) "Self-proclaimed instant 'Cyber Experts' are the new 'Cyber-scammers' Cybersecurity experts warn. Words like "Artificial Intelligence", "Neural Networks", "Cognitive Computing", "Cyber Neurons" are a sign.
Marketplace
Cybersecurity spend to top $101bn by 2020 (Trade Arabia) Global organisations worldwide will spend $101.6 billion annually on cybersecurity software, hardware and services by 2020 compared with spending of $73.7 billion in 2016, according to research from the International Data Corporation (IDC).
Microsoft Invests In Two More Artificial Intelligence Startups (Silicon UK) Microsoft has been bullish on AI lately and that zeal is extending beyond its own product portfolio and into its investment strategy
Watson won ‘Jeopardy,’ but IBM is not winning with artificial intelligence (MarketWatch) With IBM sales at a 15-year low, the company’s sluggish turnaround is haunting the company.
Visibility With A Human Touch: Splunk's Take On Balancing Your Cybersecurity Portfolio (Forbes) Wherever machine data appears that has high value signal, you can be sure that Splunk will show up, understand the use case, and create products.
Confide CEO Jon Brod on the White House, bad press, and what’s next for his secure messaging app (TechCrunch) Thursday night, at a StrictlyVC event in San Francisco, I sat down with Confide cofounder and president Jon Brod to talk with him about his decidedly topsy..
LookingGlass seeks greenfield growth in threat intelligence via partner program (LookingGlass Cyber Solutions Inc.) There are an excessive number of security tools and services on the market today, but threat intelligence services are arguably one of the top tools that enterprises of all sizes can leverage to stay one step ahead of cybercrime, prevent data loss, and reduce their overall security risk. Beyond the traditional security tools, an outside-in threat intelligence approach to cybersecurity efforts is increasingly being looked at by enterprises, in order to proactively track enemies and attackers, hunt threats, and address impending business risk.
Forcepoint expects revenue share from govt biz to rise by 10% (Business Standard) Cyber security firm Forcepoint expects its revenue from government business to go up by 10 per cent in the next 1-2 years.
How Will 'New Collar' Skills Impact the Cybersecurity Skills Gap? (Security Intelligence) One way to close the skills gap is to recruit new collar professionals who possess the requisite skills, if not the degrees, to work in cybersecurity.
Former RSA executive chairman and CEO Art Coviello joins Gigamon board of directors (CSO Online) Coviello is expected to help guide the company's security strategy and growth.
Products, Services, and Solutions
With Krypt.co, Not Even Superman Could Steal Your Password (BostInno) The fact that Krypt.co is somehow the buzz of the tech scene in Boston is ironic since this company's name sounds almost like the ancient Greek prefix for "hidden" or "secret." In reality, the...
Practical Threat Intelligence (Peta.ai) Peta Ai is a research & reconnaissance project designed to showcase how different organizations in terms of cyber security may appear to an external attacker.
Verizon Hides User Apps With New SDP Service (Light Reading) Verizon offers a new SDP service to enhance customer application security.
SailPoint Launches “The Identity University” to Fuel Customer Success (BusinessWire) SailPoint, the leader in enterprise identity management, has launched The Identity University™, a comprehensive online curriculum for identity m
Technologies, Techniques, and Standards
Beyond Plan B: Army Embraces Broad Cyber Program (SIGNAL Magazine) The U.S. Defense Department's research arm skipped from Plan B for cyber defense solutions to Plan X, advancing platforms to conduct cyber warfare like kinetic warfare.
The Probability of Loss: How Threat Intelligence Quantifies Risk for the Business (Recorded Future) It can be argued that cyber threat intelligence (CTI) is most valuable to a business when it continuously informs a quantitative risk assessment model that contains specific probabilities for loss from a specific threat type.
Where to start with threat intelligence sharing (C-Suite) Threat intelligence is becoming a more ubiquitous feature in information security programs.
Building a Holistic Cyberhealth Immune System (Security Intelligence) The health care security immune system maps to integrated services and products, addressing specific health care concerns and preventing cyberattacks.
How to Build a Secure Wordpress Environment (The State of Security) In this blog post, I will share with you what to look for in a Webhost provider, how to secure and harden your WordPress environment
Securing Devices Without Invading Privacy (Infosecurity Magazine) Some mobile security policies are at odds with the culture of productivity, freedom, and flexibility that organizations work to enable.
Design and Innovation
Listen up: is this really who you think it is talking? (Naked Security) Lyrebird, an AI startup, can produce uncannily good versions of real people’s voices. What does it mean for identity fraud?
What is a Hashed Timelock Contract? (The Merkle) There are a lot of aspects about cryptocurrency most people have never heard of. One of these technological features goes by the name of Hashed Timelock Contracts. This feature can prove to be quite p
Research and Development
Teaching Machines to Detect Fake News Is Really Hard (Motherboard) Researchers combined meta-data with over 10,000 examples of IRL fake news in a dataset to train machine learning algorithms how to automatically detect fake news.
In Op-Ed, Eric Schmidt Argues for Government Role in Basic Research (Motherboard) "While investing in basic research typically doesn’t make sense for a business, it has been a winning strategy for our nation."
Legislation, Policy, and Regulation
German intel chief looks to 'wipe out' Russian servers used in cyber attacks (Mashable) The government is looking into reworking laws to allow German cyber squads to find and eradicate stolen information.
Sweeping surveillance powers will ban complete encryption (Times (London)) The government has secretly drawn up detailed plans for increased surveillance powers, including the authority to monitor anyone in real time and a ban on unbreakable encryption. The draft...
Winning the Cyberwar Against ISIS (Foreign Affairs) To defeat ISIS in cyberspace, an entirely new strategic approach is needed: one that emphasizes close coordination, flexibility, and adaptability.
Extreme hoarders: Zero-day edition (SC Magazine US) Nation-states are stockpiling software exploits to compromise and spy on their rivals. But do their gains represent a loss for manufacturers, developers and the public? Bradley Barth reports.
Intel act highlights cyber, STEM and Russia (FCW) Prioritizing STEM education, improving cybersecurity, reviewing the ODNI and countering Russian influence are among the priorities Congress has spelled out in the 2017 Intelligence Authorization Act.
Five key players for Trump on cybersecurity (TheHill) President Trump’s cyber agenda is largely up in the air, with a hotly anticipated cybersecurity executive order yet to emerge from the White House.
Efficiency and effectiveness, being risk aware part of DoD acting CIO's cyber priorities (FederalNewsRadio.com) Acting Defense Department CIO John Zangardi said he's taking a "risk aware" approach when it comes to meeting his cyber and IT priorities.
NSA stops one abuse, but many remain (Pasadena Star News) The National Security Agency has decided to halt a controversial surveillance program, but this was just the tip of an iceberg of government abuses of privacy and due process.The NSA said last week that it will no longer engage in warrantless...
Column: Fighting cybercrime creates a dilemma in America (Fredericksburg.com) Americans want their cyber data to be safe from prying eyes. They also want the government to be able to catch criminals. Can they have both?
Litigation, Investigation, and Law Enforcement
Boko Haram plan to kidnap foreigners in Nigeria: US, UK (AFP via Terrorism Watch) Britain and the United States on Friday said Boko Haram was preparing to kidnap foreigners in remote northeast Nigeria, which...
Rand Paul requests info on whether Obama surveilled him (TheHill) Sen. Rand Paul (R-Ky.) says he has asked the intelligence community and White House for any evidence that he was surveilled by former President Barack Obama.
Flynn was warned by Trump transition officials about contacts with Russian ambassador (Washington Post) The former national security adviser was told weeks before a phone call that led to his resignation that the Russian’s communications were sure to be monitored.
Dark Web Marketplace Shut Down in Slovakia (BleepingComputer) Law enforcement in Slovakia has arrested two individuals for their involvement in drugs and weapons trafficking, among which, one is suspected of operating the Dark Web marketplace known as Bloomsfield.
Oxygen Forensic Detective Helps Prove Guilt in Underage Sex Civil Case (PRNewswire) Oxygen Forensics, a worldwide developer and provider of advanced...
Computer forensics follows the bread crumbs left by perpetrators (CSO Online) As investigators, these security pros let the clues lead them. See in a few examples how commercial software helps these techies solve the crime.
Florida Man May Serve 1,140 Years in Prison Over Child-porn Content (HackRead) Just yesterday it was reported that Steven W. Chase, a 58-year-old man from Naples, Florida and the owner of PlayPen, a Dark Web website hosting child porn
Man Who Ran Dark Web Child Porn Site Sent to 30 Years in Prison (HackRead) Playpen, an illegally operated website that distributed child pornography in different parts of the world, had its founder sentenced to 30 years of impriso
Parents lose custody of kids after YouTube pranks (HackRead) “DaddyOFive,” is a verified YouTube channel with 763,595 subscribers who apparently have been using their kids to make online prank videos. In one of the v
Man: border agents threatened to “be dicks,” take my phone if I didn’t unlock it (Ars Technica) “I believe strongly in the Constitution and in my right to privacy.”
Lawyer: Cops “deliberately misled” judge who seemingly signed off on stingray (Ars Technica) “Any system that is not transparent is inherently corrupt.”