Cyber Attacks, Threats, and Vulnerabilities
Sednit adds two zero-day exploits using 'Trump's attack on Syria' as a decoy (WeLiveSecurity) Sednit is back - this time with two more zero-day exploits embedded in a phishing email titled Trump's_Attack_on_Syria_English.docx.
NSA Director Confirms That Russia Really Did Hack the French Election (WIRED) NSA Director Michael Rogers provides the first US government confirmation that Russia successfully compromised elements of the French election.
US tipped France to Russian election hacking, says Cyber Command chief (Defense News) The U.S. watched as Russia “penetrated” French systems during the election runup and gave French officials “a heads up,” Adm. Mike Rogers said Tuesday.
NSA chief: US alerted France to Russian election hacking (Washington Examiner) Adm. Mike Rogers said the agency witnessed Moscow "penetrate" public infrastructure before a major dump of winning candidate Emmanuel Macron...
Putin Lost France, but He’s Still Got a Chance in Germany (The Daily Beast) The Kremlin’s chosen candidate, Marine Le Pen, failed to win the French presidency, but Germany’s election in September provides one last chance to disintegrate the European Union.
NSA director describes worst case scenario cyber attack for U.S. (Washington Post) At a Senate Armed Services Committee hearing May 9, Cyber Command and National Security Agency chief Adm. Michael S. Rogers responded to Sen. John McCain's question about the worst and best case scenarios for the future of cyber.
NSA chief: This is what a worst-case cyberattack scenario looks like (ZDNet) Cyber chief outlines the three main features of a serious cyberattack.
Russian espionage, hackers exploited Microsoft Office flaw: report (TheHill) The trio was uncovered by the security firm FireEye.
EPS Processing Zero-Days Exploited by Multiple Threat Actors (FireEye) FireEye recently identified three new zero-day vulnerabilities in Microsoft Office products that are being exploited in the wild.
Information Warfare: Acceptable Islamic Porn (Strategy Page) Recently the eighth edition of an online magazine for ISIL (Islamic State in Iraq and the Levant) fans in the West appeared. Called Rumiyah, it first showed up in September 2016 and has appeared about once a month ever since. Rumiyah was designed for those in the West interested in ISIL style mayhem and especially “lone wolf “attacks.
China cries 'fake news' in reaction to report about U.S. Navy chief Harris (The Japan Times) China's Foreign Ministry has labeled as "fake news and not worth refuting" a report that Beijing urged Washington to fire the top U.S. naval commander in t
Android App Permission in Google Play Contains Security Flaw (Dark Reading) Android's app permission mechanisms could allow malicious apps in Google Play to download directly onto the device.
Downloading Chrome for Android? Be careful – we’ve found an evil twin (Naked Security) Techniques used to poison a version of the Android Chrome browser with Andr/SandRat-C, Andr/Rootnik-AH are finding their way into other apps – and into the Play Store
Defeating Magento security mechanisms: Attacks used in the real world (Help Net Security) Magento security is always under the microscope. Here are examples of attacks that combine common vulnerabilities with faulty Magento security mechanisms.
A Vicious Microsoft Bug Left a Billion PCs Exposed (WIRED) A newly fixed flaw in Microsoft's malware protection could have been bad news for a whole lot of PCs.
Google found over 1,000 bugs in 47 open source projects (Help Net Security) Google has unearthed over 1,000 bugs in 47 open source software projects, and it's now ready to escalate its fuzzing open source efforts.
SLocker Ransomware Variants Surge (Dark Reading) SLocker, one of the top 20 Android malware families, has seen a six-fold increase in the number of new versions over the past six months.
Infoblox On DDoS Attack On FCC Site (Information Security Buzz) Following the news that the FCC site was subject to a DDoS attack last night, Dr Malcolm Murphy, Technology Director at Infoblox commented below. Dr Malcolm Murphy, Technology Director at Infoblox: “We’re increasingly seeing cyberattacks used with political intent: from the release of emails from newly elected French President Macron’s party just two days before voters went …
Hacked Industrial Robots Destroy Business (LinkedIn) No, this isn’t the title of a B movie or a sci-fi thriller for teens.
Dating site users spammed with smut after ‘third-party’ data leak (Naked Security) The publisher’s blaming a third-party contractor and “human error.”
Primary Care Services investigating cyber-attack (WHBQ) Primary Care Services is investigating a cyber-attack that happened in February.
Security Patches, Mitigations, and Software Updates
Microsoft fixes 55 vulnerabilities, 3 exploited by Russian cyberspies (CSO Online) Microsoft released security patches Tuesday for 55 vulnerabilities across the company's products, including three flaws that have already been exploited in targeted attacks by cyberespionage groups.
Microsoft May Patch Tuesday faces down three zero-day exploits, but is it too little, too late? (Computing) Russian hackers swarm all over bugs as company plugs gaps long after the event
Microsoft admins: Update your systems now to prevent "crazy bad" zero-day bug exploits (TechRepublic) Two members of Google's Project Zero discovered a serious exploit over the weekend. It's so bad it can take over a system just by sending an email-no opening or reading necessary.
Cisco kills leaked CIA 0-day that let attackers commandeer 318 switch models (Ars Technica) Fix neutralizes attack code that was put into the wild in early March.
Adobe Patches Seven Security Flaws Affecting Flash Player (BleepingComputer) Today, Adobe has released two security advisories affecting two of its products, Adobe Flash Player and Adobe Experience Manager Forms, the latter being an application part of the Adobe Marketing Cloud service for, a collection of integrated online marketing and Web analytics products.
The Long Tail of the Intel AMT Flaw (Dark Reading) Organizations impacted by easily exploitable privilege escalation vulnerability may need time to apply firmware patches, analysts say.
Corporate finance employees at fault for rising data losses (IBS Intelligence) Verizon’s research shows that a great number of data breaches are a result of poor utilisation of the security measures.
Verizon Eyes Human Tactics In Enterprise Crime (PYMNTS.com) The bad news keeps on coming for businesses facing cyberattacks. The FBI released new data last week warning businesses that the business email compromise scam has led to an uptick in wire fraud. The scam resulted in $5.3 billion in attempted fraud between October 2013 and 2016. Previous data from the FBI found that between October […]
Warning – Finding Casandras to Stop Catastrophes – can this book help get management onboard (Control Global) Hopefully, the book Warning- Finding Casandras to Stop Catastrophes can reach the appropriate decision makers to help move the needle on cyber securing the control systems in our commercial and industrial infrastructures.
Is remote access technology leaving you vulnerable? (Help Net Security) Despite rising awareness of the threats posed by users with privileged access permissions, most still allow remote access technology in their organizations.
Cybercriminals Are Winning: Even Security Professionals Admit to Paying Ransom and Bypassing Corporate Security (MarketWired) Cybercriminals Are Winning: Even Security Professionals Admit to Paying Ransom and Bypassing Corporate Security
Shining a Light on Security's Grey Areas: Process, People, Technology (Dark Reading) The changing distributed and mobile business landscape brings with it new security and privacy risks. Here's how to meet the challenge.
In 5 years AI may replace pros in tasks within medicine, law and IT (Help Net Security) Gartner predicts that by 2022, smart machines and robots may replace highly trained professionals in tasks within medicine, law and IT.
Cyber attacks on Canadian companies starting to 'explode', says president of cybersecurity firm (Financial Post) Canadian companies are facing an increasing number of cyber attacks, says Travis Reese, president of FireEye Inc. — and for him, that’s an opportunity
Fortinet Announces Investment in UBIqube to Bolster Cybersecurity Automation across Multi-Vendor Environments - NASDAQ.com (NASDAQ.com) Further illustrates Fortinet's commitment to drive security innovation for virtualized network functions and software-defined networks
Mobileye acquisition to start Israeli auto-tech boom (Globes) Intel could make more acquisitions in Israel, and Check Point and the defense industries are also interested in the sector.
SAP co-founder's VC firm leads $15M investment in Vera (Help Net Security) Vera announced a $15 million strategic investment led by HP-Ventures, the venture capital firm founded by of SAP Chairman, Hasso Plattner.
https://www.automationworld.com/article/industry-type/all/deloitte-and-dragos-partner-industrial-cybersecurity (Automation World) The industrial control system cybersecurity space continues to attract new investments, partnerships and companies.
TalkTalk posts further revenue decline in 2017, but claims subscriber numbers grew in fourth quarter (Computing) Cut-price contracts have started to lure back residential customers to TalkTalk
Better Buy: Palo Alto Networks, Inc. vs. Check Point Software (The Motley Fool) The data security peers are taking decidedly different approaches to their businesses.
Top DRaaS companies to watch (CSO Online) Forrester Research recently released its report naming Sungard AS, Bluelock, IBM, and iland as the top disaster recovery-as-a-service companies. See its reasoning why.
Federal Cyber Pros Surveyed in Largest Known Workforce Study to Date Identify Keys to Attracting and Retaining Talent (PRNewswire) According to the Center for Cyber Safety and Education™ Global...
Cyber Security Will Generate £60m In Salaries In Northern Ireland (Silicon UK) Cyber security looks to be a strong career choice in Northern Ireland, as the sector is on course to generate £60 million in salaries per annum.
Avast joins watchdog ranks as No More Ransom partner (Security Brief) Avast is one of the latest security providers to join the No More Ransom campaign, alongside law enforcement agencies and the private security sector.
Cavirin Wins 2017 TiE50 Award for Its Innovation in Cloud Security (BusinessWire) Cavirin Systems is the recipient of the 2017 TiE50 award. This award was preceded by another recognition for the company’s cloud security vision
Infoblox Hires Polycom Vet as Channel Chief (Channel Partners) Chris Jones, Infoblox’s new vice president of worldwide partners, plans to launch an expanded global partner program later this year.
Lawrence Jones appoints MD for security firm Secarma (CRN) Paul Harris rejoins Jones following spell as marketing director at UKFast earlier in his career
CyberArk Appoints Marianne Budnik as Chief Marketing Officer (BusinessWire) CyberArk (NASDAQ: CYBR) today announced the appointment of Marianne Budnik as chief marketing officer (CMO).
Malwarebytes Appoints Raj Mallempati as Senior Vice President of Marketing and Elena Verna as Senior Vice President of Growth (BusinessWire) Malwarebytes announced today a strategic expansion to its marketing department.
Products, Services, and Solutions
LifeJourney™ Releases Cyber University Product (PRWeb) CyberU enables community colleges and universities to rapidly increase their enrollment in cyber programs.
Comodo launches free enterprise threat analysis (BetaNews) Data breaches not only cost businesses money in the short term, they can cause long term reputational damage as stolen details turn up for sale in dark corners of the internet.
Radware Attack Mitigation Solutions Help e-Commerce Company Manutan to Ensure Uninterrupted Service to Its Customers - NASDAQ.com (NASDAQ.com) Radware® (NASDAQ:RDWR), a leading provider of cyber security and application delivery solutions, today announced that French-based Manutan, a subsidiary of The Manutan Group, uses Radware's Attack Mitigation Solution (AMS) to ensure high-availability of its IT infrastructure.
Verizon Readies Its Universal CPE (Light Reading) The Universal CPE, driven by OpenStack and off-the-shelf hardware, should help Verizon deliver virtual services straight to the enterprise.
Gemalto and Veridos Strengthen Citizen Identity Security with eID Cards for Macao SAR Government (CSO) Gemalto, the world leader in digital security, is partnering with Veridos, a German company specializing in Identity Solutions, to supply contactless electronic identity cards to the Macao Special Administrative Region Government.
Inphi safeguards its Intellectual Property with Darktrace (Cambridge Network) News from Cambridge businesses. Network members upload news here about their products, services and achievements.
Fortinet : Edward Jones Selects Fortinet to Deliver High-Performance Network Access at Scale to its Data Center and Branch Office Networks Across North America (4Traders) Chris Boedges, chief technology officer, Edward Jones It is critical that our branches have responsive, reliable network access to serve our clients. By partnering with Fortinet, we were able to deploy a network architecture to help us improve the delivery of our data with high-performance, more bandwidth and improved redundancy.
The Watchlist: Collaborating to Build Better Adversary Dossiers Faster (ThreatQuotient) Have you ever wanted to be alerted about new information related to the TTP of an adversary? Well now that’s possible!
Harland Clarke and LockPath to Launch Valuable Risk Management and Compliance Solution (BusinessWire) Harland Clarke and LockPath align to launch governance, risk and compliance solution, GRC Spotlight, a comprehensive platform for FIs to manage today'
Westcon-Comstor Bolsters Network Portfolio with Infoblox Infrastructure Protection Solutions (Infoblox) Infoblox, Inc. a network management and control vendor, has made its award-winning network infrastructure protection solutions available to Westcon-Comstor in order to strengthen its reach with channel partners across North America. The addition of Infoblox’s core network services (including DNS, DHCP and IP address management offerings) and secure DNS solutions to Westcon-Comstor’s Security Solutions Practice …
Trying to Find the Can’t Miss Gift for that Special Someone? Check-out Kensington’s 2017 Dads & Grads Gift List (Kesington) Topping this Year’s Roster: Kensington’s New Pro Fit Low Profile Wireless Desktop Set – Ensures Clutterfree, Secure Work Space
Technologies, Techniques, and Standards
Opinion: Some thoughts about Gizmodo's Phishing story (CSO Online) On Tuesday, Gizmodo published a story about how easy it was to get Trump Administration officials and associates to click a Phishing link. In order to do this, the Gizmodo Special Projects Desk developed a fake Google Docs email, complete with a false sign-in page. But did they go too far?
Gizmodo security test proves everyone (even team Trump) can get phished (Graham Cluley) Gizmodo's "security preparedness test" that targeted members of the Trump administration illustrates how everyone and anyone can fall for a phish.
SSA.GOV To Require Stronger Authentication (KrebsOnSecurity) The U.S. Social Security Administration will soon require Americans to use stronger authentication when accessing their accounts at ssa.gov. As part of the change, SSA will require all users to enter a username and password in addition to a one-time security code sent their email or phone. In this post, we’ll parse this a bit more and look at some additional security options for SSA users.
SAFECode Unveils Software Best Practices for Threat Modeling and Third Party Components White Papers (BusinessWire) SAFECode Unveils Software Best Practices for Threat Modeling and Third Party Components White Papers
Prevent SQL injection vulnerabilities in PHP applications and fix them (Acunetix) SQL injection (SQLi) refers to an injection attack wherein an attacker can execute arbitrary SQL statements by tricking a web application in processing an attacker’s input as part of an SQL statement. This post will focus on how to prevent SQL injection vulnerabilities within PHP applications and fix them.
How a threat intelligence platform can anticipate future attacks (TechTarget) If your organization is considering using a threat intelligence platform to delve into the possible risks it faces, it is important to understand the strengths and limits of this type of technology.
How to protect your Google and Facebook accounts with a security key (CSO Online) Security keys offer a more secure alternative to code-based two-factor authentication.
Game of Thrones actress reveals cast forced to embrace two-step verification, and so should you (Graham Cluley) Two-step verification makes it much harder for hackers to break their way into email accounts.
Public Wi-Fi: How to Secure Your Data in 10 Minutes (TheBestVPN.com) Ever felt uneasy doing your online banking in your favorite coffee shop? Me too. Are you sure you want to hit “buy” on that chic blue and black (or was it gold and white?) dress, exposing your credit card details to cyber criminals who may be watching? Think again. I don’t blame you if every time you log …
Design and Innovation
Digital Identity Part I - Storing Sovereign Identities on the Blockchain (Crypto Insider - Bitcoin and Blockchain News) Designing a solid digital identity system may be the biggest problem of the digital age. If formalized civilization depends on identity, free civilization depends on self-sovereign identity. No identity system housed in a privately-owned computer system will be free from the whims of the parent company. Blockchain technology comes to the rescue.
CyberPatriot X Surpasses 1,000 Teams in Record-Breaking Time - EconoTimes (EconoTimes) The Air Force Association (AFA) today announced that CyberPatriot, AFA’s premier STEM education initiative, has surpassed 1,000 registered teams for the 2017-2018 CyberPatriot X...
Legislation, Policy, and Regulation
F.B.I. Director James Comey Is Fired by Trump (New York Times) President Trump abruptly terminated Mr. Comey, who was leading an investigation into whether Mr. Trump’s advisers colluded with Russia to influence the election.
Trump fires FBI Director James Comey over email investigation (NBC News) In a letter from Trump to Comey, the president said, "While I greatly appreciate you informing on three separate occasions that I am not under investigation, I nevertheless concur with the judgment of the DOJ that you are not able to effectively lead the bureau."
‘You’re terminated’: Trump sacks FBI chief in shock move (Times (London)) President Trump fired the head of the FBI last night for mishandling an investigation into Hillary Clinton’s controversial secret emails. Officials said that James Comey was dismissed for...
Comey firing: Reaction from members of Congress on FBI director’s dismissal (Washington Post) Rounding up reaction from Capitol Hill.
James Comey firing was inevitable (USA TODAY) The FBI director has long been a dead man walking.
Sessions was told to find reasons to fire Comey: reports (TheHill) President Trump’s decision Tuesday to fire FBI Director James Comey has been in the works since at least last week, according to multiple media reports.
Could Anybody Be Worse Than James Comey On Encryption? We're About to Find Out (Motherboard) A look back at former FBI Director James Comey’s years-long battle against privacy.
CYBERCOM Head Rogers: U.S. Should ‘Publicly Out’ Kremlin Cyber Attacks (USNI News) The United States needs to make it clear it is unacceptable and there is a price to pay if any adversary takes action like manipulating voter registration rolls, the head of U.S. Cyber Command told the Senate Armed Services Committee on Tuesday.
Intelligence Leaders Are Practically Begging Trump to Condemn Russian Hacking (Defense One) The president’s unwillingness to call out Moscow’s electoral meddling is doing the Kremlin a favor, one former top spy testified to lawmakers.
Cyber Command Increases Readiness to Hold Targets at Risk (U.S. Department of Defense) Amid the intensified pace of international conflict in cyberspace threats, U.S. Cyber Command continually increases its Cyber Mission Forces’ readiness, the director of the National Security Agency
McCain refocuses his Obama cyber criticisms onto Trump (TheHill) During a Senate Armed Services Committee hearing Tuesday, McCain, who routinely criticized the Obama administration for lacking a coherent cyber strategy, repeatedly chided the Trump administration for not developing its own strategy.
N. Korean officials meet U.S. experts in Oslo (Yonhap News Agency) North Korean officials began informal talks Monday with a group of American experts in Oslo, Norway, amid speculation that Washington may seek dialogue with Pyongyang, diplomatic sources said.
Summer of airport chaos likely if US devices ban is extended (The Independent) “As threats change,” says the US Transportation Security Administration (TSA), “so too will TSA’s security requirements”. Reports suggest that those requirements are about to get much tougher for European airline passengers wanting to fly to the US. In March, the Department of Homeland Security rushed out a ban on electronic devices in hand luggage on flights from eight countries in North Africa and the Middle East.
Condoleezza Rice: 'We have to call' out radical Islamic terrorism 'by name' (Washington Examiner) "We have to stop the ideology as well as — it is evil in our times."
U.S. Cyber Command chief briefs senators on building its acquisition authority (Inside Cybersecurity) The U.S. Cyber Command is working with Senate staff on implementing new cyber acquisition authority under National Defense Authorization Act provisions aimed at elevating the command’s role, according to Adm. Michael Rogers, commander of the agency.
DOD needs cyberwarriors so badly it may let skilled recruits skip boot camp (Ars Technica) Shortage of skilled “cyber operators” has services scrambling to find ways to recruit.
EU plans more regulation for internet giants (Computing) Web giants to be told by the EU to play fair with small businesses
Census fires DTA cyber response (InnovationsAus.com) Census fires DTA cyber response Budget 2017...
Litigation, Investigation, and Law Enforcement
James Comey’s Testimony on Huma Abedin Forwarding Emails Was Inaccurate (ProPublica) The FBI hasn’t decided how to correct the director’s false claim that she forwarded thousands of Clinton emails to the laptop computer of her husband, former Congressman Anthony Weiner.
Why James Comey had to go (New York Post) A curious belief in some circles of journalism holds that if both sides are equally unhappy with your story, you’ve done a good job. I never subscribed to that approach, and thankfully, President T…
Sally Yates: ‘We believed that Gen. Flynn was compromised’ (POLITICO) Trump's former national security adviser could have been blackmailed by the Russians, Yates tells the Senate.
Trump ax falls on FBI's Comey in midst of Russia probe (FederalNewsRadio.com) President Donald Trump abruptly fired FBI Director James Comey Tuesday, saying it was necessary to restore "public trust and confidence" in the agency.
Trump Firing Comey Won’t Slow Down the Russia Probe—Yet (WIRED) The president has fired the FBI director in charge of investigating him. But that won't slow the Russia probe.
Kamala Harris Calls For Special Prosecutor Following Comey Firing (Talking Points Memo) In the wake of the news that President Donald Trump fired FBI Director James Comey, Sen. Kamala Harris (D-CA) called...
Kaspersky Lab Says it Has ‘No Ties to Any Government’ (MSP Mentor) In an email statement to MSPmentor today, company officials said the company’s reputation is being attacked unfairly.
We are not Russian spies: Kaspersky (iTnews) Security vendor denies US allegations.
Lawyers demand answers after artist forced to unlock his phone (Naked Security) Artist who arrived home in San Francisco faced ‘unconstitutional’ demands to unlock his phone
Hackers Face $8.9 Million Fine for Law Firm Breaches (Dark Reading) A federal court orders three Chinese nationals to pay $8.9 million in fines and penalties for hacking into two law firms and using stolen confidential information to trade stocks.
Durham Constabulary to use AI to help assess risks of offending by criminal suspects (Computing) AI to help police in Durham with their custody decisions