Cyber Attacks, Threats, and Vulnerabilities
Cyber attack pushes French news sites offline (Reuters) Several French news companies, including Le Monde and Le Figaro, said their websites went temporarily offline on Wednesday because a company that helps speed delivery of their content was hit by a cyber attack.
French Websites Knocked Offline in Cyber-Attack on Cedexis (Bloomberg.com) The websites of several major French media outlets were knocked offline Wednesday during a cyber-attack against Cedexis, a Paris-based provider of network and cloud technology to corporate customers.
Threat Actors Leverage "Phonecord" Bot to Harass Victims (Flashpoint) Flashpoint Analysts recently observed a series of attacks that subject victims to an age-old form of abuse: telephone harassment.
The Google Play apps that say they don’t collect your data – and then do (Naked Security) Our researchers have found more than 50 apps in Google Play that contain XavirAd, which says it doesn’t collect your personal information and then promptly sucks it up...
3 of 4 Zero-Days Microsoft Patched Yesterday Were Used by Russian Cyberspies (BleepingComputer) Microsoft's May 2017 Patch Tuesday, released yesterday, included fixes for three zero-days, which according to ESET and FireEye, were used by cyber-espionage groups operating out of Russia.
Thai Companies Hit by Ransomware Attack (HackRead) We are quite used to seeing hackers using ransomware apps to trick unsuspecting users into paying ransoms. But, in Thailand instead of targeting ordinary
Seamless Campaign Using Rig Exploit Kit to send Ramnit Trojan (SANS Internet Storm Center) On Wednesday 2017-05-10, @thlnk3r tweeted about Rig exploit kit (EK) activity. @DynamicAnalysis has already posted an analysis of this traffic on malwarebreakdown.com (always a good read), but I've also looked into it. Today's diary documents my investigation.
40 Asus RT routers open to attack through web interface vulnerabilities (Help Net Security) If you own an Asus RT wireless router, and you haven't updated its firmware for a while, now is the time to do it. Asus RT router security.
Hacker Steals Millions of User Account Details from Education Platform Edmodo (Motherboard) The data includes usernames, email addresses, and hashed passwords.
The Tanium Affair Reminds Us That Cybersecurity Risks Are Everywhere (JD Supra) The Wall Street Journal recently reported that well-known cybersecurity startup Tanium, Inc. had been inadvertently exposing one of its clients’...
How to hack a Jeep Cherokee – but don’t try this at home, kids (Naked Security) Carmakers are going to have to get much better at securing their vehicles now that the researchers who demonstrated how to hack a Cherokee Jeep added their notes to the tools already online
UK Water Supplier Loses £500,000 in Sophisticated Scam (BleepingComputer) An unnamed UK-based regional water supply company lost over £500,000 ($645,000) in a sophisticated scam that involved social engineering, an inside man, and international bank transfers.
Security Patches, Mitigations, and Software Updates
Microsoft finally bans SHA-1 certificates in Internet Explorer and Edge (CSO Online) The Tuesday updates for Internet Explorer and Microsoft Edge forces those browsers to flag SSL/TLS certificates signed with the ageing SHA-1 hashing function as insecure.
Microsoft’s recent success in blocking zero-day attacks is eerily good (Ars Technica UK) Microsoft neutralises a series of attacks that took control of targeted computers.
Paranoid Android: Antivirus app-makers resolve MitM vulnerability (Register) Attack loophole in Panda app sealed
Android flaw used in 74 percent of ransomware to be fixed in August (TheHill) A feature in Android used in 74 percent of ransomware will be fixed for the next version of the Android operating system.
Google's plan to foil screen-hijacking malware in Android O (Help Net Security) 74% of ransomware, 57% of adware, and 14% of banker malware abuse a specific app permission to target nearly 40 percent of all Android users.
Ad network takes steps to reduce fraud (CSO Online) Online advertisers are losing billions to fraud, but one advertising network has successfully taken steps to clean up its platform. U.S. advertisers spent more $25 billion on programmatic online ads last year, meaning that about $8 billion is lost to fraud.
Cyber Trends
Richard Clarke on Who Was Behind the Stuxnet Attack (Smithsonian) America's longtime counterterrorism czar warns that the cyberwars have already begun—and that we might be losing
The Technology That Can Destroy a Presidency (The Atlantic) From Xerox copiers to secret tapes to missing emails, machines are still at the center of modern political scandals.
Data security disruptions can have cascading negative impacts (Help Net Security) Nine in 10 global cybersecurity and risk experts believe that cyber risk is systemic and that simultaneous attacks on multiple companies are likely in 2017.
Most companies falsely believe their Active Directory is secure (Help Net Security) Active Directory insecurity is reality, despite what most companies believe. AD security is underperforming, leaving organizations open to attack.
Cybersecurity analytics and operations: Need for automation and orchestration (Help Net Security) When it comes to the evolution of cybersecurity analytics and operations, 71% of organizations find it more difficult today than it was two years ago.
Cyber crime is biggest threat, says Deloitte expert (TravelMole) Cyber crime is the number one risk for the travel industry, according to an expert from Deloitte.
iovation Survey Finds Digital Nomads and False Declines Don't Mix (Payment Week) iovation, the leading provider of device-based consumer authentication and fraud prevention solutions, recently released some interesting findings regarding its newest consumer preference report.
Security Is Holding DevOps Back – But Why? (TechSpective) Ash Wilson, Strategic Engineering Specialist for CloudPassage, shares his thoughts on the intersection of DevOps and security.
Marketplace
Symantec CEO Sees A Blue Coat Boost And Forecasts Bright Days Ahead With Increased Financial Guidance (CRN) The leading security vendor sees market momentum in its favor, helped by last year's acquisition of Blue Coat Systems.
Symantec Falls 7%: CEO Clark Clarifies Cloud Impact on Revenue Forecast (Barron's) Symantec stock fell 7% in late trading as the security vendor offered a disappointing forecast for this quarter. But CEO Greg Clark says it's not a bad thing: the company sold more software for cloud computing, which has the effect of depressing revenue in the near term but leading to a big pile of deferred revenue that pays off down the road.
Cisco acquires conversational AI startup MindMeld for $125 million (TechCrunch) This morning Cisco announced that it is buying MindMeld for $125 million. Founded in 2011, MindMeld helps businesses to build conversational interfaces with..
Cisco Systems Maintains Its Leadership in the Security Appliance Space (Market Realist) Cisco Systems leads the security appliance market
Better Buy: Cisco Systems, Inc. vs. Oracle Corporation (Madison) Cisco (NASDAQ: CSCO) and Oracle (NYSE: ORCL) are both mature tech stocks that are usually owned for income instead of growth. I compared these two stocks last October, and concluded
F-Secure Acquires Consultancy Digital Assurance (Infosecurity Magazine) F-Secure has announced the acquisition of Digital Assurance to add security consultancy services to its portfolio
Xped shares rise on artificial intelligence company acquisition (Proactiveinvestors UK) Xped (ASX:XPE) - The acquisition is expected to enhance Xped’s Internet of Things platform.
This Herndon cyber company has bought another startup (Washington Business Journal) Herndon-based cybersecurity startup Opaq Networks has bought New York-based Drawbridge Networks — its second acquisition since launching in January.
OPAQ Networks gains John Terrill as CISO after acquisition (CSO Online) Drawbridge Networks CEO Terrill stays on with OPAQ as its chief information security officer after it acquired his company.
What FireEye’s Billings Growth Says about Its Future (Market Realist) Previously in this series, we discussed FireEye’s (FEYE) better-than-expected 1Q17 results due to improvements in the company’s Subscription and Services offerings. Despite cybersecurity expecting to rule the technology space in 2017, FireEye wasn’t able to benefit from this growth, as shown by its 1Q17 earnings results.
How Helix Could Position FireEye in the Security Space (Market Realist) Helix is FireEye’s latest offering in the security space
How FireEye’s Valuation Stacks Up against Its Peers (Market Realist) Cloud security spending to drive M&A spree
McAfee extends partnership with Samsung (Telecompaper) McAfee expanded its collaboration with Samsung to provide pre-installed security software protection on Samsung Smart TVs, Samsung PCs, and the Samsung Galaxy S8 smartphone line worldwide.
SonicWall talks rebuilding partner program post-Dell (Channelnomics) Vendor tells Channelnomics that more than 10,000 have signed up for the vendor's SecureFirst program.
Army IT contract will support critical C4 needs (C4ISRNET) CACI was awarded a $48 million contract for IT services.
BAE Systems to Help U.S. Treasury Investigate, Track Cash Flow of Organizations to Protect National Security (Sys-Con Media) The U.S. Department of Treasury has selected BAE Systems to support the agency’s Office of Terrorism and Financial Intelligence (TFI) in safeguarding the country’s financial system against threats posed by rogue nations, terrorist facilitators, drug cartels, and other national security threats.
BT to axe 4,000 staff after profits slump - but will reconsider fibre-to-the-premises (Computing) BT will explore potential of laying fibre into homes and premises after years of claiming there was no demand for it.
Keys to attracting and retaining cybersecurity talent (Help Net Security) Federal agencies need to invest strategically and heavily in their benefits strategy if they're going to successfully compete for cybersecurity talent.
Recorded Future Launches Threat Research Arm to Enhance Threat Intelligence Offering (PRNewswire) Recorded Future, the threat intelligence company, announced the launch of Insikt...
Ret. U.S. Army General Dennis Via Joins Booz Allen Hamilton (BusinessWire) Ret. U.S. Army General Dennis Via joins Booz Allen as Senior Executive Advisor and Fellow for Defense Futures, bringing more than 36 years’ expe
Security On-Demand Taps Steven Bay as Director of Threat Reconnaissance & Intelligence (PRNewswire) Security On-Demand Inc., (SOD) the leading provider of advanced managed...
ZixCorp (ZIXI) Names Nigel Johnson as CTO (Street Insider) Zix Corporation (Nasdaq: ZIXI), has appointed Bhavin Merchant as Vice President of Corporate Development and expanded Nigel Johnson’s role with the company to become Chief Technology Officer (CTO).
Ex-Intel Security exec moves to Digital Guardian to spearhead EMEA expansion (Channelnomics) EMEA boss of data protection vendor eyes German and French distribution deals.
Ex-Intel Security exec moves to Digital Guardian to spearhead EMEA expansion (Channelnomics) EMEA boss of data protection vendor eyes German and French distribution deals.
Products, Services, and Solutions
Netwrix Introduces Free Add-on to Strengthen the Security of Cisco Network Infrastructures (Netwrix) Add-on for Cisco network devices further extends the visibility provided by Netwrix Auditor and enables customers to identify and block threats to their network infrastructures
Waterfall Security Delivers its Unidirectional Security Gateway DIN Rail Product to Market (PRNewswire) Waterfall Security Solutions, a global leader in cybersecurity...
Randstad Group Selects Trend Micro to Protect its Public Cloud Infrastructure (BusinessWire) Trend Micro today announced that the Randstad Group, a human resources and flexible work services industry leader, has selected Trend Micro to ensure
Sopra Banking Software, Axway join forces for PSD2 compliance (IBS Intelligence) Sopra Banking Software and Axway have teamed up to create a new digital platform for PSD2 compliance.
Versa Networks Goes Beyond SD-WAN to Software-Define the Branch (SD-Branch) (Marketwired) Versa Adds New Security Functions, Local Branch Networking and Third-Party VNF Hosting to its Cloud IP Platform
Forcepoint Selects Lastline to Power Its Comprehensive Advanced Malware Detection Solution (BusinessWire) Lastline Inc., the leader in advanced threat protection, today announced a partnership with Forcepoint, a leading cybersecurity technology provider.
Virtustream Announces HIPAA Compliant Healthcare Cloud Service (HITInfrastructure) Virtustream's latest cloud deployment presents a HIPAA compliant healthcare cloud for organizations to securely and effectively manage apps and workflows.
Black & Veatch Publishes Field Study of Radiflow's iSID (PRNewswire) Radiflow's Intrusion Detection System receives positive reviews for NERC-CIP v6 compliance for Low Impact substations in Oklahoma coop pilot deployment
General Dynamics stages successful test of military 4G network (UPI) General Dynamics Mission Systems has successfully streamed video over 62 miles between tactical antennas as part of a U.S. Marine Corps-backed effort.
Technologies, Techniques, and Standards
BSI Upgrades Data Protection Standard (Infosecurity Magazine) BSI Upgrades Data Protection Standard. New requirements put it in line with GDPR
How to counteract another ‘Dyn-like’ attack (CSO Online) Jim Hurley, a Distinguished Analyst at technology research and advisory firm ISG, shares his insights on what enterprises using cloud-based as-a-services can do to work with their providers and reduce risks to their business from similar attacks.
MS Amlin CISO Ali Zeb: split your security teams into 'strategic security' and 'technical security' (Computing) Finance industry security pro Ali Zeb explains how he approaches the basics for tackling corporate security.
How to Investigate, Contain, Recover From Breaches (Baseline) The Verizon Data Breach Digest identifies common scenarios and provides an analysis of how each attack occurred, tactics used and recommended countermeasures.
Securing DNS Against the Threat of Things (Infosecurity Magazine) While likely to revolutionize how we live, work, and play, the IoT also presents a security challenge to the networks that support it.
9 best practices to improve security in industrial IoT (TechRepublic) Dell EMC's senior product manager for IoT security, Rohan Kotian, hosted a presentation at Dell EMC World explaining how industrial enterprises can protect their IoT deployments.
ICS Security: Is your Industrial Control System Prepared for Malware Attacks? (Above Security) How to Secure Your Industrial Control System Against Cyber Attacks
User Security is a Responsibility, Not an Excuse (Security Week) Ask an IT person what the weakest link in their organization’s security is, and you’ll invariably get a witty take on the same derisive answer: “Meatware.” “Our walking, talking vulnerabilities.” “PEBKAC” (problem exists between keyboard and chair).
What are the best practices Indians online must follow to safeguard themselves? Symantec’s Tarun Kaura explains (The Financial Express) Cyber attackers revealed new levels of ambition globally in 2016—a year marked by extraordinary attacks, including multi-million dollar virtual bank heists, overt attempts to disrupt the US electoral process by state sponsored groups, and some of the biggest distributed denial of service (DDoS) attacks powered by a botnet of IoT devices.
Design and Innovation
Google-funded ‘super sensor’ project brings IoT powers to dumb appliances (TechCrunch) Researchers at CMU's Future Interfaces Group reckon they've come up with a quicker, less expensive and less cumbersome way to create a smart home. And one..
Trusona develops passwordless access for Salesforce (TechCrunch) Last week, to commemorate World Password Day -- yes, there really is such a thing -- we ran my 2015 article called Kill the password, my treatise on the..
6 AI startups win $1.5 million in prizes at Nvidia Inception event (VentureBeat) Nvidia's GPU Technology Conference is all about highlighting companies using graphics processing units (GPUs) to accelerate artificial intelligence. To juice the ecosystem, Nvidia and its partners tonight gave away $1.5 million in prizes to the winner of the Nvidia Inception Awards for best AI startups.
Australian Computer Scientist Who Claimed to Be Bitcoin Founder Elaborates on Actions, Beliefs (Crypto Insider - Bitcoin and Blockchain News) Australian computer scientist Craig Wright, who claimed to have created Bitcoin, entered a Bitcoin chat room and opined about the digital currency he claims to have created. The chat logs, leaked to social media forums like Reddit, have been the topic of much discussion.
Research and Development
Endpoint cybersecurity technology deployed through AF agreement (U.S. Air Force) The Air Force Life Cycle Management Center electronic systems development division here and Carbon Black, a locally-based security company, signed a cooperative research and development agreement to
Academia
Cardiff University opens cyber security centre of excellence (Gradplus) The first European centre of its kind to tackle cyber attacks on critical infrastructure will open at Cardiff University’s School of Computer Science and Informatics.
Legislation, Policy, and Regulation
US military cyber operation to attack ISIS last year sparked heated debate over alerting allies (Stars and Stripes) A secret global operation by the Pentagon late last year to sabotage the Islamic State's online videos and propaganda sparked fierce debate inside the government over whether it was necessary to notify countries that are home to computer hosting services used by the extremist group, including U.S. allies in Europe.
The Ten Main Defense Challenges Facing Macron’s France (War on the Rocks) Emmanuel Macron will be the next president of France. For the first time in the history of the Fifth Republic (since 1958), both final candidates were outs
Ottawa “behind other governments” in fighting cyber attacks, says FireEye exec (IT World Canada) Canada has had a national strategy to protect critical infrastructure for years and is toughening federal cyber defences, but the president of
Cyber Command head: We are not prepared to counter info operations (Cyberscoop) U.S. Cyber Command is not “optimized” today to combat information operations orchestrated by foreign powers, NSA Director and U.S. Cyber Command head Adm. Michael Rogers said during a Senate Armed Services Committee hearing Tuesday.
Senators press Trump for cyber deterrence, response strategy (TheHill) Senators seek answers on threats to internet-connected devices, critical infrastructure.
CYBERCOM Chief Defends Delay in Trump's Cyber Strategy (Defense One) Trump missed a deadline to deliver the strategy within 90 days of taking office.
CIA establishes mission center focused on North Korea (TheHill) The CIA has opened a mission center focused on curbing North Korea's advancing weapons program, the agency announced on Wednesday.
Comey farewell: ‘A president can fire an FBI director for any reason’ (TheHill) "It is done, and I will be fine," he wrote.
Byron York: To fire Comey, Trump team waited for Rosenstein (Washington Examiner) When Trump fired Comey Tuesday afternoon, the Justice Department chain of command had been in place for all of 14 days.
SECURITY: Comey firing risks compounding cyber 'disarray' (EnergyWIre) The firing of FBI Director James Comey, along with its unfolding political fallout, also leaves another hole in the Trump administration's policymaking team on cybersecurity until his replacement is confirmed.
Justice interviewing candidates for acting FBI director post (Federal Times) The position is currently held by Andrew McCabe, top deputy to ex-FBI Director James Comey, who President Donald Trump fired on Tuesday evening.
Bootstrapping the way out of the legacy IT systems crisis (FederalNewsRadio.com) Chris Cairns and Robert L. Read make the case for agencies to once again try to use share-in-savings contracts to modernize technology systems.
4 takeaways from acting Federal CIO’s IT modernization plans (Federal Times) Margie Graves knows that modernizing the government’s IT systems will not be done with a single plan, but a slate of initiatives.
Why going small is not always the best cyber strategy [Commentary] (Fifth Domain | Cyber) There are many places in government where a small business procurement strategy is efficient and effective, yet cybersecurity is not necessarily one of those areas.
Marine Corps Forces Cyberspace chief talks cyber MOS [Video] (Fifth Domain | Cyber) Maj. Gen. Lori Reynolds, commander of Marine Corps Forces Cyberspace Command sat down to talk about the new cyber MOS and how the service is folding cyber into its force modernization efforts.
Every Marine a rifleman no more? Corps reconsidering ‘lateral entry’ for cyber (Fifth Domain | Cyber) The Corps is more skeptical than the other services about many aspects of Carter's "Force of the Future" reforms. The Marines truly believe their motto of “Every Marine is a rifleman,” and believe that has been the service’s unique strength throughout its storied history.
New York starts accepting applications for autonomous vehicle testing (TechCrunch) Soon enough, self-driving car companies will have the opportunity to see how their cars deal with sitting in the occasionally snowy bumper-to-bumper New York..
Litigation, Investigation, and Law Enforcement
Republican chairman to highlight threats of ransomware, botnets in cyber hearing (TheHill) Sen. Ron Johnson (R-Wisc.) to seek answers on growing cyber threat landscape.
Sources: Comey sought more Russia resources before firing (Military Times) In the days before his firing by President Trump, FBI Director James Comey told U.S. lawmakers he had asked the Justice Department for more resources to pursue the bureau's investigation into Russia's interference in last year's presidential election, three U.S. officials said Wednesday.
Ex-feds confident Comey’s devices and files are safe, even if FBI won’t confirm (Ars Technica) "E-mail accounts and individual hard drives should be archived."
What James Comey got wrong at the FBI (Washington Examiner) Comey has a long, respected background and should be applauded, but in this instance, he strayed far away from the task of truth gathering.
US Senate committee examines Kaspersky Lab links to Russian government (Solid Tech News) Kaspersky Lab is under investigation by US authorities for possible links to the Russian government, according to a report on ABC News
Kaspersky Denies Report It Might Help Russian Government Spy on US Citizens (BleepingComputer) In an article published yesterday, ABC News cited congressional sources who claimed the Senate Intelligence Committee had started an investigation into Kaspersky Lab's relationship with the Russian government.
Minority Report in Chicago as police aim to stop crime before it happens (Naked Security) As gun crime in Chicago reaches record levels, police claim that it’s having an impact on crime prevention, but civil rights campaigners are less convinced
Nuisance Call Biz Fined £400,000 by ICO (Infosecurity Magazine) Nuisance Call Biz Fined £400,000 by ICO. Privacy watchdog working with liquidator to recoup funds
Military ‘revenge porn’ investigation leads to 21 felony cases (Naked Security) Despite facial recognition and other technology, it’s still a gruelling cat-and-mouse game for investigators
Marines who share nude photos can be separated (Marine Corps Times) Sharing nude photos without consent is now considered sexual harassment.
Intel concerned about name of John McAfee’s privacy phone (CSO Online) Intel has told a court that MGT Capital Investments has gone ahead with the announcement of the “John McAfee Privacy Phone,” even though the company that proposes to change its name to “John McAfee Global Technologies” has previously said that it did not plan to launch products and services under the McAfee mark.
Nova Scotia privacy commissioner investigates after school webcams streamed online (Global News) Privacy watchdogs say the incident highlights broader issues around reasonable video surveillance