Cyber Attacks, Threats, and Vulnerabilities
Vault 7: CIA Co-Developed Athena Malware with US Cyber-Security Company (BleepingComputer) According to leaked documents, which WikiLeaks previously claimed it received from hackers and CIA insiders, Athena is an implant...
Did China Hack The CIA In Massive Intelligence Breach From 2010 To 2012? (International Business Times) China killed and imprisoned dozens of CIA informants from 2010 to 2012, making U.S. officials speculate whether there was a mole within the CIA or if China hacked into the agency's communication system.
Killing C.I.A. Informants, China Crippled U.S. Spying Operations (New York Times) At least 18 C.I.A. sources were killed or imprisoned in China between 2010 and 2012, one of the worst intelligence breaches in decades. Investigators still disagree about how it happened.
Shadow Brokers Planning to Cause Extra Damage with More Zero Day Bugs (AppsforPCdaily) Shadow Brokers resurface, offer to sell fresh 'wine of month' club exploits
XData Ransomware on a Rampage in Ukraine (BleepingComputer) A new ransomware strain named XData has wreaked havoc in Ukraine in the last 24 hours, locking computers for hundreds of users.
Another Ransomware Nightmare Could Be Brewing in Ukraine (WIRED) A new type of ransomware called XData is spreading at an alarming rate.
New SMB Worm Uses Seven NSA Hacking Tools. WannaCry Used Just Two (BleepingComputer) Researchers have detected a new worm that is spreading via SMB
WanaCry: Multiple Malware Families Using the EternalBlue Exploit (Forcepoint) A week on from the WannaCry outbreak, a huge number of articles have been written on the topic.
New Threats Emerge Using Same Exploit As WannaCry Ransomware (eSecurity Planet) Cybercriminals are leveraging the EternalBlue vulnerabilities to launch a range of other attacks.
#WannaCry Exploit Now Being Used to Spread Spy Trojan (Infosecurity Magazine) Threat actors are using the same EternalBlue exploit used by WannaCry to deliver a RAT to spy or take control of PCs.
Botnets Are Trying to Reignite the Ransomware Outbreak (WIRED) The "sinkhole" domain that's held the ransomware in check is coming under repeated denial-of-service attacks.
#WannaCry Didn’t Start with Phishing Attacks, Says Malwarebytes (Infosecurity Magazine) #WannaCry Didn’t Start with Phishing Attacks, Says Malwarebytes. Security vendor claims port scanning was first stage in campaign
UPDATE 1-Wannacry cyber attack compromised some Russian banks: c.bank (Business Insider) (Adds detail, context)MOSCOW, May 19 (Reuters)...
How Nigeria escaped ‘WannaCry’ cyber-attack (Daily Trust) Though slowing down now, Information Technology experts have warned of possible fierce comeback of the Ransomware attack, which has inflicted damages on more than 150 countries and over 300, 000 computer systems across the world.
North Korea says linking cyber attacks to Pyongyang is 'ridiculous' (Reuters) North Korea's deputy United Nations envoy said on Friday "it is ridiculous"
North Korea denies role in WannaCry malware (TheHill) "Ridiculous," said North Korea's deputy ambassador to the U.N.
Experts question North Korea role in WannaCry cyberattack (Chitwan Online FM) A couple of things about the WannaCry cyber attack are certain. It was the biggest in history and it’s a scary preview of things to come — we’re all going to have to get used to hearing…
North Korea hackers have been linked to NHS cyber attack (The Independent) North Korea's secret cyber hackers were probably responsible for the "ransomware" attacks that crippled governments, hospitals and businesses in 150 countries, defectors from the rogue state and internet experts have said.
Exclusive: North Korea's Unit 180, the cyber warfare cell that worries the West (Reuters) North Korea's main spy agency has a special cell called Unit 180 that is likely to have launched some of its most daring and successful cyber attacks, according to defectors, officials and internet security experts.
Exclusive: North Korea's Unit 180, the cyber warfare cell that worries the West (Reuters) North Korea's main spy agency has a special cell called Unit 180 that is likely to have launched some of its most daring and successful cyber attacks, according to defectors, officials and internet security experts.
Over 98% of All WannaCry Victims Were Using Windows 7 (BleepingComputer) Numbers released by Kaspersky Lab on Friday reveal that over 98% of all documented WannaCry infections were running versions of the Windows 7 operating system.
Who Let the Bug Out? Is the NSA Responsible for “WannaCry?” (diginomica) Do American spy agencies have a responsibility to tell software manufacturers about dangerous potential exploits they may find in their products?
Spotlight: WannaCry outbreak a cybersecurity wake-up call (Xinhua) Cybersecurity experts said the recent WannaCry ransomware outbreak is a wake-up call for the world, calling for improved cybersecurity awareness.
NRW-Parkhäuser mit "Wanna Cry" infiziert (RuhrNachrichten) In Essen, Düsseldorf, Grevenbroich und Hagen sind Kassenautomaten in den Parkhäusern eines niederländischen Betreibers mit der Erpresser-Software "Wanna Cry" infiziert worden. Das meldete das IT-Sicherheitsunternehmen G Data am Donnerstag. Der Vorfall lässt ahnen, wie groß die Auswirkungen von Cyber-Attacken für Betriebe sein können.
NHS cyber-attack causing disruption one week after breach (the Guardian) Hospitals slowly returning to normal after ransomware attack led to cancelled operations and diverted ambulances
Simple solutions to NHS cyber attack are not reflective of reality - Deloitte (Digital Health) Simple solutions to the huge cyber-attack that caused chaos in the NHS last week do not reflect the complex reality on the ground, says a Deloitte director.
Can manufacturers find safety in the cloud? (Institution of Mechanical Engineers) As companies, universities and government institutions reel from the WannaCry ransomware attack, some are turning to the cloud. But is it any safer?
Ransomware (NOVA l PBS) The cyberattack called WannaCry has cost the global economy billions of dollars.
Ransomware Rocks Endpoint Security Concerns (Dark Reading) Meanwhile, threat detection technologies are evolving that can help security teams spot incidents more efficiently.
WannaCry: could something similar happen to Android? (Naked Security) If WannaCry blazed through Windows machines like wildfire, how safe are Android devices from ransomware?
Why WannaCry might make Microsoft cry in China (IDG Connect) Friday 12 March, 2017 will long be remembered by cybersecurity professionals around the world. On this day, the now infamous WannaCry ransomware epidemic began to worm its way around PCs and servers across the planet.
China issues warning for new ransomware virus (The Eddys' Blog) China has urged Windows users to protect themselves against a new ransomware virus similar to the WannaCry bug that wreaked havoc worldwide last week.
Heartbleed vs. WannaCry: A tale of two cyber attacks (FederalNewsRadio.com) The Office of Management and Budget and the Department of Homeland Security led a much more coordinated and informed defense against the WannaCry cyber attack that began May 12.
#WannaCry BT Phishing Scam Spotted (Infosecurity Magazine) #WannaCry BT Phishing Scam Spotted. ActionFraud urges users not to click through
Can F-35 jets be hacked? Cyber threats endangering human lives not far away warns expert (International Business Times UK) Find out if one of the most sophisticated jets in the world can be taken over remotely.
Iranian Hacker Group OilRig Thought to Be Using Russian Hackers-for-Hire in U.S. Cyber Attack (SpaceWatch Middle East) TrapX, a U.S.-based cyber security and research company, are claiming that the OilRig hacker group t
Are there Insecure Webforms on your Assets? Data Suggests Yes (RiskIQ) Are your customers putting sensitive data into insecure webforms? Data suggests many people are, and it puts them at risk.
NAND flash attack can corrupt SSD data (Computing) SSDs vulnerable to Rowhammer-style attacks that can corrupt data and shorten the life-span of flash storage
Terror Exploit Kit Evolves Into Larger Threat (Threatpost) The Terror exploit kit has matured into a greater threat and carefully crafts attacks based on a user’s browser environment.
Twitter says Vine users’ emails and phone numbers were exposed for a day, but weren’t misused (TechCrunch) Twitter is alerting Vine users of a bug that exposed their email addresses and, in some cases, phone numbers to third parties. It's also advising..
Brazilian Fraudsters Create Device to Punch Out EMV Chips (Flashpoint) Brazilian fraudsters developed a new tool for targeting EMV chip cards that demonstrates that sophistication doesn’t always trump creativity.
Typosquatting: Awareness and Hunting (SANS Internet Storm Center) Typosquatting has been used for years to lure victims…
Dark Web Market Shuts Down Claiming Hack, but Users Fear an Exit Scam (BleepingComputer) Outlaw was a veteran of the Dark Web marketplaces, founded way back in 2013. The site was never the most popular destination for online criminals but had a steady following.
Questions Raised After Reporter Fools Bank Biometrics (Infosecurity Magazine) Questions Raised After Reporter Fools Bank Biometrics. HSBC’s Voice ID system allowed imposter eight log-in attempts
Security Patches, Mitigations, and Software Updates
Patches Pending for Medical Devices Hit By WannaCry (Threatpost) Companies such as Siemens and Bayer are planning to release patches for medical devices hit by the ransomware WannaCry over the past several days.
Why Microsoft Failed To Update Windows Systems - Information Security Buzz (Information Security Buzz) In the wake of the WannaCry attack, Cesare Garlati, Chief Security Strategist at prpl Foundation, gives a reason on why Microsoft failed to release the fix for older Windows systems.
How Microsoft Made Money With WannaCry Ransomware Patch (News18) The software giant only sent the free security update -- or patch -- to users of the most recent version of the Windows 10 operating system, the report said.
Why do we need 'accidental heroes' to deal with global cyber-attacks? | Evgeny Morozov (Guardian) Big tech firms say they are the only providers of large cybersecurity services – even as their products are compromised. The conflict of interest is huge
The security tech titans owe their customers (Financial Times) We accept these monopolies so long as the products keep improving
WordPress 4.7.5 Fixes Six Security Vulnerabilities (eSecurity Planet) Widely deployed open-source content management system patched for a half-dozen different issues as new bug bounty program is set to debut.
T-Mobile ZTE Max Pro and Verizon ZenPad 8 receive update today (The Android Soul) News about Android update and devices
Android Security Gets a Boost with Google Play Protect (Infosecurity Magazine) Using machine learning, Google said that it now scans more than 50 billion apps every day.
Zomato will contact 6.6 million 'hacked' users to update their security details (TimesNow) Following reports of 17 million Zomato accounts being compromised, the online food ordering app, in a statement, said that it will be reaching out to 6.6 million users, whose encrypted passwords could be theoretically decrypted.
Yahoo! retires! bleeding! ImageMagick! to! kill! 0-day! vulnerability! (Register) Purple Palace pays researcher US$778 bounty per byte
Cyber Trends
One third of executives have blockchain on their mind (Help Net Security) In a study among C-Suite executives, one third of almost 3,000 executives surveyed are using or considering blockchain in their business.
A day in the life of a threat researcher (CSO) After leaving Exabeam at the end of the workday, Ryan Benson’s mind doesn’t shut off when it comes to thinking about designing new defenses against Black Hats. See what his day looks like.
Security Pros Reveal How They Cope With Rising Tide of Cyber-Attacks (eWEEK) A new report from Bay Dynamics reveals some inconvenient truths about how cyber-security professionals spend their time.
Cybercrime surge in Malaysia (Business News | The Star Online) Cybercrime is growing in Malaysia, as statistics from CyberSecurity Malaysia show.
IT security yet to become a priority with Indian firms (Times of India) Chennai: While several corporates are still reeling under the attack of the WannaCry ransomware, cyber security experts say most companies do not have basic security protocols in place.
Marketplace
WannaCry: Cybersecurity Firms Are Profiting From Ransomware Attack (Fortune) The highly publicized cyber attack is good for business.
Cyberattacks prompt massive security spending surge (Tech News | The Star Online) The fight against cyberattacks has sparked exponential growth in global protection spending, with the cyber security market estimated at US$120bil (RM518.76bil) this year, more than 30 times its size just over a decade ago.
Jumping on the bandwagon, yay or nay for cyber security brands? (The Drum) In the wake of the massive WannaCry ransomware attack, one would think that cyber security salespeople were rubbing their hands in glee with the potential of customers banging their doors down.
Palo Alto Comeback Coming? Jefferies, Citi At Odds (Investor's Business Daily) Jefferies upgraded Palo Alto Networks (PANW) to buy Friday on views that the security software provider's sales will re-accelerate "at some point over the next couple quarters" while Citigroup is more cautious, saying fiscal 2018 estimates may be too high.
Symantec Offers A Security Play For Investors (Seeking Alpha) Symantec is a good security play with growth and value prospects against the competition. Company is driving demand for security as a service. Stands to gain th
Symantec: Incoherent Business Pursuits (Seeking Alpha) Symantec has seen its fair share in the computing-security history when antivirus for desktops dominated the market, but with cybersecurity front and center now
Cisco Systems: A Better Bargain Than Ever? (Seeking Alpha) Cisco Systems (NASDAQ:CSCO) recently reported financial results for the third quarter of fiscal 2017. The company’s bottom-line performance was robust. GAAP ear
Oracle Cloud Security Services Pass the 1-Million-Customers Mark (SDxCentral) Oracle cloud security services now has more than 1 million customers, just six months after launching the new portfolio.
Raytheon to set up new company in Saudi Arabia (Trade Arabia) Raytheon Company, a technology and innovation leader specialising in defence and cybersecurity solutions, has joined forces with the newly-created Saudi Arabia Military Industries...
A10 Networks Names New Chief Financial Officer (BusinessWire) A10 Networks Names Tom Constantino as Executive Vice President, Chief Financial Officer.
Neustar Appoints Sai Huda to Oversee Risk Solutions () Neustar, Inc. (NYSE:NSR), a trusted, neutral provider of real-time information services, today announced it has appointed Sai Huda as General Manager of Risk Solutions
Darktrace wins National Technology Award (Cambridge Network) News from Cambridge businesses. Network members upload news here about their products, services and achievements.
Products, Services, and Solutions
iTWire - After WannaCry outbreak, ESET offers free cyber security training (ITWire) In the wake of the WannaCry ransomware outbreak, security firm ESET is offering free cyber security awareness training to anyone interested in learning more about its importance and how to lower the risk of being attacked.
Cybersecurity firm Trusona develops no-password login feature for Salesforce (Phoenix Business Journal) Scottsdale-based Trusona is continuing its no-passwords login options by offering a new Salesforce.com login with a unique QR code.
Unapplied Knowledge: Using Endpoint Intelligence to Make Your Organization More Secure (Security Intelligence) Security professionals can now add the previously unapplied knowledge from IBM BigFix to the existing set of data available through QRadar.
Bitdefender blocks WannaCry ransomware attack (Normangee Star) Cyber experts on Tuesday said the Indian banking system could be the next victim of the WannaCry “ransomware” cyber attack, ANI reported.
22 million WannaCry ransomware attack attempts blocked by Symantec (Click Lancashire) The ransomware cyberattack known as "WannaCry" infected hundreds of thousands of computers globally on Friday, but the malware was first detected in March and publicly reported stolen from the United States National Security Agency a month later.
Welcome to the Next Phase of the Facebook Backlash (WIRED) Privacy watchdogs think a damning leaked document about Facebook targeting insecure teens could help usher in new era in privacy protections.
Facebook content moderation guidelines leaked (Ars Technica) Misogyny, bullying are generally ok, threats against Trump are not.
Facebook’s content moderation rules dubbed “alarming” by child safety charity (TechCrunch) The Guardian has published details of Facebook's content moderation guidelines covering controversial issues such as violence, hate speech and self-harm..
Technologies, Techniques, and Standards
There's now a WannaCry decryptor tool for most Windows versions (Help Net Security) As the criminals behind WannaCry are trying to make it work again, security researchers have created tools for decrypting files encrypted by it.
Available Tools Making Dent in WannaCry Encryption (Threatpost) Tools are beginning to emerge that can be used to begin the process of recovering files encrypted by WannaCry on some Windows systems.
After 'WannaCry,' a renewed focus on patching (Washington Examiner) It may not be the long-dreaded "cyber Pearl Harbor," but the WannaCry attack on healthcare, telecom and other entities is sharpening cybersecurity...
WannaCry invasion preventable with patch, security updates: Kaspersky (ECNS) The installation of the official Microsoft patch and security software updates can be an effective way to protect computers from attacks of the WannaCry ransomware
How to Secure a Business Network, Servers and Endpoints (Heimdal Security Blog) This short article offers practical advice and tips on how to protect a company's business network, including servers and endpoints.
WannaCry ransomware attack should push hospitals to gauge certain tech (SearchHealthIT) Experts discuss what healthcare organizations need to be doing in order to protect themselves from events like the WannaCry ransomware attack.
Jaya Baloo on WannaCry and Defending Against Advanced Attacks (Threatpost) Jaya Baloo, CISO of KPN, the Netherlands’ leading telecommunications provider, talks to Mike Mimoso about the WannaCry ransomware outbreak and how large network providers and enterprises must conte…
U.S. CIO Margie Graves: Thanks to 2015 Cyber Security Sprint, Feds Avoid Wannacry Virus (GovCon Wire) Acting U.S. CIO Margie Graves said that thanks to the 2015 federal cybersecurity sprint, federal age
Protecting your cloud from ransomware (Help Net Security) By paying attention to the different pieces of the cloud stack and addressing their security needs, your environment will be far more resistant.
The right of erasure is the top GDPR compliance concern (Computing) Tracking down and deleting personal data on request is not going to be easy for most companies, Computing research finds
A CISO’s Guide to Communicating with the Board (SecurityScorecard Insights & News) Communicating with the Board of Directors can be one of the most difficult tasks that a Chief Information Security Officer is responsible for.
9 Tips For Being a Successful CISO (Reciprocity) Being a successful CISO means more than implementing software. It crosses the technological, business, and social skills landscapes.
CISO Should Prioritize Business Function More Than Security (CXO Today) Digital transformation is currently the latest buzz word in the enterprise segment.
In Search of an Rx for Enterprise Security Fatigue (Dark Reading) Are you exhausted by the vast number of measures your organization needs to keep its systems and data safe? You're not alone.
Design and Innovation
Walk this way: how you roll could become how you log in (Naked Security) Combining biometrics and wearable technologies opens up new possibilities for future multi-factor authentication systems
Google wants to share your photos with your nearest and not-dearest (Naked Security) Say cheese! You’ll need to be extra-vigilant that Google’s machine-learning doesn’t share your photos with the wrong people
The people who fight hacking and cybercrime are turning to designers for help (Quartz) When you're dealing with 200,000 security alerts a day, you need good design to have a hope of figuring out what's going on.
“For Security Purposes” Statements Are Bull**** (Hashed Out by The SSL Store™) We see it all the time, a company comes out with a statement that says "for security purposes..." justifying bad practices. They're BS. Here's why...
Developing First Utility's chatbot: 'the smallest mistake can make customers very upset' (Computing) Dr Natalia Konstantinova describes the benefits and challenges of creating a tireless customer services operative
Legislation, Policy, and Regulation
Korea, US to Begin Joint Investment in and Research on Cyber Security in Late May (BusinessKorea) Threats of More intelligent worldwide cyber attacks of these days are strengthening cyber security alliance between Korea and the United States.
China may change cybersecurity rules amid pushback: report (TheHill) Global groups asked for delay in law earlier this week, citing trade concerns.
‘My conservatism has not changed. This is an agenda for the mainstream’ (Times (London)) The chants of “Tory scum” are just about audible through the tinted windows of the campaign bus as it pulls out of Halifax. Soon enough, however, there is only whispering tarmac, the opening moors...
GCC urged to coordinate cyber security following Wannacry attack (The National) Experts said a cyber attack like the one using WannaCry ransomware could wreak havoc on critical infrastructure in the UAE.
Worldwide cyber-attack calls for more action (The New Times Rwanda) On May 12, more than ever before, the world encountered the worst cyber-attack that hit 150 countries.
Investment Advisers Beware: Ransomware is Coming for You, SEC Says (Bloomberg BNA) The WannaCry ransomware attack has received a lot of attention after it struck over 300,000 companies across 150 countries.
Cyberattack that hit 200,000 users was 'huge screw-up' by government, Wikipedia's Jimmy Wales says (CNBC) The flaw that allowed hackers to deploy the WannaCry cyberattack was discovered by the National Security Agency and was leaked online.
Should the government stockpile zero day software vulnerabilities? (Cyberscoop) Storm clouds are rising over federal policy on software flaw disclosure after the massive WannaCry infection spread using a cyberweapon developed by the NSA
WannaCry fallout: is hoarding exploits, delaying fixes ever justified? (SC Magazine UK) With the lethality of WannaCry being blamed on the NSA's EternalBlue exploit, we asked the cyber-security industry about the wisdom of allowing intelligence agencies to stockpile zero days.
House passes IT modernization bill that could lead to cyber acquisition standards (Inside Cybersecurity) The House has passed a federal IT modernization bill creating a “technology modernization fund” for upgrading IT systems and a “tech modernization board” that could play a role in setting cybersecurity standards for government acquisitions.
Convincing Senate appropriators may be the last major hurdle for IT modernization bill (FederalNewsRadio.com) Senate appropriators continue to be concerned about the Modernizing Government Technology Act, particularly letting each agency have a working capital fund.
Rep. Rice introduces bill to examine use of virtual currencies for terrorist activities (Financial Regulation News) U.S. Rep. Kathleen Rice (D-NY) introduced legislation that directs the Department of Homeland Security (DHS) to conduct a threat assessment regarding the use of virtual currencies, such as Bitcoin, to carry out or support terrorist activities.
New Bill Asks Homeland Security to Investigate Whether Terrorists Use Bitcoin (Motherboard) Despite little evidence.
These are the arguments against net neutrality — and why they’re wrong (TechCrunch) The next few months will be full of bitter dissent regarding the FCC's net neutrality rules, how they should be enforced, and indeed whether they should exist..
Litigation, Investigation, and Law Enforcement
China CIA spy killing claims ‘won’t harm Sino-US ties’ (South China Morning Post) Informants can face death penalty but ‘unimaginable without trial’
Sweden Drops Assange’s Rape Case—But He’s Not Walking Free (WIRED) The Swedish decision only brings into focus Assange's core conflict with the US government.
Sony Files Wide-ranging Suite of Piracy Suits in Moscow (Infosecurity Magazine) Sony Interactive Entertainment is looking to permanently block several Russian ISPs, with a slew of piracy lawsuits filed in the Moscow City Court.
Uber threatened to fire engineer at center of Waymo trade secret lawsuit (TechCrunch) Uber has issued a sternly worded letter to Anthony Levandowski, the engineer at the center of a lawsuit alleging theft of trade secrets from Google parent..
