Cyber Attacks, Threats, and Vulnerabilities
Stealthy, Destructive Malware Infects Half a Million Routers (WIRED) Cisco researchers discover a new router malware outbreak that might also be the next cyberwar attack in Ukraine.
Exclusive: FBI Seizes Control of Russian Botnet (The Daily Beast) The FBI operation targets a piece of sophisticated malware linked to the same Russian hacking group that hit the Democratic National Committee in 2016.
New VPNFilter malware targets at least 500K networking devices worldwide (Talos) A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
VPNFilter: a nation state campaign for surveillance and destruction (Juniper Networks) VPNfilter is a campaign to compromise small office and home routers as well as Network Attached Storage devices from several popular manufacturers. According to a Cisco Talos blog, there are upward of 500,000 infected devices already and the list may not be exhaustive. The malware used has survei...
VPNFilter – is a malware timebomb lurking on your router? (Naked Security) A Cisco paper reports on zombie malware that has apparently infected more than 500,000 home routers.
VPNFilter malware compromises over 500,000 networking devices around the world (Help Net Security) Cisco Talos researchers have flagged VPNFilter, a huge botnet of small and home office routers and NAS devices, capable of collecting communications and data and launching cyber attacks.
Destructive 'VPNFilter' Attack Network Uncovered (Dark Reading) More than 500K home/SOHO routers and storage devices worldwide commandeered in potential nation-state attack weapon - with Ukraine in initial bullseye.
Finger of blame pointed at Russia over malware infecting 500,000 routers and storage devices (Computing) Linksys, MikroTik, Netgear and TP-Link routers and storage devices affected
Kremlin planning Champions League cyber attack, Ukrainian state agency claims (Sky News) Security agencies and businesses are warning that an attack is being prepared to disrupt the final in Ukraine's capital.
U.S. seeks to take control of infected routers from hackers (Reuters) The U.S. government said late on Wednesday that it would seek to wrestle hundreds of thousands of infected routers and storage devices from the control of hackers who security researchers warned were planning to use the "botnet" to attack Ukraine.
What would a cyberattack in Ukraine mean for the U.S. government? (Fifth Domain) U.S. tech company Cisco says that hundreds of thousands of routers have been compromised in preparation for what could be a major cyberattack against Ukraine.
XENOTIME (Dragos) XENOTIME is an activity group targeting ICS operations.
Backdoor Account Found in D-Link DIR-620 Routers (BleepingComputer) Security researchers have found a backdoor account in the firmware of D-Link DIR-620 routers that allows hackers to take over any device reachable via the Internet.
Proofpoint uncovers new cryptocurrency scam (iTWire) Cybersecurity firm Proofpoint has uncovered a new cryptocurrency giveaway scam targeting Ethereum and Bitcoin which it says uses emails and Twitter to...
CryptON Ransomware Installed Using Hacked Remote Desktop Services (BleepingComputer) A new and active campaign for the CryptON Ransomware is currently underway where attackers are hacking into computers with Internet accessible Remote Desktop Services. Once the attackers gain access to the computer they manually execute the ransomware and encrypt your files.
Malicious Edge and Chrome Extension Used to Deliver Backdoor (TrendLabs Security Intelligence Blog) The downloader malware's payload is what makes it notable. It delivers a version of the Revisit remote administration tool, which is used to hijack the infected system. More importantly, it also delivers a malicious extension that could serve as a backdoor, stealing information keyed in on browsers.
Bombs away: A closer look at terror tatics used by cyber criminals on you (AMEInfo) In the last four months, 35 cyber attacks had a low impact on UAE businesses, and another 85 had a medium effect, as reported by WAM. Low or Medium, these attacks are always scary.
Hackers Find New Method of Installing Backdoored Plugins on WordPress Sites (BleepingComputer) Hackers have come up with a never-before-seen method of installing backdoored plugins on websites running the open-source WordPress CMS, and this new technique relies on using weakly protected WordPress.com accounts and the Jetpack plugin.
Corporation Service Company breach exposes PII on 5,678 customers (SC Media US) During routine security monitoring, the company, whose clients include Fortune 500 firms, discovered that an unauthorized third party had infiltrated its systems and stolen PII.
Facebook Sites Dominate Social Network Phishing in Q1 2018: Kaspersky Lab (Dark Reading) The findings come from Kaspersky Lab's new 'Spam and Phishing in Q1 2018' report.
Security Patches, Mitigations, and Software Updates
VPNFilter botnet has hacked 500,000 routers. Reboot and patch now! (The State of Security) VPNFilter, is believed to be likely to be controlled by a state-sponsored hacking group variously known variously as APT28, Pawn Storm, Sandworm, Fancy Bear and Sofacy.
Remotely exploitable flaw patched in Dell EMC RecoverPoint (iTWire) A senior penetration tester at security vendor Foregenix has found six vulnerabilities, one of them remotely exploitable, in Dell EMC RecoverPoint dev...
Surprise! Student receives $36,000 Google bug bounty for RCE flaw (Naked Security) What’s the only thing better than a bug bounty reward? A bug bounty reward you weren’t expecting. Especially one that’s worth $36,337.
OPINION: Listen to the police (Funds Europe) It’s not often that police address an asset management conference, but Sergeant Charlie Morrison of the City of London police did so this month at the Investment Association’s (IA) first cyber security conference for asset management.
Pressures impacting security pros are up, threats are turning up the heat (Help Net Security) Pressures impacting security pros are up, driven largely by a steep rise in sophisticated malware, continued deficit of high-level security talent and budget constraints. This report marks the fifth consecutive year pressures have increased year over year.
Survey Reveals More Than 1 in 3 Healthcare Organizations Have Suffered a Cyberattack While 1 in 10 Have Paid a Ransom (BusinessWire) Imperva announced a survey showing more than 1:3 healthcare organizations suffered a cyberattack within the last year while 1 in 10 paid a ransom
Cybersecurity Threats: 85 Percent of Security Professionals Predict a Major Attack (Security Intelligence) Eighty-five percent of security professionals believe cybersecurity threats will lead to an attack on major critical infrastructure within the next five years, according to a recent survey.
Is Threat Intelligence Garbage? (Dark Reading) Most security professionals in a recent survey said that threat intelligence doesn't work. So why all the hype?
GDPR Inc.: Profiting From Strict New Security Rules (Barron's) While most chief privacy officers are sweating bullets, some firms couldn't be more delighted by the looming May 25 deadline for General Data Privacy Regulation.
Brick by Brick - Israel and its Cybersecurity Powerhouse (Innovation & Tech Today) Israel is blessed with many opponents, and as such, it developed core competencies mostly in the defense sector in order to be able to protect itself ” – Dudu Mimran, CTO of the Cyber Security Research Center at Ben-Gurion University...
Huawei founder urges employees not to harbour anti-US sentiments (South China Morning Post) Ren Zhengfei, the founder and chief executive of telecoms equipment maker Huawei, says employees must possess a “sense of crisis” amid simmering tensions between China and the US
The DC Cybersecurity Think Tank Caught Using Fake Twitter Accounts Has Lost Sponsors, And Its Shady Cofounder Is Gone (BuzzFeed) Following a BuzzFeed News investigation, Institute for Critical Infrastructure Technology cofounder James Scott has “voluntarily decided to step away” and a law firm will review claims about him.
Parsons expands in cyber, C5ISR markets (Jane's 360) Parsons announced on 21 May that it had expanded its business operations in the cyber, space, and command, control, communications, computers, combat systems, intelligence, surveillance, and reconnaissance (C5ISR) domains through the acquisition of Polaris Alpha from Arlington Capital Partners.
Sentry raises $16M Series B from NEA and Accel to help developers squash bugs more quickly (TechCrunch) Created to help app developers find and fix bugs more efficiently, Sentry announced today that it has raised a $16 million Series B led by returning investors NEA and Accel. Both firms participated in Sentry’s Series A round two years ago. Co-founder and CEO David Cramer tells TechCrunch that the n…
Mitek Systems acquires French artificial intelligence firm for $50 million (San Diego Union-Tribune) The deal boosts Mitek's document verification capabilities for digital transactions and expands its footprint overseas.
Fast-growing California cybersecurity firm set to hire 50 in Eugene (Portland Business Journal) A California cybersecurity firm is setting up shop in Eugene.
Products, Services, and Solutions
Facebook is asking users worldwide to review their privacy settings (TechCrunch) Starting this week, Facebook will begin asking users worldwide to review their privacy settings with a prompt that appears within the Facebook app. The experience will ask you to review how Facebook uses your personal data across a range of products, from ad targeting to facial recognition. This re…
iovation Introduces New Capabilities to its Fraud Prevention Solution (PR Newswire) iovation, the leading provider of device reputation and behavioral...
Silent Circle Launches GoSilent Server: The New Standard for Security-Minded Enterprises (BusinessWire) Silent Circle today announced the general availability of the GoSilent Server.
UL and Cybersecurity – Who Knew? (Brilliance Security) It’s very possible that you have spent your entire career in the building electronic security business and never associated UL with anything other than that little UL-in-a-circle sticker that shows up on electronic system components.
Industry Leaders Develop First Blockchain-based GDPR Solution (BusinessWire) BDO USA, LLP and IntraEdge today announced a strategic collaboration to support the launch of GDPR Edge™, powered by Intel® Software Guard Extensions
New Lastline Breach Protection Provides Security Teams With Superior Awareness of Threats Operating Inside Their Networks (PR Newswire) Lastline®, the leader in advanced network-based malware...
VMware, Okta Unveil Pact to Take on Microsoft in Mobile Security (Bloomberg.com) VMware Inc. and Okta Inc. unveiled a partnership meant to challenge Microsoft Corp. in the market for mobile-device security systems, as corporate employees increasingly work at home or on the road.
The 6 best apps for keeping your private messages safe from hackers, spies, and trolls (Business Insider) The best secure messaging services have end-to-end encryption, which only lets the sender and the intended recipient see the message. Here are 6 ways to have a truly private conversation.
Technologies, Techniques, and Standards
It's time to embrace GDPR (Help Net Security) It’s time to embrace GDPR, it affects everyone. Consumers should hold organizations responsible for the way their data is treated, and businesses need to take this opportunity to get their houses in order.
University CIO: 'If I had a pound for every time I heard a piece of software can make you GDPR compliant…' (Computing) Heidi Fraser-Krauss, Director of Information Services & Acting Academic Registrar at the University of York, describes her organisation's journey towards GDPR compliance
The irony of the non-compliant GDPR consent email (Computing) GDPR desperation is reaching fever pitch
Cyber warfare in payments gets intelligent (bobsguide) Artificial intelligence has come on leaps and bounds in the past few years, with big data and cyber security adding much to financial service firms’ means of protection.
Surviving a Ransomware Attack (CIO) A ransomware attack can be devastating, and no business is immune from the threat. Here’s how to avert disaster.
Security spring cleaning: Tidying up messy firewall rules to reduce complexity (Help Net Security) At the core of each firewall is a policy made up of rules designed to enforce what access is permitted. Although there is risk associated with any access, by limiting permitted access, organizations can strengthen their risk profile. However, poor firewall management can have the opposite effect.
Are DoD’s cyber forces too focused on the network? (Fifth Domain) Some believe the Department of Defense should move away from typical information network defense and expand its coverage to include industrial control and data acquisition systems more extensively.
Design and Innovation
Down to the Wire: Can this Encrypted Messenger Kill Email? (Computer Business Review) Wire specialises in encrypted communications ranging from video calls to file sharing. So what's the business model - and is it secure?
Facebook’s new two-factor authentication process no longer requires a phone number (The Verge) You can use an authenticator app instead
IBM combines AI and blockchain to turn your phone into a counterfeit detector (The Next Web) IBM Research today unveiled its Crypto Anchor Verifier, an AI-powered counterfeit detector that verifies an item’s authenticity using your phone’s camera and blockchain technology. How it works: You pull out your phone, open an app, and take a pic of, for example, a diamond. IBM’s AI determines what is unique about this particular diamond, and …
The ultimate insomnia cure? New GDPR law becomes bedtime story for grown-ups (Calm Blog) New laws aren’t meant to be exciting – but this one could sedate a buffalo. GDPR, the new EU legal regulation on data privacy, has been keeping many folks awake at night of late – including many who work for North American businesses, since they also have to comply if they have EU customers.
Research and Development
New York University Scientists Trace Cybercrime Banking Networks and Win Best Research Paper Award (BusinessWire) New York University researchers at the APWG cybercrime research conference demonstrated their method for exposing fraudsters' bank accounts
GRIMM’s New Michigan Cybersecurity Research Lab (GRIMM & SCYTHE) GRIMM has been a long time advocate of building Connected and Automated Vehicles (CAV) with a security-by-design approach.
Cloud Security Alliance Releases The State of Post-Quantum Cryptography (PR Newswire) The Cloud Security Alliance (CSA), the world's leading organization dedicated...
What Should Post-Quantum Cryptography Look Like? (Dark Reading) Researchers are tackling the difficult problem of transitioning toward a new mode of cryptographic protections that won't break under the pressure of quantum computing power.
GUEST ESSAY: DHS tackles supply-chain issues over malware-laden smartphones (Security Boulevard) At the Black Hat security conference last August, researchers from the security firm Kryptowire announced that they’d discovered Amazon’s #1-selling unlocked Android phone, the BLU R1 HD, was sending Personally Identifiable Information (PII) to servers in China. The culprit was a piece of firmware update software created by AdUps Technologies, a company based in Shanghai.
Number of women on the rise in DSU’s Beacom College (Dakota State University) Cyber sciences may be a male-dominated field, but the number of women majoring in technology programs at Dakota State University is on the rise.
Legislation, Policy, and Regulation
Brit Attorney General: Nation state cyber attack is an act of war (Register) And we'll, erm, name and shame bad actors MORE LOUDLY
UK: States Attacked in Cyberspace Have Right to Self-Defense – Military Official (Sputnik) The United Kingdom believes that countries targeted by cyberattacks can resort to the right of self-defense to retaliate against the state which attacked them, UK Attorney General Jeremy Wright said on Wednesday.
A Data Protection Officer's Guide to the Post-GDPR Deadline Reality (Dark Reading) The EU's General Data Protection Regulation deadline is here -- now what? These four tips can help guide your next steps.
GDPR Enforcement Priorities: What Will Regulators Be Looking For? (eSecurity Planet) We look at the actions regulators are most likely to take to enforce the new EU data privacy and security rule that takes effect this week.
Exclusive: U.S. Government Can’t Get Controversial Kaspersky Lab Software Off Its Networks (The Daily Beast) The law says American agencies must eliminate the use of Kaspersky Lab software by October. U.S. officials say that’s impossible—it’s embedded too deep in our infrastructure.
Is the (Temporary) Elimination of a Cyber Coordinator a Bad Thing? (CyberDB) In May 2018, the White House eliminated the position of National Cybersecurity Coordinator. The move has been met with much pushback from some in the cybersecurity community and even politicians. Democratic lawmakers were seeking to propose legislation to restore the position. In a statement made by the National Security Council the move was to “streamline …
White House doesn’t like Congress’ plan to kill DISA (C4ISRNET) The White House wants to eliminate a provision in the House’s draft of the annual Pentagon policy bill that would shutter the Defense Information Systems Agency.
US Senator Ron Wyden to Pentagon: Encrypt your websites (Register) CIO Dana Deasy, your certificate is from Akamai. Why?
Lawmakers look to fortify federal cyber defenses ahead of 2018 midterms (Cyberscoop) The bill is an effort to shore up U.S. cyber defenses by, among other measures, urging agencies to fully implement an executive order on cybersecurity that President Donald Trump issued last year.
Litigation, Investigation, and Law Enforcement
Google in court over ‘clandestine tracking’ of 4.4m iPhone users (Naked Security) The search giant could be looking at a giant fine of up to $4.3b.
Trump Cannot Block Twitter Users From His Account, Court Rules (New York Law Journal) U.S. District Judge Naomi Buchwald ruled Wednesday that the @realDonaldTrump Twitter account falls under the U.S. Supreme Court's public forum doctrine.
Blocking of Twitter Users from @RealDonaldTrump Violates First Amendment (Reason.com) So holds a federal district court today, in Knight First Amendment Institute v. Trump.
Pompeo Affirms, Reluctantly, That Russia Tried to Help Trump Win (Bloomberg.com) Secretary of State Mike Pompeo acknowledged after prodding by lawmakers that he backs the finding by U.S. intelligence agencies.
Dem, GOP leaders to get classified briefing on Russia probe (CTVNews) House and Senate lawmakers from both parties are set to meet with top intelligence officials Thursday for classified briefings as U.S. President Donald Trump raises new suspicions about the federal investigation into his 2016 campaign.
Sources: FBI Agents Want Congress To Issue Them Subpoenas So They Can Reveal The Bureau’s Dirt (The Daily Caller) Sources tell The Daily Caller several FBI agents want congressional subpoenas to testify about the agency's problems. The sources claim there is a demand within the agency to prosecute former Deputy
Pompeo: No 'deep state' at State or CIA (POLITICO) “The employees that worked for me at the CIA nearly uniformly were aimed at achieving the president’s objectives and America’s objectives,“ Pompeo said.
Trump Son-In-Law Kushner To Regain Top Clearance Following Mueller Interview (NPR.org) White House senior adviser Jared Kushner met with the special counsel's office for seven or eight hours and may now be out of the woods legally — or on his way.
Server? What server? Site forgotten for 12 years attracts hacks, fines (Naked Security) The University of Greenwich might not have noticed the website but hackers did.
Few Rules Govern Police Use of Facial-Recognition Technology (WIRED) Groups call for Amazon to stop selling facial-recognition tech to police departments after documents reveal the practice.
'Poor culture' rife in justice department, investigation finds (The Age) A "clearly inappropriate" culture at the justice department was uncovered during an investigation into a cyber attack on the road safety camera system.