Cyber Attacks, Threats, and Vulnerabilities
North Korea Targeted South Korean Cryptocurrency Users and Exchange in Late 2017 Campaign (Recorded Future) North Korea continued to target South Korea through late 2017 with a spear phishing campaign against cryptocurrency users and exchanges, as well as South Korean college students interested in foreign affairs.
New Cyberattack on Cryptocurrency Investors Came From North Korea, Report Says (Wall Street Journal) The hacking offensive’s malware is similar to that used in Pyongyang’s attack on Sony Pictures Entertainment and its WannaCry ransomware assault, according to cybersecurity researchers.
North Korean Hackers Prep Attacks Against Cryptocurrency Exchanges: Report (Security Week) North Korean hackers, loosely categorized as the Lazarus Group, have continued their attacks against South Korean interests, with particular emphasis on cryptocurrency exchanges.
Kremlin-Linked Hackers Target Senate Ahead of Mid-Terms (Infosecurity Magazine) Kremlin-Linked Hackers Target Senate Ahead of Mid-Terms. Trend Micro spots new phishing sites
Putin's Asymmetric Assault on Democracy in Russia and Europe: Implications for U.S. National Security (Committee on Foreign Relations, United States Senate) Dear Colleagues: For years, Vladimir Putin’s government has engaged in a relentless assault to undermine democracy and the rule of law in Europe and the United States.
NotPetya: From Russian Intelligence, With Love (BankInfo Security) The CIA has attributed last year's outbreak of NotPetya wiper malware to Russia's GRU military intelligence unit, The Washington Post reports. Other intelligence
Similarities between Stuxnet and the Triconex cyber attack – how many other SIS vendors are cyber vulnerable? (Control Global) Two major SIS vendors have been hacked with a similar approach. What does that say about the cyber vulnerabilities of the other SIS suppliers?
Trisis has the security world spooked, stumped and searching for answers (Cyberscoop) How security researchers stumbled into finding the next Stuxnet.
As America’s Nukes and Sensors Get More Connected, the Risk of Cyber Attack Is Growing (Defense One) Future nuclear weapons will be more sophisticated and better integrated with other equipment. That has benefits and drawbacks, according to experts.
Industrial System Cyberattacks Aim for Sabotage (Design News) More like vandals than thieves and unlike IT attackers who seek personal and financial data, industrial hacks seek to destroy systems.
The Impact of Spectre and Meltdown on Industrial and Critical Infrastructure (Indegy) Spectre and Meltdown vulnerabilities affect hardware running on many of the world’s computing devices, but do they have an impact on industrial control systems?
Beware fake Meltdown and Spectre patches (ComputerWeekly.com) Security experts have warned that cyber attackers will be quick to use the Meltdown and Spectre exploits, but the first attempts to capitalise on them has come in the form of fake updates
Coinhive is the most prevalent cryptojacking malware online - CyberScoop (Cyberscoop) Welcome to the age of cryptojackers. The most prevalent malware online today is Coinhive, the popular software often used to hijack computers and mine cryptocurrency, according to new research from the cybersecurity firm Check Point …
Cyber attack disables Latvia's e-health system (Xinhua) Hackers struck Latvia's national health system early Tuesday afternoon, disabling the recently-launched e-health portal and the national health service's website, representatives of the Latvian health ministry informed.
Cyber-attack shuts down US Regional Hospital's online system (SC Media UK) A cyber-attack that left computer screens at Hancock Regional Hospital with a ransom message for bitcoin has caused the entire network to go offline.
Hospital Pays $55K Ransomware Demand Despite Having Backups (BleepingComputer) An Indiana hospital paid a ransom of $55,000 to get rid of ransomware that had infected its systems and was hindering operations last week.
Hospital Pays $55K Ransomware Demand DESPITE Having Backups (KnowBe4) Hospital Pays $55K Ransomware Demand DESPITE Having Backups
Singing River Health System computers almost victim of cyber attack (Gulf Live) The attempted cyber-attack triggered security protocols to protect the system's data, thwarting attempts by hackers to break into their computers.
Netflix phishing campaign goes after your login, credit card, mugshot and ID (Naked Security) Netflix phishing campaign goes for login, credit card, mugshot and ID
Typosquatting and the risks of one wrong keystroke (Naked Security) It’s easy to do – you quickly type a URL you use every day and, in your haste, you accidentally swap, add, or delete a single letter and hit enter. Next thing you know you’re on a typos…
Blockchain can and will get hacked (Computer Business Review) At a glance you could see blockchain as an immutable harbinger of industrial disruption, offering impregnable security and the promise of streamlining.
DoS attacks against hard disk drives using acoustic signals (Help Net Security) A group of Princeton and Purdue researchers has shown that it's possible to mount a DoS attacks against hard disk drives via acoustic signals.
Code Execution Flaw Found in Transmission BitTorrent App (Security Week) Google Project Zero researcher Tavis Ormandy has discovered a critical remote code execution vulnerability in the Transmission BitTorrent client. The expert has proposed a fix, but it has yet to be implemented by the application’s developers.
The rise of ransom hacks, and the potential impact on your business (Help Net Security) As the value of bitcoin and other cryptocurrencies has appreciated, ransom attacks provide an opportunity for hackers to cash out for lucrative gains months later.
Found: New Android malware with never-before-seen spying capabilities (Ars Technica) Skygofree is among the most powerful spy platforms ever created for Android.
Unprecedented Android spyware designed to listen in at selected places (Fast Company) A newly discovered variety of Android malware that Kaspersky Lab calls “one of the most powerful spyware tools that we have ever seen for this platform” can surreptitiously record audio when a device enters locations attackers choose, the security company warns.
Kaspersky Discovers Powerful Mobile Spyware (Security Week) Kaspersky Lab has shared details of a sophisticated, multi-stage mobile spyware that gives attackers the ability to take over an infected Android device, with advanced features that have never been seen before in other mobile threats.
Italian IT Company Possibly Behind New Skygofree Android Spyware (BleepingComputer) Security researchers from Kaspersky Lab have discovered a new and powerful strain of Android spyware that they believe was created by an Italian IT company which they suspect is active in the surveillance software market.
Android’s hide and seek with malicious apps continues (The Star Online) The open and flexible nature of Android OS makes it more vulnerable to security issues, than perhaps other operating systems such as iOS. The ever-evolving nature of malware also makes detecting malicious apps harder.
As the cloud's popularity grows, so does the risk to sensitive data (Help Net Security) Despite the importance of cloud computing, one-third of respondents are unsure or do not agree that their organization is committed to protecting confidential or sensitive information in the cloud.
Fraud Doubles in Two Years to Hit 700m Attempts (Infosecurity Magazine) Fraud Doubles in Two Years to Hit 700m Attempts. Account creation is most popular as scammers use bots to test identities
VR p[0]rn app 'SinVR' exposes details of 20,000 customers | TheINQUIRER (Inquirer) 'High-risk' flaw could lead to users being 'blackmailed'
Here are three security issues facing self-driving cars (AOL UK Cars) Vehicle security experts have warned that there are a number of security risks associated with autonomous cars. Many car manufacturers and technology firms have been working on self-driving vehicles in recent months and years, with semi-autonomous
Security Patches, Mitigations, and Software Updates
Microsoft's mystifying Meltdown/Spectre patches for AMD processors (Computerworld) Take a look inside the new January Security-only patches specifically for Win7 and 8.1 AMD machines that were blue-screend by the original January Security-only patches. Win10 brickees still in limbo.
Abandoned by Microsoft, Equation Editor gets "security-adopted" by micropatch pros (Help Net Security) Last week, Microsoft did away with Equation Editor, a tool that has been part of Microsoft Office for over 17 years. ACROS Security offered instructions on how to restore it if users have installed the January Office updates, and decided to keep pushing out micropatches for flaws affecting it.
Cyber Trends
The 20 Best Cybersecurity Predictions for 2018 (Bricata) Making predictions has become a tradition of sorts for many businesses and the cybersecurity community is notwithstanding.
6 Tales of Censorship in the Golden Age of Free Speech (WIRED) Blocked by Trump, fired by Google, suspended by Facebook. The social internet gives everyone a voice, it also has countless ways of punishing us for speaking.
A Year After Trump, Davos Elite Fear Cyberattacks and War (Bloomberg.com) The threat of large-scale cyberattacks and a “deteriorating geopolitical landscape” since the election of U.S. President Donald Trump have jumped to the top of the global elite’s list of concerns, the World Economic Forum said ahead of its annual meeting in Davos, Switzerland.
Radware Report Highlights Rise in Ransom Hacks (NASDAQ.com) Untraceable ransom payments can be a lucrative opportunity for hackers as cryptocurrencies increase in value
Report: Only 40% of data stored in cloud secured with encryption, key management (TechRepublic) Organizations globally lack clear policies around securing data in the cloud, according to Gemalto and the Ponemon Institute.
SA at higher risk of phishing scams: report (ITWeb Technology News) South Africa is at higher risk of data breaches stemming from phishing scams.
Marketplace
The 4-1-1 on Cyber Insurance (Times Square Chronicles) Even though the cybersecurity insurance market is barely 20 years old, cybersecurity insurance companies have already collectively grossed more than $2 billion in premiums. This implies both good news and bad news.
Anomali Raises $40 Million in Series D Funding, Announces New Executive Hires (Anomali) New funding enables threat management and collaboration leader to further accelerate global customer growth and drive continued product innovation
Centerity Systems Secures $10 Million Strategic Investment by Merlin International (BusinessWire) Centerity announced it has received $10 million in funding from Merlin International.
WatchGuard Technologies Acquires Percipient Networks and Adds Security at the DNS Layer to Company's SMB Security Platform (PRNewswire) WatchGuard® Technologies, a leader in advanced network security solutions,...
ITC Secure Acquires G3 Cyber Security Practice (BusinessWire) ITC Secure (“ITC”), the assured IT and managed security service provider (“MSSP”), has announced that it has acquired the G3 Cyber Security (“G3 Cyber
IBM, shipping giant Maersk partner on blockchain to secure international trade (TechRepublic) The two companies announced a joint venture to use blockchain, AI, and IoT to create a more secure and efficient process for global trade.
COMODO CA Announces Strategic Partnership with Adweb Technologies (GlobeNewswire News Room) Partnership marks significant step for COMODO CA expansion into India, one of the world’s fastest-growing markets
Endace onboards network security firm Idappcom as new tech partner (Security Brief) As part of the agreement, Idappcom has developed a SNORT-based, scalable threat management solution for the EndaceProbe Network Analytics Platform.
An Ounce of Prevention - How CrowdStrike Fits Into A Balanced Cybersecurity Portfolio (Forbes) As I continue my series exploring how companies can build effective, balanced cybersecurity portfolios, I continue to come back to the point that companies must accept one simple fact...
Virtru: How These Brothers Protect The World's Data (Forbes) Virtru is an email encryption and data security company that was founded by brothers John and Will Ackerly..
Dyadic Rebrands as Unbound: Reinventing the Future of Security and Privacy (BusinessWire) Dyadic Security, the world leader in Software-Defined Cryptography (SDC), today announced it has rebranded as Unbound Technology. Stemming from the ma
Cylance® Names Chris Scanlan as SVP North America Sales (Cylance) Experienced security executive to drive revenue, build partnerships, and grow sales channels
MOVES-Former cybersecurity exec DeWalt joins M&A firm (Reuters) Dave DeWalt, the former CEO of FireEye Inc, is joining the relaunched cyber security M&A advisory firm Momentum Cyber as chairman, the company said on Wednesday.
KeyW Adds Dave Wallen to Lead Advanced Cyber Business (GlobeNewswire News Room) The KeyW Corporation (“KeyW”), a wholly owned subsidiary of The KeyW Holding Corporation (“Holdings”) (NASDAQ:KEYW) today announced that Dave Wallen will join KeyW as the senior vice president of Advanced Cyber, effective January 29, 2018.
Versa Networks Names Rob Mustarde New SVP Worldwide Sales (GlobeNewswire News Room) Accomplished sales leader brings 25+ years of experience scaling fast-growing technology organization
Quantum Corp. (QTM) Announces Patrick Dennis as New CEO (Street Insider) Quantum Corp. (NYSE: QTM) today announced that its board of directors has appointed Patrick Dennis as president and CEO, effective today.
A10 Networks Names New Executive Vice President of Worldwide Sales (BusinessWire) A10 Networks (NYSE: ATEN), a Secure Application Services™ company, today announced the appointment of Chris White to lead the company’s global sales o
Former SVP of Sales from FireEye and Current Operating Partner at Bain Capital Ventures, Jeff Williams, Joins ObserveIT Board of Directors (BusinessWire) ObserveIT, the leading insider threat management solution provider with approximately 1,700 customers around the world, today welcomed Jeff Williams,
Products, Services, and Solutions
Non-profit organization secures sensitive data, including Social Security numbers and W-2 forms (Netwrix) With Netwrix Auditor, Tax Executives Institute solidified the security of its IT environment and critical data.
Versasec Announces vSEC:CMS S-Series v5.0 (Versasec) Major release of flagship identity and access management solution adds strong focus on enabling deployment in large-scale projects
5 Things To Know About Cisco's Encrypted Traffic Analytics System (CRN) Partners can leverage ETA to help customers understand 'how they can have more efficient security' and will be able to build out a larger practice with larger deal sizes, says Cisco executive Prashanth Shenoy.
BlackBerry Launches Security Product for Automotive, Other Industries (Security Week) BlackBerry announced on Monday the launch of Jarvis, a new cybersecurity service designed to help companies in the automotive and other sectors find vulnerabilities in their software.
AlgoSec Delivers Complete End-to-End Visibility and Security Management Across the Entire Hybrid Environment (GlobeNewswire News Room) AlgoSec Security Policy Management Solution 2017.3 Includes Enhanced Visibility and Automation for AWS Topology, 3rd Party Virtual Firewalls in AWS, Palo Alto Networks and Juniper NetScreen Firewalls
Jackson McDonald protects case work with Darktrace AI (Cambridge Network) Darktrace, the world’s leading AI company for cyber defence, has announced that Jackson McDonald, Western Australia’s largest independent law firm, has selected Darktrace’s AI technology to defend its critical data, including confidential case work, litigation strategies and sensitive client information.
BT, Symantec partner to provide endpoint security protection (ITP) Customers to benefit from an integrated cyber defence solution
Technologies, Techniques, and Standards
As Cyber Threats To The Electric Grid Rise, Utilities And Regulators Seek Solutions (Forbes) The U.S. electric grid is increasingly dependent on the internet for operations, and as a result it is also increasingly susceptible to cyberattacks.
Preparing for NIS - Europe's First Dedicated Cybersecurity Law (Security Week) In May of this year, an important new European law will come into force which will affect providers of networking and operational technology (OT) systems in vital sectors such as energy, healthcare and finance across the continent.
Federal Government DMARC Adoption Surges (Agari) The first BOD 18-01 deadline to implement a DMARC record of P=none has passed and 63% of Federal Government agencies have met this deadline.
Decrypting malicious PDFs with the key (SANS Internet Storm Center) Sometimes malicious documents are encrypted, like PDFs. If you know the user password, you can use a tool like QPDF to decrypt it. If it's encypted for DRM (with an owner password), QPDF can decrypt it without you knowing the owner password.
Design and Innovation
Why Artificial Intelligence is More About People Than You Think (Digit) Andrew Berry, Director at Deloitte argues that the advent and rapid evolution of Artificial Intelligence is far more about people, teams and business culture than it is about technology.
Is DISA eyeing blockchain? (C4ISRNET) The shadowy, burgeoning technology holds promise for military use, officials say.
Academia
Texas promotes coding for girls through a new cybersecurity program (EdScoop) Gov. Greg Abbott partners with SANS Institute on a program that encourages young women to become cybersecurity professionals.
Legislation, Policy, and Regulation
New Changes To Wassenaar Arrangement Export Controls Will Benefit Cybersecurity (Forbes) In December, new export control rules for computer network intrusion software were published by the Wassenaar Arrangement, an international body that governs trade in goods with military and civilian applications for 42 member states.
'Digital Manhattan Project' Needed to Stop Cyberattacks, Experts Say (Tom's Guide) The U.S. needs a 'digital Manhattan Project' to stop cyberattacks from enemy nations, an ex-general and a former head of the CIA said.
In a close vote, the Senate ends debate on warrantless surveillance of U.S. citizens (TechCrunch) On Tuesday, the Senate undertook a cloture vote to end debate on a bill that would renew a controversial legal loophole that provides U.S. intelligence..
DNI Coats Establishes New Intelligence Community Policy on Requests for Identities of U.S. Persons in Disseminated Intelligence Reports (IC on the Record) DNI directs agencies to implement privacy policy within 90 days
DHS giving ‘active defense’ cyber tools to private sector, secretary says (TheHill) "What it means is, we want to provide the tools and resources to the private sector to protect their systems," Nielsen says.
Senators unveil bipartisan push to deter future election interference (TheHill) Bill would direct Trump administration to spell out penalties for election interference efforts by specific foreign governments.
GSA signals new cyber rules for contractors (FCW) The GSA's planned regulations require contractors to take responsibility for unclassified systems and data and report breaches.
The Senate Only Needs One More Vote to Pass Its Net Neutrality Restoration Bill (Motherboard) And a new bill is moving through the House of Representatives, too.
US Net Neutrality Move May Lead to Trade War with Chinese Internet Firms (VOA) Net neutrality issue may lead to renewed cyberspace battle between US and China
Litigation, Investigation, and Law Enforcement
GOP senator demands briefing from Sessions after reports of Russian hackers targeting Senate (TheHill) Hacker group associated with Russia targeting Senate staffers with phishing domains.
Bannon subpoenaed by special counsel and House committee to testify on Russia probes (Washington Post) The former White House strategist’s appearance before a congressional panel Tuesday marked his first testimony in the Russia investigations.
FBI Director Wray says FBI is evolving to face cybersecurity challenges (Homeland Preparedness News) The Federal Bureau of Investigation (FBI) is focused on bolstering its efforts to stop cybercriminals and hackers, said FBI Director Christopher Wray. “Today, we live much of our lives online, and we’re in a situation where just about everything that …
UK Conviction Arises out of Trend Micro and NCA Partnership (TrendLabs Security Intelligence Blog) On January 15, Goncalo Esteves from Essex, UK plead guilty on 3 charges of computer offenses under UK law. This marks the result of a collaborative investigation that Trend Micro and the National Crime Agency (NCA) in the United Kingdom initiated back in 2015.
Did Russia Use Fusion GPS to Target Donald Trump? (Tablet Magazine) News of the News: And could Christopher Steele, the British spy who spent his life as a Cold Warrior, have become an unwitting Kremlin pawn?
Byron York: Trump dossier probes now include possible State Department involvement (Washington Examiner) In addition to having contacts in the Obama Justice Department and FBI, former spy Christopher Steele was also well-connected with the Obama...
New website to help curb online crimes in Kenya (Daily Nation) It will also have updates on developments in the security sector.
Contractor hacks former employer, destroys and corrupts data (CSO Online) Edward Soybel was let go by W. W. Grainger and subsequently hacked his way back into the company to access customer databases to destroy and corrupt the data.
Colchester cyber criminal who ran testing service for hackers to be sentenced next month (East Anglian Daily Times) A cyber criminal from Colchester has admitted running a product testing service which allowed hackers to see whether their malicious software could beat anti-virus scanners.