Cyber Attacks, Threats, and Vulnerabilities
Sofacy APT Has Subtly Changed Tactics (BleepingComputer) A well-known Russian cyber-espionage group has subtly changed its modus operandi, moving to what security researchers from Palo Alto Networks are calling "parallel attacks."
Sofacy Group’s Parallel Attacks (Palo Alto Networks Blog) Unit 42’s continued look at the Sofacy Group’s activity reveals the persistent targeting of government, diplomatic and other strategic organizations across North America and Europe.
New Backdoor Based on Hacking Team Tool (ISS Source) A new backdoor created by the Iron attack group has infected at least 2,000 victims so far, researchers said. The backdoor source code comes from the Hacking Team..
Operation Prowli: Monetizing 40,000 Victim Machines (GuardiCore) Guardicore Labs has uncovered a traffic manipulation and cryptocurrency mining campaign infecting a wide number of organizations in industries.
VPNFilter Targets More Devices Than Initially Thought (SecurityWeek) Researchers find new stage 3 modules of VPNFilter malware and determine that devices from ASUS, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE are also targeted
VPNFilter Update - VPNFilter exploits endpoints, targets new devices (blogs@Cisco - Cisco Blogs) Cisco Talos, while working with our various intelligence partners, has discovered additional details regarding “VPNFilter.”
New KillDisk Variant Hits Latin American Financial Organizations Again (TrendLabs Security Intelligence Blog) Last May, we uncovered a master boot record (MBR)-wiping malware in the same region. The telltale sign was a problem related to the affected machine’s boot sector. Based on the error message it displayed after our tests, we were able to ascertain that this was another — possibly new — variant of KillDisk.
PageUp Malware Scare Sheds Light On Third Party Risks (Threatpost) The incident is another reminder that third-party software and services are an easy way for attackers to steal sensitive data.
Further Down the Trello Rabbit Hole (KrebsOnSecurity) Last month’s story about organizations exposing passwords and other sensitive data via collaborative online spaces at Trello.com only scratched the surface of the problem.
The Zip Slip vulnerability – what you need to know (Naked Security) Thousands of projects have been affected by a painful programming lapse.
Attackers can hide malware in archive files with Zip Slip flaw; here's how to fight it (TechRepublic) A newly revealed vulnerability affecting open source software libraries should have you worried about the security of your coding projects.
Backdoor Uses Socket.io for Bi-directional Communication (SecurityWeek) A recently discovered remote access Trojan is using a specialized program library that allows operators to interact with the infected machines directly, without an initial “beacon” message.
US Government Probes Airplane Vulnerabilities, Says Airline Hack Is ‘Only a Matter of Time’ (Motherboard) According to DHS and other US government documents obtained by Motherboard, the DHS is continuing to investigate how insecure commercial aircraft are to cyber attacks, with one research lab saying hacking a plane may lead to a "catastrophic disaster."
Hackable CloudPets pulled from Target, Walmart, Amazon and more (Naked Security) The stuffed toys are stuffed with security problems that we’ve known about for over a year.
Another baby monitor camera hacked (CSO Online) The latest baby monitor hacking incident involves a $34 FREDI wireless baby camera monitor. The hacked device was used to spy on a mother and her baby.
Post-Tax Season Spam Campaign Delivers URSNIF to North American Taxpayers (TrendLabs Security Intelligence Blog) Although many tax scams purely rely on social engineering, other campaigns make use of more sophisticated tools and techniques. We found and analyzed one such campaign delivering the notorious banking trojan known as URSNIF to North American targets.
Atlanta officials reveal worsening effects of cyber attack (Reuters) The Atlanta cyber attack has had a more serious impact on the city's ability to deliver basic services than previously understood, a city official said at a public meeting on Wednesday, as she proposed an additional $9.5 million to help pay for recovery costs.
Ukraine says prevented cyber attack on NATO country embassy (Reuters) Ukraine's state security service (SBU) prevented a cyber attack on the embassy of a NATO country in Kiev, it said in a statement on Tuesday, without specifying which one.
Fake lotteries trying to use FIFA World Cup fever to scam people (WeLiveSecurity) The FIFA World Cup is fast approaching and anticipation for the event in Russia is increasing as the countdown continues to kick off on June 14. Unfortunately, the amount of fake lotteries and giveaways trying to abuse the event is also on the rise.
VIDEO:Raytheon: The Hackers’ Playbook (GovCon Wire) When cyber attackers go after a big target like a power
Security Patches, Mitigations, and Software Updates
Cisco Releases Security Updates for Multiple Products (US-CERT) Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:
Critical Vulnerability Addressed in Popular Code Libraries (SecurityWeek) A critical and widespread arbitrary file overwrite vulnerability has been addressed in popular libraries of projects from HP, Amazon, Apache, Pivotal, and more.
Are We Headed for a 'Cyber Cuban Missile Crisis' with Russia? (The Cipher Brief) Bottom Line: The risk posed to U.S. national security by what are believed to be Russian-backed hacking groups, is similar to the October 1962 Cuban Missile Crisis according to Cipher Brief Experts, but different, in that the U.S. has no clear and obvious deterrent this time around. Recent Developments: The FBI recently forced its way … Continue reading "Are We Headed for a ‘Cyber Cuban Missile Crisis’ with Russia?"
There will be no ‘Cyber Cuban Missile Crisis’ (Fifth Domain) If we truly want to understand cyber war, we need to do better than misapply analogies from past conflicts that do not fit the modern threat profile.
Average IT Hit From Data Breaches Nearly $1 Million: Study (MediaPost) Almost half of all firms have suffered a data breach, a study finds. Worse, almost 10% of the IT leaders did not realize it.
Ransomware is #1 for Cyberinsurance claims! (National Law Review) HealthITSecurity.com reported that more “…than one-quarter of cyber insurance claims received by AIG last year were the result of ransomware attacks, the largest percentage of any cyberattack type, according to the insurance giant’s 2017 cyber insurance claim statistics.”
Report: Nearly half of all enterprises were hacked in the last 12 months (Tech Republic) The survey found that organizations that did report a breach in the last year had been hacked an average of 30 times.
The Critical Need to Improve Compliance Processes (KnowBe4) Depending upon one’s perspective, compliance activities are either a fortunate fact of life for most organizations because they can minimize the risk associated with running afoul of various governmental and best practice obligations; or they’re an unfortunate part of doing business because of the cost and effort required to manage them properly.
The Exabeam 2018 State of the SOC Report (Exabeam) The Exabeam 2018 State of the SOC Report is based on the results of an April 2018 survey of US and UK security professionals who are involved in the management of Security Operations Centers (SOC) across CISO, CIO, analyst, and management roles.
Crowdsourced security trends: Payouts to hackers increase (Help Net Security) Bugcrowd has released the 2018 Bugcrowd State of Bug Bounty Report, which analyzes proprietary platform data collected from more than 700 crowdsourced security programs managed by the organization.
Some 37 percent of devices in Armenia exposed to infection attempts (ARKA Telecom) About 37% of devices used by Internet users in Armenia in January, February and March 2018, faced attempts of infection with malicious software , making Armenia the 7th country in this respect, according to the data of Kaspersky Lab, obtained with the help of Kaspersky Security Network (KSN).<br />
Tech Data: The security market has to change (MicroscopeUK) The distributor is looking to gain more of a foothold in the market and is coming with a different message for resellers
Chinese phone maker ZTE saved from brink after deal with U.S. (Reuters) U.S. Commerce Secretary Wilbur Ross said on Thursday the government has reached a deal with ZTE Corp that reverses a ban on its buying parts from U.S. suppliers, allowing China's No. 2 telecommunications equipment maker to get back into business.
Palo Alto Networks Inc.: Can the $128 Million Man Invigorate PANW Stock? (InvestorPlace) Palo Alto Networks is betting $128 million per year that Nikesh Arora can enhance its cloud security leadership, which bodes well for PANW stock.
Jim Cramer Reveals His Favorite Cyber Security Stocks (TheStreet) TheStreet's founder and Action Alerts PLUS Portfolio Manager Jim Cramer's favorite cyber security stocks are Proofpoint, followed by Palo Alto Networks.
Lockheed Martin sees an appetite for startup investments (C4ISRNET) Lockheed is doubling down on its venture capital investments. Here's the tech it's interested in.
CounterTack Buys GoSecure to Take On CrowdStrike, Carbon Black (Channel Partners) CounterTack said its acquisition of GoSecure expands its previous partnership with the company to a MDR platform-as-a-service for its domestic and international customers, and it will enhance its offerings for enterprises of all sizes, whether deployed on-premise, hosted or managed in the cloud.
Reason Software Acquires Filelock to Provide Consumers with the Most Comprehensive Cyber Protection Against Existing and Emerging Threats (PR Newswire) Reason Software, a leading cybersecurity software company focused on...
Frontier Announces Majority Investment in MediaPro and CEO Appointment (Frontier Capital) We are pleased to announce our majority growth equity investment in MediaPRO Holdings, a SaaS-based provider of security, privacy, and compliance awareness training solutions. In addition, we are excited to welcome Tyler Winkler to lead the company as CEO.
ALTR Emerges From Stealth With Blockchain-Based Data Security Solution (SecurityWeek) Austin, Texas-based ALTR emerged from stealth mode on Wednesday with a blockchain-based data security solution and $15 million in funding
HP Discloses Up To 1,000 Additional Job Cuts By Next Year (CRN) The company's restructuring plan, which runs through fiscal 2019, now includes between 4,500 and 5,000 job cuts in total.
Fran Rosch Named ForgeRock Chief Executive Officer (GlobeNewswire News Room) Former Executive Vice President of Symantec to Lead the Company Through Next Growth Phase
Products, Services, and Solutions
Comodo Cybersecurity Unveils New Visual Identity and Website, Positioning Centers on Enabling Customers to Render Attacks Useless (PR Newswire) Comodo Cybersecurity, a global...
Gemalto Launches Virtualized Network Encryption Platform to Help Customers Address Evolving Data Security Needs (BusinessWire) Gemalto, the world leader in digital security, today announced the launch of a new virtualized network encryption platform, SafeNet Virtual Encryptor
Smartphone Security Scanner 'Sees' Concealed Weapons and Explosives on a Person, Non-Invasively and in Real Time (Officer) From a distance of up to 40 feet, security agents or law enforcement personnel can scan individuals in a crowd or an approaching person of interest simply by pointing their smartphone at them with the SWORD device attached.
AXA Partners With SecurityScorecard to Set Cyber Insurance Premiums (SecurityWeek) AXA has entered an agreement with SecurityScorecard to have access to security ratings, which will be used to help set the premium for its insurance agreements.
enSilo's Endpoint Security Platform Introduces Multi-tenancy Features Helping Managed Security Service Providers Capitalize on New Security Markets (PR Newswire) enSilo, the automated endpoint security company protecting endpoints pre-...
Atos and Merlin International Join Forces to Offer Managed Cybersecurity Services (BusinessWire) Atos and Merlin International, Inc. today announced they will partner together to offer quality managed security services
Lockpath and Digital Shadows Partner to Advance Digital Risk Management (PR Newswire) Lockpath, a leading provider of...
Hikvision UK and Eagle Eye Networks Announce Preferred Technology Partnership (News Anyway) London, UK and Amsterdam, NL – Hikvision UK & Ireland, the world’s largest manufacturer of video surveillance products and solutions, ...
Kaspersky: Products Address Needs of ‘Very Small Business to Large Enterprise’ (Channel Partners) In this edition of the New Exhibitor News Desk at the 2018 Channel Partners Conference & Expo in Las Vegas, Kaspersky Lab's Bundit Boonchareon discusses how SMBs can implement his company's security services and what companies can do to prevent security risks created by their own employees.
Technologies, Techniques, and Standards
Using Insights From DefPloreX-NG to Thwart Web Defacement Attacks (TrendLabs Security Intelligence Blog) The ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS) is an avenue for cybersecurity research breakthroughs, techniques, and tools.
DISA, worried about cyberattacks, looks to the cloud (Fifth Domain) In an era of increased cyber risk, how do you protect millions of users needing to access the web from the most targeted network in the world?
The Diminishing Returns of Our Constantly Growing Security Stacks (SecurityWeek) It may be time to couple ‘defense-in-depth’ with the understanding that when it comes to security stacks, less actually can be more.
Bouncing Back from Cyber Attack (Infosecurity Magazine) Knowing where to get started a cyber-attack specific disaster recovery plan is always half the battle..
US Navy Launches Inspection Program for Cyber Operations Preparedness - Executive Gov (Executive Gov) The U.S. Navy debuted early this year a program that allows the service branch to conduct and direct
Why creativity is key to security (Help Net Security) Security teams are under tremendous pressure today, and are often times not thought of as innovative or creative. Yet that’s precisely what needs to happen.
Balancing Modernization and Cybersecurity (MeriTalk) The digital transformation in government IT is driving modernization but also expanding the attack surface Federal agencies have to protect. The traditional perimeter no longer exists. Today, there is no “inside” or “outside” the network when it comes to detecting, defending, and deterring cyber attacks.
Six years since World IPv6 Launch: entering the majority phases (Security Boulevard) As reported in an ISOC report last year, IPv6 adoption is now solidly in the "early majority phase" of the technology adoption life cycle by many metrics (well past "innovators" and "early adopters"), with progress beyond that in some areas....
Design and Innovation
Encyclopædia Britannica Wants to Fix False Google Results (WIRED) The 250-year-old publication released a Chrome extension designed to fix Google's sometimes inaccurate "featured snippets."
Internal Documents Show How Facebook Decides When a Poop Emoji Is Hate Speech (Motherboard) Facebook trains its moderators to recognize when emojis violate the social network site’s policies as well, including for sexual solicitation, hate speech, and bullying.
Research and Development
In Pursuit of Cryptography's Holy Grail (Dark Reading) Homomorphic encryption eliminates the need for data exposure at any point - something that certainly would be welcome these days.
Blocking facial recognition surveillance using AI (Naked Security) If AI is increasingly able to recognise and classify faces, then the only way to counter this creeping surveillance is to use another AI to defeat it. Thanks to the University of Toronto, this may …
The divide over China’s Confucius Institutes on US campuses (South China Morning Post) The debate over the language and culture centres has become a testing ground for the American response to China’s growing global reach
Virginia Tech team tops in cyber capture-the-flag (VT News) Seven computer engineering students took first place in MITRE’s Embedded Capture-the-Flag contest, which tasked them with designing a secure ATM banking system and then attacking the designs of 10 other universities.
Legislation, Policy, and Regulation
Germany could dispatch armed forces in response to cyberattacks (Handelsblatt Global Edition) Germany could use its armed forces in response to cyberattacks. That’s tough talk from a country notoriously shy about joining foreign military missions.
The Future of GDPR - Dead, Diluted, Detested or Accepted? (SecurityWeek) European Data Protection Regulation (GDPR) will either become dead, diluted, detested or accepted, as other regulations before it.
Senate defense bill would authorize spying on Russians engaged in disinformation, hacking (TheHill) The Senate Armed Services Committee’s version of an annual defense bill would authorize the Pentagon to conduct surveillance on individuals conducting hacking or disinformation campaigns on behalf of the Russian government — a clear reference to Moscow’s interference in the 2016 presidential election.
Confirmed: ZTE to reopen after $1 billion fine, new leadership [Updated] (Ars Technica) Deal follows terms outlined by Donald Trump in a May tweet.
ZTE fined $1 billion (TechCrunch) After much negotiation with the Trump Administration, Secretary of Commerce Wilbur Ross confirmed this morning that ZTE, the Chinese telecommunications giant, has agreed to a $1 billion fine. That penalty was assessed following an investigation showing that ZTE had violated U.S. sanctions by sellin…
Trump flouts national security advice in bid to save ZTE (POLITICO) His push to rescue the Chinese telecom giant puts him on a collision course with Congress, as well as members of his own administration.
House panel votes down measure to force DHS to detail ZTE threat (TheHill) The House Homeland Security Committee on Wednesday voted down a Democratic resolution that would have forced the Department of Homeland Security (DHS) to provide lawmakers with more information about the threat posed by Chinese telecommunications firm ZTE.
House panel approves bill to secure industrial systems from hacks (TheHill) The House Homeland Security Committee has advanced legislation designed to boost security around systems used to power the electric grid and other critical services in the United States.
White House ‘Game of Thrones’ Elevates Newbie to Run Cybersecurity (The Daily Beast) A West Wing power struggle has elevated an inexperienced official who’s angered the agencies tasked with securing federal networks.
SEC chairman: Cryptocurrencies like bitcoin are not securities (CNBC) SEC Chairman Jay Clayton speaks with CNBC's Bob Pisani about what he sees for the future of blockchain, cryptocurrencies and initial coin offerings (ICO).
The sweeping surveillance of American lives (Orange County Register) Civil liberties groups are correctly demanding the release of more information on a reported surge in U.S. call records collected by the National Security Agency.
Army cyber program accepts only the best MI officers and the return investment is paramount to the Cyber Branch and the Army (DVIDS) When Maj. Brooks Jarnagin, who is a Military Intelligence (MI) officer, graduated from the two-year Army Intelligence Development Program – Cyber (AIDP-Cyber) course in a ceremony at the National Cryptologic Museum here on June 1 he became a trend sett
What is the New York Cybersecurity Regulation? What you need to do to comply (CSO Online) Officially called 23 NYCRR 500, this regulation requires financial services firms doing business in New York to have a full security risk assessment and plan.
New Colorado Breach Notification Rules Signed Into Law (Dark Reading) Colorado has enacted a new data breach notification law that contains some of the most stringent requirements in the US.
New law forces Google to suspend political ads in Washington state (Ars Technica) Google says its systems are not yet able to comply with the disclosure rules.
Litigation, Investigation, and Law Enforcement
ZTE Pays $1 Billion Fine in Settlement With U.S. (Wall Street Journal) The U.S. and China have reached a deal that will allow telecom company ZTE to continue to do business, requiring it to pay a $1 billion fine and place U.S. enforcement officers in the company to monitor its actions.
Senator wants Mark Zuckerberg to testify on Huawei data sharing (Engadget) Brace yourself for another Facebook hearing.
Facebook Deals With Chinese Firm Draw Ire From U.S. Lawmakers (SecurityWeek) Lawmakers expressed outrage that Chinese firms were given access to Facebook user data at a time when officials were trying to block their access to the US market over national security concerns.
PACIFIC • Is Facebook a security threat? (CNNMoney) Zuckerberg Takes TV • Instagram Goes Long • Elon Musk
After Scrutinizing Facebook, Congress Turns to Google Deal With Huawei (Wall Street Journal) Members of Congress have begun scrutinizing Google’s relationship with China’s Huawei Technologies, according to people familiar with the matter—roping another Silicon Valley giant into Washington’s escalating digital cold war with Beijing.
Former Cambridge Analytica CEO Faces His Ghosts in Parliament (WIRED) Alexander Nix returned to Parliament, but provided more bluster than answers.
McCabe seeks immunity for testimony in congressional hearing over FBI handling of Clinton email probe (CNN) Former FBI Deputy Director Andrew McCabe has requested the Senate Judiciary Committee provide him with immunity from prosecution in exchange for testifying at an upcoming congressional hearing focused on how senior officials at the FBI and Justice Department handled the investigation of Hillary Clinton's private email server, according to a letter obtained by CNN.
Mueller checks witnesses’ phones for secure messaging apps, per report (Ars Technica) CNBC: Mueller has been checking for improper conversations by Trump associates.
Marcus Hutchins faces new charges over malware creation and lying to the FBI (Computing) Hutchins calls 'bullshit' on new charges that 'reset the clock' in legal case
China Targets Defense Contractors in Its Ramped Up Spy Games - ClearanceJobs (ClearanceJobs) Yet another counterintelligence success from the FBI - the arrest of Ron Rockwell Hansen, defense contractor and former Defense Intelligence Agency officer for espionage on behalf of China. Every FSO should be briefing their personnel on the China espionage threat.