Cyber Attacks, Threats, and Vulnerabilities
Multi-Stage Attacks Target Service Centers in Russia (SecurityWeek) Non-Russian threat group targets service centers in Russia in multi-stage attacks involving spear phishing and malicious documents
I can be Apple, and so can you (Okta) A Public Disclosure of Issues Around Third Party Code Signing Checks
For almost 11 years, hackers could easily bypass 3rd-party macOS signature checks (Ars Technica) Technique caused security apps to falsely show untrusted apps were signed by Apple.
Bugs Allowed Hackers to Make Malware Look Like Apple Software (Motherboard) Hackers could have snuck malware past several popular third-party Mac security tools thanks to a mistake in how the tools were implementing Apple digital certificate APIs.
How Machine Learning Techniques Helped Us Find Massive Certificate Abuse by BrowseFox (TrendLabs Security Intelligence Blog) By employing machine learning algorithms, we were able to discover an enormous certificate signing abuse by BrowseFox, a potentially unwanted application (PUA) detected by Trend Micro as PUA_BROWSEFOX.SMC.
Critical Flaws Expose ABB Door Communication Systems to Attacks (SecurityWeek) Several critical vulnerabilities expose door communication systems from ABB to remote hacker attacks. Patches and workarounds are available
Many Android Devices Ship with ADB Enabled (SecurityWeek) Many vendors ship Android devices with the Android Debug Bridge (ADB) feature enabled, exposing them to various attacks
Major U.S. Refineries At Risk Of Cyberattacks As Many Continue To Use Windows XP (Forbes) The end of life of Microsoft's Windows 7 operating software is almost upon us, with the company saying its updates and patches for the widely used interface will cease after January 14, 2020. In such circumstances, most people would assume that critical plant control system operators must be in a mad scramble to upgrade to the latest version.
How Secure is that Third Party Mobile App? (BitSight) As mobile applications continue to pose looming threats, BitSight researchers leveraged data from its mobile application security risk vector to identify if mobile applications offered on iOS and Google Play stores have known security vulnerabilities and issues.
Hackers Stole Over $20 Million From Misconfigured Ethereum Clients (BleepingComputer) A group of hackers has stolen over $20 million worth of Ethereum from Ethereum-based apps and mining rigs, Chinese cyber-security firm Qihoo 360 Netlab reported today.
Bitcoin price takes a dive after another cryptocurrency exchange hack (Graham Cluley) There’s bad news if you’re a cryptocurrency investor. Billions of dollars worth of wealth were wiped out this weekend after a South Korean cryptocurrency exchange was hacked.
Crypto-currency mining malware wreaks havoc in Africa (ITWeb) Cyber criminals take advantage of the popularity of digital currencies on the continent, unleashing crypto-currency malware.
The Hustlers Fueling Cryptocurrency’s Marketing Machine (WIRED) As Google and Facebook ban ads for cryptocurrency projects, and the SEC cracks down on hype, backers are employing unconventional strategies to find investors.
Apple Bans Cryptocurrency Mining In App Store (Motherboard) Apple recently updated its developer policies to ban apps that mine cryptocurrencies like Monero on user devices.
Weighing up the email security threat in EMEA (Barracuda Networks) Despite numerous attempts to dethrone it over the past few years, email continues to be the defacto for business communications. In research published last year, The Radicati Group estimated that more than 281bn email messages would be sent every day in 2018.
An introduction to the Spanish-language underground (IDG Connect) We speak to Flashpoint’s Cybercrime subject matter expert, Liv Rowley about the threat from the Spanish-language cybercriminal underground.
Spanish soccer app caught using microphone and GPS to snoop (TechCrunch) If you’ve ever found yourself wondering why an app is requesting microphone access when there doesn’t seem to be any logical reason why it should need to snoop on the sounds from your surroundings, hold that thought — and take a closer look at the T&Cs. Because it might turn o…
FIFA World Cup in Russia Bringing Cyberthreats at Home and Abroad (Government Technology) The No. 1 global sporting event, which only comes around once every four years, is about to begin in Russia. Billions of people are expected to be watching and commenting and clicking on all things football (soccer) over the next month. But with all the fun, and money and attention, there are criminals preparing as well. Let’s explore the FIFA World Cup cyberthreats and what can be done about security.
Bootloader vulnerability in OnePlus 6 lets an attacker take control of the device (HackRead) An IT security researcher has discovered a critical vulnerability in OnePlus 6 smartphones which if exploited can allow an attacker to boot any modified
Weight Watchers IT Infrastructure Exposed via No-Password Kubernetes Server (BleepingComputer) Just like many companies before it, weight loss program Weight Watchers suffered a small security breach after security researchers found a crucial server exposed on the Internet that was holding the configuration info for some of the company's IT infrastructure.
Weight Watchers Swears No Customer Data Exposed After Dozens of Servers Found Publicly Accessible (Gizmodo) Dozens of servers containing Weight Watcher’s data were left exposed after the company failed to password protect software used for managing application containers, according to German cybersecurity firm Kromtech.
Vendor of Careers@Gov jobs portal hit by malware (The Straits Times) Applicants for public service jobs in Singapore could have had their information compromised, as a malware infection was found to have hit an outsourced Australian-based vendor here.. Read more at straitstimes.com.
Bad .Men at .Work. Please Don’t .Click (KrebsOnSecurity) Web site names ending in new top-level domains (TLDs) like .men, .work and .click are some of the riskiest and spammy-est on the Internet, according to experts who track such concentrations of badness online.
Security Patches, Mitigations, and Software Updates
VMware plugs RCE hole in remote management agent (Help Net Security) VMware has fixed a critical remote code execution vulnerability (CVE-2018-6968) in VMware AirWatch Agent for Android and Windows Mobile.
Cyber Trends
State of the Internet Summer 2018 Attack Spotlight: What You Need To Know (Akamai) Earlier this year, Akamai mitigated the largest DDoS attack in its history, fueled by a new reflector, memcached. The attack targeted one of our software clients and broke through the 1 Tbps threshold for the first time. Memcached was developed...
How employee behavior impacts cybersecurity effectiveness (Help Net Security) Whether accidental or intentional, employee behavior impacts cybersecurity effectiveness and it can negatively impact even the best strategy.
Protecting consumers from mobile and IoT threats (Help Net Security) A new report by Allot revealed a dynamic and automated threat landscape in which consumers lack the security expertise to effectively protect themselves.
With the GDPR, companies face new era of compliance and transparency (Help Net Security) A foundational principle of the GDPR is controlling privileged access. Yet only 36% of organizations have removed administrator rights at various levels.
Companies caught between crooks and compliance warns Centrify (CSO) Companies can escape the squeeze between cyber crooks and compliance by better protecting identity says Centrify
Marketplace
USCYBERCOM Awards Cyber Innovation Contract to MISI (MISI) The Maryland Innovation and Security Institute (MISI) has been awarded a five-year Partnership Intermediary Agreement (PIA) by United States Cyber Command (USCYBERCOM) to innovate new technologies in an unclassified, state-of-the-art facility located in Columbia, MD.
CyberX Not Just an Amazon.com Subsidy (Bacon's Rebellion) Virginia economic development officials have kept their lips tight about the incentive package Virginia is extending to Amazon.com, Inc., to induce the e-commerce giant to locate its second headquarters in Northern Virginia. My concern has been that the Commonwealth might … Continue reading →
Security Industry Association Announces 2018 Legislator of the Year and Statesman Award Winners (Security Industry Association) Sens. Orrin Hatch, John Thune and Gary Peters, Reps. Dan Donovan and John Rutherford and security industry veteran Rob Reiter will be honored at SIA GovSummit.
Dreamit Ventures launches new security vertical (TechCrunch) Dreamit Ventures, a Philadelphia-based early stage investor and accelerator, announced it was moving into security today. To that end, it also announced it was bringing on Bob Stasio, an industry vet with roots in startups, IBM and work in the military and the NSA to run the new division. The compa…
Two Companies Picked To Protect Nation’s 600 Dams from Cyberattacks (Nextgov.com) The Interior Department awarded spots on a five-year, $45 million contract to manage IT risk for more than 600 dams nationwide.
Verint CEO: We're looking to improve margins (Globes) Dan Bodner refused to comment on the report that Verint will acquire cyber intelligence company NSO.
3 Hot Topics for Palo Alto Networks (The Motley Fool) Management at the cybersecurity specialist had plenty to say about the cloud migration, existing customers, and data privacy.
Facebook Says its Competitors Are the Whole Internet, Because Facebook Is the Internet (Motherboard) Facebook told Congress that its competitors come from all over the internet—that's true, because Facebook has largely replaced the internet for many of its users.
Splunk to acquire DevOps incident management platform VictorOps for $120 million (VentureBeat) Big data-crunching platform Splunk has announced plans to acquire VictorOps, an incident management platform for the DevOps community. For the uninitiated, Splunk captures machine-generated data fo…
Cyxtera Announces Closing of Immunity, Inc. Transaction (Cyxtera) Cyxtera Technologies, the secure infrastructure company, today announced the completion of the acquisition of Immunity, Inc., a global leader in offense-oriented cyber security techniques and technologies.
Kudelski Security Extends Capabilities to Germany and Austria From New Office in Zurich (PR Newswire) Kudelski Security, the cybersecurity...
Products, Services, and Solutions
Pulse Secure Virtual Application Delivery Controller Extends Availability to Amazon Web Services GovCloud (US) to Help US Government Agencies Innovate in the Cloud (Pulse Secure) Pulse Secure supports automation and integration with DevOps tools on AWS GovCloud (US) Region
Tenable Launches Pioneering Solution to Help Secure Critical Infrastructure across Converged IT/OT Environments (Tenable™) Tenable®, Inc., the Cyber Exposure company, today announced the industry’s first solution designed to reduce cybersecurity risk across today’s converged IT/OT environments. Enhancements to the Tenable.io® platform and Industrial Security, an asset discovery and vulnerability detection solution for Operational Technology (OT) systems, delivered in partnership with Siemens, enable organizations to manage Cyber Exposure holistically across IT and OT and effectively prioritize remediation based on the criticality of the asset and the vulnerability.
Denim Group’s ThreadFix Provides Application Security Scalability to the Enterprise (BusinessWire) Vulnerability Resolution Platform Enhances Performance for High Volume Testing
Kaspersky Lab and the brewers of Pilsner Urquell work together to secure beverage industry (IT News Africa) Kaspersky Lab and Plzensky Prazdroj have announced the successful completion of a cybersecurity partnership to improve the overall industrial security posture of the brewery.
Experian focusing on automated app deployments with Dynatrace (ComputerworldUK) From application management to security-as-a-service, credit reports firm Experian drives Dynatrace support with new model
Nyansa extends network performance monitor software (SearchNetworking) In Cisco Live news, Nyansa expanded its network performance monitor software to track WAN and Wi-Fi problems. And A10 added support for ingress filtering for Kubernetes containers.
Morphisec Hits One Million Endpoint Milestone in Under Two Years (Daily American) Morphisec, the leader in Moving Target Defense, today announced that it has reached a major milestone – it has deployed its Endpoint Threat
Twistlock Launches Twistlock Advantage Program (Sys-Con Media) First of its kind partner program for cloud native security equips partners with technical, sales and marketing support
LogRhythm adds NESA compliance regulation to platform (Intelligent CIO Middle East) In an effort to support the United Arab Emirates’ (UAE) cybersecurity outlook and show commitment to the country and the region as a whole, LogRhythm, the Security Intelligence Company, has integrated the UAE National Electronic Security Authority (NESA) cybersecurity compliance standards and guidelines into its NextGen SIEM (Security Information and Event Management) platform. These standards were […]
Medibank Private finds the cure for ransomware (CSO) Like most large businesses, health insurer Medibank Private was regularly experiencing a few of what CISO Stuart Harrison calls “significant incidents” every month.
Technologies, Techniques, and Standards
DHS cyber specialist: look for behavior patterns with APTs (Cyberscoop) To better track advanced hacking groups, U.S.-based companies should watch for signals in human behavior instead of changing tactics, according to Casey Kahsen, an IT specialist at the Department of Homeland Security.
How to Establish Effective Intelligence Requirements (SecurityWeek) Intelligence requirements (IRs) lay the foundation and set the direction of an intelligence operation, and enable teams to prioritize needs, allocate resources, determine data sources, and establish the types of analysis and expertise required to process that data into intelligence.
Train Your Employees to Think for Themselves in Data Security (Infosecurity Magazine) Since employees have access to company information, they are technically a bigger danger to data security than attackers.
Analyst research: ROI of Pen Testing as a Service (Help Net Security) Dr. Chenxi Wang examined the Return on Investment that organizations may realize by using Cobalt’s Pen Testing as a Service platform.
5 new facts about DoD’s secure phones and tablets (C4ISRNET) DISA continues to provide a variety of mobility solutions for DoD customers.
Cyber Yankee 2018 trains for attack (DVIDS) Cyber Yankee 2018 trains for attack
Design and Innovation
Interview: 'Cyber wars' veteran Phil Zimmermann talks quantum-proof encryption and backdoors (Computing) 'If the NSA tells you to get ready for quantum computers then you'd better get ready
Research and Development
US Oak Ridge National Lab unveils world's most powerful supercomputer (Computing) 200-petaflop Summit supercomputer eight times more powerful than Titan, the supercomputer it supercedes at Oak Ridge,Hardware,Server ,Oak Ridge National Laboratory,Summit,supercomputer,Power9,Department of Energy
Russia prepares for a future of making autonomous weapons (C4ISRNET) Kalashnikov, an arms maker that’s part of the larger Rostec defense enterprise, announced last week that it is has developed some expertise in machine learning.
Academia
Computer science researcher meets updated phishing attacks head on (Virginia Tech News) In an age of cyberattacks and data breaches, vigilance alone might not be enough to keep email users protected, according to new research from Virginia Tech that examines the growing sophistication of phishing attacks.
U.S. Cyber Challenge Kicks Off 2018 Camp Season at Virginia Tech (US Cyber Challenge) U.S. Cyber Challenge kicks off its 2018 boot camp season next week at Virginia Tech in Blacksburg, Virginia for the Eastern Regional Cyber Camp. Camp participants
Legislation, Policy, and Regulation
What the document signed by Donald Trump and Kim Jong Un says (Quartz) The agreement consists of four points—vague enough to confirm the fears of pessimists while leaving optimists feeling hopeful.
Ditching entourages, Trump and Kim Jong Un to meet 1 on 1 (Military Times) They came with scores of aides, bodyguards and diplomats in tow: Donald Trump from Washington, Kim Jong Un from Pyongyang. But for the better part of an hour, the two men will square off one on one, alone but for a pair of translators, raising concerns about the risk of holding such a monumental meeting with barely anyone to bear witness.
Today Only The Beginning of a Much Longer Term Process (Bloomberg) Saruhan Hatipoglu, CEO, B.E.R.I. (Business Environment Risk Intelligence), discussed his expectations for the Trump-Kim summit with Rishaad Salamat and Bryan Curtis. He explains how different Kim Jung Un is to his father, goes on to discuss the prospect of a peace deal ahead between North and South Korea and the importance of agreeing on what denuclearization means.
Trump Kim summit: Whatever happens, North Korea-US cyberwar will rage on (ZDNet) Opinion: A grin and a handshake will not change the attitude of either when it comes to hacking at the country scale.
Russia Is Quietly Playing Three Roles in the Korean Drama (Defense One) Though it rarely makes the news, Moscow has a critical part as a behind-the-scenes negotiator, spoiler, and unholy ally.
Suspend Privacy Shield if the USA will not comply, say MEPs (Computing) Both Facebook and Cambridge Analytica were certified under the pact, Civil Liberties Committee points out
Pressure mounts on EU-US Privacy Shield after Facebook-Cambridge Analytica data scandal (TechCrunch) Yet more pressure on the precariously placed EU-US Privacy Shield: The European Union parliament’s civil liberties committee has called for the data transfer arrangement to be suspended by September 1 unless the US comes into full compliance. Though the committee has no power to suspend the a…
Illegal memes? Weak Safe Harbor? Unpacking the proposed EU copyright overhaul (Ars Technica) Overhaul would bring chilling effects, costs, and legal uncertainty along for the ride.
Even as Trump advocates for Russia, his administration imposes new sanctions for Moscow's cyberattacks (Los Angeles Times) Citing “malicious” cyberattacks by Russia's agents, the Trump administration on Monday imposed economic sanctions on Russian companies and persons accused of supporting Moscow’s spy network. The action comes just after President Trump unsuccessfully pushed for Russia's readmittance to the G-7.
Congress Questions Trump's ZTE Deal (Nextgov.com) Plus the other goodies tucked into the National Defense Authorization Act federal employees need to know.
Senate may deal Trump trade defeat on ZTE (CNN) The Senate is on the verge of directly undercutting a key piece of President Donald Trump's trade negotiations with China, as a bipartisan group of lawmakers successfully pushed for the inclusion of a bill to undo a deal to save Chinese telecom ZTE.
How a Washington crackdown on Huawei could backfire for everyone (IDG Connect) Acting tough on Chinese firms might seem like a good idea to the Trump administration, but it could come back to bite the US tech industry in the long-term.
Senator hopes to draw red line discouraging election cyberattacks (Cyberscoop) A prominent lawmaker wants to draw a line in the sand to discourage hackers from targeting U.S. election systems. Sen. Mark Warner, D-Va., proposed Monday that the United States formally declare it will respond in cyberspace to any foreign interference in American elections.
Lawmakers Take Another Shot at Transforming Trump Cyber Policy (Nextgov.com) Proposed amendments to the Senate’s defense authorization bill would reinstate the White House cyber coordinator and require a White House cyber strategy.
US Government’s biometric database worries privacy advocates (Naked Security) It is something few Americans will have heard of, but the US Department of Homeland Security’s Homeland Advanced Recognition Technology (HART) is catching the eye of privacy advocates – and n…
The cyber bases of the future (C4ISRNET) From BRACtown to downtown: National cyber defense units should be located in metropolitan areas where they can best take advantage of IT capabilities and infrastructure.
How Energy's new cyber shop will work (FCW) The Energy Department's new cybersecurity and emergency response unit aims to complement critical infrastructure efforts at DHS.
Trump's coal, nuclear bailout no shield from hackers: cyber experts (Reuters) Bailing out nuclear and coal-fired power plants will not toughen the U.S. power grid against cyber attacks as the Trump administration claims, according to cyber experts, because hackers have a wide array of options for hitting electric infrastructure and nuclear facilities that are high-profile targets.
New fines for essential service operators with poor cyber security (GOV.UK) Proposals being considered as part of consultation to protect essential services
Vietnam’s new cyber security law draws concern for restricting free speech (TechCrunch) Big tech firms including Google, Facebook and Twitter have expressed major concern after Vietnam’s government passed a law that promises to introduce tighter restrictions on free speech online. The new regulation passed this week strengthens the government’s position on censoring the in…
Litigation, Investigation, and Law Enforcement
Senator says Chinese hack of Navy contractor ‘very serious’ (Fifth Domain) A Rhode Island Senator is describing the case of a Chinese government hack into a Newport Naval Station as “very serious.”
Josh Schulte: CIA insider gone south or repugnant criminal? (CSO Online) Josh Schulte, believed to have been the source of the leaked the "Vault 7" Wikileaks trove of CIA tools, has been charged with a heinous crime concerning illegal images.
Treasury Sanctions Russian Federal Security Service Enablers (U.S. Department of the Treasury) Today, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated five Russian entities and three Russian individuals under Executive Order (E.O.) 13694, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities,” as amended, and Section 224 of the Countering America’s Adversaries Through Sanctions Act (CAATSA).
U.S. Sanctions Russian Firms for Energy Grid Cyberattack (Bloomberg) The U.S. imposed new sanctions Monday on Russian firms and individuals for helping the country’s state security service conduct cyberattacks targeting the American energy grid and other key infrastructure.
US hits Russian firms with sanctions, citing cyberattacks (Fifth Domain) The Trump administration on Monday slapped sanctions on several Russian companies and businessmen for engaging in cyberattacks and assisting Russia’s military and intelligence services with other malicious activities.
ERPScan named in new US sanctions that claim that Russia is monitoring underwater communication cables (Computing) ERPScan denies links with security firm named in US sanctions
US ZTE ban will remain in place until the company pays $1bn fine and places $400m in escrow (Computing) ZTE deal a 'personal favour' from President Trump - but it will definitely be shut down if it contravenes new agreement,Security,Leadership,Cloud and Infrastructure ,ZTE,Donald Trump,Department of Commerce,sanctions,Fox News,Peter Navarro
Founder of Cybersecurity Company Says His Firm Was Sanctioned Because He was Born in Russia (Motherboard) The US Treasury sanctioned five companies accusing them of helping the Russian government hack. But the founder of one of those companies vehemently denied the accusations.
Kaspersky Asks Appeals Court to Reverse Government Ban With a Quickness (Nextgov.com) The Russian anti-virus company wants to complete the appeal process before a broad government ban takes formal effect in October.
74 Arrested in Coordinated International Enforcement Operation Targeting Hundreds of Individuals in Business Email Compromise Schemes (US Department of Justice) Federal authorities announced today a significant coordinated effort to disrupt Business Email Compromise (BEC) schemes that are designed to intercept and hijack wire transfers from businesses and individuals, including many senior citizens.
Eleven arrested in Harris County by FBI for committing cyber crimes (Houston Chronicle) The international sweep ran from January to early June 2018 and culminated in two weeks of focused law enforcement activity in the United States and Nigeria, according to the FBI.
French Data Protection Authority Imposes a Record 250,000 € Fine to Optical Center for a Security Breach on its Website (JDSupra) On June 7, 2018, the French Data Protection Authority (the CNIL) published a decision (issued one month earlier) in which it imposed a record 250,000 euros fine on Optical Center (which, although its name does not indicate, is a French company) for having insufficiently secured the personal data of its customers.
Open Source Security hit with bill for defamation claim (Register) Judge okays $260K in defense costs to Bruce Perens and lawyers under anti-SLAPP