Cyber Attacks, Threats, and Vulnerabilities
China-based campaign breached satellite, defense companies: Symantec (Reuters) A sophisticated hacking campaign launched from computers in China burrowed deeply into satellite operators, defense contractors and telecommunications companies in the United States and southeast Asia, security researchers at Symantec Corp said on Tuesday.
Thrip: Espionage Group Hits Satellite, Telecoms, and Defense Companies (Symantec Threat Intelligence Blog) Symantec’s artificial intelligence-based Targeted Attack Analytics uncovers new wide-ranging espionage operation.
APT15 Pokes Its Head Out With Upgraded MirageFox RAT (Threatpost) This is the first evidence of the China-linked threat actor's activity since hacked the U.K. government and military in 2017 (which wasn't made public until 2018).
How North Korea's hackers have changed (Cyberscoop) Priscilla Moriuchi, director of strategic threat development for Recorded Future speaks on how North Korea has changed their hacking techniques.
The Theft and Reuse of Advanced Offensive Cyber Weapons Pose A Growing Threat (Council on Foreign Relations) Almost exactly a year ago, North Korea and Russia reused a vulnerability stolen from the U.S. government to conduct the WannaCry and NotPetya ransomware attacks. Is the theft and reuse of vulnerabilities likely to be the norm?
Anomymous #OPICARUS2018 (Akamai) Operation #OpIcarus2018 has been announced and it encompasses several on-going campaigns, including #OpPayBack, #OpIcarus, #DeleteTheElite, and #SosNicaragua.
Cryptocurrencies Fall as Korean Exchange Says $32 Million of Coins Stolen (Bloomberg.com) Cryptocurrencies dropped after the second South Korean exchange in as many weeks said it was hacked, renewing concerns about the safety of digital-asset trading venues.
Kardon Loader Looks for Beta Testers (Arbor Networks Threat Intelligence) Key Findings ASERT researchers discovered Kardon Loader being advertised on underground forums. Kardon Loader features functionality allowing customers to open their own botshop, which grants the purchaser the ability to rebuild the bot and sell access to others. Kardon Loader is in early stages of development,
Phishers Use 'ZeroFont' Technique to Bypass Office 365 Protections (SecurityWeek) Cybercriminals use a technique dubbed by researchers ZeroFont to bypass Office 365 phishing protections
3,000+ mobile apps leaking data from unsecured Firebase databases (Help Net Security) Appthority found over 3,000 mobile apps leaking sensitive personal and business data from 2,300 unsecured Firebase databases.
Appthority Discovers Thousands of Apps with Firebase Vulnerability Exposing Sensitive Data (Appthority) Appthority has discovered a significant mobile data vulnerability related to Google Firebase which has resulted in the exposure of a wide range and large amounts of sensitive data through thousands of mobile apps. The exposure is not due to malicious code, but simply to developer carelessness with securing mobile app data stores. Get the Full …
Beware this Android emulator, it's hijacking your GPU to mine cryptocurrency (TechRepublic) Users have accused Andy OS Android Emulator of secretly dropping a cryptocurrency miner on your system that runs endlessly.
Rootkit-Based Adware Wreaks Havoc Among Windows 10 Users in the US (BleepingComputer) Security researchers from Romania-based antivirus vendor Bitdefender have detailed the operations of an adware strain named Zacinlo that uses a rootkit component to gain persistence across OS reinstalls, a rootkit component that's even effective against Windows 10 installations.
S5Mark is a 'VPN' that is actually a rootkit in disguise, BitDefender says (PCWorld) A new rootkit, Zacinlo, that attacks United States users of Windows 10 has re-surfaced. It's hidden inside a "VPN" that promises to secure your PC.
Mylobot Malware Brings New Sophistication to Botnets (Dark Reading) The malware pulls together a variety of techniques to gain a foothold and remain undiscovered.
Stop downloading fake malicious Fortnite Android apps (HackRead) Fortnite players watch out; cybercriminals are scamming users with fake malicious Fortnite apps - Its Android version is yet to be released.
FakeSpy Android Information-Stealing Malware Targets Japanese and Korean-Speaking Users (TrendLabs Security Intelligence Blog) We observed a campaign that uses SMS as an entry point to deliver FakeSpy, which can steal text messages, account information, contacts, and call records.
Millions of Streaming Devices Are Vulnerable to a Retro Web Attack (WIRED) Using a technique called DNS rebinding, one amateur hacker found vulnerabilities in devices from Google, Roku, Sonos, and more.
ATM Hacking: You Don't Have to Pay to Play (LookingGlass Cyber Solutions Inc.) US Banks are getting Skin in the Game How many times have you used an Automated Teller Machine (ATM) in your life? Probably too many times to count, and, June 19, 2018
Flaw in Google Home and Chromecast devices reveals user location (HackRead) Google Home and Chromecast devices are leaking location data of their users - If you are a Google Home and Chromecast users watch out.
Secure Phishing: Netflix Phishing Goes TLS (SANS Internet Storm Center) A global cooperative cyber threat / internet security monitor and alert system. Featuring daily handler diaries with summarizing and analyzing new threats to networks and internet security events.Phishing for Netflix accounts isn't new. But recently, I see a large number of phishing e-mails for Netflix that lead to sites with valid TLS certificates.
Elon Musk Sends Company-Wide Email About Tesla Saboteur and ‘Outside Forces’ (Motherboard) The Tesla CEO told employees that someone within the company has been committing corporate espionage.
Employee negligence still poses major security concerns (Help Net Security) With most working adults in the U.S. admitting to potentially risky behavior at work, employee negligence poses major security concerns for U.S. businesses.
This Programmer Scraped LinkedIn to Find People Who Work at ICE (Motherboard) This isn't the first time that public information sources have been scraped to shed light on government employees.
Most Websites and Web Apps No Match for Attack Barrage (Dark Reading) The average website is attacked 50 times per day, with small businesses especially vulnerable.
Eleven-hour Microsoft Azure outage hits Northern Europe region (Computing) North Europe Azure outage blamed on datacentre temperature issue - but customers are still complaining this morning
Ericsson apologises for Telstra Wholesale outage (CRN Australia) ALDI, Woolworths Mobile customers affected.
Data breach at CarePartners (North Bay Nugget) One of the province's most well-known home care service providers has become victim of a cyber-attack.
Security Patches, Mitigations, and Software Updates
Vendor Patches Seven Vulnerabilities Across 392 Camera Models (BleepingComputer) Axis Communications AB, a Swedish manufacturer of network cameras for physical security and video surveillance, has patched seven security flaws across nearly 400 security camera models.
Microsoft adds resiliency, redundancy, security to Windows Server 2019 (Network World) Windows Server 2019 upgrades enable greater scalability and more reliable recovery from outages for Shielded Virtual Machines.
Execs don't believe their companies learn the right lessons in cybersecurity (Help Net Security) A majority of executives around the world feel their organizations can do better when it comes to learning from their past cyber mistakes.
Inferring Internet security posture by country through port scanning (Help Net Security) The National Exposure Index aims to better understand global Internet security posture and how exposure levels look around the globe.
EU's data rules may push improvements in PH cybersecurity (Rappler) Any business that will involve EU citizens must comply with the EU's General Data Protection Regulation, spurring Philippine companies to improve practices, says Trend Micro
AT&T, Sprint, Verizon to Stop Sharing Customer Location Data With Third Parties (KrebsOnSecurity) In the wake of a scandal involving third-party companies leaking or selling precise, real-time location data on virtually all Americans who own a mobile phone, AT&T, Sprint and Verizon now say they are terminating location data sharing agreements with third parties.
Verizon Says It Will Stop Selling US Phone Data That Ended Up in Hands of Cops (Motherboard) Verizon and other telcos have been selling phone location data to companies catering to marketers and low level law enforcement. Now, Verizon says it is cutting ties with certain firms that abused that data access.
Huawei calls Australian security fears ‘ill-informed and not based on facts’ (Lightwave) Facing the prospect of being banned from bidding on Australia’s national 5G mobile services roll out, the senior leadership of Huawei Australia issued an open letter to members of the country’s Parliament stating that suggestions the company is an agent of the Chinese Government, and therefore a national security threat, are “ill-informed and not based on facts.”
Kaspersky freezes all European projects in protest over EU ban (CRN Australia) Eugene Kaspersky warns EU's decision "plays into the hands of criminals".
Researchers claim Chrome bug bounty paid to the wrong people (Naked Security) Yubico has been drawn into a rare public spat over how the discovery of a security flaw affecting it products was credited.
Cylance Announces $120 Million Funding Round (TheCourierExpress.com) Cylance Inc., the company that revolutionized endpoint security by delivering AI-powered threat prevention, today announced that it has closed a $120 million funding round led by
CrowdStrike Announces $200 Million Series E Financing Round (BusinessWire) CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced that the company has executed a financing round of over $200 mil
Pondering an IPO, cyber security company CrowdStrike raises $200 million at over $3 billion valuation (TechCrunch) CrowdStrike, the developer of a security technology that looks at changes in user behavior on networked devices and uses that information to identify potential cyber threats, has reached a $3 billion valuation on the back of a new $200 million round of funding. The company’s hosted endpoint s…
How Crowdstrike's $3bn valuation stacks up against its peers (CRN) The endpoint protection vendor has joined the cyberscurity big league following a $200m funding round - but how does its fresh $3bn valuation compare with next-gen and legacy rivals?
Zilliqa Accelerates Development with a $5M Developer Grant Program (BusinessWire) Zilliqa, one of the leading companies solving the issue of blockchain scalability, has announced the details of a $5 million grant program for teams a
Columbia innovation center will work with Cyber Command on new technology (Technical.ly Baltimore) The Maryland Innovation and Security Institute is partnering with U.S. Cyber Command on DreamPort.
A Merger That Would Have Made Crypto Investing Easier Fails (WIRED) The deal would have united a a risk-averse financial trust in Kentucky with a venture-backed startup in Silicon Valley.
Telstra to axe at least 8000 jobs, reorganise management in major overhaul (CRN Australia) Cutting levels of management and spinning off infrastructure business.
Products, Services, and Solutions
Duo Security Brings Zero-Trust Protection to Modern Workforce with Sophos Mobile Integration (Duo Security) Duo Security, a leading provider of zero-trust security with Duo Beyond, today introduced an integration with Sophos Mobile that helps organizations confidently support their growing mobile workforce while ensuring strong mobile security, regardless of whether their end-user devices are personal or corporate-issued.
Palo Alto Networks extends Cyber Range reach through first APAC facility (Security Brief) The Sydney Cyber Range is now the company’s first Asia Pacific Cyber Range facility, and the fourth permanent facility worldwide.
Windmill Announces Rivetz Partnership (PR Newswire) Leading information technology company Windmill...
Pulse Secure Extends Secure Access Capabilities for Microsoft AzureEnables hybrid IT deployment flexibility, scale, resiliency and cost-effective operation | Markets Insider (Business Insider) Pulse Secure, the leading provider of Secure Access solutions to both enterprises and service provider...
Bomgar Enhances Privileged Access Management IGA Integrations and Application Access (BusinessWire) Bomgar, a leader in secure access solutions, today announced the release of Bomgar Privileged Access 18.2. With enhanced integrations with IGA solutio
VirusTotal Monitor: Software That Can’t Run Can’t Eat (Medium) “Software is Eating the World” - Marc Andreessen, 2011
Gigamon’s inline bypass threat prevention helps to secure the network (Intelligent CIO Middle East) Modern enterprises rely on high-speed networks to increase productivity, find innovative solutions and enhance collaboration. However, these increased network data rates and resulting network upgrades can have major consequences for security administrators – especially those who rely on best-of-breed inline threat prevention tools. Gigamon, the company leading the convergence of security and network operations, is
Gemalto Shines at Homeland Security 2018 Biometric Rally (Business Post Nigeria) It was a good outing for Gemalto as its Facial Recognition Solution.
Scan QR Codes Safely with the Trend Micro QR Scanner (CSO) Using your camera and a QR code scanner on your mobile device, it’s easy to scan a code to download an app or go to a website—a bit too easy, ...
Keepsafe launches a privacy-focused mobile browser (TechCrunch) Keepsafe, the company behind the private photo app of the same name, is expanding its product lineup today with the release of a mobile web browser. Co-founder and CEO Zouhair Belkoura argued that all of Keepsafe’s products (which also include a VPN app and a private phone number generator) a…
Nvidia announces availability of Kubernetes on its GPUs (Computing) TensorRT and TensorFlow Integration tools are now also available
Technologies, Techniques, and Standards
Kubernetes is a seachange technology - IT leaders should be at the helm (Computing) Kubernetes is now the de facto standard for deploying cloud applications
Kubernetes skills demand continues to soar – but are organisations dropping the ball on security? (Cloud Tech News) If you have Kubernetes skills then you will almost certainly be in demand from employers. But beware the security risks when getting involved.
This Independent Cybersecurity Product Review Doubles as an outline for how to start threat hunting with existing tools and skills (Bricata) This review serves as more than a demonstration of product capabilities – it also provides an outline for how a security operations center (SOC) can begin hunting threats with a tool the staff already know and use. #ids #ips #threathunting
Design and Innovation
How The NSA Can Use Blockchain To "Connect The Dots" Securely—With Smart Contracts (National Interest) Mass security breaches like the 2013 Snowden data dump could be prevented by putting classified documents on the blockchain.
Cryptography is the Bombe: Britain's Enigma-cracker on display in new home (Register) Replica war-winner now in Bletchley Park's historic Block H
Research and Development
Man 1, machine 1: landmark debate between AI and humans ends in draw (the Guardian) IBM shows off Project Debater, artificial intelligence project designed to make coherent arguments as it processes vast data sets
IBM shows off an artificial intelligence that can debate a human – and do pretty well (USA TODAY) The San Francisco event was the first time anyone outside of IBM was able to witness a live debate between a human and its artificial intelligence system.
SafeBreach Announces Issuance of Breach and Attack Simulation Patents After $15 Million Round of Investor Funding (IPWatchdog) SafeBreach recently announced the issuance of three U.S. patents in the field of breach and attack simulation. This news follows weeks after SafeBreach closed a $15 million series B round of funding involving backing from major payment solutions firm PayPal.
UGA is cyber ready to help state fight hacker attacks (UGA Today) Cybercrime takes one of our society’s great strengths—the Internet—and exploits its weaknesses. The threat seems inescapable, no matter where you are. In 2017, a cyberattack forced the cancellation of thousands of medical operations and appointments at hospitals in the United Kingdom, a blackout in Ukraine was traced to malicious software, and Uber disclosed that hackers …
ECU claims double win at WA Information Technology and Telecommunications Alliance Incite Awards (Community News Group) A maths app and cyber safety program for children added up to a double win for ECU in WA's technology awards
Legislation, Policy, and Regulation
The Unexpected Fallout of Iran's Telegram Ban (WIRED) In Iran, secure messaging app Telegram effectively is the internet. The government blocked it at the end of April.
EU votes for copyright law that would make internet a 'tool for control' (the Guardian) MEPs defy warnings from internet pioneers, civil liberties groups and commercial interests
Europe takes another step towards copyright pre-filters for user generated content (TechCrunch) In a key vote this morning the European Parliament’s legal affairs committee has backed the two most controversial elements of a digital copyright reform package — which critics warn could have a chilling effect on Internet norms like memes and also damage freedom of expression online. …
EU copyright reforms draw fire from internet luminaries as key vote... (Reuters) Europe's attempts to force Google, Microsoft and other tech giants to share revenues with publishers and bear liability for internet content have triggered criticism from internet pioneers ahead of a key vote on Wednesday.
The End of All That's Good and Pure About the Internet (Gizmodo) We regret to inform you that the internet is on red alert once again. On Wednesday, the EU’s Legislative Committee voted to adopt sweeping measures that will upend the web in every way that we know it. Memes, news, Wikipedia, art, privacy, and the creative side of fandom are all at risk of being destroyed or kneecapped.
Bipartisan Senate Vote to Punish ZTE Heightens Pressure on Trump (Bloomberg.com) The U.S. Senate passed legislation on Monday evening that would restore penalties on the Chinese telecom giant ZTE Corp., complicating President Donald Trump’s efforts to ease sanctions on the company.
Are Trump and Republicans headed for a cybersecurity showdown? (Fifth Domain) A meeting between President Donald Trump and top GOP senators over the risks and regulation of Chinese telecom ZTE could indicate the administration's cyber strategy.
Senators demand creation of tech cybersecurity council (Fifth Domain) Security concerns surrounding companies like Russia-based Kaspersky and China-based ZTE have motivated members of the Senate to call for a council to evaluate supply chain vulnerabilities.
Private sector warms to Cyber Command hacking back (Cyberscoop) The U.S. government should decide how to retaliate against the worst attacks on the country’s private sector.
U.S. Cyber Command is best suited to hack back, experts say (Fedscoop) It’s probably not the best idea to allow private companies to retaliate against hackers — that’s a job best suited for the U.S. government, a panel of cybersecurity experts argued this week. The three individuals, with experience in the private sector, intelligence community and military, said at a panel organized by APCO that if companies feel compelled to …
The Argument for a Cyber Response Playbook (The Cipher Brief) The Trump administration has a dozen top cybersecurity priorities ranging from a new national cyber strategy to dealing with increasingly bold nation-state adversaries. One priority – that should be near the top of the stack – may not be obvious, but it is critical: a determined study of the responses to past incidents and …
Analysis | The Cybersecurity 202: 'A wake up call.' OPM data stolen years ago surfacing now in financial fraud case (Washington Post) Lawmakers want to protect the victims.
Fleet Cyber Command has a new leader (Fifth Domain) Vice Adm. Timothy White took command of Fleet Cyber Command.
Litigation, Investigation, and Law Enforcement
WikiLeaks Shares Alleged Diaries of Accused CIA Leaker Joshua Schulte (Motherboard) The secret-spilling organization posted a series of first-person missives allegedly written by Joshua Schulte. The undated letters chronicle Schulte’s arrest and time in jail.
China increases its surveillance state (CSO Online) China plans to add bio-recognition technology to subways and to install RFID chips in vehicle windshields.
Why regulator wants answers from South African insurer Liberty following cyber attack (CNBC Africa) Insurer Liberty Holdings faced questions from South Africa’s Information Regulator on Monday, a day after the company said it had become the victim of a cyber attack. The regulator said it was concerned about the data breach and wanted to meet the insurer to get more details. Liberty’s shares fell 5 percent …
Microsoft's Ethical Reckoning Is Here (WIRED) Revelation of contract with US immigration agency sparks criticism amid family separations
Is shadow IT opening you up to GDPR risk? (Computing) Storing data on a personal database doesn't make the company any less liable
Language Matters When It Comes to a Data Breach (Security Boulevard) While the term "data breach" has been used as a catch-all phrase, not all cyberincidents result in a compromise of data.
Misguided “Bitcoin Baron” Hacker Gets 20-Months (Infosecurity Magazine) Arizona man sent down for DDoS attacks
16 arrested for hacking Internet cafes to mine cryptocurrency (HackRead) The group of hackers mined Siacoin cryptocurrency from hacked computer systems at hundreds of Internet cafes in the country.
How a Nigerian Prince scam victim got his money back after 10 years (Naked Security) The Nigerian prince never showed up but the victim’s $110,000 did, eventually.
Email Mistake Costs Chicago School Employee a Job (Infosecurity Magazine) A Chicago Public Schools employee accidentally sent an email containing student and family data.
Inside the Crypto World's Biggest Scandal (WIRED) One couple thought they held the secret to building a new decentralized utopia. On the way, they plunged into a new kind of hell. A crypto-tragedy in three acts.