Cyber Attacks, Threats, and Vulnerabilities
China Escalates Hacks Against the US as Trade Tensions Rise (WIRED) A hacking truce between China and the US doesn't address government espionage operations, a workaround both countries exploit.
GZipDe: An Encrypted Downloader Serving Metasploit (AlienVault) At the end of May a Middle Eastern news network published an article about the next Shanghai Cooperation Organization Summit. A week ago, AlienVault Labs detected a new malicious document targeting the area. It uses a piece of text taken from the report as a decoy:This is the first step of a multistage infection in which several servers and artifacts are involved. Although the final goal seems to be the installation of a Metasploit backdoor, we found an interesting .NET downloader which uses
XPS Attachment Used for Phishing (SANS Internet Storm Center) While Phishing is never a good thing, it is interesting to see something different than your normal phishing attempt.
Malicious code disguised as YouTube star’s photos (Korea Herald) Internet users have been warned not to click on links with titillating titles such as “leaked images of a YouTube star,” as their computers could become infected with malicious code.
Necurs Poses a New Challenge Using Internet Query File (TrendLabs Security Intelligence Blog) Our last report on the Necurs botnet malware covered its use of an internet shortcut or .URL file to avoid detection, but its authors seem to be updating it again. Current findings prove that its developers are actively devising new means to stay ahead of the security measures...
Office 365 users targeted by phishers employing simple HTML tricks (Help Net Security) Phishers are using a simple but effective trick to fool Microsoft's NLP-based anti-phishing protections and Office 365 users into entering their login credentials into spoofed login pages.
Microsoft Office: The Go-To Platform for Zero-Day Exploits (Dark Reading) Malicious Office documents are the weapon of choice among cybercriminals, who use files to access remotely hosted malicious components.
Oregon.Gov Email Domain Remains Blacklisted (Infosecurity Magazine) A successful phishing campaign leaves oregon.gov email on many blacklists.
Banking Trojans and cryptojacking on the rise (Help Net Security) The Morphisec Labs Threat Report q1 2018 shows banking Trojans and cryptojacking are on the rise, at least one fileless technique identified in each threat.
Why cybercriminals are turning to cryptojacking for easy money (Help Net Security) Despite still being generally regarded as a somewhat minor threat, cryptojacking can have a huge impact on your oganization.
The Pirate Bay is down - Here are its alternatives & Dark Web domain (HackRead) The Pirate Bay is down - Here are its best alternatives and link to the dark web domain which is still up and running online.
Click2Gov Breaches Attributed to WebLogic Application Flaw (Dark Reading) At least 10 US cities running Click2Gov software have alerted citizens to a data breach, but it turns out the problem was in the application server.
A huge spreadsheet naming ICE employees gets yanked from GitHub and Medium (TechCrunch) A massive database of current U.S. Immigration and Customs Enforcement (ICE) employees scraped from public LinkedIn profiles has been removed from the tech platforms hosting the data. The project was undertaken by Sam Lavigne, self-described artist, programmer and researcher in response to recent r…
Twitter punishes users for doxing White House advisor Stephen Miller (Ars Technica) Miller is an architect of Trump's controversial family separation policy.
ACLU Warns on Forced Malicious Software Updates (Infosecurity Magazine) The ACLU has issued guidance on how software developers should deal with demands on malicious security updates
Security Patches, Mitigations, and Software Updates
Four New Vulnerabilities in Phoenix Contact Industrial Switches (Dark Reading) A series of newly disclosed vulnerabilities could allow an attacker to gain control of industrial switches.
Why you may want to update your browser in the next 9 days (Naked Security) Want to keep shopping online? If you’re using an old browser you may find yourself locked out of PCI-compliant (e-commerce) websites.
Geopolitical Instability Is CISOs' Latest Challenge (BankInfo Security) The latest challenge to face CISOs: Finding the best way to keep their organization secure while at the same time navigating political edicts that may lack any
Ex-’Israeli NSA’ chief: Cyber doomsday scenario avoidable (The Jerusalem Post) Zafrir said he was concerned that technology and network administrators “will lose confidence in the network."
Infosecurity Europe Survey: Security Pros Gearing up for Rise in Nation-State Attacks (The State of Security) At Infosecurity Europe 2018, Tripwire surveyed 416 attendees to see what the future of nation-state attacks might look like.
Unrestricted access to systems and files exposes organizations to cybercrime (Help Net Security) Organisations are leaving themselves vulnerable to the threat of cybercrime with too many employees being able to access any files on their company network.
Will Employees’ Lack of IT Skills Lead to Security Issues in Future? (Infosecurity Magazine) Why better skilled people will make us more secure, but we're not heading in the right direction.
Dixons Carphone reports 24% fall in annual profits in wake of cyber attack (Eastern Daily Press) Annual profits at Dixons Carphone have slumped by almost a quarter – and the group has warned that cost pressures will continue to squeeze its margins.
PayPal to buy Simility, a specialist in AI-based fraud and risk management, for $120M (TechCrunch) Payment provider PayPal continues apace with its acquisitions streak to bring more modern tools into its platform to serve its 237 million customers. Today the company announced that it is buying Simility, a fraud prevention specialist, for $120 million in cash. PayPal had been an investor in Simil…
Cyber Intelligence Firm Intsights Raises $17 Million (SecurityWeek) Israel-born startup Intsights Cyber Intelligence has raised $17 million in a Series C funding to support its cyber reconnaissance capability and global expansion.
HPE splashes $4B on 'intelligent' edge products and services (Fierce Telecom) Hewlett Packard Enterprises (HPE) is making a big bet on the development of edge products and services across several technology domains.
Two contractors get $6.5 million to support Army Cyber's insider-threat monitoring (Fedscoop) Army Cyber Command is awarding a $6.5 million contract to two companies to help it prevent workers from exposing valuable information on the command’s networks, according to an announcement from contractors Applied Insight and DV United. The five-year contract covers the management and maintenance of User Activity Monitoring Program, which Army Cyber uses to look …
KeyW National Intelligence Sector Maintains CMMI Development Maturity Level 3 Status (ExecutiveBiz) CMMI Institute maintained the level 3 Capability Maturity Model Integration status for development of KeyW Holding‘s national intelligence sector after a re-appraisal conducted on June 6. The re-assessment for development V1.3 maturity, held every three years, involved the review of artifacts and examination of workers on performance in CMMI process areas, the company said Tuesday. “We’re proud...
Accenture adding 1K DC-area cyber jobs, opens Rosslyn Cyber-Fusion center (WTOP) Accenture opened a new flagship Cyber Fusion Center at 1201 Wilson Blvd. in Rosslyn, Virginia, on Wednesday.
Products, Services, and Solutions
New infosec products of the week: June 22, 2018 (Help Net Security) New infosec products of the week include releases from the following vendors: ExtraHop, Pulse Secure, Trend Micro, and Twistlock.
FireEye and Gigamon Announce Global Partnership to Improve Security Effectiveness and Efficiency for Joint Customers (Gigamon) Strategic alliance combines next generation network packet broker capabilities with sophisticated threat management to bring greater protection and resilience to customer security infrastructures.
Cylance® Extends AI-Driven Security to Hybrid Environments and Private Networks With CylanceHYBRID and CylanceON-PREM (BusinessWire) Cylance Inc., the company that revolutionized endpoint security by delivering AI-powered threat prevention, today announced the availability of Cylanc
Aella Data Launches Starlight 2.0, Security Industry’s first AI-Driven Multi-Tenant Breach Detection System; Announces MSSP Partner Program (BusinessWire) New multi-tenant capability improves operational efficiency and reduces costs for MSSPs
NanoLock Launches Platform to Protect IoT Devices From Production Through End-of-Life (SecurityWeek) Cybersecurity start-up NanoLock Security announced a new lightweight security platform designed to add security into IoT devices, rather than to overlay security around those devices.
Syniverse launches global private network (Help Net Security) Syniverse Secure Global Access is a private, secure, global network that provides the foundation for businesses to reliably safeguard mission-critical data.
Blockchain update: Microsoft and EY release a blockchain to manage digital rights and royalties (Computing) Gaming firm Ubisoft is among the first to try it
Plurilock Partners With Carahsoft to Bring Continuous Identity Assurance to Federal Agencies (PR Newswire) Plurilock Security Solutions and Carahsoft...
Fortinet optimizes web application firewall with new machine learning capabilities (ETCISO.in) Two-step AI-based machine learning innovations to FortiWeb provide a dramatic increase in detecting web application threats with nearly 100 percent ac..
Oxford BioChronometrics is One of the Few Companies Truly Fighting Digital Ad Fraud (Equities.com) The cost of ad fraud to brands will reach $44 billion by 2022. Here's how Oxford BioChronometrics is helping businesses fight back.
Technologies, Techniques, and Standards
Sneaky Web Tracking Technique Under Heavy Scrutiny by GDPR (Threatpost) Don’t expect tracking methods such as browser fingerprinting to disappear anytime soon, even with GDPR, warns the EFF.
NSA ‘Systematically Moving’ All Its Data to The Cloud (Nextgov.com) The National Security Agency is all-in on cloud.
Netanyahu simulates cyberattack to demonstrate security challenges (Times of Israel) 'Our airlines can be brought down, our fighter planes can be brought down,' the prime minister warns at conference in Tel Aviv.
The US made the wrong bet on radiofrequency, and now it could pay the price (C4ISRNET) “It’s not that we disarmed, it’s that we took a path that they have now figured out,
How to identify malicious & fake WiFi hotspots in the wild (HackRead) How to identify malicious and WiFi hotspots? Here is a tool that lets you bust fake WiFi hotspots within no time based on your location.
AppSec in the World of 'Serverless' (Dark Reading) The term 'application security' still applies to 'serverless' technology, but the line where application settings start and infrastructure ends is blurring.
7 Places Where Privacy and Security Collide (Dark Reading) Privacy and security can experience tension at a number of points in the enterprise. Here are seven - plus some possibilities for easing the strain.
Design and Innovation
Introducing the Technology Pioneers Cohort of 2018 (World Economic Forum) The Technology Pioneers cohort of 2018 brings together 61 early-stage companies from around the world that are pioneering new technologies and innovations ranging from the use of artificial intelligence in drug discovery, the development of autonomous vehicles, advancing cybersecurity and reducing...
The future of AI relies on a code of ethics (TechCrunch) As the AI revolution continues to accelerate, new technology is being developed to solve key problems faced by consumers, businesses and the world at large. Our reliance on AI will deepen, inevitably causing many ethical issues to arise as humans turn over to algorithms their cars, homes and busine…
Artificial Intelligence & the Security Market (Dark Reading) A glimpse into how two new products for intrusion detection and entity resolution are using AI to help humans do their jobs.
Research and Development
Peter Cochrane: Is AI Schrödinger's brain? (Computing) Artificial intelligence today is barely intelligent at all. So what will it take for true AI to be developed, asks Peter Cochrane?
Top intelligence officials fear U.S. behind in quantum computing, cyber (Fifth Domain) A top National Security Agency official said the intelligence community should concentrate on innovation related to cybersecurity.
SUU recognized for cyber defense education (GOOD4UTAH) The National Security Agency (NSA) and the Department of Homeland Security (DHS) have designated Southern Utah University as a National Center of Academic Excellence in Cyber Defense Education.
Casper College Offers New Sign Language, Cyber Security Degrees (K2 Radio) The revamped cyber security degree program trains students to find and remove data from digital media and protect computer information systems from malignant uses.
Legislation, Policy, and Regulation
How cyber's forward defense could backfire (Axios) Taking the attack to the enemy can have awkward consequences in cyber warfare.
Analysis | The Cybersecurity 202: 'A wake up call.' OPM data stolen years ago surfacing now in financial fraud case (Washington Post) Lawmakers want to protect the victims.
Litigation, Investigation, and Law Enforcement
Reality Winner to take a plea deal in NSA leak case (Atlanta Journal-Constitution) The former NSA contractor is accused of leaking government intelligence
Former Israeli minister arrested for allegedly spying for Iran (Asia Times) The arrest reveals the seedy underbelly of the Israeli security elite: communities of expats in Africa involved in illicit trade and illegal activity
Former employee sued by Tesla says he was a whistleblower, alarmed by company practices and Elon Musk (Washington Post) The lawsuit adds a new layer of intrigue to a company already consumed with production pressures and internal suspicions about a conspiracy.
Tesla enhances security following report of ex-employee threat (Engadget) The Tesla Gigafactory has enhanced security after a threat from former employee Martin Tripp.
Tesla lawsuit target called “horrible human being” by CEO Elon Musk (Ars Technica) Tripp: "Putting cars on the road with safety issues is being a horrible human being!"
A Tesla telenovela (TechCrunch) Tesla’s lawsuit against a former employee was filed just 24 hours ago and it’s already ripe fodder for Hollywood. As CEO Elon Musk has noted in the past, Tesla is a real drama magnet. Get ready, it’s exhausting. Tesla filed the lawsuit against former employee Martin Tripp for $1 m…
Elderly victims conned out of millions by tech support scammer (Naked Security) The FTC has been battling tech support scams for years, especially ones targeting older citizens who are seen by fraudsters everywhere as susceptible to these cons.
Euro cops bust 95 criminals responsible for EUR8 million in online fraud (Finextra Research) Police forces across Europe have made over 95 arrests of criminals who set up fake Web shops offering too-good-to-be-true product prices as a front for stealing card details.
Bumbling Hacker "Bitcoin Baron" Sentenced to 20 Months in Prison (BleepingComputer) A hacker once considered "the Internet's most inept criminal" received on Monday a prison sentence of 20 months in prison for launching DDoS attacks against the city of Madison, Wisconsin —attacks which caused delays and outages to various municipality services, including its 911 emergency call center.
L.A. County Selects IBM Security Services to Review Voter Roster Error (SCVNews.com) Los Angeles County has engaged information technology leader IBM Security Services to conduct an independent review and evaluation of the systems and procedures used in the production and printing of voter rosters for the June 5 Statewide Direct Primary Election.