Cyber Attacks, Threats, and Vulnerabilities
Group Tied to Russia Attacked ProtonMail (Infosecurity Magazine) ProtonMail was knocked offline for several hours during a DDoS attack.
RANCOR Cyber Espionage Group Uncovered (SecurityWeek) A cyber espionage group that has remained undetected until recently, has been targeting South East Asia with two previously unknown malware families, according to Palo Alto Networks.
NEW BEC Scheme Targets Companies Worldwide (Booz Allen Hamilton) How we found them, and how to protect yourself
PBot adware spams ads & installs cryptominer on Windows PCs (HackRead) The IT security researchers at Kaspersky have discovered an adware written in Python targeting Windows-based computers.
Cybercrime Firm Warns of Rising Reports of Fake WannaCry Ransomware (NewsBTC) Cybercrime involving cryptocurrencies is on the rise. Today, the U.K.’s national reporting center for fraud and cyber crime, Action Fraud, has issued warnings about a new phishing campaign using the infamous WannaCry ransomware.
FireEye hacked off at claim it hacked Chinese military's hackers (Register) Allegation in book mistook RDP recording for real world action, company asserts
FireEye Refutes Claims That It Hacked Back a Chinese APT (BleepingComputer) US cyber-security firm FireEye has denied claims that have been ramping up on social media all last week about illegally "hacking back" a Chinese nation-state cyber-espionage group.
Researchers: Last Year’s ICOs Had Five Security Vulnerabilities on Average (BleepingComputer) Security researchers have found, on average, five security flaws in each cryptocurrency ICO (Initial Coin Offering) held last year. Only one ICO held in 2017 did not contain any critical flaws.
Money-eating cash machine RAT gobbles $17,500 (Naked Security) RAT may be short for Remote Access Trojan, but the word also refers to a well-known type of rodent…
Cryptocurrency-Mining Bot Targets Devices With Running SSH Service via Potential Scam Site (TrendLabs Security Intelligence Blog) Our honeypot sensors, which are designed to emulate Secure Shell (SSH), Telnet, and File Transfer Protocol (FTP) services, recently detected a mining bot related to the IP address 192.158.228.46. The address has been seen to search for both SSH- and IoT-related ports, including 22, 2222, and 502. In this particular attack, however, the IP has landed on port 22, SSH service. The attack could be applicable to all servers and connected devices with a running SSH service.
Millions of Mobile Phones, Tablets Infected With 'Bad Bots' (NBC Bay Area) NBC Bay Area reviewed an eye-opening study, set for release Wednesday, that found millions of mobile phones and tablets are hosting 'bad bots' -- malicious software used discreetly by hackers.
School facial recognition system sparks privacy concerns (Naked Security) A New York school district is hoping to use technology to make its children safer. But not everyone is happy about it.
65% of secondhand memory cards contain previous owners' personal data (Comparitech) Researchers unearthed troves of personal information and sensitive materials including intimate photos, important documents, ID numbers, and contact lists.
Facebook’s Latest Problem: It Can’t Track Where Much of the Data Went (Wall Street Journal) Facebook’s internal probe into potential misuse of user data is hitting fundamental roadblocks: The company can’t track where much of the data went after it left the platform or figure out where it is now.
Facebook sends weekly app emails to wrong people (Naked Security) In another one of those privacy hiccups Facebook is making a habit of lately, the company has admitted accidentally copying some weekly app developer emails to the wrong recipients.
Hundreds of Hotels Affected by Data Breach at Hotel Booking Software Provider (BleepingComputer) The personal details and payment card data of guests from hundreds of hotels, if not more, have been stolen this month by an unknown attacker, Bleeping Computer has learned.
PDQ: We Have Been the Target of a Cyber-Attack (QSR magazine) Data breach affected the chicken chain for close to a year.
How to Avoid Card Skimmers at the Pump (KrebsOnSecurity) Previous stories here on the proliferation of card-skimming devices hidden inside fuel pumps have offered a multitude of security tips for readers looking to minimize their chances of becoming the next victim, such as favoring filling stations that use security cameras and tamper-evident tape on their pumps.
Slack Is Down and I've Never Felt Less Alive (Gizmodo) On Wednesday, Slack confirmed that users worldwide were experiencing difficulty connecting to the workplace messaging service, pledging to investigate the problem and provide updates soon.
Insider Dangers Are Hiding in Collaboration Tools (Dark Reading) The casual sharing of sensitive data, such as passwords, is opening the door to malicious insiders.
Security Patches, Mitigations, and Software Updates
Changes in WebAssembly Could Render Meltdown and Spectre Browser Patches Useless (BleepingComputer) Upcoming additions to the WebAssembly standard may render useless some of the mitigations put up at the browser level against Meltdown and Spectre attacks, according to John Bergbom, a security researcher at Forcepoint.
Microsoft Issues Advisory on Lazy Floating Point State Restore Security Issue (Redmond Magazine) Microsoft earlier this month issued an advisory for the 'lazy floating point state restore' security problem (CVE-2018-3665) that potentially could affect users of Windows and Intel Core processors.
Terrible passwords outlawed in Microsoft’s new Azure tool (Naked Security) Azure AD Password Protection prevents users from setting a password from the company’s list of 500 most common and easily-guessed examples.
macOS Mojave: A visual tour of Dark Mode and other major features (Ars Technica) Our months-long journey into Apple's new OS begins with a visual guide to what's new.
Twitter adds support for login verification with USB security key (Help Net Security) Twitter has moved to improve account security and has begun rolling out the "login verification with a security key" option.
Twitter puts a tighter squeeze on spambots (TechCrunch) Twitter has announced a range of actions intended to bolster efforts to fight spam and “malicious automation” (aka bad bots) on its platform — including increased security measures around account verification and sign-up; running a historical audit to catch spammers who signed up …
Sophos Patches Privilege Escalation Flaws in SafeGuard Products (SecurityWeek) Vulnerabilities in Sophos SafeGuard products allow attackers to escalate privileges and execute code with SYSTEM permissions
Mozilla's Firefox Monitor aims to keep your accounts safe (CNET) The tool will check your email address against a huge database of known data breaches.
Cyber Trends
Confidence wavers in face of evolving cybersecurity threats (Help Net Security) Attacks organizations believed themselves to be most susceptible to in 2017 are shifting in 2018, while the estimated cost of a breach is decreasing.
Farsight Security Global Internationalized Domain Name Homograph Report (Farsight) New report: Farsight Security Global Internationalized Domain Names Homograph Report Q2/2018 - examines the prevalence and distribution of IDN homographs across the Internet by analyzing 11 Million IDN resolutions over a 12-month period focused on over 450 global brands across 11 sectors including finance, retail, and technology.
Farsight Security Announces DNSDB API Key Portability Program (GlobeNewswire News Room) The single API key is platform agnostic, allowing security analysts to apply it to multiple threat intel platforms to strengthen overall security posture with powerful DNS data
Cyber warnings going ignored as 1 in 4 companies are still investigating alerts manually (BAE Systems | Cyber Security & Intelligence) New BAE Systems research shows half of mid-sized businesses name lack of skilled staff as top security monitoring concern.
Stock Exchange Tech Providers Slow to Embrace Blockchain (Wall Street Journal) Technology firms that provide IT infrastructure for stock markets and exchanges have been slow to embrace blockchain even as use of the distributed ledger technology spreads to retail, manufacturing, distribution and other sectors beyond Wall Street, Nasdaq Inc. said in a report Tuesday.
Cybersecurity Professionals Face Challenges on the Path to Automation, Reveals Juniper Networks and Ponemon Institute Report (Nasdaq) 70 percent of respondents say automation is very important for a successful security posture, but more than half are struggling with too many vendors and not enough skilled security personnel to implement
IT chiefs keep obsolete systems running just to keep data accessible (Help Net Security) 89 per cent of IT decision makers in UK enterprises admit they are keeping obsolete systems alive just to keep the historical data accessible.
Cyber security incidents could cost Aussie businesses $29B per year (ARN) Cyber risks lead 66 per cent of Australian businesses to put off digital transformation plans, with security incidents potentially costing organisations $29 billion.
Good News! The Privacy Wins Keep Coming (WIRED) From Carpenter v. United States to a landmark bill in California, privacy advocates sense a shift in what people will accept from Facebook, mobile carriers, and more.
Marketplace
High-Profile Ransomware is Making Boards Cyber Savvy (Infosecurity Magazine) SentinelOne finds funds are more likely to be released for security initiatives
I’m the Security Chief at Huawei. The U.S. Banning Us Won’t Make Americans Safer (Fortune) It could also hurt telecom service in rural areas.
The 9 Companies Behind the A.I. Acquisition Boom (Fortune) They've made more than 60 deals to scoop up talent and new tech.
First Women-Led Cybersecurity Venture Capital Firm Launches (Dark Reading) Chenxi Wang, former Forrester VP of research and Twistlock executive, heads up Rain Capital, with the intent to also help build new startups.
IQ Capital is raising £125M to invest in deep tech startups in the UK (TechCrunch) The rapid pace of technology innovation and applications in recent decades — you could argue that just about every kind of business is a “tech” business these days — has spawned a sea of tech startups and larger businesses that are focused on serving that market, and equally…
Level 39 boosts UK digital economy by connecting startups to investors (Techworld) Head of Level 39, Ben Brabyn shares what makes the UK's biggest tech hub different to accelerators
Balbix raises $20M for a predictive approach to enterprise cybersecurity (TechCrunch) Security breaches are a disaster for corporate companies, but good news if you’re someone who offers preventative solutions. Today in 2018, wide-ranging attacks on the likes of Equifax, Sony Pictures and Target have only added value to those charged with safeguarding companies. Balbix, one su…
Data Protection Firm BigID Raises $30 Million (SecurityWeek) BigID, a company that specializes in helping enterprises secure customer data and complying with regulations like GDPR, raises $30 million in a series B funding round
MORGAN STANLEY: These 3 tech stocks are set to win big as companies spend more on cybersecurity in response to GDPR and other data regulation (Business Insider) Morgan Stanley has high expectations for some cybersecurity companies, but it actually lowered its price target for Symantec after fewer chief security officers said they are using the 36-year-old software company's services.
Vodafone Selects Sandfly Security for the Xone (Sandfly Security) Sandfly Selected for Vodafone Xone Startup Accelerator Sandfly has been selected by Vodafone to participate in their highly regarded Xone accelerator program here in New Zealand. The Xone accelerator gives Sandfly the chance to work ...
Initial coin offerings - could they offer a safer way to invest? (Raconteur) Initial coin offerings could be the new crowdfunding - but without proper regulation they risk becoming the wild west of investment.
Products, Services, and Solutions
aelf adds first tech heavyweights to all-star blockchain Innovation Alliance (CryptoNinjas) aelf, the cloud computing, multi-chain blockchain network, has announced the first technology partners of the
Crowdfense Pays Out $4.5M to Security Researchers in Two Months (PR Newswire) Crowdfense has paid out $4.5 Million in the first two months of its public...
GlobalSign Launches Next-Generation IoT Identity Platform Addressing Critical IoT Device Security Requirements - SSL & Digital Certificates by GlobalSign (GlobalSign) GlobalSign’s solution enables highly scalable identity lifecycle management, including certificate issuance, renewal and revocation, device enrollment and flexible API-driven integrations
SonicWall Leans into Mid-Tier Enterprise Market for Next Phase of Company Growth, Leadership with Expansion of Disruptive Cloud-based Platform (SonicWall) Disruptive, enterprise-grade, cloud-based platform integrates next-generation endpoint, firewall and cloud application security with management, reporting, analytics and cyber threat visibility
Pulse Secure Launches Virtual Application Delivery Controller Solutions in Google Cloud Platform (GlobeNewswire News Room) Pulse Secure Virtual ADC extends application availability and protection to the Google Cloud Platform to help defend mission critical applications from advanced persistent threats
Hedera Hashgraph Joins Trusted IoT Alliance to Provide Fortune 500 Companies Early Access to Distributed Ledger Technology (Hedear Hashgaph) The Hedera hashgraph platform will offer a public, distributed ledger that enables globally distributed applications.
Datadog Accelerates DevSecOps, Zero Trust Strategy with Cyxtera’s AppGate SDP (Cyxtera) Cyxtera Technologies, the secure infrastructure company, today announced that Datadog, a leading monitoring platform for cloud-scale applications, has successfully implemented AppGate SDP, a network security solution that dynamically creates encrypted, one-to-one network connections for secure user access.
Accenture Security Builds Out Cyber-Resilience Capabilities (eWEEK) VIDEO: Tom Parker, managing director of Accenture Security, discusses how organizations can improve cyber-resilience with threat intelligence and coached breached simulations.
Chubb announces enhanced cyber response capabilities (Insurance Business) Insurer has expanded its incident response network and launched a mobile app and dedicated website
Threat X Extends Leading SaaS-Based WAF Solution with Enhanced Threat Detection and Neutralization Capabilities (BusinessWire) Threat X extends leading SaaS-based WAF solution with enhanced threat detection and neutralization capabilities.
ISRAEL/UKRAINE : BLER forges Israeli-Ukrainian interceptions alliance (Intelligence Online) Israel's Avnon Group recently teamed with the Ukrainian firm Cyberio to develop an interception and social network monitoring system.
VPN Comparative Test (AVTest) In April 2018, AV-TEST performed a test of Virtual Private Networks (VPN) solutions. VPNs have been reviewed in its different fields of p
The $5 Million Surveillance Car That Hacks iPhones From 500 Meters (Forbes) A Cyprus-based surveillance company claims to have built a car full of next-generation snooping kit that can infect Apple and Google phones from as far away as 500 metres.
Technologies, Techniques, and Standards
The Next Generation of Wi-Fi Security Will Save You From Yourself (WIRED) With better password security and idiot-proof IoT connections, WPA3 will make your internet experience much, much safer.
You used to build a wall to keep them out, but now hackers are destroying you from the inside (WIRED UK) How do you keep data dafe when the enemy has already breached your defences?
Why Bitcoin’s about to give up one of its closely guarded secrets (Naked Security) Roll up, roll up, the Bitcoin Core developers are finally set to reveal the cryptocurrency’s alert key.
Why agencies are shifting from cyberdefense to digital resilience (Fedscoop) A growing cadre of federal IT leaders recognize that fortifying their defenses is no longer enough to protect their agencies amid the rising tide of cyberthreats. The reality is that cybersecurity threats are evolving quicker than most agencies can respond. Nearly 7 in 10 federal civilian agency IT leaders — and more than half (55 …
Cyberbit Hosted a First Joint Cyberdefense Exercise for German and Israeli Financial Institutions (Markets Insider) Cyberbit Ltd., a world leading provider of cybersecurity simulation and IT/OT detection...
The Next Big Lesson for Security: Context is King (Infosecurity Magazine) We need higher-fidelity alerts contextualized across multiple facets of a system.
Here’s What Network Threat Hunting Means, Why It Matters, and How... (Bricata) Threat hunting is a way to identify threats that current security defenses are not detecting – and transition to a proactive rather than reactive security posture. This post defines network threat hunting, explains why it matters and offers expert tips for...
Security risks when adopting a cloud based phone system (Best in Australia) Unfortunately, the cloud does have its share of security problems – something that about 90% of companies are at least moderately concerned about.
Design and Innovation
Are Cryptocurrencies at Risk of Quantum Hacking? (Edgy Labs) Quantum computers are just over the horizon, and so is quantum hacking. Will cryptocurrencies be able to survive this next level of data security?
New Blockchain Claims It Is Resistant To Quantum Computing Attacks (BlockTribune) The QRL Foundation claims it has developed a Quantum Resistant Ledger, (QRL) a distributed ledger resistant to both traditional and quantum computing attacks.
The QRL boasts that it is “cryptography with longevity, a post-quantum secure blockchain featuring a stateful signature scheme and unparalleled security.” Read more »
Talking to Google Duplex: Google’s human-like phone AI feels revolutionary (Ars Technica) Believe the hype—Google's phone-call bot is every bit as impressive as promised.
Research and Development
Researchers release app that masks printers' tracking dots (Help Net Security) Did you know that nearly all modern color laser printers put tracking patterns of tiny yellow dots on each piece of paper they print?
Kiwi partnership keeping a 'vigilant' eye on fraudsters (Security Brief) "While some systems claim to be using artificial intelligence to analyse transactions, this is the most sophisticated tool available in New Zealand."
Academia
US cyber defence challenge brought to Australia (iTnews) For high school students.
Legislation, Policy, and Regulation
EU Set for New Cyber-Response Force (Infosecurity Magazine) Lithuanian proposal already has several member states on board
Norway’s National Security Agency warns IT industry about security obligations (ComputerWeekly) IT service providers serving organisations in Norway have received a timely reminder about their security obligations.
‘We need to be impatient’: Estonia’s No. 2 defense official dives into NATO priorities (Defense News) As a border state with Russia, Estonia is well aware it is ground zero for any potential conflict between Moscow and NATO.
GERMANY : Uncertainty over German cyber-attack capacities (Intelligence Online) A study by experts of the Bundestag's research department, the
China’s cyberlaw is unfair, dangerous – and a model to follow (South China Morning Post) Daniel Wagner says critics are right to say the law gives Chinese companies an unfair edge and raises important privacy concerns. The fear is that other countries are more likely to adopt this model than the EU’s more cumbersome one favouring rights protection
Lawmakers ask Commerce Department to clarify impact of ZTE ban on US firms (South China Morning Post) A group of lawmakers behind a campaign to reinstate the US ban on ZTE Corp have called on the Commerce Department to clarify how the sanctions affect American companies using products made by the Chinese telecom giant....
Washington Needs a New Solarium Project To Counter Cyberthreats (Foreign Policy) President Eisenhower confronted the unprecedented nuclear threat of the 1950s with a novel exercise. The United States needs a similar approach to tackle today's cyber…
Wargaming Moscow's Virtual Battlefield (The Cipher Brief) Bottom Line: Russian involvement in the information domain includes electronic warfare, espionage and active measures like disinformation, propaganda, psychological pressure, destabilization of society and influence of foreign media.
Don't Underestimate Economic Side of Russia's Cyber Warfare (The Cipher Brief) Russia knows how to spread chaos in American politics, but it may pose a far greater threat to the U.S. economy and the infrastructure it depends on
Trump Eases Demand for New Tools to Limit Chinese Investment (Wall Street Journal) President suggests he will rely on 1988 law being updated by Congress that lets U.S. review foreign investments
IEEE Calls for Strong Encryption (Dark Reading) Newly issued position statement by the organization declares backdoor and key-escrow schemes could have 'negative consequences.'
All the services get new cyber commanders (Fifth Domain) Each service cyber component command is getting a new commander relatively around the same time.
Whitworth Assigned to National Security Agency (SIGNAL) Rear Adm. Frank D. Whitworth, USN, will be assigned as deputy chief, tailored access operations (S-32), Signal Intelligence Directorate, National Security Agency, Fort Meade, Maryland.
Privacy Coins Are 'One of the Greatest Emerging Threats to U.S. National Security,' States US Congressman (Bitcoinist.com) The U.S. Secret Service is urging Congress to take a good look at privacy-focused cryptocurrencies like Monero and Zcash.
Litigation, Investigation, and Law Enforcement
NSA Leaker Winner Pleads Guilty. (Infosecurity Magazine) Contractor facing over five years behind bars
Reality Winner pleads guilty after being unmasked by microdots (Graham Cluley) Reality Winner, the US government contractor who leaked top secret documents about Russian hacking, has pleaded guilty.
Eight Arrested in Africa-Based Cybercrime and Business Email Compromise Conspiracy (US Department of Justice) In accordance with the Justice Department’s recent efforts to disrupt business email compromise (BEC) schemes that are designed to intercept and hijack wire transfers from businesses and individuals, including many senior citizens, the Department announced Operation Keyboard Warrior, an effort coordinated by United States and international law enforcement to disrupt online frauds perpetrated from Africa. Eight individuals have been arrested for their roles in a widespread, Africa-based cyber conspiracy that allegedly defrauded U.S. companies and citizens of approximately $15 million since at least 2012.
Eight Arrested for Roles in Email Fraud Schemes (SecurityWeek) Eight individuals were arrested for their roles in a widespread, Africa-based business email compromise (BEC) operation.
Insider threat becomes reality for Elon Musk (CSO Online) Every company needs to worry about the insider threat and Tesla is no exception. Now, Tesla has sued former employee Martin Tripp for sabotage and intellectual property theft.