Cyber Attacks, Threats, and Vulnerabilities
Exclusive: Ukraine says Russian hackers preparing massive strike (Reuters) Hackers from Russia are infecting Ukrainian companies with malicious software to create "back doors" for a large, coordinated attack, Ukraine's cyber police chief told Reuters on Tuesday.
Ukraine Cyberpolice Chief Alleges Russian Hackers Preparing Massive Strike (RadioFreeEurope/RadioLiberty) The head of Ukraine's cyberpolice has claimed that Russian hackers are infecting computer systems of Ukrainian firms with malware to establish "back doors" for a large-scale coordinated attack.
Russia is preparing a huge cyberattack, Ukraine warns (Newsweek) The head of Ukraine's cyber police said the preparation that's been detected could only have been done by Russian hackers.
Russian Hackers Planning 'Massive Strike' Against Ukraine: Cyber Police Chief (Insurance Journal) Hackers from Russia are infecting Ukrainian companies with malicious software to create "back doors" for a large, coordinated attack, Ukraine's cyber
Cyber-Espionage Campaigns Target Tibetan Community in India (SecurityWeek) Two cyberespionage campaigns targeting the Tibetan community based in India appear to be the work of Chinese actors
A New Twist In SSDP Attacks (Arbor Networks Threat Intelligence) Arbor ASERT has uncovered a new class of SSDP abuse where naïve devices will respond to SSDP reflection/amplification attacks with a non-standard port. The resulting flood of UDP packets have ephemeral source and destination ports, making mitigation more difficult - a SSDP diffraction attack. This behavior appears
NSA-Linked Implant Patched to Work on Windows Embedded (SecurityWeek) DoublePulsar, one of the hacking tools the Shadow Brokers supposedly stole from the NSA-linked Equation Group, can now run on Windows Embedded devices
The New Face of Necurs: Noteworthy Changes to Necurs’ Behaviors (TrendLabs Security Intelligence Blog) We discovered noteworthy changes in how Necurs makes use of its bots: pushing infostealers on them and showing an interest in certain characteristics.
Amid DDoS, No Smooth Sailing For Travel Firms (PYMNTS.com) Faster payments are smarter payments. Safer payments are smarter payments, too. However, though speed matters, so does safety. In a world where faster payments are becoming more mainstream, including 12 countries with established Real-Time Payments systems and 45 others in various stages of development, it’s no wonder that security remains top of mind for stakeholders. […]
Hotels, airlines and travel sites battle bot attacks (ZDNet) Attackers in certain countries appear to have a particular focus on breaching organisations operating in the travel sector.
Akamai: DDoS attacks on the rise, become more specialized (CSO Online) Akamai's new State of the Internet/Security: Web Attack report says DDoS attacks increased 16% since 2017. It also says China and Russia launch the most credential abuse attacks on the hospitality industry.
1 in 17 Mobile Devices Used to Conduct Bad Bot Attacks on Websites (Distil Networks) Research from Distil Networks reveals mobile as the new frontier for malicious bots
Mobile Bots: The Next Evolution of Bad Bots (Distil Networks) From the early 2000s, bots have been roaming the internet, some beginning as useful tools but have evolved over time to increasingly abuse and de-fraud businesses.
Windows Settings Shortcuts Can Be Abused for Code Execution on Windows 10 (BleepingComputer) A new file type format added in Windows 10 can be abused for running malicious code on users' computers, according to Matt Nelson, a security researcher for SpecterOps.
Unpatched WordPress Flaw Leads to Site Takeover, Code Execution (SecurityWeek) A file deletion vulnerability that remains unpatched 7 months after being reported allows complete takeover of WordPress sites and arbitrary code execution, but exploitation requires authentication
Yet another massive Facebook fail: Quiz app leaked data on ~120M users for years (TechCrunch) Facebook knows the historical app audit it’s conducting in the wake of the Cambridge Analytica data misuse scandal is going to result in a tsunami of skeletons tumbling out of its closet. It’s already suspended around 200 apps as a result of the audit — which remains ongoing, with…
Fastbooking Hack Leaves Japan Hotel Red-Faced (SecurityWeek) Hundreds of hotels had customer data stolen as a result of a breach suffered by Fastbooking, a France-based company that provides e-commerce solutions for the hotel industry
Music fans' payment details stolen in cyber attack on Ticketmaster UK (The Telegraph) Ticketing website Ticketmaster has suffered a cyber breach affecting 5pc of customers including payment details, the company admitted today.
Marketing Firm Leaked Database With 340 Million Records (WIRED) The leak may include data on hundreds of millions of Americans, with hundreds of details for each, from demographics to personal interests.
Online Betting Site Left Employees' Logins and Passwords Open to Hackers (Motherboard) The British betting site BetVictor allegedly left several administrative logins and passwords exposed through a search feature on its site, potentially allowing hackers to break into its internal systems.
OMG! I just received someone else’s security camera footage! (Naked Security) The opposite of serendipity – a security camera service sent video alerts to the wrong user… who just happened to be a BBC staffer.
CHEW on This: How Our Digital Lives Create Real World Risks (SecurityWeek) Securing applications and understanding vulnerabilities in code and IT systems will always be important. But today security pros must open their eyes to a much bigger picture.
How Facebook and Google nudge users to make anti-privacy choices (Help Net Security) Facebook, Google and Microsoft use anti-privacy dark patterns to steer users toward sharing more information about themselves to benefit those businesses.
Are you happy with this technology that Facebook’s developing? (Naked Security) New patents suggest Facebook’s going to soon know when you’re asleep, when you’re awake, and is going to have a good guess at when you’re going to die.
Controversial ‘hack back’ debate undecided after new details (Fifth Domain) A new book has added to a long-running debate regarding whether a company should be able to retaliate in cyberspace.
Security Patches, Mitigations, and Software Updates
New Details Leak on Security Flaw That Led OpenBSD to Disable Hyper-Threading (ExtremeTech) A new security report indicates issues with Hyper-Threading can leak cryptographic information in certain cases, but evidence points against this being a Spectre or Meltdown-class failure.
91% of critical incidents involve known, legitimate binaries like PowerShell (Help Net Security) Opportunistic threat actors are leveraging trusted tools, like PowerShell, to retrieve and execute malicious code from remote sources.
Q1 2018 Quarterly Threat Report (eSentire Managed Detection and Response) The Q1 2018 Quarterly Threat Report provides a quarterly snapshot of threat events investigated by the eSentire Security Operations Center (SOC). Download the report to see what attacks targeted mid-sized organizations in Q1 and learn how you can protect your business against them.
Cybercriminals will gravitate to criminal activity that maximizes their profit (Help Net Security) The McAfee Labs Threats Report June 2018 examines the growth and trends of new malware, ransomware, and other threats in Q1 2018.
Coin Miner Malware Spikes 629% in 'Telling' Q1 (Dark Reading) Drastic growth suggests adversaries are learning how they can maximize rewards with minimal effort.
What You Need To Know - Summer 2018 State of the Internet / Security: Web Attack Report (Akamai) It's that time of year - the Summer 2018 State of the Internet / Security: Web Attack report is now live. This new naming schema is just one of the many changes you'll notice if you're a returning reader of...
IoT security a concern, but most lack way to detect attacks on ICS (CSO Online) Industrial organizations are concerned about IoT security, with 77% believing their ICS network will suffer an attack. Yet nearly half have no measures in place to detect such an attack.
Cyber Researchers Don’t Think Feds or Congress Can Protect Against Cyberattacks (Nextgov.com) Only 15 percent of cyber researchers think the U.S. can defend against a critical infrastructure cyberattack, according to a survey.
Five Predictions for GDPR (Security Boulevard) #1 Over half of companies are still not ready for GDPR. To be honest, this number might even be higher.... The post Five Predictions for GDPR appeared first on Data Security Blog | Thales e-Security.
Cyber Risk at All-Time High for UK Financial Sector (Infosecurity Magazine) Bank of England survey respondents rate it second overall
Kaspersky Lab talks with Canberra to prevent US-like ban (ZDNet) The Russian-based security vendor met with the prime minister's office to tout its new transparency centre initiative and proactively prevent the Australian government from following the United States in banning its use.
Huawei Australia's John Lord hits back at claims of a 5G ban (CRN Australia) Chairman fronts media to dispel "myths".
Splunk Acquires VictorOps, Accelerates DevOps Development and Customer Success (ReadITQuik) Splunk paid an aggregate purchase price of roughly $120 million for the transaction in cash and Splunk securities.
BitSight, a provider of security ratings, raises $60M at a valuation of around $600M (TechCrunch) As the tech world continues to grapple with how best to deal with the growing issue of malicious hacking and other security breaches, a startup that has developed a ratings system to track how well businesses are faring has raised a large growth round to expand its business. BitSight, which provide…
Social SafeGuard Raises $11 Million to Counter Digital Threats (PRWeb) Social SafeGuard, a leading provider of software for digital risk protection, today announced that it has raised $11 million in new funding from AllegisCyber,,,
Cynet Raises $13M to Fuel Growth, Provides Solution to Organizations Looking to Make Security Easy (BusinessWire) Cynet, pioneers of the holistic detection and response platform (www.cynet.com), understood the urgent need for a comprehensive answer to organization
Booz outlook bright as defense spending ramps up (Washington Technology) Booz Allen Hamilton sees its backlog and revenue growing amid an improving services market environment and a focus on internal controls after security breaches.
Rain Capital looks to fund cybersecurity startups in a post-Cambridge Analytica world (PitchBook) We spoke with Chenxi Wang, who spent more than a decade in cybersecurity before launching Rain Capital, about her new fund and the difficulties of raising money as a woman and first-time fundraiser.
CIT Advances Regional and National Network to Source, Qualify and Close Deals (GlobeNewswire News Room) Investments in Over 200 High-Potential Early-Stage Companies Across the Commonwealth Opens Doors for Current and Future Portfolio Companies
Virsec Expands Global Sales, Technology and Strategic Alliances Teams with Four Executive Appointments (GlobeNewswire News Room) Leader in Combatting Fileless Attacks that Weaponize at Runtime Appoints Industry Experts to Accelerate Growth
Jasen Meece to head business development for Gurucul (Help Net Security) Jason Meece will oversee sales, business development, channel and partnership programs, and their go-to-market strategies.
Mike Hale Named CACI National, Cyber Solutions Group EVP; DeEtte Gray Comments - GovCon Wire (GovCon Wire) Mike Hale, formerly vice president and intelligence community client executive at CACI International
Products, Services, and Solutions
Cyberbit Provides Enhanced Visibility Into OT Networks With Release 6.0 of SCADAShield (PR Newswire) Cyberbit Ltd., a world leading provider of cybersecurity simulation...
Threat X extends SaaS-Based WAF solution with threat detection (Help Net Security) Threat X capabilities capitalize on machine learning and attacker profiling to automate the precise detection and neutralization of advanced threats.
Versasec announces vSEC:CMS S5.2 (Versasec) Latest Release of Flagship Identity and Access Management Solution Also Focuses on Certificate Authorities and Management of Client Components
Inbox Security Scan identifies and protects critical online accounts (Help Net Security) Dashlane Inbox Security Scan scans your email inbox, finds all the accounts you've created using that email, and offers a security analysis.
Proficio’s ProView Plus Portal provides clients with ThreatInsight (Help Net Security) ThreatInsight Scoring Dashboard leverages advanced analytics to reveal blind spots in an organization’s security controls.
Zscaler Announces Integration with Microsoft Cloud App Security (CSO) Interoperability between Zscaler and Microsoft Cloud App Security solutions enable secure and seamless adoption of SaaS services for enterprise customers
Hide My Ass Pro 4 review: A noticeable upgrade with great speeds (PCWorld) HMA Pro 4 looks similar to version 3, but it adds some excellent design improvements, new features, and faster speeds.
The University of Minnesota Enables Secure IoT Deployments and Simplifies Network Management with Aruba Mobile-First Infrastructure (Taiwan News) The University of Minnesota Enables Secure IoT Deployments and Simplifies Network Management with Aruba Mobile-First Infrastructure
Technologies, Techniques, and Standards
WPA3 is here but how will it make Wi-Fi more secure? (Naked Security) New Wi-Fi security standards don’t come along very often but the Wi-Fi Alliance has just formally launched one, Wi-Fi Protected Access 3, or WPA3.
“Safer hops for email” – EFF’s plan to cut down on email snooping (Naked Security) STARTTLS is the email command that switches into encrypted mode. EFF just announced “STARTTLS Everyhere” to get everyone on board…
Free Thanatos Ransomware Decryptor Released (SecurityWeek) Cisco Talos releases free decryption tool to help victims of the Thanatos ransomware recover their files without paying the ransom
UAE Banks Federation Organizes ‘Tasharuk’ Workshop to Increase Awareness About Cyber Threat Intelligence Sharing Platform (Albawaba Business) With the objective of providing deeper insights on its cyber threat intelligence sharing platform, the UAE Banks Federation (UBF) today, June 26, 2018, hosted a workshop on ‘TASHARUK’ for its member banks in Abu Dhabi.
10 Tips for More Secure Mobile Devices (Dark Reading) Mobile devices can be more secure than traditional desktop machines - but only if the proper policies and practices are in place and in use.
Identity verification: Staying ahead of post-breach era consumer preferences (Help Net Security) Four key trends illustrate how recent breaches and shifting consumer behaviors are impacting the way businesses approach identity verification.
3 Ways That Marketers Can Get Involved In Cybersecurity Management (Forbes) As part of a series of interviews I’ve conducted to better understand marketing’s role in cybersecurity, I talked with Theresa Payton, former CIO for the White House and current CEO of Fortalice Solutions, a cybersecurity and intelligence consulting firm risk, fraud, and security company that helps businesses and government organizations protect themselves from emerging threats.
SMBs conduct security training, but they aren't prepared for a real-life cyberattack (TechRepublic) A new report from Webroot reveals that more SMBs are aware of potential cyberattacks but 79% say they are not prepared for them.
Taking the right cybersecurity precautions in China - Cylance (Security Brief) China is already Australia’s largest import and export trading partner, and President Xi Jinping recently implied that it’s unlikely to slow down.
Army to Issue Cyber Quest Report Soon (SIGNAL) The experiment focuses on cyber situational awareness.
Design and Innovation
Defense Cyber Security Adapts to a World in Which Data is the New Endpoint (Symantec) The Department of Defense is in the middle of a transition that just about every agency either has - or soon will - face
Cyber Security Briefing: Biometric bank cards are coming (BusinessCloud.co.uk) Using our fingerprints to buy goods, fraudsters impersonating Netflix and Apple's newest security features - this is Jonathan Symcox's news round-up
Female Students Awarded Cybersecurity Scholarships (Infosecurity Magazine) Morphisec awards scholarships to three female students in the field of cybersecurity.
Legislation, Policy, and Regulation
Why the United States needs a cyber accord with North Korea (CNN) US President Donald Trump and North Korean leader Kim Jong Un pledged to develop a new US-North Korea relationship during their historic summit in Singapore, but that won't be possible as long as Pyongyang continues to use cyberattacks against the United States and its allies.
UK Publishes Minimum Cyber Security Standard for Government Departments (SecurityWeek) The UK government's Cabinet Office has published the first iteration of its Minimum Cyber Security Standard, which will be incorporated into the Government Functional Standard for Security.
US senators could agree to lift ZTE ban if it is hit with security limits (South China Morning Post) The deal with Trump could ban ZTE hardware from critical assets, with US government employees prohibited from buying the Chinese firm’s products
Senators want Commerce to help U.S. firms ditch ZTE (Cyberscoop) A bipartisan trio of senators has asked the Department of Commerce to clarify that U.S. companies are welcome to remove products from their networks made by controversial Chinese telecom company ZTE.
U.S. House Passes Bill to Enhance Industrial Cybersecurity (Industrial Control Systems (ICS) Cyber Security Conference) The U.S. House of Representatives on passed a bill aimed at protecting industrial control systems (ICS), particularly ones used in critical infrastructure, against cyberattacks.
US legislators put industrial control system security on the map (Naked Security) After a spate of attacks on industrial control systems (ICS), the US this week officially recognized the need to secure them with a new bill.
Office of Cyberspace Reborn In Bill Approved by Senate Panel (BleepingComputer) The Senate Foreign Relations Committee voted today to advance bill H.R. 3776, the Cyber Diplomacy Act. This bill outlines the restoration of the State Department's Cyber Office under the new name of Office of Cyberspace and the Digital Economy and the reinstatement of a head of cyber related activities for the Department of State.
Bill to save net neutrality is 46 votes short in US House (Ars Technica) 172 Democrats signed petition to force vote, but they need 218 signatures.
IEEE joins the ranks of non-backdoored strong cryptography defenders (Rwgister) 'Exceptional access' is a really bad idea, says standards-setter, but one-off malware is cool
The new cyber leader focused on national defense (C4ISRNET) The Cyber National Mission Force has a new commander.
Litigation, Investigation, and Law Enforcement
Anthony Kennedy’s Retirement May Have Huge Consequences for Privacy (WIRED) Kennedy’s record is mixed, but he was a thoughtful voice on how to interpret Constitutional rights for the internet era.
US Dark Web Raids Lead to Arrests and Seizures (Infosecurity Magazine) Authorities identified 65 targets
Feds Pose as Cryptocurrency Money Launderer to Bust Alleged Dark Web Dealers (Motherboard) In a novel investigative strategy, rather than just following the money, investigators went undercover as someone converting Bitcoin into cash, exploiting a financial bottleneck faced by dark web criminals.
Fortinet, Interpol ink threat sharing info deal to combat cybercrime (Inquirer) Hackers had given the organizers of the 2018 Pyeongchang Winter Olympics in February this year a scare when a cyber attack paralyzed internet networks and caused communications to fail at the opening ceremony.
Man travels across world to attack online friend, shot by girl’s mum (Naked Security) She somehow allowed an online “friend” to get hold of her address – with a tragic outcome.
Woman ruined, sent death threats after #PermitPatty shaming video goes viral (Naked Security) The latest subject in a string of online shaming incidents was scrabbling to make amends this week as her business life fell apart and the death threats flooded in.
Army investigators issue warning about ‘virtual kidnapping’ scam (Army Times) The Army community is getting an alert after scammers recently called an Army family.