Cyber Attacks, Threats, and Vulnerabilities
Cyber-Espionage Group Returns With New Attacks After One Year (BleepingComputer) A cyber-espionage group that has targeted Palestinian law enforcement last year is now back in action targeting Palestinian government officials.
The crypto world’s latest hack sees Israel’s Bancor lose $23.5M (TechCrunch) Bancor, a crypto company that touts a decentralized exchange service, has lost some $23.5 million of cryptocurrency tokens belonging to its users following a hack. The Israel-based company raised over $150 million in an ICO last year and its services include a wallet with a built-in exchange servic…
Demands for transparency over ANU cyber attack (ABC Radio) ANU staff, students, and researchers have all received an email saying their data is safe after a Chinese cyber attack.
Worm (Mirai?) Exploiting Android Debug Bridge (Port 5555/tcp) - SANS Internet Storm Center (SANS Internet Storm Center) Note that our honeypot has a web server listening on this port, so it is not going to respond to this sequence.
Facebook buys ads in Indian newspapers to warn about WhatsApp fakes (TechCrunch) As Twitter finally gets serious about purging fake accounts, and YouTube says it will try to firefight conspiracy theories and fake news flaming across its platform with $25M to fund bona fide journalism, Facebook-owned WhatsApp is grappling with its own fake demons in India, where social media pla…
For Data Thieves, the World Cup Runneth Over (Dark Reading) Large sporting events are always going to be targets, but the fact that the competition is in Russia adds another layer of concern. Here are three tips to stay safer.
Hackers Using Stolen D-Link Certificates for Malware Signing (SecurityWeek) A cyber-espionage group known as BlackTech is using code-signing certificates stolen from Taiwan-based companies for the distribution of their backdoor.
Stolen Taiwanese Certs Used in Malware Campaign (Infosecurity Magazine) Eset reveals latest use of popular black hat tactic
Think that bitcoins and a VPN keep you anonymous? Think again… (Naked Security) A popular cryptowallet service has advised users of the Hola VPN to shift their funds to replacement accounts after an alleged hack.
Fitness app Polar Flow reveals home addresses of soldiers, spies (Help Net Security) Polar Flow can reveal sensitive information about the lives of intelligence agents, soldiers, workers at nuclear weapons storage sites, and so on.
Privates on parade: fitness tracker app reveals sensitive user details (Naked Security) Another online fitness tracking app – Polar Flow – is giving up sensitive information. But this time, it’s revealing the names and home locations of government personnel.
Polar Flow Suspends Feature After Privacy Snafu. (Infosecurity Magazine) Reporters unmask military and intelligence personnel
The Weakest Link: When Admins Get Phished | MacOS “OSX.Dummy” Malware (Security Boulevard) Imagine This Scenario One of your trusted network administrators reaches out on a public Slack, Dischord or other chat workgroup for advice on a performance problem he’s seeing on some part of your network. Of course, your admin is a savvy user and knows which people in the forum are reliable contributors. In this scenario, The post The Weakest Link: When Admins Get Phished | MacOS “OSX.Dummy” Malware appeared first on SentinelOne.
Thai Cave rescue scammers pose as Elon Musk (Graham Cluley) Crypto scammers are creating accounts in the names of known Twitter users and using devious tricks to fool their followers into believing they are reading a genuine message from the likes of Elon Musk.
Researchers find loophole that extends USB Restricted Mode's hour-long timer (AppleInsider) Just hours after Apple debuted USB Restricted Mode in its latest iOS 11.4.1 firmware, security researchers discovered an easy to implement workaround that prevents the feature from working as intended.
New iOS security feature can be defeated by a $39 adapter… sold by Apple (HOTforSecurity) Yesterday Apple released a brace of updates for its software - fixing bugs and patching security holes in the likes of MacOS, watchOS, tvOS, Safari, iTunes for Windows, iCloud for Windows, and iOS for iPhones and iPads.
Timehop Just Leaked Your Phone Number, Here’s What You Need to Do (Motherboard) A hacker learning your phone number can be the start of all sorts of account hijack mischief. The Timehop breach is probably a good time to protect yourself against SIM jacking.
Why the airplane romance that went viral should worry everyone (Naked Security) Covert footage taken of two strangers on a plane went viral as people mooned over The Lovebirds In The Air (And Mucho Spying) Affair.
Fishers residents warned of scam emails regarding speed camera fines; part of school district test (CBS 4 - Indianapolis News, Weather, Traffic and Sports | WTTV) A supposed scam email involving speed cameras prompted a warning from police in Fishers, but it turned out to all be part of a test from Hamilton Southeastern schools.
Reddit CEO tells user, “we are not the thought police,” then suspends that user (Ars Technica) Reddit declined to confirm why suspension was enforced; came shortly after reveal of DMs.
Security Patches, Mitigations, and Software Updates
Apple releases security updates, adds new privacy protection for iOS users (Help Net Security) The iOS update comes with USB Restricted Mode, a new security feature that will protect users' iPhones and iPads from being accessed by law enforcement
Apple OS Update Lifts Curtain on iPhone USB Restricted Mode (Threatpost) Apple has officially added a controversial security feature, USB Restricted Mode, to iPhones as part of its new iOS 11.4.1, released on Monday.
Intel Patches Security Flaws in Processor Diagnostic Tool (SecurityWeek) Intel has updated its Processor Diagnostic Tool to address vulnerabilities that could lead to arbitrary code execution and escalation of privileges.
Make sure Windows Update is temporarily disabled, particularly on Win7 (Computerworld) With Patch Tuesday arriving, take a moment to make sure Auto Update is turned off. Reports of Win7 users getting pushed to Win10 (again) make the check even more imperative.
Cyber Trends
Cyber security of sensors are not being addressed and vulnerabilities are not correlated to system impacts (Control Global) Juan Lopez from ORNL and I gave a presentation June 27th at the 2018 ISA Power Industry Division (POWID) Conference in Knoxville on cyber security of process sensors. As ISA POWID is an Instrumentation & Control conference, the lack of sensor discussions demonstrates the continuing gap between cyber security and operations. The lack of combining sessions that affect both cyber security and reliability/safety continues to foster the culture gap.
Amit Yoran Interview: Cyberattacks Targeting Critical Infrastructure Must Be Addressed (Government Technology) Current Tenable Chairman and CEO Amit Yoran’s career is beyond impressive. Yoran is a cybersecurity rock star. In this exclusive interview, we provide a glimpse into his security past, Tenable’s current technology priorities and future cybertrends. His immediate focus: Critical infrastructures are facing daily cyberattacks and our cyberexposure to system vulnerabilities must be an urgent priority.
Building and City Automation Driving Growth for Access Control (ABI Research) Multiple-Application Enablement and BYOD Crucial Elements for Technology Convergence
Businesses collect more data than they can handle, only half know where sensitive data is stored (Help Net Security) Two in three companies are unable to analyze all the data they collect and only half of companies know where all of their sensitive data is stored.
ZDI Reports Rise in Security Vulnerability Disclosures (eWEEK) Trend Micro's Zero Day Initiative so far has published 600 security advisories in the first half of 2018, awarding $1 million to researchers.
Marketplace
As cyber insurance evolves, insureds must watch the fine print (CSO) There’s nowhere left to hide. Now that the notifiable data breaches (NDB) scheme and EU general data protection regulation (GDPR) legislation are forcing companies to reveal the true extent of their data-security deficiencies, takeup of cyber insurance is surging as businesses weigh up the very real financial risk of non-compliance.
Non-Tech Firms Continued to Shed IT Jobs in June: Analysis (Wall Street Journal) U.S. employers at companies across all sectors of the economy shed 90,000 IT jobs last month, as tech-sector jobs rose, CompTIA reports.
Defending the Digital Frontier (A Barclays and Per Scholas Issue Brief) A robust defense against today’s sophisticated cybercriminals requires a paradigm shift in thinking not just of how a company’s defenses are built, but of who is building them.
Huawei not expecting US sanctions (CRN Australia) Also expects to keep buying US chips this year.
AT&T to Acquire AlienVault (AT&T) Acquisition to Expand Threat Detection and Response to AT&T Business Customers
D.C.-area cybertech companies persuade West Coast investors to head east (Washington Post) Charlottesville-based Social SafeGuard recently raised $11 million from a pair of Silicon Valley venture funds.
Farnborough 2018: Raytheon focuses in on cyber - DB - Digital Battlespace (Shephard Media) Cyber will be a major focus for Raytheon at the Farnborough International Airshow, with the company set to provide overviews of its cyber hardening systems ...
Cisco forms IoT partnership with $8 billion infrastructure firm Downer (CRN Australia) Will deliver smart traffic lights, street lamps and security features.
The Intelligence Network (BAE Systems) Activating a global community in the fight against cyber crime. Explore a report full of insights from some of the greatest minds in cyber defence.
Sven Hammar Joins Versasec Board of Directors (Versasec) Security and Tech Industry Luminary Brings Wealth of Funding and International Expansion Expertise to New Role
Proofpoint Inc. Expands Executive Team, Hires Klaus Oestermann as President and Chief Operating Officer; Proofpoint’s Board of Directors Appoints CEO Gary Steele as Chairman as Eric Hahn Announces Retirement (GlobeNewswire News Room) Proofpoint, Inc., (NASDAQ:PFPT), a leading next-generation cybersecurity company, today announced the hiring of Klaus Oestermann for the role of president and chief operating officer, effective July 9, 2018. Mr. Oestermann has also been appointed to serve on Proofpoint’s board of directors.
Products, Services, and Solutions
Symantec releases Norton Safe Web extension for Microsoft Edge (On MSFT) For those who enjoy having that extra peace-of-mind when browsing the web on Microsoft Edge, Symantec has released a new extension to the Microsoft Store for Microsoft Edge (via Aggiornamentilumia). This new extension, called Norton Safe Web, helps keep you safe online while browsing by: Providing safety information about pages as you view them, using the latest threat intelligence information Scans and tests websites in advance to warn you of potential security issues Blocks access to malicious or fraudulent websites To install the extension, it can be obtained via the Microsoft Store here.
Alcinéo secures mPOS smartphone apps with Trustonic (Trustonic) Payment innovator Alcinéo has chosen Trustonic Application Protection (TAP) to protect its mobile point of sale (mPOS) apps.
Cayan Integrates GlobalSign’s PKI Service Enhancing Customer Experience and Reducing Support Costs on Its Ultra-Secure Genius Omnichannel Payment Processing Platform (GlobalSign) With Seamless API Integration, GlobalSign’s Cloud-Based PKI Solution Enables Cayan to Deliver SSL Certificates at Scale to Internet Connected Payment Devices
Adaptive multi-factor authentication across entire networks and cloud environments | Silverfort (Silverfort) Silvarfort Enables strong authentication for any sensitive asset across entire networks and cloud environments, without any modifications to endpoints and servers.
Cognitec’s FaceVACS engine integrates face matching algorithm (Help Net Security) Cognitec's FaceVACS engine compares facial images to those stored in photo databases and recorded videos, to find known persons in real time, and for verification processes at borders.
Help AG Unveils Cyber Attack Simulation Service Delivering Real-World Defence Training to Middle East Security Teams (Albawaba) After successfully developing a custom-built cyber-attack and defence simulation environment to train its ethical hacking and security analytics teams, Help AG, a leading information security services, consultancy and solutions provider in the Middle East, today announced it will leverage this platform to deliver its new ‘Red Team/Blue Team Simulation’ service.
CyberSponse is Proud to Be Procured by US Cyber Command's New Capabilities Development Group Technology Outreach Process (Markets Insider) CyberSponse, the leader in enterprise incident management, security orchestration and automation, is prou...
Carahsoft to Distribute Qualys Gov Platform and Its Integrated Security and Compliance Offerings to Federal Agencies (Markets Insider) Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud-based security and compliance solutio...
Technologies, Techniques, and Standards
The coming cyberbattle will be worse than people think (C4ISRNET) The full integration of cyberwarriors into the Army and the ability to integrate cyber capabilities into the core functions of war fighting still face many cultural battles that could slow much-needed momentum.
UK Financial Authorities Publish Paper On Operational Resilience (SecurityWeek) The Bank of England and the Financial Conduct Authority have published a paper on building operational resilience to all risks including cyber.
7 Ways to Keep DNS Safe (Dark Reading) A DNS attack can have an outsize impact on the targeted organization - or organizations. Here's how to make hackers' lives much more difficult.
How to allocate budget for a well-rounded cybersecurity portfolio (Help Net Security) It’s essential for infosec professionals to allocate their budget as effectively as possible. What should a well-rounded cybersecurity portfolio look like?
Security Performance in the Cloud: Not All Solutions Are Created Equal (SecurityWeek) Choosing scalable and high-performance security solutions enables organizations to meet the growing performance demands of today’s digital marketplace.
Is Windows ShimCache a threat hunting goldmine? (Help Net Security) Tim Bandos from Digital Guardian discusses how to leverage ShimCache, to conduct effective threat hunting on an enterprise scale.
Sumo Logic: What can you learn from our approach to GDPR? (Help Net Security) In this podcast, George Gerchow, CSO with Sumo Logic, talks about their approach to GDPR.
Client Advisory Council Research: Facilitating Cyber Board Communications (Kudelski Security) This executive research paper offers CISOs practical advice on how to facilitate board communication & improve CISO board presentations, with strategies to answer 5 tough questions the board asks. Research was done with industry-leading CISOs & CSOs who advise Kudelski Security on its business.
6 M&A Security Tips (Dark Reading) Companies are realizing that the security posture of an acquired organization should be considered as part of their due diligence process.
Data Breaches at Timehop, Macy's Highlight Need for Multi-Factor Authentication (Dark Reading) Names, email addresses, and some phone numbers belonging to 21 million people exposed in Timehop intrusion; Macy's incident impacts 'small number' of customers.
Design and Innovation
YouTube to fight fake news with links to real news and context (Ars Technica) "Authoritative sources" will be more prominently featured in search results.
Research and Development
The AI revolution has spawned a new chips arms race (Ars Technica) There's no x86 in the AI chip market yet—"People see a gold rush; there’s no doubt.”
RANK Software and the Fields Institute Collaborate on AI Cybersecurity Research (GlobeNewswire News Room) Findings in automated detection expected to help enterprises strengthen resilience to cyber-attacks
Do Dating Apps Really Want You to Find Love? (INSEAD Knowledge) Matchmaking services charging a monthly fee to fill a personal or professional void are in a somewhat conflicted position.
Academia
Rising Hacker Talent to Participate in Weeklong Boot Camp near Chicago (US Cyber Challenge) U.S. Cyber Challenge & Moraine Valley Community College Host Annual Cyber Camp
Options growing for local cybersecurity training (New Orleans CityBusiness) The university is the latest local school to offer students more options in cybersecurity training.
Cyber Warrior Diversity Program Established (US Black Engineer) The training is designed to prepare individuals to defend information systems and networks and provide certifications.
Legislation, Policy, and Regulation
Six myths about government cyber security (The Mandarin) Ari Weil, cyber technology expert, explains the myths public agencies need to get over if they are to build resilience against attack.
ASD brawl over Microsoft (InnovationsAus.com) The Australian Signals Directorate executive at the centre of an internal brawl over Microsoft’s Azure and Office365 cloud services being granted Protected Certification has quietly departed the intelligence agency.
Why we are not (quite) playing Aussie rules with China? (Politik | New Zealand politics, inside news and analysis) Defence Minister Ron Mark is playing down criticism of China contained in Friday’s Defence Policy Statement.
Proposed changes to New Zealand’s Privacy Act (Infosecurity Magazine) Proposed changes to New Zealand’s Privacy Act
May appoints MP with no digital experience to lead DCMS (Computing) IT leaders told us that they are disappointed in the choice
SEC Cybersecurity Update May Lead to Increased Oversight (Infosecurity Magazine) What the SEC statement means for companies, who could choose to follow its advice or ignore it altogether.
Trump's Supreme Court Nominee Brett Kavanaugh Is a Disaster for Net Neutrality, Great for the NSA (Gizmodo) On Monday night, President Donald Trump announced his second Supreme Court nominee of his term: the DC Court of Appeals’ Judge Brett Kavanaugh. On a range of issues—but particularly net neutrality, the principle that service providers should be required to treat all data on their networks equally—he is likely to be a total disaster if confirmed by the Senate. For the National Security Agency and big businesses that hate regulation, though, he’ll be great.
Analysis | The Cybersecurity 202: Here's an early look at how states are spending federal election security cash (Washington Post) California and Hawaii are among 13 states that submitted plans early.
With Russian hacking fresh in mind, Washington state beefs up elections cybersecurity (The Seattle Times) Washington is widely considered to have one of the more secure elections systems, in part because the state’s mail-in balloting means the state has a paper record for almost every vote cast.
California Consumer Privacy Act: The Latest Compliance Challenge (eSecurity Planet) Compliance with GDPR may not be enough to meet the requirements of the new law.
Building an e-security culture at Blackpool Council to see off future threats (diginomica government) Austerity? Sure - but we also need to be secure, says the IT leadership of Blackpool Council. Can the two aims be met? Head of ICT, Tony Boyle, believes so.
Litigation, Investigation, and Law Enforcement
Dead mother Dawn Sturgess and boyfriend Charlie Rowley ‘had handled novichok vial’ (Times) A heavy dose of the nerve agent that killed a mother of three and left her boyfriend fighting for his life is highly likely to have come from a vessel containing the leftovers from the...
Lawmakers Press Alphabet and Apple on Smartphone Users’ Privacy (Wall Street Journal) House lawmakers sent letters to the CEOs of Apple and Google parent Alphabet, seeking information about how they handle smartphone users’ personal data such as location information.
Perspective | A journalist’s conscience leads her to reveal her source to the FBI. Here’s why. (Washington Post) Marcy Wheeler, who blogs on national security, believed she had an obligation to come forward.
Metro's Cybersecurity Audit Kept Classified (Infosecurity Magazine) Washington DC's Metro opts not to post results of recent internal cybersecurity audit
Sinovel Wind Group found guilty of IP theft, fined $1.5 million (CSO Online) While American Superconductor's data logs and stores were helpful in convicting Sinovel Wind Group of IP theft, a data loss prevention strategy could have identified the thieves' activities sooner.
Insurers Sue Trustwave for $30M Over '08 Heartland Data Breach (Dark Reading) Lawsuit filed by Lexington Insurance and Beazley Insurance is in response to a Trustwave legal filing that called their claims meritless.
Lawsuit: Data security firm Trustwave owes $30M for 2009 data breach at Heartland Payment Systems (Cook County Record) Two insurance companies have joined together to ask a Cook County judge to order a data security firm to pay $30 million to reimburse the insurers for funds they had to pay out to settle claims resulting from a data breach at Heartland Payment Systems.
Two More Convicted in $30M Massive Hacking, Securities Fraud Operation (Dark Reading) A former hedge fund manager and securities trader participated in a scheme that made $30 million by trading on information from stolen press releases.
Neo-Nazi Site Daily Stormer Takes Down Pepe Images After Getting Copyright Claims From Its Creator (Motherboard) The Daily Stormer has removed all images and references of the famously chill frog after getting DMCA notices from Matt Furie.
Woman scams scammer, incriminates self in the process (Naked Security) “This is SO NOT my ripped-off laptop,” the scammer must have thought when the scammer-scammer sent a package of magazines instead.