Cyber Attacks, Threats, and Vulnerabilities
Researchers: 'Roman Holiday' malware campaign appears to be Russia targeting Italian navy (SC Media US) The Russian threat group Fancy Bear appears to be behind a recent campaign that appears to target Italy's navy with an updated version of the APT group's X-Agent backdoor malware, according to researchers.
Vermin one of three RATs used to spy on Ukrainian government institutions (WeLiveSecurity) ESET researchers have analyzed remote access tools (RATs) - Quasar, Sobaken and Vermin - that have been heavily used in recent espionage campaigns on Ukrainian government institutions.
Thousands of US voters' data exposed by robocall firm (ZDNet) Each record contains a voter's name, address, and "calculated" political affiliation.
Hundreds of thousands US voter data appeared online. Again. (LinkedIn) Just when I thought the days of misconfigured AWS S3 buckets are over, I discovered a massive US voter data online, apparently being part of Robocent,
Securonix Threat Research: GandCrab Ransomware Attack (Securonix) The GandCrab ransomware attacks are some of the most prevalent ransomware threats of 2018. In recent months, the GandCrab attackers were able to infect more than 50,000 victims and generate more than $600,000 in ransom payments from victims [1]. Securonix Threat Research Team…
Unpatched Remote Code Execution in Reprise License Manager (Trustwave) During a recent penetration testing engagement, I came across a particularly interesting web application called RLM, running on the non-standard port 5054, which naturally caught my eye. After a bit of poking around, I was able to identify a critical...
Vulnerability or Not? Pen Tester Quarrels With Software Maker (SecurityWeek) A security researcher has published details of what he considers to be a vulnerability in the RLM web application provided by Reprise Software. Reprise CEO Matt Christiano has told SecurityWeek, it is not a vulnerability.
Drupal, Phishing and A New Cryptomining Botnet (Blog | Imperva) At Imperva, we use pattern anomaly detection as one of the tools to identify emerging threats and build new defenses. Our security researchers analyze the detected patterns from time to time, and this is how we learned about the existence of the Ash botnet.
How hackers exploit critical infrastructure (Help Net Security) The traditional focus of most hackers has been on software, but the historical focus of crime is on anything of value. It should come as no surprise,
NISD: Just How Can A Cyber-Attack Impact An Essential Operator? (Video) (Mondaq) Partner Simon Shooter on what larger impact there could be from a cyber attack.
Omaha-based voting machine company denies Russian hacking (AP News) Russian hackers didn't breach an Omaha company's election machines or software in 2016, according to the company's officials.
Cloud Security Leader Coronet Identifies San Diego, Orange County (CA) & Houston-Hobby as America’s Most Cyber Insecure Airports (PRWeb) New report alerts business travelers on how airport Wi-Fi can put essential cloud-based work apps at risk, and educates flyers on the dangers of connecting to unencrypted, unsecured or improperly configured networks
Messenger Apps Top Risk Hit Parade (Dark Reading) Whether running on iOS or Android, Facebook's and WhatsApp's messenger apps present a 'winning' combination.
How to spoof someone’s GPS navigation to send them the wrong way (Naked Security) Researchers have for the first time demonstrated that it’s possible to spoof turn-by-turn GPS road navigation to send users to specific wrong locations.
Keeping it on the Down Low on the Dark Web (SecurityWeek.Com) Even while using Tor hidden services, there are many ways you can be exposed and have your activities compromised if you don’t take the right precautions to stay anonymous.
City of Alamogordo victim of $250,000 email scam (Alamogordo Daily News) State Auditor Wayne Johnson is cautioning all New Mexico government entities about an unknown email scam after the city of Alamogordo paid more than $250,000 to a scam artist Thursday.
Cyber attack on MGM Hospital (Asian Age) Thereafter, the hospital lodged a complaint with the cyber crime cell and a case was filed under the IT Act.
Roblox responds to the hack that allowed a child’s avatar to be raped in its game (TechCrunch) There’s a special place in Hell for people who think it’s funny to rape a 7-year-old girl’s avatar in an online virtual world designed for children. Yes, that happened. Roblox, a hugely popular online game for kids, was hacked by an individual who subverted the game’s protec…
British Airways apologises for delays and cancellations at Heathrow (Computing) Heathrow in 'complete chaos' after British Airways' IT failure
Security Patches, Mitigations, and Software Updates
Cisco plugs serious flaws in Policy Suite, SD-WAN, and Nexus switches (Help Net Security) Cisco has issued another batch of fixes, plugging a number of critical and high severity holes in Cisco Policy Suite, SD-WAN, and Nexus products.
Waratek Issues Guidance on Oracle April 2018 CPU (PRNewswire) Most Java flaws can be remotely exploited: Half of the Java patches relate to Deserialization Flaws
Cyber Trends
Cyber Attack Trends: 2018 Mid-Year Report (Check Point Software) When it comes to the global cyber landscape, threats are ever evolving, keeping organizations as well as the security community constantly challenged.
2018 Thales Data Threat Report – Retail Edition (Thales eSecurity) The 2018 Thales Data Threat Report – Retail Edition discusses the depth of data breaches in the retail industry, enterprise plans for combating them, and best practice data security recommendations.
2.3 Billion Account Credentials Compromised from 51 Organizations in 2017; New Research Shows Breadth of Breach Impacts (GlobeNewswire News Room) Shape Security’s 2018 Credential Spill Report provides inside look at lifecycle of stolen credentials and extent of data breach damage
2018 Credential Spill Report (Shape Security) Everyone knows there’s no such thing as a free lunch, but that doesn’t stop us from salivating over a deal that’s too good to be true. Roundtrip business class flights from LAX-LHR for the cost of a one-way from SFO-JFK. A $100 gift card for $50. Even a wheel of fancy French cheese at American single prices.
GDPR Fueling Rise of PII Theft, Cryptomining Plateauing
(Infosecurity Magazine) Report shows traditional tech support scams are back on the rise, while cryptomining stagnates
Shrouding IoT Security in the Fog (Infosecurity Magazine) By virtue of its distributed architecture, fog computing secures everything from the cloud to the device.
US Orgs Overly Optimistic About Cyber-Readiness (Infosecurity Magazine) Attitudes and plans for tackling cybercrime are evolving, according to FICO.
Survey Finds Breach Discovery Takes an Average 197 Days (Security Boulevard) A new global study based on 500 interviews conducted by The Ponemon Institute on behalf of IBM finds that the average amount of time required to identify a data breach is 197 days, and the average amount of time needed to contain a data breach once it is identified is 69 days.
Finance leads, entertainment trails sectors investing in cybersec; threats faced differ from perceptions (SC Magazine) Investment in cyber security varies hugely between vertical sectors - but spend is no guarantee of reduced breaches, and perceived threats are not necessarily the same as actual threats.
Marketplace
Online viewing for the 2018 World Cup heavily benefited the VPN industry: Study (Comparitech) The 2018 World Cup heavily benefited the VPN industry as many fans sought to stream the games online for free or in their native languages.
Okta Acquires ScaleFT to Bring Zero Trust to the Enterprise (Business Wire) Okta, Inc. (NASDAQ:OKTA), the leading independent provider of identity for the enterprise, today announced it has acquired ScaleFT, the Zero Trust sec
Coinbase Acquisitions Approved By SEC, FINRA, Paving Way for Security Token Listings (CryptoGlobe) Cryptocurrency exchange Coinbase has reportedly been granted approval by the US Securities and Exchange Commission (SEC) to acquire several securities firms, opening up the possibility of the platform listing crypto tokens that are classified as securities. Coinbase VP Adam White says the exchange had “unprecedented” interest from institutional clients.
Coinbase didn’t get (or need) SEC approval for acquisitions after all, company says (TechCrunch) Hmm. Well, after Coinbase confirmed to Bloomberg (and us) that they had received regulatory approval for some acquisitions that would let it eventually usher in trading tokenized securities on its exchange, the company is now walking back from which agencies it received approval. While a Coinbase s…
Raytheon selected as cybersecurity advisor to the Royal Hashemite Court of the Kingdom of Jordan (PRNewswire) Work includes conducting vulnerability assessments for aviation and critical infrastructure systems
Picosegmentation Prevails in Shark Tank (SIGNAL) The third of three AFCEA finalists provides cybersecurity at the smallest level.
Zuckerberg: The Recode interview (Recode) Everything was on the table — and after Facebook’s wildest year yet, that’s a really big table.
Aspire Consulting Group LLC Secures Its First Prime Contract (Nasdaq) Textmunication Holdings, Inc. (OTC PINK: TXHD; OTC PINK:TXHDD), a cloud-based mobile SMS and RCS marketing platform provider, announces Aspire Consulting Group LLC ("Aspire") has been awarded a prime contract with the Maryland Health Benefit Exchange (MHBE).
Microsoft offers up to $100,000 to identity bug finders (HOTforSecurity) Want to earn $100,000? You could win as much as that if you manage to uncover a serious vulnerability in Microsoft's various identity services. And you could be helping millions of people around the world better secure themselves both at home and...
Beyond Crypto Valley - Find out Why Switzerland Is the Blockchain Capital of the World (CoinCentral) Switzerland is famous for cheese, chocolate, nifty multifunctional folding pocket knives AND some of the planets most outstanding natural beauty.
Products, Services, and Solutions
Aporeto Simplifies Service Mesh Security Operations With New Istio Integration (Business Wire) Aporeto, the Zero Trust security solution for microservices, containers and the cloud, today announced its extensive integration with Istio, the open source service mesh platform that connects, manages and secures microservices at scale.
Trust Automation To Provide Cybersecurity Solutions For Legacy Industrial Control Systems (Trust Automation) Trust Automation Inc., a leading supplier of automation technology for defense and industrial applications, has announced it will offer a novel new cybersecurity solution for industrial control systems (ICS). Working through the United States Department of Homeland Security’s Science and Technology Directorate, Trust has obtained an exclusive license to the Autonomic Intelligent Cyber Sensor (AICS) […]
New Subscription Service Takes on Ransomware Protection (Dark Reading) Training and response is the basis of a new offering that addresses ransomware and extortion attacks.
Technologies, Techniques, and Standards
NIST to Withdraw 11 Outdated Cybersecurity Publications (SecurityWeek) NIST’s Computer Security Division decided to withdraw 11 outdated SP 800 publications on August 1, 2018
Make Security Boring Again (Dark Reading) In the public sector and feeling overwhelmed? Focus on the basics, as mind numbing as that may sound.
Are Bug Bounty Programs the Answer to Secure Endpoints? (Infosecurity Magazine) Like with any security protection, don’t just rely on one form – bug bounties aren’t a silver bullet.
Budgetary Foresight: 3 Essential Cyber Security Programs For 2019 (Cyber Security Hub) Be ready for 2019 budgetary questions and planning by starting early and investigating essential cyber security technologies, instead of a panicked, late-night whirlwind of RFPs and industry reports. Here's a three-part system.
What Can the World Cup Teach Us About Cybersecurity? (Infosecurity Magazine) Just like with World Cup results, in cybersecurity it is not always the team with the strongest players or the best technical strategy that wins.
Kaspersky's Stephan Neumeier: Pay and the Hackers Own You (Awani Review) Kaspersky Lab Asia MD Stephan Neumeier advises effective cyber security defence against ransomware attacks, or be prepared to be wiped out for good.
No standards for vulnerability database, but 'US has set norms' (iTWire) There are no universal standards for a vulnerability database but the US national vulnerability database was the first to be set up and has set the no...
Russia's national vulnerability database is a bit like the Soviet Union – sparse and slow (Register) By design, though, not... er, general rubbishness
Remove FBI Locker Ransomware – Restore PC (Security Boulevard) This article will help you remove FBI Locker ransomware efficiently. Follow the ransomware removal instructions provided at the end of the article. FBI Locker is a virus that claims to encrypt your files and demands money as a ransom to...
Marines stand up first-of-its-kind tactical cyber team (Fifth Domain) The Marine Corps activated the first of its new defensive cyber teams within the Marine Air Ground Task Force.
Design and Innovation
Could semantic icons replace passwords and PINs? (Naked Security) SemanticLock replaces passwords, PINs and patterns with a sequence of graphical icons which work semantically.
Shadow Politics: Meet the Digital Sleuth Exposing Fake News (WIRED) Buried in media scholar Jonathan Albright's research was proof of a massive political misinformation campaign. Now he's taking on the the world's biggest platforms before it's too late.
Why is InfoWars allowed on Facebook? Zuckerberg: Because it doesn’t cause “harm” (Ars Technica) "Within this, those principles have real trade-offs and real tug on each other."
Leaked Documents Show Facebook’s ‘Threshold’ for Deleting Pages and Groups (Motherboard) During testimony to lawmakers, Facebook did not provide specifics on the threshold Pages or Groups have to cross before being deleted. Documents obtained by Motherboard layout those limits.
Why You Can't Trust More Cryptocurrency White Papers (WIRED) Crypto-developers—ironically, a community devoted to eliminating centralized authority—could use more traditional vetting structures.
“Astoundingly stupid” Kodak (not really) Bitcoin miner bites the dust (Naked Security) Deemed a scam from its CES debut, Kodak says KashMiner was never licensed, and its promised payouts portrayed ignorance of how Bitcoin works.
Landbot gets $2.2M for its on-message ‘anti-AI’ chatbot (TechCrunch) Who needs AI to have a good conversation? Spanish startup Landbot has bagged a $2.2 million seed round for a ‘dumb’ chatbot that doesn’t use AI at all but offers something closer to an old school ‘choose your adventure’ interaction by using a conversational choice inte…
Internet of Things (IoT) and Blockchain Technology Will Be an Interesting Ride (CoinCentral) There’s a lot of speculation over the Internet of Things (IoT) and blockchain technology. Is it a match made in heaven? Do they reinforce each other’s strengths–or do the technologies clash? Should they occupy separate worlds that don’t overlap? And what exactly is the Internet of Things anyway?
Research and Development
Wells Fargo Bank Submits Tokenization System Patent for Data Cryptography Protection (BitcoinExchangeGuide) Well Fargo Wants to Patent a Tokenization System for Protecting Data Wells Fargo, the San-Francisco-based bank recently filed a patent that outlines a tokenization system, which they will utilize t…
IBM Can't Contain Itself, Launches Nabla (Infosecurity Magazine) IBM researchers have created a new approach to container isolation with the launch of Nabla containers
Academia
MoTC begins hunt for Qatari cybersecurity talents (The Peninsula Qatar) The Ministry of Transport and Communications (MoTC), in association with the ITU Arab Regional Cybersecurity Centre (ARCC), announces the opening of the Qatar Threat Hunters 2018 Competition for youth aged 17-24, from mid-July to September 2018.
Legislation, Policy, and Regulation
Throughout Middle East, the Web Is Being Walled Off (Wall Street Journal) Authoritarian governments in the Middle East are increasingly adopting a version of China’s approach to online censorship, cutting citizens off from swaths of the internet, often with the aid of Western technology.
Trump says Russia is no longer targeting the U.S., contradicting statement from U.S. intelligence chief (Washington Post) Comments at Wednesday afternoon Cabinet meeting restokes criticism of president and his performance at Helsinki meeting with Putin.
US intelligence chief is harsh on Russia, at odds with Trump (AP News) National Intelligence Director Dan Coats' drumbeat of criticism against Russia is clashing loudly with President Donald Trump's pro-Kremlin remarks ...
As Russians describe ‘verbal agreements’ at summit, U.S. officials scramble for clarity (Washington Post) The Trump administration has offered few specifics on meetings that the president describes as a “tremendous success.”
Opinion | Parsing the surreal from the sensible in Trump’s Helsinki performance (Washington Post) The president is right to want to reduce tensions with Russia.
Analysis | In his prepared remarks, Trump removed a line about bringing election hackers to justice (Washington Post) It was one of several changes Trump made to his typewritten comments.
Why It Matters That Trump Denies Russian Interference (WIRED) Trump has denied or downplayed Russia's attempts to influence US democracy three times this week—and that has very real consequences.
Anti-Trump Hysteria Isn’t Helping (The Atlantic) The president’s performance in Helsinki wasn’t defensible—but neither was it treasonous.
Cyberspace invaders — Elina Noor (Malay Mail) Last Friday, a grand jury in the US District of Columbia charged 12 Russians with 11 counts of aggravated identity theft, conspiracy to launder money, and conspiracy to commit an offence against the United States. These federal crimes, as the indictment alleges, were knowingly and...
Analysis | The Cybersecurity 202: Anti-censorship tool opens new rift between lawmakers and tech companies (Washington Post) Lawmakers want Google and Amazon to bring back domain fronting.
Lawmakers Don't Grasp the Sacred Tech Law They Want to Gut (WIRED) Decades ago, Section 230 gave tech companies sweeping power to police content on their platforms. Now some lawmakers want that power back.
Election security bill picks up new support in Senate (TheHill) The bill is designed to help states upgrade their digital voting systems and boost information sharing between state and federal officials.
Bill to Block Feds' Personal Email, Social Media Access Advances (Nextgov.com) The bill would authorize agency leaders to block any website for cybersecurity reasons without negotiating with unions.
Gov Slow to Address Urgent CNI Security Needs (Infosecurity Magazine) The UK government is not addressing the need for cybersecurity skills for critical national infrastructure
Litigation, Investigation, and Law Enforcement
Trump says he accepts U.S. intelligence on Russian interference in 2016 election but denies collusion (Washington Post) He had come under heavy criticism for not publicly challenging Putin’s assertion at a news conference that the Kremlin did not interfere with the election.
Opinion | Stop calling it ‘meddling.’ It’s actually information warfare. (Washington Post) Let's treat the threat with the seriousness it deserves.
KnowBe4 Analysis: Lack of Security Awareness Training Allowed Russians to Hack American Election (Business Insider) KnowBe4, provider of the world's largest security awareness training and simulated phishing platform, analyzed the official indictment of the Russian GRU officers charged with interfering in the 2016 U.S. presidential election.
Britain has identified Russians suspected of Skripal nerve attack:... (U.S.) British police have identified several Russians who they believe were behind the nerve agent attack on former spy Sergei Skripal and his daughter, the British news agency, Press Association, said on Thursday, citing a source close to the investigation.
Alleged Russian agent Maria Butina ordered to remain in custody after prosecutors argue she has ties to Russian intelligence (Washington Post) Federal prosecutors said she was linked to oligarch with ties to the Putin administration and appeared ready to flee.
‘She was like a novelty’: How alleged Russian agent Maria Butina gained access to elite conservative circles (Washington Post) By August 2016, the FBI was monitoring the young political-science student as part of an effort to track what she was doing in the United States, according to officials.
Indicted Russian national Maria Butina once reportedly tried to quiz a left-leaning civil rights group about its cyber vulnerabilities (Business Insider) Maria Butina, the Russian gun rights activist charged with being a Russian agent, reportedly tried to interview a left-leaning civil rights group in 2017 about its cyber vulnerabilities. Butina's reported outreach could be indicative of Russia's continued efforts to infiltrate US politics.
Why an accused Russian agent visited an American university and South Dakota summer camp (Washington Post) Authorities arrested Maria Butina this week and charged her with acting on behalf of the Russian government.
A $5 Billion Fine Will Not End Google’s Stranglehold on Smartphone Software (Motherboard) In order to license Android, phone manufacturers are subject to a rigid set of requirements meant to drive mobile search traffic to Google.
Peer-to-Peer Crypto-Exchanges: A Haven for Money Laundering (Threatpost) Buyers and sellers can exchange cash in person, transfer bank funds online or can exchange funds for prepaid cards, gift cards or other cryptocurrencies.
FBI Refuses to Release Dark Web Kingpin Arrest Video It Already Showed and Bragged About (Motherboard) The bureau rejected a FOIA request without explaining why.