Cyber Attacks, Threats, and Vulnerabilities
Iranian cyber activity on the rise with Leafminer, OilRig leading the way (SC Media US) Iran has once again found itself in the crosshairs of cybersecurity researchers with Palo Alto Networks' Unit 42, Symantec and the German intelligence all pointing accusatory fingers at Tehran over several recently revealed cyber campaigns.
Russian hackers used phishing tools in 2017 attack on grid (AP News) Russian hackers who penetrated hundreds of U.S. utilities, manufacturing plants and other facilities last year gained access by using the most conventional of ph
LifeLock Bug Exposed Millions of Customer Email Addresses (KrebsOnSecurity) Identity theft protection firm LifeLock — a company that’s built a name for itself based on the promise of helping consumers protect their identities online — may have actually exposed customers to additional attacks from ID thieves and phishers.
Parasite HTTP RAT cooks up a stew of stealthy tricks (Proofpoint) Proofpoint researchers analyze a stealthy new remote access Trojan.
Hackers are targeting SAP, Oracle ERP applications, US wans (CRN Australia) Based on dark web activity.
ERP applications under attack: How criminals target the crown jewels (Help Net Security) Research from Digital Shadows and Onapsis found clear signs of ERP applications under attack, putting organizations directly at risk of espionage and fraud.
New Underminer Exploit Kit Delivers Bootkit and Cryptocurrency-mining Malware with Encrypted TCP Tunnel (TrendLabs Security Intelligence Blog) We discovered an exploit kit we named Underminer that uses capabilities to deter researchers from tracking its activity or reverse engineering the payloads
How one hacker could have changed automotive history (Naked Security) That’s not supposed to happen: 150GB of customer data that the world could download… and hack.. and then upload again.
Popular Android/iOS Apps & Extensions Collecting “Highly Personal” User data (HackRead) In May this year, HackRead reported how an Israeli company Unimania was caught collecting personal, Facebook and browsing data of users through Android
More browser extensions and apps caught spying on users (Naked Security) The pop-up blocking function of many apps and browser extensions appears to obscure an ulterior motive – spying on a user’s web traffic.
Swann security cameras vulnerable to spying hack (Help Net Security) Researchers have unearthed a security flaw in a Swann security camera that allows attackers to spy on the video and audio feed of anyone’s camera.
Car Sharing Apps Vulnerable to Hacker Attacks: Kaspersky (SecurityWeek) The lack of proper security mechanisms make many car sharing apps highly vulnerable to hacker attacks. Security holes found by Kaspersky can be exploited to obtain personal info and even steal cars
Researchers Resurrect Decade-Old Oracle Solaris Vulnerability (SecurityWeek) One of the Solaris vulnerabilities patched by Oracle with the July 2018 CPU is closely related to a flaw first discovered in 2007
Attackers playing into users' commitment to security continue to sail through defenses (Help Net Security) KnowBe4 shared its Top 10 Global Phishing Email Subject Lines for Q2 2018. The messages are based on simulated phishing tests or real-world emails.
The Foundation of Cyber-Attacks: Credential Harvesting (SecurityWeek) Stealing a valid credential and using it to access a network is easier, less risky, and ultimately more efficient than using an existing vulnerability, even a zero-day.
Riverside police lost access to crime-fighting tool in cyber attack (mydaytondailynews) Riverside Police Department’s access to Ohio’s statewide system of law enforcement databases is suspended.
Security Patches, Mitigations, and Software Updates
Windows 10: These two new builds deliver lots of bug fixes (ZDNet) Updates for Windows 10 have arrived just a fortnight after Patch Tuesday.
Intel Smart Sound Tech Vulnerable to Three High-Severity Bugs (Threatpost) Intel patches three flaws that could allow a local attacker to execute arbitrary code on impacted systems.
Intel Xeon workhorses boot evil maids out of the hotel: USB-based spying thwarted by fix (Register) The story behind the quietly patched CVE-2018-3652
Twitter Curbs Access for 143,000 Apps in New Crackdown (SecurityWeek) Twitter has removed more than 143,000 apps from the messaging service since April in a crackdown on "malicious" activity from automated accounts.
Big bad Bluetooth blunder bug battered – check for security fixes (Register) Crypto cockup lets middle-people spy on connections after snooping on device pairing
Cyber Trends
Securing healthcare organizations: The challenges CISOs face (Help Net Security) Healthcare breaches involving ransomware are increasing, but this is just one of the problems infosec pros securing healthcare organizations need to face.
Decentralising the web: MaidSafe CEO on competition and collaboration (Computing) David Irvine 'There are some egos out there who are quite vocal about the merits of their approach'
Akamai expects big shift in security posture in the Philippines (Back End News) Recent data breaches, not only in the private sector but in the government as well, raised cybersecurity awareness in the Philippines. While the conversation is s…
Marketplace
It's IPO day for Tenable. It has boosted its introductory price again. (Washington Business Journal) Columbia, Maryland-based Tenable Holdings Inc. will open trading on the Nasdaq Thursday offering 10.9 million shares of common stock at a price of $23 per share, which could raise the company more than $250 million.
Tenable Announces Pricing of Initial Public Offering (Tenable Network Security) Tenable Holdings, Inc. (" Tenable ") today announced the pricing of its initial public offering of 10,900,000 shares of common stock at a price to the public of $23.00 per share. The shares are expected to begin trading on the Nasdaq Global Select
Sagi's Kape acquires US cybersecurity co Intego (Globes Newswire) Israeli cybersecurity company Kape Technologies will pay $16 million for Seattle-based Intego.
Automotive companies are warming up to vulnerability disclosure programs (Cyberscoop) The automotive industry is looking to step up its collaboration with cybersecurity researchers to identify software and hardware bugs in order to better protect vehicles, which are becoming more connected and automated.
Facebook shares tank on slowing growth, wiping out billions in value (Washington Post) The lower-than-expected revenue growth raised worries that the political and social backlash the company’s seen is affecting its bottom line.
Qualcomm Plans to Abandon NXP Deal Amid U.S.-China Tensions (Wall Street Journal) Qualcomm said it plans to scrap its $44 billion purchase of Dutch chip maker NXP after failing to secure approval in China, making the deal one of the most prominent victims of spiraling U.S.-China trade tensions.
Booz Allen to Help Navy Secure Maritime Cyber Systems Under $92M Task Order (GovCon Wire) Booz Allen Hamilton (NYSE: BAH) has received a five-year, $92 million task order to support the U.S.
Salient CRGT Wins $34M Task Order to Deliver IT Support to the Defense Technology Security Administration (PRNewswire) Extending its long term relationship with the Defense Technology Security Administration (DTSA), the company will provide IT services and information security for the international transfer of defense-related goods, services, and technology
GhangorCloud Achieves Major Milestones and Year-over-Year Revenue Growth in Cybersecurity Market Predicted to Reach $1 Trillion by 2021 (GlobeNewswire News Room) Information Security and Compliance Provider Sees Significant Customer Success, Channel Growth and Industry Validation During the First Six Months of 2018
Trend Micro Launches Targeted Server-Side Bug Bounty Program (Dark Reading) Targeted Incentive Program will pay anywhere from $25,000 to $200,000 to researchers who are first to demonstrate exploitable vulnerabilities.
Products, Services, and Solutions
Microsoft publishes details of Windows 10 connections in GDPR compliance document (Computing) Microsoft's Windows 10 GDPR document also indicates how users can disable data collection
Google wants to replace your password routine with a tiny device that plugs into your computer (CNBC) Google's new security key might be more secure than other password methods.
Comodo Cybersecurity Launches New Plugins for cWatch Web Security Platform (PRNewswire) Plugins for cPANEL and WHMCS streamline onboarding of web ecosystem partners and customers
Rubrik Launches Radar, an Intelligent Application to Defend Against Ransomware (PRNewswire) Built on the Polaris SaaS platform, Radar accelerates recovery from ransomware and other security threats with minimal business disruption and data loss,- Radar leverages machine learning models to help enterprises deepen their data defense posture
CloudMigrator and Virtru partnership offers the way to move data to the cloud (Help Net Security) CloudMigrator + Virtru solution allows enterprises to migrate regulated and proprietary data to Google G Suite and Microsoft Office 365.
IOGEAR’s NIAP-certified KVM Switches provide protection against cyber security threats (Help Net Security) IOGEAR’s Secure KVM Switches allow users to share a single keyboard, mouse, speaker set, CAC reader, and single or dual DVI or HDMI monitors.
Macro 4’s session manager improves mainframe security through roll-out of MFA (Help Net Security) Tubes for z/OS 7.8 has a new MFA capability which provides a way for organizations to introduce additional security tests or ‘factors’.
Dashlane 6: The App That's Solving the Digital Identity Crisis (PRNewswire) An All-In-One Solution for Online Risk Prevention, Identity Monitoring, and Identity Restoration
ProtonMail adds full PGP support and address verification (Computing) Improves compatibility with other services,Security Technology
Twistlock Announces Support for Binary Authorization for Google Kubernetes Engine (PRNewswire) Integration enforces full lifecycle software quality and compliance for GKE workloads
Airbus wants 'orderly' transition to broadband for security network (BNamericas) BNamericas is the business intelligence tool for Latin America with data, news, analysis and events to identify job opportunities, projects, companies and contacts
Technologies, Techniques, and Standards
2020 Census Comes With New Technology, but Greater Risks (Wall Street Journal) The Government Accountability Office warns that the 2020 Census, which will employ new technologies such as cloud and mobile computing, faces a greater risk of cyberattack than earlier, lower-tech efforts.
Congress wants DoD to hold a national cyber response exercise (Fifth Domain) A proposal wants the Department of Defense to play out its support to both private- and public-sector agencies in the event of a cyber incident.
Should We be Looking Down Under to Improve Our Security? (Infosecurity Magazine) How the Australian government's Essential Eight rules can provide a basis for cybersecurity basics.
Equifax's Security Overhaul, a Year After Its Epic Breach (WIRED) Nearly a year after hackers stole the personal data of 147 million people from Equifax, the company details the changes it's making to its security practices.
Don't Ignore Identity Governance for Privileged Users (SecurityWeek) Privileged Access Management (PAM) can monitor and record user activity to offer misuse deterrence by collecting evidence for prosecution, and can provide more detailed compliance reporting than system logs.
Anonymity tools: Why the cloud might be the best option (SearchCloudSecurity) Anonymity tools don't have to be complicated or expensive. Learn what options are available and why the cloud may be the best bet for anonymity for security.
Breach Accountability: Blaming the CISO vs An End to Shaming (Infosecurity Magazine) Two experts discuss where accountability for data breaches should lie
McAfee CISO: The importance of a strong cybersecurity culture (SearchCIO) In this Q&A, McAfee CISO Grant Bourzikas discusses the huge role a company's cybersecurity culture plays in ensuring the company data -- and that of their customers -- remains secure as threats continue to evolve.
Navy Utilizes Realistic Cyber Simulations to Mature Cyber Mission Forces Beyond Qualifications (DVIDS) The next phase in the maturation of the Navy’s Cyber Mission Force teams is underway as leadership from U.S. Fleet Cyber command/U.S. 10th Fleet (FCC/C10F) develop innovative training methods that allow operators to hone their skills in a realistic and challenging environment.
Design and Innovation
Security AI is more than an Algorithm (Infosecurity Magazine) All analytics will be more effective when provided with rich, high-fidelity sources of data.
Research and Development
Was It Ethical for Dropbox to Share Customer Data with Scientists? (WIRED) The data was anonymized, but academics are still concerned about the ethics of the analysis.
Legislation, Policy, and Regulation
Cyber deal with US signals more assertive counter-hacking operations (The Sydney Morning Herald) Australia's electronic spooks will work more closely with the United States on offensive cyber capabilities.
UK cracks down on foreign investment to protect national security (KXLY) Foreign takeovers of UK companies will be subject to additional scrutiny under a government proposal that makes it easier to block deals on national security grounds.
Taiwan’s Emerging Push for “Cyber Autonomy” (Jamestown) On May 11, Taiwan’s Legislative Yuan passed the Cybersecurity Management Law, Taiwan’s first national cybersecurity law (iThome, May 22). This law, which mandates cybersecurity requirements for Taiwan’s government agencies and operators of critical infrastructures, represents the latest initiative in the Tsai administration’s push for cyber security under the policy “Cyber Security is National Security.” As part of this push, the …
America’s Hackers Are at Risk (Real Clear Defense) America professes to love its men and women in uniform, but the penalty for its reflexive use of indictments and sanctions – America’s standoff weapons used to avoid politics – against foreign militaries may one day fall on them, far away from the Washington, D.C. grandees and activists who created those policies.
Homeland Security Committee Forwards Bill to Prevent the Next Kaspersky (Nextgov.com) The committee also forwarded legislation to codify Homeland Security’s CDM program.
Huawei: lessons from the United Kingdom (The Strategist) The UK government released the Huawei Cyber Security Evaluation Centre oversight board’s 2018 annual report on 19 July. HCSEC is a Huawei-owned facility that was created seven years ago to deal with the perceived risks ...
Senate eyes hitting Russia in slap to Trump (POLITICO) A bipartisan push to impose new sanctions is gaining ground after Donald Trump’s widely criticized press conference with Vladimir Putin.
Trump to chair National Security Council meeting on election security (POLITICO) National security adviser John Bolton is also hosting two Cabinet-level NSC principals committee meetings this week.
Cantwell, Graham Urge Strong Action in the Face of Mounting Cyber Attacks from Russia | U.S. Senator Maria Cantwell of Washington (Senator Maria Cantwell) Today, in a letter to President Trump, U.S. Senator Maria Cantwell (D-WA), Ranking Member of the Senate Energy and Natural Resources Committee, and Senator Lindsey Graham (R-SC), a member of the Senate Armed Services Subcommittee on Cybersecurity, called for greater action from the federal government to defend the U.S. energy grid from cyber attacks.
Congress puts electronic warfare in its crosshairs (C4ISRNET) Congress hopes to bolster the Defense Department's strategic posture in an area of increasing strategic importance.
Senator calls on US Government to start killing Adobe Flash now (The State of Security) Security-conscious IT administrators around the globe know that they shouldn't really have Adobe Flash in their organisation.
Analysis | The Cybersecurity 202: Agencies struggling with basic cybersecurity despite Trump's pledge to prioritize it (Washington Post) It hasn't been a good week for federal cybersecurity.
Former Trump official: No one 'minding the store' at White House on cyberthreats (Yahoo News - Latest News & Headlines) “On cyber, there is no clear person and or clear driver, and there is no clear muscle memory,” said Tom Bossert, who served as White House homeland security adviser until last April, in an interview with the Yahoo News podcast Skullduggery.
Would a bill banning bots do more harm than good? (Naked Security) According to the bill as it stands now, it would be okay to use a bot as long as it discloses that it is a bot, otherwise it’s “unlawful”.
Trump considering pulling security clearances of critics (PBS NewsHour) President Donald Trump is considering revoking the security clearances of six former top officials who have been critical of his administration, a move that opponents and experts say would be an unprecedented politicization of the clearance process.
The Case for Stripping Former Officials of their Security Clearances (Consortiumnews) Former CIA agent John Kiriakou argues that no former intelligence official should be allowed to keep their security clearances when they leave government, especially if they work in the media.
By John Kiriakou
Special to Consortium News
Libertarian senator Rand Paul, a Kentucky Repub
For Spies Emerging From the Shadows, a War With Trump Carries Risks (New York Times) Intelligence agencies guard their nonpartisan reputation carefully, but President Trump’s proxy war with former officials risks dragging the agencies into the political fray.
Clapperton Assigned to U.S. Cyber Command (SIGNAL) Capt. Craig A. Clapperton, USN, has been selected for promotion to rear admiral amd will be assigned as deputy director, future operations, J-3F, U.S. Cyber Command, Fort Meade, Maryland.
Litigation, Investigation, and Law Enforcement
NSA watchdog finds 'many issues of non-compliance' in agency's data handling (TheHill) The National Security Agency's (NSA) inspector general issued a rare report Wednesday condemning the administration for insufficiently protecting data gathered from U.S. citizens.
NSA criticized for 'increased risk’ of jeopardizing civil liberties (Fifth Domain) The criticism comes after a fight over unauthorized searches of digital and electronic records by the National Security Agency.
How Washington Can Prevent Midterm Election Interference (Foreign Affairs) Social media companies will be best able to play a productive role in preventing midterm election interference when informed by the government’s latest, best understanding of what that interference could look like.
Senate Panel Invites Three Tech Firms to Another Hearing on Russian Influence (Wall Street Journal) Facebook, Google and Twitter are summoned to follow-up discussion in probe of foreign activity during 2016 presidential election
Before her arrest as an alleged Russian agent, Maria Butina’s proud defense of her homeland drew notice at American University (Washington Post) To some who knew her as a graduate student, Butina’s indictment on federal charges validated their own unsettling suspicions.
Bigamists have no right to privacy on Facebook (Naked Security) Out of sight, out of mind? Not on Facebook, where 8,000 miles between Illinois and Thailand is wiped out by a “here’s us with the kids!” pic.
Assassination Markets for Jeff Bezos, Betty White, and Donald Trump Are On the Blockchain (Motherboard) Assassination markets are old as the concept of cypherpunk itself. Now blockchain-based betting platform Augur has become a home for them.
British man unwittingly gave Russian nerve agent to his girlfriend as a gift (Ars Technica) Authorities investigating likelihood of multiple, hidden stashes of the deadly poison.