Cyber Attacks, Threats, and Vulnerabilities
‘Rocket Kitten’ and the state-backed hackers that reportedly conduct economic spying on the US (Fifth Domain) Iranian hackers known as “Rocket Kitten” repeatedly target American defense companies in hopes of stealing information to boost Tehran’s missile and space programs.
Chinese theft continues in cyberspace as new threats emerge, U.S. intelligence officials warn (Washington Post) The report also singles out Russia and Iran as malign actors intent on penetrating American computer systems and critical infrastructure.
RANCOR Threat Group Leverages New Malware Strains in Targeted Espionage Attacks (Security Intelligence) Threat group RANCOR is leveraging new malware strains to conduct targeted espionage in Southeast Asia, according to a recent report.
How Russian hackers tricked people into giving their passwords (Federal Times) Russian hackers who penetrated hundreds of U.S. utilities, manufacturing plants and other facilities last year gained access by using the most conventional of phishing tools, tricking staffers into entering passwords, officials say.
Russian Hackers’ New Target: a Vulnerable Democratic Senator (The Daily Beast) Sen. Claire McCaskill is a top target for Republicans looking to grow their slim Senate majority in 2018. Turns out, Russia’s “Fancy Bear” hackers are going after her staff, too.
Flashpoint - Malware Loaders Continue to Evolve, Proliferate (Flashpoint) Two relatively new loaders, Aurora and Kardon, may be an indication of the features criminals are trying to incorporate into these bits of malicious code.
SoftNAS Cloud OS Command Injection (SecureAuth + Core Security) 1. Advisory InformationTitle: SoftNAS Cloud OS Command InjectionAdvisory ID: CORE-2018-0009
Recently Patched Oracle WebLogic Flaw Used in Active Attacks (Security Boulevard) Attackers have already started exploiting a flaw in Oracle's WebLogic application server to break into enterprise systems.
Bugs in Samsung IoT Hub Leave Smart Home Open To Attack (Threatpost) Researchers found 20 flaws in Samsung’s SmartThings Hub controller - opening up supported third-party smart home devices to attack.
Vulnerability Spotlight: Multiple Vulnerabilities in Samsung SmartThings Hub (Talos Blog) Cisco Talos recently discovered several vulnerabilities present within the firmware of the Samsung SmartThings Hub. In accordance with our coordinated disclosure policy, Cisco Talos has worked with Samsung to ensure that these issues have been resolved and that a firmware update has been made available for affected customers. These vulnerabilities could allow an attacker to execute OS commands or other arbitrary code on affected devices.
Yes, Google's Security Key Is Hackable (KnowBe4) Ever since Google told the world that none of its 85,000 employees had been successfully hacked ... since they started implementing Security Keys, like Yubico’s YubiKey ... I’ve been contacted by friends and the media about my thoughts.
Stealth Mango Proves Malware Success Doesn't Require Advanced Tech (Dark Reading) At Black Hat USA, a pair of researchers will show how unsophisticated software can still be part of a successful surveillance campaign.
Credential theft – the Monster Cache (LinedIn) Cybersecurity trends continue to show that organizations most often learn of data breaches through external, third-party notifications. In recent years, the information security industry has integrated cyber threat intelligence into cybersecurity and breach response strategies.
Cyber attack on COSCO Shipping not confined to North America (MarineLog) The ransomware cyber attack on COSCO Shipping Lines is apparently not confined to the container shipping operator's North American operations, as it indicated yesterday.
Ransomware-hit Cosco turns to Yahoo and Facebook to keep in touch - The Loadstar (The Loadstar) Facebook and Yahoo are the ways to contact Cosco following the cyber attack that struck its Americas operations.
SingHealth cyber attack: Delinking PCs from Internet causes some inconvenience to patients (The Straits Times) Staff at Singapore's public healthcare institutions have had to find alternative methods for routine tasks since their computers were temporarily delinked from the Internet last week.. Read more at straitstimes.com.
Top Ten Ways Atlanta's Ransomware Attack Affected Cybersecurity (Infosecurity Magazine) How a ransomware attack on the city of Atlanta turned into a lengthy persistent problem
The demand for hacking tools and malware is greater than the current supply (Yahoo) A report from Positive Technologies reveals an extremely high demand for malware creation on the dark web: Three times greater than the current supply. It's based on 25 Russian and English-based dark web sites.
Same web-based vulnerabilities still prevalent after nine years (Help Net Security) Analysis of vulnerabilities discovered by NCC Group researchers over the last nine years found that instances of common web-based vulnerabilities have
Security Vulnerability Concerns Skyrocket as Neustar’s International Cyber Benchmark Index™ Hits Record High (BusinessWire) Ninety percent of surveyed security professionals fear that Meltdown-Spectre attacks are becoming the norm
What is International Cyber Benchmarks Index TM? (Neustar) The International Cyber Benchmarks Index is an initiative of the Neustar International Security Council which assesses the international cybersecurity landscape from the vantage point of security professionals across the EMEA and US regions.
New Survey by Perception Point Finds that 80% of IT Decision Makers Believe the Most Popular "At-Work" Apps are Among the Most Vulnerable to Cyberattacks (PRNewswire) Perception Point survey highlights the growing security threat created by the rapid adoption of cloud collaboration apps, highlighting that 67% of companies have been attacked at least once in the last year via these channels
Business leaders concerned about security, data backup is a key opportunity (Help Net Security) A Kaseya survey, based on input from 1,300 respondents, revealed a number of trends, indicating that change is afoot in the IT operations landscape.
The primary email security challenge enterprises face is trust (Help Net Security) Only 34 percent of users without email security responsibility recall seeing email-based attacks in their inboxes, compared to 85 percent of email
Most organizations investing in AI, very few succeeding (Help Net Security) It looks like an AI investment is something most companies are looking for, but only one in three projects are succeeding.
Trend Micro Survey Confirms A Disregard for the Risk of an IoT Breach and Finds Loss of Trust As Biggest Potential Consequence (Financial Post) Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in cybersecurity solutions, today released survey findings that show businesses are most concerned about losing customer tr…
“Naïve” Australian companies know supply chains create security problems, but aren’t fixing them (CSO) Issues with the security of supply-chain partners will be one of the biggest security threats CISOs face in coming years, a security expert has warned as new figures revive concerns that “naïve” Australian companies are failing to factor cybersecurity into their purchasing and vetting procedures.
Tenable up 32% at closing on first day of IPO (Washington Business Journal) Tenable's stock closed at a price of $30.25 per share Thursday, after surging 40 percent in its first few minutes as a publicly traded entity.
Facebook Suffers Worst-Ever Drop in Market Value (Wall Street Journal) Facebook suffered the biggest-ever one-day loss in market value for a U.S.-listed company, a punishing reversal for a company that has led a yearslong tech-stock surge.
Facebook Just Learned the True Cost of Fixing Its Problems (WIRED) Facebook shares fell 20 percent after it said revenue growth would slow and it would spend additional billions per year to tackle fake news and other concerns.
How years of privacy controversies finally caught up with Facebook (Washington Post) The cost of its missteps finally caught up with Facebook this week, sending its stock down more than $100 billion Thursday in the largest drop in value in Wall Street history.
Twitter’s stock plunges more than 19 percent after reporting drop in user numbers (Washington Post) But the company beat expectations for revenue, reporting $711 million in sales, up 24 percent year-over-year.
Imperva to Acquire DevOps Security Leader Prevoty (BusinessWire) Imperva to Acquire DevOps Security Leader Prevoty
Cyberfort Software (CYBF) Prepares to Expand Through Acquisition (GlobeNewswire News Room) Cyberfort Software, Inc. (OTCPINK:CYBF) today announced that it is preparing to expand its product base and reach by way of acquisition.
MACH37 Cyber Accelerator Opens Applications for Fall 2018 Session (GlobeNewswire News Room) Fall 2018 Cohort Sessions Begins September 24th
Barracuda Accelerates Growth in Email Protection and Expands Customer Base to More Than 50,000 (Barracuda) Barracuda Networks is the worldwide leader in Security, Application Delivery and Data Protection Solutions.
SonicWall bullish as rival Sophos flounders in NSS Labs test (CRN) Independent security testing lab NSS Labs has slated UK-based Sophos. Its US rival SonicWall smells blood
Acronis Announces Technology Partnership with Arsenal Football Club (AsiaOne) Acronis, a global leader in cyber protection and hybrid cloud storage that is currently celebrating its 15-year anniversary, has formed a new technology partnership with Arsenal Football Club.
Awake Security Names Former Cylance CTO Rahul Kashyap as CEO (BusinessWire) Awake Security today announced that it has appointed former Cylance Chief Technology Officer Rahul Kashyap as its new chief executive officer.
JASK Appoints Dave DeWalt as Vice Chairman of Board of Directors (JASK) Come join JASK at BlackHat, the world's leading information security event. Visit booth #2310, grab a t-shirt and learn more about #JASKASOC.Former FireEye and McAfee CEO Invests in JASK Series B Through NightDragon Security, Joins Company’s Board to Facilitate Leadership and Market Expansion
Cylance Tech Chief Leaves to Helm Cyber Startup (Fortune) Meet the new CEO of Awake Security.
Lockpath Announces Four Executive Promotions (Markets Insider) OVERLAND PARK, Kan., July 26, 2018 /PRNewswire/ -- Lockpath, a leading provider of governance, risk management and compliance (GRC) solutions, today announc...
Products, Services, and Solutions
New infosec products of the week: July 27, 2018 (Help Net Security) SentinelOne announces general availability of Central Park console SentinelOne announced the general release of Central Park, a console update enhancing
MonsterCloud Debuts Free Ransomware Removal Program for Law Enforcement Agencies (BusinessWire) MonsterCloud unveils free ransomware recovery for law enforcement agencies #cybersecurity #cyberterrorism #govtech
1BTC Locked Files Can Now be Recovered using BitDefender's Decryptor (Appuals.com) A relatively weaker malicious ransomware, LockCrypt, has been operating under the radar to carry out low scale cybercrime attacks since the June of 2017. It was most prominently active in February and March this year, but due to the fact that the ransomware must be installed manually on devices to take effect, it did not …
Cynash Introduces Cybersecurity Solution For Industrial Control Networ (PRWeb) Cynash Inc. announces the immediate availability of its SerialTap™ cybersecurity solution for legacy industrial control networks that rely on serial communication...
Bricata Delivers New Network Security Options for the Cloud (Bricata) Threat Hunting Platform Available on AWS, Supports VMWare and Linux KVM; Provides Greater Visibility Across Hybrid Cloud and On-Premises Environments July 26, 2018 – Columbia, Md. – Bricata, Inc., a leader in advanced network threat protection solutions with threat hunting capabilities, today...
SentinelOne announces general availability of Central Park console (Help Net Security) The SentinelOne Central Park console extends detection capabilities into multi-tenancy and role-based access environments.
DataStax launches commercial Kubernetes application to Google Cloud Platform Marketplace users (Help Net Security) DataStax Enterprise gives customers the ability to integrate DSE with native Google Cloud services like Compute Engine or Cloud Storage.
Entrust Datacard TruCredential ID creator software goes mobile (Help Net Security) With EntrustDatacard TruCredential 7.5, users can capture and print IDs with a mobile device that’s connected to a network printer.
Dashlane 6: A solution for online risk prevention, identity monitoring, and identity restoration (Help Net Security) Dashlane 6 manages and secures people's digital identities with the solution for online risk prevention, identity monitoring, and identity restoration.
MobileIron Delivers First UEM Integration With McAfee ePolicy Orchestrator (BusinessWire) MobileIron delivers first UEM integration with McAfee ePolicy Orchestrator.
Symantec Debuts the Cyber Security Brief Podcast (Markets Insider) Symantec Corp. (NASDAQ: SYMC), the world’s leading cyber security company, today announced the debut of its Cyber Security ...
Technologies, Techniques, and Standards
NZ Information Security Manual updated (Technology Decisions) New Zealand's Government Communications Security Bureau (GCSB) has released version 3.0 of the New Zealand Information Security Manual.
Houston participates in mock cyberattack as part of research project (KPRC) Houston Mayor Sylvester Turner discussed Wednesday the city's participation in a mock cyberattack aimed at testing the city's response to hacking.
Hostage crisis? Ransomware is a threat that demands disaster planning (KnowBe4) Hostage crisis? Ransomware is a threat that demands disaster planning
Federal DMARC Adoption Report, Secure your Email (Agari) 68% of all Federal domains lack a DMARC policy, leaving their citizens and agencies open to email cyber attacks. Get the statistics today - get the report.
How to Improve Your Cyber Threat Intelligence Automation (LookingGlass Cyber Solutions Inc.) Do any of these quotes resonate with you? “If CTI vendors would provide more context to their data, it would be so much easier to know what to do if we...
Why a VPN could be the security extra your business needs (TechRadar) Panda Security tells us how AI is set to shake up the security market
Overcoming the Siloed Network Security Challenge (Infosecurity Magazine) Stop working in siloed networks, to defeat open minded cyber-criminals.
5 Ways Small Security Teams Can Defend Like Fortune 500 Companies (Dark Reading) Keep your company protected with a mix of old- and new-school technologies.
Is it OK to Reward Those Who Flag the Phish and Highlight Those Who Failed? (Infosecurity Magazine) If you socially engineer your employees, is it right to reward those who flag the phish and highlight those who failed - or vice versa?
The Hypocrisy of Cyber's Hippocratic Oath (CyberVista) When graduating medical school, physicians take the medical Hippocratic Oath. There’s a lot more to the Hippocratic Oath, and as I share my own experience in medical training, I will draw parallels to how similar and relevant it is to cyber security professionals and the work they do every day.
Design and Innovation
Poor Password Handling and the Rise of Multi-Factor Authentication (WatchGuard) Password security is one of the most important issues facing information security today, and multi-factor authentication (MFA) technology mitigates the risk of password-only security today when providing access to corporate networks. But unfortunately, traditional MFA solutions are often difficult for businesses to implement and manage, especially those with limited IT resources.
New Cybersecurity Degree To Launch Fall 2018 At LETU (Markets Insider) LeTourneau University will launch a new, 100% fully online Bachelor of Science in cybersecurity degree beginn...
Legislation, Policy, and Regulation
Australia's Fight Against Chinese Political Interference (Foreign Affairs) Australia has finally passed tough new laws against foreign political meddling.
Germany Vetoes Chinese Purchase of Business Citing Security Grounds (WSJ) The German government has decided to ban for the first time the sale of a German company, Leifeld Metal Spinning, to a Chinese suitor on security grounds.
US targets Chinese companies in US$716 billion bill after ZTE debacle (South China Morning Post) The US$716 billion budget bill prohibits the US government, including the Pentagon, from using products from the Chinese telecoms company ZTE
Marco Rubio: Google, other US companies are aiding Chinese surveillance (Washington Examiner) Google and other U.S. companies are providing services in China that will be used to enhance the Communist Party’s surveillance infrastructure, according to Sen. Marco Rubio.
Why Congress may have just boosted China’s cybersecurity (Fifth Domain) Lawmakers' decision to spare ZTE is a boon for the Chinese government, which has embarked on a strategy of homegrown technological development that could bolster Beijing's cyber capabilities.
America's Adversaries Are Weaponizing Information, NSA Director Warns (Washington Free Beacon) Foreign adversaries have stepped up the use of information warfare to control populations since 2011 and the operations a new threat in the digital age.
Where do information operations fit in the DoD cyber enterprise? (Fifth Domain) With the evolution of cyber and the information space, could the Department of Defense organize under a unified information command synchronizing capabilities?
Here’s How to Really Make Cabinet Secretaries Responsible for Cybersecurity (Nextgov.com) The president and OMB director should pester Cabinet officials about cybersecurity regularly, a former official says.
Lawmakers Can't Ignore Facial Recognition's Bias Anymore (WIRED) Amazon has marketed its Rekognition facial recognition system to law enforcement. But in a new ACLU study, the technology confused 28 members of Congress with publicly available arrest photos.
Litigation, Investigation, and Law Enforcement
How they did it (and will likely try again): GRU hackers vs. US elections (Ars Technica) Latest Mueller indictment offers excruciating details to confirm known election pwnage.
Cybersecurity & Retirement Plans (Password Protected) It seems that most employees and plan participants “think” their retirement money and data are not at risk. This is due, in part, because: there are few p
Fortnite Scammers Approaching $1m in Annual Takings (Imperva) When something seems too good to be true, it probably is.
Hire-a-hitman website is a scam and its owner has made a killing (Times) A British “vigilante hacker” says that a site on the dark web that offers hitmen for hire is a scam that has earned the Romanian behind it almost £5 million. The website, which goes under various...
Burglar wakes up couple to ask to use their Wi-Fi network (Ars Technica) Burglar said he needed network access because he was "out of data."