Cyber Attacks, Threats, and Vulnerabilities
Turkish 'hacktivists' take over social media accounts of US journalists (CNBC) Pro-Erdogan hackers said they took over social media accounts belonging to U.S. journalists in the past week.
Online Propaganda Builds Islamic State Brand in the Face of Military Losses (Wall Street Journal) Even as Islamic State has lost territory in Syria and Iraq, it reigns supreme in cyberspace, where its critical recruitment and marketing tool has helped it build a brutish brand using propaganda and sometimes false claims.
Will ISIS make up for lost territory virtually? (C4ISRNET) One Army leader looks at a way ISIS could
Facebook bans military accounts in Myanmar as UN accuses leaders of coordinating genocide (The Verge) Facebook has been criticized for its role fueling ethnic violence in Myanmar since at least 2014. A report from the UN today accuses Myanmar’s military leaders of coordinating genocide, but Facebook says it has removed a number of high-profile accounts.
‘We don’t have any fear’: India’s angry young men and its lynch mob crisis (Washington Post) Rage fueled by gender imbalances, identity politics and economics is stirring trouble.
Cobalt Dickens threat group looks to be similar to indicted hackers (Cyberscoop) Secureworks researchers say this campaign used some of the same infrastructure as the Iranian hackers indicted earlier this year.
Inside Iran's disinformation campaign on the West (The National) Tehran is using fake social media personas and websites to support its interests
How FireEye Helped Facebook Spot a Disinformation Campaign (New York Times) The cybersecurity company has shifted its attention to detecting disinformation and uncovering social media campaigns intended to influence politics.
Una Mullally: How I was caught up in an Iranian fake news operation (The Irish Times) A random experience points to the sinister future of false news operations
Will more sanctions drive Iran to a cyberattack? (Fifth Domain) If the Trump administration's sanctions on Iran are strong, the Persian nation may respond by targeting banks, critical infrastructure and the U.S. government.
Turla Threat Group Uses Email PDF Attachments to Control Stealthy Backdoor (Dark Reading) The Russian-speaking group's latest tactic is the only known case of malware that's completely controllable via email, researchers at ESET say.
Nothing sacred: Russian spies tried hacking Orthodox clergy (AP News) The Russian hackers indicted by the U.S. special prosecutor last month have spent years trying to steal the private correspondence of some of the world's most senior
Kremlin Sources Go Quiet, Leaving C.I.A. in the Dark About Putin’s Plans for Midterms (New York Times) The spy agency does not believe its Russia informants have been killed, but sources have gone largely dormant amid heightened scrutiny and rising threats.
DHS, FBI Hold Joint Briefing for Election Officials with Facebook and Microsoft (Department of Homeland Security) On August 24, 2018, the Department of Homeland Security was joined by the Federal Bureau of Investigation, Facebook, and Microsoft to host a briefing for the National Association of Secretaries of State and the National Association of State Election Directors on recent actions taken by both companies to combat foreign threats.
Oops. DNC Cyber Attack Backtrack Casts Doubt on Midterms' Security (InsideSources) The Democratic National Committee told the press its voter database was hacked on Monday, then Wednesday the DNC's Chief Information Security Officer Bob
The DNC False Alarm Hack Is Good Cybersecurity, Bad PR (Motherboard) The DNC thought it was getting hacked again, but it was just a false alarm set off by a security test. It's a sign that the organization is taking its cybersecurity seriously.
Midterm Election Hacking -- Who Is Fancy Bear? (Forbes) Russian-affiliated hacking group Fancy Bear is trying to influence elections across the world. Who is it, exactly, and how can it be stopped?
Chinese Communist Party Funds Washington Think Tanks (Washington Free Beacon) China's Communist Party is intensifying covert influence operations in the U.S. that include funding Washington think tanks and coercing Chinese Americans
"This is now the new normal": An expert explains why cybersecurity risks aren’t going away (Vox) There are threats not just from Russia and Iran, but from other countries and lone wolves, heading into the 2018 midterms.
Cyberattack on Malaysia: Imminent or imagined? (The ASEAN Post) Analysts observed a pattern of targeting by China-based groups and others against organisations with links to the BRI.
New Point of Sale Malware Family Uncovered (Booz Allen Hamilton) RtPOS is a newly-discovered Point of Sale malware that analysis suggests could be a post-compromise tool instead of standalone malware.
Cosmos Bank SWIFT/ATM US$13.5 Million Cyber Attack Detection Using Security Analytics (Securonix Threat Research) The Securonix Threat Research team recently learned of a new high-profile cyber attack targeting SWIFT/ATM infrastructure of Cosmos Bank (COSDINBB), a 112-year old cooperative bank in India and the second largest…
T-Mobile, AT&T customer account PINs were exposed by website flaws (Engadget) Apple and Asurion have fixed problems that could've let an attacker figure out the PIN number for some AT&T or T-Mobile accounts.
Pune bank fraud: Out of Rs 94 crore, hackers transferred Rs 13.5 crore to Macau (DNA) Pune bank fraud: Out of Rs 94 crore, hackers transferred Rs 13.5 crore to Macau - Probe into the Cosmos Bank in Pune revealed that thehackers had transferred Rs 13.5 crore to Macau. It should be noted that Macau is known for being the top gambling hub
Emergency warning: The GlobeImposter ransomware family is growing up wildly (360 Total Security Blog) 360 Security Center issues an emergency warning to alert users: Since August 21 2018, the GlobeImposter ransomware incident has occurred frequently. The main goal of this attack is to start the server of Remote Desktop Service.
Hacking smart plugs to enter business networks (Help Net Security) Hacking smart plugs reality. A buffer overflow flaw in Belkin's Wemo Insight Smart Plug can be exploited to interfere with the networked devices.
Epic's first Fortnite Installer allowed hackers to download and install anything on your Android phone silently (Android Central) Google has just publicly disclosed that it discovered an extremely serious vulnerability in Epic's first Fortnite installer for Android that allowed any app on your phone to download and install anything in the background.
Google disclosed man-in-the-disk attack flaw in Fortnite Android app (CSO Online) Epic Games hit back after Google publicly disclosed the security vulnerability in the Fortnite Android app installer.
Fortnite fury over how Google handled its security hole (Graham Cluley) Epic Games isn’t happy about how Google handled the disclosure of the serious security hole in Fortnite.
Fortnite Installer for Android made our worst fears come true (SlashGear) It was really only a matter of time. Epic Games was, after all, tempting fate, not to mention hackers and criminals in its righteous zeal to open up the Android (but not iOS) app ecosystem. A bug i…
Cybercriminals Undeterred by ToS For Remcos RAT (BleepingComputer) Researchers from Cisco Talos are calling out the developer of a remote administration tool (RAT) for allowing its use for malicious purposes.
Attack Status: Apache Struts Vulnerability (CVE-2018-11776) (Akamai) This blog post is a follow-up to https://blogs.akamai.com/2018/08/apache-struts-vulnerability-cve-2018-11776.html and its purpose is to highlight attack data we have seen on the Akamai network related to this vulnerability....
FTC, FBI Issue Alerts on Bitcoin Blackmail Scams (Credit Union Times) The alert warns members that the scam isn't new but simply adjusts as technology evolves.
Thwarting Fault Attacks against Lightweight Cryptography using SIMD Instructions (IEEE Conference Publication) A growing number of connected objects, with their high performance and low-resources constraints, are embedding lightweight ciphers for protecting the conf
Who’s Behind the Screencam Extortion Scam? (KrebsOnSecurity) The [extortion] email scam last month that invoked a real password used by each recipient and threatened to release embarrassing Webcam videos almost certainly was not the work of one criminal or even one group of criminals.
Abbyy leaked 203,000 sensitive customer documents in server lapse (TechCrunch) Abbyy, a maker of optical character recognition software, has exposed a trove of sensitive customer documents after a database server was left online without a password. The exposed server was found by former Kromtech security researcher Bob Diachenko, who now works independently. In a blog post sh…
Cheddar's Scratch Kitchen Chain Suffers Data Breach (Dark Reading) The cyberattack occurred sometime between Nov. 3, 2017, and Jan. 2, 2018.
Three weeks after cyberattack, Mat-Su Borough computers still aren’t back to normal (Anchorage Daily News) The public can use borough services but some still can't take credit cards after a late July malware attack. Employee email remains spotty too.
Security Patches, Mitigations, and Software Updates
Bitdefender Disables Anti-Exploit Monitoring in Chrome After Google Policy Change (BleepingComputer) Chrome has started displaying alerts that suggest users remove programs that are considered incompatible applications with Chrome because they inject code into the browser's processes. In order to resolve these issues Bitdefender has decided to no longer monitor newer versions of Chrome with their anti-exploit technology.
Cyber Trends
Corporate Cybersecurity Is Becoming Geopolitical. Are U.S. Tech Companies Ready? (Harvard Business Review) Platforms have a propaganda problem.
A Big Choice for Big Tech (Foreign Affairs) Don't break up digital giants that monopolize online markets; force them to share their data with their competitors instead.
The Internet's Lost Promise (Foreign Affairs) The United States long promoted its vision of an open and free Internet on the global stage. But today, as authoritarian governments and private actors increasingly weaponize the web, U.S. leadership is largely absent. It’s time for Washington to overcome its belief that the Internet can fix itself and instead work to maintain the Internet as a tool for strengthening democracy.
Why too much attention on foreign actors and voting machines can hurt cybersecurity (Fifth Domain) The overwhelming majority of cyberattacks occur because of basic security failures, phishing attempts and human error, according to research.
23% of UK SMBs still use USB drives as their primary data storage solution (Help Net Security) Only 35% of SMBs have company storage centralised with on-site servers. 23% of SMB employees reported using portable storage such as USB drives.
Marketplace
‘Cybersecurity budgets of Indian firms have tripled’ (The Hindu) Companies spend more on network safety: A10 Networks
FireEye is tech firms' weapon against disinformation, staffed with 'the Navy SEALs of cyber security' (Los Angeles Times) FireEye — best known for its work on high-profile cyberattacks against companies including Target, JPMorgan Chase and Sony Pictures — is emerging as a key player in the fight against election interference and disinformation campaigns.
Array Networks Says It's the Nutanix of Private Cloud Networking (SDxCentral) Array Networks wants to be the Nutanix of networking and security virtual appliances. It recently updated to its hyperconverged platforms.
Splunk CEO: Accenture, Optiv, SecureWare Partnerships Gain Momentum (ChannelE2E) Splunk (NASDAQ: SPLK) is gaining momentum with channel partners like Accenture, Optiv and SecureWare, according to CEO Doug Merritt. Here's why.
Exabeam Wins 70% Of Splunk Faceoffs As It Targets 10% Market Share (Forbes) Splunk faces well-funded rivals in the market for detecting hackers and detailing the damage they cause. Exabeam says it's winning 70% of the time against Splunk and wants 10% of its market. Will that show up in Splunk's next earnings report?
Zscaler Buys Piece Of Cybersecurity Startup TrustPath For AI Expertise (CRN) TrustPath has developed artificial intelligence-based algorithms through machine learning to identify new threats, resulting in enhanced security efficacy and accelerated incident response.
3SG Plus Acquires Cybersecurity Powerhouse (PRNewswire) 3SG Plus will now offer cybersecurity solutions
Products, Services, and Solutions
WireGuard VPN review: A new type of VPN offers serious advantages (Ars Technica) Fewer lines of code, simpler setup, and better algorithms make a strong case.
Atos and Nozomi Networks team to deliver security to OT environments (Help Net Security) Atos and Nozomi Networks will work together to provide industrial enterprises real-time OT network visibility, data analysis and cybersecurity protection.
Trend Micro's new program helps IoT device makers tackle risk at source (Help Net Security) Trend Micro designed a new IoT security program to leverage its ZDI to minimize vulnerabilities as smart products are developed.
Samsung’s Exynos i S111 delivers efficiency and reliability for NB-IoT devices (Help Net Security) Samsung’s Exynos i S111 is the new narrowband IoT solution that includes modem, processor, memory and GNSS functions in one chip.
Trend Micro simplifies advanced threat detection and network analysis (Help Net Security) The new network analytics capabilities of Deep Discovery empower organizations struggling with skills shortages to keep themselves protected and productive.
Plurilock Surpasses $1M Revenue, Launches SaaS Products to Meet Demand for Behavioral-Biometric Security (PRNewswire) Fueled by growth and $3M in financing, the AI-based behavioral biometrics company now offers multiple options to meet customers' cybersecurity needs
6 artificial intelligence cybersecurity tools you need to know (Packt Hub) Investments in building AI systems to analyze the huge data trove have increased. Cybersecurity professionals with the help of AI can also identify possible threats and take precautions or immediate actions to solve it. For a more hands-on experience, here are 6 AI cybersecurity tools you should know to safeguard your organization from a counter AI attack.
Technologies, Techniques, and Standards
Social media firms manage expectations for stopping foreign influence campaigns (TheHill) U.S. tech companies are tamping down expectations on their ability to prevent foreign influence campaigns on social media.
‘Project Spartacus’ aims to save electric grid from nuclear, solar attack (Washington Examiner) After years of shrugs over concerns about the potential calamity an attack on the nation’s electric grid would cause, government and business leaders are joining to map a path to protect and maintain the system that powers everything from cellular phones to nuclear missile bases.
DHS Creating New Cyber Threat ‘Risk Radar’ For Agency Leaders (Meritalk) The Department of Homeland Security is working with multiple Federal agencies to develop a new “risk radar” that will help agencies’ top executives contextualize cybersecurity risk and clarify where they need to apply focus and resources, according to Mark Kneidinger, director of the Federal Network Resilience division of DHS’ Office of Cybersecurity and Communications (CS&C).
The Difference Between Sandboxing, Honeypots & Security Deception (Dark Reading) A deep dive into the unique requirements and ideal use cases of three important prevention and analysis technologies.
Supply Chains Struggle With GDPR Compliance (PYMNTS.com) The European Union (EU) General Data Protection Regulation (GDPR) came into effect in May, but most businesses in the region still aren’t compliant with the rules. The data security requirements have wide-reaching implications for businesses across sectors, but as companies expand globally and business partners connect on digital channels, supply chains’ GDPR compliance is an […]
Traveling to China for work? Punch through the Great Firewall and securely connect with your home office (CSO Online) Security is not just about confidentiality and integrity. It's also about availability. The new partnership between Wickr and Psiphon is worth a look for global enterprises with traveling employees.
New Hampshire working to prevent hacking of election system (AP News) Amid concerns about hacking from Russia, Iran and other countries, New Hampshire plans to spend a quarter of a million dollars in federal grant money on asses
What we’re reading: 4 ways the U.S. can secure the 2020 election (Axios) It’s already too late for 2018.
Army Cyber Changing Double-Time (GlobeNewswire News Room) Leaders share insights into what’s next for the service.
5 times tech failed and we had to do things the old-fashioned way (Irish Examiner) After Gatwick Airport’s digital flight board failure, we take a look at previous big IT blackouts.
What are next generation firewalls? How the cloud and complexity affect them (CSO Online) Nextgen firewalls add features like behavioral analytics, malware detection, and content monitoring to prevent unauthorized access and data exfiltration. They could do much more in the future.
Blocking compromised passwords: How and why to do it (Help Net Security) Passwords are beginning to feel like the zombie that just won’t die. Even after Bill Gates famously called for their demise in 2004, this antiquated form
Design and Innovation
Virginia Tech partners with startup DeepSig to protect wireless devices (Virginia Tech News) The new technology can be applied to everything from personal cellphones and Bluetooth devices to vehicular communications, radars, and sensing systems.
Gamification Engineer Richard Moore Proves Anyone Can Be a Hacker (Security Intelligence) Security gamification engineer Richard Moore designs cyberthreat scenarios to unlock the competitive spirit of cybersecurity professionals and demonstrate how easy it is for anyone to hack a system.
Academia
Trend Micro steps forward to help plug IT security skills gap in KSA (Zawya) The Trend Micro Saudi Academy for Cybersecurity Program is seen to boost the government's efforts to strengthen its cybersecurity infrastructure
Legislation, Policy, and Regulation
Australia’s Ban on Huawei Is Just More Bad News for China (WIRED) The move reflects US influence, and Australia's tense, complicated relationship with China.
Defense Science Board Task Force On Improving Cyber As A Strategic Weapon (OODA Loop) The United States is currently years behind its rivals in cyberspace, both conceptually and operationally. The findings of this study illuminate the scope of the problem.
Former NSA, CIA director on cyber, Facebook and hacking back (Fifth Domain) Former head of the NSA and CIA Michael Hayden sat with Fifth Domain to discuss American cyber policy and global digital threats.
Can Silicon Valley Fight the Cyber-War the White House Won’t? (The Hive) In advance of the midterms, tech companies have become something of a last line of defense in a country where the president seems disinterested in protecting U.S. elections from foreign interference.
US Commerce's Ross Picks ZTE Monitor After Rejecting 'Never Trump' Lawyer (VOA) A new monitor for ZTE is required as part of a June settlement that ended a ban on U.S. companies selling components to China's No. 2 telecommunications equipment maker
GDPR and California's New Privacy Could Mean Millions in Costs to Organizations (Infosecurity Magazine) Data access requests could result in millions of dollars in operational costs for organizations that already face unprecedented fines in case of a security breach.
Litigation, Investigation, and Law Enforcement
Analysis | The Cybersecurity 202: FBI's encryption fight with Facebook could have broad impact on smartphone users' privacy (Washington Post) Even more than the high profile case against Apple.
You Could Be Kicked Offline For Piracy If This Music Industry Lawsuit Succeeds (Motherboard) And the evidence “proving” your guilt could be little more than fluff and nonsense.
Ukrainian hacker sentenced to 6 years in U.S. prison (Cyberscoop) Ukrainian national Ruslan Yeliseyev was sentenced to six years in U.S. prison on Friday for hacking and trafficking stolen financial information.
CFTC Wins Enforcement Action Against Alleged Virtual Currency Scammer (New York Law Journal) The decision by U.S. District Judge Jack Weinstein of the Eastern District of New York gave the U.S. Commodity Futures Trading Commission one of its first trial wins in its aggressive approach to crack down on virtual currency fraud.
Top dark web drug vendors nabbed by ‘Operation Darkness Falls’ (Naked Security) The DoJ announced arrests, charges and guilty pleas as part of Operation Darkness Falls, which involved several government agencies.
PG&E Identified as Utility That Lost Control of Confidential Information (Wall Street Journal) PG&E was identified as the utility that authorities had fined in May for losing control of a database with confidential information about its systems and leaving it exposed on the internet for 70 days.
WaPo: Transparency Is Fine For Others But Too Expensive For Us (Daily Caller) The Post is challenging a law that would require publishers to disclose the source and funding of political ads
How a Lawsuit Could Check Trump's Power Over Security Clearances (The Atlantic) Can the president restrict a person’s access to classified material for any reason he wants? It may take a claim from former CIA Director John Brennan to find out.
Clapper: Obama Ordered The Intelligence Assessment That Resulted In Mueller Investigation (Real Clear Politics) Former Director of National Intelligence James Clapper revealed in an interview last week that if not for President Obama asking for an intelligence community assessment that "set off a whole sequence of events" we would not have the Mueller investigation. Clapper, a CNN contributor, said the effects of that intel assessment "are still unfolding today."
Why Did Reality Winner Do It? (Rolling Stone) How an Air Force vet exposed Russian interference in our election — and got 63 months in prison