Cyber Attacks, Threats, and Vulnerabilities
Exclusive: Chief U.S. spy catcher says China using LinkedIn to recruit Americans (Reuters) The United States' top spy catcher said Chinese espionage agencies are using fake LinkedIn accounts to try to recruit Americans with access to government and commercial secrets, and the company should shut them down.
Hackers Are Exposing An Apple Mac Weakness In Middle East Espionage (Forbes) Apple Mac weakness affects all users, but has been used in limited attacks affecting the Middle East.
The anatomy of fake news: Rise of the bots (Help Net Security) Social SafeGuard analysed the impact and techniques leveraged by bots, and looked at bots attributed to Russian disinformation campaigns on Twitter.
Coming Soon to Facebook: Lots of Extreme Political Ads (Wall Street Journal) Campaign strategists are set to flood Facebook with polarizing ads heading into the midterms, saying its ad platform rewards extreme messaging more than other venues.
Russia Tries More Precise Technology to Block Telegram Messenger (NDTV Gadgets360.com) Russia is experimenting with more precise technology to block individual online services after an attempt to shut down banned messaging service Telegram failed, but Moscow has yet to find a way to shut it down without hitting other traffic.
GlobeImposter which has more than 20 variants, is still wildly growing (360 Total Security Blog) Recently, 360 Security Team found the new variant of GlobeImposter ransomware family is actively spreading worldwide that has affected the great number of users. Moreover, the attack is expected to be more serious in the future.
New Cobalt Campaign Targets Russian and Romanian Banks (SecurityWeek) A new campaign by the Russia-based Cobalt hacking group has targeted NS Bank in Russia and Carpatica/Patria in Romania.
Double the Infection, Double the Fun (Arbor Networks Threat Intelligence) Executive Summary Cobalt Group (aka TEMP.Metastrike), active since at least late 2016, have been suspected in attacks across dozens of countries. The group primarily targets financial organizations, often with the use of ATM malware. Researchers also believe they are responsible for a series of attacks on the SWIFT
Loki Bot Attacks Target Corporate Mailboxes (SecurityWeek) Loki Bot’s operators targeting corporate mailboxes with their spam messages, Kaspersky Lab reports.
How Cybercriminals Are Using Blockchain to Their Advantage (SecurityWeek) Malicious actors have been experimenting with a blockchain domain name system (DNS) as a way of hiding their malicious activity and bullet-proofing their offerings.
How one man could have pwned all your PHP programs (Naked Security) Popular PHP package repository front end Packagist turned out to have an embarrassing command injection hole – now closed!
Barracuda Study Reveals BEC Targets Different Departments (Barracuda) These attacks are responsible for billions of dollars in fraud losses over the last few years, and the criminals keep getting better at scamming their victims.
John McAfee's 'unhackable' Bitcoin wallet is hackable, company admits (CNET) Two weeks ago, it seemed safe to say that John McAfee's supposedly "unhackable" cryptocurrency wallet had been hacked. (It's been nearly four weeks since the first security researchers reached that conclusion.)
Malware brings county computers down for over a week (Benitolink: San Benito County News) San Benito County government computers have been down more than a week after the system was taken offline Aug. 18, when a malware virus was found in the system. Kevin O’Neill, manager of the San Benito County Office of Emergency Services, confirmed Aug. 27 that the county’s computer servers had been offline for nine days.
How Hackers Hit Printers (Dark Reading) New Booz Allen Hamilton report advises companies to include printers in their overall security strategy.
Security Patches, Mitigations, and Software Updates
Wireshark can be crashed via malicious packet trace files (Help Net Security) The Wireshark team has plugged three Wireshark DoS vulnerabilities that could allow an unauthenticated, remote attacker to crash vulnerable installations.
Philips Mitigation Plan for e-Alert Unit (ISS Source) Philips released one update that handles some vulnerabilities and will release another to take of other ones in its e-Alert Unit (non-medical device), according
Apple will require all apps to have a privacy policy as of October 3 (TechCrunch) Apple is cracking down on apps that don’t communicate to users how their personal data is used, secured or shared. In an announcement posted to developers through the App Store Connect portal, Apple says that all apps, including those still in testing, will be required to have a privacy polic…
Cyber Trends
The Expected Spike in Post-GDPR Spam Activity Hasn't Happened (SecurityWeek) The belief that spammers would rush to register new domains under new GDPR-enforced anonymity; and that spam would spike once GDPR became effective in May 2018. It hasn't happened.
90 Days of GDPR: Minimal Impact on Spam and Domain Registration (Recorded Future) Our researchers find that there has not only not been an increase in spam since the GDPR went into effect, but the volume of spam has been on the decline.
OWASP AppSec USA 2018 Conference Demonstrates Critical Business Need for Application Security Education (GlobeNewswire News Room) Industry conference bridges gap between cybersecurity and developer teams to protect digital applications with hands-on application security training sessions and panels.
Exclusive: Over half of ASX companies at risk of email fraud (IT Brief) Businesses can be more susceptible to phishing attacks and business email compromises (BEC) than they realise.
Brazilian Moviemakers Tackle Harms of Cyber Bullying (Folha de S.Paulo) When it comes to cyberbullying, Brazil is ranks at the very top. The country rates second in frequency of internet-based attacks, according to a recent Ipsos survey in 28 countries. Three in every ten Brazilian parents said that their children have been victims of this kind of bullying. Two new
Why Automation Will Free Security Pros to Do What They Do Best (Dark Reading) There are three reasons today's security talent pool is neither scalable nor effective in addressing the rapid evolution of cyberattacks.
Marketplace
Twitter will begin labeling political ads about issues such as immigration (Washington Post) Twitter announced Thursday that it would begin requiring organizations that purchase ads on topics like abortion healthcare reform and immigration to disclose more information about themselves to users as the tech giant looks to ensure that Russian agents don't spread propaganda ahead of the 2018 election.
Open Source Devs Reverse Decision to Block ICE Contractors From Using Software (Motherboard) Only a day after a software developer decided to revoke access to a popular open source program from any organization that collaborated with ICE, he was booted from the group and the license was changed back.
ZTE returns to profit after taking hit from US supplier ban (CRN Australia) Telco gear vendor made "worst-ever" loss in H1 2018.
Tesserent to acquire Melbourne's Asta Solutions for $3.8 million (CRN Australia) Will pick up Asta Solutions' 200 clients and 85 staff.
Dragos Expands Leadership Team to Advance Global Sales Footprint (Odessa American) Dragos, Inc., the trusted leader in industrial threat detection and response technology and services, announced today the addition of several notable individuals as the company scales its global sales and customer support footprint.
Products, Services, and Solutions
New infosec products of the week: August 31, 2018 (Help Net Security) Moogsoft announces Observe expanding its AIOps platform capabilities Moogsoft Observe ingests time-series and metrics data in real-time and applies AI to
What Is AIOps? Introducing SysTrack 8.4 (Lakeside) Few times in a company’s lifetime does a new release introduce truly revolutionary functionality. Today, I am happy to share with you a bit more about our latest release promising just that: SysTrack 8.4.
Lenovo and Pivot3 optimize smart city security (Help Net Security) Lenovo and Pivot3 partner to develop, market and sell a new set of edge computing solutions optimized for mission-critical smart city security.
Vault, QuintessenceLabs and Ziroh Labs to create encryption to secure government data (Help Net Security) Ziroh’s homomorphic encryption, QuintessenceLabs’ quantum key generation and Vault’s protected cloud create a solution for the global security landscape.
Moogsoft announces Observe expanding its AIOps platform capabilities (Help Net Security) Moogsoft Observe gives IT teams observability into customer-impacting problems wherever they occur, across on-premises and cloud environments.
Monnit and Cradlepoint partner to deliver wireless connectivity solutions for IoT (Help Net Security) Monnit’s ALTA wireless sensor adapters integrate with Cradlepoint wireless edge routers to provide wireless sensor-to-cloud connectivity solutions for IoT.
Google releases Tink, a simple, cross-platform cryptography library (9to5Google) As (increasingly frequent) data leaks have proven, encryption is hard, and good encryption can be even harder. Today, Google has announced the first major release of Tink, an open-source, cross-pla…
Experts Call for Transparency Around Google’s Chinese-Made Security Keys (Motherboard) Google's Titan Security Keys, used to lock down accounts, are produced in China. Several experts want more answers on that supply chain process, for fears of tampering or security issues.
Technologies, Techniques, and Standards
Beyond the Firewall - Different Rules for East-West Traffic (CSO Online) Network firewalls were created to block unauthorized content and code from the network while ensuring the unimpeded flow of data packets vital to the operations of the enterprise. But they were designed to intercept external incursion, not prevent security issues inside the network.
Cyber attacks require preventative strategies from companies (Real Business) Cyber attacks are global, what companies can do to protect consumer data and brand confidence is to implement preventative and protective strategies.
Why Your Organization Should Invest in Cybersecurity Insurance (Security Intelligence) Despite the rising cost of a data breach, many organizations still believe they don't need cybersecurity insurance.
Will cyber insurance help with data breach? (AZ Big Media) An amended Arizona law that went into effect in August requires companies to notify consumers affected by a data breach within 45 days of the breach or face up to $500,000 in penalties. Your standard commercial insurance policy is written to ensure against injury or physical loss and will do little, if anything, to protect you from a data breach. So how can cyber insurance protect businesses? Az Business talked with Jennifer Chenault, sales executive for Lovitt!
Three Ways of Looking at Security Operations (SecurityWeek) The greater the partnership between security and operations, the better the chance your organization can deliver software faster and minimize breach damage.
The most important attributes of a cybersecurity platform (CSO Online) A cybersecurity platform should have coverage across major threat vectors, central management, and technologies for prevention, detection, and response in any security platform.
Design and Innovation
Australian security trio aim for unbreakable encrypted data environment (ZDNet) Vault, QuintessenceLabs, and Ziroh Labs have joined forces to build a system for strong encryption of user data for government.
Amazon is quietly doubling down on cryptographic security (TechCrunch) The growth of cloud services — with on-demand access to IT services over the Internet — has become one of the biggest evolutions in enterprise technology, but with it, so has the threat of security breaches and other cybercriminal activity. Now it appears that one of the leading compani…
BehavioSec says behavioral biometrics last line of defence against SIM swap attacks (BiometricUpdate) Behavioral biometrics are “the last line of defense” against SIM swap attacks, in which all text messages, voice calls, and two-factor authentication codes are directed to a new device, according t…
Legislation, Policy, and Regulation
Why the Five Eyes boosted intelligence sharing despite tension (Fifth Domain) America's closest intelligence allies agreed to boost cybersecurity and intelligence sharing despite political tension.
Five Country Ministerial 2018: Official Communiqué (Australian Government Department of Home Affairs) We, the Homeland Security, Public Safety, and Immigration Ministers of Australia, Canada, New Zealand, the United Kingdom, and the United States met on the Gold Coast, Australia, on August 28-29 2018, to discuss how we can better collaborate to meet our common security challenges.
Statement of Principles on Access to Evidence and Encryption (Australian Government Department of Home Affairs) The Governments of the United States, the United Kingdom, Canada, Australia and New Zealand are committed to personal rights and privacy, and support the role of encryption in protecting those rights. Encryption is vital to the digital economy and a secure cyberspace, and to the protection of personal, commercial and government information. However...
UK foreign minister attacks Google over 'child abuse content' (Reuters) British foreign minister Jeremy Hunt accused Google on Thursday of abandoning its moral values by failing to remove child abuse content while launching a version of its search engine in China that will block some websites.
Russia tries more precise technology to block Telegram messenger (Reuters) Russia is experimenting with more precise technology to block individual online services after an attempt to shut down banned messaging service Telegram failed, but Moscow has yet to find a way to shut it down without hitting other traffic.
Russia Is Co-opting Angry Young Men (Defense One) Fight clubs, neo-Nazi soccer hooligans, and motorcycle gangs serve as conduits for the Kremlin’s influence operations in Western countries.
Punishing Putin Just Makes Him Stronger (The Atlantic) Tougher sanctions will only make him double down on antagonizing the West.
Lithuanian Media Sign Pact With Govt to Counter Hackers (SecurityWeek) Lithuania's major online media outlets signed an agreement to share information and strategies with government, while press representatives will be able to attend meetings of the National Cyber Security Council.
This Music Theory Professor Just Showed How Stupid and Broken Copyright Filters Are (Motherboard) Automated takedown systems don’t work, stifle free expression online.
Analysis | The Cybersecurity 202: Why the latest election security bill is stalled in Congress (Washington Post) The Secure Elections Act may still move.
Proposed US law would require President to act against overseas hackers (Naked Security) A US senator has announced a bill that would force the President to punish overseas hackers found targeting the US, or explain why he hadn’t.
Luetkemeyer drafts narrow breach-notice bill focused on financial sector (Inside Cybersecurity) Rep. Blaine Luetkemeyer (R-MO), chairman of a Financial Services subcommittee, is drafting data security and breach notice legislation that would apply only to the financial sector, with an eye toward marking up the measure in September, according to a source close to the panel.
“Gold standard” net neutrality bill in US approved by California Assembly (Ars Technica) State Senate must act on net neutrality today before heading into recess.
Troops beware: New security clearance rules could bite you (Military Times) Questions remain about what triggers a move to revoke the clearance.
Litigation, Investigation, and Law Enforcement
Here's Why The FBI And Mueller Are Investigating "Suspicious" Transactions By Russian Diplomats (BuzzFeed News) The former Russian ambassador received a salary payment twice as large as past years, and bankers blocked a $150,000 withdrawal.
Senator to FTC: You guys really should look at Google one more time (Ars Technica) Meanwhile, President Trump claims Google, other firms are "unfair" to conservatives.
Justice Department Warns It Might Not Be Able to Prosecute Voting Machine Hackers (Motherboard) DoJ says current federal law against hacking doesn't apply to voting machines because they aren't connected to the internet; but this plus a proposed amendment could create a problem for prosecuting hacks of other computers not connected to the internet.
Forcing iPhone unlock violates Fifth Amendment, says Court of Appeals (Naked Security) Police want to unlock the iPhone of a woman who accused a man of rape after it was alleged that she was actually stalking him.
Hacking a Prince, an Emir and a Journalist to Impress a Client (New York Times) The NSO Group, a spyware maker, targeted the phones of powerful figures to show off its product, emails show. It’s now accused of illegal spying in lawsuits.
China Probes Suspected Customer Data Leak at Accor Partner (SecurityWeek) Shanghai police said they were investigating a suspected data leak at NASDAQ-listed Chinese hotelier Huazhu Group, the local partner of France-based AccorHotels.
National security veterans demand answers after candidate's sensitive information released (POLITICO) ‘It was with surprise, anger, and profound disappointment that we recently learned that our government ... violated the trust of one among our ranks,’ they wrote.
Duncan man files class-action lawsuit after cyber attack at Equifax (Vancouver Sun) Daniel Thalheimer was one of thousands of Canadians whose private information was breached following a 2017 cyber attack against Equifax, which provides a credit-monitoring service. He fears he may…
NSA leaker Reality Winner: Russia investigation a ‘little vindicating’ (Austin American Statesman) Former National Security Agency employee Reality Winner, who was sentenced to more than five years i...
NSA leaker thanks Trump for calling her sentence ‘unfair’ (New York Post) The former National Security Agency contractor jailed for leaking top-secret documents on Russia’s efforts to hack the 2016 election thanked President Trump on Thursday for calling her five-year se…
UK to build cyber centre in Kenya ‘to ensure British paedophiles have no place to hide’ (The Independent) Centre will be first of its kind in Africa amid rising number of child abuse cases