Cyber Attacks, Threats, and Vulnerabilities
Security firm: Iran targeting Kurds with spyware (Kurdistan24) The security company Check Point has collected evidence that Iran is using the program in coordinated attacks since 2016.
Russia’s Hacks (The Weekly Standard) Exaggerating the threat from Moscow.
Jaxx Liberty Wallet Users Targeted in Malware Campaign (Flashpoint) A website spoofing the Jaxx cryptocurrency wallet site has been taken down after Flashpoint discovered infections linked to the operation.
Modular Malware Brings Stealthy Attacks to Former Soviet States (Dark Reading) A new malware technique is making phishing attacks harder to spot when they succeed.
New Tsunami/Kaiten Variant: Propagation Status (Akamai) Recent news reports have highlighted the latest evolution of the Mirai botnet code, which is itself an evolution of the Kaiten botnet. The botnet developers have leveraged...
Vizio to send class notices through the TVs that spied on viewers (Naked Security) Millions of smart TVs may soon be forced to admit to viewers that they spied on them, and then sold their data.
Microsoft purges 3,000 tech support scams hiding on TechNet (Naked Security) Microsoft has taken down thousands of ads for tech support scams that infested the company’s TechNet support domain.
Security flaw in ‘nearly all’ modern PCs and Macs exposes encrypted data (TechCrunch) Most modern computers, even devices with disk encryption, are vulnerable to a new attack that can steal sensitive data in a matter of minutes, new research says. In new findings published Wednesday, F-Secure said that none of the existing firmware security measures in every laptop it tested “…
Osiris Banking Trojan Displays Modern Malware Innovation (Threatpost) Osiris’ fundamental makeup positions it in the fore of malware trends, despite being based on old source code that’s been knocking around for years.
Apple Yet to Patch Safari Browser Address Bar Spoofing Flaw (Threatpost) A flaw in Safari - that allows an attacker to spoof websites and trick victims into handing over their credentials - has yet to be patched.
Scan reveals known open source vulnerabilities in popular Android apps (Help Net Security) Widespread use of unpatched open source code in many popular Android apps is causing significant security vulnerabilities.
PowerShell Obfuscation Ups the Ante on Antivirus (Threatpost) The development fits a trend that sees threat actors turning to well-known, commodity malware, overcoming its easy detection with ever-better obfuscation methods.
BlueBorne One Year Later: 2+ Billion Devices Still Exposed (Armis) One year ago, Armis disclosed the airborne attack vector BlueBorne, a set of nine exploitable Bluetooth vulnerabilities that can give an attacker complete control of a device and its data.
Creators of Tools for Building Malicious Office Docs Ditch Old Exploits (Dark Reading) In their place is a collection of new exploits for more recently disclosed - and therefore not likely widely patched - vulnerabilities.
Your Worst Fears Are Realized: Aadhaar Has Been Hacked With Just A Rs 2,500 Software Patch (India Times) Aadhaar has been touted to be the most efficient identification system in the country by the government. As such, they’ve also insisted its security is unbreakable, despite evidence to the contrary. Now, that statement has been proven to be false.
Edinburgh Uni Hit by Major Cyber-Attack (Infosecurity Magazine) Main website still out of action
Cyber Trends
Cybersecurity Report Card Shows Grades Rising for Orgs (Credit Union Times) Five percent more organizations plan to step up security awareness training in the coming year compared to last year.
New Security Research Reveals Password Inadequacy a Top Threat, Need for Multi-Factor Authentication (Markets Insider) WatchGuard® Technologies, a leader in advanced network security solutions, today announced the findings of its Inter...
Phished credentials caused twice as many breaches than malware in the past year (Help Net Security) When asked about the biggest security incident in the last year that resulted in unauthorised access, nearly half reported phishing as the cause.
Threatlist: Email Attacks Surge, Targeting Execs (Threatpost) Overall, the number of email fraud attacks per targeted company rose 25 percent from the previous quarter (to 35 on average) and 85 percent from the year-ago quarter.
Marketplace
Cyber insurance market to double by 2020, says Munich Re (The Bull) The market for insurance against cyber threats will double by 2020 to over 8 billion dollars, German reinsurance giant Munich Re told a conference in Monaco on Sunday.
Bomgar Acquires BeyondTrust (Bomgar) The combined Bomgar – BeyondTrust entity will be a Privileged Access Management (PAM) industry leader from day one. PAM is an ascending sector of the cybersecurity industry, and according to Gartner, a Top 10 Security Project for 2018.
Secure Application Development Company Secure Code Warrior Raises $3.5M (BusinessWire) Secure application development platform provider Secure Code Warrior raises $3.5 million in funding from Paladin Capital Group and Air Tree Venture
Sysdig closes $68.5 million in series D funding (Help Net Security) Sysdig closes $68.5 million in series D funding to enable enterprises to secure and monitor containers and cloud-native applications.
Glasswall Solutions Ltd Closes Strategic Funding Round (Glasswall Solutions) Funding will drive execution of product development and sales initiatives in both the UK and US..
What does Duo Security's sale mean for the Ann Arbor area and its tech industry? (Concentrate) Local entrepreneurs and tech industry insiders see a number of significant positives to the deal, as well as a few potential downsides.
Madison startup leads the way for web scraping (Madison Magaine) Madison could become fertile ground for companies that can make web scraping accessible to non-techies.
Michael Seguinot joins EclecticIQ to drive forward North American Channel Strategy (PRNewswire) EclecticIQ, which empowers cyber defenses with Threat Intelligence, today announced recruitment of Michael Seguinot as North American Channel Manager to further strengthen the company's position in the region. Having worked at a wide range of vendors and organizations.
Products, Services, and Solutions
Enveil Achieves NIAP Common Criteria Certification, Validating Data In Use Technology For Nation-State Level Deployment (GlobeNewswire News Room) Startup Becomes First and Only Data In Use Security Vendor to Complete Rigorous Accreditation Process
BlockSafe releases First Mobile Cryptocurrency Wallet Protection app, CryptoDefender™ (GlobeNewswire News Room) CryptoDefender™ Guards Wallets from Crypto Theft Attacks
Sprint and SoftBank Family Team to Create Curiosity™ IoT (PRNewswire) Curiosity™ Platform leverages SoftBank strengths to build a dedicated, virtualized and distributed core network, paired with a new OS for immediate data intelligence; Arm delivers unmatched security from chip to cloud and superior device/data management; Packet's bare metal servers bring the IoT core network to the edge
Tenable and ServiceNow Enhance Strategic Security Alliance to Reduce Cyber Risk (GlobeNewswire News Room) New integrations deliver common visibility to security and IT operations teams to simplify cyber risk management and reduction
Trustwave Opens One of the World’s Most Advanced Cybersecurity Command Centers (BusinessWire) Trustwave unveils the Trustwave SpiderLabs Fusion Center, a cybersecurity command center that employs pioneering actionable threat intelligence.
Fortinet announces network access control solution for IoT security (BFSI) Cybersecurity software giant Fortinet has announced the launch of FortiNAC, a new network access control product line that delivers network segmentation and automated responses for the Internet of Things (IoT) security.
The strongest cryptocurrency right now is a total joke (Quartz) Dogecoin, the cryptocurrency based on a meme that was launched for laughs, is soaring as the rest of crypto crumbles.
Facebook punishes liberal news site after fact check by right-wing site (Ars Technica) Fact check of article on Brett Kavanaugh's abortion views hinges on word "said."
Technologies, Techniques, and Standards
U.S. Mobile Giants Want to be Your Online Identity (KrebsOnSecurity) The four major U.S. wireless carriers today detailed a new initiative that may soon let Web sites eschew passwords and instead authenticate visitors by leveraging data elements unique to each customer’s phone and mobile subscriber account, such as location, customer reputation, and physical attributes of the device.
Future of Mobile Authentication (AT&T) The four largest U.S. wireless carriers reveal a multi-factor authentication solution at Mobile World Congress Americas 2018.
Bolting on security can have significant unintentional consequences to control systems (Control Global) Bolting on/adding security to legacy control systems may be necessary but it requires a detailed understanding of potential control system interactions which may not be either an IT or OT expertise. Without appropriate understanding, the cure can be worse than the disease.
Defending Against the Mirai Botnet (Radware Blog) It’s important to understand the capabilities of Mirai and other IoT botnets so that your organization can truly comprehend the threat.
How to combat the long lives of zero-day vulnerabilities (Cyberscoop) Nyotron CTO Nir Gaist talks about how to deal with misconceptions around zero day vulnerabilities and what enterprises can do to guard against them.
Cybersecurity ROI Is a Measurable Metric – If You Know What to Measure (Infosecurity Magazine) Determining true cybersecurity ROI involves not only measuring attacks that were mitigated, but also which attacks might have happened.
When It Comes To Cybersecurity Assessment Nothing Beats The Real Thing (Forbes) Organizations need to consistently assess and validate how well their security infrastructure can defend against attacks. Data breach emulation offers a more realistic test than data breach simulation and provides more valid results .
Design and Innovation
A Million Mistakes a Second (Foreign Policy) Ultrafast computing is critical to modern warfare. But it also ensures a lot could go very wrong, very quickly.
All you need to know from the Apple event (TechCrunch) Watches and phones galore! This year apple threw its weight behind their flagship mobile hardware. Hit play to find out everything you need to know. on the Newshow
Hello eSIM: Apple moves the iPhone away from physical SIMs (Ars Technica) eSIMs are physically attached to the iPhone's motherboard, measure just 6mm x 5mm.
Apple Killed TouchID Live In Front of Thousands of Eyewitnesses (Motherboard) RIP TouchID, 2013-2018.
Research and Development
Ideological Transmission - Centre for Research and Evidence on Security Threats (Centre for Research and Evidence on Security Threats) The series focuses on the process by which ideas, beliefs and values are passed on - ideological transmission. You can download all three reports free here.
Finding The Greedy, Prodigal, and Suicidal Contracts at Scale (Arxiv) Smart contracts—stateful executable objects hosted on blockchains like Ethereum—carry billions of dollars worth of coins and cannot be updated once deployed.
Legislation, Policy, and Regulation
Australia’s Actions Against Chinese Firms Ignite 5G Security Debate (Wall Street Journal) The country effectively bans Huawei Technologies and ZTE from its 5G rollout over fears they could be security risks.
US bucks Chinese 5G suppliers for Ericsson, Nokia, and Samsung (Telecom Tech News) AT&T becomes the final operator to announce it will be using 5G equipment from Ericsson, Nokia, and Samsung for its network.
Europe's New Copyright Law Could Change the Web Worldwide (WIRED) Critics say the law, approved by the European Parliament Wednesday, will force site operators to filter content before posting it, diminishing the experience for users.
The EU Can Still Be Saved From Its Internet-Wrecking Copyright Plan (Motherboard) Public pressure, legal challenges could minimize the damage.
Trump signs order authorizing “automatic” sanctions for election interference [Updated] (Ars Technica) Process outlined for triggering sanctions outlined in announcement by Bolton and Coats.
Trump wants to identify election interference within 45 days. Here is how he can do it. (Fifth Domain) President Donald Trump signed an executive order to sanction foreigners who attempt to meddle in the U.S. elections, but attributing cyberattacks in a short period of time can be challenging.
Analysis | The Cybersecurity 202: Lawmakers warn Trump's election interference order does not go nearly far enough (Washington Post) They're considering even harsher sanctions against Russia.
Trump's New Executive Order Slaps a Bandaid on Election Interference Problems (WIRED) Trump’s order creates a framework to sanction foreign meddling in elections, but experts say it’s not enough.
Rounds says President's order on foreign election meddling a good step (KELO Newstalk 1320 107.9) Senator Mike Rounds calls President Donald Trump's executive order to impose sanctions on foreign powers that meddle in United States elections "an important step in the right direction."
Text - S.3336 - 115th Congress (2017-2018): Defending American Security from Kremlin Aggression Act of 2018 (US Congress) To strengthen the North Atlantic Treaty Organization, to combat international cybercrime, and to impose additional sanctions with respect to the Russian Federation, and for other purposes.
S.2785 - 115th Congress (2017-2018): DETER Act (US Congress) This bill amends the Immigration and Nationality Act to make an alien who is seeking to engage in, or has engaged in, improper interference in a U.S. election inadmissible.
Text - S.2313 - 115th Congress (2017-2018): Defending Elections from Threats by Establishing Redlines Act of 2018 (US Congress) To deter foreign interference in United States elections, and for other purposes.
House panel takes up slate of DHS cyber, tech bills (FCW) The House Homeland Security Committee is expected to advance a series of bills that will impact DHS operations and infrastructure.
Ex-NSA chief wishes Trump had pressed Putin on Russian election attacks (CNN) The former Director of the National Security Agency, retired Admiral Mike Rogers, said Tuesday that he thought President Donald Trump should have taken the opportunity to confront Russian President Vladimir Putin publicly in Helsinki, Finland over Russia's election meddling.
Ex-NSA chief says former intel officials taking on Trump 'not helping' (ABC News) The former head of the National Security Agency broke with many of his fellow senior intelligence alumni, arguing that those former officials publicly taking on president
Is the US where it needs to be on cyber? (Fifth Domain) The nation's current cyberspace structures are “suboptimal” and won't generate the necessary outcomes, according to the recently retired director of the National Security Agency and former head of U.S. Cyber Command.
What changes could be ahead for cyberwarriors? (Fifth Domain) After several years of operations, many officials believe the time is ripe for training and team structures to be re-evaluated.
4 Key Takeaways from the 2018 Intelligence and National Security Summit - ClearanceJobs (ClearanceJobs) Last week was the jointly-hosted INSA/AFCEA Intelligence and National Security Summit. Throughout the main sessions and breakouts with a variety of experts, several things stood out as the event's resounding chorus.
10 critical points from Zuckerberg’s epic security manifesto (TechCrunch) Mark Zuckerberg wants you to know he’s trying his damnedest to fix Facebook before it breaks democracy. Tonight he posted a 3,260-word battle plan for fighting election interference. Amidst drilling through Facebook’s strategy and progress, he slips in several notable passages revealing…
Preparing for Elections (Facebook) My focus in 2018 has been addressing the most important issues facing Facebook -- including defending against election interference, better protecting our community from abuse, and making sure people have more control of their information.
Extremism and fragile states (The Washington Times) Last year, Congress asked the U.S. Institute of Peace, a government-funded think tank, to develop “a comprehensive plan to prevent the underlying causes of extremism in fragile states in the Sahel, Horn of Africa, and the Near East.”
In Cyberwar, There are No Rules (Foreign Policy) Only digital Geneva Conventions can head off cyberanarchy and prevent mass disaster.
Big Tech Companies to Appear Before Senate to Discuss Privacy (Wall Street Journal) The Senate Commerce Committee will hold a high-profile hearing on the privacy practices of big tech companies later this month, signaling intensifying government interest in a thorny issue for the industry.
Should government expand its ID proofing role? (FCW) There's momentum in the public and private sectors behind an idea to expand government's role in validating digital identities.
Air Force chief lays out future fight against peer-level adversaries (Air Force Times) If the U.S. can use all domains — land, sea, air, space and cyberspace — to bring capabilities together in ways an enemy could never counter, then it will have achieved
Missouri hosts National Election Security Summit; Ashcroft touts state election systems (Missourinet) A bipartisan group of 25 Secretaries of State and other election officials from across the country are in St. Louis today and tomorrow for the National Election Security Summit. Other attendees include U.S. Department of Homeland Security Secretary Kirstjen Nielsen, DHS officials and the U.S. Election Assistance Commission. The summit’s location sponsor is World Wide …
Ohio eyes creation of statewide team to respond to cyber attacks (The Columbus Dispatch) Armed with keyboards and processors, Ohio’s newest security force may one day deploy not to deal with natural disasters, but rather network
Litigation, Investigation, and Law Enforcement
Before It Was Hacked, Equifax Had a Different Fear: Chinese Spying (Wall Street Journal) The credit-reporting company went to the Federal Bureau of Investigation, which came to view events as potentially a huge theft of commercial data. Then the investigation stalled.
Alibaba’s Ant Financial denies stealing from Equifax (TechCrunch) Ant Financial has denied claims that it covertly raided Equifax — the U.S. credit firm that was hit by a hack last year — to grab information, including code, confidential data and documents to help recruit staff for its own credit scoring service. The Alibaba affiliate, which is valued…
Meet the legal watchdog who’s keeping ZTE in line with US export control laws (South China Morning Post) Former US federal prosecutor is now the most powerful man at ZTE. Here’s all you need to know about the man, his role and what he can do to China’s second-biggest telecoms provider
Committee of inquiry into the cyber attack on SingHealth invites written public submissions for recommendation on better cybersecurity measures (The Online Citizen) The Committee of Inquiry (COI) invites members of the public to submit written representations regarding cybersecurity attacks following the recent SingHealth data breach and those who are interest…
Georgia says switching back to all-paper voting is logistically impossible (Ars Technica) In Curling v. Kemp, both sides are set to duke it out in court on Wednesday.
Europe Moves to Target Money Laundering In Response to Scandals (Wall Street Journal) The European Commission has proposed enhanced powers for the European Banking Authority, while lawmakers also passed a package of new rules.
Russian National Who Operated Kelihos Botnet Pleads Guilty to Fraud, Conspiracy, Computer Crime and Identity Theft Offenses (US Department of Justice) Peter Yuryevich Levashov, aka “Petr Levashov,” “Peter Severa,” “Petr Severa” and “Sergey Astakhov,” 38, of St. Petersburg, Russia, pleaded guilty today in U.S. District Court in Hartford, Connecticut, to offenses stemming from his operation of the Kelihos botnet, which he used to facilitate malicious activities including harvesting login credentials, distributing bulk spam e-mails, and installing ransomware and other malicious software.
Latvian hacker who targeted Star Tribune website visitors sentenced to 33 months in federal prison (Star Tribune) Malware virus planted on Star Tribune website led to international manhunt.
Bad OpSec led to the downfall of teenage DDoS-for-hire group leader (CSO Online) A UK teenager and leader of a DDoS-for-hire group pleaded guilty to three counts of making fake bomb threats that affected thousands of students and resulted in the grounding of a United Airlines flight.
Reddit Bans the Subreddit Responsible for Mainstreaming 'QAnon' Conspiracy Theories (Motherboard) r/GreatAwakening was banned for harassment and doxxing.
‘Poisoned’ Pussy Riot member critically ill in hospital (Times) A member of the anti-Kremlin protest group Pussy Riot has been taken to hospital in Moscow in a critical condition after a suspected poisoning. Pyotr Verzilov, one of the four Pussy Riot members...
You shall not go to the ball, Russians are told (TImes) Russian debutantes have paid the price for a breakdown in relations between Britain and Moscow after their annual ball in London was cancelled because wealthy visitors cannot get visas. The Russian...