Cyber Attacks, Threats, and Vulnerabilities
Cyber attack led to airport blank screens (BBC News) Bristol Airport says a "ransomware"-style attack prompted it to take screens offline for two days.
Bristol Airport blames cyber attack for taking departure boards offline for two days (The Telegraph) Bristol Airport has blamed a "speculative" cyber attack for causing flight information screens to fail for two days.
Iranian hackers selling stolen academic research from top British universities online (The Telegraph) Millions of documents, including sensitive research on nuclear power plants and cybersecurity defence, have been stolen from top British universities by Iranian hackers, the Telegraph can reveal.
OilRig APT Continues Its Ongoing Malware Evolution (Threatpost) The Iran-linked APT appears to be in a state of continuous tool development, analogous to the DevOps efforts seen in the legitimate software world.
Tech’s New Problem: North Korea (Wall Street Journal) Hiding behind fake profiles on Facebook and LinkedIn, a group linked to Pyongyang solicited information-technology work, then stiffed its subcontractors, a WSJ investigation shows. The technique, replicated more widely, could be bringing millions of dollars in hard currency to the country.
Windows Systems Vulnerable to FragmentSmack, 90s-Like DoS Bug (BleepingComputer) Microsoft released a security advisory about a denial-of-service vulnerability that could render multiple versions of Windows completely unresponsive and has no mitigation factors, the company says.
Kodi add-ons responsible for cryptomining campaign (WeLiveSecurity) ESET researchers have discovered several Kodi add-ons are being used to distribute Linux and Windows cryptocurrency-mining malware.
Cryptocurrency mining attacks using leaked NSA hacking tools are still highly active a year later (TechCrunch) It’s been over a year since highly classified exploits built by the National Security Agency were stolen and published online. One of the tools, dubbed EternalBlue, can covertly break into almost any Windows machine around the world. It didn’t take long for hackers to start using the ex…
EternalBlue Infections Persist (Dark Reading) Indonesia, Taiwan, Vietnam, Thailand, Egypt, Russia, China, among the top 10 nations with the most machines infected with the exploit.
How does the SynAck ransomware use Process Doppelgänging? (SearchSecurity) SynAck ransomware uses the Process Doppelgänging technique to circumvent security software. Learn more about how this tactic fools software systems and how to prevent it.
New Brrr Dharma Ransomware Variant Released (BleepingComputer) A new variant of the Dharma Ransomware was released this week that appends the .brrr extension to encrypted files. This variant was first discovered by Jakub Kroustek who tweeted a link to the sample on VirusTotal.
How Ryuk Ransomware Targets AV Solutions, Not Just Your Files (Security Boulevard) Could malware disable or cripple your endpoint protection? This recent ransomware attack is definitely trying. Watch a demo
Kraken Cryptor Ransomware Masquerading as SuperAntiSpyware Security Program (BleepingComputer) The Kraken Ransomware is a newer ransomware that was released in August 2018. A new version, called Kraken 1.5, was recently released that is masquerading as the legitimate SuperAntiSpyware anti-malware program in order to trick users into installing it.
Unpatched systems at big companies continue to fall to WannaMine worm (Ars Technica) Using the same exploit as WannaCry and some known tools, the Monero mining worm continues.
Microsoft Office Macros Still No. 1 Malware Delivery (Infosecurity Magazine) Phishing attacks remain successful by leveraging macros.
Household appliance brand totally SHUTS DOWN following ‘targeted HACK’ (Express) A POPULAR Italian appliance brand revealed it was forced to “totally shut down systems” to safeguard customers after a “targeted hack”.
Companies Wary of Cyberattacks, Phishing During Hurricanes (Wall Street Journal) Hurricane Florence could make companies vulnerable to cyberattacks as firms race to protect computer systems and networks ahead of the storm expected to hit the Southeast U.S. Friday, cybersecurity experts say.
10 Biggest Things Businesses Don't Get About Cryptomining (CRN) Cryptomining activity has increased by 141 percent year-over-year thus far in 2018. Here's a look at ten of the biggest risks associated with cryptomining that companies are still failing to grasp.
Cold-Boot Attack Steals Passwords In Under Two Minutes (BleepingComputer) Relying on computer memory's remanence behavior, security researchers figured out a way to extract sensitive data from RAM, such as encryption keys, even after the loss of power.
Keys schools computer system hacked (Florida Keys News) The Monroe County School District has been forced to shut down its computer system for nearly three days due to a cyberattack through ransomware called GandCrab.
Vet chain in cyber attack (Gisborne Herald) It is back to pens and paper at VetEnt in Gladstone Road,...
FBI Warns Educators and Parents About Edtech’s Cybersecurity Risks (EdSurge) The FBI has released a public service announcement warning educators and parents that edtech can create cybersecurity risks for students.Specifically, ...
Education Department warns that students on financial aid are being targeted in phishing attacks (Washington Post) The agency warned that attackers may be refining a scheme to redirect federal student aid money to private bank accounts, preparing for times when large volumes of aid are disseminated, and said the phishing attempt is a serious threat.
This new phishing attack uses an old trick to steal passwords and credit card details (ZDNet) The tax office isn't offering you a refund via email, sorry.
Edinburgh Uni Hit by Major Cyber-Attack (Infosecurity Magazine) Main website still out of action
UK Universities Face Growing DDoS Threat (Infosecurity Magazine) UK Universities Face Growing DDoS Threat. Students blamed for many attacks
How to crash and restart an iPhone with a CSS-based web attack (HOTforSecurity) A security researcher has revealed a method of crashing and restarting iPhones and iPads, with just a few lines of code that could be added to any webpage. Sabri Haddouche tweeted a link to webpage containing his 15-line proof-of-concept attack, which exploits... #applesafari #csswebattack #iphone
New Android Botnet Pops Up on Malware-as-a-Service Market (Security Boulevard) Security researchers have discovered a new Android botnet toolkit that's being developed as a malware-as-a-service (MaaS) offering for other Security researchers have discovered a new Android botnet toolkit that's being developed as a malware-as-a-service (MaaS) offering for other cybercriminals.
Evolution of the Cybercrime-as-a-Service Epidemic (Infosecurity Magazine) Over the past few years, the as-a-service model has both broadened and deepened the overall cybercrime threat.
How a Cyber Attack Could Cause the Next Financial Crisis (Harvard Business Review) Here’s what we need to do to prepare.
A history of the next 10 years in banking (Quartz) Through an unlikely series of cosmic events, Quartz obtained a dispatch from Sept. 15, 2028, describing the conditions on the 20th anniversary of Lehman's collapse.
US lawmakers say AI deepfakes ‘have the potential to disrupt every facet of our society’ (The Verge) Deepfakes could be used for blackmail, misinformation, and more
KnowBe4 Observes Increase in CEO Fraud (PRNewswire) Bad guys are now requesting personal cell phone numbers of employees
Cyber Trends
Workers across EMEA showing security fatigue, says experts (AMEInfo) Despite being fully aware of security risks following the introduction of high-profile legislation like GDPR, workers in Europe, Middle East
Military, Government Users Just as Bad About Password Hygiene as Civilians (Dark Reading) New report comes out just as group of US senators chastise Secretary of State Mike Pompeo for not using multifactor authentication.
From the bookshelf: ‘The perfect weapon’ (The Strategist) The new cold war is being fought in cyberspace on a continuing basis and with ever more sophisticated technologies. The Western powers, principally the United States and its allies, confront growing intrusions from adversaries ranging ...
Vulnerability Disclosure Not A Priority for 93 Percent of Forbes Global 2000 (Computer Business Review) Financial services and insurance companies pay only one third of the average bounty for reporting a bug in software...Vulnerability Disclosure
Your gardener wants access to your house safe (CSO Online) What we would balk at in the real world, we give with impunity in our digital universe.
Marketplace
Data breaches make companies underperform the market in the long run (Help Net Security) While the share prices of companies that experienced a data breach suffer just a temporary hit, in the long term the companies underperformed the market.
Have we arrived at a public cloud duopoly? (Computing) The two IaaS/PaaS leaders are pulling away from the rest
12 Cybersecurity Vendors Named In The Forbes Cloud 100 List (Best Endpoint Security Protection Software and Vendors) The Forbes Cloud 100 recognizes the ways cloud computing and cloud architecture is radically transforming business processes and communication.
Adobe and Microsoft are using A.I. to create a 'brand new category and industry,' Adobe CEO says (CNBC) Together with Microsoft, Adobe is leveraging artificial intelligence to push deeper into customer relationship management and create a "brand-new category in industry," Adobe CEO Shantanu Narayen told CNBC on Friday.
Microsoft Acquires Another AI Company, Lobe (PCMAG) Founded in 2015, Lobe makes an AI tool that lets developers build custom deep learning models for their apps without having to write code. The team plans to continue developing Lobe as a standalone service for multiple platforms.
Maryland just opened up a tax credit for cybersecurity investors (Technical.ly Baltimore) A change in the incentive for investors in the state's cybersecurity companies was passed in Annapolis this year. The law also includes a unique tax credit for small businesses who buy local.
Here's Why SAIC Is Spending $2.5 Billion to Expand Its Government IT Business (The Motley Fool) Merger mania continues in the government services sector. Who are the winners and losers from all the dealmaking?
Three things to watch in SAIC-Engility combo (Washington Technology) SAIC's planned acquisition of Engility hasn't been greeted as a barn-burner in the market yet. But maybe that's not such as bad thing as both companies try to move beyond their legacies.
VetsinTech Receives $1 Million Grant from Craig Newmark Philanthropies to Bolster Cybersecurity Program for Veterans (Virginian-Pilot) Today, VetsinTech announced a $1 million grant from Craig Newmark, founder of craigslist and Craig Newmark Philanthropies, to support the organization's commitment to helping
IT Security: Bomgar to Become BeyondTrust (Security Boulevard) Bomgar announced its intent to acquire BeyondTrust, with the combined IT security entity being known as BeyondTrust. Terms of the deal were not disclosed. Bomgar announced its intent to acquire BeyondTrust, with the combined IT security entity being known as BeyondTrust.
Products, Services, and Solutions
Zscaler Achieves AWS Security Competency Status for Zero Trust (Odessa American) Zscaler, Inc., the leader in cloud security, today announced that Zscaler Private Access™ (ZPA™) is the first zero trust architecture to achieve Amazon Web Service (AWS) Security Competency status.
Exabeam adds updated case management module to flagship analytics (Intelligent CIO Middle East) Exabeam, the next-gen security management company, has announced the addition of case management functionality into Exabeam Advanced Analytics and Exabeam Entity Analytics, its market-leading user and entity behaviour analytics (UEBA) solutions. The case management offering helps security teams organise and streamline their response efforts to boost security operation centre (SOC) productivity. Exabeam Case Management is […]
Technologies, Techniques, and Standards
Will The Latest IBM Proposal For Supplier’s Declaration Improve Transparency in AI Algorithms? (Analytics India Magazine) Deep learning has had enormous impact on the fields of computer vision, natural language and many other fields. But deep learning models have also been plagued with unexplainability and lack of transparency. The black box nature of DL models is the chief cause for non-interpretability. Now, to overcome these shortcomings, researchers are focusing on ‘Explainable AI’ wherein scientists can understand DL models and trace how the output was achieved. So far, DL models have achieved near human accuracy in image recognition, but through brute force techniques wherein they are fed terabytes of data.
Businesses Urged Not To Pay Cyberattackers (PYMNTS.com) Small business owners are making a grave mistake if they assume their firms are not a prime target for cyberattackers. Not only are small and medium-sized businesses (SMBs) a prime target, but such an attack can be detrimental to a small company without the resources to combat a security threat. Nearly half of the small […]
Securing Mass Transit Railway Systems (Mass Transit) By putting in the necessary time and effort to prepare and implement a robust cybersecurity strategy, railway operators can not only avoid potential loss of revenue but also enhance their reputation as a reliable provider of hassle-free, on-time service.
Is hiring a hacker ever a good idea? (ZDNet) People often talk about a skills shortage in cyber security - could hiring those with a murky past be the answer? Or is it too risky?
What is card-on-file EMV payment tokenization? (Rambus) The way we pay is changing. Consumers are now using their PC, smartphones, wearable devices and even cars to buy goods and services. The size and value of the card-not-present (CNP) market is increasing exponentially as payment use-cases across e-commerce, m-commerce and the Internet of Things (IoT) emerge and mature. What is card-on-file? The process …
Break out of malware myopia by focusing on the fundamentals (Help Net Security) The ability to understand and prioritize cyber hygiene provides a statistically derived understanding that works as an antidote for malware myopia.
Data privacy automation: Unlock your most valuable asset (Help Net Security) Demand for data privacy automation is here. Manual processes cannot keep pace with the demands of modern privacy regulations.
8 critical safety tips for safer online banking (Security Boulevard) Prevent digital attacks and protect your hard-earned dollars with these 8 critical safety tips for safer online banking. The post 8 critical safety tips for safer online banking appeared first on Emsisoft | Security Blog.
Design and Innovation
Launching the cybersecurity moonshot (Fifth Domain) The United States is reliant on digitally-connected technologies that are fundamental to our national security, public safety, and economic prosperity. Our nation’s ability to protect and enhance the cybersecurity is a national imperative.
Voldemort, Alex Jones, and my Facebook account (Skating on Stilts) For those who've been waiting (and maybe hoping) that I'd be suspended from Facebook after I linked to infowars.com, we have an answer. I began the experiment when a guy named Brandon Straka, leader of the conservative #WalkAway initiative, announced that he had been given a 30-day account suspension for linking from Facebook to his upcoming interview on infowars.
Army looks to build stronger tactical cyber teams (Fifth Domain) How is the Army planning on developing forces and capabilities to conduct tactical cyber operations?
Research and Development
Entanglement allows one party to control measurement results (Ars Technica) Alice controls Bob via quantum measurements. Bob can't reciprocate.
Researchers Discover a Pattern to the Seemingly Random Distribution of Prime Numbers (Motherboard) The pattern has a surprising similarity to the one seen in atom distribution in crystals.
Why does access to the internet go out? DHS wants to know (Fifth Domain) The Department of Homeland Security announced funding to boost attribution into cyberattacks and internet cuts as the Trump administration has placed a greater effort to name hackers.
Academia
University Cyber Attacks Down To Students, Staff (Silicon UK) Inside job? Cyber criminals not responsible for hacks of universities and colleges, study suggests
Legislation, Policy, and Regulation
E.U.: Tech Giants Face Big Fines, 1 Hour Limit to Remove Extremist Content (Threatpost) The rules would apply to all hosting service providers offering services in the E.U., regardless of size, even if they’re not based there.
Preparing for the next European Union Directive: EU NIS (Infosecurity Magazine) GDPR concerns every industry that handles data; EU NIS has a much more refined scope as it applies only to critical infrastructure.
India excludes Huawei and ZTE from 5G trials (Korea Times) India has excluded Huawei and ZTE from participating in trials to speed up 5G technology in the country amid security concerns surrounding the Chinese telecoms equipment providers. Local media reported Friday that the Department of Telecommunications has asked Samsung, Cisco, Ericsson and Nokia to be project partners for the trials.
India’s ban on Huawei, ZTE to ‘please US’ will be opposed by local telecoms operators: experts (Global Times) India's exclusion of Chinese telecom equipment companies from 5G trials will eventually hurt its own telecoms industry and is a move that follows the US in terms of politicizing business deals, experts said on Sunday.
Nations Must Approach Cybersecurity with the "Intensity Once Reserved for Their National Security," Unisys Chairman and CEO Peter Altabef to Tell International Cybersecurity Experts (Business Insider) Cybersecurity and national security are aggressively converging, resulting in an 'imperative' for nations...
With A Stroke Of a Pen The U.S. Brings Cyberwarfare Closer to Home (International Policy Digest) President Donald Trump's decision to repeal Presidential Policy Directive 20 could cause a significant increase in cybercrimes and potentially cyberwarfare.
Federal SPF and DMARC Adoption Up More Than 30 Percent Points Leading Up to BOD 18-01 Deadline (Proofpoint) The one-year mark for BOD 18-01 is quickly approaching, with about a month to go until the October 16, 2018 compliance deadline. A significant portion of the mandate set forth by the Department of Homeland Security (DHS) requires civilian federal agencies to implement DMARC and SPF email authentication protocols on all domains.
Analysis | The Cybersecurity 202: California's Internet of Things cybersecurity bill could lay groundwork for federal action (Washington Post) The state is a leader in tech policy.
How hackers could attack Wisconsin’s elections and what state officials are doing about it (WisconsinWatch.org) Cybersecurity experts warn that private vendors, modems and removable memory devices make the state’s decentralized voting system vulnerable to attack
How Secure are our Voting Systems for November 2018? (Dark Reading) Anomali CEO Hugh Njemanze discusses the importance of sharing threat intelligence across the country's highly decentralized voting systems to safeguard the integrity of upcoming elections.
Cybersecurity Is Only 1 Part of Election Security (Dark Reading) Protecting the 2018 election cycle means fixing the information infrastructure.
Litigation, Investigation, and Law Enforcement
North Korea Claims US Indictment is Vicious Smear (Infosecurity Magazine) North Korea Claims US Indictment is Vicious Smear. Alleged hacker is “non-entity” says Pyongyang
FBI Director Christopher Wray says China is agency's top counterintelligence priority (CBS News) Christopher Wray tells "CBS This Morning" co-host Norah O'Donnell that one of China's targets is "something that I think most Americans don't understand"
Dutch ousted Russians for alleged attempt to hack Swiss lab (AP News) Dutch authorities arrested and expelled two suspected Russian spies months ago for allegedly trying to hack a Swiss laboratory that conducts chemical weapons tests,
Analysis | How badly did Russia’s interview with the Skripal poisoning suspects backfire? (Washington Post) We measured the response — and it was harsh.
Skripal Poisoning Suspect's Passport Data Shows Link to Security Services (Bellingcat) Read The Insider Russian report on this same topic here. An ongoing Bellingcat investigation conducted jointly with The Insider Russia has confirmed through uncovered passport data that the two Russian nationals identified by UK authorities as prime suspects in the Novichok poisonings on British soil are linked to Russian security services. This finding directly contradicts...
Beijing accuses Taiwan of blackmailing students into spying for it (South China Morning Post) More than 100 cases cracked by Thunderbolt 2018 Crackdown, state broadcaster CCTV says
U.S. Probes Danske Bank Over Russian Money Laundering Allegations (Wall Street Journal) U.S. law enforcement agencies are probing Denmark’s largest bank over allegations of massive money laundering flows from Russia and former Soviet states, according to a person familiar with the matter.
Analysis | A fresh look back at 2016 finds America with an identity crisis (Washington Post) Authors point to issues of race, religion, gender and ethnicity, not economic anxiety, as the factors that brought President Trump to the White House.
In the Russia Probe, It’s ‘Qui S’excuse S’accuse’ (National Review) The FBI strained to make a case on Donald Trump even as they were burying a daunting criminal case on Mrs. Clinton.
Police hit Australian immigration centre over alleged AU$3m business email scam (ZDNet) NSW Police allege a 43-year-old Nigerian man was coordinating a AU$3 million business email compromise scam from within an Australian immigration detention centre.
Andrew Murray: Ukraine bans Corbyn ally over national security (Times) One of Jeremy Corbyn’s closest advisers has been banned from entering Ukraine on national security grounds. Andrew Murray, a former communist who also works for the trade union Unite, has been...
Army Wrongly Ignored Palantir In $206M Deal, Fed. Circ. Says (Law360) The U.S. Army’s decision to shut data analytics firm Palantir Technologies out of a $206 million intelligence system procurement violated a statute requiring federal agencies to give preference to commercial companies in contracting whenever possible, the Federal Circuit ruled, putting teeth into the largely untested law.
Kaspersky Faces Tough Questions at Appeals Court (Nextgov.com) The Russian anti-virus software company faces what could be its last chance to make its case against a U.S. governmentwide ban.
Sorry, Sony Music, you don’t own the rights to Bach’s music on Facebook (Ars Technica) Public shaming forces publisher to abandon ridiculous claim to classical music.
Equifax report uncovers unencrypted usernames and passwords and security equipment that wasn't working (Computing) Official report into Equifax breach reveals dysfunctional IT department that didn't even know how much data had been stolen
Fake-cryptocurrency Ponzi scheme lands creator in prison (Ars Technica) Josh Garza said his company began with noble intentions, but it "turned into greed."
