Cyber Attacks, Threats, and Vulnerabilities
Hackers selling research phished from universities on WhatsApp (Naked Security) Millions of documents have been stolen from top UK universities and are being sold over WhatsApp for as little as £2.
Tunneling Under the Sands (Arbor Networks Threat Intelligence) Executive Summary ASERT recently came across spear-phishing emails targeting the Office of the First Deputy Prime Minister of Bahrain. A similar campaign uncovered by Palo Alto’s Unit 42 found the activity distributing an updated variant of BONDUPDATER, a PowerShell-based Trojan, which they attribute to Iranian APT
Cyber Sleuths Find Traces of Infamous iPhone and Android Spyware ‘Pegasus’ in 45 Countries (Motherboard) A new report by digital human rights researchers reveals that the infamous spyware Pegasus, made by NSO Group, has traces in 45 countries around the world, including the United States.
HIDE AND SEEK: Tracking NSO Group’s Pegasus Spyware to Operations in 45 Countries (The Citizen Lab) In this post, we develop new Internet scanning techniques to identify 45 countries in which operators of NSO Group’s Pegasus spyware may be conducting operations.
Mattis condemns Russian influence-peddling in Macedonia (Military Times) U.S. plans to expand its cooperation with Macedonia, defense secretary says.
State Department email breach exposed employees' personal information (POLITICO) The department has convened a task force to examine the breach.
Tenable Research Discovers “Peekaboo” Zero-Day Vulnerability in Global Video Surveillance Software (Tenable™) The vulnerability, which could affect up to hundreds of thousands of cameras worldwide, would allow cybercriminals to view and tamper with video surveillance footage
Wielding EternalBlue, Hackers Hit Major US Business (BankInfo Security) Attack code known as EternalBlue, designed to exploit a Windows SMB flaw, continues to work for attackers despite Microsoft having issued patches more than a year
Why the 'fixed' Windows EternalBlue exploit won't die (ZDNet) Cryptojacking, endless infection loops, and more are ensuring that the leaked NSA tool continues to disrupt the enterprise worldwide.
Old WordPress Plugin Being Exploited in RCE Attacks (Threatpost) Old instances of the popular WordPress Duplicator Plugin are leaving sites open to remote code execution attacks.
New Xbash Malware a Cocktail of Malicious Functions (Dark Reading) The new malware tool targeting Windows and Linux systems combines cryptomining, ransomware, botnet, and self-propagation capabilities.
Zero-Day Bug Allows Hackers to Access CCTV Surveillance Cameras (Threatpost) Firmware used in up to 800,000 CCTV cameras open to attack thanks to buffer overflow zero-day bug.
GovPayNow.com Leaks 14M+ Records (KrebsOnSecurity) Government Payment Service Inc. — a company used by thousands of U.S. state and local governments to accept online payments for everything from traffic citations and licensing fees to bail payments and court-ordered fines — has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone numbers and the last four digits of the payer’s credit card.
RDP Access to Hacked Servers Still a Thriving Business on Deep & Dark Web (Flashpoint) Deep & Dark Web markets selling remote desktop protocol (RDP) access to hacked servers or tools that scan for and brute-force these instances continue to thrive for a number of reasons.
State Actor Cyber Reports Overshadow the Extensive Threat of Cyber Crime (CyberDB) There has been recent focus on alleged Iran cyber activity the past few weeks, spurned on by the publication of a vendor report on Iranian operations.
Cyber criminals try swiping email logins and bank data in single HRMC phishing scam (IT PRO) The hackers ask for every piece of your personal data including name, address, mother's maiden name bank and card details
Data centers have been damaged and they are not being adequately cyber secured (Control Global) The common thread between Aurora and the UPS attacks are that systems that were designed to protect mission critical systems have been co-opted to be used as attack vectors against the very systems they were meant to protect...
Hardware Security Revisited (Infosecurity Magazine) Hardware is no less vulnerable to attack than any other system because hardware is an often overlooked piece of the security puzzle.
Security Patches, Mitigations, and Software Updates
Safari & Firefox browser to block user data tracking with new security add-ons (HackRead) Follow us on Twitter @HackRead
Cyber Trends
Awareness and tendency towards risky online behavior (Help Net Security) Spanning Cloud Apps announced the results of a survey of U.S. employees on their awareness of and tendency towards risky online behavior.
Analysis | The Cybersecurity 202: A new poll shows voter views on election security largely line up with experts' positions (Washington Post) It's an encouraging snapshot ahead of the midterms.
Hackers as Heroes: How Ethical Hacking is Changing the Industry (Infosecurity Magazine) Hackers are often portrayed in movies as outsiders who use their computer skills to inflict harm and commit crime.
Marketplace
Insurance experts expect higher cyber-related losses (Help Net Security) Insurance companies are expecting increased cyber-related losses across all business lines over the next 12-months, according to Willis Towers Watson.
Facebook Broadens Its Bug Bounty to Help Fix Third-Party Apps (WIRED) Starting Monday, Facebook will pay at least $500 to researchers who spot third-party apps behaving badly on its platform.
SCYTHE Secures $3 Million in Initial Financing Round Led by Gula Tech Adventures (BusinessWire) Advanced attack simulation platform provider SCYTHE Inc. announced today that the company has raised an initial $3 million led by Gula Tech Adventures
Deloitte to Help Fuel Innovation in Government Through New Collaboration With Dcode (PRNewswire) Deloitte to assist with Dcode's growth of startup ecosystem, focus on information security and new space cohort
Can Senseon beat Darktrace at its own game? (ComputerworldUK) A breakaway company from British cyber security darlings Darktrace called Senseon claims it is plugging a gap in the infosec market that's sorely lacking
Products, Services, and Solutions
Covata Announces General Availability of SafeShare for ITAR (BusinessWire) Covata Limited, a data-centric security provider for on-premises and cloud unstructured data, today announced the general availability of SafeShare fo
CrowdStrike and Secureworks Form Strategic Partnership to Integrate Secureworks’ Red Cloak™ Behavioral Analytics with CrowdStrike’s Endpoint Protection Platform (BusinessWire) CrowdStrike® Inc. and Secureworks® partner to bring a new level of advanced endpoint threat detection and response to the marketplace.
5nine Announces Major Platform Enhancements to Help Microsoft Hybrid Cloud Users Strengthen Their Cloud Infrastructure (PRWeb) 5nine a provider of security and management solutions for the Microsoft Cloud, today announced major enhancements to its 5nine Unified platform, t
F-Secure TOTAL Expands to Protect You, Your Devices and Your Home (Global Security Mag Online) The era of protecting everything that goes online is here. F-Secure TOTAL has been expanded to provide premium cyber security to anyone who uses the internet, their devices and their homes.
InfoSec Global and WolfSSL Collaborate to Deliver the Industries first Quantum Safe, Agile TLS solution for IoT (Markets Insider) InfoSec Global (ISG) and WolfSSL today announced a collaboration that delivers ISG's crypto agility in WolfSSL ...
Quest enhances KACE SMA to meet demands of endpoint environments (Help Net Security) Quest Software KACE SMA 9.0 makes it easier for IT administrators to manage network-attached devices - from PCs, printers to IoT and mobile devices.
Cryptomathic supports Deutsche Post Qualified Electronic Signatures (Global Security Mag Online) Deutsche Post has entered the era of end-to-end digitalization by extending its Postident digital identity management services with Qualified Electronic Signatures (QES), enabling their clients to conduct all their business entirely online, with enhanced security and privacy and in full compliance with the eIDAS regulation.
Ava Group Company Solution Protects Major Military Closed Data Network From Threat Of Tampering And Tapping (Security Informed) Ava Group a provider of risk management services and technologies, announces that an Ava Group Company solution has been selected to protect a major military closed data network from the threat of...
Free Cyber Security Course Offered To Sudbury Residents (Sudbury, MA Patch) All Sudbury residents are welcome, and encouraged, to take this free cyber security class.
Cloudflare’s new ‘one-click’ DNSSEC setup will make it far more difficult to spoof websites (TechCrunch) Bad news first: the internet is broken for a while. The good news is that Cloudflare thinks it can make it slightly less broken. With “the click of one button,” the networking giant said Tuesday, its users can now switch on DNSSEC in their dashboard. In doing so, Cloudflare hopes it rem…
Bandura Receives First-Class Rating from SC Magazine (BusinessWire) Bandura was awarded 4.75 out of 5 stars by SC Magazine’s lab team during an independent review.
Technologies, Techniques, and Standards
Symantec offers free anti-spoofing services to US political campaigns and election groups (TechCrunch) Symantec is the latest private security company to offer its expertise to vulnerable political targets on the house. Today the company announced that it would extend its “Project Dolphin” service (dolphins eat phish, get it?) to political campaigns, candidates and election officials, al…
Subverting Democracy: How Cyber Attackers Try to Hack the Vote (Symantec) Everything you need to know about APT28 and APT29, the attackers that attempted to influence the U.S. presidential election.
Data Firms Team up to Prevent the Next Cambridge Analytica Scandal (WIRED) A new working group of Republican and Democratic firms is writing rules for their industry amid mounting scrutiny and consumer privacy concerns.
How to create a Hall of Fame caliber cybersecurity playbook (Help Net Security) SOC teams need to have something tangible they can consult based on available information. So, what exactly goes into the ideal cybersecurity playbook?
Five computer security questions you must be able to answer right now (ZDNet) If you can't answer these basic questions, your security could be at risk.
You cannot keep ahead of future attacks without machine-speed response times, says Splunk (iT Wire) Automated responses to attacks on IT systems are the only way to stay ahead of those with malicious intentions, according to a senior official from&nb...
Using Certificate Transparency as an Attack / Defense Tool (SANS Internet Storm Center) Certificate Transparency is a program that we've all heard about, but might not have had direct contact with.
Design and Innovation
Don't Trust Artificial Intelligence? Time To Open The AI 'Black Box' (Forbes) Despite its promise, the growing field of Artificial Intelligence (AI) is experiencing a variety of growing pains. In addition to the problem of bias, there is also the ‘black box’ problem: if people don’t know how AI comes up with its decisions, they won’t trust it.
A.I. May Have Written This Article. But Is That Such a Bad Thing? (Forbes) Imagine how productive Woodward and Bernstein might have been if only they had robots to write their articles for the The Washington Post. With a little A.I. on their side, they might have taken down Nixon in days instead of years.
Cybersecurity decisions that can’t be automated (CSO Online) Encourage those inside and outside your team to identify and challenge daily assumptions in order to adapt to change, think differently and make smarter, faster security related decisions.
Research and Development
Congress’s Quantum Science Bill May Not Keep the US Military Ahead of China (Defense One) China aims to “leapfrog” US military in 10 years with unhackable computers and stealth-defeating radar.
Cryptocurrency researchers ask for XMR donations to secure Monero wallets (Hard Fork | The Next Web) Researchers are seeking $9,000 per month, each, in order to continue assisting in making critical developments to the Monero blockchain.
Legislation, Policy, and Regulation
China cries foul over move to block Huawei (The Australian) A leading Chinese academic has accused Canberra of violating the Law of the Sea treaty when it moved to block Chinese telecommunications company Huawei from building an undersea cable from the Solomon Islands to Australia.
Rogue states which hack into rival governments must be hauled before global courts, Lib Dems demand (The Sun) Rogue states who launch cyber attacks must face sanctions under new international laws, a senior Lib Dem has revealed. A global treaty must be set up to limit new technology such as modern warfare,…
Trump Eases Cyber Ops, But Safeguards Remain: Joint Staff (Breaking Defense) Fast doesn’t meant out of control. Brig. Gen. Grynkewich took pains to emphasize that civilian oversight remains intact and the Pentagon’s role will be rigorously defined under the new National Security Presidential Memorandum NSPM-13.
New cyber authority could make ‘all the difference in the world’ (Fifth Domain) Under a new policy, known as National Security Presidential Memorandum 13, the president can delegate certain cyber authorities to the Secretary of Defense for particular missions.
Think Tank: Urgent Oversight Needed for Police AI Use (Infosecurity Magazine) Think Tank: Urgent Oversight Needed for Police AI Use. RUSI says regulatory framework is essential
Litigation, Investigation, and Law Enforcement
Deterrence or waste of time? Experts at odds over DOJ's actions on North Korea - CyberScoop (Cyberscoop) There's a rift among legal and cybersecurity experts over the way in which government handled the recent complaint against North Korea.
You Didn’t Think the Sony Saga Was Over, Did You? (Risk Based Security) On November 24th, 2014 a Reddit post appeared stating that Sony Pictures had been breached and that their complete internal network, nationwide, had signs that the breach was carried out by a group calling themselves GOP, or The Guardians Of Peace.
Smirking Russians are now the butt of the joke (Times) Ah, the theories. The theories and the jokes. Last week, as you’ll know, the two Russian suspects accused of seeking to murder the former spy Sergei Skripal did a bizarre, hilarious interview on...
Judge to Georgia voting officials: You’re terrible at digital security (Ars Technica) "Advanced persistent threats… and ordinary hacking are unfortunately here to stay."
Altaba to settle lawsuits relating to Yahoo data breach for $47 million (TechCrunch) Altaba, the holding company of what Verizon left behind after its acquisition of Yahoo, said it has settled three ongoing legal cases relating to Yahoo’s previously disclosed data breaches. In a Monday filing with the Securities and Exchange Commission, the former web giant turned investment …
Why Russians Keep Visiting Mariia Butina in Prison (POLITICO Magazine) Take it from this former spook: It ain’t because they’re concerned about her well-being.
Lisa Page testimony: Collusion still unproven by time of Mueller's special counsel appointment (Fox News) More than nine months after the FBI opened its highly classified counterintelligence investigation into alleged coordination between the Trump campaign and Russia, FBI lawyer Lisa Page told a House committee that investigators still could not say whether there was collusion, according to a transcript of her recent closed-door deposition reviewed by Fox News.
NSA Must Give Up Info In Olympics Spy Suit, Attendees Say (Law360) A group of 2002 Winter Olympics attendees who claim they were spied on by the U.S. National Security Agency asked a Utah federal court to compel the agency to respond to their discovery requests, saying the NSA is hiding behind invalid state secret objections.
Government Can Spy on Journalists in the U.S. Using Invasive Foreign Intelligence Process (The Intercept) Newly released documents illuminate the little-known use of Foreign Intelligence Surveillance Court orders against journalists.
Government Gets Poor Marks Securing Students' Personal Info (Nextgov.com) The office isn’t effectively monitoring cyber protections after it shares student information, including with collection agencies.
WikiLeaks founder sought Russian visa in 2010, per AP report (Ars Technica) Internal documents leaked to AP include "Key Contacts" and an apparent escape plan.
91 “child friendly” Android apps accused of exploitation (Naked Security) New Mexico’s AG filed a lawsuit accusing a popular app maker, plus Google’s and Twitter’s ad platforms, of illegally collecting kids’ data.