Cyber Attacks, Threats, and Vulnerabilities
State Department confirms breach of unclassified email system (CSO Online) The U.S. State Department confirmed it suffered a data breach of its unclassified email system. It says less than 1% of employees were affected.
State Department Email Breach Hit Hundreds of Staff (Infosecurity Magazine) State Department Email Breach Hit Hundreds of Staff. Personal info may have been exposed
Chinese-speaking cybercrime group launches destructive malware (Cyberscoop) A prolific cybercrime group known as Iron Group is actively developing a new family of destructive malware that pretends to ask for ransom,
Two New Monero Malware Attacks Target Windows and Android Users (Security Intelligence) Researchers discovered two new monero malware attacks: one that targets Windows with stealthy mining operations, and another that masquerades as a Google Play Store update for Android.
They’re Drinking Your Milkshake: CTA’s Joint Analysis on Illicit Cryptocurrency Mining (Cyber Threat Alliance) In April, we blogged about CTA’s role in disrupting malicious cyber activity. We introduced the idea of routinely bringing our members together to develop Joint Analysis reports on specific threats and campaign activity, the same way our early members came together to report on the threat from Cryptowall Version 3 in 2015. Our goal with... View Article
Here we Mongo again! Millions of records exposed by insecure database (Naked Security) Another day, another poorly configured MongoDB database.
Hackers have planted credit card stealing malware on local government payment sites (TechCrunch) Security firm FireEye has confirmed that a widely used web payment portal used to pay for local government services, like utilities and permits, has been targeted by hackers. Hackers have broken into self-hosted Click2Gov servers operated by local governments across the US, likely using a vulnerabi…
IoT Malware Detections Soar 273% Since 2017 (Infosecurity Magazine) IoT Malware Detections Soar 273% Since 2017. Kaspersky Lab warns home users of growing threat
Political Figures Differ Online: Names of Trump, Obama, Merkel Attached to Ransomware Campaigns (McAfee Blogs) Politics and ransomware. No, it’s not a lost single from the Oasis back catalogue, but in fact a relatively recent tactic by ransomware developers looking to exploit the profiles of major politicians to install ransomware on victims’ computers. Donald Trump, Angela Merkel, and now Barack Obama all serve as lures for
Bristol airport still recovering from 'ransomware' attack (SC Magazine) An attack 'similar to' ransomware forced airport staff to take key information screens offline at Bristol Airport, and four days later full service has not yet been resumed.
Hackers stole customer credit cards in Newegg data breach (TechCrunch) Newegg is clearing up its website after a month-long data breach. Hackers injected 15 lines of card skimming code on the online retailer’s payments page which remained for more than a month between August 14 and September 18, Yonathan Klijnsma, a threat researcher at RiskIQ, told TechCrunch. …
The Cyberthreats That Most Worry Election Officials (Wall Street Journal) How attacks could be attempted—and what officials are doing to make sure they don’t affect the midterms.
State of the Internet Security - Credential Stuffing (Akamai) Credential stuffing, and the botnets behind this activity, is the primary focus of the State of the Internet Security Report, Issue 4, 2018. Credential stuffing, the use of botnets to try to login to a site with stolen or randomly...
FBI: Phishing Attacks Aim to Swap Payroll Information (Dark Reading) Social engineering scams target employees' payroll credentials so attackers can access and change their bank account data.
Only one third of email reaches inboxes (ITP.net) FireEye says two-thirds of email stopped by security solutions.
Hackers acknowledge Windows flaws but prefer social engineering tricks (Fifth Domain) Fifty percent of hackers at the Black Hat conference said that they had readily compromised the Windows system, but added they preferred to use social engineering to hack users
Hackers Say Windows 8 and 10 Easiest Entry Points (Infosecurity Magazine) A Black Hat survey finds 50% of hackers enter IT systems via Windows 8 and 10.
How Hackers Talk Their Way Into Getting Company Secrets (Wall Street Journal) With ‘social engineering’ schemes, cybercriminals trick employees into handing over valuable information.
Types of Texts You Should Delete Immediately (Reader's Digest) Friends and family aren’t the only ones who text you. Scammers do too! Here's how to recognize this type of scam, which is called smishing.
Years on, third party apps still exposing Grindr users’ locations (Naked Security) A third party app can use Grindr’s distance data to pinpoint a users location down to a room within a house.
The most expensive tweets on record that cost businesses billions (The Telegraph) In less than 60 characters, Elon Musk lost short sellers...
Security Patches, Mitigations, and Software Updates
Intel releases firmware update for ME flaw (Naked Security) It’s only September and yet 2018 is well on its way to being remembered as the year of fixing flaws we didn’t realise were possible in hardware we’d never heard of.
iOS 12 is here: these are the security features you need to know about (Naked Security) One year to the day after iOS 11 appeared, Apple yesterday released its replacement, iOS 12.
Serious Security Vulns Patched In IBM i (IT Jungle) No good deed goes unpunished. Such as it is with cybersecurity, which demands unceasing attention paid to a never-ending stream of flaws and patches as the cost of remaining off the front page. To that end, IBM patched several more security flaws in IBM i last week, including two serious flaws in Node.js, five critical
SharePoint Workflows go belly-up when you install the September .Net Security Only patch (Computerworld) Another major bug in this month’s patches, officially acknowledged, affects the Security Only .Net patch KB 4457916, for Win8.1 and Server 2012 R2. Install that patch and any defined Sharepoint Workflows will fail to run.
Cyber Trends
World War AI (Foreign Policy) China and America should watch out: Artificial intelligence could propel emerging powers to the forefront of war while leaving old superpowers behind.
Europol: Ransomware Will be Top Threat for Years (Infosecurity Magazine) Europol: Ransomware Will be Top Threat for Years. But crypto-jacking and mobile malware on the rise
Researchers: Users allowed to access infected sites found through search engines (TheHill) Users are largely allowed to access infected websites found through search engines, according to new research published Tuesday.
The SiteLock Website Security Insider Q2 2018 (SiteLock) Did you know that websites experience an average of 58 attacks per day? That’s one cyberattack approximately every 25 minutes! Even more startling, as much as 61 percent of all internet traffic is automated traffic from bots, meaning these attacks do not discriminate based on the size or popularity of a website. No website is too small or too new to hack.
No Time for Complacency: Watch Your Back on Biometrics, Compliance, and Insider Threats (Infosecurity Magazine) The three most common threats, according to the ISF's Threat Horizon.
Why a long military career in cyber feels like a rarity (Fifth Domain) Current manpower models don't invest in the longevity of the cyber force.
Almost half of UK internet users 'harmed' (BBC News) The range of harms include cyber-scams as well as trolling, bullying and stalking, finds an Ofcom study.
83% of SMB owners have no cash put aside to deal with the fallout from a cyber attack (Help Net Security) SMBs are leaving themselves exposed to financial risk from cybercrime by not having adequate measures in place to recover in the event of a cyber attack.
Regtech to account for 40% of global compliance spend by 2023 (Help Net Security) A new study from Juniper Research has found that spending on Regtech platforms will exceed $115 billion by 2023, up from an estimated $18 billion in 2018.
Marketplace
Pentagon spending could lead to consolidation of cybersecurity industry (Fifth Domain) More purchases of electronic-warfare equipment by the Pentagon will drive consolidation of the cybersecurity industry, according to new analysis.
DIA announces winners in massive intelligence technology contract (C4ISRNET) The HELIOS contract seeks to develop technologies that can enhance the intelligence gathering capabilities within the elusive agency and prevent
Zinopy cybersecurity firm acquired by Trilogy Technologies (The Irish Times) Deal will see creation of group with annual revenue above €20 million
Fidelis Cybersecurity Raises Growth Capital to Accelerate Innovation of its Unified Security Platform and 24x7 MDR Service (BusinessWire) Fidelis Cybersecurity, a leading provider of automated detection and response capabilities through its Fidelis ElevateTM platform, today announced the
Former Anonymous Hacker Raises $2.5m for Startup (Infosecurity Magazine) A cybersecurity startup founded by a convicted Anonymous hacker sees its first major capital raise.
Trump's Immigration Cops Just Gave America's Hottest iPhone Hackers Their Biggest Payday Yet (Forbes) iPhone hackers GrayShift just sold nearly $400,000 of its tech to America's immigration cops. Human rights activists are fretting about the amount of surveillance technology being bought by ICE.
Data61 says Australia is still missing out on innovation opportunity (ZDNet) Innovation is a AU$315 billion opportunity, and Data61 is still trying to convince Australia to take advantage of it.
Hackers beware: These 5 Austin cybersecurity firms are making a difference (Built In Austin) With major data leaks and malicious digital threats in the news on a near-daily basis, the need for cutting-edge cybersecurity is more apparent than ever. On an individual level, cyberthreats can damage one’s financial and personal life. On a broader economic level, a leading study reported that the world lost more than $600 billion in 2017 alone due to digital threats.
CenturyLink names Chris Betz as Chief Security Officer (MediaRoom) Chris Betz joins CenturyLink, Inc. (NYSE: CTL) as its Chief Security Officer, responsible for leading the company's corporate security, information security and security product development teams....
Products, Services, and Solutions
Nozomi Networks Integration with Cisco Technologies Delivers Enterprise-Wide ICS Security (Nozomi Networks) The Nozomi Networks integration with Cisco Security technologies delivers comprehensive IT / ICS security and visibility across the IT/OT network.
WatchGuard Unveils Trusted Wireless Environment Framework to Help Businesses Build Fast, Scalable and Secure Wi-Fi Networks (Markets Insider) WatchGuard® Technologies, a leader in advanced network security solutions, today launched its new Trusted Wireless E...
Free Resources for Cybersecurity Awareness Month 2018 (Wombat Security) Take your end users’ security awareness to new heights this October with our Cybersecurity Awareness Month materials.
Research from Spirent with ESG Reveals Shifting Priorities in Response to Increased Cybersecurity Complexity (Press of Atlantic City) Spirent Communications plc (LSE: SPT) today announced the availability of a research report conducted by Enterprise Strategy Group (ESG) that reveals a number of crucial
ThreatConnect Joins Symantec Technology Integration Partner Program (MarketWatch) Global ecosystem of 100+ technology companies work together to battle cyber threats
LENSEC Includes Comprehensive Security Protection in Perspective VMS® (PRNewswire) PVMS is Cybersecure Software, Ready with Encryption, Protecting the Entire Security System
Exabeam and SecureAuth + Core Security Partner to Secure Enterprise Identities Against Credential-Based Threats (SecureAuth) Exabeam, the fastest growing next-gen security information and event management company, and SecureAuth + Core Security, the leader in identity security automation, today announced a collaborative relationship to secure enterprise identities against increasingly sophisticated credential-based threats.
ManageEngine strengthens endpoint security with the launch of Browser Security Plus (Help Net Security) Browser Security Plus is a browser management solution that helps organizations secure their data in the cloud and protect their networks from cyberattacks.
NSFOCUS introduces new capability to identify cyber risk exposure (Help Net Security) NSFOCUS EISA is built to address risks by searching for unknown IPs, hijacked IPs, unknown ports open on known IPs, and the services running on those ports.
WISeKey Announces Strategic Partnership with Tarmin for WISeBox Integration Cloud Based Secure Data Offering (GlobeNewswire News Room) WISeKey International Holding Ltd (SIX: WIHN, OTTCQX: WIKYY), a Swiss based cyber security and IoT company, today announced a strategic partnership with Tarmin, the global pioneer of Data Defined Infrastructure, next generation data management and storage solutions to jointly develop the WISeBox solution.
Kudelski Security Announces Partnership with SentinelOne (Nagra) Company’s Focus on Endpoint Security Expands with the Addition of New Technology Offerings for Clients in the United States
Technologies, Techniques, and Standards
How Facebook wants to protect political campaigners from hacking (Naked Security) The social network is trying to protect candidates, elected officials and their staff from “hackers and foreign adversaries”.
Here's How Facebook Is Trying to Moderate Its Two Billion Users (Motherboard) Moderating billions of posts a week in more than a hundred languages has become Facebook’s biggest challenge. Leaked documents and nearly two dozen interviews show how the company hopes to solve it.
Your Network Has Been Hacked. You Have 72 Hours to Report It. (Wall Street Journal) Companies are scrambling to meet new regulations that require them to figure out what’s going on—quickly.
Why You Need a VPN—and How to Choose the Right One (Wall Street Journal) Everybody’s snooping on your internet traffic. The key is to stay hidden.
How to Protect Your SMB Clients from Ransomware (Security Boulevard) No company is too small to be devastated by a ransomware attack. In fact, small and medium-sized businesses (SMBs) are prime targets, and the number--and cost--of such attacks continues to rise.
How to Defend Against GPS Spoofing Attacks (Wall Street Journal) As ship and car makers race to roll-out self-driving technology, security researchers warn that attacks using fake GPS signals could increase and become more dangerous.
Why humans are necessary to the threat hunting process (Help Net Security) A bot can't engage with threat actors online and blend in. Manual intelligence gathering and human involvement is necessary to the threat hunting process.
How AI Can Help Stop Cyberattacks (Wall Street Journal) As hackers get smarter and more determined, artificial intelligence is going to be an important part of the solution.
Key weapon for closing IoT-era cybersecurity gaps? Artificial intelligence (Help Net Security) Security teams are looking to artificial intelligence (AI) as a key weapon to win the battle against stealthy threats inside their IT infrastructures.
Forget Passwords. It’s Time for Passphrases. (Wall Street Journal) Two researchers say they have come up with a system that makes passphrases more secure and practical.
Design and Innovation
2018 SINET 16 Innovators Announced (BusinessWire) SINET announced today the winners of its annual SINET 16 innovation competition. Winners were selected from a pool of 123 applicants and 9 countries.
Data61, Hensoldt Cyber partner on cyber attack protection systems (iTWire) Data61, the CSIRO’s innovation network, has announced a global partnership with German cyber security company Hensoldt Cyber to collaborate on the dev...
Research and Development
DARPA Selects BAE Systems to Develop Cyber-Hunting Tools (Engineering) BAE Systems will create automated real-time defense tools for the DARPA CHASE program.
Academia
The National Cyber Security Centre and IBM Security Join Forces to Improve Security Skills (Security Intelligence) Organizations are struggling to hire enough people with the right security skills. Industry and government must work together to give more opportunities to potential cyber talent.
Legislation, Policy, and Regulation
U.S.-Chile Executive Cyber Consultation (U.S. Department of State) Senior representatives from the United States and Chile participated in an Executive Cyber Consultation in Washington, D.C., August 23-24, 2018 to facilitate stronger bilateral cooperation on cyber issues, including government capacity to address emerging challenges and shared threats in cyberspace.
DoD releases first new cyber strategy in three years (Fifth Domain) The much awaited strategy articulates how the DoD will combat strategic competitors such as Russia and China.
Summary: Department of Defense Cyber Strategy (US Department of Defense) American prosperity, liberty, and security depend upon open and reliable access to information.
Restrictions Removed from Cyber Command – Is the U.S. Ready to Hack Back? (TechNative) In August 2018, the U.S. President rescinded the former administration’s Presidential Policy Directive 20 (PPD-20) – the authority that dictated how the United States engaged in cyber operations, which was leaked by National Security Agency leaker, Edward Snowden...
White House Official Calls on Industry and Agencies to Share More Cyber Threat Info (Nextgov.com) Agencies should also start taking more tips from each other, according to an Office of Management and Budget cyber expert.
Analysis | The Cybersecurity 202: Lawmakers are ready to embrace ethical hackers, even if DHS isn't (Washington Post) A new bill would force DHS to open a bug bounty program.
U.S. senators seek punishment if China's ZTE violates deal (Reuters) Republican and Democratic U.S. senators introduced a bill on Tuesday that would ...
Is a new Air Force cyber office in the works? (Fifth Domain) The Air Force is discussing the potential stand up of a rapid cyber office.
Air Force mulls cyber RCO (FCW) The U.S. Air Force is considering a rapid capabilities office to streamline cybersecurity acquisition.
Air Force will use new authorities for cyber carrier (Fifth Domain) The Air Force will be using Section 804 authorities to procure Unified Platform.
Litigation, Investigation, and Law Enforcement
Mirai botnet creators praised for helping FBI, won’t serve prison time (Ars Technica) Three men mitigated Memcache attacks, aided APT researchers, and more.
The Mirai Botnet Architects Are Now Fighting Crime With the FBI (WIRED) In 2016 three friends created a botnet that nearly broke the internet. Now, they're helping the feds catch cybercriminals of all stripes.
Facebook accused of discriminating against women with targeted job adverts (The Telegraph) Facebook is discriminating against women by helping employers run job adverts that target only men, civil rights campaigners have claimed.
Will This Crypto Case Push Federal Regulators to Tackle More ICO Fraud? (New York Law Journal) A U.S. district court of New York ruling allowing a jury to apply securities laws in an ICO fraud case may set the stage for regulators to heighten actions in the nascent marketplace.
The Collateral Damage of Trump's Extreme Declassifications (WIRED) Trump has the legal right to make public whatever documents he chooses. But he's going to cause unknown damage in the process.
Dark Web: US court seizes assets and properties of deceased AlphaBay operator (HackRead) Follow us on Twitter @HackRead