Cyber Attacks, Threats, and Vulnerabilities
Iran threatens Saudi Arabia after Iran parade attack (Deutsche Welle) Tehran has blamed Saudi Arabia, the UAE and the US for acting from the shadows in the terror attack on a military parade in Ahvaz. Will Iran retaliate with military action as threatened — or is it just posturing?
US tells Iran to 'look in the mirror' after Rouhani blames it for Ahvaz attack (Deutsche Welle) The exchange follows threats from Iran's Revolutionary Guards to avenge the assault on a military parade. Iran-US ties have worsened after President Donald Trump renewed sanctions on Tehran over its nuclear program.
United Nations Accidentally Exposed Passwords and Sensitive Information to the Whole Internet (The Intercept) A security researcher discovered private data lurking on 60 Trello boards belonging to the United Nations. Sensitive information was also found in public Google documents.
United Nations WordPress Site Exposes Thousands of Resumes (BleepingComputer) Disclosure vulnerabilities in a web app from the United Nations leave open to public access CVs from job applicants and the organization failed to plug the leak despite receiving a private report on the issues.
U.N. security blunder left secret Trello boards, Google Docs exposed (Digital Trends) Secretive documents related to the United Nations were left vulnerable to unauthorized access by anyone who stumbled upon the right link, after Trello, Jira, and Google Docs accounts were left improperly configured by staffers.
Hacking for Cash (Australian Strategic Policy Institute) Is China still stealing Western IP?
How China is driving Australia and Trump into each other's arms (The Sydney Morning Herald) Before he announced Australia's decision to shut China out of its 5G network, Malcolm Turnbull wanted to tell Donald Trump.
New CVE-2018-8373 Exploit Spotted in the Wild (TrendLabs Security Intelligence Blog) We spotted another exploit, possibly in the wild, that uses the CVE-2018-8373 vulnerability. This exploit doesn't work on systems with updated Internet Explorer versions.
Cybercriminals Target Kodi Media Player for Malware Distribution (Threatpost) A recent cryptomining campaign shows criminal ingenuity.
Adwind Trojan circumvents antivirus software to infect your PC (ZDNet) A spam campaign spreading the RAT uses a number of tricks to fool signature-based antivirus solutions.
Apple MacOS Mojave zero-day privacy bypass vulnerability revealed (ZDNet) The latest update of the Mac operating system is expected to hit today -- potentially alongside a zero-day bug which circumvents OS privacy controls.
New Mozilla Firefox Attack Causes Desktop Version to Crash (BleepingComputer) A new attack has been created that can crash or freeze the Mozilla Firefox desktop browser simply by visiting a web page that contains an embedded JavaScript script.
How to Protect Your Paycheck: FBI Issues Credential Phishing Alert as Attackers Target Direct Deposits (Proofpoint) Last week the FBI issued an alert warning organizations that cybercriminals are actively using phishing emails to steal consumer log-in credentials for their online payroll accounts. At Proofpoint, we’ve seen this type of attack for a few years now, and unfortunately, all it takes is one credential phishing email to compromise an employee login.
SHEIN fashion retailer announces breach affecting 6.42 million users (ZDNet) Hack took place somewhere in June, but the company only discovered the breach in late August.
Reddit's Largest Pro-Trump Subreddit Appears To Have Been Targeted By Russian Propaganda For Years (BuzzFeed News) A handful of articles from websites with connections to Russia's infamous troll factory have been shared thousands of times on /r/The_Donald.
Fusion Center Report: US Midterm Elections 2018 Situational Awareness (EclecticIQ) The Midterm Elections in the US are due to take place on 6th November 2018. In light of allegations of interference in previous campaigns, this report will focus on risks and identified activity that may be occurring to influence the result of the elections.
Merrill: Voting machines secure, despite Russian interference (The CT Mirror) Connecticut’s secretary of the state and two U.S. senators said Monday that Russian attempts to influence U.S. elections are real, but that the state’s counting and reporting of results are conducted off line and therefore resistant to hacking.
Beware of Hurricane Florence Relief Scams (KrebsOnSecurity) If you’re thinking of donating money to help victims of Hurricane Florence, please do your research on the charitable entity before giving: A slew of new domains apparently related to Hurricane Florence relief efforts are now accepting donations on behalf of victims without much accountability for how the money will be spent.
AdGuard adblocker resets passwords after credential-stuffing attack (Naked Security) AdGuard has taken the decision to reset all user accounts after suffering a credential-stuffing and brute-force password attack.
Users fret over Chrome auto-login change (Naked Security) Users were complaining this week after discovering they’d been logged in to Google’s Chrome browser automatically, after logging into a Google website.
5 Notable Security Incidents that Recently Affected Federal Entities (Security Boulevard) Digital attackers have a history of targeting public sector organizations. For its 2018 Data Breach Investigations Report (DBIR), Verizon Enterprise tracked 22,788 security incidents that affected the public sector. Data disclosure occurred in 304 of those events; digital espionage via phishing or the use of a backdoor served as the most common pattern.
City of Atlanta: Cyber attack 'over' (WGCL-TV | CBS 46) Six months later we still don't know who hacked us, the final price, what safeguards have been implemented or what was permanently lost.
Security Patches, Mitigations, and Software Updates
Cisco: We've killed another critical hard-coded root password bug, patch urgently (TechRepublic) This time a 9.8/10-severity hardcoded password has been found in Cisco's video surveillance software.
Motorola Solutions adds new features to Ally cloud-based security software (Help Net Security) Motorola Solutions new features for Ally, its cloud-based security platform, enable communication and real-time information-sharing for security teams.
Cyber Trends
Why the market for zero-day vulnerabilities on the dark web is vanishing (Fifth Domain) The market for zero-day exploits on the dark web has all but dissipated in the past few years thanks to unexpected events.
2018 Payment Security Report (Verizon Enterprise Solutions) Don't let your payment security let down your customers. Read this year's report from Verizon for the insights you need to drive PCI compliance.
Extortion, the Cloud, and the Geopolitical Landscape - Black Hat 2018 Survey Results (AlienVault) At Black Hat 2018, we surveyed attendees on diverse topics ranging from how to react to extortion, what impact the geopolitical landscape is having on the industry, and whether the shiny veneer of the cloud is beginning to fade. Our Security Advocate, Javvad Malik, has put together an excellent report on the survey. The report is based on our survey at the AlienVault booth of 963 participants at Black Hat 2018 and interviews with security experts. Read the whole report by Javvad.
Smart homes, dumb devices: Making the IoT safe (Help Net Security) IoT devices are often left forgotten. Much like a rotten door somewhere on the furthest side of a big house, they become an easy entry point for hackers.
Marketplace
Former Symantec boss takes over the Defense Innovation Unit (Defense News) Michael Brown spent two decades running companies in Silicon Valley, eventually rising to CEO of Symantec, one of the largest software companies in the world, with annual revenues of $4 billion and more than 10,000 employees.
France records big jump in privacy complaints since GDPR (TechCrunch) Another European data protection agency has reported a sharp rise in the numbers of complaints since the EU updated its privacy framework four months ago, when GDPR came into force, updating regional data protection rules and introducing much higher penalties for privacy violations. France’s …
Instagram founders resign six years after $1bn Facebook sale (The Telegraph) The co-founders of Instagram have stepped down from the photo sharing app, six years after it was acquired by Facebook for $1bn (£760m).
Why Instagram’s founders are resigning: independence from Facebook weakened (TechCrunch) Facebook promised Instagram autonomy, but reduced it over time leading to today’s bombshell revelation. Eight years after launching Instagram and six years after selling it to Facebook, Instagram co-founders CEO Kevin Systrom and CTO Mike Krieger are leaving the company, according to The New …
Facebook’s plan to let companies it buys live independently is over (TechCrunch) Mark Zuckerberg was quick to realize that Facebook, the largest social network in the world, doesn’t have a monopoly on all users nor can it bank on holding its position as top dog forever. Thus he instituted a policy of buying up promising rivals and integrating them into the Facebook ‘…
Raytheon wins cybersecurity contract in Mideast (Trade Arabia) US-based Raytheon, a technology and innovation leader, has been awarded a multi-year contract for cybersecurity solutions and training, knowledge transfer and operational and support with a new government customer in the Mena Region.
Snyk raises $22M on a $100M valuation to detect security vulnerabilities in open source code (TechCrunch) Open source software is now a $14 billion+ market and growing fast, in use in one way or another in 95 percent of all enterprises. But that expansion comes with a shadow: open source components can come with vulnerabilities, and so their widespread use in apps become a liability to a company’…
Canberra cybersecurity software vendor ArchTIS debuts on the ASX (CRN Australia) ArchTIS will trade under "AR9".
Sydney security vendor Covata's "frustrating and unrewarding" Cisco software licence agreement cut short (CRN Australia) Ending a "frustrating and unrewarding relationship" for Covata.
When and Why an Agency CISO Should Consider Parting Ways With a Cyber Contractor (Nextgov.com) Contractor turnover rate increasing—is it time for your agency to part ways too?
Cyber security legend Ken Xie slams Fortinet's rivals Cisco and Juniper's attempts to buy success (Financial Review) Ken Xie founded Fortinet in 2000, and the cyber security company is now worth $US14.5 billion. He says rivals like Cisco are trying to buy market share rather than innovate.
SlashNext Board Appoints Palo Alto Networks Co-Founder Dave Stevens as Executive Chairman | SlashNext (SlashNext) Security Industry Heavyweight & VC Investor Joins SlashNext from Previous Leadership Roles at Brocade and Nortel
Security Industry Veteran Pat Comunale to Receive 2018 George R. Lippert Memorial Award | Security Industry Association (Security Industry Association) SIA has selected Pat Comunale, former president of global security solutions at Anixter, as the 2018 recipient of the George R. Lippert Memorial Award.
So happy to join the StackRox Family · StackRox: Security built in (StackRox) Security industry veteran Kamal Shah joins StackRox as new CEO
Products, Services, and Solutions
Ivanti Patch for SCCM Reduces Data Breach Risks with Vendor-Agnostic Support for Vulnerability Management Solutions (Ivanti) Bridging the Gap Between Security and Operations Teams, Ivanti Patch for SCCM Reduces the Time Spent Finding, Prioritizing, and Patching System Vulnerabilities
LogPoint disrupts enterprise SIEM market with improved intelligence, cutting incident response times in half (LogPoint) LogPoint SIEM 6.5 with UEBA 2.0 leverages advanced analytics to significantly reduce analyst workload and improves overall operational efficiency
Barracuda bundles email security offerings (CRN Australia) Total Email Protection bundle combines three products into a single SKU.
Yubico launches YubiKey 5 Series, the multi-protocol security keys supporting FIDO2 (Help Net Security) The YubiKey 5 Series provides defense against phishing and account takeovers, enables compliance for authentication, and reduces IT costs.
Code42 Forensic File Search delivers visibility to file movement across cloud services (Help Net Security) Code42 has extended the investigation capabilities of its Code42 Forensic File Search product for Google Drive and Microsoft OneDrive.
ID R&D announces biometric authentication for messaging platforms (Help Net Security) ID R&D’s SafeMessage offers multi-layer authentication across messaging platforms without any impact to the user experience.
Verint strengthens fraud reduction and improves investigations for financial institutions (Help Net Security) Verint solutions help financial institutions proactively analyze fraud, expedite investigations and find solutions to resolve critical threats.
Verizon Digital Media Services adds managed security services to its Cloud Security Solution (Help Net Security) The managed cloud security component provides access to security professionals who monitor and take corrective action against the security threats.
empow Adds Native UEBA Functionality to Become First SIEM to Automatically Detect and Respond to Threats Across the Entire Cyber Kill Chain (empow) empow’s native artificial intelligence, natural language processing and cause-and-effect analytics now ingest user and account activity logs to correlate all data source types covering all stages of the attack lifecycle.
Alert Logic Report Reveals New Killchain Efficiencies and Cyber-Attack Automation that Give Attackers Unprecedented Advantage (Alert Logic) New Tactics Subvert Traditional Security Measures and Indiscriminately Strike Organizations of All Sizes
Ricoh Group enhances global security with Pulse Secure Enterprise Suite deployment (GlobeNewswire News Room) 97,000 employees across 200 countries benefit from Secure Access
How Bro IDS can Help Security Capture Institutional Knowledge for... (Bricata) A presentation at BroCon will demonstrate how Bro IDS can be used to capture institutional knowledge among security analysts while also providing better network traffic analysis and preparing for machine learning applications of the future. #bro #ids #opensource
Siemplify Harnesses Machine Learning for Smarter Security Operations (Siemplify) Siemplify security orchestration version 4.25 is here, harnessing machine learning for enhanced security operations management.
Qualys Introduces Assessment and Monitoring for the CIS Microsoft Azure Foundations Benchmark (Qualys) New extension of Qualys’ Cloud Security Assessment (CSA) helps organizations leveraging Microsoft Azure to build security into DevOps initiatives
Qualys Delivers Security Built into Microsoft Azure’s Hybrid Cloud (Qualys) Seamless integration delivers single-pane-of-glass view across Microsoft Azure and Azure Stack
Optiv Security Announces SecurePayment@Optiv to Drive Holistic and Risk-Centric Security Across the Entire Payment Lifecycle (Optiv Security) Optiv Security announced SecurePayment@Optiv, an integrated portfolio of services and technologies that enables organizations to move beyond basic Payment Card Industry Data Security Standard (PCI DSS) compliance so they can implement comprehensive, risk-centric security across the entire payment lifecycle.
Technologies, Techniques, and Standards
Are you ready? A good incident response plan can protect your organization (Help Net Security) It’s important to draw up the incident response plan in advance of any cybersecurity crisis and to maintain it over time to ensure it is properly updated.
In this election security drill, Massachusetts cops battle hackers to protect the vote - Cyberscoop (Cyberscoop) With just weeks until the midterm elections, police in Massachusetts gathered last Thursday to practice responding to cyberattacks from an adversary bent on disrupting the democratic process.
Let’s face it, users should never be the last line of defense in cybersecurity (The Next Web) Users have walked a very insecure tightrope for decades, clicking on links and opening untrusted attachments. It's time we removed users from the frontline.
Employers overlook a key ally in preventing cyberattacks: HR departments (Employee Benefit News) As the number of incidents rise, human resource managers can play a major role in helping prevent a breach.
There's No Longer Any Excuse For Not Using a Password Manager (Motherboard) Autofill passwords on Android and iOS 12 means that "I'm lazy" is no longer an excuse for not using LastPass or 1Password.
Which NFL Teams Have the Best Cyber Defense? (Panorays) With football season just around the corner, Panorays decided to test the strength of NFL teams’ cyber defenses.
Design and Innovation
White House launches strategy to lead world in quantum (CIO) The White House yesterday launched a national strategy for Quantum Information Science (QIS) in a bid to secure global leadership in “the next technological revolution”.
Google, JPMorgan Chase & Co, IBM, Other Key Companies To Attend White House Quantum Computing Meeting (The Inquisitr) Quantum computing ‘will enable us to predict and improve chemical reactions, new materials and their properties, as well as provide new understandings of spacetime and the emergence of our ...
Linux developers adopt proper Code of Conduct (CRN Australia) To replace brief, loose, ‘Code of Conflict’.
Microsoft punts passwords, LinkedIn contacts to Outlook (CRN Australia) New certification types coming soon too.
Why security products should be more actionable for users (Help Net Security) All security companies - whether they are just starting or are already entrenched - should strive to make their products more actionable for the users.
To attract developers, Navy looks to highlight its ‘cool’ problems (C4ISRNET) HACKtheMACHINE seeks to court non-traditional organizations to help solve Navy problems.
Research and Development
A Mathematician May Have Just Solved a 160-Year-Old, $1 Million Problem (Motherboard) This isn’t the first time Michael Atiyah has claimed to crack a big math problem and never followed up the claims with publication, however.
Artificial Intelligence Has a Strange New Muse: Our Sense of Smell (WIRED) The brain's way of processing smells is inspiring scientists to rethink how we design machine learning algorithms.
Researchers develop invisibly thin spray-on antennas (Help Net Security) Drexel researchers develop spray-on antennas that perform as well as those being used in mobile devices, wireless routers and portable transducers.
Academia
Naval Academy’s cybersecurity program receives accreditation (Navy Times) The U.S. Naval Academy’s cyber operations program has been formally accredited.
Legislation, Policy, and Regulation
If it wants to keep secrets, the intelligence community needs a new vision for cyber (Fifth Domain) The posture seeks to better defend networks and craft more strategic and tactical responses.
Analysis | The Cybersecurity 202: Congress poised to allow DHS to take the lead on federal cybersecurity (Washington Post) "It would be a sea change," one expert said.
The CIA is returning its central focus to nation-state rivals, director says (Washington Post) The agency has been moving away from a consuming emphasis on terrorism.
Credit Freezes are Free: Let the Ice Age Begin (KrebsOnSecurity) It is now free in every U.S. state to freeze and unfreeze your credit file and that of your dependents, a process that blocks identity thieves and others from looking at private details in your consumer credit history.
Perspective | A thief stole my phone. Strong encryption saved me. (Washington Post) When we weaken encryption standards, we put the most vulnerable among us at risk.
Litigation, Investigation, and Law Enforcement
All over Europe, suspected Russian spies are getting busted (Washington Post) Another alleged Russian spy was arrested by Norwegian authorities last Friday, amid a string of expulsions and blunders.
UK issues first-ever GDPR notice in connection to Facebook data scandal (ZDNet) Canadian firm AggregateIQ, linked to the Facebook & Cambridge Analytica data scandal, is the first to be put on notice.
FCA proposes £30m fine over 2016 cyber attack (The Telegraph) The Financial Conduct Authority (FCA) has threatened to fine Tesco Bank up to £30mn after an "unprecedented and serious" cyber attack affected thousands of customers two years ago.
Rod Rosenstein to stay in job for now, will meet with Trump on Thursday, White House says (Washington Post) The White House announcement followed a morning of speculation that Rosenstein was resigning or being fired.
Even If Rosenstein Stays, the Mueller Investigation Status Quo Won't Last (WIRED) Much of the speculation around deputy attorney general Rod Rosenstein's fate misses how disruptive a post-midterms shake-up could be.
Google plans to send a top executive to Congress after facing criticism (Washington Post) Google CEO Sundar Pichai agreed to participate in the unscheduled hearing in response to a request from House Majority Leader Kevin McCarthy (Calif.), who like other Republicans has said Google silences right-leaning news, views and users.
Qualcomm Accuses Apple of Giving Its Intellectual Property to Intel (Wall Street Journal) Qualcomm accused Apple of funneling proprietary information about the chip supplier’s technology to rival Intel, broadening a long-running legal battle between two companies central to the smartphone industry.
Court ruling could change how SC votes. Will it stop elections from being hacked? (The State) A court ruling in Georgia could affect how you vote in S.C. The challenge to Georgia’s voting machines raise questions of election security and whether your vote can be hacked. What is S.C. doing?
Police accidentally tweet bookmarks that reveal surveilled groups (Naked Security) The Massachusetts State Police (MSP) accidentally spilled some of its opsec onto Twitter last week, uploading a screenshot that revealed browser bookmarks.
Command master chief fired for sliding into Facebook messages of another chief’s wife (Navy Times) Stephan J. Raniszewski was fired as the senior enlisted leader of the future warship Thomas Hudner this spring.