Cyber Attacks, Threats, and Vulnerabilities
Russian hackers ‘Fancy Bear’ now targeting governments with rootkit malware (TechCrunch) Security researchers say that they have found evidence that for the first time Russia-backed hackers are now using a more sophisticated type of malware to target government entities. ESET presented its case Thursday that the hacker group, known as Fancy Bear (or APT28), is using rootkit malware to …
Without offering evidence, Trump accuses China of interfering in U.S. midterm elections (Washington Post) At a meeting of the U.N. Security Council, the president asserted Beijing was retaliating against him over the escalating trade war.
Intel chief Dan Coats warns of China's 'potent' cyber threat during Citadel event (Post and Courier) Director of National Intelligence Daniel Coats sounded the alarm about foreign interference in the U.S. democratic process during a speech Tuesday in Charleston — but he wasn't talking about Russia
Researchers find Russian “VPNfilter” malware was a Swiss Army hacking knife (Ars Technica) Router malware had nine different tools for exploiting networks.
'Every cyberattack is related to geopolitical conditions,' says CEO of cybersecurity play FireEye (CNBC) Jim Cramer gets the latest on cybersecurity from FireEye CEO Kevin Mandia, whose company was hired by Google to defend against state-sponsored cyberattacks.
Weak Apple DEP Authentication Leaves Enterprises Vulnerable to Social Engineering Attacks and Rogue Devices (Duo Security) Duo Labs has found an authentication weakness in Apple’s Device Enrollment Program (DEP) that could lead to privileged access, rogue device enrollment and social engineering attacks against an organization that uses DEP for mobile device management (MDM) auto-enrollment.
MDM Me Maybe: Device Enrollment Program Security (Duo Security) Duo Labs researchers show how an authentication weakness in Apple’s Device Enrollment Program can be used to leak information and potentially enroll rogue devices in MDM servers.
Cybercriminals Increasingly Trying to Ensnare the Big Financial Fish (SecureWorks) Threat groups such as GOLD KINGSWOOD are using their extensive resources and network insights to target high-value financial organizations around the world.
Banking trojan found in call recorder app on Play Store - stole over €10,000 (HackRead) Android is one of the most vulnerable mobile operating systems with hackers developing new Android malware and banking trojan every 17 seconds. Then, there is Google and questionable security measures to protect users from sophisticated and persistent malware attacks.
Once Popular Online Ad Format Opens Top Tier Sites to XSS Attacks (Threatpost) Online ad industry moves away from once prolific ads that are now deemed insecure because of DOM-based XSS vulnerabilities.
Over 80 Cisco Products Affected by FragmentSmack DoS Bug (BleepingComputer) Cisco is currently looking into its product line to determine the ones using Linux kernel 3.9 or above, which is vulnerable to the FragmentSmack denial-of-service (DoS) bug.
Port of San Diego victim of cyberattack (San Diego Union Tribune) The Port of San Diego is investigating a serious cybersecurity threat to its technology systems that is impacting the public agency’s ability to process park permits and records requests, and perform other business services.
Malware hits fashion giant SHEIN; 6.42 million online shoppers affected (Naked Security) The online fashion store is now contacting affected users and asking them to change passwords for their online store accounts.
SHEIN Servers Infected by Malware, Data of 6.4M Customers Stolen (Security Boulevard) SHEIN servers were breached by hackers and as a result of the intrusion sensitive data of over 6.4 million users was hijacked. The incident occurred between June and August 2018 according to the company statement. Our article sums up the...
Data Issues (SHEIN) On August 22, SHEIN became aware that personally identifiable information of its customers was stolen during a sophisticated criminal cyberattack on its computer network. Immediately upon becoming aware of this potential theft
Someone Posted Weed and Viagra Spam On a US Department of Agriculture Site (Motherboard) The USDA blamed the issue on a "web form" that was abused to post spam.
Bristol Airport’s quick isolation of key systems was key to preventing ransomware spreading, says Databarracks (Business Computing World) Recently, Bristol Airport’s administration systems were infected by ransomware. The airport was forced to take a cautious approach and shut down applications including its digital flight information displays, forcing staff to use whiteboards to keep passengers updated on flight information.
Mobile Websites Can Tap Into Your Phone's Sensors Without Asking (WIRED) Mobile apps need explicit permission to access your smartphone's motion and light sensors. Mobile websites? Not so much.
Facebook Is Giving Advertisers Access to Your Shadow Contact Information (Gizmodo) Last week, I ran an ad on Facebook that was targeted at a computer science professor named Alan Mislove. Mislove studies how privacy works on social networks and had a theory that Facebook is letting advertisers reach users with contact information collected in surprising ways. I was helping him test the theory by targeting him in a way Facebook had previously told me wouldn’t work. I directed the ad to display to a Facebook account connected to the landline number for Alan Mislove’s office, a number Mislove has never provided to Facebook. He saw the ad within hours.
Security Patches, Mitigations, and Software Updates
Critical Linux Kernel Flaw Gives Root Access to Attackers (Dark Reading) All versions of Red Hat Enterprise Linux, CentOS vulnerable to 'Mutagen Astronomy' flaw, according to Qualys.
Apple pushes out Mojave 10.14, patches numerous vulnerabilities (SC Magazine) Apple has issued an update to fix a number of issues in macOS Mojave leading to arbitrary code execution, the ability to read restricted memory and access local users Apple IDs among others.
Bitcoin Core Software Patches a Critical DDoS Attack Vulnerability (Vulners Database) The Bitcoin Core development team has released an important update to patch a major DDoS vulnerability in its underlying software that could have been fatal to the Bitcoin Network, which is usually known as the most hack-proof and secure blockchain. The DDoS vulnerability,...
Firefox Monitor starts tracking breached email addresses (Naked Security) Mozilla has formally launched Firefox Monitor, a privacy-engineered website that hooks up to Troy Hunt’s Have I Been Pwned? (HIBP) breach notification database.
Cyber Trends
Microsoft president says tech companies are "first line of defense" in cybersecurity (CBS News) Brad Smith spoke first on "CBS This Morning" about the AI for Humanitarian Action initiative, a $40M program that the tech giant says would save lives
Cyber criminals increasingly target cryptocurrency, research finds (TheHill) Cyber criminals are ratcheting up efforts to target devices with cryptocurrency malware, according to a new report.
The state of network security in organizations with 1000+ employees (Help Net Security) ProtectWise interviewed 400 security analysts in the US to uncover the state of network security today across organizations with 1,000 or more employees.
SMBs Cybersecurity Risk, Their Opportunity (blogs@Cisco - Cisco Blogs) Today, Cisco unveiled its SMB Cybersecurity Report, which leverages data from 1,816 SMB respondents across 26 countries.
The World's Most Popular Coding Language Happens to be Most Hackers' Weapon of Choice – Blog | Imperva (Blog | Imperva) Python will soon be the world’s most prevalent coding language. That’s quite a statement, but if you look at its simplicity, flexibility and the relative ease with which folks pick it up, it’s not hard to see why.
Marketplace
Security companies see opportunity in Trump’s new cyber plan (Fifth Domain) America's promise to hack foreign countries means the Department of Defense will purchase more off the self cyber equipment.
Can industry bridge the government cyber skills gap? (Fifth Domain) Solutions providers may hold the key to better federal cybersecurity.
Machines ease cyber security industry talent crunch (Financial Times) Finding staff who have the right skills in both AI and cyber security demands new thinking on hiring
Exclusive: WhatsApp Cofounder Brian Acton Gives The Inside Story On #DeleteFacebook And Why He Left $850 Million Behind (Forbes) Facebook’s $22 billion WhatsApp purchase made Brian Acton one of the richest people in America. But his idealism clashed with Mark Zuckerberg’s financial juggernaut. For the first time, Acton explains why he left.
The other side of the story (Facebook) {Disclaimer: no one at Facebook asked me to post this. I just had to do it. And these are my personal views exclusively.} Today Forbes published an interview of Brian Acton that contained statements, and recollection of events that differ greatly from the reality I witnessed first-hand. As a result, I felt compelled to write about the actual facts.
Facebook’s ex-CSO, Alex Stamos, defends its decision to inject ads in WhatsApp (TechCrunch) Alex Stamos, Facebook’s former chief security officer, who left the company this summer to take up a role in academia, has made a contribution to what’s sometimes couched as a debate about how to monetize (and thus sustain) commercial end-to-end encrypted messaging platforms in order th…
If There Was Ever A Nobel Award For Tech -- WhatsApp Cofounder, Brian Acton Ought Put His Name To It (Forbes) Brian Acton blows the lid on Zuckerberg’s duplicity and Sandberg’s greed and seeks to make amends to WhatsApp users concerned with privacy through his new venture, Signal. His story raises difficult questions as to what burdens on billionaires particularly towards charitable giving.
WhatsApp and Instagram Founders Don’t Deserve Points for Leaving Facebook (Motherboard) By selling their companies to Facebook, Brian Acton and Kevin Systrom perpetuated the worst parts of capitalism.
WhatsApp co-founder Acton flags tensions with Zuckerberg: Forbes (Reuters) WhatsApp co-founder Brian Acton had disagreements with Facebook Chief Executive ...
Google's 20th birthday: How two tech nerds changed the internet, by the people who were there (The Telegraph) What does it take to create one of the most influential companies in the world?
Polyverse on Winning Team Supporting $40M Global InfoTek, Inc. Act 2 Task Order “Excalibur” (Polyverse) Global InfoTek wins task order to provide full spectrum cyberspace capabilities to the Air Force
Cybersecurity start-up Darktrace raises $50 million and is now worth $1.65 billion (CNBC) Darktrace, founded in 2013, uses artificial intelligence and machine-learning technology to detect and counter cyber threats.
Cybersecurity firm Nozomi Networks raises $30M in latest round of funding (TechCrunch) Nozomi Networks has secured $30 million in Series C funding. The San Francisco, Calif.-based touts itself as an industrial security giant, securing more than 300,000 industrial devices over a range of industries, like manufacturing, energy, and mining, with hundreds of hydroelectric and gas distrib…
Source Defense Completes $10M Financing to Prevent Universal Website Supply Chain Vulnerability (GlobeNewswire News Room) AllegisCyber, Jerusalem Venture Partners, Global Brain (Japan) and Connecticut Innovations participate in the financing; Offices open in US and Israel to support go-to-market strategy
Agari Launches Agari Partner Power™ Program for VARs to Accelerate Worldwide Sales Growth (Press of Atlantic City) Agari, the only cloud-native solution that uses predictive AI to stop advanced email attacks, today announced significant channel investments with the launch of Agari Partner
Fidelis Cybersecurity Invests in Customer Success and Technical Field Expertise with Executive Appointments of Gabriel Martinez and Ken McDonald (BusinessWire) Fidelis Cybersecurity (Fidelis), a leading automated detection and response provider, today announced the appointment of Gabriel Martinez, as vice pre
CrowdStrike Appoints Roxanne Austin to its Board of Directors as Audit Committee Chair (CrowdStrike) CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced the appointment of Roxanne Austin to its Board of Directors as Audit Committee Chair, effective immediately.
Georgia Cyber Center Selects Former NSA GA Commander (Smart & Resilient Cities) The former commander of NSA Georgia, Col. Eric Toler, has been named executive director of the Georgia Cyber Center. Col. Toler will work with Augusta University, Augusta Technical College and Georgia Technology Authority (GTA) executive stakeholders to define and execute the overall strategy, vision, mission and goals for the center’s programs and partnerships.
Products, Services, and Solutions
New Booz Allen product takes aim at mobile security vulnerabilities (Washington Business Journal) The company sees products as an outgrowth of its push to marry its consulting heritage with highly technical capabilities in cyber, engineering and other areas.
Introducing VirusTotal Enterprise (Medium) Today we are announcing an update to VirusTotal: VirusTotal Enterprise.
ShiftLeft Announces Code-Informed Runtime Protection for Microsoft’s .Net Framework (BusinessWire) ShiftLeft today announced the general availability of its security-as-a-service platform for Microsoft’s .Net Framework (.Net).
Digital Shadows Launches Shadow Search™ – Enabling Organizations to ‘Self-Serve’ and Find Cyber Threats against Them from across the Open, Deep and Dark Web (BusinessWire) Digital Shadows, the leader in digital risk management and relevant threat intelligence, has today announced the availability of Shadow Search.
Protego Labs Launches a No Cost Plan for its Flagship Serverless Secur (PRWeb) Protego Labs today launched a free version of its serverless security solution - complete with all functionality - enabling companies to build secure applications...
ID Agent and RapidFire Tools Launch Dark Web Threat Assessment Report (Globe Newswire) MSPs can now use Network Detective to discover dark web credential exposure for clients and prospects
NIKSUN Achieves Common Criteria Certification for NetDetector and NetVCR (BusinessWire) NIKSUN NetDetector/NetVCR Everest 5.1 is approved for secure government agencies and private sector enterprises with Common Criteria Certification.
Blue Cedar Collaborates With OpenSSL, Akamai, NetApp, and VMware to Develop Next-Generation FIPS Module (BusinessWire) Blue Cedar is collaborating with industry leaders to develop the next-generation open-source FIPS 140-2 module for OpenSSL.
Cyberbit and CloudRange Cyber Announce the First Cyber Range “As a Service” in North America (HeraldCourier.com) Cyberbit Ltd. (Cyberbit), a world leading provider of cybersecurity simulation and IT/OT detection and response platforms, and CloudRange Cyber LLC (CloudRange), a pioneer
Technologies, Techniques, and Standards
Reputational Risk and Third-Party Validation (BankInfo Security) Third-party ratings are increasingly popular as a means of selecting cybersecurity vendors. But Ryan Davis at CA Veracode also uses BitSight's ratings as a means of
Design and Innovation
Artificial Intelligence Can Reinforce Bias, Cloud Giants Announce Tools For AI Fairness (Forbes) Artificial Intelligence (AI) systems must be trained fairly. Unfairly trained AI systems can reinforce bias. AI fairness is a dataset issue for each specific machine learning model. AI fairness is a new challenge. Cloud giants Facebook Amazon, Microsoft, Google, IBM are working on AI fairness tools.
Mind Fund and Hedera Hashgraph Partner to Create Helix, a Dedicated Hedera Accelerator (AsiaOne) Mind Fund, a Hong Kong based VC company that incubates and invests in the next global wave of technology companies, is pleased to announce the launch of the new Helix Accelerator
Research and Development
UI grad student uncovers security issues at Facebook, Twitter (Technology Org) When University of Iowa computer science graduate student Shehroze Farooqi reads news headlines about Facebook and Twitter posts from dubious foreign accounts, or Facebook data grabs by politically affiliated companies, he’s not shocked.
From his office in MacLean Hall, Farooqi uses his knowledge
Academia
Universities Invest in Cybersecurity Pathways to Add to the Workforce (Technology Solutions That Drive Education) Higher education institutions build new facilities and corporate partnerships to add more professionals to the future workforce.
New Cyber Group Launched to Prepare Students for Cybersecurity Careers (Infosecurity Magazine) Scheme will arm 14-19-year-olds with skills needed for future careers in cybersecurity
El Centro College Enriches Cyber Security Education by Partnering with Check Point Software (Nasdaq) Check Point SecureAcademy™, a training program for the academic community, prepares students with vital technology skills needed to prevent fifth-generation cyber-attacks
Legislation, Policy, and Regulation
Iran claims US wants to overthrow its government as Bolton threatens ‘hell to pay’ (Military Times) Iranian leader says threats and sanctions won't work, urges U.S. to join multilateral talks.
New Sanctions Won’t Hurt Russia (Foreign Policy) Washington thinks punitive measures will change Moscow’s calculus, but the Russian economy is doing just fine.
Rand Paul Pitches Easing Sanctions on Russian Lawmakers (Roll Call) Sen. Rand Paul is pitching a proposal that would life sanctions on Russian lawmakers if the Russians nix sanctions on members of Congress.
Israel avoids trade wars, but keeps Chinese and Russia tech companies at arm’s length (Haaretz) Unofficial ban prevents China’s Huawei and ZTE and Russia’s Kaspersky from supplying products for critical infrastructure
Analysis | The Cybersecurity 202: Senate hearing highlights challenges of crafting national privacy law (Washington Post) Here are six takeaways.
Tech giants back new US data privacy law to head off backlash (The Telegraph) Apple, Google, Amazon and Twitter have thrown their weight behind a national data privacy law for the USA after years of lobbying against such efforts.
Tech executives voice support for national privacy law (Washington Post) There’s broad consensus that a bill to protect consumer privacy is needed.
Analysis | The Cybersecurity 202: Federal privacy rules are coming. Here are four things to watch as tech companies testify (Washington Post) The companies won't all agree on what a law should look like.
Trump doubles down on slamming Google, saying it's 'taking advantage of a lot of people' — and warns Google, Facebook, and Twitter to 'be careful' (Business Insider) US President Donald Trump followed up his Tuesday morning attack on Google by making more critical comments later from the Oval Office. "Google is really...
It’s Google’s Turn in Washington’s Glare (New York Times) The internet giant has largely avoided the scrutiny faced by its internet peers. Now lawmakers are questioning whether it has too much influence.
Election security bill won't pass ahead of midterms, says key Republican (TheHill) Sen. James Lankford (R-Okla.) said Tuesday that a bipartisan election security bill won’t be passed by Congress ahead of November’s midterm elections.
Legislation Would Elevate Federal CIO, Codify Federal CISO (Nextgov.com) The bipartisan legislation would reauthorize, rename, codify and elevate the role of federal chief information officer.
Pelosi Names Appointees to Cyberspace Solarium Commission (Democratic Leader Nancy Pelosi) Washington, D.C. – Today, Democratic Leader Nancy Pelosi named Congressman Jim Langevin and Former Rep. Patrick Murphy to the Cyberspace Solarium Commission.
Litigation, Investigation, and Law Enforcement
Skripal Suspect Boshirov Identified as GRU Colonel Anatoliy Chepiga (Bellingcat) Bellingcat and its investigative partner The Insider – Russia have established conclusively the identity of one of the suspects in the poisoning of Sergey and Yulia Skripal, and in the homicide of British citizen Dawn Sturgess. Part 1 and Part 2 of Bellingcat’s investigation into the Skripal poisoning suspects are available for background information. In these...
Suspect in Skripal attack identified in report as decorated Russian colonel (TheHill) Bellingcat, an open-source investigative group, has identified one of the suspects in the poisoning of an ex-Russian spy in Britain as a decorated officer in Russia’s military intelligence service, the GRU.
Salisbury spy ‘hitman’ is a decorated Russian colonel Anatoliy Chepiga (Times) One of the suspects in the Salisbury poisoning of Sergei Skripal was unmasked last night as a decorated colonel in Russian intelligence who was awarded the country’s top military honour by...
Salisbury novichok attack: the spy who left a photographic trail (Times) Rushlan Boshirov and Alexander Petrov had already been roundly mocked for claiming that they were tourists in Salisbury and that a visit to the cathedral was thwarted by snow. Their protestations...
EU lawmakers push for cybersecurity, data audit of Facebook (AP News) European Union lawmakers appear set this month to demand audits of Facebook by Europe's cybersecurity agency and data protection authority in the wake of the Cambr
Revamp of Google Chrome web browser risks new EU scrutiny (The Telegraph) Google risks provoking another big fine from European regulators if it presses ahead with a proposed revamp of its Chrome web browser, leading competition lawyers have claimed.
Inside the private Justice Department meeting that could lead to new investigations of Facebook, Google and other tech giants (Washington Post) Attorney General Jeff Sessions opened the meeting by raising questions of possible ideological bias among the tech companies.
Senate Panel Probes Readiness of DoD’s Cyber Force (Meritalk) The Senate Armed Services Committee’s cybersecurity and personnel subcommittees held a joint hearing today to examine the cyber operational readiness of the Department of Defense and heard from leaders of both the military and civilian side of the DoD cyber force about the mounting challenges they face.
Uber Agrees to Pay $148 Million to States Over Major 2016 Data Breach (New York Law Journal) The settlement is the result of a multistate investigation that found Uber paid hackers $100000 to conceal the breach which exposed the names email addresses and cellphone numbers of those users.
IV Ordered To Pay Trend Micro $400K In Atty Fees In IP Fight (Law360) A Delaware federal judge on Monday ordered nonpracticing entity Intellectual Ventures LLC to pay more than $400,000 of computer security company Trend Micro Inc.’s legal fees, based on an “unusual” circumstance of an expert witness changing his position during a trial and later admitting he had done so.
Security Engineer Hacks Hotel WiFi, Fined for Exposing Admin Password (BleepingComputer) A security engineer from Chinese multinational company Tencent hacked into the WiFi system of a hotel in Singapore and received a fine for publicly disclosing administrator login passwords.
