Cyber Attacks, Threats, and Vulnerabilities
China accused of supply chain attack involving chip secretly built-in to Supermicro server motherboards | Computing (http://www.computing.co.uk) Chip the size of a grain of rice found on motherboard of servers used in defence and CIA, claims Bloomberg investigation,Security,Hardware,Cloud and Infrastructure ,AWS,China,supply chain attack,Elemental
The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies (Bloomberg) The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain, according to extensive interviews with government and corporate sources.
Pence to Cast China as Republican Campaign Foe in Harsh Speech (Bloomberg) Vice president to expand on Trump’s election-meddling claims
Russia accused of cyber-attack on chemical weapons watchdog (the Guardian) Netherlands expelled four GRU officers after alleged attacks on OPCW and UK Foreign Office
UK accuses Russian spies of cyber-attacks (BBC News) Alleged attacks include raids on the World Anti-Doping Agency, when athletes' data was published, and the US Democratic Party.
Russian-linked group behind DNC hack now conducting covert intel operations, firm says (TheHill) A prominent Russian-linked hacking group that carried out a series of high-profile cyberattacks during the 2016 election has reverted to more covert intelligence gathering methods, a cybersecurity firm revealed Thursday.
The New Cold Front in Russia’s Information War (Foreign Policy) As NATO’s footprint grows in Norway, Moscow may be using an espionage case to inflame the country’s internal divisions.
DHS Secretary: US Election Infrastructure Safe for Now (VOA) Kirstjen Nielsen says there are no indications Russia, China or others actively targeting systems ahead of November vote
Analysis | The Cybersecurity 202: Keep calm and trust the feds on Election Day, national security officials tell states (Washington Post) The midterms will be a critical test for how much federal and state relationships have improved.
Fake-news ecosystem still thrives, two years after the 2016 election, new report says (Washington Post) The report found that 80 percent of the Twitter accounts that frequently shared links to phony news reports during the 2016 election remain active and, as a group, publish more than a million tweets in a typical day.
Mainstream advertising is still showing up on polarizing and misleading sites — despite efforts to stop it (Washington Post) Some researchers say the ads placed on partisan sites is financing the spread of divisive and conspiratorial content without the advertisers’ knowledge.
Next time, information operations may not be so easy to detect (Fifth Domain) Influence operations will be harder to police and detect in the future.
U.S. Links North Korean Government to ATM Hacks (SecurityWeek) The United States Government has released a joint technical alert to share information on an Automated Teller Machine (ATM) cash-out scheme attributed to the North Korean government.
'Desperate' North Korea turns to APT hack attacks for cash (Register) State-sponsored hacking meets financial acquisition with APT38
European Union warns Facebook not to lose control of data security (The Economic Times) "It is a question for the management, if they have things under control," EU Justice and Consumer Affairs Commissioner Vera Jourova told AFP in Luxembourg.
The ultimate fallout from the Facebook data breach could be massive (Help Net Security) Stolen Facebook tokens allowed the attackers to take over victims' Facebook accounts but might have also been used to log into accounts on other sites and apps.
Some experts agree that Facebook security is in need of some serious work (Techaeris) The latest and one of the biggest Facebook security breaches is upon us and some experts agree that Facebook security needs some serious work.
Phishing in the public cloud: You've been served (Netskope) Netskope Threat Protection recently detected an interesting PDF decoy hosted in Google Drive. The PDF decoy was impersonating a law firm in Denver, CO. The PDF decoy linked to an Office 365 phishing page hosted in Azure blob storage. As the phishing bait is hosted in Azure blob storage, it has a Microsoft-issued domain and …
Betabot - An Example of Cheap Modern Malware Sophistication (SecurityWeek) Cybereason describes Betabot malware as paranoid, doing everything it can to prevent detection and maintain persistence.
Malware Has a New Way to Hide on Your Mac (WIRED) By only checking a file's code signature when you install it—and never again—macOS gives malware a chance to evade detection indefinitely.
Cheap Android Phones and Poor Quality Control Leads to Malware Surprise (BleepingComputer) The abundance and variety of low cost Android phones is one of the reasons that Android has become so popular around the world. Unfortunately, low priced phones could also mean less operating revenue and thus possibly a lower quality control. Such is the case with a cheap Android phone and has a remote access trojan preinstalled.
South African phones targeted by notorious ‘governments only’ spyware (Mail and Guardian) Journalists warned to be extra-vigilant with their digital security
You dirty DRAC: IT bods uncover Dell server firmware security slip (Register) Weakness not easy to leverage, but iDRAC exploit would mean game over for admins
Danabot Banking Malware Now Targeting Banks in the U.S. (BleepingComputer) The DanaBot banking Trojan traditionally ran campaigns that targeted Australia and European banks, but new research shows a new campaign that is targeting banks in the United States as well.
Why you shouldn't trust "safe" spying apps! (Zscaler) Zscaler security research team came across a suspicious Android app named SPYMIE, which portrays itself as key logger designed for parents to track the cell phone activities of their children. its an Android-based keylogger that has ability to hide itself and start recording everything the user tries to access.
For some cloud services more than 75% of accounts are utilized by hackers (Help Net Security) DataVisor researchers found that a staggering percent of cloud-based online user accounts appear to be completely fraudulent.
Business Email Compromise Made Easy for Cybercriminals as 12.5 Million Company Email Inboxes and 33,000 Finance Department Credentials Openly Accessible on the Web (BusinessWire) Digital Shadows today announced the findings of new research revealing the diversity of methods used to infiltrate company emails.
Hackers demand bitcoin ransom in cyberattack on big Canadian restaurants | CBC News (CBC) Restaurant company Recipe Unlimited, which owns many popular chains, has been told to pay ransom in bitcoin to retrieve data that hackers claim to have stolen. The company says the threat isn't real because its systems are protected.
Security Patches, Mitigations, and Software Updates
Microsoft's latest Windows 10 update makes nice with Android (Mashable) If you're on Android, Windows 10 has some treats for you.
Cyber Trends
The internet of battlefield things is coming. Are IT pros ready? (C4ISRNET) Inanimate and innocuous objects, including plants and stones, are being turned into connected information gathering points, increasing the scale of information and the need for IT teams to support war fighters.
Terbium Labs Takes to Task Existing Research on Dark Web Data Pricing (GlobeNewswire News Room) Investigative Research Team Examines 22 Reports on Dark Web Data Pricing to Find No Consistency and Misleading Results
Even with internal focus, most companies utilize external resources for cybersecurity (Help Net Security) Among companies that have internal security resources, 78% utilize external resources for cybersecurity. This could be a contract with a third-party firm.
Most organizations believe hackers can penetrate their network (Help Net Security) The Radware 2018 State of Web Application Security report shares an in-depth view of the challenges organizations face in protecting web applications.
Marketplace
Firms Seek to Close Security Skills Gap (Wall Street Journal) The expansion of cloud computing and mobility is creating data and privacy threats that can’t be handled by standard network and endpoint security efforts, CompTIA says.
NYC launches full-court cyber press (GCN) A multipronged effort aims to secure the city by investing in cybersecurity technology, entrepreneurs, a skilled workforce and empowering residents to better protect themselves against threats.
2 Israeli firms chosen to aid NYC in quest to be cybersecurity ‘global leader’ (Times of Israel) SOSA, which matches startups with corporations, will set up a Global Cyber Center in Chelsea; JVP will run the city's first international cybersecurity investment hub in SoHo
ObserveIT Brings Powerful New Insider Threat Detection Features to Market; Achieves Record Growth in Q3 (Odessa American) ObserveIT, the leading insider threat management provider with more than 1,800 customers around the world, today announced significant growth and product innovation, reflecting increasing global demand for ObserveIT’s insider threat management solution. The company unveiled the latest version of its solution, ObserveIT 7.6, and experienced the largest bookings quarter in the company’s history, with a 80% increase in bookings over the last 15 months, several sizable customer wins and industry accolades.
Raytheon Enters Cyber Partnerships With Cybraics, Authentic8; John DeSimone Quoted (ExecutiveBiz) Raytheon has teamed up with two companies to help organizations protect financial, health care and electoral systems and other critical infrastructure from cyber threats through the adoption of artificial intelligence, analytics and isolated browsers. “With global critical infrastructure systems under constant attack, organizations need flexible access to the most advanced technology possible to ensure resiliency,”...
Emerson to Acquire GE’s Intelligent Platforms BusinessEmerson to Acquire GE’s Intelligent Platforms Business (Automation World) The addition of GE’s PLC technologies to the portfolio will help Emerson expand further into hybrid industries like metals and mining, life...
Huntsville cybersecurity firm gets $12.1 billion contract (AL.com) The contract is for Information Technology Enterprise Solutions-3 services, or ITES-3S, to the army, other defense department agencies, and all other federal agencies.
Cyber Threat Alliance Continues Strong Growth With New Members AlienVault, Dragos, Lastline, and NEC (Cyber Threat Alliance) Expanding member base supports CTA mission to improve cybersecurity for all
Security Industry Association to Present Edwina Reynolds With Inaugural SIA Progress Award | Security Industry Association (Security Industry Association) Iluminar CEO Eddie Reynolds will be recognized for her efforts to aadvance women in the security industry at SIA Honors Night 2018.
Products, Services, and Solutions
Cubic Corp. wins $394 million contract to update transit fare technology in the Bay Area (San Diego Union Tribune) Cubic will replace older fare readers and other equipment, as well as add wireless communications to buses that lack connectivity. The work will take place over the next two to five years.
Security Compass Announces Jenkins Plugin for its Policy-to-Procedure Platform Bringing Application Risk Policy and Compliance to DevOps (GlobeNewswire News Room) Agile Development Teams Empowered to Continuously Deliver Applications without Risk from the Start
F-Secure, Zyxel Bringing Secure Wi-Fi to Connected Homes (Global Security Mag Online) Cyber security provider F-Secure and broadband networking solutions provider Zyxel are teaming up to bring fast, secure Wi-Fi to homes all over the world. The two companies have signed an agreement to offer service providers a range of home cyber security gateways that provide the fast Wi-Fi connectivity demanded by today’s consumers while delivering comprehensive protection for PCs, smart TVs, mobile phones and tablets, and all the other internet-enabled devices finding their way into people’s homes.
InfoSec Institute Targets MSPs, VARs, OEMs with New Program (Channel Partners) InfoSec Institute's new partner program offers all qualified partners: profitable margins and bonus deal registration discounts; marketing and lead generation resources; sales support resources to qualify opportunities, provide quoting or contracting assistance and close deals; SecurityIQ technical sales training; and the ability to resell InfoSec Flex Pro IT security training boot camps and certification prep courses.
How Bank of England is using Splunk for proactive security (ComputerWeekly) Head of the Bank of England’s security operations centre talks about how Splunk is helping it to take a more proactive approach to preventing cyber attacks.
Splunk ups Industrial IoT Operational Technology (OT) team tools (ComputerWeekly) Real-time operational intelligence specialist Splunk hosted its annual .conf conference in Orlando this October to detail the state of its platform development, showcase customer use cases and dig ...
Cylance Launches Cybersecurity Leadership Academy (Digital Journal) Inc., the leading provider of AI-driven, prevention-first security
Disk Encryption is Smooth and Speedy in BestCrypt By Jetico (BusienssWIre) Jetico releases superior disk encryption in BestCrypt Volume Encryption v4 with smoother interface and faster performance to encrypt hard drives.
DigiCert, Gemalto and ISARA to provide quantum-proof certificates (SearchSecurity) Quantum computing threats are posed to break the most widely used cryptography technology, but DigiCert, Gemalto and ISARA recently announced a partnership to develop quantum-proof digital certificates.
Technologies, Techniques, and Standards
What Clausewitz Can Teach Us About War on Social Media (Foreign Affairs) Clausewitz would have understood the weaponization of social media.
Hacking for good uncovers over 150 Marine Corps web vulnerabilities (Fifth Domain) The Department of Defense's latest bug bounty program targeted vulnerabilities in Marine Corps websites.
Remote Access: The Hidden Weak Spot for Cyberattacks (SecurityWeek) To minimize the risk associated with remote access threats, organizations should implement these four measures to strengthen their security posture.
How Letting Go of the Familiar Can Improve Security Maturity (SecurityWeek) Josh Goldfarb provides six examples of how letting go of the familiar can help us improve our security maturity.
Bridging the priority gap between IT and security in DevOps (Help Net Security) Do you have a security priority gap? Some gaps do exist in the motivation, emphasis, and objectives associated with each roles in an organization.
Using Compliance as a Springboard to Better OT Cybersecurity (SecurityWeek) Regulations are helping to raise awareness among senior decision makers in organizations about security and accountability.
Identifying a phisher (SANS Internet Storm Center) I’m working as an IT security expert for a mid-sized company in Germany so it is rather common that employees consult me to check some phishy emails they receive. I rarely write blog posts anymore, but this was so funny and enjoyable that I’d like to share my experience.
Design and Innovation
Verizon: Vendor AI Not Ready for Prime Time (Light Reading) Verizon's wireline unit is developing its own machine learning internally using open source tools and 'agile' development methods.
Research and Development
IBM Wins Patent for Blockchain-Based Network Security System (CoinDesk) A newly published IBM patent proposes bolstering network security by monitoring potential network intrusions on a blockchain.
Morphisec Awarded by Department of Homeland Security for Development of Enhanced Moving Target Defense for Virtual Systems (Odessa American) Morphisec, the leader in Moving Target Defense, announced today that it has received an award from the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) to extend, deploy, test and evaluate a Moving Target Defense (MTD)-based cybersecurity solution for virtual desktop infrastructure (VDI) environments.
Academia
Cyber Innovation Center receives Homeland Security grant (ARKLATEXHOMEPAGE) The Cyber Innovation Center and its academic outreach division, the National Integrated Cyber Education Research Center, have been awarded a second five-year grant from U.S. Department of Homeland Security.
UMBC and the NSA celebrate their longstanding relationship (Retriever) The National Security Agency has recently listed UMBC as the first school under their new featured school series. For over twenty years, UMBC and
La. National Guard planning new cybersecurity center at LSU Innovation Park (Baton Rouge Business Report) The Louisiana National Guard and LSU have agreed to a land swap at LSU’s Innovation Park that will enable the guard to develop a new unit devoted entirely to cybersecurity. The Cyber Coordination Center, as it would be called, will build on an existing collaboration between LSU and the guard on cybersecurity issues, and could...
Legislation, Policy, and Regulation
US to offer cyberwar capabilities to NATO allies (CNBC) The announcement is expected in coming days.
Lockheed’s Jim Keffer: White House, DoD Cyber Strategies Could Lead to Campaigns Against Threat Actors (ExecutiveBiz) Jim Keffer, director of cyber at Lockheed Martin, told Federal News Radio in an interview posted Tuesday how the Defense Department’s cyber strategy is synched up with and embedded into the White House’s National Cyber Strategy. “The national strategy talks more about domestic issues and the DoD strategy is more about the military part, but the...
How to deter the biggest U.S. cyber adversaries (POLITICO) DHS conducting experiment in ICS cybersecurity — North Korean cash grab
Facebook Briefs Lawmakers on Breach in Effort to Guard Against Backlash (Wall Street Journal) Facebook officials are briefing lawmakers about its massive security breach as the social-media company tries to quell a potential backlash in Washington over its latest setback involving user data.
GDPR also covers "security by design" in hardware and software, warns Dr Kuan Hon (Computing) Data controllers obliged to consider data protection by design and by default under GDPR - which will also cover firmware
Facebook, Apple, Alphabet and Amazon rally against Australia's proposed data encryption laws (CRN Australia) Facebook, Apple, Alphabet and Amazon unite.
Litigation, Investigation, and Law Enforcement
Russia collusion bombshell: DNC lawyers met with FBI on dossier before surveillance warrant (TheHill) Congressional investigators have confirmed that a top FBI official met with Democratic Party lawyers to talk about allegations of Donald Trump-Russia collusion weeks before the 2016 election, and before the bureau secured a search warrant targeting Trump’s campaign.
Justice Department charges 7 Russian military intelligence officials in hack of doping agencies, other organizations (Washington Post) Justice Department charges 7 Russian military intelligence officials in hack of doping agencies, other organizations
Justice Department announces indictments of 7 Russian spies in hacking plot tied to Olympics doping scandal (USA TODAY) Justice Department officials announced charges Thursday against seven Russian GRU intelligence officers
U.S. Gets Aggressive in Naming Foreign Hackers (Wall Street Journal) The U.S. and the U.K. are among countries that have become more willing to blame specific nations for major cyberattacks.
The $500 Million Central Bank Heist—and How It Was Foiled (Wall Street Journal) Officials in Angola have charged four men in connection with an alleged plot to siphon off a big chunk of its central-bank reserves. It would have been one of the biggest ever thefts of its kind.
Angolan Ex-President’s Son and Others Suspected of $500 Million Central Bank Fraud Using U.K. Lenders (Wall Street Journal) The former Angolan president’s son and a former central banker are suspected of using accounts at HSBC and Standard Chartered in an attempt to defraud the country’s central bank by transferring $500 million through these U.K.-based lenders.
Facebook to be hit with UK legal claim after massive data breach (The Telegraph) Facebook's problems deepened last night as EU regulators launched a formal investigation into a hack of 50 million accounts and a new threat of legal action in the UK also loomed.
Suspect in Congressional Doxxing Cases Arrested (Roll Call) A suspect in the doxxing of several Republican senators has been arrested. The doxxing happened in the wake of explosive testimony last week.
Former junior Democratic aide charged with posting personal data on GOP senators online (Washington Post) U.S. Capitol Police say investigation continues into Wikipedia edits made during Kavanaugh hearing
Jackson Cosko: 5 Fast Facts You Need to Know (Heavy.com) Jackson Cosko is accused of doxxing Republican senators during the Kavanaugh hearings.
FBI vs. Facebook Messenger: What’s at stake? (Ars Technica) Op-ed: Secret rulings should not force tech companies to build backdoors.
Rapid7 is latest cybersecurity firm to face Finjan patent lawsuit (Reuters) Boston-based Rapid7 Inc on Monday became the latest cybersecurity company to fac...
EBay accuses Amazon of trying to 'illegally poach' its sellers (The Telegraph) EBay has accused Amazon employees of using its messaging system to illegally poach its sellers.
GCCPOL and Kaspersky Lab collaborate for cybersecurity awareness (Intelligent CIO Middle East) GCCPOL, the organisation which serves as a law enforcement hub for the six countries of the GCC (Bahrain, Kuwait, Oman, Qatar, Saudi Arabia and UAE), has hosted a cybersecurity session in collaboration with Kaspersky Lab. The session has created a platform for the exchanging of information and expertise between the two organisations about the latest cyberthreats […]