Cyber Attacks, Threats, and Vulnerabilities
UNIAN: SBU - Ukrainian government agencies targeted in another cyber attack (KyivPost) The Security Service of Ukraine has reported a new cyber attack on government agencies, according to the SBU press center.
Security researchers find solid evidence linking Industroyer to NotPetya (ZDNet) A web of code reuse and shared infrastructure links together a slew of famous cyber-attacks.
Researchers link tools used in NotPetya and Ukraine grid hacks (Cyberscoop) New research provides evidence that TeleBots, a group with Russian military ties, was involved with the NotPetya and BlackEnergy incidents in Ukraine.
New TeleBots backdoor links Industroyer to NotPetya for first time (WeLiveSecurity) ESET’s analysis of a new TeleBots backdoor has uncovered the first evidence linking Industroyer to NotPetya, revealing a rumored connection that was not previously proven.
Facebook purged over 800 U.S. accounts and pages for pushing political spam (Washington Post) Facebook cracked down on over 800 accounts and publishers on Thursday, saying that the politically-oriented accounts violated its policies against spam.
Facebook: Most political trolls are American, not Russian (The Telegraph) Facebook has banned hundreds of pages and accounts which it says were fraudulently flooding its site with partisan political content – although they came from the US instead of being associated with Russia.
If Supermicro boards were so bug-ridden, why would hackers ever need implants? (Ars Technica) Whether spy chips reported by Bloomberg existed, attackers had much easier options.
Google Exposes User Data, Continues Deciding Which Sites Are Secure: What The Experts Say (Information Security Buzz) We now know that Google knowingly avoided disclosing its own data breach. At the same time it announces the decision to “fully remove trust in Symantec’s old infrastructure and all of the certificates it has issued” when it releases Chrome 70 later this month. Bill Holtz is CEO of Comodo CA, web security provider and the world’s largest commercial Certificate …
Cisco's Talos Group discovers new Android trojan (iTWire) A new Android trojan, named GPlayed, has been spotted by Cisco's Talos Intelligence Group which says it has an icon very similar to Google Apps and us...
An Examination of a Phishing Kit Dubbed Luis (Akamai) There have been plenty of articles describing the structure of phishing emails, and how to spot them. However, less explored, are phishing websites - what they are, how they are used, and how users can protect themselves. We'll take a...
Troubled waters: cyber-attacks on San Diego and Barcelona's ports show risk of IT/OT convergence (Computing) Operational technology has been kept separate from IT in the past - but as that changes, systems are being exposed to attacks,Threats and Risks ,Darktrace,computer security,Cyber security
Security warning: Attackers are using these five hacking tools to target you (ZDNet) Free - but powerful - tools are being used by everyone ranging from cyber criminals to nation-state operators, says a report by five government security agencies.
Fake Adobe Flash Updates Hide Malicious Crypto Miners (Threatpost) A fake Adobe update actually updates victims' Flash - but also installs malicious cryptomining malware.
PoC exploit for Windows Shell RCE released (Help Net Security) A PoC exploit for a RCE vulnerability (CVE-2018-8495) that can be exploited via Microsoft Edge has been published and can be easily adapted by attackers.
Stolen Apple IDs in China Lead to Mobile-Payment Pilfering (Wall Street Journal) China’s two mobile-payments giants, Alibaba affiliate Alipay and Tencent's WeChat Pay, said stolen Apple IDs were used to swipe customer funds, and called on Apple to address the issue.
Scam callers impersonating Parke County Deputies for personal information and money (WTHI News) Parke County residents are saying they are receiving phone calls from deputies demanding money.... or so it seems. Now the Sheriff's office is taking action.
FitMetrix Exposes “Millions” of Customers’ Data (Infosecurity Magazine) Unprotected cloud database again to blame
Yale 'smart' security app crash left people locked out of their homes for 24 hours (Computing) Yale smart lock crash locks users in - and out - of their homes,Big Data and Analytics,Cloud and Infrastructure ,yale,burglar alarm,smart locks,smart alarm
‘Payment Notification’ Is Top Healthcare Phishing Attack Subject (HealthITSecurity) The term “Payment Notification” is the top healthcare phishing attack subject, appearing in more than half of healthcare phishing attack campaigns in 2018.
Security Patches, Mitigations, and Software Updates
Google's Project Zero thwarts another major bug in Facebook's WhatsApp (Inquirer) And Facebook fixed it in good time. So yay.,Security ,Security,Hacking,Facebook,Google
Patch Tuesday, October 2018 Edition (KrebsOnSecurity) Microsoft this week released software updates to fix roughly 50 security problems with various versions of its Windows operating system and related software, including one flaw that is already being exploited and another for which exploit code is publicly available.
Delaying Further Symantec TLS Certificate Distrust (Mozilla Security Blog) Due to a long list of documented issues, Mozilla previously announced our intent to distrust TLS certificates issued by the Symantec Certification Authority, which is ...
DHS, FBI chiefs say cyber inflects every security and criminal threat (FCW) Cybersecurity isn't the only threat facing the country, but an Oct. 10 Senate Homeland Security hearing hammered home the extent to which the digital revolution touches every problem in the national security space.
Q2 2018 Quarterly Threat Report (eSentire) The 2018 Quarterly Threat Report provides a quarterly snapshot of threat events and trends investigated by the eSentire Security Operations Center (SOC).
Identity Spoofing Hits the Jackpot as the Primary Attack Vector on Gaming and Gambling Sites, Reveals New ThreatMetrix Cybercrime Report (AP NEWS) ThreatMetrix ®, a LexisNexis® Risk Solutions Company , today released insights into cybercrime attacks on the gaming and gambling sector in its Q2 2018 Gaming & Gambling Report .
One-Third of US Adults Hit with Identity Theft (Dark Reading) That's double the global average and more than three times the rate of French and German adults.
The rise of the chief compliance officer (Digital Guardian) What does the role entail, and does your organisation need one?
AI has triggered 'so many concerns in the world' - Google Cloud CEO (CRN) Diane Greene says that AI is a 'power for good', but warns that the tech industry has to address worries,Vendor ,google cloud platform,Next,Diane Greene,Artificial Intelligence (AI)
Demisto Secures $43 Million Series C Round Led by Greylock Partners (Venture Dreams) Demisto, the US-based company operating in the space of Security Orchestration, Automation and Response (SOAR) technology, has announced the closing of a $43 million Series C funding round led by Greylock Partners. Additional investors participating in this funding round include early investors Accel Partners, ClearSky Security and others, bringing total funding to date to $69 …
Thales makes concessions to soothe EU's Gemalto deal worries (euronews) Thales <TCFP.PA> has offered concessions to address European Union antitrust concerns over the French aerospace
Nyotron Enters Into Strategic Partnership With Ingram Micro to Scale Business Operations Globally | Nyotron (Nyotron) Partnership Agreement Includes $10 Million Investment and Channel Agreement to Help Cybersecurity Pioneer Increase US Presence and Build Channel Program
Products, Services, and Solutions
New infosec products of the week: October 12, 2018 (Help Net Security) Featured infosec products of the week include releases from: Alert Logic, Arcserve, AVG, EclecticIQ, Portnox, Utimaco, WhiteHat Security.
Securonix Selects Cylance for End-to-End AI-Enabled Security Intelligence and Threat Prevention (Cylance) Partnership To Provide Clients with Seamless Integration with CylancePROTECT and Securonix Security Analytics
Lockpath Introduces Two New Editions of the Keylight Platform (PR Newswire) Lockpath, a leading provider of integrated risk management solutions, today announced the availability of...
Carbon Black Debuts Threat Hunting On Endpoint Protection Platform (CRN) Cb ThreatHunter continuously collects unfiltered data, making it easier for security teams to proactively hunt threats, uncover suspicious and stealthy behavior, and disrupt active attacks.
Technologies, Techniques, and Standards
NCSC is monitoring the internet to block DDoS and other cyber attacks (Computing) Technical director Ian Levy says it will be awesome if it works,
Why big business can bank on cyber failures (Global Banking and Finance) When it comes to cyber failures, it’s the big names that make the news. It seems that almost every other day we hear about the latest multi-national bank
Threat Hunters & Security Analysts: A Dynamic Duo (Dark Reading) Fighting spying with spying, threat hunters bring the proactive mindset of network reconnaissance and repair to the enterprise security team.
12 Free, Ready-to-Use Security Tools (Dark Reading) There's no excuse for not knowing your exposure. These free tools can help you analyze what your company is up against and point ways to developing a more thorough security program.
GDPR Fear is Stifling Employees, Here’s How to Fix It (Infosecurity Magazine) A level of accountability is, of course, necessary, because businesses will not be GDPR compliant without it.
Design and Innovation
FICO, Chamber of Commerce release tool to score businesses on cybersecurity (TheHill) FICO and the U.S. Chamber of Commerce released a new tool Thursday to score how strong businesses' protections are when it comes to cybersecurity.
Analysis | The Cybersecurity 202: Kanye West is going to make password security great again (Washington Post) Yes, his password is bad. But the celeb put security in the spotlight.
China’s central bank hiring cryptography experts for digital money development (South China Morning Post) PBOC is leading the world in the development of a sovereign virtual currency that is cheaper to handle and easier to trace
Research and Development
DARPA wants to teach and test ‘common sense’ for AI (TechCrunch) It's a funny thing, AI. It can identify objects in a fraction of a second, imitate the human voice, and recommend new music, but most machine "intelligence" lacks the most basic understanding of everyday objects and actions — in other words, common sense. DARPA is teaming up with the Seattle-based …
How to protect jets, missiles and ships from cyberattacks (Fifth Domain) Experts told Fifth Domain that protecting American weapons systems from cyberattacks will require a culture of cyber hygiene, resilient systems and a workforce overhaul.
Securing campus networks became more challenging (Help Net Security) A global Infoblox survey reveals that 81 percent of IT professionals believe securing campus networks has become more challenging in the last two years.
Legislation, Policy, and Regulation
Nato to be fully operational in cyber space by 2023 (ComputerWeekly.com) Nato is aiming to achieve full operational readiness in cyber space within five years.
Military intelligence offers career path in today's Russia (AP NEWS) "First time here?" the conductor on the train that stops at the logging outpost of Loyga asks some departing passengers. "My condolences — there isn't even cell phone connection." This desolate village, deep in the far northern Arkhangelsk region, is the hometown of one of the suspected GRU Russian military intelligence agents who is believed to have poisoned a former Russian spy in Britain. The other alleged attacker and an alleged military intelligence operative accused of a hacking attack in the Netherlands come from equally dismal places.
U.K., Netherlands Lead EU Push for New Cyber Sanctions (Bloomberg) Memo sent to EU countries ahead of leaders’ summit next week
U.S. Needs a Global Alliance Against Russia’s Cyberattacks (Bloomberg) Washington can coordinate with Europe, the UN, Interpol and nongovernmental groups.
Exclusive: Five Eyes intelligence alliance builds coalition to counter China (Reuters) The five nations in the world's leading intelligence-sharing network have...
Trump vows to punish China amid spying row (Times) President Trump threatened to punish China further for its aggression towards the United States as tensions between the two economic rivals escalated sharply yesterday. Mr Trump warned that there...
This Act may be cited as the ‘‘Protect our Elections 5 Act’’. (US Senate) To amend the Help America Vote Act of 2002 to require States to take steps to ensure domestic ownership and control of election service providers, and for other purposes
Here's the US Army's New Russia-Era Shopping List (Defense One) After Putin's Ukraine invasion, the Army's future command wants longer guns, better cybersecurity, and a new way to buy weapons.
Ukrainian church wins independence battle against Moscow Patriarchate (Deutsche Welle) Ukraine should have its own Orthodox church, independent from Moscow, the Istanbul-based Ecumenical Patriarchate has ruled in a bitter row. Representatives of Russia's Patriarch Kirill slammed the move as "catastrophic."
Litigation, Investigation, and Law Enforcement
Kaspersky Lab treason suspect is hospitalized in critical condition after suffering pulmonary embolism in jail (Meduza) Ruslan Stoyanov, the former Kaspersky Lab expert now on trial for treason, was recently rushed to the hospital in critical condition, after suffering a pulmonary embolism on October 1, his lawyer told the independent television network Dozhd.
Google questioned over delay in disclosing vulnerability (CRN Australia) US senate asks why Google+ vulnerability wasn't made public sooner.
INVESTIGATION NOTICE: The Schall Law Firm Announces it is Investigating Claims Against Alphabet Inc. and Encourages Investors with Losses in Excess of $100,000 to Contact the Firm (Yahoo) The Schall Law Firm, a national shareholder rights litigation firm, announces that it is investigating claims on behalf of investors of Alphabet Inc. (''Alphabet'' or ''the Company'') (NASDAQ: GOOG; NASDAQ: GOOGL) for violations of §§10(b) and 20(a) of the Securities Exchange Act of 1934 and Rule 10b-5 promulgated thereunder by the U.S. Securities and Exchange Commission.
Internet operator challenges network tapping by German spy agency (Reuters) Internet exchange operator DE-CIX said on Thursday it had filed a constitutional...
'I Could Ruin Your Business Right Now': Listen to a SIM-Jacking, Account-Stealing Ransom (Motherboard) Jared Goetz's credit card was fraudulently charged, his phone cut-off, and his email account hacked. But in an extraordinary phone call, Goetz managed to talk the hacker down, and get his digital life back.