Cyber Attacks, Threats, and Vulnerabilities
The Mysterious Return of Years-Old Chinese Malware (WIRED) Security researchers have discovered a new instance code associated with APT1, a notorious Chinese hacking group that disappeared in 2013.
‘Operation Oceansalt’ Attacks South Korea, U.S., and Canada With Source Code From Chinese Hacker Group (McAfee Advanced Threat Research) McAfee® Advanced Threat Research and Anti-Malware Operations teams have discovered another unknown data reconnaissance implant targeting Korean-speaking users
3 Years After Attacks on Ukraine Power Grid, BlackEnergy Successor Poses Growing Threat (Dark Reading) In what could be a precursor to future attacks, GreyEnergy is targeting critical infrastructure organizations in Central and Eastern Europe.
Facebook Finds Hack Was Done by Spammers, Not Foreign State (Wall Street Journal) The company believes the hackers who accessed 30 million accounts masqueraded as a digital marketing firm and were driven by greed, not ideology.
Iranians masqueraded as foreign journalists to push political messages online, new Twitter data shows (Washington Post) Twitter accounts originating in Iran masqueraded as foreign journalists and concerned U.S. citizens in an attempt to push political messages, according to new research.
Russian trolls sent thousands of pro-Leave messages on day of Brexit referendum, Twitter data reveals (The Telegraph) An army of Russian trolls sent thousands of messages with the hashtag #ReasonsToLeaveEU on the day of Britain's referendum on membership of the EU, according to new data released by Twitter.
Enabling further research of information operations on Twitter (Twitter) Twitter is releasing all the accounts and related content associated with potential information operations that we have found on our service since 2016.
Trivial authentication bypass in libssh leaves servers wide open (Ars Technica) How many servers have been affected remains unclear.
Critical Vulnerabilities Allow Takeover of D-Link Routers (SecurityWeek) Researchers find critical vulnerabilities that can be exploited to take full control of D-Link routers. Serious flaws also discovered in Linksys routers
Facebook breach: Ready for the coming phishing wave? (Data Centre News) Much of the information accessed in the Facebook breach is perfect for cyber criminals planning their next phishing attack.
CVE-2018-3211: Java Usage Tracker Local Elevation of Privilege on Windows - TrendLabs Security Intelligence Blog (TrendLabs Threat Intelligence Blog) A design flaw in Java Usage Tracker that can enable hackers to create arbitrary files, inject attacker-specified parameters, and elevate local privileges.
Emerging Attack Vector: Why the Security Industry Should Treat Electronic Invoicing like Electronic Health Records (Infosecurity Magazine) E-invoicing remains in its infancy but it could suffer from the same security risks as electronic health records..
Cybercrime-as-a-Service: No End in Sight (Dark Reading) Cybercrime is easy and rewarding, making it a perfect arena for criminals everywhere.
YouTube HACKED? Cyber-attack group claims responsibility for outage (The Sun) A TEAM of hacktivists has claimed responsibility for the outage that brought YouTube down last night. The Ghost Squad Hackers boasted of its exploits on Twitter, although it so far hasn’t pro…
Security Patches, Mitigations, and Software Updates
Oracle's October 2018 Update Includes 301 Security Fixes (SecurityWeek) Oracle’s October 2018 Critical Patch Update (CPU) includes 301 security fixes, bringing the total number of patches released this year to 1,119
VMware Patches Code Execution Flaw in Virtual Graphics Card (SecurityWeek) VMware patches critical code execution vulnerability in the SVGA virtual graphics card used by its Workstation, ESXi and Fusion products
Chrome 70 arrives with fingerprint login for websites, extension controls, and 23 security fixes (CSO) Chrome 70 lets users login to websites with a fingerprint on MacBooks and Android devices.
Verizon Galaxy S9 updated with October 2018 security patch (SamMobile) Samsung has been pretty quick with upgrading its flagships to the latest security patches the last couple of months. It's ...
Cyber Trends
Сybercrime trends in 2018 - Group-IB annual report (Group-IB) Discover more about bank attacks, cryptolocker market, attacks on android users, brand abuse schemes and etc.
The Cybersecurity Imperative Benchmarking Study (Security Industry Association) Produced in partnership with ESI ThoughtLab and WSJ Pro Cybersecurity Sponsor partners: Security Industry Association (SIA), Baker McKenzie, CyberCube, HP Inc., KnowBe4, Opus, Protiviti and Willis Towers Watson
Tech-support scams: Microsoft reveals that fraudsters are still fooling too many people (ZDNet) More people are wary of unsolicited contact from tech firms but tens of thousands still fall victim.
Convergence of CIO and CISO Roles to Manage Cybersecurity Risks in the Enterprise (CIOReview) Convergence of CIO and CISO Roles to Manage Cybersecurity Risks in the Enterprise By Rashmi Gopinath, Partner, M12(formerly known as Microsoft Ventures) - Cybersecurity spending continues to be at an all-time high and is expected to grow by over 10 percent to a whopping $96 billion...
2018 H1 Cybersecurity Insights - NSFOCUS Global: Leading Hybrid DDoS Mitigation and Threat Intelligence Provider (NSFOCUS) The H1 Cybersecurity Insights report highlights the observations of the NSFOCUS Threat Intelligence Center. The analyzed traffic in this report is from January 1, 2018- June 30, 2018.
Zero-days, fileless attacks are now the most dangerous threats to the enterprise (ZDNet) These attacks cost the average organization millions and SMBs are the worst affected.
Dusty Prodigy Accounts, Lost Tablets Put Company Secrets at Risk (Bloomberg) About half of board members use personal email for documents. Almost a third of directors have lost a company device: Survey...
Marketplace
Secretive Data Company Palantir Weighs Giant Public Offering (Wall Street Journal) Data-mining giant Palantir Technologies, one of Silicon Valley’s most secretive companies, is weighing an initial public offering likely to be among the largest in recent years.
Open Source Security Management Firm WhiteSource Raises $35 Million (SecurityWeek) WhiteSource, a company that specializes in open source security management, raises $35 million in Series C funding round
ControlScan Extends Managed Security Services Capabilities With Dunbar Cybersecurity Acquisition (GlobeNewswire News Room) ControlScan, a leader in managed security and compliance solutions that help secure networks and protect payment card data, announces it has acquired Hunt Valley, Md.-based Dunbar Cybersecurity, including its well-established Security Operations Center (SOC) and powerful SIEM platform, Cyphon. The move brings additional advanced capabilities to the best-in-class managed security services ControlScan delivers to the mid-level enterprise.
Cybersecurity Month: Novetta’s Athena Starry Talks With EM (ExecutiveBiz) As part of Cybersecurity Month, Executive Mosaic spoke with Athena Starry, vice president of the cyber & SIGINT division at Novetta. Here’s what she had to say: EM: What is your cyber background? Starry: I have a diverse background that encompasses everything from contracts, proposals, finance, accounting, budgets, business development and overall infrastructure support to...
Circadence® Hires New Chief Technology Officer, Bradley Hayes to Pioneer Cybersecurity Innovation (eTradeWIre) Circadence Corporation announced today the recent appointment of Dr. Bradley Hayes as its new Chief Technology Officer. Dr. Hayes will be based out of the company's Boulder, Colorado headquarters.
Palo Alto Networks Taps Former Google Exec Amit Singh As President (CRN) Singh worked alongside Nikesh Arora at Google between May 2010 and December 2014. Arora took over as chairman and CEO of Palo Alto Networks in June.
Products, Services, and Solutions
Tenable Announces Increase of Several Thousand New Operational Technology Devices Covered by Industrial Security Offering (Tenable™) Solution expands device coverage of the top ten leading industrial manufacturers, including Honeywell, Rockwell and Mitsubishi, to secure critical infrastructure Tenable®, Inc., the Cyber Exposure company, today announced that Industrial Security -- an asset discovery and vulnerability management solution for operational technology (OT) systems developed in conjunction with Siemens -- now includes significantly wider and deeper coverage of several thousand new OT devices from the top ten leading industrial manufacturers. This expanded breadth and depth of coverage is a significant step forward to help organizations deploy a single Cyber Exposure solution which spans both IT and OT assets.
Denim Group’s ThreadFix 2.7 Supports Flexible Structuring of Application Security Programs (BusinessWire) Denim Group announces availability of the latest version of ThreadFix, the company’s application vulnerability resolution platform.
Huawei and STEALTHbits Jointly Launch NAS File Security Audit Solution to Protect Sensitive Data of Enterprises and Organizations (GlobeNewswire News Room) At HUAWEI CONNECT 2018, Huawei and STEALTHbits Technologies today jointly launched the Network-Attached Storage (NAS) File Security Audit Solution.
100% of Valimail's Federal Government Customers Meet BOD 18-01 Deadline (PR Newswire) Valimail, the world's only FedRAMP-authorized provider of DMARC email authentication, announced today that 100...
Cypress expands collaboration with Arm to deliver IoT platform with secure device management (Help Net Security) Cypress Semiconductor has expanded its collaboration with Arm to enable secure, easy-to-use management of IoT edge nodes based on Cypress' PSoC 6 MCU.
A10 Networks provides cloud, Internet and gaming providers with 1 RU DDoS defense appliance (Help Net Security) A10 Network’s Thunder TPS is a DDoS protection solution that offers precision in detecting and mitigating against the full spectrum of DDoS attacks.
InSpec by Chef 3.0 accelerates compliance automation for DevSecOps (Help Net Security) InSpec 3.0 increases the velocity of compliance audits and remediation, while reducing risk for DevSecOps teams and their organizations.
ShieldX Integrates Intention Engine Into Elastic Security Platform (eWEEK) ShieldX uses docker containers to deploy a microservices platform that can determine intent and then automatically configures and injects security policy.
The Chertoff Group Announces Rebrand with New Core Offerings, New Website, New Logo and New Podcast (BusienssWire) The Chertoff Group Announces Rebrand with New Core Offerings, New Website, New Logo and New Podcast
Dell EMC’s Steve Harris: Booz Allen’s Mobility Tech to be Deployed Across More Dell Laptops (GovCon Wire) Steve Harris, senior vice president and general manager of Dell EMC...
Novetta Announces Partnership with Elastic (PR Newswire) Novetta, a leader in advanced analytics technology, has entered into a strategic partnership with Elastic, the...
SentinelOne Achieves ISO 27001 Certification (BusinessWire) Endpoint Protection Leader Recognized by Global Standard for Commitment to Information Security Management.
DarkMatter shows new business lines (ITP.net) DarkMatter highlights new business units and plans for DX consulting.
Endace partners with Darktrace to fight cyber attacks in progress (New Zealand Reseller News) Waikato-based network probe developer Endace is partnering with cyber artificial intelligence vendor Darktrace to discover cyber attacks in progress.
Veratad Releases IDMatch+PredictSM - A New Fraud Detection & Prevention Solution (PR Newswire) Veratad Technologies, LLC (veratad.com), an innovative and industry-leading provider of comprehensive online tools ...
This Startup Wants You to Control Your Own Data Again (WIRED) Helm hopes to make running your own private, encrypted server easy for everyone.
Technologies, Techniques, and Standards
Electronic warfare (EW) upgrades to enhance electronic attack capability of EA-18G Growler (Military Aerospace) U.S. Navy airborne electronic warfare (EW) experts are working together with the Boeing Co. and Northrop Grumman Corp. to upgrade the AN/ALQ-218 signals intelligence (SIGINT) system aboard the Boeing EA-18G Growler aircraft to provide the system with electronic attack capability
INSA Releases Framework for Better Cyber Threat Sharing (Meritalk) At the request of several Federal agencies, the Intelligence and National Security Alliance (INSA) has created and released a framework for organizations to better share indications and warnings (I&W) of cyberattacks and deconstruct that data into indicators that can be monitored.
Technology Industry Sets Sights on Bolstering Email Security (PR Newswire) Today, some of the world's best-known tech companies committed to support enhanced defensive measures to prevent...
Solving the cloud infrastructure misconfiguration problem (Help Net Security) Security incidents involving cloud infrastructure have become a regular occurrence since many organizations began shifting their assets in the cloud.
A History of Defense-in-Depth; and the Evolution of Data Sharing (SecurityWeek) When security teams make it difficult for users to work, users will find ways to circumvent security and restore their productivity--but also putting the organization at higher risk of a cyber incident.
Knowing how to define, screen and monitor your third parties is essential to minimizing risk (Help Net Security) There’s a growing realization that third-party risk management should operate within an organization’s larger ethics and compliance program
Why DNSSEC Isn't Enough (Security Boulevard) When you type a URL into the top of your browser and hit “enter,” a number of complicated things begin to happen. Somehow, the alphanumeric English language of a URL gets translated into the machine language of an IP address, allowing your browser to resolve a new webpage.
IT and security professionals unprepared for Windows 7 end of life (Help Net Security) While some organisations have migrated to Windows 10, many are lagging behind and are unprepared for Windows 7 end of life.
IT Operations Teams Say Complexity is Biggest Obstacle to Security Tool Effectiveness (PR Newswire) Thycotic, a provider of privileged access management (PAM) solutions for more than 10,000 organizations worldwide,...
IBM VP of Threat Intelligence on The Steps to Take After a Cyber Attack (TheStreet) Unclear on what to do after a cyber attack?
Voting Machine Security: How State and Local Governments Can Tackle Threats (State Tech Magazine) Agencies can use network segmentation, next-generation firewalls and other tools to help secure voting infrastructure for the 2018 midterm election and beyond.
After 2016 Hack, Illinois Says Election System Secure (SecurityWeek) Despite electronic voting in Illinois, state law requires that each vote leave behind a paper receipt, so any vote that is disrupted electronically can still be audited.
Washington state officials brace voting systems against hacking (Fifth Domain) Election officials in Washington continue to bolster the state’s elections systems against cyber threats that could disrupt voting or cause citizens to lose faith in the results.
Inside Facebook's Plan to Safeguard the 2018 Election (WIRED) The social media giant has assembled a team of geeks, spooks, hackers, and lawyers to prevent a repeat of the 2016 abuse and manipulation on its network.
In Facebook’s Effort to Fight Fake News, Human Fact-Checkers Struggle to Keep Up (Wall Street Journal) The social network’s algorithms scan billions of posts each day in hopes of flagging misinformation before it goes viral; humans play a supporting role, but in the end they simply can’t keep up.
Design and Innovation
Crypto Quantique unveils its ‘quantum driven secure chip’ for IoT devices (TechCrunch) With Gartner estimating that there will be 150 billion connected devices by 2030 — many of them mission critical, such as powering major national infrastructure — the risk and realisation that these devices aren’t secured properly is leading some cyber security experts to predict …
ARM to Partner with Cybersecurity Firm Cybereason to Develop Secure IoT Chips (CTECH - www.calcalistech.com) ARM has come to dominate the mobile market with its designs of energy efficient chips and is forecasted to be a major player in the future market of connected devices
New Cyberdefenses to Protect Your Smart Appliances From Hackers (Wall Street Journal) Two SoftBank-backed companies are teaming up to thwart hackers pummeling some of the cyberworld’s most vulnerable targets (think lightbulbs and thermostats).
Open-source hardware could defend against the next generation of hacking (Fifth Domain) Imagine you had a secret document you had to store away from prying eyes. And you have a choice: You could buy a safe made by a company that kept the workings of its locks secret. Or you could buy a safe whose manufacturer openly published the designs, letting everyone – including thieves – see how they’re made. Which would you choose?
Research and Development
MIT researchers say memory splitting breakthrough could prevent another Meltdown or Spectre (TechCrunch) Virtually every modern computer processor was thrown under the bus earlier this year when researchers found a fundamental design weakness in Intel, AMD and ARM chips, making it possible to steal sensitive data from the computer’s memory. The Meltdown and Spectre vulnerabilities — which date b…
Pentagon looks to thwart Russian tech attacks in Syria (Al-Monitor) The Pentagon’s in-house tech incubator is developing protected radio communications to thwart potential Russian interception of US airstrike and artillery data.
Academia
University Opens New Sanford Cyber Security Lab (The Torch) The digital age of today is one that relies on the Internet to provide a constant flow of information, drive commerce and protect the foundation of society that witholds our personal information. Breaches of personal data and the loss of private information have become common occurrences. As the digital culture has spread, so has the...
Legislation, Policy, and Regulation
Russia's Top Judge Spurs New Talk Of Changing Constitution (RadioFreeEurope/RadioLiberty) Just seven months after Putin's reelection, there's serious talk about whether to amend the constitution, possibly with an eye toward keeping Putin in power.
A British invention that U.S. spies should copy (NBC News) The U.K.'s National Cyber Security Centre is a relatively new agency responsible for protecting Britain from cyber threats. The U.S. has nothing like it.
Is Trump’s hawkish behaviour towards China the start of a new cold war? (South China Morning Post) With Washington taking a new, profoundly aggressive tack in its dealings with Beijing, analysts speak of ‘active competition with occasional confrontation’ as the new normal
Litigation, Investigation, and Law Enforcement
Russia’s spies red-faced after multiple plots uncovered (Asia Times) Moscow’s spooks left footprints everywhere, resulting in exposure not only by Western spy agencies, but by investigative websites and domestic media
Department of Justice right to go after Hezbollah (TheHill) Emanuele Ottolenghi says Hezbollah is inextricably tied to the world’s most dangerous criminal organizations, and is helping them grow more powerful.
Secret recordings give insight into Saudi attempt to silence critics (Washington Post) A dissident activist and friend of Jamal Khashoggi showed how Saudi agents tracked him down and tried to coerce him into returning.
Did Jamal Khashoggi's Apple Watch record his murder at Saudi consulate? Probably not (Graham Cluley) A Turkish newspaper claims that audio files of journalist’s death were recorded on his Apple Watch. Such a claim, if true, would be rather convenient for the intelligence services in Turkey - who might not want to reveal their methods.
Silicon Valley hoped the Khashoggi story would go away; instead, it may end an era (TechCrunch) It’s amazing how quickly things can change. Exactly a week ago, we wondered if Saudi Arabia’s money might finally become radioactive in light of the disappearance of Saudi journalist and Washington Post columnist Jamal Khashoggi. Almost no one we reached for comment wanted to participat…
Treasury Official Arrested for Leaking Reports of Suspicious Financial Activity to Media (New York Law Journal) FinCEN senior adviser Natalie Edwards allegedly provided images and descriptions of the confidential bank transaction reports to a BuzzFeed News reporter beginning in October 2017.
Analysis | The Cybersecurity 202: Leak charges against Treasury official show encrypted apps only as secure as you make them (Washington Post) Using an encrypted app isn't enough.
Former Equifax Developer Sentenced for Insider Trading (Infosecurity Magazine) Former Equifax Developer Sentenced for Insider Trading. Atlanta man worked on breach portal
Authorities search & seize properties of GTA V's "Infamous" cheat developers (HackRead) Follow us on Twitter @HackRead
Up to 9.5 million net neutrality comments were made with stolen identities (Ars Technica) NY AG subpoenas lobby firms, says fake comments "distort[ed] public opinion."
Advertisers allege Facebook hid the fact that no one watches video ads (Ars Technica) If no one watches Facebook video ads, then advertisers won't spend money on them.
A New Facebook Suit Makes ‘Pivot to Video’ Even More Myopic (WIRED) A new lawsuit alleges that Facebook inflated its video viewership numbers more than previously reported, and then hid the mistake. And that has journalists steamed.