Cyber Attacks, Threats, and Vulnerabilities
Coats: ODNI has seen 'no evidence' of supply chain hack detailed in Bloomberg story (Cyberscoop) Director of National Intelligence Dan Coats says that he’s seen no evidence of Chinese actors tampering with motherboards made by Super Micro Computer.
Super Micro Tells Senators No Evidence of Chinese Hardware Hack (Bloomberg) Company says no U.S. agency has said it found hacked hardware. Super Micro comments come in letter to Rubio, Blumenthal.
Ex-NSA Chief Mike Rogers: How Chinese Hackers Target American Democracy (Forbes) Ex-NSA chief Mike Rogers explains to Forbes what he saw as Chinese hacker attempts on American democracy.
FireEye analyst: Trade tensions with China will hike cybersecurity risks for aviation sector (Inside Cybersecurity) Heightened tensions between China and the Trump administration over trade policies will likely drive up cyber attacks on a wider range targets affecting aviation, in part because of the industry's close ties with the military and its symbolism as a port of entry to the country, according to a chief analyst at security firm FireEye.
Hackers accused of ties to Russia hit 3 E.European companies-... (Reuters) Hackers have infected three energy and transport companies in Ukraine and Poland...
GreyEnergy Spy APT Mounts Sophisticated Effort Against Critical Infrastructure (Threatpost) The group is a successor to BlackEnergy and a subset of the TeleBots gang--and its activity is potentially a prelude to a much more destructive attack.
Latvia repulsed election day cyber-attack (Public broadcasting of Latvia) While the hacking of a social media site in Latvia on Saeima election day, October 6, made headlines, in fact the country was subjected to - and successfully repulsed - a wider cyber attack, reports Olga Dragileva of LTV's De Facto weekly investigative show.
Exclusive: Twitter pulls down bot network that pushed pro-Saudi talking points about disappeared journalist (NBC News) Twitter became aware of some of the bots on Thursday when NBC News presented the company with evidence of coordinated activity.
Twitter's Dated Data Dump Doesn’t Tell Us About Future Meddling (WIRED) Twitter's release of more than 10 million tweets from Russia's Internet Research Agency and Iran sheds little light on those agencies' current tactics, researchers say.
New research highlights Vietnamese group's custom hacking tools (Cyberscoop) Cybersecurity researchers have uncovered remote access tools, or backdoors, linked to an infamous Vietnamese hacking group with a history of targeting government organizations and intellectual-property-rich companies.
Report: The SpyRATs of OceanLotus (Cylance) During an incident response investigation, our threat researchers and incident responders uncovered several bespoke backdoors deployed by OceanLotus Group (a.k.a. APT32, Cobalt Kitty), as well as evidence of the threat actor using obfuscated CobaltStrike Beacon payloads to perform C2. This white paper is dedicated to in-depth technical analysis of the malware, C2 protocols, TTPs and general observations.
Gemalto withdraws report that claimed data breach at Aadhaar (The Times of India) Digital security firm Gemalto Thursday withdrew its report which claimed that data breach incidences in India were the second hig
Serious SSH bug lets crooks log in just by asking nicely… (Naked Security) A serious bug in libssh could allow crooks to connect to your server – with no password requested or required. Here’s what you need to know.
Hacker: I'm logged in. New LibSSH Vulnerability: OK! I believe you. (BleepingComputer) Newly released versions of the libssh library fix an authentication bypass flaw that grants access to the server by just telling it that the procedure was a success.
Vulnerable controllers could allow attackers to manipulate marine diesel engines (Help Net Security) Researchers have found several authentication and encryption vulnerabilities that could allow them to manipulate marine diesel engines.
VestaCP users warned about possible server compromise (Help Net Security) Unknown attackers have compromised the official distribution of the VestaCP hosting control panel solution to harvest web server IPs and admin credentials.
Spyware Pushers Modify Equation Editor Exploit to Bypass AV Detection (Security Boulevard) In a case that shows you can teach an old exploit new tricks, a group of attackers who push information-stealing malware modified a well-known exploit in A group of attackers have modified a well-known exploit in a way that it bypasses detection by most antivirus programs.
Old dog, new tricks - Analysing new RTF-based campaign distributing Agent Tesla, Loki with PyREbox (Cisco Talos) A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
SEO Poisoning Campaign Targeting U.S. Midterm Election Keywords (BleepingComputer) A new SEO poisoning campaign has been discovered that is targeting keywords associated with the U.S. midterm elections. Users who are enticed to visit these pages will then be redirected to a variety of scam sites, adult sites, and sites pushing unwanted software.
US Voter Leak Hits Tea Party Organization (Infosecurity Magazine) Fund-raising super PAC spills details on half a million voters
Ex-CIA chief’s take on election security: Don’t panic, do stay paranoid (Yahoo) Former CIA director John Brennan says we shouldn't freak out about election security, but should be careful.
Popular Lawfare Blog Hit by DDoS Attack — Here’s What We Know (Law and Crime) Apparently, it has happened before.
Who gets spear phished, and why? (Help Net Security) Spear phishing is one of the most successful methods of cyberattack. It is a reliable way for malicious actors to access protected digital assets.
Hold the phone: The robocall epidemic is getting worse in America (NBC News) Robo-dialers are busier than ever. Here’s how we got to this point.
GandCrab Devs Release Decryption Keys for Syrian Victims (BleepingComputer) In a post to an underground hacking and cybercrime forum, the GandCrab developers have released the decryption keys for Syrian victims. The release of these decryption keys was in response to a Tweet where a Syrian victim asked for help after images of his deceased children were encrypted.
West Haven officials pay ransom after cyber attack disables 23 servers at city hall (WTNH) West Haven City Hall recently fell victim to a cyber attack.
Advertising frauds that continue to tarnish cryptography (Crypto Economy) Regarding the issue related to advertising frauds, without stopping to remember the collective ban that ICOs made at the beginning of this year, the lack of modesty of some malicious people does not respect the legitimate authorities of the countries
Honeywell Hides Selling US Gov Banned Chinese Video Surveillance (IPVM) Proof of why Honeywell is deceiving buyers and putting US security at risk.
Security Patches, Mitigations, and Software Updates
Apple will let users see and delete data it has collected (CRN Australia) New tool will let customers download, change or delete all data.
Shopping online gets a security upgrade from Mastercard (Help Net Security) Mastercard introduces Digital Commerce Solutions a suite of offerings that enhance the security of stored card credentials.
GitHub Adds Security Alerts for Java and .NET (ADTmag) The popular code repository and social coding platform recently acquired by Microsoft launched the feature last year, initially covering JavaScript and Ruby. Python coverage was added earlier this year.
Cyber Trends
ONS Reveals Major Drop in Household Cybercrime (Infosecurity Magazine) Under-reporting may be seriously skewing ONS results
The Cat-and-Mouse Game Between Regulators and Data Stewards (Fortune) Life after GDPR.
Janrain Survey Shows Consumers Still Trust Brands but Want More Control over Data (Janrain) U.S. Public Surprisingly Forgiving Despite Data Breaches and Controversies as Long as Companies Demonstrate Good Faith; Consumers Welcome Consent-Based Marketing
How to Get Consumers to Forgive You for a Breach (Dark Reading) It starts with already-established trust, a new survey shows.
Most executives around the world see untrained staff as the greatest cyber risk (Help Net Security) The majority of executives (87%) around the world believe that untrained staff poses cyber risk to their business, according to a new report.
What the New Workforce Numbers Mean for Cyber (Advanced Cyber Security Center) The (ISC)2 published an updated survey of 1,500 cyber professionals on their thoughts on workforce development.
Post-Brexit Britain Could Be A Cybersecurity Nightmare With Or Without A Deal (Forbes) Cybersecurity might not be the first subject that springs to mind when thinking about Brexit, but it certainly shouldn't be ignored. I've been finding out what is worrying cybersecurity thought leaders the most...
Marketplace
Top US intelligence official takes veiled shot at Google (Fifth Domain) Dan Coats seemed to criticize Google, questioning the logic of American companies who refuse to work with the U.S. government but partner with China.
Data miner Palantir gathers the intelligence on flotation (Times) A secretive Silicon Valley data mining company that works with American spy agencies and the Pentagon is planning a flotation that is likely to be one of the biggest in recent years. Palantir...
Port Covington Set to Become a Global Cybersecurity Hub (PRWeb) The Port Covington Development Team, along with the Governor of Maryland and Mayor of Baltimore, announced today that Port Covington is set to become one of the...
Team8 taps ex-NSA director for board of advisors (PE Hub) Team8, a cybersecurity think tank and company creation platform, has named Mike Rogers to its board of advisors. A former U.S. Navy admiral, Roger is the former ex-director of the National Security Agency and ex-chief of the Central Security Service. Team8's backers include Eric Schmidt’s Innovation Endeavors.
Products, Services, and Solutions
New infosec products of the week: October 19, 2018 (Help Net Security) IBM rolls out cybersecurity operations center on wheels IBM Security launched the mobile Security Operations Center, capable of traveling onsite for
McAfee accelerates and improves data protection and threat prevention across device to cloud (Help Net Security) Expanded MVISION portfolio provides visibility and control across cloud services, delivering data protection, detection and blocking of threats.
BigID adds consent governance capabilities ahead of CCPA (Help Net Security) The BigID enhancements help organizations correlate consent logs from existing applications with data and people to provide a centralized view of consent.
McAfee Building Tool To Pinpoint Relevant Zero-Day Threat Campaigns (CRN) McAfee CTO Steve Grobman says the Apollo research project will focus on the intersection between what's happening in a user's organization and the latest developments in the global threat landscape.
DisruptOps Introduces Cloud Management Platform for Automated Security and Operations (PR Newswire) DisruptOps Inc. today introduces its SaaS-based cloud management platform to implement automated control of...
High-Tech Bridge to Uberize AI for Application Security Testing (CSO) ImmuniWeb® AI platform now offers fully customizable packages to proof test security and privacy of any web, mobile or IoT app, all purchasable in few clicks from any device. An average time of a sales transaction, including various human interactions, goes down from 15 hours to 8 minutes, saving almost two business days of buyer’s time.
Bugcrowd and Arlo Partner To Bring Hands-On Cybersecurity Learning To Cal Poly With Internet Of Things Lab (GlobeNewswire News Room) Cal Poly’s California Cybersecurity Institute today announced its Internet of Things (IoT) Lab donated by Arlo and Bugcrowd.
Intercede announces new guide to mobile device authentication for federal agencies (BiometricUpdate) Intercede has announced the launch of a cybersecurity guidance resource for federal agencies required to authenticate individuals through mobile devices for access to information systems and applic…
Technologies, Techniques, and Standards
Cybersecurity pact for Europe’s energy sector (Power Engineering) A European cybersecurity pact has been agreed that is intended to make “the tools of the energy transition safe for citizens and secure for providers”.
Little progress has been made on control system cyber security that impacts safety and reliability (Control Global) Little progress has been made on control system cyber security and its impacts on safety and reliability. That is, the focus has been on network anomaly detection not process anomaly detection. The recent Columbia Gas natural gas over-pressurization event demonstrates the need for process anomaly detection.
APIs: Risks, Potential and Security Solutions (Infosecurity Magazine) APIs are becoming ever more important, and making sure those APIs stay secure is critical
How to Problem Solve Like a Hacker (Panda Security Mediacenter) Learn how to tackle difficult situations and navigate competitiors with our visual on how to solve problems at work like a hacker.
How do cyber-criminals hack small business startups? Here's what we learned from Microsoft (USA TODAY) Two very smart entrepreneurs found out their online small business wasn't as secure as they thought. Here's how to head off a cyber-attack.
How to remove fileless malware (Security Boulevard) What is fileless malware? How can you identify it? And how can you remove it from your system? Find out how to identify and manually remove this type of threat.
How To Avoid An Insider Threat Nightmare (Information Security Buzz) David Higgins, CyberArk offers his tips and recommendations to mitigate insider threat this Halloween… As Halloween looms, it would certainly feel like the right time to think of our favourite horror stories. From an enterprise IT perspective, there are too many to keep up with these days. From the constant threat of cyber attacks from …
Design and Innovation
Data science is changing how cybersecurity teams hunt threats (Silicon Republic) While data science can be helpful to countless industries, it is especially useful in the ever-changing world of cybersecurity.
Why automation and next-gen authentication can solve identity management in 2019 (Fifth Domain) Identity and access management sounds simple, but the federal government has struggled to give the right people the right access.
Microsoft AI Ethicist Guides Businesses on Responsible Algorithm Design (WSJ) Microsoft has created a new position to help companies deploying AI to learn how to prioritize ethical principles including fairness, accountability and transparency in the development of the algorithms. “A lot of customers we engage with are grappling with the ethics discussion potentially for the first time,” says Tim O’Brien, Microsoft’s general manager of AI programs.
Research and Development
Researchers Finally Proved Quantum Computers are More Powerful Than Classical Computers (Motherboard) Until this week there was no conclusive proof that quantum computers have an advantage over classical computers
Legislation, Policy, and Regulation
Ukraine sets up group to stop any attempt by Russia to influence... (Reuters) Ukraine has set up a group to stop any attempt by Russia to influence next year&...
Analysis | The Cybersecurity 202: U.S. tech firms slam Australian bill that could weaken encryption (Washington Post) Big players are making their case Down Under.
UK ISPs: Government Must Take Lead on Cybersecurity (Infosecurity Magazine) ISPA calls for simplified reporting and regulatory environment
States and feds unite on election security after '16 clashes (AP NEWS) Weeks before the 2016 election, federal officials started making mysterious calls to the head of elections in Inyo County, California.
Litigation, Investigation, and Law Enforcement
Hunt for remains of Jamal Khashoggi extended to farm and forest (Times) Turkish police were preparing to search a forest on the outskirts of Istanbul and a farm south of the city last night in their widening hunt for remains of the missing journalist Jamal Khashoggi.
Saudi Silence on Khashoggi Must End (Atlantic Council) For many months, Trump administration officials have worried privately that Saudi Arabia's young prince Mohammed Bin Salman – in whom President Donald Trump and his son-in-law Jared Kushner had invested so much – was through rash actions...
Intel: Can the Khashoggi case really spell the end of MBS? (Al-Monitor) Sen. Lindsey Graham, R-S.C., raised eyebrows this week when the stalwart Saudi supporter told Fox News that Crown Prince Mohammed bin Salman “has got to go.” Now French newspaper Le Figaro is reporting that at least seven representatives of the clans that make up the royal family are meeting in “utmost discretion” to chart a course out of the diplomatic mess created by the disappearance...
Former FBI agent gets four years in prison for leaking classified documents (Washington Post) Terry J. Albury said he was motivated to leak by the racism and profiling he saw in the FBI.
Jeff Sessions touts prison for second Trump-era source: 'A warning to every would-be leaker' (Washington Examiner) Attorney General Jeff Sessions celebrated the four-year prison sentence handed down Thursday for former FBI agent Terry Albury, calling it "a warning to every would-be leaker."
U.S. Startup Accuses China’s Huawei of Trying to Steal Semiconductor Technology (Wall Street Journal) An escalating battle between the U.S. and China for tech supremacy is playing out in federal court between Huawei and a Silicon Valley startup backed by Microsoft.
AI - where does the liability lie? (Computing) Emma Stevens, a dispute resolution specialist at law firm Coffin Mew, explains who should be responsible when AI goes wrong
Updated Guide to Posted Documents Regarding Use of National Security Authorities (IC on the Record) On September 19, 2017, we posted a guide with links to certain officially released documents related to the use by the Intelligence Community (IC) of national security authorities. Today, we have once again updated that Guide to
include links to additional officially released documents..
Swedish court tells ISP to block The Pirate Bay in the country (HackRead) Another day, another court order against The Pirate Bay (TPB). This time, the Patent and Market Court of Sweden has ordered the telephone company and mobile network operator Telia to block The Pirate Bay and other torrenting websites including NyaFilmer, FMovies, and Dreamfilm in the country.