Atlanta: the latest from SecurityWeek's ICS Security Conference
The risk to OT networks is real, and it's dangerous for business leaders to ignore (Help Net Security) OT networks risk is real, and it's dangerous and perhaps even negligent for business leaders to ignore it, according to SANS Institute.
RiskSense CEO to Present New Approach for Assessing Industrial Threats at the 2018 ICS Cyber Security Conference USA (BusinessWire) New model uses human-assisted AI to assess risk and vulnerabilities, and even predict cyber attacks.
Cyber Attacks, Threats, and Vulnerabilities
U.S. Begins First Cyberoperation Against Russia Aimed at Protecting Elections (New York Times) American operatives are messaging Russians working on disinformation campaigns to let them know they’ve been identified. It’s a measured step to keep Moscow from escalating.
Russian trolls get DM from US Cyber Command: We know who you are. Stop it (Ars Technica) Part of new cyber strategy to identify, track, warn Russian operatives.
Pentagon launches first cyber operation to deter Russian interference in midterm elections (Washington Post) Experts are split, however, on how effective the measures will be.
Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant (Motherboard) Cybersecurity firm FireEye points the finger at the Russian government and a government-linked facility for creating a destructive malware.
How The Russian Government Created The Most Advanced Industrial Malware Ever Seen (Forbes) Cybersecurity firm FireEye reveals that Russian government-backed hackers were responsible for an attack on a Saudi Arabian petrochemical plant last year
Burned malware returns, says Cylance report: Is Hacking Team responsible? (CSO Online) Burning malware forces attackers to evolve, not go away. Network defenders take note.
Whack-A-Mole: The Impact of Threat Intelligence on Adversaries (Cylance) One of the great paradoxes in cybersecurity is that as defenders race ahead to identify the next and newest methods of attack, attackers often lag behind and reuse the old and obvious ones with success. In this Threat Intelligence Bulletin, we look back and show how easy it is for threat actors to change course after the publication of threat intelligence reports - and how valuable it can be for researchers, organizations and the public they serve to keep looking back.
Deep-dive tech analysis says Bloomberg spy chip claims are impossible at Apple (9to5Mac) A tech consultant and journalist specializing in server hardware says that some of the Bloomberg spy chip claims are completely implausible, while others are simply impossible. The analysis coincid…
Abandoned Web Applications: Achilles' Heel of FT 500 Companies (High-Tech Bridge) Abandoned, shadow and legacy applications undermine cybersecurity and compliance of the largest global companies despite growing security spending.
Drop Networks, Label-Creation Services Sustain Shipments of Fraudulent Purchases (Flashpoint) Illicit drop networks and label-creation services play crucial yet-overlooked roles in the theft lifecycle for fraudulent purchases.
DHS warns of another dangerous flaw in Advantech WebAccess SCADA software (CSO) More flaws in WebAccess emerge after security researchers begin focussing on the decades old distributed computing protocol Remote Procedure Call (RPC).
Electrical grid, power plants, pipelines vulnerable to cyber attack, security expert says (Cleveland.com) The nation's electrical grid worked well for 80 years without the Internet, but today it is as vulnerable to cyber-based missteps and attacks as it was during the Great Blackout of 2003, says a national engineering security expert.
Signal Upgrade Process Leaves Unencrypted Messages on Disk (BleepingComputer) The desktop version for the encrypted communications app Signal does not provide protection for the data it handles during the update procedure, saving it locally as unencrypted plain text.
Malware found in Telegram 'alternative' – cybersecurity firm (Rappler) Once installed, the Octopus malware allows attackers to have remote access to a victim's device
sLoad and Ramnit pairing in sustained campaigns against UK and Italy (Proofpoint) Proofpoint researchers track an actor’s recent activity and their move to a new PowerShell loader
Windows 10 1809 Zip Extraction Bug Overwrites Files without Confirmation (BleepingComputer) A new bug has popped up in Windows 10 Build 1809 that does not display an overwrite prompt when extracting files from a Zip archive to a location where the same file exists.
Adult websites shuttered after 1.2 million user details exposed (Naked Security) It’s not even close to the number of users affected by the massive Ashley Madison breach, but the results could be just as devastating to those who are affected.
Malicious Hackers Target the Safety-Minded, Curious in Phishing Schemes (Channel Partners) KnowBe4's Erich Kron said once an attacker has access to a victim's email account, they can reset other account passwords as well as using these legitimate accounts to attack others, and in organizations, this often leads to fake invoices being sent or to a redirection of payments to the attackers' accounts.
City of Muscatine responds to cyber attack (KWQC) Muscatine City Hall and their public library were both hacked with ransomware last week, so until they're computers can be used again they've gone all paper.
Why is Elon Musk promoting this Bitcoin scam? (He’s not) (Naked Security) While scrolling through my Twitter feed I saw a Bitcoin scam so unabashed that it got me thinking…. do such scams really work?
Research reveals that 1 in 6 gamers disable all AV in the pursuit of the highest possible speeds (ResponseSource Press Release Wire) New research carried out by Chillblast, an award-winning builder of custom PCs, gaming desktops and gaming laptops, has revealed that out of 857 gaming respondents, 39% ...
Security Patches, Mitigations, and Software Updates
Patch now! Multiple serious flaws found in Drupal (Naked Security) Drupal website owners have some important patching homework to do.
Amazon Patched Multiple IoT Vulnerabilities Affecting Its Smart Devices (Latest Hacking News) Reportedly, Amazon patched multiple IoT vulnerabilities that allegedly affected its smart home devices being present in AWS FreeRTOS.
Cyber Trends
Phishing is still the most commonly used attack on organizations, survey says (Naked Security) The survey found that the majority of cyberattacks – 75% – came from outsiders, while 25% were due to insiders.
Phishers’ Favorites Q3 2018: Microsoft Retains #1 Spot, (Vade Secure) Phishers' Favorites highlights the 25 most commonly spoofed brands, including their current position and whether they moved up/down since last quarter.
66% UK SMBs believe they are being aggressively targeted by fraudsters (Help Net Security) 66% of SMBs believe they are being more aggressively targeted by fraudsters now compared to a year ago, according to Paysafe.
Most companies using AI say their No.1 fear is hackers hijacking the technology, according to a new survey that found attacks are already happening (Business Insider) Among executives whose companies are already testing or putting in place AI technologies, cybersecurity is the overriding concern.
Eight resellers name their top cybersecurity threats to watch out for in 2019 (CRN) From whaling and USB attacks to third-party exploitation, what will be the biggest threats facing end users next year? We asked execs at eight cyber-security resellers and consultancies to name their picks.
Marketplace
Facebook approaches major cybersecurity firms, acquisition goals in mind (ZDNet) The firm is reportedly aiming to patch up its tattered reputation with the purchase of external expertise.
4 Reasons Facebook Might Buy FireEye Inc. (The Motley Fool) Buying this little cybersecurity firm could solve a lot of big problems for Facebook.
Fortinet acquires threat analytics startup ZoneFox to fight insider threats (CRN Australia) Pays US$18 million in initial consideration.
Bitdefender Buys Network Security Analytics Startup RedSocks (CRN) By marrying endpoint data, passive network traffic analytics and cloud threat intelligence together, Bitdefender can now eliminate white noise and zero in on what's most important to security operators.
Oracle acquires DataFox, a developer of ‘predictive intelligence as a service’ across millions of company records (TechCrunch) Oracle today announced that it has made another acquisition, this time to enhance both the kind of data that it can provide to its business customers, and its artificial intelligence capabilities: it is buying DataFox, a startup that has amassed a huge company database — currently covering 2.…
Cloudflare Eyes IPO With Valuation That Could Exceed $3.5B: Report (CRN) Cloudflare has experienced massive headcount growth over the past two years, going from just 341 employees in October 2016 to 787 employees today, according to LinkedIn.
Huawei opens up to German scrutiny ahead of 5G auctions (CRN Australia) Follows Australia's decision to ban vendor from supplying 5G gear.
As the internet moves to the cloud, Cisco is making cybersecurity a priority (Financial Post) The company blocks about 20 billion threats a day across various networks at the moment. Most security threats are based on exploiting old bugs and reusing old malware
Exclusive: Kaspersky’s “global transparency initiative” fails to convince UK government (NS Tech) The world’s third-largest vendor of IT security is still not safe enough for use in Whitehall, a senior government security official has told NS Tech. Over the summer, British government officials met
Oracle’s Larry Ellison takes another dig at Amazon over security (CRN Australia) Talks up "Star Wars cyber defenses"...
Remediant Adds Cybersecurity Leader Dave Damato to Advisory Board (PR Newswire) Remediant, Inc. a leading provider of Privilege Access Management (PAM) software, today announced the appointment...
Products, Services, and Solutions
Farsight Security Bundles Flagship Solution DNSDB with Maltego to Significantly Advance Cybersecurity Investigations (GlobeNewswire News Room) Farsight Security, Inc., a leading cybersecurity provider of DNS intelligence solutions, today announced that DNSDB™ is now available to the entire Maltego community, with over 500,000 users worldwide.
HoneyProcs : Going Beyond Honeyfiles for Deception on Endpoints (Juniper) Deploying detection solutions on an endpoint host comes with constraints - limited availability of CPU, memory, disk and other resources, stability constraints, policy adherence and restrictions, the need to be non-intrusive to the user, the host OS and other application...
Tripwire for DevOps Now Offers Security Configuration Assessment of Containers (Digital Journal) Tripwire Inc., a leading global provider of security and compliance solutions...
How to Secure Your Data in the Cloud (TetherView) Securing your data in the cloud can be difficult. Many organizations are afraid of giving up control over their sensitive information.
Area 1 Security releases Pay-Per-Phish, the performance-based cybersecurity solution (Help Net Security) Area 1 Security Pay-Per-Phish flips the traditional cybersecurity model on its head by charging $10 per phish actually caught.
Tripwire for DevOps offers security configuration assessment of containers (Help Net Security) Tripwire's DevOps SaaS provides visibility into configurations in addition to vulnerabilities in containers across DevOps lifecycle.
GrowPath simplifies authentication while enhancing cyber security (Help Net Security) GrowPath has developed a solution that utilizes an owners’ personal photos as the second step in a two-factor authentication process on mobile devices.
CertainSafe enhances its Digital Safety Deposit Box (Help Net Security) The Digital Safety Deposit Box enhancements include an easy to navigate user interface along with new and improved features that offers functionality.
Western Digital expands surveillance storage and analytics portfolio (Help Net Security) Western Digital's 3D NAND UFS EFD, new capacities WD Purple microSD card and device analytics capability to strengthen video surveillance data management.
vXchnge and Megaport augment cloud connectivity options for data center customers (Help Net Security) With the partnership, Megaport empowers vXchnge to deliver - elastic interconnection and direct cloud connectivity services in eight vXchnge data centers.
Blackpoint Cyber launches MDR service offering (Help Net Security) Blackpoint Cyber's MDR offering leverages its next-generation security operations and incident response platform SNAP-Defense.
Dashlane Dark Web Monitoring scans the dark web to keep you safe (Cult of Mac) Dashlane does more than easy, secure password management. Its Dark Web Monitoring feature scans the internet to spot and fix data breaches.
FireEye Unveils Free Email Threat Detection Service (ExecutiveBiz) FireEye has introduced a free cloud-based service meant to help organizations scan and detect potential malicious threats in email systems. The FireProof Email Threat Analysis offering includes a less than five-minute setup process and seeks to identify malware or sophisticated threats that can avoid cybersecurity defenses, the company said Monday. “In the evaluations that we’ve run for...
Ksmartech expands Trustonic partnership to secure authentication for iOS and Android apps (Trustonic) Trustonic secures digital One-Time-Password (OTP) service on all Android and iOS devices
Zscaler extends cloud DLP service with inline exact data match for massive data sets covering users globally (VanillaPlus) Zscaler Inc, a cloud security provider, has announced inline Exact Data Match (EDM) with native SSL inspection as part of its advanced Cloud Data Loss Prev
Thycotic launches free security toolkit for the higher education sector (BetaNews) Universities and colleges are uniquely attractive to cyber criminals, because a constantly changing population and the use of large numbers of BYOD machines means lots of potential vulnerabilities.
RightMesh and Tenta Announce Integration Partnership (PR Newswire) RightMesh AG, the "Infrastructure-less" connectivity company developing a decentralized mobile mesh network is...
Mphasis and BAE Systems launch global CoE in Fraud Detection and Anti-Money Laundering (Express Computer) The partnership will see the formation of a Centre of Excellence, a virtual team created to deliver BAE Systems’ anti-money laundering and fraud detection and prevention solution, NetReveal. Mphasis will utilise their global delivery capability to help implement the technology to banking, financial services and insurance organisations
SAS and ThreatMetrix team up to fight identity fraud (PR Newswire) Analytics giant SAS has joined forces with leading digital identity solutions provider ThreatMetrix®, a LexisNexis®...
Security platform Abode has produced a new smart home automation engine (Digital Trends) So, it looks like Abode (rhymes with home, roots in Middle English, not to be confused with big-A Adobe) has quietly launched a new smart home automation system that will interface with smart home products including Nest, Amazon Echo, Google Assistant, and more.
Startup boasts unhackable email protection for the rest of us (ZDNet) Life was simpler when it was just criminals ripping off your data. But today it is the state-sponsored hackers that pose the biggest threat to data security. Secure Channels Inc. is a startup addressing the whole data security lifecycle, including email.
Trend Micro rebrands endpoint security offering (Channel Life) Trend Micro Apex One aims to redefine endpoint security with consistency across SaaS and on-premises deployments.
Technologies, Techniques, and Standards
Why cybersecurity intelligence is still bad (and a way to fix it) (Fifth Domain) The ability to predict an impending cyberattack is insufficient, according to a new survey, but there are systems that may help.
How to catch security blind spots during a cloud migration (GCN) As agencies roll out cloud-first policies, three key practices can expose security risks and safeguard both personnel and data.
New UltraFICO score stokes concerns about data privacy (American Banker) A new credit score that includes consumers' cash flow alongside their credit score is winning praise for its potential to help expand access to credit, but some worry it gives the credit bureaus even more data that could be compromised.
How science can fight insider threats (Help Net Security) Malicious insiders pose the biggest cybersecurity threat for companies because they can cause the most damage. Read about how to fight insider threats.
Hacking Devices in the Not-So Smart Home (Northrop Grumman) Hacking devices turns smart home appliances into spies and breaches cybersecurity.
Design and Innovation
Father and son create app that lets parents shut down their child's video consoles remotely (The Telegraph) A former gaming addict and his father have developed a video game app that allows parents to shut down children's devices remotely.
Research and Development
NC Company Simplifies Authentication While Enhancing Cyber Security (PRWeb) For the more than two billion smartphones currently in use around the world, a very obvious security flaw -- password vulnerability -- is leaving owners’ per
Academia
University and Siemens in big data collaboration (Smart Cities World) Goal of partnership is to further develop concept of smart buildings by optimising overall building performance
Legislation, Policy, and Regulation
Article 13 could see millions of YouTube users turn to VPNs (Comparitech) YouTube's CEO is calling foul on the EU's Article 13. However, Article 13 could also dramatically increase VPN use and sales across the EU.
The UK Government Is Planning To Set Up A Regulator For The Internet (BuzzFeed) Exclusive: BuzzFeed News has obtained details of plans being drawn up by ministers that also include a compulsory code of conduct and age verification for Facebook, Twitter, and Instagram.
An American Perspective on a Chinese Perspective on the Defense Department’s Cyber Strategy and ‘Defending Forward’ (Lawfare) What motivated the Pentagon’s new cyber doctrine?
Snooping on emails is wrong, says Apple boss (Telegraph.co.uk) Tim Cook rejects idea that governments or companies should have access to personal information as it infringes a 'basic right' to privacy
Long-awaited cyber agency nears, but will it change anything much? (Washington Examiner) The upcoming lame-duck session of Congress is poised to deliver the top item on the Department of Homeland Security's wish list — a bill paving the way for the DHS to create the government's first cyber-specific agency — but whether that translates into real security improvements remains an open…
Litigation, Investigation, and Law Enforcement
Turkish president says murder of Jamal Khashoggi was ‘planned,’ calls for extradition of Saudi suspects (Washington Post) President Erdogan aired details uncovered by Turkish investigators, who have concluded the Saudi journalist was the victim of a premeditated murder.
Trump accuses Saudis of ‘worst cover-up ever’ after Khashoggi killing (Time) President Trump last night accused Saudi Arabia of a cover-up over the murder of Jamal Khashoggi, piling pressure on its beleaguered leaders. “They had a very bad original concept. It was carried...
Morrisons faces multi-million pound compensation claim after losing payroll data breach appeal (Computing) Company vicariously liable for leak of payroll data of 100,000 staff in 2014 by internal auditor Andrew Skelton
Yahoo to pay $50m, provide credit monitoring for cyber attack (Financial Times) Yahoo has agreed to pay $50m in damages to people affected by the largest ever cyber attack, splitting the cost between Verizon, which acquired Yahoo’s core business, and Altaba, the remainder of the company.
FBI: "Call of Duty" Players Remotely Stole $3.3 Million in Cryptocurrencies (NewsBTC) A group of “Call of Duty” players from Indiana are accused of stealing more than $3 million in cryptocurrencies after coercing an Illinois man to aid them
Pirates! Don’t blame your illegal file sharing on family members (Naked Security) Stop blaming your piracy on your mum. You can no longer avoid liability by saying that a family member had access to your connection.