Cyber Attacks, Threats, and Vulnerabilities
DHS has ‘not seen’ successful cyberattack on midterm elections (TheHill) The Department of Homeland Security (DHS) said it hadn’t observed any successful cyberattacks by foreign adversaries on election systems in the United States during Election Day.
DHS: Lot of "noise, garbage" from Russian media about compromised U.S. election systems (CBS News) Homeland Security official Christopher Krebs warns of ongoing disinformation campaigns aimed at causing distrust about the security of our vote
Russian Troll Farm Has New Meta-Trolling Propaganda Campaign (The Daily Beast) The Internet Research Agency has launched a desperate new campaign to spread distrust in the midterm election results—and made itself the star.
Threats remain to US voting system – and voters' perceptions of reality (The Conversation) Protecting democracy requires more than just technical solutions. It includes education, critical thinking and members of society working together to agree on problems and find solutions.
Revealed: Data on 62 million U.S. voters for sale on the Darknet (haaretz.com) The data pool, which has been uncovered by Israeli cybersecurity firm Clearsky as Election Day begins, has full and updated personal information on voters from 17 states
Vulnerability Intelligence Report (Tenable®) What are the top vulnerabilities found in the enterprise? Prioritizing vulnerabilities to manage cyber risk is getting harder. Our analysis of vulnerability prevalence highlights the key threats enterprises face today. Download the Free Report!
Troubled Waters: How A New Wave of Cyber-Attacks is Targeting Maritime Trade (SecurityWeek) In addition to causing operational delays and necessitating expensive system repairs, the real risk posed by cyber-threats targeting critical infrastructure lies in their power to jeopardize real-world safety.
Spam-spewing IoT botnet infects 100,000 routers using five-year-old flaw (The State of Security) Security researchers are warning that a botnet has been exploiting a five-year-old vulnerability to hijack home routers over the last couple of months.
Spam Botnet of Over 100K Routers Abuses UPnP (Infosecurity Magazine) Researchers warn of many more exposed devices out there
Researchers uncover side-channel attacks that target the GPU (Computing) The attacks begin with a malicious app that spies on the infected system and steals passwords through GPU rendering
Microsoft Issues Security Advisory on Solid-State Drive Hardware Encryption (Redmondmag) Microsoft issued security advisory ADV180028 on Tuesday for computer users that have self-encrypting solid-state drives (SSDs) that are ostensibly protected by Microsoft's BitLocker encryption scheme.
New Research On Storage Device Security Flaws (Information Security Buzz) Radboud University (NL) researchers today announced their discovery that widely used data storage devices with self-encrypting drives do not provide the expected level of data protection. A malicious expert with direct physical access to widely sold storage devices can bypass existing protection mechanisms and access the data without knowing the user-chosen password. Mounir Hahad, Head …
Researcher Drops Oracle VirtualBox Zero-Day (SecurityWeek) Researcher discloses details of zero-day vulnerability affecting Oracle VirtualBox. Exploitation allows guest-to-host escape
VirtualBox zero-day published by disgruntled researcher (ZDNet) Russian researcher publishes detailed write-up for VirtualBox zero-day on GitHub after Oracle took 15 months to fix a previous similar issue.
Ranting researcher publishes VM-busting zero-day without warning (Naked Security) A security researcher has published a zero-day flaw in a commonly-used virtual machine management system without notifying the vendor, justifying it with a scathing critique of the infosecurity ind…
WordPress Flaw Opens Millions of WooCommerce Shops to Takeover (Threatpost) A file delete vulnerability in WordPress can be elevated into a remote code execution vulnerability for plugins like WooCommerce.
Major DDoS Attacks on Cambodian Internet Service Providers (Cambodia Expats Online) Cambodia s ISPs Encounter DDoS 6 11 18 18:38 Phnom Penh FN , Nov. 6 - Some of Cambodia s major internet service providers ISPs , including EZECOM, SI Net, Digi, and others have encountered Distributed Denial of Service DDoS , causing internet speed ..
US DoD’s first malware submissions to Google-bought VirusTotal is Russia-linked LoJack (CSO) US Cybercom submits its first two malware samples to VirusTotal a day before the US mid-term elections.
US Cyber Command starts uploading foreign APT malware to VirusTotal (ZDNet) USCYBERCOM said it plans to regularly upload "unclassified malware samples" to VirusTotal.
Closed doors are no match for a Wi‑Fi peeping tom and a smartphone (Naked Security) Researchers have found that a smartphone and some smart number crunching can track people moving in their homes as they reflect radio waves.
Cryptocurrency Mining Malware uses Various Evasion Techniques, Including Windows Installer, as Part of its Routine (TrendLabs Security Intelligence Blog) The concept of a stealthy, difficult-to-detect malware operating behind the scenes has proven to be an irresistible proposition for many threat actors, and they're evidently adding even more techniques, as seen in a cryptocurrency miner (detected as Coinminer.Win32.MALXMR.TIAOODAM) we discovered that includes uses multiple obfuscation and packing as part of its routine.
Crytpocurrency Exchange Targeted Via Attack on Web Traffic Analysis Firm (Dark Reading) Island-hopping attackers breached StatCounter so they could get to users of gate.io.
Pakistani banks' payment card data snagged in cyberattack (PaymentsSource) Customer card data from nearly all of Pakistan's major banks has been stolen in a cyberattack, according to a Federal Investigation Agency official in Pakistan.
Pakistan Banks Not Breached, But Probably Skimmed (Infosecurity Magazine) Central bank rejects mass hacking reports
Pakistan: Banks Weren't Hacked, But Card Details Leaked (BankInfo Security) Pakistan says the nation's banks have not been hacked, but adds that they are taking defensive steps after nearly 20,000 payment card details appeared for sale
Cryptojacking Attack Forces University to Shut Down Entire Network (CCN) St. Francis Xavier University in Canada has been targeted by cryptocurrency mining malware in an attack that forced the school to shut down its network.
Canada's Post Office Leaked Personal Data of Legal Weed Customers (Motherboard) The rollout of legal weed in Ontario has been a disaster, and now it can add a privacy breach to its growing list of woes.
OCS warns customers of data accessed in Canada Post breach (CityNews Toronto) The Ontario Cannabis Store (OCS) said the shipping information of some of its customers was accessed by an outside source through the Canada Post delivery tracking tool. In a letter sent to the customers on Wednesday, the OCS said it was notified by Canada Post on Nov. 1 that the data for two per cent …
Security Patches, Mitigations, and Software Updates
Google warning: Fix your dodgy ads within 30 days or get banned (Naked Security) Having taken what it thought was a decisive swipe at the problem of “abusive” advertising a year ago, Google now says next month’s Chrome 71 will unleash an even tougher crackdown.
ADV180028 | Guidance for configuring BitLocker to enforce software encryption (Microsoft) Microsoft is aware of reports of vulnerabilities in the hardware encryption of certain self-encrypting drives (SEDs).
Google Removes Vulnerable Library from Android (SecurityWeek) Because of multiple vulnerabilities in the Libxaac library, Google has marked it as experimental and is no longer using it in production of Android builds.
Critical authentication flaw in DJI drone web app fixed (CSO Online) Check Point researcher finds vulnerability that could have allowed attackers to spy on drone fleets in real time.
Apple Modernizes Its Hardware Security with T2 (Threatpost) Apple has widened the range of Macs running its T2 security chip. Is macOS finally catching up with other platforms when it comes to secure computing?
Cyber Trends
Sensor security issues are a global issue – yet they are not being addressed and people are dying (Control Global) The lack of cyber security of sensors are a real, but unaddressed problem. There is an approach that can directly address reliability, safety, quality, and productivity. What does it take to wake people up before further catastrophic sensor-related failures occur?
Data revolution backlash: Consumers prepared to take decisive action if organizations mishandle data (Help Net Security) US consumers believe technological advancements pose a risk to their data privacy; believe it is the responsibility of organisations to make the purpose
Commissioner warns against danger of 'datafying' children (Computing) Parents and children must understand how and why data is being collected by toy-makers,Threats and Risks ,risk,Cyber security,Internet of Things
Russia’s Kaspersky Lab uncovers over 380,000 mass cyber attacks daily (TASS) Russian antivirus software provider, Kaspersky Lab, detects more than 380,000 far-reaching malicious cyberattacks daily
Marketplace
Merck & silent cyber impacts drove Petya industry loss: PCS (Artemis.bm) It was the impacts to pharmaceutical giant Merck as well as silent cyber exposure that drove the insurance and reinsurance industry loss from the 2017 Petya / NotPetya cyber attack, according to PCS, providing a further warning of how cyber losses can hit multiple business lines.
Demand for cybersecurity professionals continues to accelerate (Help Net Security) Efforts to address the shortage of cybersecurity workers are underway on many fronts, but progress has been frustratingly slow.
Uniken Secures $10 Million in Funding Bringing Total Investment in Company to $20 Million (AP NEWS) Uniken , a customer-first cybersecurity company, today announced it has secured an additional $10 million in funding from a strategic North American family office and management entity, bringing total investment in the company to $20 million.
Cyber startup Dragos looks to raise up to $38 million in new round (Baltimore Business Journal) DataTribe-born cybersecurity firm Dragos Inc. has raised $30 million in a new funding round, according to recent filings with the U.S. Securities and Exchange Commission.
Guardians of the Cyber World: 7 Best Cybersecurity Funds to Buy (InvestorPlace) Cybersecurity funds are poised to benefit from positive growth in spending trends within the space. These are the best ETFs that will benefit.
Is Now a Good Time to Load Up on Palo Alto Networks Stock? (The Motley Fool) This cybersecurity specialist looks like a bargain.
Dragos Expands Accomplished Executive Team (BusinessWire) Dragos announced today the additions of Jill Samuel, Vice President of Human Resources, and Anna Yong, Vice President of Marketing.
Products, Services, and Solutions
DFLabs Innovative Open Framework Enables Fine Grained Integration of SOAR and Security Tools (BusinessWire) New DFLabs open integration framework enables fine grained customization of SOAR actions between IncMan and security tools with no complex coding.
Privakey Partners with FIDO Board Member Raonsecure for Joint Solution (Privakey) Privakey is pleased to announce a partnership with Raonsecure, a Seoul based ICT integrated security company and board member of the FIDO Alliance.
Guarding families against growing cyber threats (Insurance Business) While the rise of internet-enabled devices has made life easier, it has also led to increased vulnerabilities
VMware Unveils New Blockchain Service (SecurityWeek) VMware announces new service designed to help enterprises use permissioned blockchain
KnowBe4’s New GRC Platform Takes the Bite out of Risk Management (PRWeb) KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced that it has released a new, upd
New voke Impact Note Explores Bromium Protected App (Security Boulevard) Hackers only need to get it right once to bypass cyber security solutions and bring chaos to your organization, compromise your application integrity, and abscond with your IP.
Carbon Black Expands Japanese Presence (Nasdaq) Cb Predictive Security Cloud (PSC)® launches Japan data residency
Zimperium Launches Latest Version of Machine Learning-Based Security for Mobile Apps (BusinessWIre) Zimperium announced the availability of the latest version of zIAP, its machine learning-based mobile security solution.
Secure CyberID and Gallagher Affinity Join Forces to Help Small to-Midsize Federal Contractors Fight the War Against Cyber Attacks (PR Newswire) Gallagher Affinity has launched its new online 360 Coverage Pros portal, a discounted suite of cyber security...
Technologies, Techniques, and Standards
How does site isolation defend against Spectre vulnerabilities? (SearchSecurity) Google Chrome enabled site isolation as a defense against Spectre-based attacks that exploit how processors manage performance-enhancing features. Learn more about the site isolation project.
Five key considerations when developing a Security Operations Center (Help Net Security) Organizations should start with the following five key considerations if they are to get the most out of their Security Operations Center.
Finding Gold in the Threat Intelligence Rush (Dark Reading) Researchers sift through millions of threat intel observations to determine where to best find valuable threat data.
5 Things the Most Secure Software Companies Do (and How You Can Be Like Them) (Dark Reading) What sets apart the largest and most innovative software engineering organizations? These five approaches are a good way to start, and they won't break the bank.
Design and Innovation
Phone companies slammed for lousy robocall efforts (Naked Security) By this time next year, says Chairman Ajit Pai, the FCC wants to see an anti-robocall system on consumers’ phones – or else.
How big data can help identify and motivate voters (TechRepublic) Chris Wilson of WPA Intelligence explains how data analytics experts could help increase voter turnout.
Academia
Regionally-oriented national school for cyber security opens in Dakar, Senegal (France Diplomatie :: Ministry for Europe and Foreign Affairs) On 6 November 2018, the French Minister for Europe and Foreign Affairs, Jean-Yves Le Drian, opened a new school in Dakar, Senegal, to train African officials on cyber security issues.
National School for Cybersecurity Opens in Senegal (Infosecurity Magazine) Backed by support from France, Senegal launches new school for cybersecurity in Dakar
Legislation, Policy, and Regulation
US assists Ukraine in increasing its cyber defense level (Ukrinform) Ukraine has received the assistance to improve its cyber defense level within the framework of the USAI ITI agreement.
Spain and Russia agree to set up joint cybersecurity group (AP NEWS) The foreign ministers of Russia and Spain say they agreed to establish a joint cybersecurity group to keep the malicious spreading of misinformation from damaging relations between their countries.
Russia Faces More US Sanctions Over British Poisoning Case (VOA) Trump administration says Russia has failed to prove it no longer used chemical or biological weapons
Tehran keeps probing crypto in search of sanction relief (Asia Times) Are Iran, China and Russia about to implement a crypto-currency-friendly alternative to the Western-centric SWIFT international payment system?
New Sanctions, New Hurdles for Western Firms Still Doing Business in Iran (Wall Street Journal) As new U.S. sanctions on Iran start to bite this month, Western companies still doing business in the country face fresh hurdles in a market that has been both enticing and tough to crack.
Security guarantees will be meaningless under encryption-busting laws: Senetas (ZDNet) If an Australian company is compelled by legislation to deny that a capability in its products exists, then its assertions are meaningless, security company Senetas has said.
Analysis | The Cybersecurity 202: Democrats promise their control of House means cybersecurity policy changes (Washington Post) Election security and supply chain security are top priorities.
From the 116th Congress to 2020 (PwC) How will policy and regulatory changes affect your business?
Microsoft wants to work with Trump and Congress on cybersecurity (CNBC) Microsoft's president told CNBC the company wants to work with Congress to establish cybersecurity measures for civilians.
World Wide Web Inventor Wants New 'Contract' to Make Web Safe (SecurityWeek) World Wide Web inventor Tim Berners-Lee called for a "contract" to make internet safe and accessible for everyone, saying the internet has deviated from the goals its founders had envisaged.
Cybersecurity officials start focusing on the 2020 elections (AP NEWS) An unprecedented federal and state collaboration to defend election systems against Russian interference ended with no obvious voting system compromises, although it's not entirely clear why. Federal officials are wondering whether foreign agents are saving their ammunition for the 2020 presidential showdown or planning a late-stage misinformation campaign to claim Tuesday's election had been tainted. It doesn't change how vulnerable most states are to possible interference.
Facebook Thwarted Chaos on Election Day. It’s Hardly Clear That Will Last. (New York Times) Facebook made strides toward cleaning up its service in the last two years. But it continues to behave most responsibly only when placed under a microscope.
Secretary Kirstjen M. Nielsen Statement on National Critical Infrastructure Security and Resilience Month (Department of Homeland Security) Secretary of Homeland Security Kirstjen M. Nielsen released a statement on President Trump’s Proclamation of November as National Critical Infrastructure Security and Resilience Month.
Critical infrastructure protection legislation is maturing. Will your utility be ready? (Smart Energy) 2019 will be an important year for the energy sector as global utilities in smart energy, water and gas address the compliance requirements for critical infrastructure ordered by both the NIS Directive and GDPR in the EU.
The Starter Pistol Has Been Fired for Artificial Intelligence Regulation in Europe (SecurityWeek) Democracy itself is threatened by unbridled use of Artificial Intelligence (AI), says Paul Nemitz, who has essentially fired the starter pistol for European AI Regulation.
Keynote Address by Glenn S. Gerstell, General Counsel NSA to the American Bar Association 28th Annual Review of the Field of National Security Law Conference (IC ON THE RECORD) Starting my remarks with a short quotation from a hearing before the U.S. Senate seems fitting given that we’re at a legal conference in Washington...
Trump forces out Jeff Sessions as US attorney general (Federal News Network) Attorney General Jeff Sessions resigned as the country's chief law enforcement officer after enduring more than a year of blistering and personal attacks over being recused from the Russia investigation.
USPTO Names Silicon Valley Tech Attorney As New Deputy Director (Intellectual Property Watch) The United States Patent and Trademark Office (USPTO) today announced a new deputy director, Laura Peter, a veteran intellectual property attorney, most recently at Silicon Valley cyber-defence firm A10 Networks.
Litigation, Investigation, and Law Enforcement
Sessions’s ouster throws future of special counsel probe into question (Washington Post) The new acting attorney general could sharply curtail Robert S. Mueller III’s authority or budget.
Gab cries foul as Pennsylvania attorney general subpoenas DNS provider (Ars Technica) "I struggle to see a legit basis for this," one First Amendment expert told us.
Privacy International Files GDPR Complaints (Infosecurity Magazine) Privacy International Files GDPR Complaints. Oracle, Experian and Equifax are among companies in the crosshairs
Zuckerberg rebuffs request to appear before UK parliament (AP NEWS) Facebook CEO Mark Zuckerberg has rejected a request to appear before an international parliamentary committee delving into the questions around fake news.
U.S. Secret Service Warns ID Thieves are Abusing USPS’s Mail Scanning Service (KrebsOnSecurity) A year ago, KrebsOnSecurity warned that “Informed Delivery,” a new offering from the U.S. Postal Service (USPS) that lets residents view scanned images of all incoming mail, was likely to be abused by identity thieves and other fraudsters unless the USPS beefed up security around the program and made it easier for people to opt out. This week, the U.S. Secret Service issued an internal alert warning that many of its field offices have reported crooks are indeed using Informed Delivery to commit various identity theft and credit card fraud schemes.
Israeli tech helped Saudis kill journalist, Snowden tells Tel Aviv confab (Times of Israel) Fugitive NSA leaker lambastes Israel’s NSO Group as 'the worst of the worst,' is rebuked by former Mossad official who now works in the surveillance industry
Sim Swapping Crypto Stealing Hackers Arrested by Turkish Police (HackRead) Eleven Turkish individuals have been arrested by Turkish police department for stealing cryptocurrency worth approx. $80,000 via Sim Swapping.
DDoS attacker who targeted Steam, Sony and Electronic Arts pleads guilty (Computing) DerpTrolling 'brains' Austin Thompson faces up to ten years in prison over DDoS campaign