Cyber Attacks, Threats, and Vulnerabilities
Cylance researchers discover powerful new nation-state APT (CSO Online) A new APT, dubbed White Company, is flexing its muscle on the world stage, and it has security researchers worried.
Cylance Discovers New Middle Eastern APT Actor: The White Company (BusinessWire) Research Uncovers a New, Well-Resourced Group Targeting Pakistan’s Air Force
APT Group Uses Windows Zero-Day in Middle East Attacks (SecurityWeek) Windows zero-day fixed by Microsoft with its November 2018 Patch Tuesday updates (CVE-2018-8589) used by an APT group in attacks aimed at the Middle East
Nigerian firm takes blame for routing Google traffic through China (Reuters) Nigeria's Main One Cable Co took responsibility on Tuesday for a glitch tha...
Google Internet Traffic Wasn't Hijacked, But It Was Out of Control (WIRED) For two hours on November 12, Google internet traffic mistakenly rerouted through China, Russia, and elsewhere. Here's why.
Sophisticated Cyberattack Targets Pakistani Military (SecurityWeek) A previously undisclosed threat actor is targeting government and military assets in Pakistan as part of a new, unusually complex espionage campaign, Cylance security researchers warn.
Nationalism driving fake news in India (BBC News) BBC research shows how a desire to reinforce national identity is pushing people to share fake news.
More Information About Last Week’s Takedowns (Facebook Newsroom) Over the last year, we have been much more proactive in finding and removing inauthentic behavior, including from foreign actors.
Facebook: Fake Instagram accounts used Trump, Kanye and social issues to target voters (USA TODAY) Facebook says Russians exploited divisive issues and people such as Kanye West and President Trump to target voters ahead of the midterm elections.
Russian Hackers Largely Skipped the Midterms, and No One Really Knows Why (Wall Street Journal) After unleashing widespread cyberattacks and disinformation warfare on the U.S. in 2016, Russia’s trolls and hackers mostly appeared to have sat on the sidelines ahead of last week’s midterm elections.
Nigerian firm takes blame for routing Google traffic through China (Reu) Nigeria's Main One Cable Co took responsibility on Tuesday for a glitch tha...
New Report Finds Bad Bots Comprise Almost Half of All Traffic on Airlines’ Websites, Mobile Apps, and APIs (Distil Networks) Distil Research Lab releases first industry-specific data focused on airline bot activity
PayPal phishing scam using Conditional CSS tricks and Google Captcha (My Online Security) OK got a quite strange & unusual PayPal phishing scam arrive today. The scammers either don’t like Microsoft users or can’t work out how to get the scam to work in Internet explorer or Outlook…
How does the Mylobot botnet differ from a typical botnet? (SearchSecurity) Deep Instinct recently blogged about how the new Mylobot botnet demonstrates new, complex tools and techniques. Discover how this botnet works and how it differs from a typical botnet with expert Nick Lewis.
Mylobot botnet delivers one-two punch with Khalesi malware (KTVN) With the ability to download other types of malware after infecting a computer, the Mylobot botnet is demonstrating the capability of information stealing, according to a new report from CenturyLink, Inc. (NYSE: CTL)....
Your Private Data Is Quietly Leaking Online, Thanks to a Basic Web Security Error (Bloomberg) Personal information of donors and shoppers leaked online. U.S. children’s hospital among websites leaking data.
Free VPN App Investigation (Top10VPN) We investigated the top free VPN (Virtual Private Network) apps in Apple's App Store and Google Play and found that over half are run by highly secretive companies with Chinese ownership. Very few of these hugely popular apps, which have hundreds of millions of installs worldwide, do anywhere enough to deserve the trust of consumers looking to protect their privacy.
Samsung Galaxy S9, iPhone X Hacked at Pwn2Own Tokyo (SecurityWeek) White hat hackers hack iPhone X, Samsung Galaxy S9 and Xiaomi Mi 6 at Pwn2Own Tokyo
Security Patches, Mitigations, and Software Updates
Patch Tuesday, November 2018 Edition (KrebsOnSecurity) Microsoft on Tuesday released 16 software updates to fix more than 60 security holes in various flavors of Windows and other Microsoft products. Adobe also has security patches available for Flash Player, Acrobat and Reader users.
It's November 2018, and Microsoft's super-secure Edge browser can be pwned eight different ways by a web page (Register) Look, we're tired of doing these headlines too, but there's patching to do
Windows 10 April 2018 also gets its November Patch Tuesday with additional Spectre fix (On MSFT) In addition to today's patch for the small number of users running the October 2018 Update, Microsoft has also released a patch for the April 2018 Update which brings the build version to 17134.407.
Microsoft Patches Windows Zero-Day Exploited by 'FruityArmor' Group (SecurityWeek) Microsoft patches nearly 50 vulnerabilities with its October 2018 Patch Tuesday updates, including a Windows zero-day exploited by the FruityArmor APT group
Facebook patches another bug that could have allowed mass-harvesting of user data (ZDNet) Imperva security researcher publicly discloses bug today, but Facebook patched the issue back in May.
Cyber Trends
Privacy, cloud and evolving threats: a survey of Forcepoint customer cybersecurity concerns (Forcepoint) A survey of more than 1,000 Forcepoint customers finds that cybersecurity professionals are concerned about privacy, cloud and infrastructure security, while also trying to find the balance between ensuring security and enabling access. Meeting these challenges is made more difficult by the ever-evolving cyber threats IT professionals must address and the ongoing risk of human error.
Nearly 70 Percent of SMBs Experience Cyber Attacks, Half Do Not Know How to Protect Their Companies (PR Newswire) Keeper Security, Inc., which offers leading zero-knowledge, cybersecurity solutions for businesses and individuals,...
Despite rise in security awareness, employees’ poor security habits are getting worse (Help Net Security) Employees’ poor cybersecurity habits are getting worse, compounded by the speed and complexity of the digital transformation.
SailPoint Survey Shows Employees’ Habits Expose Growing Risk Amid the Digital Transformation (BusinessWire) SailPoint’s 10th Annual Market Pulse Survey found employees’ bad cybersecurity habits are exposing growing risks amid the digital transformation.
Carbon Black’s UK Threat Report is grim news for those protecting data (MicroscopeUK) Attacks are widespread and the criminals are outwitting a lot of customers, which worries Nick Booth
Ransomware no. 1 cyberthreat to SMBs, and the average attack costs $47K (TechRepublic) More than 55% of MSPs said their clients experienced a ransomware attack in the first six months of 2018, according to a Datto report.
Marketplace
M&A transactions may be stalling due to GDPR compliance concerns (Help Net Security) 66 percent of those surveyed believe that GDPR will increase acquirers’ scrutiny of the data protection policies and processes of target companies.
XM Cyber Closes $22 Million in Series A Funding (XM Cyber) Cybersecurity Disruptor will Use New Investment to Fuel Continuous Growth and Innovation
Novetta acquires Berico Technologies (Intelligence Community News) McLean, VA-based Novetta announced on November 12 the acquisition of Berico Technologies, based in Reston, VA. Novetta’s acquisition of Berico is rooted in the alignment of mission, capabilit…
Can BlackBerry Afford A $1.5 Billion Deal For Cylance? (Seeking Alpha) BB is rumored to be in talks to acquire cybersecurity company Cylance for $1.5B. The deal could make sense strategically, but the combined entity could be cash
Palantir Has a $20 Billion Valuation and a Bigger Problem: It Keeps Losing Money (Wall Street Journal) The Silicon Valley unicorn, a data-analysis giant that’s inching toward an IPO, has been run like a scrappy startup, including lavish perks. CEO Alex Karp is now under pressure to remake the business, including bringing an end to what’s known inside the company as “Palantir Entitlement Syndrome.”
Exclusive: Cloud Securer Netskope Raises $170 Million, Sprouts 'Unicorn' Horn (Fortune) Meet the latest billion-dollar cybersecurity firm.
How Prague’s Avast went from Soviet-era security project to $4.5 billion IPO (VentureBeat) Avast reached the pinnacle of capitalism with its IPO. But the security company's journey from a Soviet-era research lab in Prague was long and winding.
Siemens Teams Up with Aruba: Two Aim to Meld OT/IT Offering (Computer Business Review) Siemens has inked a strategic partnership with HPE's Aruba that marries their respective Operational Technology (OT) and IT portfolios.
Abusix Joins Open Invention Network as Licensee (WBOC) Abusix, a specialist provider of Threat Intelligence and Subscriber Security solutions for Telcos and Internet Service Providers (ISPs), has joined the largest patent non-aggression community in history, created by and for Linux and Open Source Software supporters.
Valve paid $20,000 to hacker who discovered critical Steam security flaw (PCGamer) Researcher Artem Moskowsky found an easy way to generate all the Steam keys he wanted.
Port Covington backers prepping city residents for cyber gigs (Maryland Daily Record) The team steering community investment efforts from Port Covington’s redevelopment aims to help build a pipeline leading Baltimore residents to cybersecurity jobs at “Cyber Town USA.…
Bossier Chamber of Commerce encourages students to pursue a career in cyber technology (KTBS) The Bossier Chamber of Commerce wants more high schoolers to think about a career in cyber technology.
Siemplify Taps Former Carbon Black and Cisco Channel Executive to Boos (PRWeb) Siemplify, the leading innovator in security orchestration, automation and response (SOAR), today announced the appointment of Bradd Barmettler as global head o
Products, Services, and Solutions
Cavirin Auto-Remediation Workflows Help Hybrid Cloud Enterprises Maintain Golden Security Posture (Cavirin) Cavirin's newest release delivers auto-remediation across AWS with Lambda functions and across all environments with Ansible Playbooks.
Ciphertex Debuts Two New Servers at SuperComputing-18 (BusinessWire) Ciphertex Data Security, a leading data security solutions provider, today announced two new servers at the SuperComputing-18 Conference. The new Ciph
The Bricata Comprehensive Network Protection Platform Earns FIPS... (Bricata) NIST Has Issued Certificate #3325 to Bricata, Completing Rigorous FIPS 140-2 Testing Process for Deployments in U.S. Federal Government November 14, 2018 – Columbia, Md. – Bricata, Inc., a leading provider of comprehensive network protection, today announced the immediate... #bricata #fips #news
Protego Spearheads Launch of the OWASP Official Serverless Top 10 Project (WBOC) The Open Web Application Security Project (OWASP) released today the official OWASP Serverless Top 10 project initiated by Protego Labs.
Prey for Business Offers Beta Location History Capability and New Fleet Status Dashboard (GlobeNewswire News Room) Map Timeline Lets Users See Where Device Has Been Over Time
DataMotion and Zipari Enter into Strategic Partnership to Boost Consumer Engagement (News9) Collaboration Provides HIPAA-Compliant Secure Messaging for Insurance Self-Service Portals and Mobile Applications
Alert Logic Introduces SIEMless Threat Management™ to Help Resource-Constrained Organizations Get the Right Coverage at an Optimal Cost (GlobeNewswire News Room) New Offering Seamlessly Connects Platform, Intelligence and Experts to Address Threats and Compliance Risks 24/7 Across Any Environment at a Lower Total Cost
CyGlass Inc. and NETSHIELD Corp. Team Up in Strategic Partnership (Benzinga) CyGlass Inc., a SaaS AI-driven network-centric dark threat detection solution, and NETSHIELD Corp., a global...
Bitdefender announces security integration with Kaseya (IT Brief) The new partnership will allow VSA by Kaseya’s cloud and on-premises users to deploy and manage security with Bitdefender Cloud Security for MSPs.
How to design a cyber-secure smart grid (Power Engineer) The European Network for Cyber Security (ENCS) has launched a new training course that it claims will give security architects “the knowledge to design secure smart grid systems”.
Twistlock Releases Cloud Discovery Open Source Tool for Cloud Native Services - DevOps.com (DevOps.com) A simple, powerful way for audit and security practitioners to discover all 'unknown unknowns' across cloud environments PORTLAND, Ore., Nov. 13,
Holiday Shopping Safety Tips: LastPass 2018 Online Retailer Security List (The LastPass Blog) Keep your information safe this holiday season! LastPass ranks 2018’s top 10 online retailers from most to least secure and shares what to lookout for.
Technologies, Techniques, and Standards
The Hail Mary Plan to Restart a Hacked US Electric Grid (WIRED) On tiny Plum Island, DARPA stages a real-life blackout to put its grid recovery tools to the test.
What the Onslow Water and Sewer Authority Can Teach About Responsible Disclosure (SecurityWeek) From a communications and technical standpoint, the Onslow Water and Sewer Authority (ONWASA) turned a malicious cyber incident into a strong success story on many fronts.
ISACA refreshes COBIT framework to address latest business technology trends and standards (Help Net Security) Customers that adopt COBIT 2019 will benefit from optimized resource use, increased efficiency, and better management of their information and technology.
How to fit all of Shakespeare in one tweet (and why not to do it!) (Naked Security) A security researcher squoze 1,299,999 words into a single tweet, thanks to image metadata that Twitter doesn’t remove.
Build the Capacity to Hunt for Publicly Disclosed Indicators of... (Bricata) Earlier this year federal authorities unveiled multi-stage and widespread cyber-attacks on the U.S. energy sector and other infrastructure locations. At the time, these attacks had been ongoing for at least a year and incurred several successful compromises... #ics #networksecurity #threathunting
Phishing Training is a Tool, Not a Solution (SecurityWeek) It’s time to swing the pendulum back, and put the responsibility to do battle with phishing campaigns back where it most correctly belongs—on the security systems.
Design and Innovation
How to Teach Artificial Intelligence Some Common Sense (WIRED) We’ve spent years teaching neural nets to think like human brains. They’re crazy-smart, but what if we’ve been doing it all wrong?
Bank of America Obtains Crypto Patent, is it Planning to Operate a Wallet? (NewsBTC) A sure sign of growing adoption and institutional interest in cryptocurrencies is when major banks start to look at them more closely. The second largest A sure sign of growing adoption and institutional interest in cryptocurrencies is when major banks start to look at them more closely.
Research and Development
White House to Approve Massive Cybersecurity "Moonshot" Recommendations Tomorrow (ClearanceJobs) The Cyber Moonshot is an initiative to make the internet safe in ten years. Tomorrow the committee behind this plan will present recommendations to the White House on how to make this ambitious goal a reality.
Academia
Diversity Matters: FS-ISAC Awards Scholarships to Build Talent Pipeline in the US and Globally (FSISAC) Fourteen women awarded scholarship across the US; 24 scholarships awarded globally in 2018
Legislation, Policy, and Regulation
The UN GGE is dead: Time to fall forward (ECFR) The top down UN GGE process appears dead in the water. International norms and laws for responding to cyber attacks must now be built from the bottom up.
Paris Call for Trust and Security in Cyberspace (France Diplomatie) Cyberspace now plays a crucial role in every aspect of our lives and it is the shared responsibility of a wide variety of actors, in their respective roles, to improve trust, security and stability in cyberspace.
U.S. tech giants back French call for global cooperation in cyberspace (Cyberscoop) A multifaceted framework for lessening aggression in global cyberspace was unveiled by the French government on Monday, drawing support from tech giants and digital rights groups.
Facebook will let French regulators study its efforts to fight hate speech (Washington Post) Facebook will invite French regulators to study its approach to combating hate speech online, marking the latest attempt by governments around the world to figure out ways to thwart toxic content from spreading.
Intel Asks for Comments on Draft Federal Privacy Law (SecurityWeek) Intel has developed and published a draft model federal bill that it calls the "Innovative and Ethical Data Use Act of 2018", and is inviting comments from businesses, privacy experts and the general public.
Encryption laws threaten $3b cyber security industry, tech firm Senetas warns (Financial Review) New laws for spy agencies to snoop on electronic devices could scare off investment in local cybersecurity systems and weaken systems, government contractor warns.
Senetas' delay in encryption bill submission surprising (ITWire) One of the curious aspects surrounding the Federal Government's encryption bill is why it took Australian firm Senetas — which has technology exports...
It’s Amateur Hour in the World of Spyware and Victims Will Pay the Price (Motherboard) We’re living in the golden age of spyware and government hacking, with companies rushing to join a blossoming billion dollar market. The weakest among us—activists or journalists—will suffer the consequences if we don’t regulate it appropriately.
Congress Passes Legislation Standing Up Cybersecurity Agency in DHS (Department of Homeland Security) On November 13, the United States House of Representatives voted unanimously to pass legislation creating the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS).
U.S. Adopts New Battle Plan to Fight China’s Theft of Trade Secrets (Wall Street Journal) The Trump administration is broadening its China trade battle beyond tariffs with a plan to use export controls, indictments and other tools to counter the theft of intellectual property.
Pentagon task force not a ‘quick-fix’ to protect critical technology (Fifth Domain) A Pentagon task force to prevent the swiping of American secrets and improve supply chain cybersecurity will include representatives from at least seven agencies and is expected to have a long-term vision.
Trump Preparing to Oust Homeland Security Secretary, Post Says (Bloomberg) U.S. Homeland Security Secretary Kirstjen Nielsen may be removed by President Donald Trump in the near future, the Washington Post reported Monday night.
Pentagon cyber official warns U.S. companies against 'hacking back' (TheHill) A top cyber official at the Defense Department on Tuesday urged companies to refrain from “hacking back” when they are the victim of a cyberattack, saying it could negatively affect the already unclear rules of engagement in cyberspace.
State vs. Federal Privacy Laws: The Battle for Consumer Data Protection (SecurityWeek) There has long been speculation that the need for a federal data privacy policy would finally be realized only after the ‘perfect storm’ occurred.
Government to extend age-verification to social media (Computing) Culture secretary Margot James admits plans to extend adult website age verification to social media websites
Litigation, Investigation, and Law Enforcement
Russia wants DNC’s election-hacking lawsuit thrown out (Washington Post) Moscow warns the State Department that American spy agency hacking exposes the U.S. to similar charges.
China scours social media, erases thousands of accounts (Reuters) China’s top cyber authority has scrubbed 9,800 social media accounts of independent news providers deemed to have posted sensational, vulgar or politically harmful content on the Internet, it said late on Monday.
Facebook Failed to Police How Its Partners Handled User Data (New York Times) For years, Facebook struck deals that gave device makers access to troves of user data. A disclosure to Congress details the company’s lax oversight of those partnerships.
Australia's cyber security chief says Austal defense hack investigation may take years (Reuters) Australia's chief cyber security chief said on Tuesday an investigation into...
Analysis | The Cybersecurity 202: Amazon is now at the center of a debate over public safety versus privacy (Washington Post) Prosecutors are trying to force Amazon to turn over data on Echo device for a murder case.
Hacking Team Hacker Phineas Fisher Has Gotten Away With It (Motherboard) Leaked court documents show that Italian authorities have no idea who hacked the government spyware maker Hacking Team.
Man pleads guilty to swatting attack that led to death of Kansas man (Ars Technica) Prosecutor: Tyler Barriss' "disregard for the safety of other people was staggering."
Does wiping your iPhone count as destroying evidence? (Naked Security) Police say it’s a felony, but a woman arrested in connection with a drive-by shooting says she doesn’t even know how to remotely wipe.
El Capitan student, 14, arrested on suspicion of threatening the high school on social media (San Diego Union Tribune) A 14-year-old student at El Capitan High School was arrested on suspicion of making threats on social media against the Lakeside school, sheriff’s officials said Monday.