Cyber Attacks, Threats, and Vulnerabilities
tRat: New modular RAT appears in multiple email campaigns (Proofpoint) Proofpoint researchers detail a new RAT being distributed by TA505.
Delay, Deny and Deflect: How Facebook’s Leaders Fought Through Crisis (New York Times) Russian meddling, data sharing, hate speech — the social network faced one scandal after another. This is how Mark Zuckerberg and Sheryl Sandberg responded.
Facebook’s weapon amid chaos and controversy: misdirection (TechCrunch) The New York Times’ bombshell report into the past three years at Facebook paint a grotesque picture of the company’s attempts to navigate a string of high-profile controversies by using unsavory, unethical and dark PR tactics. The Times’ report, citing more than 50 sources, accus…
Chinese Hackers Target UK Engineering Company: Report (SecurityWeek) Recent attacks on an engineering company in the United Kingdom were attributed to a China-related cyber-espionage group despite the use of techniques usually associated with Russian threat actors.
Cranes Exposed to Possible Cyber-Sabotage—What We Can Learn (Infosecurity Magazine) Why the scenario of a hacked crane is a concern for wider cybersecurity.
Rosie the CNC Machinist: American Manufacturing as a Warfare Domain (War on the Rocks) For want of a nail the shoe was lost; For want of a shoe the horse was lost; For want of a horse the rider was lost; For want of a rider the battle was
Container Malware: Miners Go Docker Hunting In The Cloud (Juniper Threat Labs) The advent of microservices has led to us witnessing containers take the cloud by storm. But, this boom in the container-cloud relationship is exposing security issues that are inviting malware into the party as well.
HookAds Malvertising Installing Malware via the Fallout Exploit Kit (BleepingComputer) The HookAds malvertising campaign has been active lately and redirecting visitors to the Fallout Exploit Kit. Once the kit is activated, it will attempt to exploit known vulnerabilities in Windows to install different malware such as the DanaBot banking Trojan, the Nocturnal information stealer, and GlobeImposter ransomware.
New Ransomware Strain Evades Detection by All but One Antivirus Engine (Security Intelligence) A new strain of Dharma ransomware is able to evade detection by nearly all of the antivirus solutions on the market.
Apple says nothing as Apple ID accounts mysteriously locked down (HOTforSecurity) Has someone been trying to hack into a large number of Apple ID accounts? That's one of the theories circulating after a significant number of iPhone owners woke up on Tuesday to discover that their handsets were displaying a message saying that...
Unpatched Android OS Flaw Allows Adversaries to Track User Location (Threatpost) The vulnerability is one of many with the same root cause: Cross-process information leakage.
Official Google Twitter account hacked in Bitcoin scam (Naked Security) The epidemic of Twitter-based Bitcoin scams took another twist this week as attackers tweeted scams directly from two verified high-profile accounts.
Inside the Messy, Dark Side of Nintendo Switch Piracy (Motherboard) Doxing rivals, stealing each other’s files, and poking around Nintendo’s servers are all a normal part of the ballooning Nintendo Switch hacking and piracy scenes.
Target and other high profile Twitter accounts exploited for cryptocurrency scams. Umm... is Twitter doing anything about this? (Graham Cluley) The latest high profile account to be abused by scammers to promote a cryptocurrency giveaway? US retail giant Target.
20% of MageCart-compromised merchants get reinfected within days (The State of Security) MageCart, the notorious malware that has been haunting online stores by stealing payment card details from online shoppers at checkout, is reinfecting the same websites time and time again.
Cyber criminals eye huge windfalls via small government agency hacks (SecurityInfoWatch.com) Ransomware, other attacks wreak havoc on local and state networks, put critical infrastructure and services at risk
Small-Time Cybercriminals Landing Steady Low Blows (Dark Reading) High-end crime groups are acquiring the sorts of sophisticated capabilities only nation-states once had, while low-tier criminals maintain a steady stream of malicious activity, from cryptomining to PoS malware.
Targeted ransomware attacks – SophosLabs 2019 Threat Report (Naked Security) This year’s SophosLabs Threat Report is out. We talk targeted ransomware attacks, and in particular, SamSam.
The Hack Millions of People Are Installing Themselves (Motherboard) Security conscious users keep their operating system and other software up to date, but a huge risk is often overlooked: the underground trade of malicious browser extensions that people install themselves.
Security Patches, Mitigations, and Software Updates
Firefox will alert you if a website you visit has been pwned (Inquirer) Mozilla's Monitor 2.0 is adding notifications for website breaches
Siemens Releases 7 Advisories for SIMATIC, SCALANCE Vulnerabilities (SecurityWeek) Siemens has released 7 advisories to warn users of potentially serious vulnerabilities affecting various SIMATIC and SCALANCE products
Microsoft update breaks Calendar and Mail on Windows 10 phones (Naked Security) Still reeling from last week’s Windows 10 Pro debacle, Microsoft dropped a fresh pile of “Oops!” onto Windows 10 Mobile users.
Cyber Trends
Cyberwarfare: The danger and potential answers, is AI a threat or solution? (Information Age) Following comments by, Nick Carter, Information Age quizzed experts on the threat of cyberwarfare and what we can do about it:
StackRox Report: Misconfigurations and Runtime Security Top Enterprise Concerns in Containers and Kubernetes Deployments (BusinessWire) Industry’s First “State of Container Security” Report Finds that Organizations Consider Their Container Security Strategies Lacking and Expect Operations Teams to Lead Security Efforts
The State of Container Security 2018 Report (StackRox) StackRox has compiled the industry’s first State of Container Security report, highlighting the perspective of more than 200 enterprises deploying containers today.
Security Predictions 2019 (FIreEye) Facing forward...
IoT related security missteps cost enterprises millions (Help Net Security) Enterprises have begun sustaining significant monetary losses stemming from the lack of good practices as they move forward with incorporating the IoT
Why Is Antivirus Software Still a Thing? (Motherboard) Antivirus has been around for more than 20 years. Do you still need it to protect yourself today?
60% of firms believe a major security event will hit in the next few years (Help Net Security) Only 30% of 1,250 senior executives, management and security practitioners are confident their business will avoid a major security event.
Employees aren't taking the proper steps to keep information safe while traveling (Help Net Security) Employees aren’t taking the proper steps to keep their organizations’ information safe while traveling, according to ObserveIT.
What's keeping Europe's top infosec pros awake at night? (Help Net Security) As the world adapts to GDPR and puts more attention on personal privacy and security, Europe’s top information security professionals still have doubts
Do Wearable Devices Connect People to the Internet of Things? (Clutch) People who own wearable devices mostly connect them to their smartphones, rather than other IoT devices, which limits their devices' functionality, according to our new survey. Read More
Critical Data Protection Report (IntelliSecure) Findings based on groundbreaking benchmark survey of 318 executives and cybersecurity professionals in the United States, Canada, and the United Kingdom.
Marketplace
It's happening: Consolidation is coming for the cybersecurity industry (Cyberscoop) It’s starting to happen. Amid a flurry of mergers and acquisitions, the cybersecurity industry is embarking on a path of consolidation that analysts predict will result in the existence of far fewer companies within just a few years.
Cisco CEO on layoffs: 'an unfortunate step we needed to take' (CRN Australia) Chuck Robbins said layoffs were needed for restructure.
Fair-weather friends? Facebook workers lose faith in internet giant (Times) Employees of Facebook have become increasingly pessimistic about the company’s future and are less certain that it is making the world a better place, according to a leaked poll. The social network...
Forcepoint to trim partner base and focus on enterprise (CRN Australia) Reducing the number of transactional partners as it moves upmarket.
Russian cyber security firm moves away from Moscow after allegations of Kremlin spying (Sky News) Kaspersky Lab is moving crucial aspects of its infrastructure to Switzerland, away from the Kremlin's jurisdiction.
Walmart, Microsoft, AT&T-Backed Foundry Invests Millions in Encryption Pioneer (Fortune) Duality Technologies helps companies share data even while preserving people's privacy.
Exclusive: Dragos Raises $37 Million to Secure Industrial Systems (Fortune) An NSA veteran takes on nation state attackers.
Automox Secures $9.3M Series A Funding Round (GlobeNewswire News Room) Boulder-based company’s automated patching and configuration management solution attracts investment from TechOperators, CRV, and Tom Noonan, who also joins the board of directors
Imminent Bitcoin Cash schism triggers cryptocurrency selloff (Ars Technica) Bitcoin's value falls below $5,500 for the first time since 2017.
Check Point Software Finally Goes on the Offensive (The Motley Fool) The cybersecurity specialist is doing the right things to accelerate growth.
Alion Science books $769M ISR, cyber integration order (Washington Technology) Alion Science and Technology books a $769 million task order to integrate systems and subsystems for the U.S. military’s ISR and cyber platforms.
MACH37 Cyber Accelerator Opens Applications for Spring 2019 Session (GlobeNewswire News Room) Cohort Begins April 1, 2019
Israeli firms, ministry set up consortium to tackle aviation cyberthreats (Times of Israel) Group includes startups and veteran cybersecurity and aviation companies; the aim is to create a virtual bulletproof cockpit door for the cybersphere, Israel's cyberchief says
The Nation's First "Global Cyber Innovation Summit" Premieres In Maryland In May 2019 (PR Newswire) A premier, Invitation-only, cybersecurity forum– The Global Cyber Innovation Summit – will stage its first annual...
Vice Admiral (Ret.) Jan Tighe Joins Paladin Capital Group’s Strategic (PRWeb) Paladin Capital Group is pleased to announce that Vice Admiral (Ret.) Jan Tighe, has joined Paladin’s Strategic Advisory Group. “Jan is one of the world’s for
Ping Identity Announces Additions to Leadership Team (BusinessWire) Ping Identity, the leader in Identity Defined Security, today announced the addition of two new executives to its leadership team. Bernard Harguindegu
Exostar Names Stuart Itkin Vice President of Product Management (AP NEWS) Exostar, the leader in trusted, secure business collaboration in aerospace and defense (A&D) , life sciences , and healthcare , today announced that Stuart Itkin has joined the company as Vice President of Product Management. He will oversee all of Exostar’s strategic and tactical product management and product marketing activities.
Products, Services, and Solutions
Digital Defense Announces Frontline Active Threat Sweep™ (Digital Defense) Fast, Easy to Deploy, Cost-Effective Alternative to Threat Hunting Platforms
Microsoft and Glasswall Collaborate on Azure and O365 (BusinessWIre) Microsoft and Glasswall Solutions today announced that Glasswall has earned Co-Sell Ready status through the Microsoft One Commercial Partner Program.
Kingston Enhances Award-Winning IronKey D300 Encrypted USB (BusinessWIre) Kingston Digital, Inc., the Flash memory affiliate of Kingston Technology Company, Inc., a world leader in memory products and technology solutions, h
ThreatConnect Expands TIP Capabilities with New Automation Not Available in Similar Products (Press of Atlantic City) In an effort to address the growing threat intelligence market need for automation, ThreatConnect, Inc. ®, provider of the industry's only extensible, intelligence-driven security platform, has
King & Union and Farsight Security Announce Strategic Partnership (PR Newswire) King & Union, the provider of Avalon, a threat analytics platform built with collaboration at its core, today...
Kenna Security delivers industry-first peer benchmarking for vulnerability management (GlobeNewswire News Room) New features and enhancements improve upon Kenna’s data-driven approach to cybersecurity, giving companies an industry-specific view of their risk
Cequence Security Announces Game-Changing Application Security Platform (ASP) to Stop Bot Attacks (BusinessWire) Cequence Security provides effective, scalable defense against the growing number of bot attacks including account takeover, content scraping & DDoS.
Acunetix Vulnerability Scanner Now Also on Linux (Acunetix) Linux platform improves reliability, security and performance November 2018, London, UK – Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix for Linux. Known to be reliable, cost effective and secure, Linux is the server operating system of choice for many large organisations including Facebook, Twitter and Google. Acunetix …
Vade Secure launches IsItPhishing Threat Detection to help SOCs identify phishing URLs (Help Net Security) Vade Secure's IsItPhishing Threat Detection enables SOCs to automate the detection and blocking of targeted phishing attacks across the entire network.
Cryptowerk introduces blockchain-based technology to certify data integrity of digital assets (Help Net Security) Cryptowerk Seal creates a digital seal of each asset based on SHA hashes, which is then stored on any public, private or hybrid blockchain.
Intel, AMD set to release next-gen server CPUs (CRN Australia) Targeting high-performance computing and AI.
EdgeWave Debuts Post-Delivery Email Security Service (Media Post) EdgeWave says its new ThreatTest can remove suspicious emails from all inboxes in a company.
EZShield Launches Mobile Defense Suite (BusinessWire) EZShield, a portfolio company of The Wicks Group (
Technologies, Techniques, and Standards
Building A More Secure Connected Healthcare Environment (Chertoff Group and Abbott) The healthcare sector is in the midst of a major transformation, including changing demographics, an evolving public policy environment and rapidly advancing technology. A core element of this technology change is the advent of connected healthcare, which is empowering physicians to deliver superior results and extend patient lives.
New readiness metrics for DoD cyber force (Fifth Domain) As cyber forces and threats mature, DoD is looking at how to ensure forces can meet mission objectives.
The GDPR Disclosure Conundrum (Infosecurity Magazine) New rules imposed by the EU can be particularly challenging for organizations to disclose a breach within such a tight a timeframe.
How to Securely Wipe Your Devices So You Can Recycle or Resell Them (Motherboard) How to clean out that drawer of old phones, laptops, and hard drives without having to worry about someone getting their hands on your data.
7 Things UEBA Detects (Bay Dynamics) User and Entity Behavior Analytics (UEBA) is picking up steam among organizations across industries of all sizes. A survey by analyst firm Enterprise Strategy Group reveals only 6% of 400+ cyber security pros have no plans to deploy machine learning/AI technologies for cybersecurity analytics and operations, which would include UEBA. That means the vast majority have UEBA on their radar.
Venafi Research: Do Government Officials Need Cyber Security Training? (Venafi) According to Venafi research, the vast majority of security professionals believe their government officials should complete cyber security training
Design and Innovation
HTTP/3: Come for the speed, stay for the security (Naked Security) Key personnel at the Internet Engineering Task Force (IETF) have suggested basing the next version of a core web protocol on Google technology.
Using Machine Learning to Cluster Malicious Network Flows From Gh0st RAT Variants (TrendLabs Security Intelligence Blog) Cybercriminals have become more and more creative and efficient in their efforts to successfully bypass network security.
Research and Development
The Hail Mary Plan to Restart a Hacked US Electric Grid (WIRED) On tiny Plum Island, DARPA stages a real-life blackout to put its grid recovery tools to the test.
What Constant Surveillance Does to Your Brain (Motherboard) Technology is getting more adept at tracking our moves and anticipating our choices, and being watched all the time can make us feel anxious.
Legislation, Policy, and Regulation
Nigeria: Will a Cyber Command Solve its Cyber Crime Problems? (TechNative) In late August 2018, the government of Nigeria announced that the establishment of its cyber command to be headquartered in Abuja.
Microsoft, Google Back Paris Cyber Pledge on Chips, Hacks (Data Center Knowledge) Microsoft, Google, and Samsung backed a Paris cybersecurity pledge to unite tech giants and governments in battling election tampering, compromised electronic components, and software hacks
Paris Call for trust and security online has been backed by Kaspersky Lab (htxt.africa) The Paris Call calls on firms and countries to work together to fight the scourge of cybercrime.
US Panel Warns Against Government Purchase of Chinese Tech (SecurityWeek) A congressional advisory panel says the purchase of internet-linked devices manufactured in China leaves the United States vulnerable to security breaches that could put critical U.S. infrastructure at risk.
Department of Defense’s Cybersecurity Acquisition and Practices from the Private Sector (US Senate Committee on Armed Services) To receive testimony on the Department of Defense’s cybersecurity acquisition and practices from the private sector.
Testimony on the Department of Defense’s Cybersecurity Acquisition and Practices from the Private Sector [Dmitri Alperovitch] (US Senate Committee on Armed Services) Chairman Rounds, Ranking Member Nelson, Senators of the Subcommittee: thank you for inviting me to testify at today’s hearing. I co-founded CrowdStrike more than 7 years ago with a mission to stop cyber breaches, including those caused by some of the most sophisticated adversaries.
Is the Defense Department’s entire vision of cybersecurity wrong? (Fifth Domain) One top official believes the physical world is not analogous to the cyber world.
26 Democrats Demand Besieged Homeland Security Sec. Kirstjen Nielsen Resign (The Daily Beast) Trump reportedly wants to fire Kirstjen Nielsen over immigration. And now, in a new letter, 26 House Democrats want Nielsen out for doing Trump’s bidding too well.
Zimbabwe: Japan Extends $3.6 Million Grant to Zimbabwe for Cyber Security (allAfrica.com) The Japanese government has extended a $3.6 million grant to Zimbabwe which will be used for the acquisition of cyber security equipment.
Litigation, Investigation, and Law Enforcement
Cathay Apologizes Over Data Breach but Denies Cover-up (SecurityWeek) Cathay Pacific apologized for the firm's handling of the world's biggest airline hack that saw millions of customers' data breached but denied trying to cover it up.
Microsoft facing GDPR fine over Office 365 telemetry (Computing) 25,000 'events' Office 365 recorded and shared among 30 engineering teams at Microsoft
Less than half of federal agencies have met identity management rules (Fifth Domain) Only 41 percent of government agencies have met the federal guidelines for identity and access management, according to a new report.
U.S. says defendant in Elliott Broidy hacking case has diplomatic immunity (NBC News) The ex-diplomat accused of helping steal and distribute GOP fundraiser Elliot Broidy's emails is entitled to immunity, the U.S. government tells NBC News.
ICO Prosecution Leads to First Jail Term (Infosecurity Magazine) Privacy watchdog sees data thief go to prison for six months
Support wouldn’t change his password, so he mailed them a bomb (Naked Security) The Cryptopay customer asked customer services for a new password. They refused, given that it was against the company privacy policy.
Text messages show Roger Stone and friend discussing WikiLeaks plans (NBC News) "Big news Wednesday ... Hillary's campaign will die this week," Randy Credico appears to have texted Stone six days before WikiLeaks email dump.
U.S. Ramps Up Sanctions on Hezbollah as Part of Iran Pressure (Wall Street Journal) The Trump administration on Tuesday targeted Iran-backed Hezbollah with fresh terrorism-related sanctions, as the U.S. moves to keep up pressure on Tehran and its tools of foreign-policy abroad despite resistance from European allies.
Saudi prosecutor seeks death penalty in Khashoggi murder (Al Jazeera) Kingdom is seeking death penalty for five people accused of carrying out journalist's killing, Shaalan al-Shaalan says.
Pope’s foundation backs international effort to fight cyberbullying (Crux) “Words hurt more than beatings. Do they not hurt you? Are you so insensitive? What happened to me should never happen to anyone … I hope that now you are all more sensitive with your words.”