Cyber Attacks, Threats, and Vulnerabilities
Russian Hackers Are Still Probing the US Power Grid (WIRED) Researchers warn that utilities hackers don't need to cause blackouts to do damage.
The Other War in Yemen—for Control of the Country’s Internet (Foreign Policy) Opponents in the civil war use the web to block access, gather intelligence, and even mine cryptocurrency.
After a Hiatus, China Accelerates Cyberspying Efforts to Obtain U.S. Technology (New York Times) China’s practice of breaking into American computers has become a core grievance of the Trump administration as leaders of the two nations prepare to meet.
China specialists who long supported engagement are now warning of Beijing’s efforts to influence American society (Washington Post) A new report raises concerns about efforts to curtail free speech on American campuses and obtain U.S. technology.
Hackers are using leaked NSA hacking tools to covertly hijack thousands of computers (TechCrunch) More than a year after patches were released to thwart powerful NSA exploits that leaked online, hundreds of thousands of computers are unpatched and vulnerable. First they were used to spread ransomware. Then it was cryptocurrency mining attacks. Now, researchers say that hackers are using the lea…
Hackers are opening SMB ports on routers so they can infect PCs with NSA malware (ZDNet) Akamai says that over 45,000 routers have been compromised already.
AutoIt-Compiled Worm Spreads Backdoor via Removable Drives (SecurityWeek) Trend Micro security researchers have discovered an AutoIt-compiled worm that infects removable drives to spread the njRAT backdoor to other machines.
Russian language malspam pushing Shade (Troldesh) ransomware (SANS Internet Storm Center) Shade ransomware was spotted in the wild as early as 2014, and it was first called Troldesh.
UPnProxy: EternalSilence (Akamai) UPnProxy is alive and well. There are 277,000 devices, out of a pool of 3.5 million, running vulnerable implementations of UPnP. Of those, Akamai can confirm that more than 45,000 have been compromised in a widely...
Snakemackerel delivers Zekapab malware (Accenture) Snakemackerel delivered Zekapab malware the same day the UK government announced a draft of the Brexit agreement. Learn more about this cyber attack.
Facebook bug resurrects ghostly messages from the past (Naked Security) In the latest in a long line of SNAFUs, it seems Facebook has found a new way to inadvertently torment us: resurfacing old chat messages.
That Virus Alert on Your Computer? Scammers in India May Be Behind It (New York Times) The police outside New Delhi raided fake tech-support centers that sent false warnings to Americans and Canadians and then charged to “fix” the nonexistent infection.
Microsoft Warns of Two Apps That Expose Private Keys (Threatpost) The two apps are created by headset software company Sennheiser HeadSetup.
Dell Warns of Attempted Breach on Network (Threatpost) The company said it has reset passwords for all Dell.com customers.
Dell.com resets all customer passwords after cyber attack: statement (Reuters) Dell Inc said on Wednesday that it reset passwords for all accounts on its Dell....
NUUO Firmware Vulnerabilities Disclosed by Digital Defense, Inc. Researchers (Digital Defense) Digital Defense, Inc., a leading security technology and services provider, today announced that its Vulnerability Research Team (VRT) discovered a previously undisclosed vulnerability in NUUO NVRmini2 Network Video Recorder firmware.
NUUO Firmware Disclosure (Digital Defense) Digital Defense, Inc. is disclosing a vulnerability identified in NUUO NVRmini2 Network Video Recorder devices discovered by our Vulnerability Research Team (VRT). We commend NUUO for their prompt response to the identified flaws and their engineering team’s work with VRT to provide fixes for these cyber security issues.
New industrial espionage campaign leverages AutoCAD-based malware (ZDNet) Researchers warn about industrial espionage group targeting companies in the energy sector with AutoCAD-based malware.
Industry Reactions to USPS Exposing User Data (SecurityWeek) Industry professionals comment on reports that a vulnerability in an API used by USPS exposed the data of 60 million customers
Pro-Bernie group hacked in quarter-million-dollar email scam (POLITICO) Our Revolution had raised the money to help a Native American tribe fight an oil pipeline.
Hacker Steals Crypto from Copay Wallets Apps (Infosecurity Magazine) Attacker uses malicious code to gain legitimate access to JavaScript library EventStream.
Make-A-Wish Website Victim of Cryptojacking Attack (Security Boulevard) Cybercriminals recently compromised the website of the Make-A-Wish Foundation, inserting a cryptomining script, also known as cryptojacking.
The new threats: trust attacks and AI malware (Computing) The latest methods are designed to manipulate, not destroy, says Darktrace
The Nature of Mass Exploitation Campaigns (Threatpost) Examples of how attackers carry out mass exploitation campaigns and how to defend against them.
How bring-your-own-land attacks are challenging enterprises (SearchSecurity) Researchers at FireEye developed a bring-your-own-land approach that endpoint security tools can't detect. Learn how this is possible, what can be done to mitigate these attacks and how enterprises can stay safe with expert Nick Lewis.
Cyber Trends
7 trends driving enterprise IT transformation in 2019 (Verizon) Verizon Enterprise Solution’s view of those enterprise technology trends that are most likely to impact our global business and government customers in 2019
Cybersecurity Threats Keep Evolving, Research Shows (eSecurity Planet) We examine 11 important cybersecurity research reports released in November -- and the controls organizations should consider.
What do AI, blockchain and GDPR mean for cybersecurity? (ABA Journal) Emerging technologies will affect cybersecurity in the coming years. Artificial intelligence and blockchain will play pivotal roles in data protection, creating new solutions, risks and regulatory headaches.
Real estate companies are prime targets for cyber attacks (Inman) A new report found that real estate companies suffered 54 cyber attacks on average this quarter. Here's why and what to do defend against them
Cyberkriminelle haben leichtes Spiel beim Weihnachtsshopping (UNN) G DATA Umfrage zeigt, dass vor Weihnachten viele Käufer die Datensicherheit beim Onlinekauf auf die leichte Schulter nehmen
Marketplace
Personnel Issues are Stymieing Pentagon's Cybercapabilities (The Daily Signal) Tech businesses often offer hard-to-beat salaries and benefits, and can onboard new people much faster than the sluggish government clearance process.
Venafi Secures $100M Financing Round Led by TCV (BusinessWire) New funding to accelerate growth and support new Machine Identity Protection Development Fund
Corvus Raises $10 Million Series A (PRWeb) Boston-based InsurTech company, Corvus, announced a $10 million Series A investment led by .406 Ventures and Hudson Structured, along with expanded funding from...
Facebook Needs A Cybersecurity Clean-Up, CyberArk Is The Company For The Job (Seeking Alpha) Facebook management faces a continuing onslaught of criticism for its data crisis and mismanagement, turning the crisis into a calamity with calls for resignati
A Plan to Turn New York Into a Capital of Cybersecurity (New York Times) With online dangers nearly everywhere, a partnership will work with local universities and global tech firms to make Manhattan a hub for data protection.
Nutanix chief slams VMware for dodging 'head-to-head' competition (CRN Australia) Claims competitor avoids Nutanix in proof of concept accounts.
Boeing Wins $383M Protected Tactical Enterprise Service Deal (Zacks Investment Research) Boeing's (BA) PTES system provides secure communications to war fighters for availing connectivity in contested environments without getting their location identified.
Products, Services, and Solutions
Surfshark - the first VPN to implement IKEv2/IPsec on its Windows app (Surfshark) Our native VPN app for Windows from now on is powered by fast and modern security protocol IKEv2/IPsec! It provides many benefits for users - from increased initial connection speeds to a longer battery life.
Ayehu Launches Global Partner Program to Support Increasing Demand for Intelligent Automation (GlobeNewswire News Room) Program Empowers Growing Community of MSPs, OEM Partners and SIs with AI-Powered IT Automation Resources, Tools, Education and Support
CIS Introduces its First Hardened Container Image for Secure Applications in the Cloud (Sys-Con Media) Initial Configuration Now Available on AWS Marketplace for Containers
Qualys Integrates with Amazon Web Services Security Hub to Provide Users with Vulnerability and Compliance Visibility (Qualys) Extends Protection for Amazon Web Services workloads and infrastructure against critical vulnerabilities, threats from public exploits, and non-compliant deployments
Nutanix introduces Xi Cloud Services for the multicloud era (Help Net Security) Nutanix Xi Cloud Services suite gives IT teams the freedom to run their applications on the optimal platform, not restricted by technology limitations.
DriveSavers introduces the Passcode Lockout Data Recovery service for consumers (Help Net Security) DriveSavers' Passcode Lockout Data Recovery service aids with lockouts and forgotten passwords on encrypted, password-protected smartphones and tablets.
Keyfactor and Gemalto Collaborate to Deliver Secure Identity Services (IoT Evolution World) New integrated solution enables companies to confidently move certificate management and IoT security to the cloud
The French Ministry of Interior Selects Gemalto to Secure Critical Communication Mobile Networks (BusinessWire) The French Ministry of Interior has selected Gemalto, the world leader in digital security, to deliver robust connectivity and security in next-genera
noHold's AI Platform Complies with Top Industry Standards (PR Newswire) Security and compliance are key components to any successful business. According to Gartner, "Through 2022, at...
Technologies, Techniques, and Standards
Germany proposes security guidelines for routers, but not everybody is happy (Bitdefender) Anyone who has been reading the computer security headlines in recent years knows that there is a raging battle going on for control of home and SOHO broadband routers. Online criminals have woken up to the power they can exert through hijacking large numbers of routers into botnets, launching devastating distributed denial-of-service (DDoS) attacks, stealing …
Proofs of Concept Abusing PowerShell Core: Caveats and Best Practices (TrendLabs Security Intelligence Blog) We explored proofs of concept (PoCs) that would help in better understanding and preventing possible and future PowerShell Core-based threats.
Incorrect Assessments of Data Value Putting Organizations at Risk (Dark Reading) Information security groups often underestimate or overestimate the true value of data assets, making it harder to prioritize controls.
Three ways artificial intelligence can improve cybersecurity (Fifth Domain) Federal agencies should utilize AI technologies to gain more actionable insights
When to Cut Your Losses on a Wasteful Security Project (SecurityWeek) Organizations need to continually evaluate where each effort stands in relation to its allotted budget and schedule, along with the value it brings to the organization’s security posture.
Keeping data swamps clean for ongoing GDPR compliance (Help Net Security) The increased affordability and accessibility of data storage over recent years can be both a benefit and a challenge for businesses. While the ability to
Career advice: Good enough security trumps best security (CSO Online) The realization that most of the world doesn’t want the best security will help you advance in your security career.
Is security the real stuff of nightmares? (Help Net Security) With more customer data gathered and stored than ever before, the risk of implementing a sub-par security strategy effects every level of the organisation.
Agencies Will Soon Have a Cyber Hygiene Score—And Will Know Where They Rank (Nextgov.com) The AWARE score will be based on data from agencies’ continuous monitoring tools and will give the Homeland Security Department a holistic view of the government’s cybersecurity posture.
Hot fuzz: Bug detectives whip up smarter version of classic AFL fuzzer to hunt code vulnerabilities (Register) Flaw-spotting toolkit already has 42 zero-days to its name
The extreme ways people protect themselves from hacks (CNN) Facebook CEO Mark Zuckerberg famously covers up his laptop's webcam with a sticker. But some people are taking personal security a step further.
Design and Innovation
The greatest security innovations of 2018 (Popular Science) Safety happens by the inch, through a relentless effort to stop the simple vulnerabilities that can lead to major threats—on our doorsteps, overseas, and in our streets.
Research and Development
DARPA, BAE to develop AI for interpreting radio-frequency signals (UPI) DARPA has selected BAE Systems to develop machine learning algorithms to decipher radio frequency signals for protection against enemy hacking and jamming attempts.
This is when AI’s top researchers think artificial general intelligence will be achieved (The Verge) Short answer: maybe within our lifetimes, but don’t hold out.
Legislation, Policy, and Regulation
Putin Accuses Poroshenko Of Electoral Ploy As Ukraine Imposes Martial Law (RadioFreeEurope/RadioLiberty) Martial law came into force across a large swath of Ukraine on November 28, following a clash at sea that Kyiv called an "act of aggression" by Moscow and Russian President Vladimir Putin claimed was a ploy to boost his Ukrainian counterpart's popularity ahead of an election in March.
NATO Readies for Cyber Threats With Wargames on Russian Doorstep (Bloomberg) Alliance gathers in neighboring Estonia to simulate attacks. Cyber increasingly seen as element of hybrid military tactics.
When South American nations look for cyber help, China looms (Fifth Domain) Cyber Command is partnering with countries in South America for cybersecurity, but is bring threatened by China.
U.K. cybersecurity agency mounts transparency push (NBC News) The goal is to prevent cyberattacks like "WannaCry," which paralyzed computer systems around the world in May 2017.
GCHQ and the NCSC publish the UK Equities Process (GCHQ) To disclose or not to disclose, that is the question.
Defense officials taking advantage of new cyber authorities (Fifth Domain) New authorities allow DoD to act faster and respond quicker to activities in cyberspace.
An Outcome-Based Analysis of U.S. Cyber Strategy of Persistence & Defense Forward (Lawfare) The new U.S. Cyber Command vision and the Department of Defense Cyber Strategy embody a fundamental reorientation in strategic thinking.
Congress has refused to restore net neutrality as Dec. 10 deadline nears (Ars Technica) There's almost no Republican support for forcing vote to restore net neutrality.
Trump nominees testify before Senate panel on plans for election agency (TheHill) A pair of President Trump's nominees for a federal election agency testified before a Senate panel Wednesday on their plans to help state and local officials administer elections.
FCC Gets Complaint: Proposed Ham Radio Rules Hurt National Security (Hackaday) On November 10th, [Theodore Rappaport] sent the FCC an ex parte filing regarding a proposed rule change that would remove the limit on baud rate of high frequency (HF) digital transmissions. Accord…
Estonia’s CIO Tackles AI Strategy For Government (Wall Street Journal) As artificial intelligence weaves itself into the fabric of government services in the small Northern European country of Estonia, the government’s top technology executive says it’s necessary to formalize a strategy for how the technology should be used.
Litigation, Investigation, and Law Enforcement
Ransomware Suspects Indicted (Federal Bureau of Investigation) Two Iranian men were indicted in connection with the deployment of the sophisticated and sinister SamSam ransomware that crippled the operations of critical facilities in the U.S. and Canada.
Federal Indictments in SamSam Ransomware Campaign (Dark Reading) Two Iranian nationals have been indicted on multiple counts by a federal grand jury in connection with the SamSam ransomware attacks that struck government, critical infrastructure, and healthcare organizations.
DOJ Indicts Hackers for Ransomware That Crippled Atlanta (WIRED) SamSam ransomware has plagued the city of Atlanta, multiple hospitals, and other institutions across the US. The feds now think they know who did it.
U.S. Targets Iranian Hackers for Laundering Bitcoin In Connection to Major Ransomware Attack (Wall Street Journal) The U.S. Treasury Department imposed sanctions on two Iranian men the administration said laundered ransomed bitcoin from a major cyberattack that hit U.S. cities, hospitals and other critical networks.
U.S. Treasury Adds Digital Currency to Means of Identifying Sanctions Targets (Wall Street Journal) The move came as part of a joint action with the U.S. Justice Department in which prosecutors announced charges against an Iranian hacking cell allegedly running a ransomware scheme. The Treasury put sanctions on two men it said had laundered the millions of dollars worth of bitcoin gained from the scheme.
Analysis | The Cybersecurity 202: Justice Department's charges against Iranian hackers are a step forward (Washington Post) But holding them accountable could be tricky.
2 Iranian hackers charged in ransomware attack on MedStar, others (Maryland Daily Record) Two Iranian computer hackers were charged Wednesday in connection with a multimillion-dollar cybercrime and extortion scheme that targeted government agencies, cities and businesses…
Facebook Considered Charging for Access to User Data (Wall Street Journal) Facebook considered charging third parties for access to user data several years ago, company emails show. Such a move would have departed from its policy against selling such data, court filings in a lawsuit against the company indicate.
Facebook staff discussed selling API access to apps in 2012-2014 (TechCrunch) Following a flopped IPO in 2012, Facebook desperately brainstormed new ways to earn money. An employee of unknown rank sent an internal email suggesting Facebook charge developers $250,000 per year for access to its platform APIs for making apps that can ask users for access to their data. Employee…
Analysis | A visual guide to the Roger Stone-WikiLeaks side of the Russia investigation (Washington Post) A complicated set of interactions over the course of 2016.
As he heads to jail, George Papadopoulos says he met Israeli cyber-security exec (Times of Israel) Shai Arbel, co-founder of Terrogence counterterrorism firm, confirms he had 'routine business meet' last year with the Trump probe convict and with Israeli businessman George Tawil
Bipartisan Senate duo asks White House to investigate ZTE's work in Venezuela (TheHill) A bipartisan pair of senators is asking the White House to look into whether the Chinese telecommunications firm ZTE violated U.S. sanctions by helping Venezuela track and monitor its citizens.
DOJ made secret arguments to break crypto, now ACLU wants to make them public (Ars Technica) In MS-13 case, ACLU is challenging sealing of DOJ filings, judge's order.
Black box data shows pilots fought control system in Indonesia crash (Ars Technica) Flight data shows bad sensor data kept forcing nose of aircraft down.
School district fails to reclaim $120,000 wired by bank to scammer (HOTforSecurity) A school district in Indiana which had $120,000 transferred from its bank account after its email account was hacked, has failed in an attempt to reclaim the cash. The problems for Lake Ridge Schools began in October 12 2016 when money earmarked for part of a seven... #fraud #school #wirefraud
Prisoners stole more than $500K from troops through dating app sextortion ring (Military Times) NCIS agents executed arrest warrants Wednesday in connection to a sextortion ring that has victimized hundreds of service members.
Symantec Tries To Delete Cyber Lab’s Antitrust Suit (Law360) Symantec Corp. on Monday urged a California federal judge to toss an antitrust suit accusing it and other cybersecurity firms of conspiring to boycott a software lab because its testing would reveal serious flaws in their own products.
Symantec comes out in swinging in bitter legal battle over security bug audit conspiracy claims (Register) Profit driving NSS claims of industry boycott, antivirus makers swear