Cyber Attacks, Threats, and Vulnerabilities
SBU blocks cyber attack of Russian special services on Ukraine’s judicial branch (Kyiv Post) Employees of the Security Service of Ukraine have blocked the attempt of the Russian special services to implement a large-scale cyber attack on information and telecommunication systems of the judicial authority of Ukraine.
СБУ блокувала спробу російських спецслужб провести кібератаку на інформаційно-телекомунікаційні системи судової влади України (Служба безпеки України) Співробітники Служби безпеки України блокували спробу російських спецслужб провести масштабну кібератаку на інформаційно-телекомунікаційні системи судової влади України.
Cyber security: Hackers step out of the shadows with bigger, bolder attacks (ZDNet) Successful hacking campaigns used to be all about keeping under the radar. But, for some, making a big splash is now now more important than lurking in the shadows.
GreyEnergy threat actors go to great lengths to hide malware campaign (The Daily Swig | Web security digest) Research gives fresh technical insight into stealth malware claimed to be targeting industrial control systems
No Smoking Gun Tying Russia to Spear-Phishing Attack, Microsoft Says (SecurityWeek) There is not enough evidence to attribute a recent wave of spear-phishing emails impersonating personnel at the United States Department of State to Russian hackers, Microsoft says.
Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers (Microsoft Secure) Reuters recently reported a hacking campaign focused on a wide range of targets across the globe.
National Republican Congressional Committee says it was hacked during this year’s election cycle (Washington Post) The breach exposed emails but it’s not immediately clear who was responsible.
Exclusive: Emails of top NRCC officials stolen in major 2018 hack (POLITICO) Republican leaders were not informed until POLITICO contacted committee officials about the incident.
Analysis | The Cybersecurity 202: Russia is trying to undermine Americans’ confidence in the justice system, security experts warn (Washington Post) These apparent efforts have drawn far less scrutiny than election interference.
Canada’s Spy Chief Warns of Economic Espionage (Wall Street Journal) CSIS head David Vigneault, Canada’s top spy, said state-sponsored economic espionage and cyber threats pose a greater challenge to the country than terrorism. He also warned of the possibility of foreign interference in Canada’s national election next year.
China could exploit technology to spy on consumers, say experts (Times) Chinese companies such as the telecoms giant Huawei could spy on Western consumers thanks to their dominance of the technology behind the new 5G superfast mobile network, a US congressional...
STOLEN PENCIL Campaign Targets Academia (Arbor Networks Threat Intelligence) Executive Summary ASERT has learned of an APT campaign, possibly originating from DPRK, we are calling STOLEN PENCIL that is targeting academic institutions since at least May 2018. The ultimate motivation behind the attacks is unclear, but the threat actors are adept at scavenging for credentials. Targets are sent
The CoAP protocol is the next big thing for DDoS attacks (ZDNet) CoAP DDoS attacks have already been detected in the wild, some clocking at 320Gbps.
Major flaws uncovered in leading IoT protocols (Help Net Security) Trend Micro highlights the growing threat of industrial espionage, denial-of-service and targeted attacks by abusing these protocols.
Hide ‘N Seek Botnet expands (Security Boulevard) Written by Adolf Středa and Jan Neduchal
This phishing scam group built a list of 50,000 execs to target (ZDNet) CEO fraud group has a big list of potential victims; just hope you aren't on it.
Malware Dropper Supports a Dozen Decoy Document Formats (SecurityWeek) The CARROTBAT malware dropper has the ability to use nearly a dozen decoy document file formats to drop various payloads, security researchers warn.
Foreign Trolls Are Targeting Veterans on Facebook (WIRED) Opinion: The VA needs to take preventative measures to protect vets—and more broadly, our democracy—from digital manipulation and fraud.
FBI: Watch out for Iranian SamSam malware (Fifth Domain) The U.S. government is warning critical infrastructure firms to protect themselves from the SamSam virus that has caused more than $30 million in damages.
Ransomware Infects 100K PCs in China, Demands WeChat Payment (BleepingComputer) Over 100,000 thousand computers in China have been infected in just a few days with poorly-written ransomware that encrypts local files and steals credentials for multiple Chinese online services.
Google personalizes search results even when you’re logged out, new study claims (The Verge) A study, albeit from competitor DuckDuckGo, finds that Google search results can vary significantly.
Google SearchLiaison on Twitter (Twitter) “Over the years, a myth has developed that Google Search personalizes so much that for the same query, different people might get significantly different results from each other. This isn’t the case. Results can differ, but usually for non-personalized reasons. Let’s explore…”
Kubernetes cloud computing bug could rain data for attackers (Naked Security) Kubernetes, a tool that powers much modern native cloud infrastructure, just got its first big security bug – and it’s a mammoth one.
‘London Blue’ cybercriminals turn to industrial-scale email scam (Cyberscoop) Criminals tied to "London Blue" have used data brokers to compile a 50,000-person target list for their business email compromise scam.
London Blue Report (Agari) A criminal organization with members in the United Kingdom targeted Agari. See how Agari used active defense to hit back and take down these cybercriminals.
Cyber Monday: The biggest day for cyberattacks? Not by a long shot. (Zscaler) Cyber Monday analysis: the biggest shopping day, but not the biggest day for phishing.
Marriott Hack Shows Risks Of Lax Cyber Diligence In Mergers (Law360) When hotel giant Marriott International Inc. merged with rival Starwood Hotels in 2016, it also unwittingly bought a reservation database where the company said Friday intruders were lurking undetected, illustrating the risks of missing cybersecurity gaps during due diligence.
Marriott Breach Exposes Far More Than Just Data (Forbes) Marriott International's recent data breach has affected up to 500 million people, but while the fallout could expose far more than just data, fortunately we're already on the right path.
How do L1TF vulnerabilities compare to Spectre? (SearchSecurity) L1TF vulnerabilities exploit Intel processors via side-channel attacks. Learn more about the new Foreshadow vulnerability and its variations from expert Michael Cobb.
Printeradvertising.com Spam Service Claims It Can Print Anywhere (BleepingComputer) In order to prevent this type of mischief, network enabled printers should never be connected to the Internet. Allowing them to do so only allows malicious actors to send any type of print document to your network, including pornography that could land you in trouble.
Rudy Giuliani’s typo became an anti-Trump message. He blamed Twitter, but this Atlanta man pranked him. (Washington Post) All Jason Velazquez needed was about $6 and 15 minutes.
Those are NOT your grandchildren! FTC warns of new scam (Naked Security) Grandkid imposters are managing to finagle a skyrocketing amount of money out of people, the FTC warns.
Security Patches, Mitigations, and Software Updates
Google Patches 11 Critical RCE Android Vulnerabilities (Threatpost) Google’s December Android Security Bulletin tackles 53 unique flaws.
Critical Kubernetes privilege escalation flaw patched, update ASAP! (Help Net Security) A critical privilege escalation vulnerability affecting open source cluster management and container orchestration software Kubernetes has been patched.
Windows 10 version 1809 is incompatible with Morphisec anti-malware (HackRead) Another day, another Windows 10 update issue – This time it includes security software.
A Breach, or Just a Forced Password Reset? (KrebsOnSecurity) Software giant Citrix Systems recently forced a password reset for many users of its Sharefile content collaboration service, warning it would be doing this on a regular basis in response to password-guessing attacks that target people who re-use passwords across multiple Web sites.
It looked like a Citrix ShareFile phishing attack, but wasn't (Graham Cluley) Guest contributor Bob Covello isn't happy about a password reset email that Citrix has been sending its customers.
Cyber Trends
Cyber Criminals are Taking Advantage of Lax Security on IoT Devices: Nokia Report (Pro Pakistani) The use of malicious software to attack IoT devices like smart home security monitoring systems is rising rapidly and growing
80% of enterprises struggle to protect machine identities (Help Net Security) Most believe effective protection of machine identities is critical to the long-term security and viability of their companies.
The Likelihood of a Cyber Attack Compared (Varonis Blog) The chances of experiencing a cyber attack are higher than you'd think. Take a look as we compare the odds.
Experian predicts 2019’s top cyber threats (PropertyCasualty360) The company’s sixth-annual 'Data Breach Industry Forecast' broaches such topics as cloud attacks and biometric hacking.
5 major data breach predictions for 2019 (TechRepublic) Biometrics and gaming are just a couple of the new cyberattack vectors professionals can expect in 2019. Here is what else to look out for.
60 Cybersecurity Predictions For 2019 (Forbes) 60 predictions for cybersecurity in 2019 reveal the state-of-mind of key industry participants from artificial intelligence (AI) helping both attackers and defenders to data privacy, the cloud, IoT, and the emerging global cyber war conducted by terrorists, criminals, and nation-states.
Venafi Study: Financial Services IT Pros Overconfident in Machine Identity Protection (BusinessWire) 71% of IT professionals believe machine identities are central to company security and viability, but few machine identities are tracked
Retail, Transportation Among Industries Most Impacted by AI (Wall Street Journal) Companies in the retail, automotive, and aerospace and defense sectors are likely to be the most transformed by artificial intelligence, UBS says.
Marketplace
DISA Outlines Plans to Wall Off the Public Internet (Nextgov.com) The agency extended the deadlines for vendors to submit white papers for the cloud-based system.
BT to bin Huawei hardware from 4G networks and bar it from 5G bids (Computing) EE to be brought into line with BT policy to only use Huawei at the edge of its telecoms infrastructure
Shipbuilding giant Huntington Ingalls acquires Maryland cyber company G2, Inc. (Technical.ly Baltimore) Annapolis Junction–based G2 is joining Huntington Ingalls' professional services division.
Mega-merger aligns physical & digital security across A/NZ (Channel Life) Optic Security Group is the name of one of A/NZ’s latest mega-mergers in the physical and digital security space, bringing combined revenues in excess of A$100 million to the table.
Firmware Security Firm Eclypsium Raises $8.75 Million (SecurityWeek) Firmware security company Eclypsium raises $8.75 million in a Series A funding round, which brings the total raised by the firm to date to over $11 million.
Pindrop raises $90M to bring its voice-fraud prevention to IoT devices and Europe (TechCrunch) When it comes to how humans communicate with each other or with machines, voice is a major interface, with growth in the latter fuelled by the rise of artificial intelligence, faster computing technology and an explosion of new devices — some of which only, or primarily, work with voice comma…
O2 Networks founders and former Telstra directors reveal new managed security practice (CRN Australia) Sold O2 Networks to Telstra for $40 million.
Siemens looks for faster growth in 'smart' buildings, eyes acquisitions (WSAU) Siemens wants to grow its building technologies business faster than the overall construction market next year, possibly with help from acquisitions, the business' chief executive Matthias Rebellius said on Tuesday.
Safe-T Announces Agreements With Israeli Government Agency, Insurance Company and Technology Company | Markets Insider (markets.businessinsider.com) Safe-T Group Ltd. (NASDAQ: SFET) (TASE: SFET), a leading provider of software-defined access solutions for th...
Manhole Covers That Spy? Saudi Surveillance Cities Are Being Built With American And British Tech (Forbes) Saudis are buying up a load of surveillance tech, from facial recognition to manhole covers that can spy on people nearby. And it's Western companies who are selling, despite the furor around the Khashoggi murder.
The National Cyber Security Alliance Appoints Kelvin Coleman as Executive Director (PR Newswire) The National Cyber Security Alliance (NCSA) today announced that former government cybersecurity expert Kelvin Coleman ...
Products, Services, and Solutions
CyberX and GE to Strengthen Cybersecurity for the Industrial Internet of Things (IIoT) (GlobeNewswire News Room) CyberX Platform Enables Digitization and Industry 4.0 with Reduced Cyber Risk
Wapack Labs LLC Introduces RedXray (PR Newswire) Wapack Labs LLC, http://www.wapacklabs.com, announced today that their new service RedXray is now available for...
Juniper Networks updates JATP Appliances to prioritize cyber threats from any security source (Help Net Security) Updates to the JATP Appliances leverage third-party firewalls and security data sources to offer enterprises a defense against malicious activity.
Cylance Extends Automated Detect-and-Respond Capabilities in the Enterprise (BusinessWire) Intelligent AI Platform Incorporates Workflow Integration to Improve Operating Efficiencies and Speed the Adoption of EDR Technologies
Grange Insurance offers enhanced consumer coverage against cyber attack (Mobile Payments Today) Grange Insurance announced will offer consumers expanded coverage against hacking threats through its new Home Cyber Protection coverage. The company has previously offered insurance to protect a customer’s identity if they were the victims of an attack, but the expanding...
Israeli Cyber Security Firm Offers Free Software to Hotel Industry Through 2019 Following Marriott Breach (Jewish Press News) "Companies must find new and improved ways of storing critical customer data."
British start-up hopes to transform contactless payments with smart ring (Breaking News) Visa-supported McLear Smart Ring aims to put people’s wallet on their hand.
Carbon Black adds MITRE ATT&CK feeds to security products (Security Brief) The new threat feeds map directly to the various attack tactics outlined by MITRE.
Bank Islam Brunei Darussalam Chooses Rambus to Secure Mobile Payments (Rambus) BIBD enables cardholders to pay securely on mobile devices with Rambus Token Service Provider solution SUNNYVALE, Calif. & BANDAR SERI BEGAWAN, Brunei Darussalam – December 5, 2018 – Rambus Inc. (NASDAQ: RMBS) a leader in digital security, semiconductor and IP products and services, today announced that Bank Islam Brunei Darussalam (BIBD), the largest bank in Brunei, has …
Intelligo does constant background checks on your trusted employees (TechCrunch) As a former Arby’s sandwich artist I understand the value of a background check. Had I not been investigated back at age 16 no one at the restaurant would have known I was a lapsed Boy Scout and read Stephen King novels. But what would have happened had I taken up a life of petty […]
Technologies, Techniques, and Standards
The Air Force wants electronic warfare options, not more studies (C4ISRNET) The Air Force’s in-depth study on the future of electronic warfare and electromagnetic spectrum has not yet been briefed to the service’s leadership, but is already leading to incremental improvements.
Network Visibility: Can You Analyze Encrypted Traffic for... (Bricata) We get this question a lot: Can you analyze encrypted traffic for cyber threats? It just came up again during the question and answer section of our most recent webinar about threat hunting, so we thought it would be useful to answer it here. The short answer is yes, you... #broids #encryption #ids
Cybersecurity Storms: Visibility is Key to Cyber Protections (SecurityWeek) Security teams need to maintain packet-level visibility into all traffic flowing across their networks, even if it encrypted so that they can spot bad actors.
Business Outcomes for Automated Phishing Response (SecurityWeek) Stan Engelbrecht shares the typical business outcomes experienced by a security team and shows the simple mathematical approach that can help estimate the effect of automation in your Security Operations Center.
Collaboration and Information Sharing Should Also Happen Internally (SecurityWeek) Similar to sharing information externally, doing so internally—and effectively—can be challenging and requires ongoing adjustments, clear objectives, and enterprise-wide support.
What is a VPN Connection? A Beginners Guide for VPN Newbies (VPN Geeks) What is a VPN? Many people have the same question, so we decided to create a simple guide that explains everything to do with VPN's.
GigaOm Reviews Multi-Cloud Object Storage and Data Mobility Systems (PR Newswire) "Organizations that are adopting hybrid or multi-cloud should pay particular attention to how data is stored and...
Exercise Simulates Cyber Attack In Greeneville (Greeneville Sun) Smaller municipalities and rural counties are just as vulnerable to cyberattack as their larger counterparts.
How to Get Your Employees on Board with Cyber Security (FinSMEs) Companies invest in tech to bolster defences; however, it's an unintentional social engineering attacks that can impact the company if successful
Research and Development
DHS is Exploring How Blockchain Can Stop Counterfeits and Forgeries (Nextgov.com) The agency is funding research that uses blockchain to make sure people are who they claim to be.
Legislation, Policy, and Regulation
Can the West Prevent the Slow Strangulation of Ukraine? (Foreign Affairs) Much will depend on the West’s collective readiness to confront Russian aggression in Ukraine after the November 25 incident in the Black Sea.
Avoiding A World War Web: The Paris Call for Trust and Security in Cyberspace (Lawfare) French President Emmanuel Macron’s new cyber initiative is a welcome framework for negotiations on values and norms of behavior in cyberspace.
Europe dials up pressure on tech giants over election security (TechCrunch) The European Union has announced a package of measures intended to step up efforts and pressure on tech giants to combat democracy-denting disinformation ahead of the EU parliament elections next May. The European Commission Action Plan, which was presented at a press briefing earlier today, has fo…
Security ties with Europe to be strengthened despite Brexit – MI6 chief (Breaking News) Alex Younger also warned Russia and other rogue states not to underestimate the UK’s capabilities.
Coalition and Labor do deal on law enforcement access to encrypted messages (the Guardian) Bill could pass this week after government agreed to restrict new powers to serious crimes
Australia Set to Pass Sweeping Cyber Laws Despite Tech Giant Fears (SecurityWeek) Australia's two main parties passed sweeping cyber laws requiring tech giants to help government agencies get around encrypted communications used by suspected criminals and terrorists.
Encryption Debate a Hostage to Aussie Politics (CDOTrends) Privacy is being held hostage by politics creating a situation where no one wins.
Analysis | The Cybersecurity 202: British intelligence officials propose way to access encrypted group chats (Washington Post) Just add law enforcement as a "silent" user, they say.
Qatar prepared to face cybersecurity threats (Gulf-Times) HE the Minister of Transport and Communications Jassim Seif Ahmed al-Sulaiti stressed that the ministry’s annual cybersecurity drills contribute to raising the efficiency and readiness of various institutions and companies in Qatar to address cyber attacks.
Securing America’s Connected Infrastructure Can’t Wait (War on the Rocks) Electrical grid blackouts, traffic light malfunctions, air traffic control failures, production plants gone haywire — for a while, such events were merely
TSA unveils cyber roadmap (FCW) The Transportation Security Administration's new cybersecurity roadmap calls on the agency to communicate better with stakeholders in aviation, mass transit, freight rail, motor carrier and pipeline sectors, and take a hand in protecting data collected on travelers.
DOT CIO Hildebrand to leave (Federal News Network) Vicki Hildebrand, the Transportation Department chief information officer, told staff Tuesday that she needs to spend more time at home in Vermont to help with ailing family members.
Litigation, Investigation, and Law Enforcement
Prosecutors recommend no prison time for Michael Flynn, Trump’s former national security advisor (San Diego Union Tribune) Prosecutors will recommend a sentence for Michael T. Flynn, President Trump's former national security advisor, on Tuesday. The former Army lieutenant general pleaded guilty last December to lying about his conversations with Russia's ambassador during the presidential transition.
Trump campaign aide Sam Nunberg to meet with Senate Intelligence Committee in January (Washington Post) It is the latest sign that the panel's investigation into Russian efforts to interfere with the 2016 presidential election is going to carry into the new year.
14 Trump and Russia Questions Robert Mueller Knows the Answers To (WIRED) The Russia investigation's known unknowns give valuable hints about the special counsel's next moves.
U.K. Releases Internal Facebook Emails Deliberating Selling Data (Wall Street Journal) The U.K. Parliament released internal Facebook emails that lawmakers said show how executives at the social-media company, including Chief Executive Mark Zuckerberg, gave some developers special access to user data and contemplated charging developers for data access.
Marriott facing lawsuits after data breach impacting up to 500 million customers (International Business Times) The affected customer filed lawsuits in the state of Oregon and Maryland seeking $12.5 billion in damages.
Schumer Says Marriott Should Pay to Replace Hacked Passports (SecurityWeek) Sen. Chuck Schumer says Marriott hotel should pay for new passports for customers whose passport numbers were hacked as part of a massive data breach.
Marriott will pay for new passports after data breach ‘if fraud has taken place’ (Washington Post) Hackers compromised the personal information of 500 million Marriott guests.
Google CEO Sundar Pichai will testify to Congress on Dec. 11 (Washington Post) Google chief executive Sundar Pichai is now slated to testify to Congress on Tuesday, December 11, after lawmakers rescheduled their original hearing in light of former President George H.W. Bush's death.
AOL Agrees to Pay Largest Ever Settlement Under Children's Privacy Law (New York Law Journal) The violations have to do with several ad exchanges that AOL operates and other exchanges the company used to place ads.
Hawaii-based soldier who tried to help Islamic State gets 25-year sentence (Army Times) A soldier based in Hawaii was sentenced Tuesday to 25 years in prison for trying to help the Islamic State group.
Senators accuse Saudi crown prince of complicity in Khashoggi’s killing (Washington Post) After a briefing from the CIA director, lawmakers said the evidence of Mohammed bin Salman’s involvement was overwhelming.
Jamal Khashoggi's private WhatsApp messages may offer new clues to killing (CNN) In his public writings, Jamal Khashoggi's criticism of Saudi Arabia and its Crown Prince Mohammed bin Salman was measured. In private, the Washington Post columnist didn't hold back.
Mohammed bin Salman Is Worse Than a Criminal. He's a Symbol. (Foreign Policy) Why is everyone so angry about Saudi Arabia's crown prince? Jamal Khashoggi is only a small part of the story.
The Scourge of the Red Notice (Foreign Policy) How some countries use Interpol to go after dissidents and debtors.
Health app traps gay pharmacist who killed wife (Times) A pharmacist who killed his wife to start a new life with his gay lover was caught out by an app on his phone. Mitesh Patel, 37, planned to claim his wife Jessica’s £2 million life assurance and...
An internet to protect the internet? (Federal News Network) Now higher on the intellectual property theft food chain are industrial products and integrated circuits, which can weaken national security.