Cyber Attacks, Threats, and Vulnerabilities
Exclusive: Clues in Marriott hack implicate China - sources (Reuters) Hackers behind a massive breach at hotel group Marriott International Inc left c...
Revealed: Marriott's 500 Million Hack Came After A String Of Security Breaches (Forbes) Security breaches have rained down on Starwood in recent years, according to cybersecurity researchers. They could've been a warning about the megabreach that was to come.
IT Security Lessons from the Marriott Data Breach (eSecurity Planet) 500 million people are at risk because of a data breach at Marriott's Starwood hotel chain. What steps can your organization take to limit the risk of suffering the same fate?
Russian Hospital Targeted With Flash Zero-Day After Kerch Incident (SecurityWeek) Flash Player zero-day vulnerability CVE-2018-15982 used to target hospital of the Russian presidential administration. Attack possibly related to the recent Kerch Strait incident involving Russia and Ukraine.
Adobe fixes zero-day Flash bug after attackers target Russian clinic with exploit (SC Media) Adobe has issued a Flash Player Update following the discovery of a critical vulnerability that attackers were exploiting in a phishing operation.
New Flash Player zero-day used against Russian facility (Malwarebytes Labs) An APT group is using a new Flash Player zero-day that was used a lure targeting a Russian-based clinic
Phishing at centre of cyber attack on Ukraine infrastructure (ComputerWeekly.com) Phishing is one of the key tools used by cyber attackers against critical national infrastructure (CNI), as highlighted by attacks on telecommunications in Ukraine.
DHS Says SamSam Ransomware is Targeting Critical Infrastructure Entities (SecurityWeek) The DHS and FBI issued an alert on activity related to SamSam, one of the most prevalent ransomware families at the moment.
Syrian Electronic Army Hackers Are Targeting Android Phones With Fake WhatsApp Attacks (Forbes) The Syrian Electronic Army is still hacking and has started focusing on Android smartphones.
Malicious Chrome extension which sloppily spied on academics believed to originate from North Korea (The State of Security) Computer users are being reminded once again to take care of the browser extensions they install after security experts discovered a hacking campaign that has been targeting academic institutions since at least May 2018.
Republicans Hired DNC’s Cyber-Firm CrowdStrike, Got Hacked in 2018 (Daily Caller) 'I just hate CrowdStrike so much'
M2M Protocols Expose Industrial Systems to Attacks (SecurityWeek) Malicious actors could abuse machine-to-machine (M2M) protocols such as MQTT and CoAP in attacks aimed at IoT and industrial IoT systems.
Cisco reveals critical license manager vulnerability (CRN Australia) Could allow attackers to delete data or gain shell access.
Campaign evolution: Hancitor changes its Word macros (SANS Internet Storm Center) Hancitor malspam was active today on 2018-12-05, and it went back to the older style of macros.
The Dark Side of the ForSSHe: Shedding light on OpenSSH backdoors (WeLiveSecurity) In The Dark Side of the ForSSHe, ESET researchers hope to shed light on OpenSSH backdoors and, by extension, on Linux malware in general.
He's not cracked RSA-1024 encryption, he's a very naughty Belarusian ransomware middleman (Register) Dr Shifro pays ransom, gets discount and adds its own margin, says Check Point
Beware Ransomware Doctors Peddling Fake ‘Cures’, Warns Check Point (Information Security Buzz) Researchers from leading cybersecurity vendor Check Point have uncovered a Russian IT consultancy named Dr. Shifro [...] that claims to unlock and recover consumers’ and businesses’ encrypted files. But in fact, the company simply pays the ransomware’s creator themselves and passes the cost onto the victim at a 75%-plus profit margin. Dr. Shifro offers only …
Windows 10 Security Questions Prove Easy for Attackers to Exploit (Dark Reading) New research shows how attackers can abuse security questions in Windows 10 to maintain domain privileges.
News Corp's email bungle a harsh lesson in data privacy (Security Brief) News Corp claims the bungle was due to ‘human error’, demonstrating just how damaging those errors can be – especially at a time when its employees are already facing the prospect of losing their jobs.
Who steals personal data and how do they make money from it? (Sky News) Despite new laws tackling advertisers and marketers hoarding info on us, cyber criminals are continuing to chase personal data.
Security Patches, Mitigations, and Software Updates
Adobe patches newly exploited Flash zero-day (Help Net Security) Adobe has released patches for two Flash Player vulnerabilities, one of which is a zero-day (CVE-2018-15982) exploited in the wild.
Microsoft Security Advisory Updates For December 5, 2018 (Packet Storm) Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
Zoom patches serious video conferencing bug (Naked Security) Zoom moved to patch a bug in its service this week that enabled people to hijack customer video conferences.
Cyber Trends
Cyber: "The System is Blinking Red Once Again" (The Cipher Brief) DHS Secretary Kirstjen Nielsen had dinner recently with some of the country's top minds on cyber. This is what they asked her...
Is Malware Heading Towards a WarGames-style AI vs AI Scenario? (SecurityWeek) Adam Kujawa of Malwarebytes Labs has been contemplating the evolution of malware attack and defense, attempting to work out strategies to stay ahead of cybercriminals in what has always been a technological game of leapfrog.
Consumers believe social media sites pose greatest risk to data (Help Net Security) A majority of consumers are willing to walk away from businesses entirely if they suffer a data breach, with retailers most at risk, according to Gemalto.
Are Lawyers the Best Judge of Cybersecurity? (Infosecurity Magazine) It's not just lawmakers who sometimes seem ill equipped when it comes to cybersecurity; lawyers can be far from perfect in this regard too.
Cybersecurity threats can cost large organizations in India an average of $10.3 mn in economic losses (The Economic Times) The survey ranged from mid-sized organisations (250 to 499 employees) to large-sised organizations (more than 500 employees).
Marketplace
Global stocks slump on China executive arrest, oil spills into OPEC (Reuters) Global stock markets slumped for a third day running on Thursday as the arrest o...
Chinese stocks plummet as Huawei CFO arrest raises trade fears (TechCrunch) A string of Chinese stocks fell hard on Thursday after the arrest of Huawei’s chief financial officer Meng Wanzhou in Vancouver deepened concerns over US-China trade tensions. The Hang Seng China Enterprises Index of Chinese companies listed in Hong Kong was off 2.76 percent as of 12:40 p.m. …
Huawei security fears - paranoia, blowback, or both? (ComputerworldUK) BT has made the decision to strip the equipment of Huawei from its core EE 4G network among growing security concerns about the Chinese telecom infrastructure giant's critical infrastructure footprint. Can - or should - any blame be laid on Huawei, or is this a result of paranoia, projection, or a severe lack of government oversight?
The Fate Of Tech Giants Depends On This Stock -- And It's One Of The Best Investments Today (Forbes) Amazon (AMZN), Google (GOOG), and Facebook (FB) all earn a BIG chunk of their profits from leveraging and selling users’ data. But there's a catch...
'Non-acquisitive' Mimecast CEO on the vendor's double acquisition (CRN) CEO Peter Bauer tells CRN why the security vendor went against its own philosophy with two big takeovers
Scaeva Technologies Adds Industry-Leading Advisors (PR Newswire) Scaeva Technologies Inc™, inventor of the ScaevaSAFE™ content protection and distribution platform today announces...
NetSPI Names Bill Carver as New Chief Information Security Officer (GlobeNewswire News Room) Carver to Lead Cybersecurity Strategy for NetSPI
Billionaire investor Mike Lynch has left the board of unicorn cybersecurity startup Darktrace as he faces fraud charges (Business Insider) Mike Lynch has stepped down from Darktrace's board after facing criminal charges in the US over the $11 billion sale of Autonomy to HP.
Products, Services, and Solutions
You Could Have SD-WAN Already… Just Turn It On! (Watchguard) SD-WAN products offer similar features that closely align to the functional definitions proposed by industry experts; however, network security providers deliver more substantial security features as illustrated in this table.
Cavirin Announces Comprehensive Integration with Google Cloud Platform (Cavirin) Cavirin's newest release delivers auto-remediation across AWS with Lambda functions and across all environments with Ansible Playbooks.
HubStor Announces New Continuous Backup and Version Control to Its Software-Based Cloud Storage Platform (PR Newswire) HubStor, an innovator in software-based cloud storage solutions, today announced new cloud backup capabilities...
Pulse Secure Expands Zero Trust Security for IoT
with Firewall Auto-provisioning and Behavioral Analytics (Pulse Secure) Pulse Secure provides a consolidated offering for access control, SSL VPN, and mobile device security. Contact Pulse Secure at 408-372-9600 to get a free demo.
New cyber resilience service to overcome the human factor (Lloyd's Register) Lloyd’s Register has announced that it is partnering with AXELOS RESILIA® Frontline to offer its customers engaging cyber awareness training for all their employees.
Oculeus Launches New Real-Time Telecoms Fraud Protection Service (PR Newswire) Oculeus, a leading provider of innovative telecommunications solutions, today announced that the company...
CyberX and GE to Strengthen Cybersecurity for the Industrial Internet of Things (IIoT) (GlobeNewswire News Room) CyberX Platform Enables Digitization and Industry 4.0 with Reduced Cyber Risk
Symantec Unveils USB Scanning Station for ICS, IoT Environments (SecurityWeek) Symantec unveils Industrial Control System Protection (ICSP) Neural, a USB scanning station designed to protect industrial and IoT environments against USB-borne malware.
Post-exploitation scanning tool scavenges for useful information (Help Net Security) Scavenger is a multi-threaded post-exploitation scanning tool that helps penetration testers pinpoint files and folders with useful information.
JASK & Exclusive Group Team Up for Global Roll Out of AI-powered ASOC Platform (AP NEWS) Exclusive Group , the global value-added services and technologies (VAST) group, has been appointed by JASK , the provider of the industry’s only Autonomous Security Operations Center (ASOC) platform, to accelerate the market penetration of its disruptive and innovative technologies around the world.
Tanium Launches Reveal to Allow Organizations to Identify, Monitor, and Protect Sensitive Data (PR Newswire) Tanium, the platform for Business Resilience, today announced a significant addition to its product portfolio...
Juniper Networks Helps Enterprises Simplify Data Integration to Pinpoint and Prioritize Cyber Threats from any Security Source (GlobeNewswire News Room) Updates to the Juniper Advanced Threat Prevention Appliances leverage third-party firewalls and security data sources to offer enterprises a fast, flexible and automated defense against malicious activity
Microsoft and Mastercard partner to build a universally-recognized digital identity (Security Boulevard) Mastercard has partnered with Microsoft to help people better manage and use their digital identity. Current identity management systems are complex in proving user identity and managing their data. Following this, Mastercard and Microsoft are provided a way for people to instantly verify their digital identity with whomever they want, whenever they want using a The post Microsoft and Mastercard partner to build a universally-recognized digital identity appeared first on Packt Hub.
Hyperledger Launches Cryptography Toolbox for Blockchain Developers (CoinDesk) Hyperledger has launched a new tool for blockchain developers – a modular cryptographic library aimed to reduce work duplication and bugs.
Apricorn Aegis Fortress L3 portable storage drive: Tougher, faster, and more secure (ZDNet) Hardware-encrypted external storage drives are pretty much a must-have item for enterprise these days, and Apricorn has once again raised the bar with the new Aegis Fortress L3. And it's future-proof, coming with interchangeable Type-A and Type-C connector cables.
Thycotic launches Australia-hosted secret server cloud (ARN) Cyber security vendor Thycotic has launched an Australian-hosted version of its secret server cloud service allowing the channel to handle highly sensitive data without sending it offshore.
Equifax-Centre for Cybersecurity Tie Up to Fix Cyber Attacks (Zacks Investment Research) The partnership reflects Equifax's (EFX) effort to revive from the cyberattack in 2017.
Albertsons Implements Okta for Customer Identity (BusinessWire) Okta, Inc. (NASDAQ:OKTA), the leading independent provider of identity for the enterprise, today announced that Albertsons Companies successfully impl
Pulse Secure Expands Zero Trust Security for IoT with Firewall Auto-provisioning and Behavioral Analytics (GlobeNewswire News Room) Pulse Secure version 9.0R3 helps customers secure industrial IoT and streamline maintenance activities for greater production line output
Technologies, Techniques, and Standards
Measuring privacy operations: Use of technology on the rise (Help Net Security) Critical privacy program activities such as creating data inventories, conducting data protection impact assessments (DPIA), and managing data subject
The future of network-connected device security (ComputerWeekly) The proliferation of poorly-secured network-connected devices has prompted the UK government to publish new best practice guidelines. Do these go far enough?
Palo Alto Networks’ Rick Howard: Agencies Should Include Legacy System Security in Cyber Strategy (GovCon Wire) Rick Howard, chief security officer at Palo Alto Networks (NYSE: PANW), said agencies can avoid comp
How Clemson keeps cryptominers off its supercomputer (EdScoop) One of the most powerful computing clusters owned by an American university has attracted at least a few opportunistic students.
Design and Innovation
The Case for a Human Security Officer (Dark Reading) Wanted: a security exec responsible for identifying and mitigating the attack vectors and vulnerabilities specifically targeting and involving people.
Tumblr's Porn Ban Reveals Who Controls What We See Online (WIRED) The visual microblogging service banned porn two weeks after Apple deleted its app from the App Store, amid a new federal sex trafficking law.
Could adult content ban spell the end for Tumblr? (Naked Security) #TumblrIsDead? Tumblr is banning adult content in an effort to be safer, better, “more positive”.
Tumblr’s Algorithm Thinks Vomiting Unicorns, Raw Chicken, and Boot Cleaners Are Porn (Motherboard) Users have been sharing their innocuous posts that have been deemed #TooSexyForTumblr.
This Company Wants to Use the Blockchain to Stop Phishing (WIRED) MetaCert has classified 10 billion URLs as either safe, a suspected source of phishes, or unknown.
Research and Development
New Cryptography Must Be Developed and Deployed Now, Even Though A Quantum Computer That Could Compromise Today’s Cryptography Is Likely At Least A Decade Away, Says New Report (National Academies of Science, Engineering, Medicine) Given the current state of quantum computing and the significant challenges that still need to be overcome, it is highly unlikely that a quantum computer that can compromise public-key cryptography – a basis for the security of most of today’s computers and networks – will be built within the next decade, says a new report by the National Academies of Sciences, Engineering, and Medicine.
Quantum Computing That Can Crack Modern Encryption More Than a Decade Away (Nextgov.com) A report from the National Academies of Sciences, Engineering, and Medicine suggests encryption-cracking quantum computers are possible, but won’t be built in the immediate future.
Researchers create AI that could spell the end for website security captchas (Help Net Security) Researchers have created new artificial intelligence that could spell the end for one of the most widely used website security systems.
DHS wants a custom cyberthreat warning network (Fifth Domain) The agency said it wanted to develop a software to help medium and small businesses communicate with each other and identify hacking attempts.
An Eye-Scanning Lie Detector Is Forging a Dystopian Future (WIRED) EyeDetect is pitched as more efficient and accurate than a polygraph, but a WIRED investigation found that a reliable lie detector is still a fantasy.
Toyota Builds Open-Source Car-Hacking Tool (Dark Reading) 'PASTA' testing platform specs will be shared via open-source.
Academia
University of San Diego Honored by InfraGard for Its Cybersecurity Efforts (University of San Diego) Demonstrating its growing contributions to the region’s cybersecurity efforts, the University of San Diego received the Ties that Bind Award from InfraGard on Sunday, December 2.
Legislation, Policy, and Regulation
MI6 'C' speech on fourth generation espionage (GOV.UK) MI6 Chief Alex Younger spoke on how the Secret Intelligence Service is evolving in response to hybrid threats and pioneering new approaches to keep the UK safe.
Can the West Prevent the Slow Strangulation of Ukraine? (Foreign Affairs) Much will depend on the West’s collective readiness to confront Russian aggression in Ukraine after the November 25 incident in the Black Sea.
Are more offensive cyber operations actually a deterrent? (Fifth Domain) Experts say it is hard to judge if the Trump administration's cyber strategy is protecting America.
5 assumptions that should change how we think about hackbacks (Fifth Domain) If private companies were able to obtain the right to hack back legally, the risks for blowback is likely more significant than the opportunity for potential gains.
Australia passes bill to force tech firms to hand over encrypted data (Reuters) Australia's parliament on Thursday passed a bill to force tech firms such a...
Analysis | The Cybersecurity 202: NRCC breach sparks calls for transparency after cyberattacks (Washington Post) It also raises questions about the public’s faith in the integrity of elections.
Marriott breach spurs new privacy law push (TheHill) Lawmakers are fired up after Marriott International suffered what is believed to be the nation’s second-largest data hack, in which hundreds of millions of its customers had their personal data stolen.
Life, Liberty, and the Pursuit of Privacy (Virtru) “...our data is our property. It represents us as individuals and has immense value. Unfortunately, it has been hijacked for private profit and too often used for nefarious purposes, without our explicit consent.”
New cyber agency marks its territory (Washington Examiner) The government’s first cybersecurity agency is about three weeks old, and it’s already learning to walk.
California IoT Security Law: A Nearsighted, Toothless Guard Dog or a Wolf in Sheep’s Clothing? (Security Boulevard) With three new sections added to the California Civil Code, California became the first U.S. state with a cybersecurity law specifically for internet-connected devices on September 28, 2018. The new Security of Connected Devices law will take effect on January 1, 2020. The Basics The new law requires manufacturers of connected devices to equip the …
Litigation, Investigation, and Law Enforcement
Canadian Authorities Arrest CFO of Huawei Technologies at U.S. Request (Wall Street Journal) Canadian authorities arrested Huawei Technologies’ chief financial officer at the request of the U.S. government for alleged violations of Iranian sanctions, the latest move by Washington to crack down on the Chinese cellular-technology giant.
Huawei CFO arrested in Canada as US seeks extradition (The Telegraph) Canada has arrested the chief financial officer of Huawei, the Chinese telecoms giant at the centre of a spying row, as US authorities seek to extradite her.
Sabrina Meng, Huawei CFO and Founder’s Daughter, Was Face of Secretive Company
(WSJ) The arrest of Sabrina Meng, Huawei chief financial officer and founder’s daughter who was seen as a potential leader of the company, threatens the U.S.-China trade truce.
The CIA Presented a ‘Smoking Gun’ on Khashoggi. What’s the Senate Going to Do About it? (Defense One) Lindsey Graham and others emerged from a CIA briefing convinced that Trump and SecDef Mattis are wrong about the murder.
Britain is blind to the crimes of its friends (Times) ‘Is this any way to treat an ally?” That was the understandable reaction to the life sentence given to Matthew Hedges last month. But the real question, of course, was “is this any way to treat...
Note by Damian Collins MP, Chair of the DCMS Committee (Parliament.uk) Summary of key issues from the Six4Three files
Seven things we learned from the confidential emails that Facebook tried to keep secret (The Telegraph) On Wednesday Parliament released a trove of confidential documents from inside Facebook that shed light on its business, its dealing with competitors and its attitude to privacy.
Facebook ‘tried to secretly snoop on calls and texts’ (Times) Facebook sought to collect details of hundreds of millions of users’ phone calls and texts without permission as it feared that gathering the data openly would bring negative headlines. Details of...
Facebook allegedly offered advertisers special access to users’ data and activities, according to documents released by British lawmakers (Washington Post) A key British lawmaker alleged Wednesday that Facebook maintained “whitelisting agreements” that gave select companies preferential access to valuable data on users without their consent, echoing a key claim from an app developer's lawsuit.
Facebook also let dating apps have further access to Graph API back in 2015 (Ars Technica) UK MP releases 250 pages of materials obtained as part of Six4Three debacle.
Facebook's secret documents reveal plot to crush competition (The Telegraph) Facebook cut off data access to rival companies which it saw as threatening its business model, according to internal documents seized as part of Parliament's "fake news" inquiry.
Facebook's Dirty Tricks Are Nothing New for Tech (WIRED) Big tech companies have a history of discrediting critics, forging alliances with adversaries, and deflecting scrutiny to competitors.
Internal Documents Show Facebook Has Never Deserved Our Trust or Our Data (Motherboard) Internal emails between Mark Zuckerberg and Sheryl Sandberg lay bare the fact that Facebook has long sought to leverage user data to turn a profit.
Iranians indicted in Atlanta city government ransomware attack (Ars Technica) Samsam ransomware attack that took down Atlanta is connected to another attack in New Jersey.
Atlanta U.S. Attorney Charges Iranian nationals for City Of Atlanta ransomware attack (US Department of Justice) A federal grand jury in Atlanta has returned an indictment charging Faramarz Shahi Savandi and Mohammed Mehdi Shah Mansouri with committing a sophisticated ransomware attack on the City of Atlanta in March 2018 in violation of the Computer Fraud and Abuse Act.A federal grand jury in Atlanta has returned an indictment charging Faramarz Shahi Savandi and Mohammed Mehdi Shah Mansouri with committing a sophisticated ransomware attack on the City of Atlanta in March 2018 in violation of the Computer Fraud and Abuse Act.
‘Iceman’ hacker charged with running drone-smuggling ring from jail (Naked Security) Max Ray Vision says he’s innocent of owning the phone used to orchestrate the scheme and ripping off debit cards to fund the drone purchase.
Student's cyber attack targeted Mount Zion school district network 3 times, police say (Herald-Review) Police say a student undertook a cyber attack on the Mount Zion School District computer network to sabotage a homework assignment, causing the system to crash.