Cyber Attacks, Threats, and Vulnerabilities
Russia Launched Cyber Attacks Against Ukraine Before Ship Seizures, Firm Says (Defense One) Researchers claim to have uncovered Russian cyber attacks aimed at the Ukrainian military and government before and during the Sea of Azov captures.
Huawei: A Trojan Horse Inside Taiwan? (The National Interest) How much of a threat is the telecommunications giant to Taipei?
Vulnerability Exposes Rockwell Controllers to DoS Attacks (SecurityWeek) Remotely exploitable DoS vulnerability found in some of Rockwell Automation’s MicroLogix controllers and ControlLogix communications modules.
In case you're not already sick of Spectre... Boffins demo Speculator tool for sniffing out data-leaking CPU holes (Register) First proof-of-concept, SplitSpectre, requires fewer instructions in victim
With 20,000 sites swallowed up, a botnet is eating WordPress alive (Digital Trends) Hackers controlling a “botnet” of over 20,000 infected WordPress sites are attacking other WordPress sites, according to a report from The Defiant Threat Intelligence team.
Botnet of Infected WordPress Sites Attacking WordPress Sites (Wordfence) The Defiant Threat Intelligence team recently began tracking the behavior of an organized brute force attack campaign against WordPress sites. This campaign has created a botnet of infected WordPress websites to perform its attacks, which attempt XML-RPC authentication to other WordPress sites in order to access privileged accounts. Between Wordfence’s brute force protection and the premium real-time ...
Critical Kubernetes vulnerability could have widespread effects (SearchCloudSecurity) A severe Kubernetes vulnerability was discovered in the cloud container orchestration software's API server. This marks the open source system's first serious security vulnerability.
Kubernetes Vulnerability Hits Top of Severity Scale (Dark Reading) The security issue strikes at some of the basic reasons for the rising popularity of containers as an architecture and Kubernetes as an orchestration mechanism.
Old and new OpenSSH backdoors threaten Linux servers (Help Net Security) ESET has found 12 previously undetected families of Linux backdoors based on OpenSSH, the most common tool for sysadmins to manage rented Linux servers.
22 malware infected apps on Play Store found draining phone's battery (HackRead) Another day, another malware targeting Android users – This time, 22 apps have been removed from the Play Store after security researchers found malware draining user phone’s battery and also downloading files without their consent.
Unprotected MongoDB Exposes Scraped Profile Data of 66 Million (BleepingComputer) Information belonging to more than 66 million individuals was discovered in an unprotected database, within anyone's reach, if they knew where to look on the web. The records look like scraped data from LinkedIn profiles.
ESET discovers 21 new Linux malware families (ZDNet) All malware strains are trojanized versions of the OpenSSH server or client apps that include keylogger and backdoor capabilities.
Fileless Attacks Grow as Attackers Find New Ways Past System Security (Computer Business Review) New research by cybersecurity enterprise Malwarebytes highlight the risk businesses face from fileless cyberattacks...PowerShell
DanaBot Banking Trojan Gets into Spam Business (BleepingComputer) Authors of the DanaBot banking trojans updated the malware with new features that enabled it to harvest email addresses and send out spam straight from the victim's mailbox.
Sextortion with a side of ransomware (Proofpoint) Proofpoint researchers describe recent so-called “sextortion” campaigns, some of which featured links to ransomware as well.
Those annoying sextortion scams are redirecting users to ransomware now (ZDNet) Sextortion emails take a dark turn and are now trying to infect users with the GandCrab ransomware.
'PowerSnitch' Hacks Androids via Power Banks (Dark Reading) Researcher demonstrates how attackers could steal data from smartphones while they're charging.
Supply chain compromise: Adding undetectable hardware Trojans to integrated circuits (Help Net Security) Attackers could equip integrated circuits with hardware Trojans that will not change the area or power consumption of the circuit.
Thieves Can Now Nab Your Data in a Few Minutes for a Few Bucks (Wall Street Journal) Data thieves’ tactics are getting more ingenious and more intrusive, as Marriott’s Starwood database breach adds to a string of large-scale corporate data intrusions.
Arrest of Huawei CFO Inspires Advance Fee Scam (SANS Internet Storm Center) Last week, the arrest of MENG Wanzou made big waves in the news. Ms. Meng was arrested in Canada based on an arrest warrant issued for the United States Department of justice. Ms. Meng, as CFO of Huawei and possible heir to her father, the CEO of Huawei, is assumed to have access to substantial wealth. This led to a wave of advanced fee scams levering this news.
Fake tax scam warning for university students (Action Fraud) University students have been warned by HM Revenue & Customs (HMRC) that fraudsters are targeting them with a wave of fake tax scams.
Hacker-besieged DNA data tucked away under military care (Naked Security) Genomics England announced it’s sequenced 100K Brits’ genomes… and then had to store them in a military base after multiple hacking attacks.
German engineering group KraussMaffei blackmailed in cyber attack
(Xinhua,net) Operations at the Munich-based engineering group KraussMaffei are returning to "normal conditions" and production is being ramped up again.
Rockaway Twp. police computer hacker still unknown; leaders want answers (Daily Record) More than two weeks later many are mad that they don’t have more information about the hack that brought down police computer systems.
Your Apps Know Where You Were Last Night, and They’re Not Keeping It Secret (Mew York Times) Dozens of companies use smartphone locations to help advertisers and even hedge funds. They say it’s anonymous, but the data shows how personal it is.
Security Patches, Mitigations, and Software Updates
Windows 10: Microsoft pulls patch that gives Surface Book 2 Blue Screen of Death (ZDNet) Having first blocked it for Surface Book 2 users, Microsoft now removes buggy patch completely.
Why, in 2018, is Microsoft adding security questions to Windows 10? (Ars Technica) Attackers with admin control can abuse the feature to create a persistent backdoor.
Cyber Trends
Hackers will target more young video game players in 2019 (Quartz) There's a lot of money to be stolen from the online gaming community. And young gamers are especially vulnerable, a new report warns.
The next big risk to your privacy: Your child’s video-game habit (MarketWatch) Hackers are increasingly targeting video games, new report finds.
Report Sheds Light on Massive Ransomware Problem (Threat Vector) Datto, a managed service provider of IT services, recently released their 2018 Global State of the Channel Ransomware Report, in which they surveyed over 2,400 IT professionals from around the world. Here are some of the key findings.
Cybersecurity Canon Candidate Book Review: Cyber-War: Anatomy of the Global Security Threat (Palo Alto Networks Blog) William Yurek reviews "Cyber-War: Anatomy of the Global Security Threat" for the Cybersecurity Canon.
Not all data collection is evil: Don't let privacy scandals stall cybersecurity (Help Net Security) We are now operating in a world where all data collection and analysis practices are increasingly portrayed as evil, according to Dtex Systems.
Marketplace
U.S. Allies Raise New Security Worries About China’s Huawei (Wall Street Journal) U.S. allies from Australia to Japan to the European Union raised new security questions about Huawei Technologies, putting fresh pressure on the Chinese telecommunications giant.
EU Should Worry About Huawei, Other Chinese Firms: Official (SecurityWeek) The European Union and its citizens should be "worried" about telecoms giant Huawei and other Chinese firms that cooperate with Beijing's intelligence services, official warns.
Under Fire Huawei Agrees to UK Security Demands: Report (SecurityWeek) Embattled Chinese telecoms giant Huawei has agreed to British intelligence demands over its equipment and software as it seeks to be part of the country's 5G network plans, the FT reported.
Huawei Is Planning a $2 Billion Cybersecurity Reboot (Bloomberg) Chinese vendor said to plan global software systems overhaul. Commitment comes as company risks more bans in Western markets.
Cisco's Errant China-Travel Alert Shows Tech's Huawei Alarm (Bloomberg) The arrest of a high-profile Chinese executive has amped up jitters among U.S. technology companies already fretting that a trade war between the two countries could hurt business.
Senator slams Google's censored search engine work in China (CNBC) Sen. Warner said tech companies need to do more to support cybersecurity in the U.S. and to fight information warfare from U.S. rivals
Chinese Mobile App Companies Are A National Security Risk, Says Top Democrat (BuzzFeed News) “It’s enormously worrisome to me that Google allowed these highly over-permissioned apps to gain such prominence,” he said.
Michael Dell plots his return to the public market (The Economist) The largest private tech firm has an updated vision for computing’s future
US National Oceanic and Atmospheric Administration taps Leidos (Australian Defence Magazine) Leidos has been awarded a task order by the US National Oceanic and Atmospheric Administration (NOAA) to manage cyber and enterprise security operations.
Qualcomm laying off more workers in San Diego, North Carolina to cut costs (San Diego Union Tribune) The company is shedding 125 jobs in San Diego and 144 workers in Raleigh as part of its continuing cost cutting plan.
Marine Cyber Command Is Getting In On Other Transaction Contracting (Nextgov.com) The Marine Corps Forces Cyberspace Command’s executive director said the command expects to sign its first OT contract in the coming days.
3 priorities for the Marines' information directorate (C4ISRNET) Here's what the deputy commandant for information is focused on.
Nasdaq-Listed Akamai Leases 6,800 Square Meters in Tel Aviv’s ToHa Tower (CTECH) The content delivery company operates a research and development center in Israel. Its current offices span over 3,000 square meters
GlobalPlatform Announces 2019 Board of Directors (Global Security Mag Online) GlobalPlatform, the standard for secure digital services and devices, has announced its Board of Directors for fiscal year 2019. Six Board seats were open and after a close election, the following individuals were re-elected to serve a further two-year term:
Products, Services, and Solutions
Dave Bitner on The CyberWire’s Unique Approach to Security News Coverage (Security Boulevard) In this video, Matt Stephenson speaks with The Cyberwire Producer and Podcast host Dave Bittner, the top-ranking daily cybersecurity podcast in the world according to iTunes.
SentinelOne Adds New Features to Remove Need for Legacy AV Suites (Best Mobility Management Vendors, MDM Software and EMM Platforms) Endpoint protection solution provider, SentinelOne, recently announced two new features that extend the scope of the SentinelOne platform past traditional endpoint protection and endpoint detection…
HackerOne Offers Free Sandboxes To Replicate Real-World Security Bugs (BleepingComputer) HackerOne has announced that it makes available to hackers that want to test and hone their skills a set of five sandbox environments modeled after popular security bugs reported through its platform.
Technologies, Techniques, and Standards
Shipping groups publish cyber security guidelines update
(Riviera) A group of the world's largest international shipping associations have published an update to their cyber security guidelines.
Singapore lauded for financial sector cyber security guidelines (Channel Asia Singapore) MWR InfoSecurity has praised Singapore for developing a set of security assessment guidelines aimed at strengthening cyber resilience in finance.
Top engineer discloses how China deals with foreign intelligence-backed cyber attacks (Global Times) In reality, China has always been a victim of cyber attacks. The Global Times (GT) interviewed Xiao Xinguang (Xiao), the chief technical architect of Beijing-based Antiy Labs, on the cyber threats China has been facing in recent years.
Holding execs accountable can prevent future hacks like Marriott's (TheHill) We should expect more from the leaders we entrust with our data.
We Will Never Hack Our Elections Secure (Forbes) Instead, we need the vendors who create these systems to share their security stories publicly, including all the supporting evidence, so that anyone can evaluate, challenge and improve them.
Cyber Security Will Be a Slow Evolution - Harris Balcombe Warns SMEs to Invest in the Right Protection for the Coming Year (Bdaily Business News) 2018 has seen its fair share of high profile security breaches - British Airways, Amazon, Facebook and FIFA are only…
Mitigating the risk of Office 365 account hijacking (Help Net Security) UK's National Cyber Security Centre warns about the danger of Office 365 account compromise and offers Office 365 compromise prevention advice.
How can businesses get the most out of pentesting? - Help Net Security (Help Net Security) The goal of penetration testing is to identify the worst case scenario. But an organization will also be able to understand what the approach is.
How Tomer Agayev Fights Financial Fraud With Curiosity and Suspicion (Security Intelligence) As threat research team lead at Trusteer, Tomer guards the gateway to both known and unknown threats and passes along his insights to help banking customers protect themselves from social engineering.
Research and Development
DeepPhish Project Shows Malicious AI is Not as Dangerous as Feared (SecurityWeek) A security research project called DeepPhish examined the extent to which AI & ML technologies can aid in the detection of phishing, and the extent to which those technologies could be used by cybercriminals to by-pass anti-phishing defenses.
Nearly $1 million NSF grant to bolster cyber-physical systems security (Missouri S&T) Funded through a National Science Foundation grant, Missouri S&T researchers are developing stronger safeguards for a wide array of complex systems that rely on computers – from public water supply systems and electric grids to chemical plants and self-driving vehicles.
Legislation, Policy, and Regulation
When China Rules the Web (Foreign Affairs) China is set to remake cyberspace in its own image. That will make the Internet less open and allow Beijing to reap vast economic, diplomatic, and security benefits that once flowed to Washington.
EU governments agree to tougher stance on e-evidence (Reuters) EU governments agreed on Friday to toughen up draft rules allowing law enforceme...
Aussie Surveillance Law Imperils Secure Comms (Infosecurity Magazine) Hastily passed legislation apes the infamous UK Snooper’s Charter
GCHQ boosts powers to launch mass data hacking (the Guardian) Expanded intelligence gathering is ‘a grave threat’ warn rights groups
Why Huawei arrest deepens conflict between US and China (WHDH 7News) The dramatic arrest of a Chinese telecommunications executive has driven home why it will so hard for the Trump administration to resolve...
Former NSA official urges Britain to block Huawei technology over 'legitimate security concerns' (The Telegraph) A former top official at the US National Security Agency has warned that a failure to block Huawei technology from being embedded in critical UK infrastructure would pose “real, legitimate security concerns”.
Analysis | The Cybersecurity 202: Internet ecosystem needs a complete overhaul to be cybersecure, House panel warns (Washington Post) But Congress has little leverage to make it happen.
Sen. Warner: Cyber Threat is Here (Multichannel) Edge must step up and stop being 'petri dish' for foreign propaganda
Warner wants more Pentagon spending on cybersecurity (Fifth Domain) Sen. Mark Warner, the ranking member of the Senate’s intelligence committee, called for a realignment of Pentagon spending priorities to boost cybersecurity and technology investments.
CIA taps first woman to lead key part of agency (TheHill) The CIA on Friday named Elizabeth Kimber to run the part of the agency that recruits spies overseas, gathers intelligence and engages in covert actions.
Forcepoint’s Eric Trexler: Automation, ‘National Guard’ Could Help Agencies Maintain Stable Cyber Workforce (ExecutiveBiz) Eric Trexler, vice president of global governments and critical infrastructure at Forcepoint, has said agencies should initiate efforts to hire and retain a stable pool of cybersecurity professionals and one of those measures is to establish a cyber “National Guard.” Trexler wrote in a Nextgov article published Friday that the National Guard initiative would provide agencies with...
Futures Command Adds New Tool for Preparing Army for Next War (Military.com) Army Futures Command will be responsible for making sure the service sees the threats it may face on tomorrow's battlefield.
Dubious CLOUD: Law allows foreign governments to access citizens’ data (Pittsburgh Post-Gazette) Warrantless surveillance of American citizens, by our own government or any other, is unconstitutional.
Government bans NHS fax use (Computing) Experts disagree on NHS use of legacy communications technology
Litigation, Investigation, and Law Enforcement
U.S. Readies Charges Against Chinese Hackers (Wall Street Journal) U.S. prosecutors are preparing to unseal criminal charges against hackers linked to the Chinese government who have allegedly engaged in a multiyear scheme to break into U.S. technology service providers.
China summons US ambassador over Huawei CFO's arrest (the Guardian) Terry Branstad urged to cancel arrest warrant for Meng Wanzhou and end her ‘egregious’ detention
Chinese executive facing US extradition to appear in court (Washington Post) Huawei arrest complicates US-China trade talks, illustrating an underlying clash over technology
Canadian Prosecutor Lays Out U.S. Allegations Against Huawei CFO (Wall Street Journal) A Canadian prosecutor said Huawei’s finance chief was arrested because of U.S. allegations that she fraudulently covered up the Chinese tech giant’s control of a company was doing business in Iran.
Huawei CFO could face sentence of up to 30 years per charge if extradited to US (CNBC) U.S. prosecutors want a top executive of China's Huawei Technologies, the world's largest supplier of telecommunications network equipment, to face charges of fraud linked to the skirting of Iran sanctions.
Two British Banks Ensnared in Huawei Dispute (Wall Street Journal) Two large British banks are among those ensnared in the controversy over Huawei Technologies. The dispute escalated over the weekend after the Chinese government warned Canada it would face “severe consequences” if it didn’t release the Chinese telecom giant’s finance chief.
Opinion | How a chilling Saudi cyberwar ensnared Jamal Khashoggi (Washington Post) Inside the 21st-century battle of ideas waged by the fearful crown prince and a conniving courtier.
Israel signed off on sale of phone spying tool to Saudi Arabia — report (Times of Israel) Washington Post cites US officials who say export of NSO's Pegasus program was approved despite hesitation from some Israelis over selling sensitive technology to Arab country
Israeli cyberware company disputes software related to Khashoggi murder (The Jerusalem Post) "We follow an extremely rigorous protocol for licensing our products — which are only provided after a full vetting as well as licensing by the Israeli government.“
Marriott CFO Calls $1 Billion Estimate on Cyber Breach Premature (Bloomberg) Attack exposed personal records of up to 500 million guests. Hack targeted Starwood Hotels, acquired by Marriott in 2016
New Lawsuit Claims Marriott Still Exposes Customer Information (SecurityWeek) A new class action lawsuit filed against Marriott following the massive data breach alleges that the hotel giant still exposes customer information.
The Mueller Investigation Nears the Worst Case Scenario (WIRED) Sentencing documents for Paul Manafort and Michael Cohen drag President Trump in the legal spotlight.
Mueller says Manafort told ‘discernible lies,’ including about contacts with an employee alleged to have Russian intelligence ties (Washington Post) The allegations came in a new court filing by the special counsel that pointed to some the questions prosecutors have been asking a key witness.
Mueller Sentencing Memo Details Cohen's Aid in Russia Investigation (New York Law Journal) The Special Counsel's Office provided numerous examples of Cohen's assistance into Russian interference in the 2016 presidential election.
Analysis | 5 big takeaways from the new Michael Cohen and Paul Manafort filings (Washington Post) Prosecutors say Cohen has oversold his cooperation with Robert Mueller -- and that he doesn't deserve much leniency given his egregious conduct.
Preliminary approval of class action settlement for Experian data breach exceeds $47M (The National Law Review) Remember Experian’s massive data breach of 15 million customers in 2015?  The resulting consolidated class action is nearly resolved.  On December 3, 2018, a California federal judge g
Skripal police revisit ‘suicide’ of Scot Young and collapse of whistleblower Alexander Perepilichnyy (Times) Detectives who led the investigation into the attempted assassination of a former Russian spy in Salisbury have uncovered new evidence that links the Kremlin to at least two other suspected murders...
The Feds Are Now Looking Into Who Sent Millions of Fake Net Neutrality Comments to the FCC (Gizmodo) Federal investigators are looking into whether the mass submission of millions of fraudulent letters on net neutrality to the Federal Communications Commission’s digital comment system was a crime as part of a Department of Justice investigation, BuzzFeed News reported on Saturday.
Bikini app maker draws another disgruntled developer to its Facebook fight (Ars Technica) Six4Three's website: "Tell Zuckerberg we will no longer be his patsy!"
Apple Hit With Sales Ban on Older iPhones in China, Qualcomm Says (Wall Street Journal) A Chinese court ordered Apple to stop selling older iPhone models in the country after finding the tech giant infringed on two patents held by Qualcomm, the chip supplier said.
235 members of dark web money counterfeiting gang busted (HackRead) The Dark Web has become a thriving hub of all sorts of criminal activities from selling illegal drugs to the distribution of ransomware and running child porn platforms.
Teen Email Hoaxer Gets Three Years (Infosecurity Magazine) Duke-Cohan targeted thousands of schools in UK and US
Bomb Threat Hoaxer, DDos Boss Gets 3 Years (KrebsOnSecurity) The ringleader of a gang of cyber hooligans that made bomb threats against hundreds of schools and launched distributed denial-of-service (DDoS) attacks against Web sites — including KrebsOnSecurity on multiple occasions — has been sentenced to three years in a U.K. prison, and faces the possibility of additional charges from U.S.-based law enforcement officials.
California Man Gets 26-Month Prison Sentence for DDoS Attacks (SecurityWeek) A 44-year-old man from California has been sentenced to 26 months in prison for launching DDoS attacks against two astronomy websites.