Cyber Attacks, Threats, and Vulnerabilities
AP Exclusive: Iran hackers hunt nuclear workers, US targets (AP NEWS) As U.S. President Donald Trump re-imposed harsh economic sanctions on Iran last month, hackers scrambled to break into personal emails of American officials tasked with enforcing them, The Associated Press has found — another sign of how deeply cyberespionage is embedded into the fabric of US-Iranian relations.
Saipem says Shamoon variant crippled hundreds of computers (Reuters) A hack on Italian oil services firm Saipem that crippled more than 300 of the co...
Saipem Middle East servers hit by cyber attack out of India (Offshore Technology) Italian oil services firm Saipem’s servers in the Middle East have been affected following an alleged a cyber attack out of India.
New Variant of Shamoon Malware Uploaded to VirusTotal (SecurityWeek) A new variant of the destructive Shamoon malware was uploaded to the VirusTotal malware analysis service, which shows a close match to historic versions of the malware.
Middle East Servers Targeted in Saipem Cyber-Attack (Infosecurity Magazine) An attack on Saipem began in India and targeted servers in Saudi Arabia, the United Arab Emirates and Kuwait.
Cyber Attack Targets Oil and Gas Services Company (Rigzone) Saipem suffers a cyber attack on its servers.
Windows Zero-Day Exploited by New 'SandCat' Group (SecurityWeek) The Windows kernel zero-day patched by Microsoft this week has been exploited by several threat actors, including a new group tracked by Kaspersky as SandCat.
MPs warn on Huawei's 'disturbing' ties to UK universities amid security fears (The Telegraph) MPs on the Foreign Affairs Select Committee have urged British universities to exercise "extreme caution" accepting money from Huawei, amid growing international concern about the security threat posed by the controversial Chinese telecom company.
FBI Says Chinese Espionage Poses ‘Most Severe’ Threat to American Security (Wall Street Journal) The disclosures, at a Senate Judiciary Committee hearing, came as the Trump administration is preparing to lay out an unprecedented amount of evidence in coming days about Chinese spying and hacking operations designed to steal secrets from U.S. companies.
Top FBI official warns of strategic threat from China through economic and other forms of espionage (Washington Post) Official says the “relentless theft of U.S. assets is positioning China to supplant” the United States as the world’s superpower.
FBI: China threatens 'the future of the world’ (Washington Examiner) Chinese spying threatens “not just the future of the United States, but the future of the world,” a senior FBI official told lawmakers Wednesday.
Is US military cloud safe from Russia? (BBC News) The BBC investigates a $10bn (£8bn) Pentagon contract to store sensitive data in a cyber-cloud.
Cryptocurrency Miner Spreads via Old Vulnerabilities on Elasticsearch (TrendLabs Security Intelligence Blog) We detected mining activity on our honeypot that involves the search engine Elasticsearch, which is a Java-developed search engine based on the Lucene library and released as open-source. The attack was deployed by taking advantage of known vulnerabilities CVE-2015-1427, a vulnerability in its Groovy scripting engine that allows remote attackers to execute arbitrary shell commands through a crafted script, and CVE-2014-3120, a vulnerability in the default configuration of Elasticsearch.
Apache Misconfig Leaks Data on 120 Million Brazilians (Infosecurity Magazine) Half the country has ID numbers exposed
An critical bug in Microsoft left 400M accounts exposed (HackRead) A bug bounty hunter from India, Sahad Nk who works forSafetyDetective, a cybersecurity firm, has received a reward from Microsoft for uncovering and reporting a series of critical vulnerabilities in Microsoft accounts.
Researchers find over 40,000 stolen logins for government portals (CSO Online) A phishing operation led to the theft of more than 40,000 login credentials for government services in 30 countries.
Phishing Attack Through Non-Delivery Notification (SANS Internet Storm Center) Here is a nice example of phishing attack that I found while reviewing data captured by my honeypots. We all know that phishing is a pain and attackers are always searching for new tactics to entice the potential victim to click on a link, disclose personal information or more…
Hackers fooled Save the Children into sending $1 million to a phony account (Boston Globe) Save the Children Federation said it was the victim of a $1 million cyberscam last year.
Security Patches, Mitigations, and Software Updates
Microsoft and Adobe Patch 100+ Bugs in December (Infosecurity Magazine) Several zero-day vulnerabilities should be prioritized by admins
Adobe Patches 87 Vulnerabilities in Acrobat Software (SecurityWeek) Adobe patches 87 vulnerabilities in its Acrobat and Reader software, but none of the flaws have been exploited in the wild.
Opera brings a flurry of crypto features to its Android mobile browser (TechCrunch) Crypto markets may be down down down, but that isn’t stopping Opera’s crypto features — first released in beta in July — from rolling out to all users of its core mobile browser today as the company bids to capture the ‘decentralized internet’ flag early on. Oper…
Cybersecurity Predictions for 2019 (Proofpoint) Proofpoint researchers predict trends that will shape the threat landscape in 2019.
Juniper Networks and IoT Institute Survey: As IoT Deployments Collide with Multicloud Ecosystems, Where Does Security Stand? (Juniper Networks) According to Gartner, “by 2020, 75% of organizations will have deployed a multicloud or hybrid cloud model for their IT needs.”1 While we’ve known for some time that the future is multicloud, ensuring cybersecurity across diverse and non-traditional environments has mostly been an afterthought. Desp...
Microsoft, PayPal and Google Top Brands Targeted by Phishing Campaigns, According to Comodo Cybersecurity Global Threat Report (GlobeNewswire News Room) Hacking democracy efforts continue with disturbing upticks in malware deployments leading up to major national elections
Microsoft, PayPal and Google Top the Brands Hit by Phishing (Infosecurity Magazine) Malicious attachments are the top method of phishing attack, with phishing URLs close behind.
Hacking democracy efforts continue with upticks in malware deployments (Help Net Security) The Comodo Global Threat Report 2018 Q3 reveals disturbing upticks in malware deployment leading up to major national elections.
NSA Cyber Chief Says Companies Are Losing Ground Against Adversaries (Wall Street Journal) Rob Joyce, a specialist at the National Security Agency, said companies’ readiness for cybersecurity threats is “getting worse.”
France plans to lure 'thousands' of UK fintech jobs, says minister (The Telegraph) France is seeking to lure thousands of UK financial technology jobs to the country, doubling down on its charm offensive with a new host of benefits for companies willing to relocate to Paris.
Contractor support needed through Cyber Command's 'Green Monkey' initiative (Washington Technology) The U.S. Cyber Command released its 'Green Monkey' RFI as it explores how to get contractor support to sift through technical cybersecurity proposals.
4iQ Secures $18 Million in Series B Funding from C5 and ForgePoint; Adds Board Members (TheCourierExpress.com) 4iQ, a pioneer in identity attribution analysis and a leading provider of intelligence for the largest identity theft protection vendors, announced today that it closed
Venafi Launches $12.5M Machine Identity Protection Development Fund (BusinessWire) Jetstack, OpenCredo and Cygnacom funded at Machine Identity Protection Live
BlackBerry will turn things around "very shortly", John Chen says (Cantech Letter) BlackBerry investors can expect a turnabout in the near future, says CEO John Chen, who thinks shareholders should be pleased by its financial stability.
Apple plans major US expansion including a new $1 billion campus in Austin (TechCrunch) Apple has announced a major expansion that will see it open a new campus in North Austin and open new offices in Seattle, San Diego and Los Angeles as it bids to increase its workforce in the U.S. The firm said it intends also to significantly expand its presence in Pittsburgh, New York and Boulder…
eSentire Appoints Former Palo Alto Networks CEO Lane Bess to Board of Directors (BusinessWire) eSentire, Inc., the largest pure-play Managed Detection and Response (MDR) provider, today announced that Lane Bess has joined its Board of Directors.
DXC Technology turns to BT Security to nab its infosec bossman (Register) Waves bye to yet ANOTHER HPE exec, internal memo confirms
Virtru Strengthens Leadership Team with Nationally Recognized Data Privacy Advocate (BusinessWire) Enterprise data privacy innovator Virtru has added Dr. Andrea Limbago, formerly of Endgame, as its new chief social scientist.
Products, Services, and Solutions
Enveil Brings Data in Use Security to the Azure Marketplace (GlobeNewswire News Room) Data Security Startup Expands Access to its Secure Processing Capabilities for Cloud Customers
BitDam to Protect City of Las Vegas from Email-based Cyber Attacks (PRWeb) The City of Las Vegas has selected BitDam’s Advanced Threat Protection (ATP) solution to support its ongoing endeavors in protecting its o
DXC provides post cyber-attack services to APAC insurers (ComputerWorld) Australia's DXC Technology has won a contract to provide post-cyber-attack services to insurers in APAC markets including Hong Kong
Symantec, Fortinet Form Expansive Partnership Around Cloud Security (CRN) Fortinet's Next-Generation Firewall will be integrated into Symantec's cloud-delivered Web Security Service in the first half of 2019 to provide comprehensive threat prevention.
Google expands its cloud services with cybersecurity company Palo Alto Networks (The Financial Express) Google Cloud has announced to expand its partnership with global cybersecurity company Palo Alto Networks to simplify security and accelerate cloud adoption.
DigiCert conquers Google's distrust of Symantec certs (Security Brief) “This could have been an extremely disruptive event to online commerce,
Bitdefender Announces New Managed Threat Monitoring Service (Best Endpoint Security Protection Software and Vendors) Bitdefender announced their GravityZone Managed Endpoint Detection and Response (MEDR) service, a new managed threat monitoring service.
Trustworthy Network Segmentation for an Untrustworthy World (Security Boulevard) Denial is not a strategy. The reality is that networks, PCs and XenApp clients are susceptible to attacks, if they haven’t been breached already. Network segmentation is an imperative. Organizations need to isolate applications that contain sensitive data, but this approach can introduce the cost and hassle of issuing a second PC for authorized users. Establish true end-to-end protections around sensitive The post Trustworthy Network Segmentation for an Untrustworthy World appeared first on Bromium.
Technologies, Techniques, and Standards
Preparing for Cyber Conflict - Case Studies of Cyber Command (ICDS) This is the first publicly available comparative study of the military cyber organisations in five European countries: Estonia, Finland, Germany, the Netherlands, and Norway.
Scanning for Flaws, Scoring for Security (KrebsOnSecurity) Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices?
Deception technology: Authenticity and why it matters (Help Net Security) This article is the second in a five-part series being developed by Dr. Edward Amoroso in conjunction with the deception technology team from Attivo
Cloud Security Not Automatic (Wall Street Journal) Many firms neglect basic due diligence when it comes to cloud security, falsely believing cloud-service providers automatically handle all their security needs, says Roland Cloutier, chief security officer at Automatic Data Processing Inc.
Guidelines for assessing ISPs' security measures in the context of net neutrality (Help Net Security) ENISA's guideline helps NRAs assess whether security measures implemented by ISPs are justified, even when they go against net neutrality regulation.
Leveraging AI and automation for successful DevSecOps (Help Net Security) The article provides 10 ways in which organizations of any size can leverage the power of AI and automation for their DevSecOps pipeline.
Taylor Swift uses facial recognition on concert-goers to weed out stalkers (The Telegraph) Concert-goers at a Taylor Swift concert were unknowingly scanned to spot potentially dangerous mega-fans who have become obsessed with the star.
Design and Innovation
Emerging technologies could tip the scales for cyber defense (Fifth Domain) One top Department of Defense leader has an optimistic outlook on the future of network defense.
Researchers show how data science techniques can find Twitter 'amplification bots' (The Next Web) It's easier than you might think.
Google’s Own Email Filters Flag Google’s Party Invite as Malicious (Motherboard) A cybersecurity reporter says his own Google-provided email app flagged an email about a Google party because it included content “typically used to steal personal information.”
Research and Development
OPAQ Awarded Patent for Software-Defined Network Segmentation (AP NEWS) OPAQ , the network security cloud company, today announced that it has received a patent from the United States Patent & Trademark Office for its software-defined network segmentation technology that monitors connection requests on endpoint devices and transparently enforces security policies to prevent lateral attacks on corporate networks (Patent # 10,122,760).
Code-cracking puzzles are a gateway to higher math (Education Dive) Teaching the long history of ciphers, cryptography and code breaking expands students' ideas of how math fits into the real world.
Legislation, Policy, and Regulation
'The rules of engagement have broken' in cyberspace, says CEO of cybersecurity giant FireEye (CNBC) Jim Cramer sits down with FireEye CEO Kevin Mandia to discuss how the global rules of engagement in cyberspace have eroded in recent years.
Why Microsoft is fighting to stop a cyber world war (ZDNet) The tech industry is becoming more worried about a cyberwar arms race. But are the right people listening?
Japan to follow Aussie and Kiwi leads, Banned Huawei & ZTE Tech Equipment (Financial World) As the Huawei CFO had been arrested in Canada, being accused of cover up her company’s tie-up with Hong Kong based Skycorp, that tried to sell Hewlett Packard tech instruments to the Iranian officials despite US and EU banned
European split over Huawei ‘threat’ risks ruffling Western alliances (South China Morning Post) Unsupported claims Huawei products are packed with spyware have not convinced some US allies into shifting policies to shut out the Chinese tech giant
US has a 'concerted strategy' to push allies to reject Huawei's 5G equipment: Eurasia Group (CNBC) The United States is pushing its allies to shut out Chinese tech giant Huawei for 5G networks on national security worries, a Eurasia Group expert says.
Goldman's top cybersecurity official says he spends too much time talking to regulators (CNBC) Too many different local, state, national and international cybersecurity regulations are hampering corporations' ability to deal with cyberattacks, said Goldman Sachs' chief information security officer Tuesday.
Finally, a meaningful congressional report on stemming cybersecurity attacks (CSO Online) The Cybersecurity Strategy Report offers solutions to six problem areas in an effort to improve IT's ability to cope with today's cyber threat landscape.
Analysis | The Cybersecurity 202: Election commission could give lawmakers new tools against hacking (Washington Post) Members of Congress could use leftover campaign funds to secure personal devices.
Senate Bill Targets Chinese Economic Espionage (Foreign Policy) New measure would give U.S. prosecutors power to indict hackers working abroad.
Bipartisan supply chain bill likely punted to next Congress, McCaskill says (TheHill) A bipartisan bill that would create a way to detect national security risks in the supply chain likely won’t be taken up this Congress, one of the legislation’s cosponsors said Wednesday.
How the Joint Staff’s cyber role has changed (Fifth Domain) The character of war is evolving, and so has the Joint Staff's part in integration efforts.
Facial recognition is becoming one of the 21st century’s biggest public space issues (Curbed) It’s about civil rights and the erosion of privacy in the public realm.
Navy appoints first W-1 officers in four decades. What’s next? (Navy Times) A trio of cyberwarriors will pin on the W-1 rank on Sept. 1, 2019, and the other three will join them a month later on the first day of the new federal fiscal year.
Four Steps to Fix the Security Clearance Backlog (Defense One) Clearance delays are hurting the aerospace industry — and national security.
Litigation, Investigation, and Law Enforcement
Second Canadian under investigation in China as diplomatic spat intensifies (CNN) A second Canadian is believed to have been detained in China in a potential act of retribution that threatens to escalate the diplomatic dispute between Washington, Beijing and Ottawa, following the arrest of a Chinese Huawei executive in Canada.
If China Hacked Marriott, 2014 Marked a Full-on Assault (WIRED) It increasingly appears that China was behind the Marriott hack, making 2014 a landmark year in cyberattacks against the US.
Marriott hotel cyber attack linked to Chinese spy agency (The Independent) Trump administration plans actions targetting China's trade, cyber and economic policies in coming days
Meng arrest and Huawei claims illustrate China’s high-tech dilemma (Asia Times) Trump weighs into the row after the Huawei senior executive is released on bail but Chinese companies are urged to follow international rules
Injured jihadist on the run after Strasbourg attack (Times) Hundreds of police across France and Germany were hunting last night for a 29-year-old man who killed at least two people while shouting Allahu akbar in the Christmas market in Strasbourg. Seven of...
Islamic State unleashes suicide bombers in Hajin, Syria (FDD's Long War Journal) In the past 24 hours, the Islamic State has conducted more than one suicide bombing against US-backed forces in Hajin, Syria. One Islamic State "martyr" blew himself up near the Hajin hospital, which became the scene of intense fighting earlier this week.
House Report Finds Equifax Picked Business Over Security (Decipher) The report from the House Oversight and Government Reform Committee on what happened at Equifax is case study in how a lot of small security and technology decisions can add up over time, with catastrophic results.
Equifax Breach Underscores Need for Accountability, Simpler Architectures (Dark Reading) A new congressional report says the credit reporting firm's September 2017 breach was 'entirely preventable.'
Analysis | The Cybersecurity 202: Republicans and Democrats are feuding over the Equifax breach (Washington Post) That doesn’t bode well for tougher security topics.