Cyber Attacks, Threats, and Vulnerabilities
3 leaked NSA exploits work on all Windows versions since Windows 2000 (CSO Online) The EternalSynergy, EternalRomance, and EternalChampion exploits have been reworked to work on all vulnerable Windows versions: Windows 2000 -- Server 2016.
WannaMine and Smominru: The cryptocurrency botnets causing havoc (Silicon Republic) Two botnets that hijack machines to mine the cryptocurrency Monero are causing major problems around the world.
Smominru Botnet Infected Over 500, 000 Windows Machines (Information Security Buzz) News broke yesterday that over 526,000 Windows computers —mainly Windows servers— have been infected with Monero mining software by a group that operates the biggest such botnet known to date. This group’s operations have been known to security researchers since last year, and various companies have published reports on its activity. Because the botnet is so massive …
Bot Hacked Over $3m Worth of Monero from 500m Computers (The Market Mogul) A bot which infected 500,000 computers has earned the hackers responsible over $3m from mining cryptocurrency. Since last May, the crypto-botnet Smominru has infected computers and hijacked their processing power to generate as much as $3.6m of altcoin Monero, according to a researcher’s blog post published by security firm, Proofpoint. The researcher, who went under the name […]
Mac crypto miner distributed via MacUpdate, other software download sites (Help Net Security) Software download site/aggregator MacUpdate has been spotted delivering a new Mac crypto miner to users. The malware has been bundled with decoy copies of Firefox, OnyX, and Deeper.
MacUpdate Hacked to Distribute Mac Cryptocurrency Miner (HackRead) Another day, another cryptocurrency miner targeting users - This time, MacUpdate site has been hacked to drop cryptocurrency miner on Mac devices.
New Monero Crypto Mining Botnet Leverages Android Debugging Tool (Threatpost) The botnet uses port scanning code from Mirai, a first for Android-related attacks, according to researchers.
Fake Adobe Flash Update Sites Pushing CPU Miners (BleepingComputer) Sites telling you that Flash Player is out dated and then offering an update are installing CPU Miners are unsuspecting visitors.
How Cryptocurrency Mining Software Is Turning Into Malware (247wallst.com) Software designed for mining cryptocurrencies is also being used by cybercriminals to create botnets of PCs from unsuspecting victims. The only thing stolen -- so far -- is processing power from which the crook makes money and the victim gets nothing but a computer that runs more slowly.
Few Meltdown, Spectre Malware Attacks Are Being Reported (eWEEK) Meltdown and Spectre malware samples emerge, though few attacks follow; the new Cisco Container Platform will support Kubernetes Orchestrator; threats to industrial control systems grow as vulnerabilities increase; and Microsoft Azure cloud revenue nearly doubles in Q2 2018.
Covert Data Channel in TLS Dodges Network Perimeter Protection (Threatpost) Researchers have found a new covert data exchange technique that abuses the TLS protocol that can circumvent traditional network perimeter protections.
Did the government’s acquisition training website have a cyber incident? (FederalNewsRadio.com) The Federal Acquisition Institute Training Application System (FAITAS) has been unavailable for civilian agencies for more than a month.
NHS Trusts Have All Failed Cyber Essentials — Report (Infosecurity Magazine) NHS Trusts Have All Failed Cyber Essentials — Report. Best practice security still eluding UK healthcare
Boomerang spam bombs Malwarebytes forum—not a smart move (Security Boulevard) Boomerang Tech solutions had trouble configuring their spambots, thus dropping a few spam bombs on Malwarebytes forums. Watch us catch them red-handed in a scammer call. Categories: Cybercrime Social engineering Tags: BoomerangforumsMBAMspamTSS (Read more...) The post Boomerang spam bombs Malwarebytes forum—not a smart move appeared first on Malwarebytes Labs.
T-Mobile Is Sending a Mass Text Warning of ‘Industry-Wide’ Phone Hijacking Scam (Motherboard) Cybercriminals are increasingly targeting people’s phone numbers, hijacking and then using them to access people’s bank or social media accounts.
Over 12,000 Business Websites Leveraged for Cybercrime (Dark Reading) Attackers exploit trust in popular websites to launch phishing campaigns and spread malware.
Facebook Is Investigating Bitcoin Ads Bypassing Its New Ban (Motherboard) It appears some ads have already found simple workarounds.
Would You Have Spotted This Skimmer? (KrebsOnSecurity) When you realize how easy it is for thieves to compromise an ATM or credit card terminal with skimming devices, it’s difficult not to inspect or even pull on these machines when you’re forced to use them personally — half expecting something will come detached.
Security Patches, Mitigations, and Software Updates
Cisco issues new, complete fixes for critical flaw in enterprise security appliances (Help Net Security) Cisco researchers have identified additional attack vectors and features that are affected by the "perfect 10" remote code execution and denial of service vulnerability they attempted to patch last Tuesday.
Oracle patches POS vulnerability affecting 300,000 systems (SC Media US) Oracle recently patched a Micros point-of-sale vulnerability which could have allowed an unauthenticated attacker to read any file and receive information.
Flaw in Grammarly's extensions opened user accounts to compromise (Help Net Security) A vulnerability in the Grammarly Chrome and Firefox extensions allowed websites to read users' authentication tokes and use to them to log in to the users' Grammarly accounts and access all the (potentially sensitive) information held in them.
Cyber Trends
IT Security TCO: Uncovering the Hidden Costs of Detection-based Security (Bromium) Do you know what your detection-based cybersecurity is really costing your enterprise? Bromium uncovers hidden costs—$16.7M per year—for a 2,000-person organization.
Over 5,200 Data Breaches Make 2017 An Exceptional Year For All The Wrong Reasons (Risk-Based Security) In an all too common refrain, 2017 claims the dubious record of the most breaches and most records compromised in a year.
2017 Smashed World's Records for Most Data Breaches, Exposed Information (Dark Reading) Five mega-breaches last year accounted for more than 72% of all data records exposed in 2017.
Identity Fraud Hits All-Time High in 2017 (Dark Reading) Survey reports that the number of fraud victims topped 16 million consumers last year, and much of that crime has moved online.
How Much Do Healthcare Data Breaches Cost Organizations? (HealthITSecurity) Disaster recovery planning, employee training, and DLP solutions are key ways to prevent and respond to healthcare data breaches.
Data and analytics maturity: Most organizations should be doing better (Help Net Security) 91 percent of organizations have not yet reached a transformational level of maturity in data and analytics, despite this area being a number one investment priority for CIOs in recent years.
Marketplace
MY TAKE: Epiphany strikes Amazon, Google, Microsoft about who bears burden for cloud security - Security Boulevard (Security Boulevard) Amazon and Google last week very quietly made some moves that signal they’ve been hit by the identical epiphany: they each need to do a helluva lot more to secure cloud computing. Microsoft was hit by this lightning bolt about a year ago. The Redmond giant all through 2017 took pronounced steps to relieve users
Buyouts, Product Launches to Fuel FireEye (FEYE) Q4 Earnings (NASDAQ.com) FireEye Inc. FEYE is slated to release fourth-quarter 2017 results on Feb 8. The question lingering in investors' minds is if this cybersecurity.
IGEL Marks Record Software Sales Growth for the Year Ended 2017 (IGEL) IGEL announced record results for 2017 with 74% revenue growth in the U.S., year-over-year. Growth was significantly driven by record software sales, which were up 589% in the U.S., specifically, including sales for IGEL’s Universal Desktop Converter™ (UDC) and UD Pocket™ solutions.
Tracking Tenable's Growth To IPO-Sized Revenue (Crunchbase News) Now we all know that not only can SaaS transitions work, but they can work at scale. That and the cybersecurity sector is hardly dead.
3 Firewall Stocks to Consider Buying (The Motley Fool) Fortinet, Palo Alto Networks, and Check Point Software will be protecting data for years to come, and demand for their services is only growing.
Booz Allen takes on growth and the talent challenge (Washington Technology) Booz Allen Hamilton's employee mix is shifting as the company moves deeper into its Vision 2020 strategy.
Why Bitcoin and other cryptos can't scale like Silicon Valley tech (TheStreet) Cryptocurrencies and their underlying technology can't be compared to other industries, Coindesk's head of research tells TheStreet.
Business Update: Forcepoint Global Governments & Critical Infrastructure (Forcepoint) Forcepoint continues its focus on the unique needs and challenges found in the most highly regulated and mission-critical sectors. After over 20 years of protecting US and Five-Eyes critical classified information and networks, Forcepoint expanded the government business charter to bring human-centric cybersecurity to governments around the world in 2017.
Startup Studio DataTribe Launches Inaugural Cyber Funding Competition - The DataTribe Cyber Crucible (TheStreet) Winners Will Be Eligible For Up To $2 Million in Seed Financing, Potentially Millions More in Series A Venture Capital
Willis Towers Watson bolsters UK cyber offering with new cyber leader appointment (GlobeNewswire News Room) Leading global advisory, broking and solutions company, Willis Towers Watson (NASDAQ:WLTW), today announced the appointment of Tim Rees as Client Engagement and Strategy Leader for the UK Cyber Risk Solutions business.
Products, Services, and Solutions
SonicWall Invents New Real-Time Deep Memory Inspection Technology (RTDMITM) Also Effective Against Meltdown Processor Vulnerability (SonicWall) New Capture Cloud Platform engine builds on SonicWall’s extensive history and innovation in machine learning, artificial intelligence
Businesses with Apple and Cisco products may now pay less for cybersecurity insurance (TechCrunch) Apple and Cisco announced this morning a new deal with insurer Allianz that will allow businesses with their technology products to receive better terms on..
Apple, Cisco team up with insurance companies to offer cyber policy di (Reuters) Apple Inc and Cisco Systems Inc have teamed up with insurer Allianz SE to offer discounts on cyber insurance to businesses that primarily use equipment from both technology companies, they said on Monday.
SecValMSP Releases Risk as a Service to Hospitality (PR Newswire) SecValMSP a leading managed security services provider is pleased to...
Orange Cyberdefense Launches “Mobile Threat Protection”, A New Offer to Protect Mobile Device Fleets from Cyberattacks - Press Release - Digital Journal (Digital Journal) Point Software Technologies have teamed up to deliver a new Orange
Thales Highlights Integrated Aviation Cybersecurity (Aviation Week) Thales is keen to emphasize the importance of integrating cybersecurity thinking across all parts of the aviation ecosystem - civil and military, in the air or on the ground.
Visuality Systems Releases Java Client 'Server Message Block' (SMB) Supporting The Latest SMB Dialects (Yahoo! Finance) Visuality Systems has taken the initiative to develop and provide Java developers with the latest implementation of the Microsoft SMB file sharing connectivity, jNQ™.
What does the MobileIron and Google Orbitera partnership mean? (BrianMadden.com) MobileIron and Google Cloud Orbitera are partnering to provide white label cloud commerce and service management.
How a company founded by ex-spies uses AI to fight hackers (CNN) Cybersecurity firm Darktrace uses artificial intelligence to stop cyber attacks before they even start.
Technologies, Techniques, and Standards
Defense, civilian contractors laying groundwork to implement NIST information-sharing framework (FederalNewsRadio.com) It's a long road ahead, but federal agencies and contractors are laying the groundwork to implement NIST'S latest framework to protect federal information.
Phishing attacks: How hunting down fake websites is making life harder for hackers (ZDNet) A new approach to phishing URLs and scam emails is helping to reduce the window of opportunity for cyber-attackers -- but the fight isn't over yet.
Threat Hunting and Defensive Tools Government Could Use (Nextgov.com) New tech designed for cyber defense could help the government make up for lack of personnel.
NATO’s Crossed Swords exercise preps cyber warriors (Fifth Domain) NATO members are concerned their networks will be vulnerable to increasingly dynamic cyberthreats.
What You Should Know Before You Put Your GDPR Program in Motion (Security Intelligence) Organizations should take these steps to put their GDPR readiness plans in motion and make the transition as smooth as possible once the regulation takes effect in May.
Invest in the First Line of Defence (Infosecurity Magazine) How to create a culture of an informed, empowered and committed workforce, fully appreciative of the threat and knowledgeable of the signs of concerning behaviors.
Design and Innovation
French intelligence agency wants AI to help sort masses of raw data (C4ISRNET) The challenge is to assess, acquire and integrate those offerings into existing systems.
Health tech and open source– what should manufacturers do to keep medical devices safe? (Medical Plastics News) Mike Pittenger, Black Duck Software, advises device manufacturer on how way medical device security can be extended to open source.
Research and Development
Scilla: a Smart Contract Intermediate-Level LAnguage (Arxiv) Automata for smart contract implementation and verification
DARPA’s $200 Million JUMP Into Future Microelectronics (The Next Platform) DARPA has always been about driving the development of emerging technologies for the benefit of both the military and the commercial world at large. The De
Academia
10 schools stand out in latest Military Times ranking of cybersecurity programs (Navy Times) Syracuse University topped the list of Military Times’ latest batch of rankings of the best cybersecurity programs for veteran and military-connected students.
ERAU adds graduate cybersecurity program (The Daily Courier) Responding to an increased demand for cybersecurity professionals in Arizona and across the country, the College of Security and Intelligence at Embry-Riddle Aeronautical University’s Prescott campus has announced plans to offer a Master of Science in cyber intelligence and security.
Legislation, Policy, and Regulation
China's Surveillance State Should Scare Everyone (Defense One) The country is perfecting a vast network of digital espionage as a means of social control—with implications for democracies worldwide.
Battle for data rages between China and US- Nikkei Asian Review (Nikkei Asian Review) In the future there will be no concept of "made in China" or "made in America," because everything will be "made on the interne
French official details intelligence-sharing relationship with Five Eyes (Defense News) France joined that high-level group about a year ago, reflecting a strengthening of ties between Paris and Washington.
Why the Russian Government Turns a Blind Eye to Cybercriminals (Slate Magazine) Russia doesn’t just ignore cybercrime—it supports it, in many cases.
Why DoD leaders are increasingly worried about the ‘gray zone’ (C4ISRNET) The wide availability of commercial technologies to militaries and nonstate groups provides ample openings for competitive actions below the threshold of war, escalating the opportunities for a more traditional conflict.
DOD's nuclear posture review includes tougher cyber defenses (InsideDefense.com) The Pentagon's updated Nuclear Posture Review includes steps for strengthening the military's cyber defenses, as President Trump is calling for an increase in spending to modernize the nation's nuclear arsenal, Inside Cybersecurity reports.
‘The Hairs Really Went Up on the Back of Our Necks’ (POLITICO Magazine) Former top diplomat Victoria Nuland tells the story of how she pushed the Obama administration to do more to stop Russian hacking.
McCaul calls on the Senate to act on cyber bills (FCW) House Homeland Security Committee Chairman Michael McCaul (R-Texas) urged the Senate to move on restoring the State Department's cyber office and reorganizing DHS' National Protection and Programs Directorate.
Lawmakers: Cyber warfare skills critical for future military, homeland security (Stars and Stripes) Several lawmakers on Monday agreed skills for cyber warfare, such as developing artificial intelligence, will be key for the military and other domains charged with protecting the homeland in the future.
Army announces new cyber policy head (Fifth Domain) Brig. Gen. Jennifer Buckner has been selected to lead the Army’s cyber directorate within the G-3/5/7.
The threat to Finland's cyberdefense? Private-sector salaries (Fifth Domain) The Finnish Armed Force’s cyber unit is struggling to recruit the top-tier expertise it needs largely due to the prospect of lower salaries in government than in the private sector.
Here’s Ajit Pai’s “proof” that killing net neutrality created more broadband (Ars Technica) Pai's FCC takes credit for broadband deployments that began under Obama.
ISPs must follow net neutrality in New Jersey, governor declares (Ars Technica) ISPs can’t block or throttle traffic if they sell broadband to state agencies.
Litigation, Investigation, and Law Enforcement
China launches salvo against “network navy” of trolls who spread fake news (Ars Technica) More than 200 arrests, thousands of accounts and websites seized for "illegal speculation."
Mystery of suspected China-CIA spy draws lawmaker scrutiny (POLITICO) "We need answers from the FBI about why this wasn’t prevented," Senate Judiciary Chairman Charles Grassley says.
Bob Mueller’s Investigation Is Larger—and Further Along—Than You Think (WIRED) We speak about the “Mueller probe” as a single entity, but it’s important to understand that there are no fewer than five separate investigations under the broad umbrella of the special counsel’s office.
Nunes memo raises question: Did FBI violate Woods Procedures? (TheHill) The bureau may have violated the protocols for obtaining a FISA warrant to spy on Trump's campaign staffer.
Opinion | The Nunes memo revealed a damning omission (Washington Post) It will have long-term consequences for the warrant application process.
Dossier author Steele wrote another anti-Trump memo; was fed info by Clinton-connected contact, Obama State Department (Washington Examiner) The newly released document is an unclassified and heavily redacted version of the criminal referral targeting Steele filed on Jan. 4 by Rep...
Edward Snowden takes on Joe Scarborough over Nunes memo (Newsweek) The pair entered into an unexpected Twitter debate.
This May Be the Most Important Federal Judge You've Never Heard Of (LifeZette) He's refusing to let Americans see former FBI Director James Comey's memos about his talks with President Donald Trump
Newsweek Guts Its Top Edit Staff Amid Legal Turmoil (The Daily Beast) Staffers who spoke to The Daily Beast on condition of anonymity pointed out that the fired editors had all published pieces reporting on the company’s recent troubles.
UK data protection authority issues record fines (Help Net Security) Since August 2015, The UK's independent authority, The Information Commissioner's Office, has fined 104 organisations a total of £8.7 million for breaches in data security and anti-spam regulations.
An ‘Iceberg’ of Unseen Crimes: Many Cyber Offenses Go Unreported (Mew York Times) The country’s crime classification system is antiquated. Police commanders struggle with no data on an array of technology-based crimes.
Ex-Brooklyn Prosecutor Convicted of Illegal Wiretaps Sentenced to Prison Time (New York Law Journal) A former Brooklyn prosecutor who admitted to forging judicial orders to run illegal wiretaps on a fellow prosecutor and a New York City police detective has been sentenced to one year in prison.
Former PA intel chief files complaint against security forces, phone companies (The Jerusalem Post) Tawfiq al-Tirawi said the PA security services have no reason to wiretap his phone and have not received legal permission to undertake such a measure.
Super Bowl national security docs left on plane (CNN) Sensitive DHS reports about protecting the Super Bowl from terrorism were found in the seat-back pocket on a commercial airplane flight.
Two Suspects Arrested in 'Jackpotting' Attack in Connecticut (Dark Reading) The men were charged in federal court for alleged bank fraud using malware that empties cash from ATM machines.