Cyber Attacks, Threats, and Vulnerabilities
DHS cybersecurity head says Russian hackers penetrated U.S. voting system (Seeking Alpha) The Department of Homeland Security’s head of cybersecurity tells NBC News that Russian hackers successfully penetrated the voter registration rolls of several U.S. states ahead of the last pre
'Fancy Bear' hackers took aim at US defense contractors (Fifth Domain) The hackers known as Fancy Bear, who also intruded in the U.S. election, went after at least 87 people working on militarized drones, missiles, rockets, stealth fighter jets, cloud-computing platforms or other sensitive activities.
North Korean APT Group Employed Rare Zero-Day Attack (Dark Reading) Recent Adobe Flash exploit discovered against South Korean targets likely purchased, not developed by the hacking group.
North Korea Might Be Behind The World's Largest Crypto Heist (ValueWalk) January’s Coincheck hack was the biggest crypto heist since the 2014 disappearance of about $470 million worth of Bitcoins from the Mt. Gox exchange. Coincheck, which halted withdrawals after detecting the infiltration on Jan. 26, said it was bolstering its security systems and that it would be resuming
McAfee Advanced Threat Research Warns of 2018 Winter Games Cyberattacks (BusinessWire) As the 2018 Winter Games quickly approach, McAfee, the leading device-to-cloud cybersecurity company, forewarns global fans, consumers, athletes and o
ShortJSRAT leverages cloud with scriptlets (Netskope) Netskope Threat Research Labs has identified a new malware named “ShortJSRAT” which uses a Windows script component scriptlet file with a .sct extension. The scripts we observed used cloud apps for delivering the next stage payloads. These payloads are executed using the “Squiblydoo” technique which use native windows applications to bypass application whitelisting solutions like...
Threat Spotlight: URSNIF Infostealer Malware (Cylance) URSNIF (Gozi) is a multifaceted malware family with an emphasis on information stealing that has been leveraged to exfiltrate sensitive data from targets, and has been particularly pervasive throughout 2016 and 2017.
Business Wire under sustained DDoS attack, traffic slowed (SC Media US) No client data is believed to have been compromised during a week-long DDoS attack on the Business Wire portal, the company's COO said in an alert.
BusinessWire Cyber-Attack (Information Security Buzz) In response to today’s Reuters report that global news distribution service BusinessWire, owned by Warren Buffett’s Berkshire Hathaway Inc., has been hit with a sustained distributed denial of service (DDoS) cyberattack that continued as of February 6, 2018, experts with Corero and Juniper Networks commented below. Stephanie Weagle, VP of Marketing at Corero Network Security: “Cyber attackers can quickly and easily launch a …
Kaspersky: Accidental DDoS attacks among top threats (CSO Online) Kaspersky Lab's Q4 2017 DDoS Intelligence Report found most DDoS attacks were sabotage and attempts to cash in on Bitcoin, but some were accidental attacks.
BrickerBot: Internet Vigilantism Ends Don't Justify the Means (Dark Reading) However noble the intention, obtaining unauthorized access to devices and making them unusable is illegal and undermines the work of ethical researchers.
Credential phishing kits target victims differently depending on location (Help Net Security) Credential phishing kits pose a serious risk. Not only can credential phishing scams easily impersonate another entity, but they can also lead to access to, and subsequent theft of, an organization's private data.
Hotspot Shield VPN flaw can betray users' location (Help Net Security) A Hotspot Shield VPN flaw can be exploited by attackers to obtain sensitive information that could be used to discover users' location and, possibly and ultimately, their real-world identity.
How to track smartphone users when they've turned off GPS (Help Net Security) As it turns out, turning off location services (e.g., GPS) on your smartphone doesn't mean an attacker can't use the device to pinpoint your location.
Malicious Reddit Clone Tricking Users Into Handing Over Logins - Information Security Buzz (Information Security Buzz) A malicious Reddit spoof site (Reddit.co) is convincing users to hand over their usernames and passwords. What’s particularly dangerous about this site is that it actually shows up as secure in your browser (image attached), as it has a valid SSL Certificate. Security experts at Venafi and RSA Security commented below. Azeem Aleem, Director, Advanced Cyber Defence Practice …
Reddit users, beware its evil twin (Naked Security) Unbeknownst to Reddit users, the site recently acquired an unwanted, evil twin
Water Utility in Europe Hit by Cryptocurrency Malware Mining Attack (eWEEK) Unauthorized cryptocurrency mining attacks come to industrial control systems for the first time, as cryptojacking attacks continue to expand.
When crypto-mining malware hits a SCADA network (Help Net Security) Radiflow has recently discovered Monero-mining malware on five servers of a water utility company. These servers included the HMI (Human Machine Interface), which was also the control server of the physical processes of the company.
Source code for iOS 9's 'iBoot' component reportedly leaks online (AppleInsider) Source code for what is claimed to be the iBoot component of Apple's iOS, software that handles secure booting of the operating system, was published on GitHub by an unknown party on Wednesday, a development that could lead to the discovery and exploitation of currently unknown vulnerabilities.
Tether critic's Twitter account suspended under questionable circumstances (Mashable) Was @Bitfinexed silenced by a powerful cryptocurrency exchange?
A Classic Scam Finds New Life Stealing Bitcoin on Twitter (WIRED) A new twist on the classic Nigerian Prince scheme has jumped from gaming communities to Twitter. And now it's spreading.
This Researcher Steals Data With Noise and Light (WIRED) Researcher Mordechai Guri has spent the last four years exploring practically every method of stealthily siphoning data off of a disconnected computer.
Twitter Is the Latest Platform to Ban AI-Generated P[0]rn (Motherboard) Deepfakes are in violation of Twitter’s terms of use.
YouTube Kids hasn’t cleaned up its act (Naked Security) YouTube is apologizing, again, uttering the tried-and-true “we have to do better.”
Kaspersky uncovers risks that expose gas stations to takeover (East African Business Week) Kaspersky Lab researchers have helped uncover a number of unknown vulnerabilities that have left gas stations around the world exposed to remote takeover, often for years
Updated: Harvey County target of cyber attack (The Kansan) Harvey County officials are not sure where a cyber attack against the county's computer network was launched from — nor exactly what attackers
Security Patches, Mitigations, and Software Updates
Intel releases new Spectre microcode update for Skylake; other chips remain in beta (Ars Technica) Previous microcode update was reported to cause unwanted system reboots.
XSS, SQL Injection Flaws Patched in Joomla (SecurityWeek) Joomla 3.8.4 includes over 100 bug fixes and improvements, and patches four XSS and SQL injection vulnerabilities
What Google’s Decision to Remove Trust from Symantec Certificates Will Mean for Certificate Authorities in 2018 (Venafi Media Alert) Venafi Media Alert: What Google’s Decision to Remove Trust from Symantec Certificates Will Mean for Certificate Authorities in 2018
Cyber Trends
Third party cyber breach risk set to rise (ComputerWeekly) Third party cyber security risk should always have been a priority, but this has never been more important than it is now in light of new technology risks and data protection regulations.
Questionable Interpretation of Cybersecurity's Hidden Labor Cost (SecurityWeek) Vendor report claims that a 2,000 employee organization spends roughly $16 million annually on Triaging threats.
Server-Side Exploits Dominate Threat Landscape and OT Vulnerabilities Rise 120 Percent Says Skybox Security's Inaugural Vulnerability and Threat Trends Report (Globe Newswire) Analysis of 2017 threat landscape trends shows that assets most difficult to patch are increasingly vulnerable
iovation Releases 2018 Gambling Industry Report (GlobeNewswire News Room) Analysis of 450 Million Online Gambling Transactions Offers Data-Driven Insights and Recommendations to iGaming Operators and Platform Providers
Businesses fail to close the gap on exploits (ITWeb Technology News) The median total cost of a ransomware attack in SA is around R1.7 million.
Agari and Farsight Security Reveal Global Domains Vastly Vulnerable to Phishing and Fraud (BusinessWire) Agari Email Threat Center indicates 90 percent of brands beset by domain name fraud; Farsight Security finds 99 percent of domains are not protected by DMARC
Over half of Polish companies have suffered cyber attack: report (Polskie Radio dla Zagranicy) More than half of Polish companies have been hit by a cyber attack at some stage, while only one in three say they have a sufficient level of security, according to a study.
Washington, New Hampshire, and Virginia Were the Most Malware Infected States in 2017 (Enigma Software Group USA LLC) The states of Washington, New Hampshire, and Virginia had the highest malware infection rates in the United States in 2017...
Marketplace
The Simulated Phishing Market Enters Early Adolescence (KnowBe4) The Simulated Phishing Market enters early adolescence
Microsoft CEO Satya Nadella: The technology industry can't shrug off possible job losses from A.I. (CNBC) Nadella has refocused the company on high-growth businesses like the Surface computer and Azure cloud, and has made splashy acquisitions.
Ukraine Power Distro Plans $20 Million Cyber Defense System (Dark Reading) After NotPetya and severe blackouts, Ukrenergo responds with an investment in cybersecurity.
Crypto prices mount a comeback following huge losses (TechCrunch) What goes up, must go down... what does down, must go up...? After a big and bloody plunge this week -- which saw the price of bitcoin touch a two-month low..
Post-Holiday Crash: The crypto questions we're all asking (International Business Times UK) Brave New Coin CEO Fran Strajnar announces the General Taxonomy for Cryptographic Assets, a framework that will make it easier to analyse data.
European Cops Welcome Spy Vendor That Sold to Assad Regime (Motherboard) A company fined for exporting surveillance tools to Syria was invited to speak at a European police conference.
How a Tiny Startup Became the Most Important Hacking Shop You’ve Never Heard Of (Motherboard) Inside the secretive industry that helps government hackers get around encryption.
Fulcrum buys PTR to expand R&D, intell work (Washington Technology) Fulcrum IT Services acquires The PTR Group to grow research-and-development work and services to intelligence agencies.
Singtel Innov8 backs 'deception tech' firm Attivo Networks for APAC expansion (Security Brief) Singtel Group’s venture capital arm Singtel Innov8 is backing US ‘deception technology’ firm Attivo Networks through an undisclosed amount of funding.
Akamai Targets Rising: CEO Leighton Discusses Diversification (Barron's) Shares of Akamai, which facilitates the movement of bandwidth-heavy content, are on the march as analysts raise their price targets following the company's better-than-expected quarterly report. CEO Tom Leighton makes the case for Akamai's increasing diversification in its lines of business, especially security, though bearish observers insist the business is still "structurally challenged."
Cisco or FireEye: Which Is the Better Cybersecurity Play? (The Motley Fool) There is a clear winner in this David vs. Goliath showdown.
CrowdStrike Expands Partner Footprint On the Heels of Record Growth in APJ (Digital Journal) CrowdStrike today announced massive expansion of its partner ecosystem, operations,
Infoblox Appoints Brad Bell as Chief Information Officer (PR Newswire) Infoblox Inc., the network control company that provides...
SlashNext Expands Executive Leadership Team with Security and SaaS Industry Sales Veteran Ed Greene (Business Insider) SlashNext, provider of fourth-generation Internet security solutions, today announced Ed Greene is joining its executive team to lead its sales organization as Senior Vice President of Worldwide Sales.
Eric Trexler Joins Forcepoint as Global Governments & Critical Infrastructure Sales VP (GovCon Wire) Eric Trexler, formerly executive director for civilian and national security programs at McAfee, has
Keysight chooses new head of Ixia Group (RCR Wireless News) Keysight Technologies has made its choice for the new president of its Ixia Group, and interim group President Mark Pierpoint will officially take the role of president for the long term.
Managing cyber risk: Cyber deception company Cymmetria announces the appointment of Marcus Alldrick as Chief Risk Officer (ResponseSource Press Release Wire) Cymmetria, a developer of comprehensive cyber deception solutions, today announced the appointment of Marcus Alldrick, who is joining Cymmetria as Head of Risk. Alldrick comes to the position with yea...
EFF founder and internet activist John Perry Barlow has died (TechCrunch) John Perry Barlow has one of those resumes that seems too surreal to possibly be true. Entertainment sites are lamenting the loss of a poet turned Grateful..
Products, Services, and Solutions
Cylance Releases New Prevention-Focused Security Solutions (Cylance) Cylance is pleased to announce new releases of their prevention-focused security products, CylancePROTECT® and CylanceOPTICS™, delivering capabilities designed to further decrease the noise and clutter of the security stack.
French cyber security arms itself with a new threat intelligence (ThreatQuotient) ThreatQuotient's threat intelligence management platform has been operational since the summer. Usage of its output has yet to become standard, but the first benefits can already be seen.
Dimension Data | Dimension Data Adopts Cisco Umbrella in Its Cybersecurity Strategy (RealWire) Umbrella proactively stop threats before they happen on Dimension Data’s internal systems and any mobile device used by its employees
Hacker-Powered Security without Compromise (Synack) Security Testing - Powered by Hackers - Without Compromise. We don't compromise trust, consistency, or incentives. For the customer's and the hacker's sake.
Fordham IT Announces Plans to Add Another Layer to Password Protection (Rival) Last March, Fordham Information Technologies launched Multi-Factor Authentication to provide an additional layer of security to all password-protected online ac…
Google Expands Play Marketplace Bug Bounty Program (Threatpost) The move adds to Google's efforts against malicious apps on the Play store.
Technologies, Techniques, and Standards
Navy’s new weapon of choice? Information (C4ISRNET) Three Navy leaders explain how the service prepares to stitch together operational domains and train next-gen information warriors.
What Cloud Storage Providers Offer Small Businesses (Clutch) Cloud storage offers small businesses new features, better security, and greater access to data.
Too Busy To Train? The Navy’s Cyber Dilemma (Breaking Defense) The Navy’s overworked IT teams need new “virtual training tools” and more time to train, especially for all-out cyber/electronic warfare against a high-end adversary, the commander of Naval Information Forces said here Tuesday.
Air Force to begin cyber squadron roll out in 2018 (Fifth Domain) The Air Force is rolling out the next phase of its initiative that aims to protect the critical Air Force-specific missions that ensure cyber threats are thwarted.
5G Network – Will The USG Throw It’s Hat into the Ring? (CyberDB) According to recent reports, the United States government is considering building a 5G network, a step designed to bolster the country’s cyber security posture and guard against attacks, particularly from nation states believed to be conducting hostile acts of espionage.
Design and Innovation
Google executives are floating a plan to fight fake news on Facebook and Twitter (Quartz) An extension to Google's Chrome browser could alert users on Facebook's and Twitter's websites.
Does the US Army need a strategy to counter AI? (C4ISRNET) The Army general in charge of standing up the service's Futures Command suggests the service consider a counter-artificial intelligence strategy along with AI development.
The nontechnical risk for the Pentagon’s AI plans (C4ISRNET) Technological hurdles remain, of course. But getting buy-in from the users may be the hardest part.
Army Developing Expeditionary Cyber-Electromagnetic Teams to Support Tactical Commanders (DVIDS) U.S. Army Cyber Command is deploying Expeditionary Cyber-Electromagnetic Activities (CEMA) Teams (ECTs) to support tactical commanders at National Training Center (NTC) rotations and their CEMA operations have tried to replicate real-world operations support through the cyberspace domain.
The future of cyber training might mean going inside a virtual network under attack (Federal Times) Raytheon is developing a virtual reality solution for training cyber warriors.
Should Data Scientists Adhere to a Hippocratic Oath? (WIRED) As concerns mount over the uses of data, some in the field are trying to forge ethical guidelines.
'Humans Not Invited' Is a CAPTCHA Test That Welcomes Bots, Filters Out Humans (Motherboard) FINALLY, A PLACE WHERE FELLOW ROBOTS CAN CONVENE WITHOUT SENTIENT MEAT BAGS.
Research and Development
What is quantum supremacy? The future of quantum computers relies on it (Alphr) The race to quantum supremacy is on, with researchers claiming their machines will manage tasks beyond any modern rival
Academia
Investigating the Dark Web: Carlow University and NCFTA Fight Cyber Crime (Carlow University) Carlow University and NCFTA fight cyber crime through a new graduate MicroMaster's certificate in Cyber Threat Research and Analytics.
Legislation, Policy, and Regulation
Senators propose bill to block U.S. from using Huawei, ZTE equipment (Reuters) Two Republican Senators introduced legislation on Wednesday that would block the U.S. government from buying or leasing telecommunications equipment from Huawei Technologies Co Ltd or ZTE Corp, citing concern the Chinese companies would use their access to spy on U.S. officials.
Tillerson proposes Cyberspace and Digital Economy Bureau to address security, policy creation (TechRepublic) The new bureau would aim to lead international diplomatic efforts involving all aspects of cyberspace.
The Argument Against a Mobile Device Backdoor for Government (SecurityWeek) Just as the scope of 'responsible encryption' is vague, so too are the technical requirements necessary to achieve it
Litigation, Investigation, and Law Enforcement
U.S. shuts down cyber crime ring launched by Ukrainian (Reuters) The U.S. Justice Department announced one of its largest-ever takedowns of a global cyber crime ring on Wednesday, saying it had indicted 36 people accused of trafficking in stolen identities and causing more than $530 million in losses to consumers.
World Police Take Down "Infraud" Carding Operation (BleepingComputer) The US Department of Justice (DOJ) has charged 36 suspects for their role in Infraud, a cyber-criminal organization that has been involved in the acquisition, sale, and dissemination of stolen identities, stolen debit and credit card data, personally identifiable information (PII), financial and banking information, computer malware,
Justice Dept. charges 36 alleged scammers for $530 million cyber-fraud scheme (ZDNet) Prosecutors said the case is "one of the largest cyber fraud enterprise prosecutions ever undertaken" by the Justice Department.
British man wanted by US for role in $560m cyber crime (The Telegraph) A British man is being sought by US authorities in connection with an international gang accused of committing £380 million in cybercrime fraud.
Hackers From Florida, Canada Behind 2016 Uber Breach (SecurityWeek) The massive 2016 breach that Uber covered up for more than a year was the work of a couple of individuals from Canada and Florida
Waymo v. Uber Is Looking a Little More Spy vs. Spy (WIRED) A calm Travis Kalanick waves away suspicious communications, and Waymo doesn't quite connect the dots.
DDoS attacks: How an 18-year-old got arrested for trying to knock out systems (ZDNet) After a wave of denial-of-service attacks stretching back to September, Netherlands police have made an arrest.