Cyber Attacks, Threats, and Vulnerabilities
‘Olympic Destroyer’ Cyberattack Disrupted Pyeongchang Opening Ceremony (Variety) Hackers targeting the 2018 Winter Olympic Games managed to disrupt internet and TV operations during Friday’s opening ceremony using malware dubbed “Olympic Destroyer” …
Olympic Destroyer Data-Wiping Malware Is More Complex Than Previously Thought (BleepingComputer) The Olympic Destroyer malware that has caused damage to PyeongChang 2018 Winter Olympics computer networks is much more complex than previously thought.
Hackers Hit Winter Olympics in Attempt to Shame Organizers (Bloomberg.com) A cyberattack paralyzed internet networks at the opening ceremony of the Pyeongchang Winter Olympics in what appeared to be a bid to embarrass the organizers.
Winter Olympics hacked: Was it just disruptive or something more sinister? (Security Brief) The Winter Olympics recently fell victim to a cyberattack which seemed to be just a disruption, but this expert says there could be more behind it.
Cyber Threats to the 2018 Winter Olympics (Booz Allen Cyber4sight) Eleven-time U.S. Olympic medalist Mark Spitz once said, "If you failed to prepare, you're prepared to fail."
Russian actors mentioned as possibly launching Olympics cyber-attack (SC Media UK) Industry executives have gathered evidence showing the culprit behind the cyber-attack that hit the 2018 Winter Olympics might be a Russian group.
Attribution Games: Don't Rush to Blame (BankInfo Security) Following the online attack against the opening ceremonies of the Olympic Winter Games in South Korea, some pundits were quick to guess that Russia was involved. But some attribution experts call the rush to attribute any cyberattack premature or even "irresponsible."
Don’t cave in to Kremlin, Russia’s opposition leader Alexei Navalny tells tech giants (Times) Russia’s opposition leader has urged Google and Facebook to refuse Kremlin demands to block his latest investigation about a government official meeting an oligarch on a yacht with a group of...
Russia, Iran and North Korea Bolder in Cyber Realm (SIGNAL) The intelligence community delivers the annual threat assessment to Congress.
Russia Sees Midterm Elections as Chance to Sow Fresh Discord, Intelligence Chiefs Warn (New York Times) As the midterm elections approach, Russia is likely to throw more propaganda at Americans in an effort to deepen political divisions, American intelligence chiefs said.
5 Takeaways From the Worldwide Threats Briefing (WIRED) In a Senate hearing Tuesday, the heads of the three-letter intelligence agencies detailed their greatest concerns.
Salon website gives you a choice: turn off your ad blocker or let us mine cryptocurrencies (Graham Cluley) If you don't want to disable your ad blocker, maybe you'll feel comfortable letting Salon.com run code from Coinhive which will gobble up your computer's resources to mine some Monero cryptocurrency.
Newest Powerful Malware Threat Compromises Chinese, US Company Data (Digital Journal) CyberByte, the leading Romania-based cybersecurity and software solutions firm, has recently uncovered yet another powerful malware threat that has encroached upon numerous companies across Asia and the United States. This latest malware campaign, which goes by the name of Operation PZChao, has been indiscriminately affecting companies in the education, government, technology and telecommunications sectors and are located in the aforementioned geographical areas, scraping passwords, performing Bitcoin mining, and providing hackers with complete remote access and control of infected systems.
New AndroRAT Variant Emerges (SecurityWeek) A newly discovered variant of the AndroRAT mobile malware can inject root exploits to perform malicious tasks
Zero-Day in Telegram's Windows Client Exploited for Months (SecurityWeek) A zero-day vulnerability impacting Telegram Messenger’s Windows client had been exploited in malicious attacks for months before being discovered and addressed.
Kaspersky Says Telegram Flaw Used for Cryptocurrency Mining (Bloomberg.com) Hackers have been able to exploit a vulnerability in the Telegram messaging app’s desktop client to earn units of cryptocurrencies such as Monero and ZCash, according to Kaspersky Lab.
Telegram 0-Day Used to Spread Monero and Zcash Mining Malware (BleepingComputer) Malware authors have used a zero-day vulnerability in the Windows client for the Telegram instant messaging service to infect users with cryptocurrency mining malware, researchers from Kaspersky Lab plan to reveal today.
Critical Telegram flaw under attack disguised malware as benign images (Ars Technica) If you haven’t updated your Windows app lately, now would be a good time.
IT Pros: IoT Devices Most Vulnerable to Wi-Fi Attacks (Infosecurity Magazine) 92% of IT pros concerned about risks of using public Wi-Fi on company-owned devices
Email Fraud Attackers Grow More Sophisticated as the Average Number of Identities Spoofed per Organization Doubled in Q4 (Proofpoint) Proofpoint conducted extensive research to assess the state of email fraud in 2017. We analyzed a larger email fraud dataset than ever before, including more than 160 billion emails sent to more than 2,400 companies, spanning 150 countries.
A year after University email hacking, “Wildfire” email sparks further internet security concerns (The Michigan Daily) A year after hackers sent racist and anti-Semitic emails to engineering and computer science students, the University is still dealing with concerns regarding internet security — especially in the context of accurate security alerts reaching students on campus.
Hacker extracts customer data from Canadian Telecom Firm after rebuttal (HackRead) A hacker who found critical vulnerability in Canadian Freedom Mobile has no downloaded the customer data.
Shedding tears over WannaCry (Sungard Availability Services) WannaCry ransomware crippled organizations in more than 150 countries worldwide. Here are some proactive measures to guard against a cyber-attack.
From Vietnam without love: Asia Pacific's next cyber attack hub (Security Brief) Vietnam may be called the next Silicon Valley for its technology prowess, but for the first time it is now one of the top five cyber attack sources.
How to not fall victim to a 'spoofing' cyber attack (Western Mass News) In an exclusive interview, Holyoke’s City Treasurer told Western Mass News she fell victim to a $10,000 cyber attack.
How to prove and fight online dating and romance scams (CSO Online) Friends and family of romance scam victims sometimes call on security pros to prove their online loves are not who they claim to be. Here's how to handle the case the right way.
Love letters from a Black Hat to all the fools on the Internet (Help Net Security) As an underground, "black hat" hacker, I don't have time for significant others. This Valentine's Day I want to show my appreciation by sending love letters to all those ignorant fools on the Internet that pay my bills by making the same mistakes over and over.
Security Patches, Mitigations, and Software Updates
Microsoft Patch Tuesday, February 2018 Edition (KrebsOnSecuirty) Microsoft today released a bevy of security updates to tackle more than 50 serious weaknesses in Windows, Internet Explorer/Edge, Microsoft Office and Adobe Flash Player, among other products. A good number of the patches issued today ship with Microsoft’s “critical” rating, meaning the problems they fix could be exploited remotely by miscreants or malware to seize complete control over vulnerable systems — with little or no help from users.
Microsoft February Patch Tuesday Fixes 50 Security Issues (BleepingComputer) Microsoft has released the February 2018 Patch Tuesday security updates, and this month's release comes with fixes for 50 vulnerabilities, along with additional patches for the Meltdown and Spectre vulnerabilities (ADV180002).
Adobe Patches 39 Vulnerabilities in Acrobat and Reader (SecurityWeek) Adobe patches 39 vulnerabilities in Acrobat and Reader, and two flaws in Experience Manager. No exploits in the wild
Microsoft to provide Windows Defender ATP for older OS versions (Help Net Security) Microsoft will backport Windows Defender ATP to meet the security needs of organizations that have not yet entirely switched to Windows 10.
Syncsort State of the Mainframe Report Reveals Focus on Improving Performance and Controlling Costs Across Full IT Environment (Syncsort) Uncovers five major trends; highlights data infrastructure optimization use cases and challenges from mainframe to the cloud
Carbonite acquires Mozy from Dell for $145.8 million (ZDNet) Carbonite also reported mixed Q4 and full year earnings.
Blueliv Secures €4M in Series A Funding (FinSMEs) Blueliv, a Barcelona, Spain-based provider of enterprise-class cyberthreat intelligence solutions, raised €4m in Series A funding
Deepfence Emerges from Stealth with Container Security Platform (eWEEK) New container security startup emerges from stealth, in a bid to help enterprises improve security for cloud native workloads.
4 questions raised by GD's deal for CSRA (Washington Technology) The blockbuster combination of General Dynamics IT with CSRA raises lot of questions about their strategy and the market at-large. We try to answer some of them.
Seeking Growth, Raytheon Reshuffles Forcepoint Cybersecurity Unit (The Motley Fool) The business, which was acquired in 2015 for $1.57 billion, is seeking to boost growth after a rebuilding period.
Intercede awarded Middle East contract worth more than £1m (ShareCast News - London South East) AIM-listed software and service company Intercede has been awarded a contract by a Middle Eastern country for its MyID solution worth more than £1m.
Former Information Security Bureaucrats, now cybersecurity top guns elsewhere (CISO MAG) The Information Security Officers who have walked through regency corridors are now assisting enterprises in constructing their cybersecurity retreats, as the increasing incidents of cyber heists continue to be a cause of worry for governments and businesses across the world. The last few years have seen top guns in bureaucracy changing gears to propel the …
Products, Services, and Solutions
Introducing HackerOne Response, the latest app from Coalition (Solve Cyber Risk - the Coalition blog) The HackerOne Response app, create in partnership with HackerOne, is another tool in the cyber risk management platform offered to all Coalition policyholders.
Netwrix becomes an approved CPE provider (Netwrix) Netwrix brings value to the IT community by providing CPE-accredited educational content for IT professionals.
Seagate, RackTop Launch Secure Data Storage Product for Governments (SecurityWeek) Seagate and RackTop join forces to launch a secure data storage product designed to help government organizations address cybersecurity and compliance challenges
Large Financial Institution Partners with Comodo CA to Diversify Security Portfolio (EIN News) Comodo CA, a worldwide leader in digital identity solutions, today announced that it has entered into an enterprise partner agreement with one of the largest
Verizon to Use KSI Blockchain Technology Developed for Estonia (SDxCentral) Verizon Enterprise Services plans to use KSI blockchain technology developed by Guardtime for the Estonian government.
CrowdStrike Falcon Endpoint Protection Platform Validated Against MITRE ATT&CK™ Framework in Nation-State Emulation Test (BusinessWire) CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced it has successfully completed an evaluation by MITRE’s Leveragin
Dragos Releases Dragos Platform 1.2 (PR Newswire) Industrial cybersecurity company Dragos, Inc. today announced that Dragos...
City, University of London, selects PhishMe to provide the highest degree of phishing and ransomware protection (Markets Insider) University employs human behavioural conditioning techniques designed to build student and staff resilience to phishing
Eaton, UL teaming on cybersecurity testing for power management (Electric Light & Power) The program, currently in development on a limited basis, aligns Eaton’s testing methodologies and data generation with the UL Cybersecurity Assurance Program for UL standards 2900-1 and UL 2900-2-2.
Grant Thornton Australia strengthens defences with Darktrace (Cambridge Network) Darktrace, the world’s leading AI company for cyber defence, has today announced that leading growth advisory firm, Grant Thornton Australia, has deployed the Enterprise Immune System to detect emerging cyber-threats in real time, in partnership with The Missing Link.
Zimperium Delivers Industry's First Mobile Security Solution Available Across All Cloud Platforms (PR Newswire) Zimperium, the global leader in mobile security, today announced that its...
Canon Dumps Perimeter Security for Vera's Data-centric Approach (eWEEK) New relationship takes aim at data leaks and protects digital information processed by multi-function devices and digital imaging solutions.
Palo Alto Networks extends security to the big 3 public clouds (CSO Online) Palo Alto Networks Next-Generation Security Platform expands security to all major public cloud services: Amazon Web Services, Google Cloud Platform and Microsoft Azure.
Technologies, Techniques, and Standards
Cloud Security Alliance Releases New Report Examining Ways in Which Blockchain Technology Can Facilitate, Improve IoT Security (Cloud Security Alliance) Report offers high-level overview, use-case examples of blockchain for IoT security
Hybrid data storage is growing rapidly in the digital workplace (Help Net Security) Hybrid data storage provides businesses with flexibility, combining the mobility of the cloud with the performance and security of on-premises infrastructure.
How to guard your data like it’s an Olympic sport (The Parallax) Heading to the Winter Olympics in South Korea or another major public event? Don’t let yourself get so carried away with excitement that you forget that the bad guys are just waiting for you to slip up.
Can Ancient Chinese Military Strategy Bring Success in Cyber Conflict? (Data Center Knowledge) Without an understanding of who the enemy really is, how they operate, and the many techniques they use to gain entry, successful defense is unlikely.
Endpoint security suites must have these features (CSO Online) Endpoint security vendors must be a one-stop endpoint security shop -- providing such things as anti-malware, anti-exploit, EDR and hybrid deployment options -- if they want to compete.
Unnecessary security cordons making fintech more vulnerable: Rahul Kumar,WinMagic (Banking & Finance) It is no gainsaying the fact that fintech is the most preferred hunting ground for hackers and attackers.
‘BuckHacker’ Search Engine Lets You Easily Dig Through Exposed Amazon Servers (Motherboard) This makes searching through leaky Amazon Web Services servers much easier.
AI and Machine Learning: Breaking Down Buzzwords (Dark Reading) Security experts explain two of today's trendiest technologies to explain what they mean and where you need them.
Design and Innovation
AMP for email is a terrible idea (TechCrunch) Google just announced a plan to "modernize" email, allowing "engaging, interactive, and actionable email experiences." Does that sound like a terrible idea to..
Research and Development
Cyber R Would Go Up at Defense, Down At Standards Agency (Defense One) Budget proposal would cut 18% from NIST, just as it updates cybersecurity rules that apply across government.
Facebook Funded Most of the Experts Who Vetted Messenger Kids (WIRED) Equally notable are the experts Facebook did not consult: Two large nonprofits say they weren’t informed about the app until weeks or days before its debut.
Girls Go CyberStart Competition Kicks Off Next Week (WBOI) A multi-state effort aimed at getting more women in the cybersecurity career pipeline comes to the web this month. High school girls from 16 states will
Legislation, Policy, and Regulation
Intel chiefs: No direction from Trump on election security (FCW) At a Senate hearing, three intelligence chiefs acknowledged the White House has not specifically directed them to dedicate resources towards securing election infrastructure, but told lawmakers they are still focused on addressing the issue.
As Primaries Loom, Election Security Efforts Behind Schedule (Dark Reading) While federal agencies lag on vulnerability assessments and security clearance requests, the bipartisan Defending Digital Democracy Project releases three new resources to help state and local election agencies with cybersecurity, incident response.
Army's Nakasone nominated to lead U.S. Cyber Command and the National Security Agency (Federal Times) Lt. Gen. Paul Nakasone has been tapped to be the next commander of U.S. Cyber Command and director of the National Security Agency.
Here’s how Cyber Command is preparing for its next job (Fifth Domain) The Department of Defense is taking steps to prepare to elevate Cyber Command to a full, unified combatant command?
Outsourcing Intel: How Intel-for-Hire Undermines U.S. Intelligence (MintPress News) Despite lacking professional credentials, a commitment to public service, or the minimum amount of vetting that would go into a security clearance background check, these private-sector spies collect intelligence that is passed along and ultimately may be included in the President’s Daily Briefing.
Litigation, Investigation, and Law Enforcement
U.S. senators concerned about Chinese access to intellectual property (Reuters) China is trying to gain access to sensitive U.S. technologies and intellectual properties through telecommunications companies, academia and joint business ventures, U.S. senators and spy chiefs warned on Tuesday at a Senate hearing.
Six top US intelligence chiefs caution against buying Huawei phones (CNBC) The directors of the CIA, FBI and NSA express their distrust of Apple-rival Huawei and fellow Chinese telecom company ZTE.
NY Top Court: Private Facebook Postings Not Off Limits in Discovery (New York Law Journal) The New York State Court of Appeals decided 7-0 that limiting access only to a person’s public posts on Facebook is counter to “New York’s history of liberal discovery.
Text Messages as Evidence: The Current State of Affairs in New York State Courts (New York Law Journal) Does each individual text message in a chain require a separate foundation and basis for admissibility? Examination of available case law suggests that the answer is yes.
Russia says hackers stole more than $17 million from its banks in 2017 (Reuters) Hackers stole more than 1 billion roubles ($17 million) from Russian banks using the Cobalt Strike security-testing tool in 2017, a central bank official said on Tuesday.
The Cybersecurity Legal Plot Thickens (SecurityInfoWatch.com) When it comes to cyber vulnerability and liability, integrators are often stuck in the middle between manufacturers and customers