Cyber Attacks, Threats, and Vulnerabilities
Targeting of Olympic Games IT Infrastructure Remains Unattributed (Recorded Future) The operation to disrupt the PyeongChang Winter Olympic Games was more extensive than originally reported. The Olympic Destroyer malware should be treated with a high level of concern.
Rumours fly about who was behind the PyeongChang Olympics hack (Security Brief) The Olympic Destroyer campaign comes at a precarious time of geopolitical tensions with several possible perpetrators but no conclusive proof.
White House Blames Russia for 'Reckless' NotPetya Cyber Attack (US News and World Report) The White House on Thursday blamed Russia for the devastating 'NotPetya' cyber attack last year, joining the British government in condemning Moscow for unleashing a virus that crippled parts of Ukraine's infrastructure and damaged computers in countries across the globe.
The White House Blames Russia for NotPetya, the 'Most Costly Cyberattack In History' (WIRED) After its negligence on Russian election hacking, the Trump administration is taking Russia's global malware attack more seriously.
Kaseya Virtual System Administrator: New Updates (eSentire Managed Detection and Response) Originally published on 2018-01-29eSentire has observed an unknown threat actor attempting to deploy a Monero cryptocurrency miner to multiple eSentire cus...
This lucrative ransomware campaign secretly surveys vulnerable networks to maximise infections (ZDNet) SamSam ransomware moves laterally across networks after compromising internet-facing systems, and is making its hands-on operators hundreds of thousands of dollars.
Cryptocurrency Miners Abusing Containers: Anatomy of an (Attempted) Attack (Aquasec) We’ve heard many accounts of cryptocurrency mining attacks on container environments and decided to investigate and analyze an anatomy of such an attack.
After reported breach, FedEx says server is "secure," investigation underway (Memphis Business Journal) After reports today of a breached server, Memphis-based FedEx Corp. said the information is now secure.
Multi-Stage Word Attack Infects Users Without Using Macros (BleepingComputer) Spam distributors are using a new technique to infect users with malware, and while this attack relies on having users open Word documents, it does not involve users having to allow the execution of macro scripts.
Innovative and rougher in extortion, threats continued for Android in 2017 (WeLiveSecurity) New research from ESET has highlighted how 2017 was a year that Android ransomware become more innovative and rougher in extortion.
A New Internet of Things Botnet Originated on 'Grand Theft Auto' Servers (Motherboard) Attackers said “God’s wrath will be employed against the IP that you provide us.”
SAP Cyber Threat Intelligence report – February 2018 (Security Boulevard) The SAP threat landscape is always expanding thus putting organizations of all sizes and industries at risk of cyberattacks. The idea behind the monthly SAP Cyber Threat Intelligence report is to provide an insight into the latest security vulnerabilities and threats. Key takeaways The first set of SAP Security Notes in 2018 consists of 26 The post SAP Cyber Threat Intelligence report – February 2018 appeared first on ERPScan.
Global Malware Report Confirms Prevalence, Role Of Advertising (Media Post) A day after the Director of National Intelligence Dan Coats released the U.S. intelligence agencies' 2018 Worldwide Threat Assessment, highlighting how digital media has become a vector for a variety
of national security threats, a new report revealed the prevalence of malicious code worldwide, as well as in the U.S.
Global Malware Report 2017 (Comodo Threat Research Labs) Malicious software, or malware, refers to computer code that can be harmful to both computer systems and their users.
Renewable energy companies at high risk from cyberattack, claims report (Power Technology) The Renewables Consulting Group (RCG) and cybersecurity specialist Cylance have published a report on cybersecurity concerns for renewable energy companies,...Read More...
How an Apple staffer leaked the iPhone source code (CRN Australia) Apple's iOS 9 source code fell into the wrong hands.
Edward Snowden returns to US! Oops, nope, it's a phishing scam (SC Media UK) A strange spam campaign that targets Apple customers was found distributing phishing emails containing an Apple receipt to an Edward Snowden.
Techno-senator tells Tinder to hook up its app with better security (Register) Swipe-a-shag tool gets the dreaded sternly-worded-letter treatment from Wyden
Security Patches, Mitigations, and Software Updates
That terrifying 'unfixable' Microsoft Skype security flaw: THE TRUTH (Register) Oh yeah, we patched that in October, Windows giant yawns
Cyber Trends
With 100 days to go, 72% of organisations worldwide are GDPR ready (ResponseSource Press Release Wire) EfficientIP X-Day study discovers average global spend on GDPR compliance tops $1.5 million, bringing increased trust and loyalty from customers. Paris, France and New York, USA - 15th February 2018 ...
Why the cyber threat landscape could grow under GDPR (Information Age) The General Data Protection Regulation (GDPR) is only 3 short months away, with the incoming regulation seeing businesses across Europe and beyond bolster their cyber security in an effort to comply
Analyzing the Security of Federal Government Contractors (BitSight) Download this BitSight Insights report to learn about the cybersecurity performance of U.S. federal government contractors and subcontractors.
Entry-Level Employees Lack Awareness of IT Security Threats, Company Cybersecurity Policies (PR Newswire) Nearly half (46%) of entry-level employees don't know if their company has...
Agencies Better At Cybersecurity Than Vendors, Study Says (Law360) Cybersecurity at contractors is lagging behind that of federal agencies, security ratings firm BitSight said in a report Thursday, a day after a U.S. Department of Homeland Security official revealed DHS had launched an initiative for agencies to study cybersecurity throughout their supply chains.
Marketplace
Bitcoin price: Is the bull run back? Bitcoin's up almost 20 percent in 7 days (Verdict) The bitcoin price is nearing $10,000 per coin after dropping under the psychological marker last month, climbing almost 10 percent in the last 24 hours.
‘American Intelligence’ Project Bitcoin Could Fall to $300 - Russian Lawmaker (Sputnik News) Anatoly Aksakov, chair of Russia’s State Duma Committee on Financial Markets, says he does not believe bitcoin will return to its former glory. On the contrary, Aksakov predicts it will fall dramatically.
Oracle slurps bot-wrangling security minnow Zenedge (Register) Buy price not revealed
VMware acquisition continues move toward cloud security (SearchCloudComputing) The latest VMware acquisition highlights the virtualization leader's move to broaden its appeal in cloud management and security to remain relevant.
OpenText buys file-sharing service Hightail (10 Thousand Couples) A file-sharing service with 5.5 million users around the world has been bought by Waterloo's OpenText.
Arlington Capital acquires IAI, eyes combo with Xebec (Washington Technology) Arlington Capital Partners has acquired defense and intelligence IT contractor Integrity Applications Inc. and will merge IAI with portfolio company Xebec.
Kromtech Looks to M&A to Help Expand Its Product Portfolio (PRWeb) Persistent and serious ransomware attacks and personal data leaks continue to worsen customer cybersecurity concerns. Not only the increasing frequency of the attacks...
Internet giant Akamai is at a crossroads. Here's what's next. (Boston Business Journal) Changing internet trends and activist investors have Akamai facing one of the most uncertain periods in its 20-year history. Can it reinvent itself fast enough?
Intel offers to pay for Spectre-like side channel vulnerabilities (Help Net Security) Intel is raising considerably the awards it plans to give out for helpful vulnerability information, and is offering a new bug bounty program focused specifically on side channel vulnerabilities, i.e., vulnerabilities that are rooted in Intel hardware but can be exploited through software.
CenturyLink announces strategic government leadership team (Intelligence Community News) CenturyLink, Inc., headquartered in Monroe, LA, announced on February 15 the strategic government executive leadership team that reports to David Young, regional vice president of strategic governm…
Imperva Announces Departure of its Chief Revenue Officer (BusinessWire) Imperva, Inc. (NASDAQ:IMPV), a cybersecurity leader that delivers best-in-class solutions to protect data and applications on-premises, in the cloud,
Bugcrowd Appoints Two Key Executives to Capitalize on Growing Market Demand (GlobeNewswire News Room) Rick Beattie, VP of Global Sales, and Jonathan Gohstand, VP of Product, bring proven track records to leader in crowdsourced security
Products, Services, and Solutions
Trustwave Announces New Proactive Threat Hunting Service for Government (BusinessWire) Trustwave announces a new threat hunting service for government agencies to help bolster cyber defenses.
Cyberbit Wins Three Gold Cybersecurity Excellence Awards for Innovative Products and Projects (PR Newswire) Cyberbit Ltd., a world leading provider of cybersecurity simulation...
JASK Announces Technology Alliance with Carbon Black, Delivering Next-Generation Alert Consolidation and Prioritization (BusinessWire) JASK, the provider of the industry’s only Autonomous Security Operations Center (ASOC) platform, today announced it has entered into a technology alli
LinuxInsider Headlines (Linux Insider) SentinelOne this week announced a partnership with Microsoft to bolster threat protection for mixed platform users, making computing safer for Linux machines in a multiplatform workplace. SentinelOne will integrate its Endpoint Protection Platform with Microsoft's Windows Defender Advanced Threat Protection service to cover Mac and Linux device platforms.
A Guide to Top Secure Web Gateway Vendors (eSecurity Planet) A look at top vendors in the market for web security gateway solutions, a critical tool for defending against web threats.
IBM Wants You to Know Blockchain Can Go Wrong (CoinDesk) IBM has a team of cybersecurity experts working with enterprise clients to make sure their distributed ledgers are free from vulnerabilities.
Armour Communications announces the release of Armour Desktop for Windows 10 (ResponseSource Press Release Wire) Government certified secure mobile communications app continues to lead market with expanded functionality London - Armour Communications, a leading provider of specialist, secure communications sol...
Symantec Earns FedRAMP Authorization for Email Security Service (GovCon Wire) Symantec (Nasdaq: SYMC) has secured certification for its cloud-b
Technologies, Techniques, and Standards
Using the Chrome Task Manager to Find In-Browser Miners (BleepingComputer) The use of browsers to mine for digital currency is becoming a major problem. With more and more sites incorporating in-browser mining scripts such as CoinHive and web extensions injecting them into web pages, people will continue to be affected by this attack. Thankfully, we can easily detect miners using the Chrome Task Manager.
CERT-In has developed a free bot removal tool in collaboration with QuickHeal, starts sending out awareness SMS (Tech2) The SMS includes a link to the Botnet Cleaning and Malware Analysis Centre where one can get information about bots and how to remove them
25% of firms fail to implement multi-factor authentication for BYOD (Security Brief) 25% of respondents at the Gartner Symposium lacked some form of multi-factor authentication when securing BYOD.
Removing admin rights would mitigate most Microsoft flaws, report claims (iTWire) Removing administrator rights would mitigate 80% of the critical vulnerabilities found in Microsoft products in 2017, the security firm Avecto claims....
7 steps security leaders can take to deal with Spectre and Meltdown (Help Net Security) Security and risk management leaders must take a pragmatic and risk-based approach to the ongoing threats posed by an entirely new class of vulnerabilities like Spectre and Meltdown, according to Gartner.
Still relying solely on CVE and NVD for vulnerability tracking? Bad idea (Help Net Security) Incredibly, we see too many companies still relying on CVE and NVD for vulnerability tracking, despite the US government funded organization falling short year after year.
How to take charge of data encryption in the cloud era (IT Pro Portal) A range of highly publicised data leaks in recent years have resulted in financial loss, legal repercussions, resignation of top executives and damaged brand reputation.
Want to Protect Against Websites That Spy on You? Get an Ad Blocker. (Consumer Reports) The Chrome browser can now block annoying ads on some sites. But there are better ad blockers and anti-trackers for protecting your privacy and security.
Employees, not technology, are your business's first defence against cyber attack (International Business Times UK) Suzanne McAndrew, Managing Director, Talent & Rewards, Willis Towers Watson says just 18% of breaches driven directly by external threats.
Design and Innovation
IBM and SpaceBelt Collaborate on Innovative Architecture for Secure Cloud Management and Storage in Space (PR Newswire) As worldwide security growth moves to more than $96 billion in 2018,...
Why do we need a risk-based approach to authentication? (Help Net Security) The biggest challenge for an enterprise seeking to adopt a risk-based approach to authentication is the sheer number of variables that must be accounted for in each and every request.
Legislation, Policy, and Regulation
Critical Infrastructure Protection: Additional Actions Are Essential for Assessing Cybersecurity Framework Adoption (Government Accountability Office) Most of the 16 critical infrastructure sectors took action to facilitate adoption of the National Institute of Standards and Technology's (NIST) Framework for Improving Critical Infrastructure Cybersecurity by entities within their sectors. Federal policy directs nine federal lead agencies—referred to as sector-specific agencies (SSA)—in consultation with the Department of Homeland Security and other agencies, to review the cybersecurity framework and, if necessary, develop implementation guidance or supplemental materials to address sector-specific risks and operating environments.
Cybersecurity is not something; it is everything (Brookings) Four years ago, the Obama Administration rolled out the Cybersecurity Framework from the National Institute of Standards and Technology (NIST). It has proven to be an essential and indispensable ro…
Our intelligence chiefs just want to tell the truth about national security (TheHill) They just want to tell Congress and the American public the truth about threats to our country.
The murky world of Australia & Singapore's workforce monitoring laws (Security Brief) Australia’s complexity is second only to the United states when it comes to workforce monitoring.
Creating a New Crime: Cyber-Harassment (New Jersey Law Journal) The inclusion of cyber-harassment in the Domestic Violence Statutes will enable victims of domestic violence to prove an act of cyber-harassment by producing the allegedly offending communication.
US Intel, State Elections Officials to Discuss Security Issues (VOA) Classified-level briefing comes ahead of midterm elections
Could a cyber national guard have a role in safeguarding elections? (FCW) During a Senate Armed Services subcommittee hearing, senators toyed with the idea of the National Guard protecting the 2018 elections from foreign tampering.
Litigation, Investigation, and Law Enforcement
Former senior Federal Bureau of Investigation official is leading BuzzFeed's effort to verify Trump dossier (10 Thousand Couples) BuzzFeed is suing the Democratic National Committee for information about a controversial dossier about Donald Trump the news outlet published previous year. In a nutshell: BuzzFeed believes the D.N.C. has information that could show a link between Gubarev and the e-mail hacking, which would undercut his libel claim.
California man convicted of directing cyber attack against Norman business (KFOR.com) A California man was convicted on one count of directing distributed-denial-of-service(DDoS) cyber attacks against two websites owned by Oklahoma telescope retailer Astronomics in August 2016. 44-year-old David Goodyear was charged in August 2017 with attacking the websites of Astronomics, a family-owned telescope retailer in Norman.
Latvian National Pleads Guilty To “Scareware” Hacking Scheme That Targeted Minneapolis Star Tribune Website (US Department of Justice) A Latvian man pleaded guilty yesterday for participating in a lucrative “scareware” hacking scheme that targeted visitors to the Minneapolis Star Tribune’s website.
ATM Skimmer Kingpin Escapes UK Police (BleepingComputer) In what many consider to be a monumental failure on the part of UK police, the ringleader of a notorious ATM skimming gang has escaped prosecutors and is believed to be hiding abroad, after being let out on bail.