Cyber Attacks, Threats, and Vulnerabilities
Russian bots flood Twitter with pro-gun messages after Florida shooting: report (TheHill) A day after the deadly school shooting in South Florida, Twitter saw a spike in tweets about gun violence from Russian-linked accounts.
Foreign Disinformation is a Threat to Military Readiness, Too (Defense One) Troops — and their families — need training to spot and discard false narratives and information.
Old speech, photo used in false FBI Muslim crackdown story (WPXI) A story that falsely reports President Donald Trump ordered the FBI in all 50 U.S. states to take action immediately against Muslim people is based largely on a speech 10 months ago by the then-head of the Department of Homeland Security, and also misquotes that speech.
Inside the Toolset of an Elite North Korean Hacker Group (WIRED) Security researcher at FireEye break down the arsenal of APT37, a North Korean hacker team coming into focus as a rising threat.
Shadowy North Korean IT group believed hiding out in Russian Far East: sources (The Japan Times) A group of North Korean information technology experts has moved its base from Hong Kong to Vladivostok in Russia and is likely engaged in collecting forei
North Korea's Olympic Diplomacy Hasn't Stopped Its Hacking (WIRED) Despite its overtures of peace toward South Korea, the Kim regime still engages in brazen cybercrimes against its neighbor.
North Korean Cyber-Attacks and Collateral Damage (AlienVault) WannaCry was incredibly destructive. The attackers made about $150,000 - but the total damage caused by WannaCry has been estimated in the billions of dollars.There is strong evidence linking WannaCry to a group of hackers known as ‘Lazarus’, reportedly operating out of the DPRK (North Korea). Whilst WannaCry is perhaps the most famous attack by Lazarus, it isn’t the only ‘collateral damage’ caused by the DPRK’s cyber actions.Below we disclose new details
United States hot on heels of North Korea's Hidden Cobra malware (Security Brief) The United States Computer Emergency Readiness Team (US-CERT) is honing in on the North Korean Government’s activities known as HIDDEN COBRA.
All Five Eyes Countries Formally Accuse Russia of Orchestrating NotPetya Attack (BleepingComputer) All the countries part of the Five Eyes intelligence-sharing alliance — the US, the UK, Canada, Australia, and New Zealand— have made formal statements accusing the Russian Federation of orchestrating the NotPetya ransomware outbreak.
Cyber security firm backs UK, US govts on Russian cyber attacks claims (ITP.net) FireEye research identifies link between Petya ransomware and Russian-based Sandworm Team .
Europe’s defense systems vulnerable to cyber attacks (Handelsblatt Global Edition) At this year's Munich Security Conference, military experts discussed what they believe to be the biggest threat facing Europe's NATO members: cyber attacks
Millions Stolen From Russian, Indian Banks in SWIFT Attacks (SecurityWeek) SWIFT attacks: Russia’s Central Bank says one of the country’s financial institutions lost $6 million, and hackers attempted to steal $2 million from India’s City Union Bank
“Cyber attack similar to Bangladesh central bank hack” (The Hindu) Private sector lender City Union Bank, which was able to resolve two of the three cyber hack recently, likened it to the attempts on the Bangladesh central bank’s system in 2016. “We had three fraudul
A Hacker Has Wiped a Spyware Company’s Servers—Again (Motherboard) "I don't want to live in a world where younger generations grow up without privacy."
Disk image flaw in Apple MacOs APFS file system could lose user data (Computing) Apple data-loss flaw found by back-up software creator Mike Bombich
FedEx: Customer information exposed, not compromised (American Shipper) Following reports that thousands of customer identification records were left open to public access, FedEx said those records have now been secured and there is “no indication that any information has been misappropriated."
Money Laundering Via Author Impersonation on Amazon? (KrebsOnSecurity) Patrick Reames had no idea why Amazon.com sent him a 1099 form saying he’d made almost $24,000 selling books via Createspace, the company’s on-demand publishing arm.
Botnets shift focus to credential abuse (ComputerWeekly.com) Cyber criminals are increasingly using automated attacks that make use of stolen credentials, a security threat report warns.
Oracle WebLogic Server Flaw Exploited to Deliver Crypto-Miners (SecurityWeek) Threat actors are exploiting CVE-2017-10271, a recently patched vulnerability in Oracle WebLogic Server to infect systems with crypto-currency mining malware.
Cryptocurrency-mining criminals that netted $3 million gear up for more (Ars Technica) Attackers who mined 10,829 Monero coins over 18 months target a new server platform.
Google exposes another zero-day security flaw in Edge as Microsoft miss the fix deadline (MSPoweruser) Browser security is hard, and it seems sometimes it is easier to break something than to fix it. Microsoft nemesis Google Project Zero has once again made a flaw in Microsoft’s Edge browser public before the company could push out a fix. The issue is related to Microsoft’s Just In Time compiler for Javascript, which …
Savers lose millions to retirement fraudsters (Times) Savers are being tricked out of half a million pounds every day after a surge in criminals targeting British pension riches, The Times can reveal. People with nest eggs to invest, including those...
Smart meters could leave British homes vulnerable to cyber attacks, experts have warned (The Telegraph) New smart energy meters that the Government wants to be installed in millions of homes will leave householders vulnerable to cyber attacks, ministers have been warned.
Facebook accused of spamming 2FA phone numbers (Naked Security) The social network is messaging users on their 2FA phone numbers and then posting their “PLEASE STOP!!” replies
What types of hospitals experience data breaches? (Help Net Security) An estimated 16 million patient records were stolen in the United States in 2016, and last summer the British Health System was crippled by a ransomware attack. While we know these events are on the rise, what do we know about the hospitals that are vulnerable to these attacks?
Breach Exposes Sensitive California State Employee Data (Infosecurity Magazine) Thousands of Social Security believed to have been exposed
Flight-sim devs say hidden password-dump tool was used to fight pirates [Updated] (Ars Technica) Developer says tool was intended to target one specific cracker.
Security Patches, Mitigations, and Software Updates
Update for iOS and Macs negates text bomb that crashed devices (TechCrunch) Last week we reported a major bug in Apple operating systems that would cause them to crash from mere exposure to either of two specific Unicode symbols...
Why Chrome’s ad filter isn’t an adblocker (Naked Security) Optimistic news coverage has described this as the arrival of adblocking in Chrome, it isn’t.
Cyber Trends
The continuing lack of understanding of Level 0,1 device security and safety (Control Global) Separating ICS cyber security safety risk from cyber security economic risk has to be done at Level 0,1. This gives management the ability to make better business decisions. Additionally, the latest safety standards requiring ICS cyber security risk assessments, yet there are no explicit Level 0,1 considerations in the standards. Cyber security of Level 0,1 devices requires much more attention - and soon.
Majority of healthcare providers beef up security architecture to protect patients’ data (GlobalData Plc) Healthcare providers across the globe are ramping up their investments in security architecture to reduce the risk of cyber-attacks and protect their patients’ data, according to GlobalData, a leading data and analytics company.
Employee Awareness of IT Security Threats (Clutch) A knowledge gap exists between decision-making and entry-level employees about IT security threats at their companies. This report answers 5 key questions about employee security awareness. Read More
Marketplace
Cybersecurity Hype: Is the Industry Delivering on its Promise? (Infosecurity Magazine) Given the ongoing list of high-profile security breaches, is the cybersecurity industry offering value for money?
The Starbucks Effect on IT Security (SecurityWeek) With a solution that allows for customization of the threat intelligence itself and how you integrate it into your environment, you’ve now got threat intelligence “to order.”
Qualcomm formally rejects Broadcom's latest acquisition offer following Wednesday meeting (Computing) Qualcomm nevertheless described the Wednesday pow-wow as constructive,
Intel offers to pay for Spectre-like side channel vulnerabilities (Help Net Security) Intel is raising considerably the awards it plans to give out for helpful vulnerability information, and is offering a new bug bounty program focused specifically on side channel vulnerabilities, i.e., vulnerabilities that are rooted in Intel hardware but can be exploited through software.
Google’s big plans for email will give it even more power (Naked Security) Google’s about to make your inbox a much more interesting place
Products, Services, and Solutions
New infosec products of the week: February 16, 2018 (Help Net Security) ScramFS: Encryption system for safeguarding cloud data Scram Software has announced that ScramFS - an internationally peer-reviewed encryption system for safeguarding cloud data - is now available globally to SMEs, government and not-for-profit organizations, enabling encryption of sensitive data to reduce breaches
Rohde&Schwarz Cybersecurity''s R&S PACE 2 DPI Software Features New Classification (Business Press) The new Stratum protocol classification functionalityRohde & Schwarz Cybersecurity, a leading IT security company, has enhanced its R&SPACE 2 deep packet inspection (DPI) software to include Stratum protocol classification capabilities. The DPI e ...
Schneider Electric partners with Cylance (World Cement) Schneider Electric has partnered with Cylance to boost cyber security.
Cylance's secret sauce proves the test of time (iTWire) Endpoint security company Cylance says its unique artificial intelligence-based protection is the best tool to keep companies and individuals safe fro...
Dispel Launches Election Security Platform (SecurityWeek) Dispel launches platform designed to help secure elections, including voter, ballot and campaign information
Claroty Advances the State-of-the-Art in Industrial Control Systems Security (Claroty) New Security Posture Assessment product combined with extensive new vulnerability and network hygiene monitoring and attack vector analysis capabilities update the industry’s most comprehensive ICS cybersecurity platform
S&P Global Ratings360™ to Include Cyber Risk Insights from Guidewire Software’s Cyence Risk Analytics (BusinessWire) S&P Global Ratings is bringing the cyber risk knowledge and insights of Guidewire Cyence Risk Analytics™ to S&P Global Ratings360™
Technologies, Techniques, and Standards
Siemens Leads Launch of Global Cybersecurity Initiative (Dark Reading) The new 'Charter of Trust' aims to make security a key element of the digital economy, critical infrastructure.
NIST Working on Global IoT Cybersecurity Standards (SecurityWeek) Draft NIST Interagency Report (NISTIR) 8200 seeks timely development of and use of cybersecurity standards in IoT components, systems, and services.
GDPR quick guide: Why non-compliance could cost you big (Help Net Security) If you conduct business in the EU, offer goods or services to, or monitor the online behavior of EU citizens, then the clock is ticking. You only have a few more months - until May - to make sure your organization complies with GDPR data privacy regulations. Failure to abide by GDPR means you could get hit with huge
What is an intrusion detection system (IDS)? A valued capability with serious management challenges (CSO Online) An IDS monitors network traffic, searching for suspicious activity and known threats and sending up alerts when it finds such items. The function remains critical in the modern enterprise, but maybe not as a standalone solution.
WaPo: Emails detail how senior US military officers dealt with Hawaii's false missile alert (CNN) After a false missile threat alert from Hawaii's government, top US senior military officers began discussing how to better handle such a threat if it were real, according to emails obtained by The Washington Post.
Design and Innovation
Facebook’s secret weapon in the fight against foreign meddling? Postcards (Ars Technica) “It won’t solve everything,” Facebook exec tells Reuters.
Propaganda and Comic Books: An objective analysis of the US Army Cyber Command's new 'Threatcasting' publications (SOFREP) The United States Army’s Cyber Command has released new promotional comic books being released as a part of their ongoing “Threatcasting” endeavor in conjunction with West Point Academy and Arizona State University.
A cybersecurity expert explains how to fight Russian election meddling (Vox) "I’ll tell you up front, it is going to happen again."
Research and Development
IARPA Releases Research Report on Security and Privacy Assurance (IC ON THE RECORD) The Intelligence Advanced Research Projects Activity (IARPA) has publicly released the Security and Privacy Assurance Research (SPAR) Pilot Final Report.
Air Force wants to mitigate cyber vulnerabilities in avionics systems (Defense News) Here's how the Air Force is investing in mitigating and detecting cyber vulnerabilities in avionics systems.
The Air Force requested $30M to develop a ‘cyber carrier’ (Defense News) The Department of Defense’s budget request for fiscal 2019 describes a plan to develop such a war-fighting platform for Cyber Command.
AI warfare is coming, and some global leaders say NATO isn’t ready (Defense News) The future of warfare will involve artificial intelligence systems acting as lethal weapons, and much like cyber a decade ago, NATO allies are ill-equipped to manage the potential threat, said current and former European leaders speaking at the Munich Security Conference.
How the Army plans to use virtual humans powered by artificial intelligence (C4ISRNET) The Army requested funding in the fiscal 2019 budget to develop techniques that will allow virtual humans to
Making Home Networks—and the Internet—Safer by Outsourcing Security (WPI) The nation’s 54 million residential computer networks, which often have inadequate or out-of-date security safeguards, leave millions of Americans vulnerable to fraud, compromise, and even property damage. Poorly protected home computers and other connected devices are inviting targets for hackers seeking to build “botnets” to send spam or phishing emails or launch malicious Internet attacks.
Academia
18 UK universities to do battle at Inter-ACE cyber security challenge (The Engineer) Teams from 18 universities across the UK will lock horns next month at the Inter-ACE cyber security challenge, hosted by the University of Cambridge.
Cyber security competition prepares students for future career (Hometown Stations) School is out on Monday, but several students were hard at work, perfecting their craft for the future.
Legislation, Policy, and Regulation
Global Powers Must Address 'Episodes of Cyberwar': UN Chief (SecurityWeek) "It's high time to have a serious discussion about the international legal framework in which cyberwars take place," UN secretary general Antonio Guterres said at the Munich Security Conference.
Russians Spooked by Nukes-Against-Cyber-Attack Policy (Centre for Research on Globalization) New U.S. policy on nuclear retaliatory strikes for cyber-attacks is raising concerns, with Russia claiming that it’s already been blamed for a false-flag cyber-attack – namely the election hacking allegations of 2016, explain Ray McGovern and William Binney.
Russia's cyber meddling 'sophisticated espionage,' says national security advisor (Defense News) McMaster stated firmly that United States will “expose and act against” those that use cyberspace, social media, and other means to advance campaigns of disinformation, subversion and espionage.
The War America Isn’t Fighting (POLITICO Magazine) Former Defense Secretary Ash Carter tells us about his Pentagon plan to counter Russia—and why both Obama and Trump have failed to execute it.
Iran the most dangerous nation for cyberattacks, says Saudi foreign minister (CNBC) The most dangerous nation for cyber threats is Iran, Saudi Foreign Minister Adel Al-Jubeir told CNBC on Sunday.
What China's Cybersecurity Law Could Mean for Global Businesses | LookingGlass (LookingGlass Cyber Solutions Inc.) As data breaches and hacking incidents continue to increase, more and more nations are seeking to protect their critical information from an attack. As a result, the industry has seen an uptick in regulations from foreign governments. The laws can safeguard information, as well as help countries define their role in, February 14, 2018
The Bundeswehr, famously bureaucratic, wants to charm technology startups (Defense News) Germany’s tech companies could see new business with the military, as Defense Minister Ursula von der Leyen seeks to funnel more funding toward cyber technologies under plans to grow the country’s defense budget.
Honest Ads Act Would Deter Foreign Interference in 2018 Through Online Ads (Campaign Legal Center) Brendan Fischer, director, federal and FEC reform at Campaign Legal Center (CLC) released the following statement about Special Counsel Robert Mueller’s indictment of 13 Russian nationals for conspiracy to defraud the United States through interference in the 2016 elections:
The debate over what Cyber Command still needs (Fifth Domain) As Cyber Command continues to mature, the agency's cyber warriors will need clear authorities and resources to be successful.
Could the Military Start Drafting Hackers in Their 40s? (Nextgov.com) A commission on the draft is studying cutting age and gender exclusions for people with cyber skills.
Litigation, Investigation, and Law Enforcement
Case 1:18-cr-00032-DLF: UNITED STATES OF AMERICA v. INTERNET RESEARCH AGENCY LLC [et al.] (US Department of Justice) The United States of America, through its departments and agencies, regulates the activities of foreign individuals and entities in and affecting the United States in order to prevent, disclose, and counteract improper foreign influence on U.S. elections and on the U.S. political system.
Russian Influence Campaign: What’s in the Latest Mueller Indictment (Lawfare) Details of the Internet Research Agency’s operation to influence the 2016 election and U.S. political process.
What Is the Internet Research Agency? (Defense One) The origin of the Russian “troll farm” that allegedly targeted America’s 2016 presidential election.
Inside the Mueller Indictment: A Russian Novel of Intrigue (WIRED) The cast of characters revealed in the special counsel's epic indictment is drawn from the overlapping circles of oligarchs, spooks, and mob figures.
This Is What $1.25 Million Dollars a Month Bought the Russians (Foreign Policy) A birthday card! An all-American trip! Tweets! Stolen American identities!
For Russia, Unraveling US Democracy Was Just Another Day Job (WIRED) The most chilling aspect of that blockbuster Mueller indictment? The bureaucracy behind Russia's onslaught.
How Twitter bots affected the US presidential campaign (Fifth Domain) About one in every five election-related tweets from Sept. 16 to Oct. 21, 2016, was generated by computer software programs called “social bots,” according to a research assistant professor of computer science, University of Southern California.
Byron York: A non-alarmist reading of the Mueller Russia indictment (Washington Examiner) There is more to learn. But as far as the new indictment is concerned, there is good reason to stay calm. It's not Pearl Harbor, in any way,...
Confessions of a Russiagate Skeptic (POLITICO Magazine) Why I have my doubts about whether Trump colluded with Moscow.
President Trump, I'm Russian and I'm Not Laughing (Bloomberg.com) I fear the indictment of Russian internet trolls may lead to less freedom for both Americans and Russians.
If Your Voters were Persuaded by Bad Russian Ads, They Were Never Your Voters (National Review) On Russia’s ham-fisted propaganda efforts, the limits of the Assault Weapons Ban, and more.
Former Trump aide Richard Gates to plead guilty; agrees to testify against Manafort, sources say (Los Angeles Times) Former Trump campaign official Rick Gates is about to reach a plea deal with Special Counsel Robert S. Mueller III
I’ll be a school shooter, boasted teenage Florida killer Nikolas Cruz (Times) A teenager who admitted killing 17 former schoolmates and teachers had boasted on YouTube that he was “going to be a professional school shooter”, was allegedly a member of a white nationalist...
Instagram submits to Russia censor's demands (BBC News) Service blocks access to corruption claim-related posts despite YouTube failing to meet similar demand.
Meltdown-Spectre: Now the class action suits against Intel are starting to mount up (ZDNet) Intel faces 32 class action lawsuits over its processor flaws and says more may be in the pipeline.
Lawsuits threaten infosec research — just when we need it most (ZDNet) Security researchers and reporters have something in common: both hold the powerful accountable. But doing so has painted a target on their backs — and looming threats of legal action and lawsuits have many concerned.
Der Kampf gegen Cyberkriminelle (Berliner Morgenpost) Konzerne beschließen Charta: Digitalministerium sowie Datensicherheit als Werkseinstellung gefordert
Russian Hackers Sent to U.S. Prison for Stealing 160 Million Bank Card Numbers (SecurityWeek) A United States Judge sent two Russian nationals to prison for their involvement in a hacking scheme that compromised roughly160 million credit card numbers and incurred losses of hundreds of millions.
Just and Unjust Leaks (Foreign Affairs) Revealing official secrets and lies involves a form of moral risk-taking. And drawing the line between the right and wrong kinds of disclosures has grown harder than ever in the Trump era.
Venezuela cryptocurrency to draw investment from Turkey,... (Reuters) Venezuela's new "petro" cryptocurrency will attract investments from Turkey, Qatar, the United States and Europe, the country's cryptocurrency regulator said on Friday.
Dark Web's worst pedophile sentenced to 32 years in prison (HackRead) Matthew Falder, a dark web pedophile has been jailed for 32 years in prison for child pornography and other explicit activites.