Cyber Attacks, Threats, and Vulnerabilities
Russian Cyberspies Shift Focus From NATO Countries to Asia (SecurityWeek) Russia-linked cyberspy group APT28/Fancy Bear/Sofacy shifts focus from NATO countries and Ukraine to Central Asia and further east
REVEALED: Latest North Korea 'Reaper' CYBERATTACK aims to cripple enemies 'CROWN jewels' (Express.co.uk) A NORTH Korean backed hacker group called “Reaper” is targeting major international companies in the latest attempt by the rogue nation to disrupt the day-to-day lives of its enemies, according to a new report.
Lesser-known North Korea cyber-spy group goes international: report (Reuters) A North Korean cyber espionage group previously known only for targeting South Korea's government and private sector deepened its sophistication and hit further afield including in Japan and the Middle East in 2017, security researchers said on Tuesday.
North Korean Hacking Group APT37 Expands Targets (SecurityWeek) North Korean hacker group APT37 (aka Group123, Reaper, ScarCruft) has expanded the scope and sophistication of its operations
N Korea expanding cyber-attack capabilities, intention appears disruption (SC Media UK) North Korea appears to be planning major international cyber-attacks, with espionage group APT37 (Reaper) seen to be expanding its scope
North Korea hacking group is expanding operations, researchers say (CSO Online) A group of hackers from North Korea (DPRK), recently connected to the usage of an Adobe Flash zero-day vulnerability (CVE-2018-4878), has expanded its operations in both scope and sophistication, FireEye says.
North Korea takes a great leap forward in hacking computers (NBC News) The North Koreans have figured out how to bridge the air gap — meaning they can hack into computers that aren't even connected to the internet.
Microsoft chief blames north korea for carrying out wannacry ransomware attack best bitcoin faucet (Bitcoin) Just when we thought WannaCry is dead, done and dusted, Microsoft President Brad Smith has accused North Korea of carrying out the cyberattack.
Tesla Internal Servers Infected with Cryptocurrency Miner (BleepingComputer) Hackers have breached Tesla cloud servers used by the company's engineers and have installed malware that mines the cryptocurrency.
Cryptojacking Scripts Could Soon Invade Your Word Documents (BleepingComputer) Cryptojacking scripts that mine Monero via JavaScript code can also run inside Word files, security researchers have discovered.
Cyber attackers are cashing in on cryptocurrency mining - but here's why they're avoiding bitcoin (ZDNet) Cryptocurrency mining malware has emerged as a key methof of criminal hackers making money - so why aren't they targeting the most valuable blockchain-based currency of them all?
Comodo Threat Research Lab reveals new vicious trick (Comodo News and Internet Security Information) The Comodo Threat Intelligence Lab reveals a new attack used by cybercriminals to camouflage malware attacks.
Scanned Canadian passports found on open FedEx Amazon S3 bucket (IT World Canada) The revelation last week of the discovery of unprotected scanned identification documents from a number of countries -- including Canadian passports --
AWS clients alerted to security risks by researchers (Computer Business Review) AWS cloud storage users have received warnings from security researchers telling them that their private content has been exposed.
Exposed Amazon clients get tip-off alerts (BBC News) US firm's clients told to update their settings and lock down data before it is stolen.
Coldroot RAT Still Undetectable Despite Being Uploaded on GitHub Two Years Ago (BleepingComputer) Coldroot, a remote access trojan (RAT), is still undetectable by most antivirus engines, despite being uploaded and freely available on GitHub for almost two years.
Year-Old Coldroot RAT Targets MacOS, Still Evades Detection (Threatpost) Researchers are warning users about the Coldroot remote access Trojan that is going undetected by AV engines and targets MacOS computers.
Study on Fileless Attacks Underscores Risk of Over-Reliance on Endpoint Security (Bricata) The growth of fileless attacks demonstrates why cybersecurity needs to move beyond solely relying on signature analysis for enterprise protection.
Top US banks have multiple online security flaws (BetaNews) Analysis of the internet presence of 25 out of 50 top US banks reveals a worrying number of online security flaws.
Hackers Exploite Tegra Chipset Flaw to Run Linux OS on Nintendo Switch (HackRead) Hackers Exploiting Unpatched Tegra Chipset Flaw to Run Linux OS on Nintendo Switch Putting Nintendo Switch at Risk.
Cybersecurity Enforcers Wake Up to Unauthorized Computer Access Via Credential Stuffing (Big Law Business) Do you ever use the same username and password on more than one website? Most people sometimes do, and thereby put themselves at risk for “ credential stuffing.”
Statically Unpacking a Brazilian Banker Malware (SANS Internet Storm Center) After going through an almost endless amount of encoded droppers and loader scripts while analyzing a Brazilian banker, I finally managed to reach the actual payload, an interestingly packed/encrypted banking malware. How I statically unpacked this payload is the subject of today’s diary and I hope it will help you in your future analysis.
Warning of GDPR extortion attempts from strategic cyber criminals (Information Age) Cyber security roundup report from Trend Micro has revealed a growth in targeted, strategic, money-making attacks against those firms looking to implement GDPR
The advent of GDPR could fuel extortion attempts by criminals (Help Net Security) The number of exploit kit attacks is, slowly but surely, going down, but the bad news is that everything else is on the rise: BEC scams, ransomware, stealthy crypto-mining, the number of enterprise records compromised in data breaches.
Chinese Catholics’ petition suffers cyber attack (Catholic Herald) The petition has been signed by over 1,000 people
UK local councils under huge cyber attack pressure (Computer Weekly) Investigation underlines importance of security automation and employee awareness training.
Security Patches, Mitigations, and Software Updates
Twitter updates its policy on tweets that encourage self-harm and suicide (TechCrunch) Twitter, which is constantly criticized for not doing enough to prevent harassment, has updated its guidelines with more information on how it handles tweets..
Cyber Trends
Munich Security Conference highlights cyber, Russian threat (Inside Cybersecurity) Emerging from the Munich Security Conference, German defense minister Ursula von der Leyen and other NATO leaders said they anticipated an increased focus on cybersecurity while highlighting ongoing cyber threats from Russia.
Spy Chiefs Descend on Munich Confab in Record Numbers (Foreign Policy) An annual security gathering in Munich has become the new hot spot for top intelligence officials meeting in the shadows of a public event.
The Annual Cost of U.S. Cybercrime Could Top $100 Billion (Nextgov.com) Companies aren’t properly incentivized to protect their networks and we’re all paying the price, the Council of Economic Advisers concludes.
Cyber security in (big) numbers (BetaNews) We hear a lot about cyber attacks and the latest threats, but it can sometimes be hard to comprehend the scale of the problem.
RedLock Releases Cloud Security Report Highlighting Focus on Shared Responsibilities, Uncovers Cloud-Related Exposures at Tesla (BusinessWire) RedLock releases its Cloud Security Trends report, uncovering serious threat vectors and revealing that hackers infiltrated a Tesla cloud environment.
By the Numbers: Global Cyber Risk Perception Survey (Marsh) Is your organization employing best practices for managing cyber risk? Benchmark your performance against the results of our survey, conducted in partnership with Microsoft.
Business fears: The need for better security in the Internet of Things (VanillaPlus) Cybersecurity in business is often overlooked, underfunded or simply not given enough thought. Though recent research by Avast Business found that 96% of S
C-Level Prioritises Breach Costs Over Customer Losses (Infosecurity Magazine) C-Level Prioritises Breach Costs Over Customer Losses. Centrify study also claims CEOs are too focused on malware threat
Marketplace
Discover hidden cybersecurity talent to solve your hiring crisis (Help Net Security) Folks with security experience on their resumes are in such high demand, CISOs need to hunt beyond the fields we know to find hidden cybersecurity talent.
Cloud security vendor Zscaler files for US$100 million IPO (CRN Australia) Says its partner business accounts for 90 percent of sales.
Google to Acquire IoT Management Platform Xively (SecurityWeek) Google is stepping up its Internet of Things (IoT) game as it has entered into an agreement to acquire Xively, a division of LogMeIn, for approximately $50 million.
Qualcomm increases offer for NXP to $44bn in order to push deal through quickly (Computing) Qualcomm acquisition of NXP could make the company too big a buy for Broadcom
Cisco Systems Raises Dividend 14% - Now What? (Seeking Alpha) Shares of Cisco have jumped on good quarterly results and significant repatriation of cash. The company recently raised its dividend by 14%. Cisco Systems is va
Tech Dividend Showdown: Cisco Vs. IBM (Seeking Alpha) Some tech companies are attractive for income focused investors, despite most tech companies being focused on growth and not paying out attractive dividends. IB
Israeli Cyber Security Startup Morphisec Closes $12 Million Series B (ReadITQuik) Funding was spearheaded by the investing arm of French telco bigwig – Orange
UK cyber security agency sticks with China's Huawei despite US spy fears (The Telegraph) The UK’s top cyber security agency has reaffirmed its commitment to working with Chinese smartphone giant Huawei after US spy chiefs accused the company of presenting a national security risk.
Concerns over ZTE and Huawei security (My Broadband) Intelligence agencies have warned Americans not to purchase Huawei or ZTE smartphones.
CyberArk Software Ltd Sales Leap 25% (The Motley Fool) CEO Udi Mokady said the cybersecurity specialist delivered a "strong finish" to 2017.
Bitcoin’s transaction fee crisis is over—for now (Ars Technica) The median fee peaked at $34 in mid-December—now it's less than $1.
Cybersecurity and Intelligence Expert Tom Kellermann Joins Carbon Black as Chief Cybersecurity Officer (BusinessWire) Carbon Black, a leader in next-generation endpoint security, today announced Tom Kellermann has joined the company as chief cybersecurity officer. As
Products, Services, and Solutions
RiskIQ Announces New Digital Footprint Risk Reporting to Improve Digital Defense (GlobeNewswire News Room) The leader in digital threat management expands Digital Footprint product to cover enterprise risk reporting and prioritize remediation of digital threat exposures outside the firewall
Chef InSpec 2.0 helps automate security compliance in cloud apps (TechCrunch) How many times do you hear about a company exposing sensitive data because they forgot to lock down a data repository on Amazon? It happens surprisingly..
Encrypted large file transfer and Private Chat (get2Clouds) The most advanced end-to-end encryption and cloud security protection. Protect your cloud and communicate securely for free. Send encrypted large files to clients and friends, chat in private messenger.
Spirent Expands CyberFlood Security and Performance Assurance Options with New Virtual and Scalable Solutions (BusinessWire) CyberFlood's expanded platform gives customers flexible and scalable deployment options that address their testing needs today and in the future.
Forreston State Bank Ensures FFIEC and GLBA Compliance while Saving Hours of Work (Netwrix) Forreston State Bank has to ensure compliance with Federal Financial Institutions Examination Council (FFIEC) standards that govern GLBA requirements.
BRIEF-Sectra says gets reference customer in critical infrastructure (Reuters) Sectra gains important reference customer in critical infrastructure, does not name company
Data I/O to Showcase Production-Ready SentriX Security Provisioning at Embedded World (Data I/O) Data I/O Corporation (NASDAQ: DAIO), the leading global provider of advanced data and security programming solutions for flash, flash-memory based intelligent devices and microcontrollers, will demonstrate security provisioning on the...
G Data scannt nach Meltdown- und Spectre-Sicherheitslücken (LANline) Der Bochumer IT-Sicherheitsanbieter G Data stellt einen kostenlosen Scanner zum Download bereit, der Nutzern dabei helfen soll, sich gegen die jüngsten Angriffsszenarien Meltdown und Spectre (LANline berichtete) zu wappnen. Zwar schützt nach Meinung des IT-Sicherheitsspezialisten eine gute IT-Security-Software den
Entersekt, ForgeRock Partner On Mobile Security (PYMNTS.com) Entersekt, the mobile-first authentication and eCommerce enabling company, announced news on Tuesday (Feb. 20) that it has joined the ForgeRock Trust Network as a principal technology partner. In a press release, Entersekt said its mobile app security, authentication and digital signing technology is now available to ForgeRock’s customers. ForgeRock, said Entersekt in the press release, […]
ERPScan Joins NVIDIA Inception Program (PR Newswire) ERPScan today announced that it has joined the NVIDIA Inception...
Radware’s New ERT Active Attackers Feed Stops Attackers Before They Target Your Network (GlobeNewswire News Room) New Threat Intelligence Subscription Provides Pre-Emptive Protection from Emerging DDoS Threats like IoT Botnets
Researcher to Release Free Attack Obfuscation Tool (Dark Reading) Cybercrime gang FIN7, aka Carbanak, spotted hiding behind another Windows function, according to research to be presented at Black Hat Asia next month.
Facebook Aims to Make Security More Social (Dark Reading) Facebook's massive user base creates an opportunity to educate billions on security.
Technologies, Techniques, and Standards
NIST Proposes Metadata Schema for Evaluating Federated Attributes (SecurityWeek) NIST has published 'Attribute Metadata: a Proposed Schema for Evaluating Federated Attributes' in order to provide the basis for the evolution of a standardized approach to entity attributes.
Operation Gladiator Shield targeting DoD’s cyber terrain (FederalNewsRadio.com) The Joint Force Headquarters – Department of Defense Information Networks (DoDIN) reached full operating capability in January.
The Army is putting cyber, electronic warfare teams in its BCTs (Army Times) Soldiers with Cyber-Electromagnetic Activities Teams provide support to brigade combat team commanders, giving them tailored capability in training and on deployment.
Endpoint Devices: The New Battleground for Public Sector Cybersecurity (State Tech Magazine) Local governments are getting wise to the importance of protecting themselves from potential cybersecurity attacks, but there is still room for improvement, says HP's Christoph Ruef.
Analyzing user behavior is crucial for building a better cyber defense (CIOL) Soma Tah Have you ever left your house keys in the front-door lock? Silly, isn’t it? But, just take a look at the major data breaches from the past few years. It
6 steps to protect your business from ID theft (CreditCards.com) Attention to security issues is often lacking among the self-employed and micro-business owners. But protecting your company's and your clients' financial data is critical to avoiding a disaster that could tank your business dreams
10 tips for protecting your customers (CRN) Security is always a multi-layered discipline that evolves over time and with protection requirements changing regularly, protecting enterprise customers isn't easy.
Design and Innovation
Quantum “Tunneling” Away from Cyber Criminals (QuintessenceLabs) Australian quantum cybersecurity company leverages known “flaw” in diode to measure quantum noise to build stronger cryptographic keys San Jose, ...
This Game Teaches the History of Cryptography (Motherboard) Make sure you’ve got paper and the internet handy.
Quantum Computing is a Threat to Blockchain Security, Study Says (Finance Magnates) The report explores various vulnerabilities and provides solutions to them.
Think fast – this system watches you answer questions to make sure you’re human (TechCrunch) The machines are getting smarter and facial recognition may not be enough to tell you're a human. Machines can make faces, too, but they're not so good at..
Academia
UK’s Top Uni Students to Compete in Ethical Hacking Challenge (Infosecurity Magazine) UK’s Top Uni Students to Compete in Ethical Hacking Challenge. Inter-ACE competition returns as government launches skills fund
Legislation, Policy, and Regulation
Assigning Blame for Russia’s Election Meddling (The New Yorker) Trump has accused Obama of doing nothing, but former officials say Trump is the one who has ignored the threat.
SECURITY: White House report warns of fallout from grid cyberattack (E&E News) A cyberattack on the power grid could erode trust in key U.S. institutions and cause billions of dollars in damage, a top White House advisory group said Friday.
The Cost of Malicious Cyber Activity to the US Economy (The Council of Economic Advisers) This report examines the substantial economic costs that malicious cyber activity imposes on the U.S. economy.
Growth of AI could boost cybercrime and security threats, report warns (the Guardian) Experts say action must be taken to control artificial intelligence tech
The “Black Mirror” scenarios that are leading some experts to call for more secrecy on AI (MIT Technology Review) Artificial intelligence could sway elections, help Big Brother, and make hackers way more dangerous, suggests a new report.
Afraid of AI? We should be (Help Net Security) Afraid of AI? We should be. Not (yet!) of a sentient digital entity that could turn rogue and cause the end of mankind, but the exploitation of artificial intelligence and machine learning for nefarious goals.
Homeland Security chief touts effort on election cybersecurity (TheHill) Officials briefed state, local election officials on cyber threats in meetings late last week.
State officials get classified briefings on election security (FCW) National intelligence and homeland security officials briefed state officials and private-sector stakeholders about election cybersecurity threats.
DOJ forms cyber task force to investigate election meddling (The Daily Dot) Midterms are just around the corner.
Litigation, Investigation, and Law Enforcement
Microsoft (Ireland) and the Federal Rules of Criminal Procedure (Just Security) The Supreme Court can engage in rulemaking to resolve the issues in Microsoft Ireland.
Why the case for banning Kaspersky Lab could be in trouble (FederalNewsRadio.com) Kaspersky Lab seeks to overturn the provision in the 2018 NDAA that prohibits agencies from using the company’s products or services.
Intel vows to 'defend itself rigorously' as lawsuits fly in (CRN) Vendor facing backlash over Spectre and Meltdown vulnerabilities
Facebook told to stop tracking users that aren’t logged in (Naked Security) If Facebook doesn’t stop tracking users across the web, it could face a fine of €250,000 ($315,000) per day, says Belgian court.
Former Skadden Associate Charged in Mueller Probe (New York Law Journal) Alex van der Zwaan the son-in-law of a Russian oligarch is accused of lying to investigators.
Russia Case: Read Ex-Skadden Associate's Plea Agreement, Statement of Offense (New York Law Journal) Special Counsel Robert Mueller's team just filed the plea agreement and statement of offense in the case against former Skadden associate Alex van der Zwaan accused of lying to investigators.
Border Bouncers Don't Need Big Brother Spying Powers Over Americans (Reason.com) ICE and border patrol agents want access to NSA intel obtained without warrants.