Cyber Attacks, Threats, and Vulnerabilities
Russian Hacker False Flags Work—Even After They're Exposed (WIRED) The Kremlin's hacking misdirection is evolving. And even when those attempts to confuse forensics fail, they still succeed at sowing future doubt.
Thanatos Ransomware Makes Data Recovery Impossible (SecurityWeek) A newly discovered ransomware family is generating a different encryption key for each of the encrypted files but saves none of them, thus making data recovery impossible.
5-year-old banking trojan and malware-as-a-service operation booms with new activity (Lookout) BancaMarStealer, also known as Marcher, is a malware family designed to phish a victim's banking (or other service) credentials. It was first spotted nearly five years ago, but today, the malware family has never been stronger. In fact, the number of samples have nearly quadrupled.
Memcached Abused for DDoS Amplification Attacks (SecurityWeek) Memcrashed: memcached protocol abused by cybercriminals for significant DDoS amplification attacks, Cloudflare and Arbor Networks warn
Surge in memcached-based reflected DDoS attacks is due to misconfigured servers (Help Net Security) Massive memcached-based reflection DDoS attacks with an unprecedented amplification factor have been ongoing for the last few days, by taking advantage of memcached servers exposed to the Internet.
Why we Don't Deserve the Internet: Memcached Reflected DDoS Attacks (SANS Internet Storm Center) Let me start off by saying: If you have a memcached server in your environment that is exposed to the internet, then you should stop scanning for them, and spend your time writing a resume instead.
How did this Memcache thing happen? (SANS Internet Storm Center) As pointed out earlier this memcached reflected DDoS thing is pretty bad.
Another massive DDoS internet blackout could be coming your way (CSO Online) A massive internet blackout similar to the Dyn DNS outage in 2016 could easily happen again, despite relatively low-cost countermeasures, according to a new study out of Harvard University.
Duo Finds SAML Vulnerabilities Affecting Multiple Implementations (The Duo Security Bulletin) This blog post describes a new vulnerability class that affects SAML-based single sign-on (SSO) systems. This vulnerability can allow an attacker with authenticated access to trick SAML systems into authenticating as a different user without knowledge of the victim user’s password.
Opt-in cryptomining script Coinhive 'barely used' say researchers (Register) We wouldn't say 'barely', says Coinhive
New UpdateChecker Coinminer Package Also Displays Ads to Further Piss You Off (BleepingComputer) A new malware package masquerading as an Flash Player update installs a miner and displays advertisements every 60 minutes.
Cryptocurrency-Mining Malware: 2018’s New Menace? (TrendLabs Security Intelligence Blog) Will cryptocurrency-mining malware be the new ransomware? The popularity and increasing real-world significance of cryptocurrencies are also drawing cybercriminal attention — so much so that it appears to keep pace with ransomware’s infamy in the threat landscape. In fact, cryptocurrency mining was the most detected network event in devices connected to home routers in 2017.
Massive Spam Campaign Targets Unpatched Systems (Threatpost) Morphisec said that it has detected several malicious word documents – part of a “massive” malspam campaign – that takes advantage of a critical Adobe Flash Player vulnerability discovered earlier this month.
Petya Ransomware Spreading Promptly Globally, Just Like WannaCry (Safe Gmail) Watch out, readers! It is ransomware, an additional WannaCry, an additional broad-unfold assault. The WannaCry ransomware is not dead nonetheless and an additional big scale ransomware assault is making chaos all over the world, shutting down pcs at corporates, ability provides, and banking institutions throughout Russia, Ukraine, Spain, France, British isles, India, and Europe and …
UK cyber risk picture: Emergency services at risk of a major cyber attack (Help Net Security) The UK cyber risk picture is not looking great. Emergency services are at risk of a major cyber-attack. This is the finding of a new landscape analysis, issued by intelligence provider Anomali.
Kaspersky Lab says smart hubs are at risk (Software Testing News) Kaspersky Lab researchers have discovered vulnerabilities in a smart hub used to manage all connected modules and sensors installed in a home.
Cryptographers Urge People to Abandon IOTA After Leaked Emails (IEEE Spectrum) A dump of private emails pits developers of the cryptocurrency against external security researchers
Researchers Warn of RedDrop Blackmail Malware (Infosecurity Magazine) Researchers Warn of RedDrop Blackmail Malware. RedDrop spyware records victims for later use, says Wandera
WordPress Users Warned of Malware Masquerading as ionCube Files (Threatpost) Researchers have found sneaky encoded malware targeting WordPress and Joomla sites that pretends to be ionCube files.
Federal law-enforcement may be able to break into any iPhone (CNET) Israeli security contractor Cellebrite says it has a tool to crack the security of almost any iPhone, according to Forbes.
When Profits Threaten Privacy – 5 Things You Need to Know about Apple in China (Anmesty) Apple is making some significant changes to how data is stored for users of its iCloud service in China – raising major concerns that the Chinese authorities will now be able to freely monitor Apple’s users in China. What do these changes mean and what options do Apple’s customers have to protect themselves?
TSP Gets Lowest Possible Score on Information Security Audit (Government Executive) Agency receives “Ad Hoc” label on first FISMA audit under new metrics.
Security Patches, Mitigations, and Software Updates
Remote Code Execution Bug Patched in Adobe Acrobat Reader DC (Threatpost) A remote code execution security flaw has been patched in one of the latest versions of Adobe Acrobat Reader DC.
Apple Tackles Cellebrite Unlock Claims, Sort Of (Threatpost) In the wake of claims an Israeli company Cellebrite has developed an unlocking tool for any iPhone, Apple is urging customers to upgrade to the latest version of iOS 11.
Cyber Trends
Introducing the Internet of Things Cybersecurity Awareness Report (Trustwave) Find out how your peers are approaching and thinking about Internet of Things security with this new Trustwave survey report, produced by Osterman Research.
CrowdStrike Reveals Time to Breakout as Key Cyber-Security Metric (eWEEK) Security firm CrowdStrike has determined that defenders have less than two hours to contain an initial attack from becoming a larger breach.
Data Breach Denial: Few Firms Are Focused On The Threat (Media Post) A new study shows that most IT pros expect serious data breaches at their firms. But their companies are not ready for them.
Marketplace
The key to discounted cyber insurance: A 'bug bounty'? (Property Casualty 360) In a bid to spread better threat awareness, this cyber insurer will offer discounts on its policies to any client that has a vulnerably disclosure and bug bounty program.
Nearly Half of Cybersecurity Pros Solicited Weekly by Recruiters (Dark Reading) More than 80% say they are 'open' to new job offers, while 15% are actively on the search, a new (ISC)2 survey shows.
Upcoming ICO: ‘MOM’ is the word as Multiven announces ICO (iNVEZZ) Mulitven has announced its ICO for the distribution of MultiCoins and says its ‘MOM’ technology will decentralize the global IT market place and secure the future of cryptocurrencies.
Un géant sud-coréen met la main sur la PME genevoise ID Quantique (rts.ch) Le spécialiste genevois de la cryptographie ID Quantique s'allie au géant sud-coréen des télécommunications SK Telecom. La PME suisse a annoncé lundi que son nouveau partenaire allait investir 53 millions de francs.
Sumo Logic Announces Significant Growth Milestones (Sumo Logic) Sumo Logic announced significant business milestones and market growth and to further drive market growth and IPO readiness, the company has also appointed BJ Jenkins, CEO of Barracuda Networks, to its board of directors.
Comodo CA Achieves Record 45 Percent Year over Year Revenue Growth Fueled by 30 New Global Partners (GlobeNewswire News Room) Comodo CA, a worldwide leader in digital identity solutions today announced record-setting growth from its channel program, delivering a 45 percent increase in year-over-year revenue.
Palo Alto Networks posts revenue and profit above Street estimates (CNBC) Palo Alto Networks' revenue and profit topped Wall Street estimates and the company gave an upbeat third-quarter forecast.
Elliott Could 'Crystalize' Akamai Campaign Soon (TheStreet) The deadline for nominating dissident director candidates at the undervalued technology company is approaching, which suggests an activist escalation is imminent.
Is This the Best Cybersecurity Stock? (Fox Business) Don't get caught up in focusing only on "pure plays."
iHLS Accelerator is Looking for Game-Changing Technologies (iHLS) We at the iHLS Security Accelerator are looking for disruptive ground-breaking technologies offering solutions for
20 Cyber Security Startups to Watch in 2018 (eSecurity Planet) Here are 20 hot IT security startups addressing everything from IoT security and blockchain to artificial intelligence and machine learning.
Netskope Expands Commitment to Enterprise Security with New Office of the CSO (PR Newswire) Netskope, the leader in cloud security, today announced the...
Products, Services, and Solutions
BUFFERZONE Eliminates Cyber Mining Malware Threat With Updated Prevention-Based Container Security Technology (Yahoo Finance) BUFFERZONE SECURITY , a provider of container and CDR (Content Disarm & Reconstruct) based next-generation endpoint security solutions protecting organizations ...
Sophos Introduces New Mobile Endpoint Security Solution (Best Endpoint Security Protection Software and Vendors) Sophos today announced the release of their latest version of their management and mobile endpoint security platform: Sophos Mobile 8.
Certified Identity Governance Expert® (CIGE) Overview & Curriculum (Identity Management Institute) Identity and Access Governance (IAG) provides the link between Identity and Access Management (IAM) rules and the policies within a company to protect systems and data from unauthorized access, streamline processes, reduce risk, and ensure compliance with the appropriate requirements
Alexa, ask McAfee to scan my network (CSO Online) At Mobile World Congress 2018, McAfee said it plans to launch Secure Home Platform (SHP) for Amazon Alexa, so a connected home’s network security can be managed via voice.
ESET launches smart TV security (ITP.net) Vendor moves to protect consumers from rising malware threats.
Misleading Cyber Foes with Deception Technology (Dark Reading) Today's deception products go far beyond the traditional honeypot by catching attackers while they are chasing down non-existent targets inside your networks.
Secure communications service Wickr is rolling out new free features (TechCrunch) Wickr, the secure communications service, is bringing new features to its free users. Already available to paying Wickr customers, users of Wickr's "Me"..
Trustwave launches proactive Threat Hunter service (GCN) The service promises to look both internally and externally for early signs of compromise.
Gemalto Enables Swift and Secure Creation of Trusted Digital Identities (BusinessWire) Gemalto, the world leader in digital security, showcases at Mobile World Congress its ability to enable Trusted Digital Identities that will unlock a
Fraud Fighting With AI-Based Biometrics Security & Password Module (Credit Union Times) An AI algorithm pioneers significant fraud-fighting technologies to detect anomalies in an interaction.
OriginGPS releases LTE-M system for low-power IoT products (GPS World) OriginGPS has chosen Gemalto’s Cinterion LTE-M wireless module to build its latest miniature OriginIoT system. Gemalto, a digital security company, designed the module for low-power applicati…
TechVets launches to offer UK military veterans a route into cyber and startups (TechCrunch) There’s a problem in the UK tech industry and it’s staring us in the face. The tech industry is growing at twice the rate of the wider economy and now..
Technologies, Techniques, and Standards
Gearing up to meet GDPR compliance requirements (TechTarget) Ice Miller attorney Nicholas Merker gives a webcast presentation on how to prepare for the GDPR compliance requirements.
11 Tips for prioritizing security spending (Networks Asia) How to keep things locked down when you can't afford new locks.
Do you have a rehearsed cyberattack response plan? (Canadian Lawyer) Companies need to create and rehearse an incident response plan to avoid late intervention during a cyberattack, according to panellists speaking at a conference in Toronto last week.
Law Firm Security: Will Your Router Cost You Your License? (The National Law Review) Insigniary showed in their research that a large number of WiFi routers have firmware issues, which allow for data breaches and hacks. These issues have existed for almost two years, yet they haven&rs
How to Prevent Data Breaches Caused by Employees (Security Boulevard) Studies have shown that data breaches can be traced back to employees of an organization. It is important to note, however, that employees who cause these data breaches can be categorized into three types...
Getting the most out of your next generation firewall (ITworld) Next generation have a lot of useful features, but they only work if IT pros use them, configure them properly and keep them updated.
Perimeter vs Persistent Security: Five Steps to Ensure Network Security (SecurityWeek) Organizations need to be able to quickly identify threats and vulnerabilities inside the network, formulate a plan of action through testing and remediate issues before they get out of control.
A New Era in Network Segmentation? (Healthcare Informatics Magazine) As part of our Cybersecurity Special Report, Mark Hagland speaks with healthcare IT experts about network segmentation, a standard strategy in IT security receiving new scrutiny, as the need for advanced strategies becomes more and more apparent in healthcare.
Research and Development
Mind The Gap -- How Quantum Computers May Leave Today's Online Services Vulnerable (Forbes) When you order something online or interact with your bank or healthcare provider the data sent across the internet is most likely encrypted with today's strongest cryptography using very large prime numbers.
Should we apply the brakes on artificial intelligence research? (LiveMint) Should AI research be on the same pedestal as research into the cloning of humans, with which, by the by, it shares many ethical characteristics?
Governors must shepherd in AI with responsible data stewardship, IBM CEO says (StateScoop) Ginni Rometty says artificial intelligence will affect 100 percent of jobs and that state leaders have a central role to play as the technology emerges.
Legislation, Policy, and Regulation
State Department designates 7 ISIS-affiliated groups as terrorist organizations (FDD's Long War Journal) The State Department announced today announced today that seven ISIS-affiliated groups have been designated as terrorist organizations. Underscoring the so-called caliphate's growth outside of Iraq and Syria, the move targets ISIS affiliates in Bangladesh, Egypt, the Philippines, Somalia, Tunisia and West Africa. Two ISIS leaders in Africa were named as specially designated global terrorists as well.
Understanding the cyber threat key to UK defence, says NCSC (ComputerWeekly.com) Understanding cyber threats is key to defending the UK and ensuring it is a safe place to do business, says the National Cyber Security Centre.
U.S. cybersecurity threat risk remains high -- no signs of lessening (CSO Online) The U.S. Director National Intelligence says the public and private sectors in the U.S. are at continual risk and the country should expect cyber attacks from nation state and non-state actors.
Top intel official says US hasn't deterred Russian meddling (Fifth Domain) “I believe that President (Vladimir) Putin has clearly come to the conclusion that there’s little price to pay and that therefore, ‘I can continue this activity,‘” Adm. Mike Rogers, director of both the U.S. Cyber Command and the National Security Agency, told Congress.
Senators: Cyber Command should disrupt Russian influence campaigns (Fifth Domain) Senators pressed Cyber Command on how they can use their national mission force to combat Russian cyber intrusions.
Rogers: CyberCom lacks authority, resources to defend all of cyberspace (FCW) The outgoing NSA and U.S. Cyber Command chief told lawmakers CyberCom is not sitting on its hands when it comes to potential Russian cyber interference, but it lacks the authority to do more absent additional presidential direction.
NSA: Trump’s Lukewarm Response on Russia Will Embolden Putin (Infosecurity Magazine) NSA: Trump’s Lukewarm Response on Russia Will Embolden Putin. Expect more election interference, Cyber Command boss warns
Decoding NSA director Mike Rogers' comments on countering Russian cyberattacks (Washington Examiner) It's not as simple as 'I'm not authorized to do anything.'
The ‘real strength’ in Cyber Command’s recent work (Fifth Domain) Cyber Command has made significant progress in recent years with the integration of cyber into traditional military operations, the organization's chief said.
SEC, Congress take steps toward cyber accountability and transparency (TheHill) Cyber risk affects virtually every kind of enterprise. It is not a matter of if, but when. Companies should start with the presumption that they will be attacked.
Senator Markey officially introduces legislation to reestablish net neutrality (TechCrunch) Senator Ed Markey (D-MA) has introduced legislation to reverse the FCC's recently published order and reestablish 2015's net neutrality rules. Although the..
Warrantless surveillance law proves it’s time to take privacy into our own hands (TechCrunch) The warrantless surveillance law gained attention in 2013 when Edward Snowden leaked that the NSA was using it to spy on Americans’ text messages, phone..
Inside the dark web of the UAE's surveillance state (Middle East Eye) Since the Arab uprisings of 2011, UAE has utilised 'cyber-security governance' to quell the harbingers of revolt and suppress dissident voices
3 years after data breach, OPM still struggling to modernize IT (FederalNewsRadio.com) In OPM’s inspector general’s latest management report on the IT modernization initiative, auditors called into question the agency’s planning process.
Litigation, Investigation, and Law Enforcement
U.S. intel: Russia compromised seven states prior to 2016 election (NBC News) The intelligence community determined Russia had accessed state websites or voting databases, but never told the states who was behind it.
Bernie Sanders struggles to address Russian support after Mueller indictment (Fox News) Sen. Bernie Sanders has seemingly struggled to address recent allegations that Russia's campaign to interfere in the 2016 presidential election included a plan to boost his Democratic primary campaign.
Kushner loses access to top-secret intelligence (POLITICO) A memo sent Friday downgraded the presidential son-in-law and adviser and other White House aides who had been working on interim clearances, barring them from top-secret information.
Microsoft doesn’t want to turn over foreign server data, SCOTUS to weigh in (Ars Technica) Silicon Valley fears that if US wins, its data held abroad will be vulnerable.
Justices look at how older law applies to internet cloud (Federal Times) The justices heard arguments in a dispute between the Trump administration and Microsoft Corp. over a warrant for emails stored in the internet cloud outside the United States.
Palantir has secretly been using New Orleans to test its predictive policing technology (Verge) Palantir deployed a predictive policing system in New Orleans that even city council members don’t know about
How Liberals Amped Up a Parkland Shooting Conspiracy Theory (WIRED) A fake story about a Parkland student started on the right, but outrage-tweeting on the left propelled it into the mainstream.
ISIS recruiter caught by Facebook screenshot (Naked Security) An ISIS follower tried to radicalize hundreds of strangers worldwide, until one of his targets captured the messages and gave them to police.
Bot Roundup: Avalanche, Kronos, NanoCore (KrebsOnSecurity) It’s been a busy few weeks in cybercrime news, justifying updates to a couple of cases we’ve been following closely at KrebsOnSecurity.
Apple co-founder Steve Wozniak scammed by Bitcoin fraudster (Naked Security) Apple co-founder and tech icon Steve Wozniak has reportedly admitted falling victim to Bitcoin fraud.
Does Cyber Insurance Cover Lawsuits? (CyberInsureOne) Cyber insurance is designed to insulate policyholders from financial consequences resulting from cyber incidents. Those incidents include everything from a large-scale data breach to an accidental denial of services.