Cyber Attacks, Threats, and Vulnerabilities
Russia-linked Hackers Directly Targeting Diplomats: Report (SecurityWeek) The Russia-linked cyber espionage group Sofacy (APT28) has been targeting foreign affairs agencies and ministries worldwide in a recently discovered campaign, Palo Alto Networks warns.
Cyberattack 'Ongoing' Against German Government Network (SecurityWeek) The German government's IT network is under an "ongoing" cyberattack", the parliamentary committee on intelligence affairs said.
Infamous Russian Cyber-Espionage Group Hacks German Government (BleepingComputer) APT28, an infamous cyber-espionage unit that many security firms believe is acting at the behest of the Russian government, has hacked various German government agencies for more than a year.
Russian-Linked Hackers Target Foreign Ministries (PCMAG) The hacking group, known as Fancy Bear, is best known for breaching the Democratic National Committee during the 2016 US election.
No evidence thus far that Russia behind German cyber attack:... (Reuters) German Economy Minister Brigitte Zypries on Thursday said there were no indications thus far that Russia was behind a cyber attack on German computer networks disclosed by Berlin on Wednesday.
Russia cyber attack on Germany a 'form of warfare' (The Telegraph) A suspected attack by Russian hackers on computer systems used by the German government is still ongoing and may be more serious than at first thought, MPs warned on Thursday.
German Gov’t Hacks shouldn’t Surprise Anyone (Safe and Savvy Blog by F-Secure) F-Secure’s Tom Van de Wiele says the reports about the recent attacks against the German government shouldn't come as a surprise.
North Korean Hackers May Be Developing Malware That Could Shut Down the U.S. Power Grid (The Daily Beast) More than half of security vulnerabilities tested in U.S. industrial systems could lead to “severe operational impact.”
North Korea poses a greater cyber-attack threat than Russia, security expert warns (The Independent) North Korea poses a more considerable cyber-attack threat to the international community than Russia, according to cyber-security firm CrowdStrike. Kim Jong-un's regime has been connected to a number of major hacks in recent years, with its attention primarily focused on neighbour and rival South Korea.
Beijing’s Influence Operations Target Chinese Diaspora (War on the Rocks) Editor’s Note: This is the fourth installment in “Ministry of Truth,” a special series on state-sponsored influence operations. Catch up on the series here
Iran-Linked Chafer Group Expands Toolset, Targets List (SecurityWeek) The Iran-based targeted attack group known as "Chafer" has been expanding its target list in the Middle East and beyond and adding new tools to its cyberweapon arsenal, Symantec warns.
GitHub Survived the Biggest DDoS Attack Ever Recorded (WIRED) On Wednesday, a 1.3Tbps DDoS attack pummeled GitHub for 15-20 minutes. Here's how it stayed online.
GitHub hit with the largest DDoS attack ever seen (ZDNet) DDoS attackers have found a new way of magnifying their attacks, with experts warning that bigger attacks are likely.
First Native IPv6 DDoS Attack Strikes, As Organisations Face Yet Another New Cyber Threat (Information Security Buzz) DNS dictionary attack came from around 1,900 different hosts on over 650 varying networks A first of its kind IPv6 DDoS attack hit servers over the weekend, raising a red flag for the future era of cyber-crime, according to global web security firm, Neustar. The DNS threat – which was successfully defended against – came from …
Financial Cyber Threat Sharing Group Phished (KrebsOnSecurity) The Financial Services Information Sharing and Analysis Center (FS-ISAC), an industry forum for sharing data about critical cybersecurity threats facing the banking and finance industries, said today that a successful phishing attack on one of its employees was used to launch additional phishing attacks against FS-ISAC members.
Beware; rTorrent Client Exploited to Mine Monero Cryptocurrency (HackRead) Hackers are exploiting a critical vulnerability in rTorrent to mine Moero cryptocurrency and so far $4,000 Monero has been made.
Cybersecurity Incident & Important Consumer Information (Equifax) As a result of ongoing analysis of data stolen in last year’s cybersecurity incident, Equifax announced that the company has confirmed the identities of U.S. consumers whose partial driver’s license information was taken. We were able to identify these consumers by referencing other information in proprietary company records that the attackers did not steal, and by engaging the resources of an external data provider.
Major data breach at Marine Forces Reserve impacts thousands (Marine Corps Times) Thousands of Marines and sailors have had their bank account and credit card information compromised.
Chrome Lets Hackers Phish Even 'Unphishable' Yubikey Users (WIRED) While still the best protection against phishing attacks, some Yubikey models are vulnerable after a recent update to Google Chrome.
Python-Written CannibalRAT Used in Targeted Attacks (SecurityWeek) The newly identified CannibalRAT has been written entirely in Python is being used in highly targeted attacks, Cisco Talos researchers say.
Five Threat Groups Target Industrial Systems: Dragoz (SecurityWeek) Industrial cybersecurity firm Dragos summarizes the activities of five sophisticated threat groups that target industrial control systems (ICS)
The Industrial Cyber Threat Landscape (Committee on Energy and Natural Resources, United States Senate) Chairwoman Murkowski, Ranking Member Cantwell and members of the committee, thank you for providing me the opportunity to testify before you today.
Security Implications of the End of Net Neutrality (SecurityWeek) Internet traffic modifications by ISPs as a result of the FCC's decision to end net neutrality create a huge potential attack surface.
Threat Spotlight: Attached Password Stealer (Barracuda) Earlier this month we revealed a new security advisory platform...
UK Uni Students Lose £100,000 to Phishers (Infosecurity Magazine) UK Uni Students Lose £100,000 to Phishers. Student Loans Company scams on the rise
Britons love of p[0]rnography puts them at risk of 'digital STI' (The Telegraph) Britons’ growing penchant for p[0]rnography is putting them at risk of particularly nasty computer viruses that could cost victims their savings, cyber experts have warned.
Security Patches, Mitigations, and Software Updates
Bug in HP Remote Management Tool Leaves Servers Open to Attack (Threatpost) Firmware versions of HPE’s remote management hardware iLO3 have an unauthenticated remote denial of service vulnerability.
Microsoft releases Spectre fixes for Windows 10 on Skylake CPUs (Help Net Security) Microsoft has pushed out a new set of Spectre (variant 2) security updates for devices running on Skylake CPUs and Windows 10 Fall Creators Update or Windows Server version 1709 (Server Core).
Cellebrite: We Keep iPhone Flaws Secret For The Public's Safety (Forbes) Earlier this week, Forbes learned that Israel-based U.S. government contractor Cellebrite was touting the ability to unlock the majority of iOS models on the market.
Philips Working on Patches for 35 Flaws in Healthcare Product (SecurityWeek) Philips working on patches for dozens of flaws affecting IntelliSpace Portal, a visualization and analysis solution designed for healthcare organizations
Cyber Trends
10 Key Takeaways From Cisco's Annual Cybersecurity Report (CRN) Attackers are getting better at evading detection and have made serious headway in exploiting new technologies like IoT and cloud services, Cisco's cybersecurity report finds.
How & Why the Cybersecurity Landscape Is Changing (Dark Reading) A comprehensive new report from Cisco should scare the pants off enterprise security leaders.
Why Cybersecurity Is More Difficult Today Than 2 Years Ago (Recorded Future) Research from ESG says cybersecurity professionals have found their jobs becoming more difficult over the last two years. Find out what a threat intelligence solution should entail to make your job easier.
SecOps reality gap: 85% say practicing SecOps is a goal, 35% actually do (Help Net Security) The SecOps reality gap is real. The vast majority of companies are bought-in, but unfortunately, a major gap exists between intent of practicing SecOps and the reality of their fast-growing businesses.
Marketplace
Cyber Command planning an analytics program called RAINFIRE (Fedscoop) The DoD cyberwarfare agency is seeking insights on joint analytics support capabilities it’s looking to obtain, including development and optimization.
NGA previews acquisition overhaul (FCW) The National Geospatial-Intelligence Agency is looking to revamp its acquisition process to lean heavily on small businesses and agile spending authorities.
One third of directors concerned about the cost of GDPR compliance (Africom) Those in arts & entertainment are least prepared, with over half (52%) not having started compliance efforts. Non-compliance can result in fines of up to 4% of the company's global annual turnover or €20 million, whichever is higher. Losing this amount of money could force most businesses into liquidity issues.
GDPR Is Almost Here, Let the Data Protection Officer Talent Race Begin (Wall Street Journal) T.S. Eliot once said most of the evil in this world is done by people with good intentions. And while data privacy is certainly a good intention, GDPR mandates may create unintended consequences. But help may be on the way in the form of a management position designed for knotty data challenges: the data protection officer.
Akamai reveals it paid nearly $400M for its two 2017 acquisitions (Boston Business Journal) Cambridge-based Akamai Technologies Inc. paid $380 million in a pair of 2017 acquisitions meant to boost its web performance and cybersecurity offerings at a crucial time for the $11.5 billion company.
Webroot Drives Four Years of Double-Digit Revenue Growth (PR Newswire) Webroot, the Smarter Cybersecurity® company, announced double-digit...
Wipro To Acquire Minority Stake in Denim Group, a Leading Application Security Solution Provider (BusinessWire) Wipro to acquire minority stake in Denim Group, a leading application security solution provider.
Cyber Insurer Coalition Raises $10 Million to Solve Cyber Risk for SMBs (Coalition) Coalition Inc., the first technology-enabled cyber insurance solution, announced today that it raised $10 million in Series A funding from leading technology investors including Vy Capital, Ribbit Capital, Valor Equity Partners, Sam Altman (President, Y Combinator), and Deep Nishar (Senior Managing Director, Softbank Vision Fund).
UAE-Based Cyber Security Firm DarkMatter Doubles Revenue in 2017 to $400M (Insurance Journal) DarkMatter, a three year-old United Arab Emirates-based cyber security firm, has more than doubled revenue last year to over $400 million. The firm, which
Lockpath Expands Leadership Team (PR Newswire) Lockpath, a leading provider of governance, risk management and...
Products, Services, and Solutions
New infosec products of the week: March 2, 2018 (Help Net Security) New infosec products of the week feature releases from the following vendors: Accellion, Aricent, Corvil, Demisto, ESET and NOS Microsystems.
Arilou Develops First-of-its-kind Technology for Automotive Ethernet (NNG) Dynamic technology makes it possible to securely control in-vehicle communication
UK and Australian governments now use Have I Been Pwned (TechCrunch) Troy Hunt is turning Have I Been Pwned into an essential pwning monitoring service. The service monitors security breaches and password leaks so that you and..
Oxygen Forensics Doubles Down on Drone Forensics by Providing Industry-Exclusive Support for DJI Cloud (Oxygen Forensics) Oxygen Forensics, a worldwide developer and provider of advanced forensic data examination tools for mobile devices, cloud services and drones, announced today that its flagship software product, Oxygen Forensic® Detective v. 10.1 can now obtain data from the DJI cloud, which is the data repository for all DJI drones.
Secure Channels Inc. Future Proofs Data Security with a Quantum Resistant Patented Enterprise Security Platform (PR Newswire) Secure Channels Inc. (SCI), provider of innovative data security and...
Unlocking the Galaxy S9 with Intelligent Scan? It's easy, but maybe not so secure (CNET) An in-depth look at Samsung's new biometrics verification system -- and how it stacks up against the iPhone X’s Face ID -- shows it's not quite safe enough for mobile payments.
Brazilian Security Firm Launches A “Hack-proof” Android Smartphone For Storing Cryptocurrencies (BTCMANAGER) In what appears to be a first-of-its-kind handset, Brazilian security firm Sikur has rolled out a smartphone with a built-in cryptocurrency wallet at the Mobile World Congress 2018 in Barcelona.
Unhackable Hardware
The company claims that the security-focused new handset, dubbed SIKURPhone, is a perfect choice fo ...
Technologies, Techniques, and Standards
Free Decrypter Available for GandCrab Ransomware Victims (BleepingComputer) Bitdefender has released a free decrypter that helps victims of GandCrab ransomware infections recover files without paying the ransom.
Read My Lips: Don't Be a Botnet (Cyxtera) These days, most organizations are aware that they can be the target of a DDoS attack.
Cyber insurance, lessons from the trenches (ITWeb) Cyber insurance should be seen more as part of a risk management strategy, a retainer if you would, says says Ryan van de Coolwijk, ITOO Special Risks: Product Head Cyber Insurance.
Going phishing: countering fraudulent campaigns (World Trademark Review) WTR is a unique and timely intelligence service informing commercial trademark decision making by assessing the business impact of trademark law developments.
Why You Need Collaborative Defense in Depth (Security Intelligence) A collaborative defense strategy enables companies to unite siloed departments, integrate threat defense and extend security capabilities beyond the individual power of each tool.
Design and Innovation
Bill Gates' 'Nonsense' Crypto Comments Draw Twitter Ire (CoinDesk) Billionaire philanthropist Bill Gates claimed cryptocurrency "has caused deaths in a fairly direct way." The crypto community found that very amusing.
Blockchain Technology Is Here To Stay (CIOReview) The distributed ledger technology also known as blockchain technology is currently considered as one of the biggest game...
Microsoft president Brad Smith '82 discusses artificial intelligence future (The Princetonian) “We really need to step back and recognize that we can’t afford to look at this future without critical eyes,” explained Smith. “Technology is always used in good ways and bad, and even when it’s used in good ways, it has an impact that we can’t necessarily predict. It had indirect effects that aren’t necessarily intended.”
What security is needed for digital assistant devices? (SearchNetworking) Alexa for Business Platform and other digital assistant devices are set to transform business operations, but how will they affect cybersecurity?
Research and Development
What is DARPA doing in Ukraine? (Defense News) The Pentagon's famous high-tech weapons office is working with Ukraine's government on information-related systems.
Microsoft advances several of its hosted artificial intelligence algorithms (TechCrunch) Microsoft Cognitive Services is home to the company's hosted artificial intelligence algorithms. Today, the company announced advances to several Cognitive..
Legislation, Policy, and Regulation
Absent at Munich: Placing cybersecurity on the main stage of geopolitics (Defense News) This year’s Munich Security Conference missed a golden opportunity to place cyber on the main stage of geopolitics.
German government under cyber attack, shores up defenses (Reuters) Germany's government was marshalling its defenses on Thursday against a powerful cyber attack that lawmakers said had breached the foreign ministry's computer network and whose origins officials admitted were still unclear.
Ex-CIA chief warns of new Cold War with Russia, WMD threat from ISIS (CBS News) Putin said Thursday in a televised address that the country had developed nuclear weapons that are capable of overwhelming any U.S. defense
Cyber Command Nominee Deflects Questions on Russia (Roll Call) The nominee to lead U.S. Cyber Command and the National Security Agency told lawmakers Thursday he would offer options to the president and Defense secretary to respond to Russian hacking of U.S. elections “if directed” to do so.Lt. Gen. Paul Nakasone, the current head of the Army’s Cyber Command, said the decision whether or not to retaliate for Russian disinformation efforts during the 2016 presidential election or to preempt future attempts at election interference is a policy matter for civilian leadership in the executive and legislative branches.
Cyber Command nominee: attacks must come with a cost (Fifth Domain) Lt. Gen. Paul Nakasone, in written testimony before the Senate Armed Services Committee, outlines the progress both the U.S. and adversaries have made in cyberspace.
Army officer: China, Russia don't fear US cyber retaliation (San Francisco Chronicle) Nations including China and Russia that launch cyberattacks against the U.S. don't fear retribution and see no reason to change their behavior, the Army officer tapped to be the next head of U.S. Cyber Command told a Senate Committee Thursday.
How a new leader could reshape Cyber Command (Fifth Domain) As Cyber Command grows and matures, here are tangible ways it can evolve under its new commander.
Here’s the Letter Israel Sent to Solicit Zero-Days From American Hackers (Motherboard) In a peek into the way governments may source hacking tools, Motherboard obtained a 2015 letter the Israeli Ministry of Defense sent to US-based exploit developers.
White House preparing for McMaster exit as early as next month (NBC News) President Trump has been at odds with his national security adviser for months
White House denies national security adviser McMaster is departing (Military Times) The White House pushed back Thursday against an MSNBC report that President Donald Trump is planning to imminently replace National Security Adviser H.R. McMaster.
Condoleezza Rice: H.R. McMaster should stay on as national security adviser (Washington Examiner) 'H.R. McMaster is one of the best generals of his generation. He's doing a really fine job as national security adviser. I have no idea abou...
Exclusive: Xi confidant set to become China's new spy master - sources (Reuters) A vice minister of public security, a close confidant of President Xi Jinping, is tipped to take over as China's spy master, five sources said, as the country looks to clean up its security apparatus and plug intelligence gaps.
Data61 CEO bumped up to CSIRO executive along with new chief scientist role (ZDNet) Among an executive restructure, Australia's national science agency will receive its own chief scientist.
ICO: 'There's so much misinformation out there' on GDPR (Computing) Elizabeth Denham keen to 'bust myths' about the regulator's approach to compliance
Corps unveils new cyber job field (Marine Corps Times) A big step in the Corps' development of cyber career tracks.
Congress needs to act in a bipartisan way to protect the integrity of our voting system (TheHill) Protecting our democracy should be common sense. While many issues divide us, the integrity of the vote should not.
Speed Up the Security-Clearance System (Bloomberg.com) Jared Kushner isn't the only one who's waiting.
Ducey creates security team to combat cyberattacks against Arizona (Arizona Central) The Republican governor will form the Arizona Cybersecurity Team through an executive order issued Thursday.
Litigation, Investigation, and Law Enforcement
1 State? 7 States? Uncertainty Persists About Russian Cyberattacks On U.S. Election (NPR.org) The intelligence community has more evidence than it has revealed about Russian interference efforts — but so far it is keeping what it knows secret.
PayPal Settles FTC Charges that Venmo Failed to Disclose Information to Consumers About the Ability to Transfer Funds and Privacy Settings; Violated Gramm-Leach-Bliley Act (Federal Trade Commission) The Federal Trade Commission has reached a settlement with PayPal, Inc.
Recent NPAs Set ‘Troubling Precedent’ (Who's Who Legal) In 2017, companies settled violations with the DOJ in unprecedented non-prosecution agreements that contained disavowals of any criminal liability.