Cyber Attacks, Threats, and Vulnerabilities
Russia’s Fancy Bear Hacks its Way Into Montenegro (Balkan Insight) A notorious Russian cyber-espionage group is believed to have been behind a number of attacks targeting Montenegrin institutions in the last year.
Cyber-Espionage Hits Berlin: The Breach from the East (SPIEGEL ONLINE) German intelligence officials issued warnings back in 2016 of a cyber-espionage group known as Snake. But the apparently Russian hackers behind the group were able to breach the German government nonetheless.
Reddit Says It Removed Hundreds of Suspected Russia-Linked Accounts (Motherboard) The website's CEO, Steve Huffman, admitted that Reddit was subject to 2016 election propaganda.
New Malware Used in Attacks Aimed at Inter-Korean Affairs (SecurityWeek) State-sponsored threat group interested in inter-Korean affairs continues to launch highly targeted attacks using new malware
North Korea could have profited $200 million from Bitcoin to boost missile program (9Finance) An expert believes the nation is using cyber hacking to skirt around economic sanctions.
Member Of Basij Behind Fake Radio Farda Website (RFE/RL) The man behind dozens of fake news websites in Iran is a member of the Basij militia, one of the forces of the Islamic Revolutionary Guards Corps.
The Iranian Cyberthreat (SC Media US) Can diplomacy and defense declaw this prowling 'kitten'?
The cyber caliphate (Colorado Springs Independent) When it comes to maintaining land, ISIS has not had a good year. A series of defeats has left the terrorist group without a state,...
MY TAKE: Necurs vs. Mirai – what ‘classic’ and ‘IoT’ botnets reveal about evolving cyber threats (Security Boulevard) I’ve written about how botnets arose as the engine of cybercrime, and then evolved into the Swiss Army Knife of cybercrime. It dawned on me very recently that botnets have now become the bellwether of cybercrime. This epiphany came after checking in with top experts at Proofpoint, Forcepoint, Cloudflare and Corero — leading vendors that
Threat of new malware looms over cyberspace (The Hindu) Saposhi can take over electronic devices and use them for DDoS attack
Triada Trojan Pre-Installed on Low Cost Android Smartphones (SecurityWeek) The sophisticated Triada Trojan has been found embedded in the firmware of more than 40 low-cost Android smartphone models.
How Criminals Can Build a “Web Dossier” from Your Browser (Exabeam) All kinds of personal information, from your location, work hours, habits, banks, applications, and even passwords are there for the taking. Web browsers store an incredible amount of sensitive information about you. Website developers have a variety of ways of using modern browsers to customize the experience for users. Advertisers also use these features to maximize the impact of ads shown on sites. The result is that a lot of information about you is stored[...]
MIRUS malware infects html files with CoinHive scripts: Quick Heal (Hindu Business Line) Researchers at Quick Heal Security Labs have reported a crytomining malware that injects CoinHive JavaScript into html files while also injecting virus in files with *.exe, *.com, *.scr and *.pif exte
Spectre-Inspired Attacks Can Steal Data from Intel SGX Enclaves (Security Boulevard) Researchers have developed new techniques inspired by the recent Spectre CPU vulnerability to completely compromise the confidentiality of hardware-based secure enclaves created with Intel's Software Guard eXtensions (SGX).
Malware Authors Turn to DNS Protocol as a Covert Channel (Infosecurity Magazine) DNS command and control (C&C) and DNS exfiltration can be successful because DNS is an integral part of the internet's infrastructure.
The Keeper browser extension flaw: How can users stay secure? (SearchSecurity) A Keeper browser extension vulnerability brought attention to security issues with password managers. Here's a look at how to avoid similar problems.
Backdooring connected cars for covert remote control (Help Net Security) We've all known for a while now that the security of connected cars leaves a lot to be desired. The latest proof of that sad state of affairs comes from Argentinian security researchers and hackers Sheila Ayelen Berta and Claudio Caracciolo. The pair is set to demonstrate a hardware backdoor for the CAN bus that can
Social media phishing on the rise as attackers experiment with tactics (Security Brief) The data suggests a pivot in tactics away from traditional cloud service providers.
Inside the Profitable Underworld of Ransomware (Government Technology) The FBI says that the ransomware “business” continues to turn a handsome profit, and attacks are only getting more sophisticated.
Cryptocurrency-stealing malware relies on victims copy-pasting wallet info (Help Net Security) An unconventional email spam campaign has been delivering unusual cryptocurrency-stealing malware to American and Japanese users.
Hackers crack Final Fantasy XV Windows edition before its launch (HackRead) For gaming fans, the release of Final Fantasy XV for Windows was the event of the month given the high level of popularity this game has managed to garner over the years and the fierce fan-following it boasts of. However, much to their disappointment there are reports of Square Enix’s game being cracked by a Chinese
NIS America hacked: Customer payment card data stolen, $5 off next purchase offered as apology gift (International Business Times UK) The breach took place sometime between 23 January and 26 February on NIS America's online stores.
Payment Card Breach Hits Some Applebee's Restaurants (SecurityWeek) Over 160 RMH-owned Applebee’s restaurants had their PoS systems infected with malware designed to capture payment card information
USDA to block 400 websites after IG finds employees looking at porn (FederalNewsRadio.com) At the same time, Chris Lowe, the chief information security officer at USDA, is being reassigned to a bureau level role as part of a continued house cleaning of IT officials.
Rockdale ISD his with W-2 scam (SC Media US) Every employee with the Rockdale, Texas Independent School District had their W-2 tax form information stolen in a spearphishing attack.
Nuance Estimates NotPetya Impact at $90 Million (SecurityWeek) Nuance Communications, one of the companies to have been impacted by the destructive NotPetya attack last year, estimates the financial cost of the attack at over $90 million.
Security Patches, Mitigations, and Software Updates
Delta Patches Vulnerabilities in HMI, PLC Products (SecurityWeek) Delta Electronics patches several vulnerabilities in two of its HMI and PLC products, including high severity issues that can allow remote code execution
Cyber Trends
2018 Thales Data Threat Report Healthcare Edition | Data Security Issues, Risks, Trends, and Concerns (Thales e-Security) Driven by escalating cyberattacks, traditional insider threats, privacy requirements and data residency regulations, enterprises around the world are facing increasing pressures to protect their data and reduce the exposure of their organizations to data related risks.
Report: 58 Percent of PHI Data Breaches Involve Insiders (Healthcare Informatics Magazine) Almost 60 percent of data breach incidents involving protected health information (PHI) involved insiders, which makes healthcare the only industry in which internal actors are the biggest threat to an organization’s data security, according to a recent Verizon security report.
Researchers explore real-world deployment of connected medical devices (Help Net Security) A ZingBox provides insight into the type of connected medical devices deployed, their unique behaviors, and associated security issues. This report is based on the detailed analysis of devices across 50 hospitals in 2017.
Exclusive: Is cybersecurity losing because it’s too profit-focused? (Security Brief) “Given their pay is never guaranteed, cybercriminals are outperforming the 'good guys' in many particular aspects only because they are 'hungry'."
Due Diligence on Cybersecurity Becomes Bigger Factor in M&A (Wall Street Journal) Growing concerns about cybersecurity have made assessing cyber risk vital to deal strategy.
Marketplace
More Security Vendors Putting 'Skin in the Game' (Dark Reading) Secure messaging and collaboration provider Wickr now publicly shares security testing details of its software.
How Silicon Valley went from ‘don’t be evil’ to doing evil (Orange County Register) Meet the new boss. Same as the old boss. – The Who, “We won’t be fooled again”, 1971 Once seen as the saviors of America’s economy, Silicon Valley is turning into something more of an emerging axis…
SCREEEECH: US national security agency puts brakes on Qualcomm takeover (Register) CFIUS sends Broadcom deal TITSUP* for 30 days
KnowBe4 Expands Into South Africa by Acquiring Popcorn Training (KnowBe4) Company continues its expansion of the world’s largest library of security awareness training.
Cybersecurity unicorn Zscaler sets terms for $110 million IPO (NASDAQ.com) Zscaler, which provides a cloud-based network security service for enterprises, announced terms for its IPO on Monday. The San Jose, CA-based.
Portuguese web security startup Jscrambler nets $2.3 ml Series A (PE Hub) Portugal-based Jscrambler, a web security startup, has secured more than $2.3 million in Series A funding. Sonae IM led the round with participation from Portugal Ventures.
Aussie cyber security bounty hunter Bugcrowd has big plans after $33m round (Financial Review) Aussie founded BugCrowd will double in size after raising $33m for its 'white-hat' hackers who already serve the likes of Mastercard and Tesla.
AlienVault Reports Strong Finish to 2017 with 50 Percent Year-over-Year Revenue Growth (GlobeNewswire News Room) Fueled by Adoption of AlienVault USM Threat Detection Platform; More than 7,000 Commercial Organizations and More than 500 MSSPs Rely on AlienVault
Ex-Cisco CEO tells why he's going his own way in venture (Silicon Valley Business Journal) In this bonus interview from this week's Business Journal cover story, John Chambers digs deeper into why he launched a private family investment fund instead of joining an existing firm, and his goals for Palo Alto-based JC2 Ventures.
Singtel Innov8, NUS to create cybersecurity startup hub in Singapore (e27) In addition to providing access to working space and funding, ICE71 will also provide startups with cybersecurity resources to test and build proof-of-concept solutions in a virtual environment
Vendor Q&A Series: Sean Sykes, Avast (Channelnomics) The latest channel exec to sit in the Channelnomics hot seat is Avast's managing director of the Americas
This Female Founder Helps Businesses Stay Ahead Of Hackers (The Story Exchange) Molly O’Hearn is in the protection business. She is co-founder and vice president of operations of Iovation, a Portland, Ore., information security firm. Her company sells fraud prevention tools that help businesses protect customers from identity and credit card theft and other hacks, as well as authentication products that help firms verify customers’ identities. Iovation’s top priority is to stay ahead of hackers -- a focus that O’Hearn and her co-founders, Jon Karl and Greg Pierson,
DarkMatter names new CEO (Tahawul Tech) DarkMatter has appointed Karim Sabbagh as its new chief executive officer, effective April 2018.
Armored Things Hires Elite Cyber Security Specialists (Benzinga) Armored Things announces two executive hires in cyber security, former Carbon Black Chief Architect, Chris Lord and fellow Carbon Black alumnus, Joshua Hartley.
Boston,...
Products, Services, and Solutions
Acalvio Executive to Moderate Panel on Deception Technology at SINET 2018 (PR Newswire) Acalvio™ Technologies, an innovator in Advanced Threat Defense,...
Technologies, Techniques, and Standards
With Less Than 90 Days to Go, Are You Ready for GDPR Enforcement? (Security Intelligence) Are you there yet? Which "there" are we talking about? Unless you've been hiding under a rock for the past year, you probably know that I'm talking about your GDPR plan.
How to choose a penetration testing service (Help Net Security) Outsourcing your penetration testing efforts can offer fresh and customized methodologies that can be utilized by the external resources which usually means better quality and coverage.
How to improve your security infrastructure when you're on a budget (Help Net Security) What does your security infrastructure budget look like? How can you improve it? Matt Corney, CTO at Nuspire Networks offers advice help you.
Vermeer's Camera: Uncovering the link between art criticism and cybersecurity (Help Net Security) Forensics provides evidence of who, what, and how. Today, the business need for computer forensics extends beyond litigation support into compliance.
Academia
Deadline approaches for Department of Homeland Security cybersecurity internship (Reporter) Still in college and interested in a cybersecurity career? Then you may want to apply for the 2018 Secretary’s Honors Program (SHP) Cyber Student Volunteer Initiative sponsored by the U.S. Department of Homeland Security.The window
Vermont high school girls successfully complete cyber challenge (Vermont Business Magazine) Governor Phil Scott today recognized the Vermont high school girls who participated in the GirlsGoCyberStart challenge, a cybersecurity training partnership between states and the SANS Institute
Legislation, Policy, and Regulation
Israeli Government Asked European Security Companies for Zero-Days in Unsolicited Emails (Motherboard) Israel cast a wide net in Europe too, looking to purchase zero-days for its law enforcement and intelligence agencies.
A Russian Threat on Two Fronts Meets an American Strategic Void (New York Times) President Trump has responded to Russia’s ramped-up nuclear arsenal and cyberweapons with a mix of Cold War-era approaches and virtual silence.
Sanctions for NotPetya? You Betcha. (The Cipher Brief) The White House deployed words to chide Russia for the NotPetya attack. On 15 February 2018, the White House Press Secretary released a blunt statement: In June 2017, the Russian military launched the most destructive and costly cyber-attack in history. The attack, dubbed “NotPetya,” quickly spread worldwide, causing billions of dollars in damage across Europe, …
Sen. King calls for national doctrine of cyber deterrence (Homeland Preparedness News) Warning that the United States is engaged in or at the brink of cyber war, U.S. Sen. Angus King (I-ME) called for a national doctrine of cyber deterrence during two separate hearings on Thursday. King spoke about the importance of …
As midterms heat up, lawmakers feeling good about ballot box security (Washington Examiner) Partisan tensions flared on Feb. 27 with Adm. Mike Rogers' testimony before the Senate Armed Services Committee that he hasn't received a di...
Let Industry Lead on Grid Cybersecurity Defenses, ex-NSA Expert Says (RTO Insider) The Senate Energy and Natural Resources Committee held a hearing on cybersecurity, with one witness advising a pause in CIP standards.
Cyber security to be newly taught at Czech army's university (Prague Monitor) The Czech University of Defence will newly teach its students cyber security, Defence Minister Karla Slechtova told after meeting the university management and students on Friday
NY National Guard soldiers deploy for cyber security duty (Idaho Statesman) Twenty-five New York Army National Guard cyber security team members are mobilizing for federal duty.
The joys of changing Privacy Laws (SANS Internet Storm Center) There are a few privacy changes that have occured and will occur. You may be affected, so I've summarised it here. Please keep in mind I'm not your legal counsil so as always, check yours.
Litigation, Investigation, and Law Enforcement
Cellebrite executive says unlocking the iPhone is for the public good (Phone Arena) Just the other day, we told you that Israeli tech company Cellebrite said that it can now unlock all Apple iPhone models running up to iOS 11.2.6, which happens to be the last public release of the OS. The company's chief marketing officer, Jeremy Nazarian, recently told Forbes that there are good reasons to have this capability. The executive read some of these off as though he was reciting the list of plagues during a Passover sedar...
Mysterious $15,000 'GrayKey' Promises To Unlock iPhone X For The Feds (Forbes) Just a week after Forbes reported on the claim of Israeli U.S. government manufacturer Cellebrite that it could unlock the latest Apple iPhone models, another service has emerged promising much the same. Except this time it comes from an unkown entity, an obscure American startup named Grayshift, which appears to be run by long-time U.S. intelligence agency contractors and an ex-Apple security engineer.
Jailed Russian: Here’s How I Hacked The U.S. Election (Fast Company) From a cell in a high-security prison outside Moscow, Konstantin Kozlovsky reveals more about the software he claims disrupted the 2016 election.
Christopher Steele, the Man Behind the Trump Dossier (The New Yorker) How the ex-spy tried to warn the world about Trump’s ties to Russia.
Expert: Farce involving Russia’s US elections breach needs resolving (Security Brief) Multiple US officials have announced the intelligence community had evidence that states had been compromised by Russia but didn't tell anyone.
Chuck Todd: Mueller Indictment Contradicts McDonough's Claim That Obama's Warning to Putin Was 'Impactful' (Washington Free Beacon) NBC's “Meet the Press” host Chuck Todd on Sunday pushed back against Barack Obama's former White House chief of Staff Denis McDonough for his claim that Obama's warning to Russian President Vladimir Putin was 'impactful.'
Lessons from the Carphone Warehouse cyber-attack (Essential Retail) How can retailers learn from the Carphone Warehouse attack and tackle poor security before disaster strikes?
Angry Coinbase users sue over claimed security failings, insider trading (Ars Technica) In one case, man called what he thought was Coinbase's customer support—it wasn't.
The Pirate Bay suffers 40% traffic drop after domain ban in Netherlands (HackRead) The Pirate Bay is in hot water once again - This time the reason is the Netherlands where authorities have blocked The Pirate Bay resulting in 40% traffic drop.
Penn. AG sues Uber over breach, delayed notification (SC Media US) Pennsylvania's attorney general is suing Uber for delaying disclosure for more than a year of a breach that exposed the personal information, such as drive
Uber 'Surprised' by Totally Unsurprising Pennsylvania Data Breach Lawsuit (WIRED) Pennsylvania’s attorney general filed a lawsuit against the ride-hailing giant Monday for failing to disclose a massive hack for over a year—and may not be the last