Cyber Attacks, Threats, and Vulnerabilities
AMD Investigating Reports of 13 Critical Vulnerabilities Found in Ryzen, EPYC Chips (Threatpost) Researchers on Tuesday disclosed over a dozen critical security vulnerabilities in several AMD chips, opening them up for attackers who want to steal sensitive data and install malware on AMD servers, workstations and laptops.
A raft of flaws in AMD chips makes bad hacks much, much worse (Ars Technica) AMD says its Secure Processor is impenetrable. Instead, it can harbor malware.
Severe Security Advisory on AMD Processors (CTS Labs) This document is meant to inform about multiple critical security vulnerabilities and exploitable manufacturer backdoors inside AMD’s latest EPYC, Ryzen, Ryzen Pro, and Ryzen Mobile lines of processors.
OceanLotus sets sights on high-profile targets in Southeast Asia (WeLiveSecurity) ESET researchers have uncovered the latest additions to the malicious toolkit of the APT group known as OceanLotus focused on Southeast Asia.
"OceanLotus" Spies Use New Backdoor in Recent Attacks (SecurityWeek) OceanLotus, a cyber-espionage group believed to be operating out of Vietnam, has been using a new backdoor in recently observed attacks, but continued to employ previously established tactics.
Winter Olympics Cyber Attack - All Signs Point to Russia (CyberDB) A cyber attack disrupted the recent opening Olympic Games ceremonies, which was confirmed by a spokesman for the Pyeongchang Organizing Committee.
'MuddyWaters' group threatens researchers' lives after they discover attack servers (Cyberscoop) Trend Micro researchers were probing a server that appeared connected to a possible data breach when they received a message that read: "Stop!!! I Kill You Researcher.”
Calendar 2 app pulled from Mac App Store after cryptomining controversy (Graham Cluley) Calendar 2 offered of its features for free if you allowed it to "unobtrusively" generate Monero cryptocurrency in the background. Shame then that it wasn't unobtrusive, and bugs meant it mined regardless of whether you wanted it to or not.
Greedy cybercriminals host malware on GitHub (Avast) Cryptocurrency mining malware, which also installs a malicious Chrome extension, hosted on GitHub for anyone to download.
Smart devices can spy on you, say BGU researchers (The Jerusalem Post) Carefully consider the benefits and risks of connecting a device to the Internet.
Fertility Clinic Liquid Nitrogen Incidents – could they have been hacks? (Control Global) Two different fertility clinics on opposite sides of the country had almost simultaneous failures of their liquid nitrogen systems that appear to be process sensor-related and possibly cyber-related. What are the implications to these and other industries using liquid nitrogen?
Facebook Really Is Spying on You, Just Not Through Your Phone’s Mic (Wall Street Journal) Facebook is now so good at watching what we do online—and even offline, wandering around the physical world—it doesn’t need to hear us to know what we like. Here are some ways to limit the amount of data Facebook and advertisers are collecting about you.
Tweet thieves suspended by Twitter (Naked Security) ‘Tweetdecking’ plagiarists have been making thousands per month, ripping off jokes and tweets and selling retweets.
Florida Virtual School warns of massive data breach (Tampa Bay Times) Florida Virtual School (FLVS) has alerted students, parents, and alumni after a massive security breach.A notice posted by the online school says the data breach occ
Fortnite Gamers Warned Over Account Hacking (Infosecurity Magazine) Players apparently faced with large credit card charges from fraudulent purchases
Security Patches, Mitigations, and Software Updates
Flash, Windows Users: It’s Time to Patch (KrebsOnSecurity) Adobe and Microsoft each pushed critical security updates to their products today. Adobe’s got a new version of Flash Player available, and Microsoft released 14 updates covering more than 75 vulnerabilities, two of which were publicly disclosed prior to today’s patch release.
Microsoft March Patch Tuesday Fixes 74 Security Issues (BleepingComputer) Microsoft has released its monthly security updates, and this month the company patched 74 vulnerabilities affecting products such as Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Exchange Server, ASP.NET Core, .NET Core, PowerShell Core, ChakraCore, Microsoft Office, and Microsoft Office Services and Web Apps.
March security updates expand Meltdown-Spectre protection for Windows (ZDNet) Microsoft's Patch Tuesday updates for March include a variety of security updates for all supported Windows versions, as well as removing a compatibility check for antivirus software. A separate release significantly expands available microcode updates for affected Intel CPUs.
Microsoft Admits It Incorrectly Upgraded Some Windows 10 Users to v1709 (BleepingComputer) Microsoft admitted last week that it incorrectly updated some Windows 10 users to the latest version of the Windows 10 operating system —version 1709— despite users having specifically paused update operations in their OS settings.
Patch Tuesday drops the mandatory antivirus requirement after all (Ars Technica) Today’s patches also include an annoying-looking remote code execution bug.
Firefox turns out the lights on two privacy-sucking features (Naked Security) Thanks to some illuminating privacy research, it’s “lights out” for another pair of esoteric APIs.
Samba Patches Two Critical Vulnerabilities in Server Software (Threatpost) Samba released fixes for its networking software to address two critical vulnerabilities that allowed attackers to change admin password or launch DoS attacks.
Critical Vulnerabilities Addressed in SecurEnvoy SecurMail (SecurityWeek) Multiple critical vulnerabilities impacting SecurEnvoy SecurMail could result in an attacker being able to read encrypted emails and even delete or overwrite messages in a user’s inbox.
Cyber Trends
Comodo Global Malware Report 2017: Malicious Cyber Activity Surges Coincide with Geopolitical Events (PR Newswire) Comodo, a global innovator of cybersecurity solutions, today announced...
Usual Threats, But More Sophisticated and Faster: Report (SecurityWeek) Just about every type of attack is increasing in both volume and sophistication, including increasing use of PowerShell and JavaScript to avoid threat detection.
Cyber Gangs Get Smarter (Infosecurity Magazine) Why internationally-orchestrated cyber-attacks are continuing to succeed.
3 cybersecurity areas in which CISOs are becoming more proactive (CSO Online) Security executives are taking a hands-on approach in areas such as threat intelligence, privacy, and business initiatives.
Cybersecurity's biggest challenges: Trust, cyber fatigue, and the battle over AI (TechRepublic) Dr. Richard Ford, Chief Scientist at Forcepoint, discusses how cyber attacks undermine confidence in our institutions, the dangers of "cyber fatigue," and how AI is where the battle for cyber safety will be won or lost.
Merlin International & Ponemon Institute Cybersecurity Study Signals Dangerous Diagnosis for Healthcare Industry (BusinessWire) Merlin International, in partnership with the Ponemon Institute, released the results of its healthcare cybersecurity study.
Marketplace
How Fear of Huawei Killed $117 Billion Broadcom Deal (Bloomberg.com) U.S. President Donald Trump’s unprecedented move to block Broadcom Ltd.’s hostile takeover bid for Qualcomm Inc. reflects growing concern about China’s rising economic prowess.
Fear of rising China: Broadcom deal killed in unprecedented move by US (Asia Times) Backlash grows over Chinese deal in Germany
Blocking of Broadcom-Qualcomm Tie-up Highlights 5G Security Fears (SecurityWeek) The move by President Donald Trump blocking a proposed takeover of Qualcomm by Singapore-based Broadcom highlights growing concerns about the rise of Chinese competitors in the telecom sector and related national security issues.
Are Cybersecurity Stocks the Next Big Buyout Targets? (247wallst.com) Nobody knows for sure the next sector for big buyouts, but these four companies in the cybersecurity world are all rated Buy at Merrill Lynch and would be very logical targets.
‘Dead weight’ Dell would destroy VMware’s value, says big investor (Register) Jericho Capital says deal would benefit Dell alone, suggests VMware buy Red Hat instead
Zscaler boosts targets by 50 percent ahead of Friday's IPO (Silicon Valley Business Journal) The targets have been raised again for what's expected to be the first Bay Area tech IPO in four months.
Security Startup BioCatch Closes $30M Funding Round for ‘Behavior (SDxCentral) Security startup BioCatch closed a $30 million financing round, bringing its total funding to $47 million. The company's platform uses what it calls "behavi
Singapore's Singtel Innov8 leads $20m funding round in Airspace Systems (DealStreetAsia) Singtel Innov8 has led the $20-million Series A funding round in Silicon Valley-based drone security solutions provider Airspace Systems Inc.
Singtel Innov8, STT back $40m Series D in AI startup Moogsoft (DealStreetAsia) The funding round, led by Goldman Sachs Growth Equity, was also joined by existing investors HCL, Northgate Capital, Redpoint Ventures, and Wing VC.
For Palo Alto Networks, Is the Best Yet to Come? (The Motley Fool) The company is doing the right things in the cybersecurity space.
Fortinet: Still Undervalued? (Seeking Alpha) Fortinet has been cast in a not so friendly light in recent years. This gravity toward unfounded bearishness might continue to provide value for those who belie
Corero Network Security is turning things around (Proactiveinvestors UK) Corero Network Security PLC (LON:CNS) - The company was arguably late to change to a software-as-a-service model, but the change is beginning to take hold
RSAC: The Conference They Love To Hate (Security Boulevard) RSAC has drawn the ire of some for not having more women speakers at the event. But before calling out the RSAC team for its perceived misdeeds, here are a couple of things worth considering.
Products, Services, and Solutions
Cisco Meraki Takes its Bug Bounty Program Public with Bugcrowd (GlobeNewswire News Room) Cisco Meraki to award up to $10,000 per vulnerability to ensure the security of its customers
NSS Labs Initiates Group Test Coverage of the Endpoint Detection and Response Market (GlobeNewswire News Room) Addition of EDR Group Test Leverages NSS Labs’ Unmatched Testing Expertise to Empower Informed Decision Making
Exabeam Tackles Compromised IoT Threat (GlobeNewswire News Room) New Entity Analytics Product Uses Machine Learning to Flag Suspicious Device Behavior
DFLabs Raises the Bar for Responding to and Containing Security Incidents with Machine-based Automation (BusinessWire) New IncMan platform uses machine learning-based run books to automate security incident response workflows and remediate threats based on risk factors
Proof of Evidence Blockchain Service for Compliance, Provenance and Data Verification (allcoinsnews.com) Evident Proof has launched an Ethereum blockchain and token-based service that turns data into immutable proof chains, transforming the way data is stored and providing indelible evidence that can be
Aryaka's Global Network Provides Unique SD-WAN Security (SDxCentral) Aryaka partnered with Palo Alto Networks, Zscaler, and Radware to boost the security of its software-defined wide area networking (SD-WAN) service.
BluVector Extends File-based and Fileless Malware Detection to Cloud-based Email Services (BusinessWire) BluVector Cortex includes support for Office 365 & Google Mail & helps detect file-based & fileless malware attacks through cloud-base email services
DFLabs Introduces New Version of IncMan SOAR Platform (ReadITQuik) New version brings down the time and problems connected with responding to, containing, as well as getting rid of cybersecurity threats
PrivacyRules® Launches its Global Alliance of Privacy and Data Protection Expertise (PR Newswire) PrivacyRules®, the world's first and unique leading professional alliance...
Stellar Partners with Keybase to Help Facilitate Global Crypto Transfers (CryptoSlate) In a highly anticipated move, Stellar (XLM) has announced a tie-up with Keybase that will enable cross-border transactions without the need of lengthy cryptographic addresses. Keybase is a free security app which makes use of public-key enabled cryptographic modules to secure smartphones and PCs. However, with this new partnership, Stellar hopes to create a platform …
Dojo by BullGuard Beats Samsung Gear 360 as GSMA GLOMO Awards ‘Best Connected Consumer Electronic Device’ (PR Blonde) Dojo by BullGuard, the announces the Intelligent IoT Security Platform, wins the Global Mobile Award for ‘Best Connected Consumer Electronic Device’ at MWC 2018 to offer digital and physical protection against cyber-criminals attacking smart home devices
Technologies, Techniques, and Standards
Layers of Cybersecurity: Signature Detection vs. Network... (Bricata) Signature-based detection is effective at identifying known threats but comes with inherent limitations: the threat must be known in order to create a signature. Behavioral analysis is useful for identifying unknown threats because it's looking for... #ids #networksecurity #signaturedetection
Cyber test aims to protect Wisconsin election systems from hacking attempts (Madison.com) The tests are the state's most concrete response yet to unsuccessful attempts by hackers linked to the Russian government to target Wisconsin election systems in 2016.
Detecting Attacks that Exploit Meltdown and Spectre with Performance Counters (TrendLabs Security Intelligence Blog) We worked on a detection technique for attacks that exploit Meltdown and Spectre by utilizing performance counters available in Intel processors.
These Aren’t the Password Guidelines You’re Looking For (Security Boulevard) “You don’t need to see his identification.” It’s a classic line. With a flick of the wrist old Ben Kenobi deftly bypasses the identity & access management system of the poor Stormtroopers just doing their job. One would think, in that technological era, so long ago, that more advanced (and less spoofable) methods of authentication would … These Aren’t the Password Guidelines You’re Looking ForRead More »
Design and Innovation
YouTube is turning to Wikipedia to help it fight conspiracy theories (Quartz) On videos promoting conspiracy theories, the site will place linked Wikipedia text boxes discussing the event in question.
How blockchain can play a life-saving role in the war against fake medication (The Loadstar) Lives could be saved each year by using blockchain technology to prevent the spread of counterfeit drugs and fake medication in the supply chain.
Research and Development
ARPA-E tilts toward cyber (FCW) The Advanced Research Project Agency-Energy, which focused on making grants and loans to alternative energy companies under the Obama administration, may find a new lease on life as a cybersecurity skunkworks.
Trump really wants to kill ARPA-E; federal agency says that’s folly (Ars Technica) Directors say neither private industry not traditional grant programs work.
Legislation, Policy, and Regulation
UK expels 23 Russian diplomats over spy poisoning (the Guardian) Rolling coverage of the day’s political developments as they happen, including Theresa May and Jeremy Corbyn at PMQs and May’s Commons statement announcing retaliation against Russia after the Russian spy attack
All the ways Theresa May could retaliate against Russia for the poisoning of Sergei Skripal (Business Insider) The UK prime minister has promised to set out the "full range of measures" Britain will take in retaliation against Russia.
Russia retaliation could hurt UK business (BBC News) A crackdown on Russia's UK business ties would come up against a complex and lucrative web of interests.
Britain and Russia brace for showdown as deadline expires for nerve... (Reuters) Britain braced for a showdown with Russia on Wednesday after a midnight deadline set by Prime Minister Theresa May expired without an explanation from Moscow about how a Soviet-era nerve toxin was used to strike down a former Russian double agent.
Russian embassy: Moscow will not respond to ultimatum (RTE.ie) Russia will refuse to meet British Prime Minister Theresa May's midnight deadline unless Britain agrees to send Moscow samples of the nerve agent used to poison Sergei Skripal.
Russian embassy demands explanation from UK Foreign Office about cyber attack threats (TASS) The Times said earlier, citing its sources in the UK government, that Britain was mulling staging a cyber attack on Russia in response to the poisoning of Sergey Skripal and his daughter
Don’t try to intimidate us, Russia warns Britain (Times) Russia warned Britain not to issue threats and “groundless ultimatums” as it defied a demand to account by midnight for the use of its nerve agent in the Salisbury poisoning. Theresa May is...
U.S., Britain demand answers from Russia in spy attack (UPI) The Russian government is facing a midnight deadline to give answers about the poisoning of a former spy, in light of growing suspicions.
Russia warns Britain against cyber attack response to spy poisoning (Reuters) Russia's embassy in London said on Tuesday it was seriously concerned about reports that Britain could launch a cyber attack against Russia and urged the UK to carefully weigh the consequences of such action.
Tillerson Out, Mike Pompeo to State (Foreign Policy) Rex Tillerson seemed to be a dead man walking for months. Now the former ExxonMobil boss is out as America’s top diplomat.
Hill Must Act Now To Protect Elections From Russians: Cyber Commander (Breaking Defense) If you want the military to defend this fall's elections from Russian hackers, military cyber commanders told Congress this afternoon, you need to give it authorities, access and resources soon, military commanders told the Senate today.
Livestream: Senate Armed Services Hearing on the Cyber Posture of the Services (Lawfare) The Senate Armed Services Subcommittee on Cybersecurity is holding a hearing Tuesday afternoon at 2:30 p.m. on "The Cyber Posture of the Services."
Litigation, Investigation, and Law Enforcement
Terror police investigate death of Litvinenko witness Nikolai Glushkov at home (Times) Counterterrorism police were investigating last night the “unexplained death” in London of a Russian exile who was close friends with a critic of President Putin. The discovery of Nikolai...
James Clapper avoids charges for 'clearly erroneous' surveillance testimony (Washington Examiner) Former intelligence chief James Clapper is poised to avoid charges for allegedly lying to Congress after five years of apparent inaction by the Justice Department.
WhatsApp will not share user data with Facebook until it complies with GDPR, ICO closes investigation (TechCrunch) Facebook, its popular messaging app WhatsApp, and the UK’s Information Commissioner’s Office (ICO) have reached a truce in their long-running investigation over how Facebook and WhatsApp share user data. The ICO today announced that it has closed its investigation and concluded that Wha…
Deceptive Discovery: Second Circuit Affirms Sanctions for Mishandling of Discoverable Data (Minding Your Business) Late last month, in Klipsch Grp., Inc. v. ePRO E-Commerce Ltd., the Second Circuit affirmed a $2.7 million sanctions award against defendant ePRO after rep
March E-Discovery Update: Look Before You Post: Beware the Dangers of File-Sharing Sites (Mcguire Woods) In Harleysville Insurance Company v. Holding Funeral Home, Inc., et al., 2017 WL 4368617 (W.D. Va. 2017), an investigator for Nationwide, which owns Harleysville Insurance, uploaded a surveillance video of a fire scene to an internet-based file-sharing service called Box, Inc.
Police in Wales under investigation for covering up hack that compromised confidential reports (V3) People who filed online reports to Gwent Police at risk after security review found the website was insecure,Security,Cloud Computing ,Gwent Police,ICO,security,Jan van Vliet