Cyber Attacks, Threats, and Vulnerabilities
Researchers Say AMD Processors Have Serious Vulnerabilities and Backdoors (Motherboard) Security researchers announced a series of 13 vulnerabilities within AMD’s RYZEN and EPYC processors that could make some data breaches even worse.
Linus Torvalds attacks AMD security report - claims security researchers 'look like clowns' (Computing) Linus Torvalds: AMD CPU security report is garbage and the security industry a circus
Security Firm Under Fire Over Disclosure of AMD Chip Flaws (SecurityWeek) AMD is investigating claims of critical flaws in its processors, while the company that found the vulnerabilities faces backlash over its disclosure method
HotSpot Shield, PureVPN & ZenMate found leaking users real IP addresses (HackRead) According to VPN Mentor, a critical vulnerability in HotSpot Shield, PureVPN, and ZenMate is exposing IP and DNS addresses of users.
BlackTDS Emerges as an As-a-Service Drive-By Kit for Malware Distribution (Infosecurity Magazine) BlackTDS hosts components for sophisticated drive-by attacks, like social engineering and redirection to exploit kits.
New POS Malware PinkKite Takes Flight (Threatpost) Researchers shed light on a newly discovered family of point of sale malware that is extremely small in size and adept at siphoning credit card numbers from POS endpoints.
Tropic Trooper’s New Strategy (TrendLabs Security Intelligence Blog) Tropic Trooper is believed to be very organized and develop their own cyberespionage tools that they fine-tuned in their recent campaigns. Many of them now feature new behaviors, including a change in the way they maintain a foothold in the targeted network.
'One of the Biggest' Coinhive Users Made $7.69 In 3 Months (Motherboard) A comprehensive report looks at the rise of in-browser cryptocurrency mining.
How Long Does It Take Hackers To Pull Off a Massive Job Like Equifax? (Popular Mechanics) How to steal 143 million customer records without anybody noticing.
Sophisticated hacking tools now in the hands of petty cyber-criminals (SC Media UK) Sophisticated nation-state hacking tools and techniques increasingly used by criminals, fueling concerns about state-sponsored hackers gone rogue.
Businesses need to take cryptojacking seriously (ComputerWeekly.com) Organisations must pay attention to cyber criminals hijacking computing resources to mine cryptocurrencies, because nearly half are affected and the impact is greater than many realise.
Speakers can be used to jump air-gapped systems (Naked Security) Bad news for fans of air-gapped security – researchers have outlined how it could be defeated by converting speakers into ultra-sonic transceivers.
Don’t fall for Fortnite invite scams! (Naked Security) You can’t buy, like, follow, retweet or comment your way onto the highly anticipated game.
Security Patches, Mitigations, and Software Updates
SPECTRE and Meltdown To patch or not to patch?..and HOW (Guest Diary) (SANS Internet Storm Center) The revelation in January 2018 of a vulnerability affecting modern processors was seen as a catastrophe.
Meltdown and Spectre will delay patching for most organizations (Help Net Security) Complexity and challenges associated with the Spectre and Meltdown patches will result in companies delaying future patch rollouts.
Microsoft kicks off bounty program for speculative execution bugs (Help Net Security) Microsoft wants security researchers to search for and report speculative execution side channel vulnerabilities, as well as bugs that can be misused to bypass Windows and Azure Spectre and Meltdown mitigations.
Microsoft Patches Remote Code Execution Flaw in CredSSP (SecurityWeek) Vulnerability CVE-2018-0886 can be exploited by an attacker to relay user credentials to execute code on a target system and puts all applications that depend on CredSSP at risk.
GE Working on Medical Device Vulnerability (ISS Source) GE Healthcare advises users to contact its services unit for assistance in fixing or working around a use of default or hard-coded credentials in multiple
Adobe Patches Critical Code Execution Flaws in Dreamweaver, Flash (SecurityWeek) Adobe patches critical arbitrary code execution vulnerabilities in Dreamweaver and Flash Player
SAP Patches Decade-Old Flaws With March 2018 Patches (SecurityWeek) SAP's March 2018 set of security patches to address High and Medium priority vulnerabilities in its products.
Cyber Trends
77% of Orgs. Face Challenges in Responding to Incidents (IBM News Room) Latest study from the Ponemon Institute finds too many organizations don't have a response plan in place.
Big data and insurance: Implications for innovation and privacy (Help Net Security) Firms and regulators face complex trade-offs when balancing the benefits and risks of using personal data from digital sources to calculate insurance premiums.
Marketplace
Cloud Security Firm Luminate Emerges From Stealth (SecurityWeek) Luminate emerges from stealth with $14 million in funding and a platform that secures access to enterprise applications and resources in hybrid cloud environments
Critical Start to Acquire Advanced Threat Analytics (PR Newswire) Critical Start today announced a definitive agreement to acquire Advanced...
Cyber-Attack Prevention Firm Solebit Raises $11 Million (SecurityWeek) Solebit Labs has rasied $11 million in a Series A funding round, which will be used to accelerate adoption and deployment of the SoleGATE Security Platform from the new headquarters in Silicon Valley.
Circle launches a Coinbase competitor in the U.S. (TechCrunch) Circle is launching Circle Invest in the U.S. except in NY, MN, HI and WY. The app is now available in the App Store and Play Store and lets you instantly trade the most popular cryptocurrencies without any fee. Circle Invest isn’t exactly an exchange as the app hides most of the complexities…
Cryptocurrencies fall as Google announces ad ban (Ars Technica) Facebook banned ads for cryptocurrency from its ad networks in January.
Reddit Has Been Quietly Banning Cryptocurrency Ads Since 2016 (Motherboard) Google, Facebook, and Reddit have now all banned cryptocurrency and ICO advertising on their platforms.
Cryptocurrency ad bans are a step in the right direction (TechCrunch) Google just banned cryptocurrency and ICO ads, a move that follows Facebook’s decision to do the same. The language is stark: You are no longer allowed to advertise “Cryptocurrencies and related content (including but not limited to initial coin offerings, cryptocurrency exchanges, cryp…
Crypto.com is not for sale (The Verge) The domain is owned by cryptologist Matt Blaze, and he’s not impressed with your ICO
Anomali Names Ray Mabus, Former Secretary of the Navy, to its Board of Advisors (BusinessWire) Anomali, the leading provider of threat management and collaboration solutions, announced today that former Secretary of the U.S. Navy, Ray Mabus, wil
Products, Services, and Solutions
F-Secure wants to secure the aviation industry (IT Pro Portal) Security firm announces new cyber-security solution built exclusively for the aviation industry.
DigiCert Replacement of Symantec-Issued Certificates Reaches Milestone; Millions of SSL Certificates have been Issued in Anticipation of Google Chrome 66 Distrust Date (PR Newswire) DigiCert, Inc., the leading global provider of SSL and other PKI solutions...
Playboy Enterprises to Introduce Cryptocurrency Wallet for Use on its Online Platforms (PR Newswire) Playboy Enterprises, Inc. announced today that the company is developing...
Prevent bot traffic from ruining Google Analytics (Help Net Security) Distil Bot Discovery for Google Analytics is a free offering that will give website owners the ability to understand the impact of bots on their business. The service is provided by Distil Networks, a company specializing in bot detection and mitigation services. How to differentiate a human website visitor from a
New 'Mac-A-Mal' Tool Automates Mac Malware Hunting & Analysis (Dark Reading) Researchers at Black Hat Asia will demonstrate a new framework they created for catching and studying Apple MacOS malware.
TypingDNA launches Chrome extension that verifies your identity based on typing (TechCrunch) TypingDNA has a new approach to verifying your identity based on how you type. The startup, which is part of the current class at Techstars NYC, is pitching this as an alternative to two-factor authentication — namely, the security feature that sends unique codes to a separate device (usually your …
Technologies, Techniques, and Standards
The PCI SSC QIR program is changing to help merchants reduce risk (Help Net Security) The PCI SSC QIR program offers specialized data security training and certification to individuals that install, configure and/or support payment systems.
'Be prepared' – supply chain players must learn from the Petya attack (The Loadstar) Partners in container supply chains need to develop contingency plans, in the near-certainty that the industry will be hit by another cyber-attack.
Is GDPR a Tax or an Incentive? (Infosecurity Magazine) The common perception is that security and compliance activities reduce profit margins.
The Value of Threat Intelligence is Clear, But Are You Capturing It All? (SecurityWeek) As you create your threat intelligence program, make sure you take relevance into account when analyzing threat data and you’ll be well on your way to capturing the full value of threat intelligence.
What is security’s role in digital transformation? (CSO Online) Digital transformation is front of mind for many senior executives, but too often security is left behind.
Segmentation: The Neglected (Yet Essential) Control (Dark Reading) Failure to deploy measures to contain unauthorized intruders is a recipe for digital disaster.
Supporting a Back-to-Basics Approach with Cyber Threat Intelligence (Infosecurity Magazine) Threat intelligence can be an invaluable early warning system in helping to identify and block potential threats before they escalate and become problems.
Modernizing Cyber Operations with Machine Intelligence (Booz Allen Hamilton) Discover how you can use machines to improve threat detection, hunting, and analysis.
Design and Innovation
Sierra Leone just ran the first blockchain-based election (TechCrunch) The citizens of Sierra Leone went to the polls on March 7 but this time something was different: the country recorded votes at 70% of the polling to the blockchain using a technology that is the first of its kind in actual practice. The tech, created by Leonardo Gammar of Agora, anonymously stored …
Research and Development
Artificial Intelligence Is Not the Right Tool for Everything, Top Army Scientist Says (Nextgov.com) AI isn’t always the right fix for every problem, experts warned.
Artificial Intelligence: Seduction Vs. Reality (Forbes) All the marketing behind artificial intelligence today reminds me of the push for the cloud (never worry about infrastructure maintenance again!) and big data (kiss concerns about structuring your data goodbye!) just a couple years ago.
Academia
MU to host digital forensics Cyber Day for high school students (The Herald-Dispatch) Marshall University is seeking local high school students interested in learning more about the world of cybercrime, digital forensics and cyber security. The university's Digital Forensics and Information
Legislation, Policy, and Regulation
Russian press slams UK, West in nerve agent attack coverage (Deutsche Welle) Kremlin-friendly takes are numerous and easy to find in the Russian press response to the UK nerve agent attack on Sergej Skripal. But as Miodrag Soric reports from Moscow, there are some critical voices in the country.
Russia to expel British diplomats ‘soon’ (Times) The Russian foreign minister confirmed this morning that Moscow will retaliate against the expulsion of 23 of its diplomats from Britain. Sergei Lavrov said the UK position, blaming the poisoning...
Russia demands access to British probe of nerve agent attack, vows to retaliate for any sanctions (Washington Post) The Russian foreign minister said there would be no official explanation in response to British claims of a “highly likely” Moscow link to last week’s poisoning.
Russia responds with veiled nuclear, death threats to UK nerve agent attack (Business Insider) Russian foreign ministry spokesman warned the UK not to threaten nuclear powers.
The Latest: Russian Suspect in Litvinenko Case Blasts UK (US News and World Report) One of the Russian suspects in the fatal radiation poisoning in London of former Russian security officer Alexander Litvinenko says Britain's statements about the Sergei Skripal poisoning case suggest that it was a provocation.
Jeremy Corbyn’s front bench angry over his refusal to condemn Moscow (TImes) Labour frontbenchers expressed fury yesterday after Jeremy Corbyn refused to blame the Kremlin for the nerve agent attack in Salisbury. The Labour leader faced criticism from all sides of the House...
UK calls for ‘urgent’ UN Security Council meeting over nerve gas attack (Financial Times) Brussels prepared to put issue on next week’s EU summit
Nikki Haley tells U.N. Russia responsible for chemical attack (NBC News) U.S. Ambassador to the United Nations Nikki Haley said on Wednesday the United States believes Russia is responsible for a chemical attack in Britain on a former Russia double agent and his daughter, and the U.N. Security Council should take action.
German minister: UK nerve agent attack a 'serious violation' of international agreements (Deutsche Welle) Germany's defense minister has vowed 'consequences' over a nerve agent attack on ex-spy Sergei Skripal that the UK blames on Russia. She also tied the attack to the use of chemical weapons in Syria.
French President Emmanuel Macron will announce new measures against Russia after UK nerve agent attack (The Independent) Emmanuel Macron has said he will unveil measures against Russia in response to the poisoning of the former spy Sergei Skripal on British soil in the coming days. The French president spoke with Theresa May on the phone on Thursday morning about “progress of the investigation” in the nerve agent attack, which the British Government says was carried out by Russia.
France's position on the Salisbury nerve agent attack explained (The Independent) France’s response to the poisoning of Sergei Skripal and Yulia Skripal has differed from that of Britain’s other allies: where the US, Nato and EU have lined up back Theresa May’s version of events, Emmanuel Macron’s government has been more careful.
I Knew the Cold War. This Is No Cold War. (Foreign Policy) Everyone's favorite historical analogy makes for disastrous foreign policy today.
Sweden’s plan to deter a Russian digital attack (Fifth Domain) Sweden plans to tap its private cybersecurity industry to help prepare for a potential attack from Russia.
Cyber needs change quickly, cyber policies have not (Fifth Domain) As the cyberspace domain continues to evolve, how should the authorities that govern cyber operations also change?
Negotiations With North Korea May Have Cyber Consequences (38 North) As unprecedented talks between the US and North Korean leaders promise to unfold in the next few months, the US…
How Europe's New Internet Laws Threaten Freedom of Expression (Foreign Affairs) At every level, Europeans are moving to impose restrictions on the expression that Internet companies can permit on their platforms.
House Proposal Targets Confucius Institutes as Foreign Agents (Foreign Policy) The draft bill is the first legislative attempt to push back against the Chinese state-run programs.
Everything You Need to Know About the Congressional Cryptocurrency Hearing (Motherboard) Topics ranged from regulation for cryptocurrencies and ICOs to white nationalist extremism.
Threshold for triggering TRIA cyber coverage high (Business Insurance) The inclusion of cyber attacks in Terrorism Risk Insurance Act coverage could be an additional benefit to covering cyber risk in a captive, but owners should be aware that there are numerous unknowns in triggering TRIA coverage.
Florida Could Start a Criminal-Justice Data Revolution (WIRED) A newly passed bill in the Florida Legislature would bring unprecedented levels of transparency to the criminal justice system.
California Net Neutrality Bill Would Go Beyond Original Protections (WIRED) Proposal from state senator would ban "zero rating" deals where specific services don't count against data caps.
Litigation, Investigation, and Law Enforcement
Equifax exec charged with insider trading, selling shares ahead of hack news (TechCrunch) Former Equifax exec Jun Ying has been charged with insider trading, according to the Securities and Exchange Commission. Ying is accused of knowing that Equifax had been hacked and selling company shares before the public was notified. Ying, who was “next in line to the be company’s glo…
Former Equifax Executive Charged With Insider Trading (U.S. Securities and Exchange Commission) The Securities and Exchange Commission today charged a former chief information officer of a U.S. business unit of Equifax with insider trading in advance of the company’s September 2017 announcement about a massive data breach that exposed the social security numbers and other personal information of about 148 million U.S. customers.
How to Interpret the SEC's Latest Guidance on Data Breach Disclosure (Dark Reading) Forward-looking organizations should view this as an opportunity to reevaluate their cybersecurity posture and install best practices that should have already been in place.
U.S. Energy Firm Fined $2.7 Million Over Data Security Incident (SecurityWeek) An unnamed energy firm in the U.S. has been fined $2.7 million over a data security incident that exposed critical cyber assets
Parents of Murdered DNC Staffer Seth Rich Sue Fox News Over Pulled WikiLeaks Story (New York Law Journal) The parents allege the company’s publication of the initial story—which was later retracted but not before fueling an online conspiracy theory—made them “collateral damage in a political war to which they are innocent bystanders.”
Gowdy breaks from GOP committee, says Russia worked to undermine Clinton (POLITICO) Move puts him at odds with his own party
Andrew McCabe, a Symbol of Trump’s F.B.I. Ire, Faces Possible Firing (New York Times) Mr. McCabe faces accusations that he was not forthcoming about F.B.I. media contacts. Attorney General Jeff Sessions is reviewing a recommendation that he be fired, just days before his retirement.
The Real Collusion Story (National Review) Is the Trump-Russia collusion narrative collapsing?
Hackers allegedly steal confidential reports from Police server (HackRead) Hackers stole hundreds of filed reports using a security flaw in an online tool used by the police but they did not inform the victims.