Cyber Attacks, Threats, and Vulnerabilities
A Cyberattack in Saudi Arabia Had a Deadly Goal. Experts Fear Another Try. (NYTimes) Petrochemical companies were hit by a series of cyberassaults last year. The worst of them, against a widely used safety system, could have set off an explosion.
Pro-establishment Iranian hackers gaining prominence in the Persian Gulf (SC Magazine) The rising capabilities of Iranian hackers came to the fore in 2017 when hacker groups like Helix Kitten, Charming Kitten, and Volatile Kitten launched several crippling cyber-attacks on Saudi Arabian entities.
Iran-Linked Group 'TEMP.Zagros' Updates Tactics, Techniques In Latest Campaign (Threatpost) An Iran-linked group is linked to a massive spear phishing campaign that sends malicious Word Docs to victims in Asia and the Middle East.
Apple Bans Iran from the App Store (BleepingComputer) Iranian users have not been able to access Apple's App Store all day today, in what appears to be a ban put in place by the US company.
DHS warns of new Russia hacks as US sanctions Russia over election interference (Ars Technica) DHS alert warns of Russian government malware targeting critical infrastructure.
Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors (US-CERT) Since at least March 2016, Russian government cyber actors—hereafter referred to as “threat actors”—targeted government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors.
If the US and Russia had a cyberwar, Russia would win: Cybersecurity CEO (CNBC) A top cybersecurity CEO tells Jim Cramer that if a cyber war broke out between the U.S. and Russia, then Russia would win.
Chinese Hackers Hit U.S. Firms Linked to South China Sea Dispute (Bloomberg) Chinese hackers have launched a wave of attacks on mainly U.S. engineering and defense companies linked to the disputed South China Sea, the cybersecurity firm FireEye Inc. said.
Chinese Crooks Assembling Massive Botnet of Nearly 5 Million Android Devices (BleepingComputer) A Chinese malware operation is currently building a massive botnet of nearly 5 million Android smartphones using a strain of malware named RottenSys.
The hacker, hacked: national criminals attack Russian banks (Financial Times) The country is now keen to change the idea that it is a cyber crime paradise
CTS Labs Provides Clarifications on AMD Chip Flaws (SecurityWeek) As a result of massive backlash from the industry, CTS Labs has provided some clarifications about the AMD processor vulnerabilities and its disclosure method
Malware attack on 400k PCs caused by backdoored BitTorrent app (Ars Technica) Once the stuff of spy novels, supply chain attacks are becoming common.
PSA: Beware of Windows PowerShell Credential Request Prompts (BleepingComputer) A new PowerShell script was posted on Github recently that prompts a victim to enter their login credentials, checks if they are correct, and then sends the credentials to a remote server. This allows an attacker to distribute the script and harvest domain login credentials from their victims.
Hackers Can Abuse Text Editors for Privilege Escalation (SecurityWeek) Researchers analyzed several text editors and found that many of them can be exploited for privilege escalation. Affected vendors not planning on releasing patches
Walmart Jewelry Partner Exposes Data of Millions of Customers (HackRead) Unsecured Amazon S3 Bucket Claims Another Victim - This Time, Private Data of 1.3 Million Limogés Jewelry Customers Have Been Exposed.
Hacking SAP CRM: 2 vulnerabilities in SAP NetWeaver AS Java (ERPScan) SAP NetWeaver AS Java is a widely used platform that supports numerous SAP applications. One of these applications is SAP CRM. A security issue in default component may lead to mass hacking of thousands of companies and millions of dollars losses.
DDoS Amplification Attacks Skyrocketed in Q4, Revealed by Nexusguard Research (BusinessWire) DDoS attacks using domain name server (DNS) amplification increased more than 357 percent in the fourth quarter of 2017, according to Nexusguard.
4 answers you need to know about the dawn of 1Tbps DDoS attacks (CIO Dive) Historically smaller DDoS attacks were not able to harness the same kind of bandwidth accessible to memcached servers seen in the recent attacks.
Hackers have self-driving cars in their headlights (Financial Times) Greater connectivity gives criminals more access
What To Do If Your 'Fortnite' Account Was Hacked, And How To Avoid It In The First Place (Forbes) Recently, numerous Fortnite players have reported that their accounts have been hacked.
Cellebrite competitor GrayKey raises security concerns with iPhone unlocking device (SC Media US) A product made by Cellebrite competitor GrayKey is raising security concerns over a standalone device capable of unlocking iPhones.
Potential PHI Exposure at BJC HealthCare Impacts 33K (HealthITSecurity) Recent potential healthcare data breaches include PHI exposure from a data server error, a stolen laptop, and a likely phishing scam.
Scam Of The Week: Phishing Madness! (KnowBe4) Beware of March Madness, criminal hackers are at it again, after Valentine's Day their phishing agenda has moved to the next topic.
Security Patches, Mitigations, and Software Updates
Intel Shares Details on New CPUs With Spectre, Meltdown Protections (SecurityWeek) Microcode patches for Spectre are available for all Intel CPUs launched in the past five years. The company provided more details on future processors that will include protections against these types of attacks
Cyber Trends
Microsoft Publishes Bi-annual Security Intelligence Report (SIR) (SecurityWeek) Microsoft has published its 23rd bi-annual Security Intelligence Report, which draws on data analysis of Microsoft's global estate since February 2017.
“Truly frightening” IoT security should motivate CSOs to reconsider their endpoint strategies (CSO) More than a few Israeli security researchers are reconsidering their personal purchase of home security cameras, baby monitors, doorbells and thermostats after a hackathon revealed “truly frightening” security vulnerabilities ...
Hackers learn to hurdle two-factor authentication (Financial Times) Biometrics, apps and machine learning are adding layers of security
70% of firms would fail a privileged account management audit (Security Brief) Firms believe privileged account management is important for security - but why are they still doing it wrong?
The Latest Strains of Attacks on the Pharmaceutical and Healthcare Sector (SecurityWeek) Security teams need visibility outside the organization and across the widest range of data sources possible to mitigate digital risk and better protect the organization.
Marketplace
'Panama Papers' Law Firm Shuts Down Operations (SecurityWeek) Mossack Fonseca, the law firm at the heart of the "Panama Papers" will shut down operations, citing negative press and what it called unwarranted action by authorities.
Palo Alto Networks picks up Evident.io for $300M cash (Silicon Valley Business Journal) Santa Clara-based network security company Palo Alto Networks is buying Pleasanton-based Evident.io for $300 million in cash, both companies said Wednesday.
Critical Start to Buy Advanced Threat Analytics (Dark Reading) Firms previously had teamed up in SOC services.
The red-hot AI hardware space gets even hotter with $56M for a startup called SambaNova Systems (TechCrunch) Another massive financing round for an AI chip company is coming in today, this time for SambaNova Systems …
Automox Inc. closes on $2M for its automated cyber protection (BizWest) Jay Prassl, chief executive of Boulder-based tech firm Automox Inc., is looking to make cybersecurity less reactive and more proactive, by focusing less on the detection of hacks and more on protecting your system from them.
CACI, ManTech Win Spots on $17.5B DISA Encore III IT Services IDIQ; Ken Asbury, Daniel Keefe Comment (GovCon Wire) CACI International (NYSE: CACI) and ManTech International (Nasdaq: MANT) have secured positions on a
Most Connected Devices Are Easy to Hack. This Company Says It Can Fix That (Bloomberg) SecureRF wants to make all that “smart” stuff less dumb.
Cisco, Symantec Takeover Buzz Sends This Cyber Stock Soaring (Investor's Business Daily) FireEye popped on Thursday amid speculation the rebounding cybersecurity company could be acquired by Cisco Systems or Symantec.
Private equity finds profit in lucrative cyber businesses (Financial Times) ‘Buy-and-build’ can bring strong returns, but results are hard to replicate
Products, Services, and Solutions
Limelight Networks Helps Companies Defend against Cyber Threats with New Bot Management Solution (BusinessWire) Limelight Networks, Inc. today announced a new Advanced Bot Manager option for its Limelight Application Firewall Solution.
NH-ISAC and Anomali Join Forces to Accelerate Cyber Threat Detection and Sharing for Healthcare Industry (BusinessWire) Anomali, the leading provider of threat management and collaboration solutions, announced today a strategic partnership with the National Health Infor
enSilo's Endpoint Security Platform First To Add Orchestration Features, Delivering Custom Response Actions to Fight Hidden Breaches (PR Newswire) enSilo, the company that protects endpoints pre- and post-infection to...
Intelisecure Partners with Digital Guardian, Netskope to Meet Surge in Demand for Managed Critical Data Protection (NASDAQ.com) Partnerships Enable InteliSecure to Combine Two Unique Capabilities: World-Class Data Loss Prevention and Cloud Security Access, Forming a Powerful.
Certified in the Governance of Enterprise IT - IT Certification - CGEIT (ISACA) CGEIT certification is designed for IT professionals who manage, provide advisory and assurance services and who support the governance of an enterprise’s IT.
Trustonic Secures Mobile Banking OTP Authentication in Korea (Trustonic) Korea’s centralised One Time Password (OTP) authentication service provider, KFTC, has launched an OTP service with KDB Bank and made it available nationally to make consumers’ lives simple.
Coalfire Labs R&D Team Releases Icebreaker Tool (PR Newswire) Coalfire, a trusted provider of cybersecurity advisory services,...
Australian email security vendor MailGuard to launch blockchain-based cybersecurity solution GlobalGuard (CRN Australia) Will combine Mailguard experience with a neural network.
Google Reviews Over 50 Billion Android Apps Daily (SecurityWeek) Google's Play Protect uses machine learning to help detect mobile malware and protect users from Potentially Harmful Apps (PHAs).
Dobler Consulting Becomes Member of MSP Alliance (AB Newswire) Dobler Consulting joins vibrant global consortium of cloud, managed service providers and technology enabling vendors.
Keeper Launches Secure Chat Platform (Mobile ID World) Keeper Security, the company behind the Keeper password manager app, has announced a new secure communications platform called KeeperChat.
Technologies, Techniques, and Standards
NIST Cybersecurity Framework Getting a Facelift, Looking to Make Adoption Easier (Security Boulevard) One of the biggest obstacles to securing the nation's critical infrastructure components, as well as to securing enterprise environments, is poor coordination...
Pwn2Own: Microsoft Edge and Apple Safari fall on day 1 (CSO Online) On day one of Pwn2Own, Microsoft Edge and Apple Safari were pwned, and the hack of Oracle VirtualBox was a partial success.
Ransomware Resilience: Detect and Respond (Infosecurity Magazine) When ransomware tore through businesses last year, questions were raised about how companies could react to such attacks and be able to better detect and respond in the future.
Online Ads vs. Security: An Invisible War (Dark Reading) Why visiting one website is like visiting 50, and how you can fight back against malvertisers.
Expert Roundup: The Impact of Software Monocultures on Security Across Organizations (Heimdal Security Blog) We asked cybersecurity experts about the impact of software monocultures on security and their answers provided great insights. They talked about the risks of using it in the organizations and why a multi-vendor approach is a better option.
Rush to the Cloud Risks Security Breaches (Infosecurity Magazine) Over half of cybersecurity professionals are reporting misalignment between them and the rest of the business when it comes to the cloud and security issues, according to new research by Palo Alto Networks.
Research and Development
The Last Barrier To Ultra-Miniaturized Electronics Is Broken, Thanks To A New Type Of Inductor (Forbes) In the race for ever-improving technology, there are two related technical capabilities that drive our world forward: speed and size.
IARPA: Encryption-busting quantum computers coming in near future (FederalNewsRadio.com) The head of IARPA, the intelligence community's advanced research agency, is looking at new encryption standards that can withstand future breakthroughs in quantum computing.
Washington waking up to threats of AI with new task force (TechCrunch) Elon Musk has been one of the few Silicon Valley luminaries to place intense attention on the potential dangers of AI, raising a billion dollars with Y Combinator’s Sam Altman to found OpenAI . Musk has continued the drumbeat on AI’s dangers, telling a crowd at SXSW this week that “A.I. is far more…
Academia
Imperial students to take on Inter-ACE cyber security challenge (Imperial News) Students from Imperial will be taking on competitors from 17 of the UK’s other leading universities in a two-day cyber security competition.
Northrop Grumman Foundation Congratulates Top 28 Teams Advancing to CyberPatriot National Finals Competition this April in Baltimore (Northrop Grumman Newsroom) The Northrop Grumman Foundation, presenting sponsor for the Air Force Association’s (AFA) CyberPatriot X competition, is proud to congratulate the top 25 high school and three middle school teams advancing to the...
Niwot High girls’ cybersecurity teams excel at national challenge (Left Hand Valley Courier) There’s an old saying that “To catch a thief, you have to think like one.” For five intense days, two teams of Niwot High School (NHS) girls rewired their thought
Higher ed particularly at risk of email phishing attacks, report finds (EdScoop) Eighty-eight percent of colleges and universities fail to protect students, faculty, alumni, staff, according to marketing and analytics company 250ok.
Legislation, Policy, and Regulation
NATO leaders unite in blaming Russia for nerve agent attack on ex-spy (Ars Technica) Novichok, a type of nerve agent developed by Soviets, identified as weapon in attack.
NATO won’t invoke Article 5 on collective defense over UK claims against Russia — source (TASS) A source says NATO sees no reasons for using Article Five of the collective defense treaty after London’s charges against Moscow in connection with the poisoning of former GRU Colonel Sergey Skripal
West calls on Russia to explain nerve toxin attack on former double... (Reuters) Britain, the United States, Germany and France jointly called on Russia on Thursday to explain a military-grade nerve toxin attack in England on a former Russian double agent, which they said threatened Western security.
U.S. issues broad Russian sanctions citing NotPetya attack and Internet Research Agency meddling (TechCrunch) In a surprisingly robust reprimand for the Trump administration, the U.S. Treasury Department issued a set of sanctions Thursday citing interference in the 2016 election as part of a broader pattern of hostile actions undertaken by the Russian government against U.S. interests. The sanctions follow…
New White House Sanctions Finally Take Russia's Online Chaos Seriously (WIRED) From election meddling to NotPetya to grid hacking, Russia's digital provocations are no longer being ignored.
Sasse, McCain urge US to prompt NATO response to Russia (Beatrice Daily Sun) Sens. Ben Sasse and John McCain on Thursday urged the United States to join with its NATO allies in "a coordinated response to Russia's shadow operations," including its latest apparent
More countries are learning from Russia’s cyber tactics (Financial Times) Nation states look to be growing more aggressive in their capabilities to disrupt
Analysis | Most lawyers don’t understand cryptography. So why do they dominate tech policy debates? (Washington Post) Lawyers are overconfident while computer scientists are introverted — but computer scientists know what they are talking about.
Senators to grill Trump's pick for NSA chief on Russia, privacy (Reuters) U.S. senators will grill President Donald Trump's pick to lead the National Security Agency on the government's surveillance reach and a range of cyber security issues on Thursday, when he faces his second confirmation hearing to lead the electronic spy agency.
Espionage bill still threatens many despite defences for media, Law Council says (the Guardian) Dealing with or publishing protected information could lead to 20-year prison sentence
Litigation, Investigation, and Law Enforcement
As U.S. indicts foreign hackers, American cyber spies fear arrests in tit-for-tat action (McClatchy) As U.S. becomes a ‘punching bag’ for foreign hackers, prosecutors increasingly move to file criminal charges against state-run hackers abroad. But U.S. cyber warriors worry that they may face retaliation, too, possibly ending up in a foreign jail cell.
Can AMD Vulnerabilities Be Used to Game the Stock Market? (Motherboard) A shady financial firm tried to bury and short sell AMD based on several security vulnerabilities discovered by CTS Labs. But the tactic appears to have failed.
AMD – The Obituary (Viceroy Research Group) Viceroy analyze CTS Labs’ report exposing fatal security vulnerabilities across AMD products
SEC cyber unit eyes initial coin offerings with suspicion (Financial Times) As corporate fundraising evolves, investors need greater protection
Anti-anti-virus service provider tied to huge hacks cops plea (Naked Security) Jurijs Martisevs pled guilty to running a clearinghouse for criminal developers to see if anti-virus programs would detect their malware.
Statement of Facts: United States of America v. Jurijs Martisevs (United States District Court for the Eastern District of Virginia (via Register Media)) The United States and the defendant, JURIJS MARTISEVS ("MARTISEVS"), agree that the following facts are true and correct, and that had this matter proceeded to trial, the United States would have proven them beyond a reasonable doubt with admissible and credible evidence.
Intelligent to a Fault: When AI Screws Up, You Might Still Be to Blame (Scientific American) Interactions between people and artificially intelligent machines pose tricky questions about liability and accountability, according to a legal expert
New Orleans ends its Palantir predictive policing program (The Verge) The partnership ran for six years without public knowledge