Cyber Attacks, Threats, and Vulnerabilities
Facebook: ‘Malicious actors’ used its tools to discover identities and collect data on a massive global scale (Washington Post) Facebook said the scam likely hit most of its 2 billion users and helped hackers match email addresses or phone numbers from the so-called “Dark Web” to faces and names on Facebook.
Facebook Says Data on 87 Million Users May Have Been Improperly Shared (Wall Street Journal) Facebook says information on 87 million people may have been improperly shared with Cambridge Analytica. The figure previously was reported to be roughly 50 million.
Facebook raises number of users affected by Cambridge Analytica leak to 87 million (CNBC) Facebook issued the updated number in a lengthy post by CTO Mike Schroepfer about its privacy changes, including restricting third party app access and deleting old logs of messages.
An Update on Our Plans to Restrict Data Access on Facebook (Facebook Newsroom) Two weeks ago we promised to take a hard look at the information apps can use when you connect them to Facebook as well as other data practices. Today, we want to update you on the changes we're making to better protect your Facebook information.
In Wake of Facebook Debacle, New Appthority Report Finds Tens of Thousands of Ad-Supported Apps Are Collecting Excessive Data (BusinessWire) Appthority released a new report that found that more than 24,000 ad-supported apps are hiding their excessive data collection in plain sight.
Appthority Enterprise Mobile Threat Report Q1 2018: Ad-supported Apps: How Personal Data Collection Hides in Plain Sight & Puts Mobile Users and Enterprises at Risk (Appthority) A recent presentation at PrivacyCon, featured a professor asserting that the Facebook advertising platform is leaking users’ Personally Identifiable Information (PII).
Those Facebook videos you thought were deleted were not deleted (Naked Security) Facebook’s blamed a bug. Let’s wait and see what other critters crawl out of those data archives many of us have been downloading!
North Korean Hackers Behind Online Casino Attack: Report (SecurityWeek) The infamous North Korean hacking group known as Lazarus is responsible for attacking an online casino in Central America, along with various other targets, ESET says.
Chinese hackers targeting US firms’ financial data, report says (South China Morning Post) Cyberattacks looking to get information on bid prices, contracts and mergers and acquisitions, US-based security company claims
FireEye sees repeat cyber attacks rising in Indian companies (The Economic Times) FireEye found that 49% of customers in India and APAC, with at least one high priority breach, were successfully attacked again within a year.
Several U.S. Gas Pipeline Firms Affected by Cyberattack (SecurityWeek) Several natural gas pipeline operators in the United States affected by a cyberattack that hit a communications system provided by a third party
Cyberattack Bleeds Into Utility Space With Billing Delays (Bloomberg) A cyberattack that hobbled the operations of at least four natural gas pipeline companies starting late last week also triggered changes within the utility industry.
Cyberattack Shows Vulnerability of Gas Pipeline Network (New York Times) An attack on a shared data network forced four natural-gas pipeline operators to temporarily shut down computer communications with customers.
YouTube employee’s Twitter account hijacked during shooting (Naked Security) In less than an hour after he tweeted from a barricaded room, Vadim Lavrusik’s account was hijacked.
Establishing covert communication channels by abusing GSM AT commands (Help Net Security) Security research often starts as a hobby project, and Alfonso Muñoz's and Jorge Cuadrado's probe into mobile privacy is no exception. They ended up finding a way to establishing covert communication channels over GSM by abusing GSM AT commands.
Innaput Actors Utilize Remote Access Trojan Since 2016, Presumably Targeting Victim Files (Arbor Networks Threat Intelligence) Overview ASERT recently identified a campaign targeting commercial manufacturing in the US and potentially Europe in late 2017. The threat actors used phishing and downloader(s) to install a Remote Access Trojan (RAT) ASERT calls InnaputRAT on the target's machine. The RAT contained a series of commands that
The Twitter Botnet Bitcoin Con: Why Is It So Easy To Steal Cryptocurrency? (Medium) Amidst all the controversy about Russian bots interfering with the U.S. presidential election, Twitter botnets are being used with a much…
CertUtil.exe Could Allow Attackers To Download Malware While Bypassing AV (BleepingComputer) Windows has a built-in program called CertUtil, which can be used to manage certificates in Windows. Using this program you can install, backup, delete, manage, and perform various functions related to certificates and certificate stores in Windows.
UPDATE: Govt. services shut down due to yet another cyber attack (Daily Herald) Residents and businesspeople were greeted by closed doors at the Government Administration Building on Pond Island this morning due to what is said to be yet another cyberattack on the administration’s IT network.
The Billion-Dollar Hacking Group Behind a String of Big Breaches (WIRED) Fin7, also known as JokerStash, Carbanak, and other names, is one of the most successful criminal hacking groups in the world.
Urban Bungle: Atlanta Cyber Attack Puts Other Cities on Notice (Scientific American) The city has spent the past two weeks restoring online services disrupted by ransomware that held encrypted data hostage
58% of Organizations Have More Than 100,000 Folders Open to Every Employee, Reveals Varonis Data Risk Report (Varonis) Despite enormous consequences of this addressable challenge, companies continue to expose sensitive information to insider threats, ransomware and other risks
Data Under Attack: 2018 Global Data Risk Report (Varonis) Each year, Varonis conducts over a thousand risk assessments for customers and potential customers.
Weak White House email domain security 'poses a national security risk': Study (Washington Examiner) More than 95 percent of emails domains overseen by the Executive Office of the President are at risk of being attacked by phishers and poses a "national security risk," according to a new study.
Free Virgin Atlantic tickets? No, it’s a WhatsApp scam (Naked Security) Two free tickets for every family? It sounds great! It has to be a scam.
Security Patches, Mitigations, and Software Updates
Facebook Removes Feature It Says Was Being Used to Scrape User Data (Fortune) 'we believe most people on Facebook could have had their public profile scraped in this way'
Critical Vulnerability Patched in Microsoft Malware Protection Engine (SecurityWeek) An update released by Microsoft for its Malware Protection Engine patches a vulnerability that allows hackers to take control of systems by scanning a malicious file
Intel Tells Users to Uninstall Remote Keyboard App Over Unpatched Security Bugs (BleepingComputer) Intel has decided that instead of fixing three security bugs affecting the Intel Remote Keyboard Android app, it would be easier to discontinue the application altogether.
Cyber Trends
Winning the Game (McAfee) Cybersecurity defenses are under unprecedented levels of attack. From old malware foes and newer types, such as ransomware, to sophisticated advanced threats and statesponsored cyberattacks, breaches are, sadly, now an everyday reality.
Only 1% of media companies are 'very confident' in their cybersecurity (TechRepublic) Media organizations are facing SQL injections, DNS attacks, pirated content, and DDoS attacks, according to an Akamai report.
Media Organizations’ Security Practices, Threats & Concerns Examined in New Akamai Research Report (Akamai) ‘The State of Media Security’ Survey Finds that Few Media Organizations are ‘Very Confident’ in their Current Security Measures
Ethics Moves Front and Center in AI Debate (EnterpriseTech) The breakneck pace of machine intelligence development is prompting welcome assessments of the ethical implications of a technology that will have a profound effect on workers, consumers and most every other segment of society. With that sobering reality in mind, a new risk assessment released by federal contractor
2018 Trustwave Global Security Report (Trustwave) Download the 2018 Trustwave Global Security Report, the industry’s most comprehensive account of cyberthreat and attack data, criminal motivations and trends, and advice for moving forward.
US spanks EU businesses in race to detect p0wned servers (Register) 175 days from breach to action could prove very expensive when GDPR kicks in
How artificial intelligence went from an advantage to a worldwide threat (C4ISRNET) Once considered one answer to preserving U.S. military superiority, AI is now seen by national security leaders as a danger to military operations — and the need to invest in decision-making technologies is accelerating.
Cyber Claims Study (NetDiligence) The annual NetDiligence® Cyber Claims Study uses actual cyber liability insurance reported claims to illuminate the real costs of incidents from an insurer’s perspective. Our objective for this stu…
2018 IBM X-Force Report: Shellshock Fades, Gozi Rises and Insider Threats Soar (Security Intelligence) The latest IBM X-Force report highlighted threats stemming from misconfigured cloud servers and inadvertent insider negligence and examined malware trends from 2017 that could continue into 2018.
Netwrix Survey: 69% of healthcare providers plan to move more data to the cloud, disregarding insider threat (Netwrix) 2018 Netwrix Cloud Security: In-Depth Report reveals that, despite concerns about unauthorized access to PHI, healthcare organizations are still ready to move data to the cloud
Almost half of UK businesses are vulnerable to IoT hacking (Computing) IT managers often neglect to change the default password - but want to increase the spend on IoT devices
Marketplace
Google Staffers Demand End to Work on Pentagon AI project (PCMAG) Over 3,100 employees have signed the letter protesting Google's involvement in Project Maven, a Pentagon effort to use AI systems to analyze drone footage.
RSA Acquires Behavior Analytics Startup Fortscale (CTECH) The Israel-based startup was acquired for less than investors had put into the company, a person familiar with the matter told Calcalist
ESET opts for two-tier approach to support ambitious channel growth plans (MicroscopeUK) The endpoint protection player is looking for ambitious channel growth and has turned to distribution to support that aim
Microsoft to pour $5bn into IoT (CRN) Investment comes soon after Satya Nadella announced a restructuring at Microsoft,Vendor ,Microsoft
Threat X Closes $8.2 Million Series A Funding Round Co-Led by Grotech Ventures and Access Venture Partners (BusinessWire) Threat X Closes $8.2 Million Series A funding round co-led by Grotech Ventures and Access Venture Partners.
American Bankers Association hires cybersecurity expert (Financial Regulation News) The American Bankers Association (ABA) named Paul Benda as its new senior vice president of risk management policy. Paul Benda In this position, Benda leads ABA’s policy initiatives in cybersecurity, physical security, and risk management practices. Benda joins the association from Global Security and Innovative Strategies (GSIS), where he served as partner and chief technology …
Products, Services, and Solutions
2018 Could be the Year When Consumers Crush Ransomware (Financial IT) Consumers finally have a chance to get the edge on ransomware gangs that have amassed billions of dollars in the past few years.
Infoblox Enhances SaaS based Security to Address the DNS Cybersecurity Blind Spot (PR Newswire) Infoblox Inc., the network control company that provides...
ForeScout Expands Device Visibility Platform to Secure the Extended Enterprise (GlobeNewswire News Room) Supports up to 2 million devices in a single enterprise manager for industry-leading scalability and increased visibility across entire enterprise environment, including operational technology and critical infrastructure
Device Authority and Gemalto Drive Internet of Things Security for Enterprise Solutions (BusinessWire) Device Authority and Gemalto have partnered to enable companies to protect data and digital identities across endpoint devices, gateways and clouds
Digital Defense Launches AWS-Based Frontline.Cloud Platform (PRWeb) Pioneer of Cloud Solutions Further Simplifies Assessing Security of Hybrid Networks
LogicHub announces ThreatGPS™ for GitHub, The World's First Automated Threat Detection and Response Solution for Source Code Management System (PRNewswire) First out-of-the-box intelligent threat detection solution that continuously monitors GitHub repositories, available to protect the 80 million repositories in the cloud worldwide
New CompTIA Advanced Security Practitioner Certification Takes on Latest Cyber Threats (Markets Insider) CompTIA, the leading provider of vendor-neutral, performance-based certifications for the information technology (IT) industry, today introduced a new version of its CompTIA Advanced Security Practitioner credential.
Security Compass Releases New Risk Dashboard Capability in the Latest Version of its SD Elements Platform (GlobeNewswire News Room) SD Elements Version 4.12 Makes it Easy for Organizations to Demonstrate Clear Governance of Software Security and Compliance Activity
ShiftLeft: Fully automated runtime security solution for cloud applications (Help Net Security) ShiftLeft provides fully automated secure development and runtime protection for cloud applications. It extracts "Security DNA" from applications, maps how sensitive data is flowing from applications to data sinks and shows you how that flow is being handled, and shows potential problems.
WISeKey Defines its ICO for the WISeCoin Cryptocurrency (GlobeNewswire News Room) WISeKey International Holding Ltd ("WISeKey", SIX: WIHN), a leading cybersecurity and IoT company announced that it will launch its WISeCoin in Q4 2018.
Verint launches new FaceDetect solution to automate intelligence gathering (TechObserver) Verint FaceDetect is powered by computer-based, multi-layered algorithms designed to operate in challenging security scenarios, said company.
Swimlane Augments Its Automated Security Platform With Lastline Integration (GlobeNewswire News Room) Swimlane expands its capabilities in security orchestration, automation and response by integrating with industry-leading malware detection platform
StorMagic Adds Affordable Data Encryption for Edge Computing Environments () StorMagic®, simplifying storage at the edge, today introduced StorMagic SvSAN with Data Encryption, the most cost-effective encryption solution for st
Technologies, Techniques, and Standards
NCCIC Growth Helps Tackle 'Most Serious and Enduring Strategic Risks' (Homeland Security Today) Goals include expanding the scale and number of vulnerability scans, cyber hunt activity, and risk assessments to protect election security.
Blockchain gets renewed focus with IT modernization funding in place (Federal News Radio) Blockchain is generating a lot of buzz in government IT offices these days, and it does more than serve as the technology behind Bitcoin.
Here’s What Government Gets Wrong About Bug Bounties (Nextgov.com) Congress has gone bananas for bug bounties, but they may not always be the right choice.
How to Detect App Threats to Protect Your Business
(Arxan) 1. Start with a brilliant high-value app idea.
Securing software: Why we're all coders now (Computing) DevSecOps may be a clunky label but it can help start a necessary conversation, says Christian Beegden of Sumo Logic,DevOps,Security ,devsecops,Sumo Logic,Graham Cluley,DevOps,Security
How do you solve a problem like ransomware? Invest up front (The Parallax) Without investing in technology and personnel to implement preventative measures, experts say, ransomware like the SamSam attack in Atlanta will continue to wreak havoc across computer systems and networks.
Research and Development
Tortuga Logic to Develop Novel Hardware Security Solutions with Support from DARPA Program (BusinessWire) Chips security firm that targets issues like Meltdown and Spectre Receives DARPA Contract - Tortuga Logic to Develop Novel Hardware Security Solutions
Legislation, Policy, and Regulation
U.S. Reported Poised To Impose New Sanctions On Russian Billionaires (RadioFreeEurope/RadioLiberty) The United States plans to impose a new round of sanctions on Russia, this time targeting Russian billionaires with ties to President Vladimir Putin, media are reporting.
Top intel official: We're about to go on offense in cyberwar with Russia (Hot Air) "There is more going relative to this issue than I think has been reported."
McMaster Unleashes on Russia in Final Speech (Foreign Policy) The outgoing national security advisor took one last swipe at Putin’s efforts to undermine Western democracies.
Lt. Gen. H.R. McMaster: The Toughest Man on Russia? (Atlantic Council) US national security advisor says West has "failed to impose sufficient costs" on Moscow for its aggressive behavior US President Donald J. Trump assured the leaders of the Baltic states—Estonia, Latvia, and Lithuania—at a White House meeting on...
New Chinese defense minister says China will ‘support’ Russia against US: Tass (Asia Times) Quoted at Moscow security conference
With trade war looming, Chinese cyberattacks may follow (Cyberscoop) Cybersecurity and policy experts say government-backed cyberattacks between the U.S. and China may spike after years of calm.
Separating Kim Jong Un from his Elites (The Cipher Brief) “What South Koreans want is an unconditional withdrawal of U.S. troops from the South, an unwelcome guest that poses a threat to peace and security on the Korean Peninsula.” -14 March 2018, Rodong Sinmun, North Korea Newspaper After decades of effort, North Korea is close to being able to credibly threaten the United States with …
Facebook and Twitter may be forced to identify bots (Naked Security) If passed, the bill would give platforms 72 hours to investigate reports of bots seeking to mislead Californians and to remove or disclose them.
Litigation, Investigation, and Law Enforcement
Russian bid for joint spy probe rejected (BBC News) A proposal for a new inquiry into the Salisbury poisoning fails at the chemical weapons watchdog.
UK locates source of novichok nerve agent used in Salisbury (Times) Russia’s culpability in the Salisbury poisoning is “beyond reasonable doubt”, the security minister said today as Russia took the spiralling row to the United Nations Security Council. Sergei...
Useful idiots are letting Putin off the hook (Times) If it wasn’t so bloody serious, you’d have to laugh at the irony of it. Back in August 2004, the then MP for Henley joined a small group of parliamentarians calling for the prime minister, Tony...
Threatening legal fight, Nunes demands document that kicked off FBI Trump-Russia investigation (Washington Examiner) House Intelligence Committee Chairman Devin Nunes, R-Calif., has sent a letter to Deputy Attorney General Rod Rosenstein and FBI Director Christopher Wray demanding an uncensored copy of the document the bureau used to formally begin its investigation into alleged collusion between Russia and…
Inside the takedown of the alleged €1bn cyber bank robber (WIRED UK) The Carbanak cybercrime group is accused of stealing more than €1bn from banks around the world. Last week, police arrested the man they think is its mastermind
Catching a Chinese IP Thief: How the FBI Tracked and Caught Sinovel (The Cipher Brief) This victory in court exposes a more difficult problem. Is the U.S. government willing to back the ruling with a meaningful deterrence strategy?
PayPal fraudster's £50,000 in Bitcoin seized on proceeds of crime confiscation (Computing) Gabriele Pearson sentenced to 15-month jail term last week among the first to have Bitcoins confiscated under Proceeds of Crime Act,Security,Threats and Risks ,PayPal,Gabriele Pearson,Economic Crime Unit,Surrey Police,Second Life