The CyberWire Daily Briefing 1.11.18

Cyber Attacks, Threats, and Vulnerabilities

Hack Brief: Russian Hackers Release Apparent IOC Emails in Wake of Olympics Ban (WIRED) A state-linked hacking group is once again trying to discredit antidoping investigators.

ESET warning over ISP-level compromises in new Russian Turla campaign (Computing) Attackers appear to download legitimate Adobe Flash Player from Adobe and Akamai IP addresses

How do Iranians defy the internet censors? (BBC News) In Iran, many ordinary citizens are engaged in a battle of wits as the authorities block popular apps and social media services.

Cyber-attack risk on nuclear weapons systems 'relatively high' – thinktank (the Guardian) Chatham House warns that lack of skilled staff and slowness of institutional change exposes nuclear weapons systems

WhatsApp Flaws Could Allow Snoops to Slide Into Group Chats (WIRED) German researchers say that a flaw in the app's group-chat feature undermines its end-to-end encryption promises.

Vulnerable Mobile Apps: The Next ICS/SCADA Cyber Threat (Dark Reading) Researchers find nearly 150 vulnerabilities in SCADA mobile apps downloadable from Google Play.

Android Malware written in Kotlin found on Play Store stealing data (Hack Read) Just another day with just another Android malware hosted on Google Play Store targeting unsuspecting users – But this time, the malware is written in Kotlin, a statically-typed programming language.

CoffeeMiner project lets you hack public Wi-Fi to mine cryptocoins (Naked Security) Remember how we keep telling you that HTTPS is about more than just privacy? Well, here’s a timely reminder why…coffeshop coin mining!

Mining or Nothing! (SANS Internet Storm Center) SANS Internet Storm Center - A global cooperative cyber threat / internet security monitor and alert system. Featuring daily handler diaries with summarizing and analyzing new threats to networks and internet security events.

Mining or Nothing! (SANS Internet Storm Center) Cryptocurrencies mining has been a trending attack for a few weeks. Our idling CPUs are now targeted by bad guys who are looked to generate some extra revenue by abusing our resources.

Overstock and Coinbase briefly mixed up Bitcoin and Bitcoin Cash (TechCrunch) A glitch on Overstock’s website allowed users to send amounts of Bitcoin Cash to Overstock when the system was expecting Bitcoin, leading to drastic discounts on many items. Given that BTC is about $14,000 and Bitcoin Cash is $2,400, the mistake could have been quite costly.

Website Glitch Let Me Overstock My Coinbase (KrebsOnSecurity) Coinbase and Overstock.com just fixed a serious glitch that allowed Overstock customers to buy any item at a tiny fraction of the listed price. Potentially more punishing, the flaw let anyone paying with bitcoin reap many times the authorized bitcoin refund amount on any canceled Overstock orders.

Another macOS password prompt can be bypassed with any password (TechCrunch) MacRumors spotted a bug report that affects the current version of macOS High Sierra. In System Preferences, you can unlock the App Store preference pane by..

Past and Present Tactics of Ransomware Attacks (Infosecurity Magazine) Choosing the ransomware delivery mechanism is mostly a question of money.

The biggest cloud security threats, according to the CSA (SearchCloudSecurity) The cloud security threats that are the most dangerous may overlap with the risks to traditional storage. Here's what the CSA pegged as the biggest risks.

Security Patches, Mitigations, and Software Updates

Nvidia releases update for GPU - claims to be unaffected by Meltdown and Spectre (Computing) Nvidia updates drivers to combat Spectre security flaw, but claims it's not a problem

Meltdown-Spectre: IBM preps firmware and OS fixes for vulnerable Power CPUs (ZDNet) IBM confirms its Power CPUs for datacenter kit are vulnerable to the Meltdown and Spectre CPU attacks.

Microsoft: No more Windows patches at all if your AV clashes with our Meltdown fix (ZDNet) Your antivirus must be compatible with Microsoft's Meltdown-Spectre fixes for you to get patches this month or in future.

Intel: Spectre and Meltdown fixes should make PCs only 10 per cent slower, at most (Computing) Chipmaker publishes results of tests on CPUs running Windows 7 and Windows 10

Cyber Trends

3 top cyber experts speaking out (CSO Online) Interviews with three prominent SMEs in the world of cybersecurity: Rich Baich, Bill Crowell and Anthony J. Ferrante.

AI in Cybersecurity: Where We Stand & Where We Need to Go (Dark Reading) How security practitioners can incorporate expert knowledge into machine learning algorithms that reveal security insights, safeguard data, and keep attackers out.

Syncsort State of Resilience Report Shows Heightened Pressure to Assure Security and Compliance, High Availability and Disaster Recovery (BusinessWire) Syncsort State of Resilience report shows heightened pressure to assure security and compliance, high availability and disaster recovery.

There's a place that is scarier than the Dark Web (Netskope) I originally planned to focus this blog post on the dark web.

In space and cyber, China is closing in on the United States (SpaceNews.com) The United States could soon be unpleasantly surprised as China continues to shore up its domestic capacity to produce high-end weapons, satellites and encryption technologies.

Implications of cyber-attacks on healthcare sector critical (PharmaBiz) Indian healthcare sector is lagging behind in cybersecurity investment as compared to most major other sectors. However, given the spate of cybersecurity incidents globally in the healthcare sector, there is a growing realization amongst healthcare service providers in India to secure their critical data especially against growing number of ransomware attacks.

Marketplace

Ask Huawei About The "Coming" U.S.-China Trade War (Forbes) Speculation is rampant that President Trump will soon announce sanctions against China for its heavy-handed intellectual property and technology transfer policies, cavalierly thrusting us into a deleterious trade war.

CISOs' No. 1 Concern in 2018: The Talent Gap (Dark Reading) Survey finds 'lack of competent in-house staff' outranks all other forms of cybersecurity worry, including data breaches to ransomware attacks.

‘Demand rising for cyber cover in manufacturing sector’ (The Hindu Business Line) Growing incidents of cyber threats globally driving India Inc to put in place checks and balances

Arctic Wolf Secures $16M in New Funding to Accelerate Growth in Rapidly Expanding Security Operations Center-as-a-Service Market (BusinessWire) Arctic Wolf Networks, a leading security operations center (SOC)-as-a-service company, today announced it has raised $16 million in new funding, led b

Australian internet of things firm Connexion acquires IT provider Security Shift for up to $5m (CRN Australia) Connected car company Connexion Media pounces.

Industrial Cybersecurity Leader Nozomi Networks Raises $15 Million (Nozomi) Funding will drive global growth for pioneer in industrial control system cybersecurity as threats to critical infrastructure escalate

Dell will tighten VMware integration to compete with Veeam: sources (CRN Australia) New data protection products could be launched later this year.

CyberX Joins IBM Security App Exchange Community (GlobeNewswire News Room) CyberX ICS Threat Monitoring App part of collaborative development to stay ahead of evolving threats; enables unified approach to IT and OT security in the corporate SOC

Cyber Threat Alliance Elects Rapid7 CEO Corey Thomas to Board of Directors (NASDAQ.com) Industry veteran joins board of directors to advance information sharing among cybersecurity competitors

Drew Thomas Joins Webroot as Vice President of Corporate Development (Business Inside) Webroot, the Smarter Cybersecurity® company, announced it has appointed Drew Thomas to the role of Vice President, Corporate Development. Thomas will be responsible for leading Webroot's corporate partnership and acquisition strategy, and managing the company's business intelligence team.

Products, Services, and Solutions

Cymulate Launches Cybersecurity Validation Technology Solution for MSSPs (The Daily Telescope) Cymulate, a technology startup that helps companies safeguard their business-critical assets with a unique breach and attack simulation platform, today announced t…

What’s the Spectre Your VoIP will Meltdown? (GlobeNewswire News Room) Telephony systems, SBCs and VoIP hardware that rely on Intel, AMD and ARM processors harbor some serious security vulnerabilities

Raytheon Touts Cross Domain Solutions For Navy (Breaking Defense) As the surface Navy intensively strives to achieve the cross domain capabilities so essential to warfighting success against a near-peer competitor, Raytheon is using its wide spectrum of defense technologies to support those efforts.

LogRhythm Offers GDPR Compliance Tool (MediaPost) LogRhythm is providing a GDPR compliance tool at no cost to clients.

Netgear's New Gaming Router Offers Protection Against DDoS Attacks (HackRead) Netgear LAN Switch and Nighthawk Pro Gaming Router (XR500) Offers Reliable Safeguards Against DDoS Attacks.

Technologies, Techniques, and Standards

Wi-Fi security overhaul coming with WPA3 (Naked Security) Nearly 14 years after it ratified the Wireless Protected Access 2 (WPA2), the Wi-Fi Alliance has given the world a peek at what might be coming next for wireless security.

Why were prime numbers in the news recently? (The Hindu) The number was discovered using a computer software called GIMPS which looks for Mersenne prime numbers.

Alert fatigue can allow cyber threats to slip through the net (BetaNews) Businesses are increasingly turning to software to allow them to spot cyber threats. But this can lead to a problem in the form of alert fatigue, where there are just too many warnings to allow them to be properly investigated.

The next challenge for Navy cyber teams? Keeping skills sharp (Fifth Domain) The Navy wants to ensure its Cyber Mission Force teams sustain a high degree of readiness that allows them to deploy anywhere, anytime.

How to Protect Your Child's Privacy on Internet-Connected Toys (Consumer Reports) An FTC settlement shows that internet-connected toy companies collect a lot of data about kids, often without adequate safeguards. Consumer Reports explains what parents can do to protect their protect their child's privacy.

Design and Innovation

Security Concerns to Trigger Demand for Deception Technology (TMR Research Blog) Deception technology, which is still in a nascent stage, holds out considerable promise. Bigger associations are increasingly leveraging them to uncover potential risk well in advance. Progressed tricky technology arrangements can spare elements over the world right around trillions of dollars lost in digital assaults

The revolution of obfuscation for cybersecurity and threat intelligence (FCW) Without the proper protections, threat intelligence can do more harm than good.

How Cisco’s newest security tool can detect malware in encrypted traffic (Network World) Cisco’s Encrypted Traffic Analytics (ETA), which monitors network packet metadata to detect malicious traffic even if its encrypted, is now generally available.

Facebook ditches its AI virtual assistant (CRN Australia) Would-be Siri, Alexa rival will close down 19 January.

We found a deleted page that reveals the paparazzi roots of Kodak Coin (Ars Technica) Kodak’s stock has tripled since announcing the blockchain project on Tuesday.

Research and Development

CyberCorps: Scholarship for Service recognizes first hall of fame recipients (National Science Foundation) 3 individuals recognized for contributions to defend US cyberspace

Academia

NYU Tandon Hacks Cybersecurity Education (Business Insider) New York University Tandon School of Engineering, in partnership with New York City Cyber Command (NYC3), today launched the New York Cyber Fellows, a unique, affordable online cybersecurity master's degree program designed in conjunction with elite New York City employers to address the acute shortage of highly trained technical professionals in the city and nation.

Legislation, Policy and Regulation

South Korea may or may not ban bitcoin exchanges and that’s the news (TechCrunch) The price of bitcoin and other cryptocurrencies dropped significantly today off the back of 'news' that South Korea's government might ban trading exchanges...

Limit aadhaar: Linking it to everything paints a bull’s eye on India for cyber warfare (Times of India Blog) Aadhaar’s proliferation in the past 20 months after the passage of the Aadhaar Act in March 2016 has raised several concerns. No one really seems to know how Aadhaar will grow or what other purposes it...

Somalia Launches Digital Counter-extremism Center (VOA) Center will use social media to promote stability, counter al-Shabab propaganda online and in traditional media

Moscow ‘meddling in US and Europe for past 20 years’ (Times) Russia has been working to undermine democracy at home and across Europe for the past two decades, and will seek to interfere in future elections in the US if President Trump does not act against...

The House Just Voted to Expand Warrantless Surveillance of US Citizens (Motherboard) A similar bill will now be considered in the Senate.

Trump tweet throws today’s House surveillance votes into chaos [Updated] (Ars Technica) Trump tweet appears to attack NSA spying hours after the White House defends it.

Tight Vote Ahead for House on NSA Surveillance (Newsmax) The House of Representatives on Thursday will vote on whether to extend a controversial program of warrantless spying on internet and phone networks put in place by the National Security Agency that dates back to the Sept. 11 attacks.

Senate Democrats propose fines for credit reporting agency hacks (Business Insider) Two Senate Democrats are proposing large new fines for credit reporting agencies that lose consumers' personal information in data breaches, according to a bill they introduced on Wednesday.

Equifax Would Have Paid $1.5bn Under New US Breach Laws (Infosecurity Magazine) Equifax Would Have Paid $1.5bn Under New US Breach Laws. Democrat senators introduce new legislation

Homeland Security speeds up election security aid to states (TheHill) Top cybersecurity official expects remaining requests for "risk and vulnerability assessments" to be met by mid-April.

Pentagon faces slew of cyber challenges in new year (TheHill) The U.S. military is facing a host of challenges as it seeks to cultivate and expand cyber operations in the new year.

MoD appoints Charles Forte as new CIO, replacing Mike Stone (Computing) Former deputy group CIO of BP and interim CIO of Thames Water to take up post at end of month

Litigation, Investigation, and Enforcement

Indian government revokes access to identity database from 5,000 officials (Computing) Horse/stable door/bolted

The U.S. Government Is Suspicious of Huawei Smartphones. Should You Be, Too? (Slate Magazine) Our government increasingly seems to think that technology designed and manufactured outside our own borders is inherently dangerous.

Mueller team adds prosecutor specializing in cyber crime (TheHill) Ryan Dickey, a veteran cyber crime prosecutor, has joined special counsel Robert Mueller's team of investigators.

Democrats go solo on Russia probe as partisan divisions reach a 'breaking point' (Chicago Tribune) Democrats are striking out on their own this week over all but one of the congressional investigations into Russian meddling, independently releasing reports

The FBI Is Disrupting One-Tenth as Many Cyber Crime Rings As In 2015 (Defense One) The bureau missed its own goals for disruptions and dismantlements the past two years.

FBI supports & blames encryption for 7,800 devices it can't unlock (HackRead) FBI (Federal Bureau of Investigation) director blames encryption for thousands of phones the Bureau could not unlock but then he also supports "strong encryption."

FBI Hacker Says Apple Are 'Jerks' and 'Evil Geniuses' for Encrypting iPhones (Motherboard) An FBI forensic expert lambasted Apple for making iPhones hard to hack into.

Apple’s China iCloud data migration sweeps up international user accounts (TechCrunch) Apple's plan to migrate China-based iCloud user accounts to a local host on Chinese soil is already running into controversy after the iPhone-maker appeared..

How the Government Hides Secret Surveillance Programs (WIRED) A new report from Human Rights Watch sheds light on a troubling law enforcement practice called “parallel construction.”

Prosecutors say Mac spyware stole millions of user images over 13 years (Ars Technica) Fruitfly creepware turned on cameras and mics, automatically detected porn searches.

Justice Dept. indicts Ohio hacker for writing Fruitfly malware to spy on thousands of Mac users (ZDNet) The alleged hacker was 14 years old when he wrote Fruitfly, a backdoor used to remotely spy on Mac users.

Appeals court chips away at Finjan patent win against Symantec (Reuters) A federal appeals court on Wednesday reduced a $39.5 million verdict the patent licensing firm Finjan Holdings Inc won against cybersecurity company Symantec Corp.

Beautiful webchat honeys turn out to be fembots (Naked Security) Here we sit, broken hearted, paid our yuan and the video never started.

Surveillance Court Taps Georgetown Professor as Amicus (National Law Journal) Donohue will help the Foreign Intelligence Surveillance Court of Review determine whether the ACLU has standing to sue to unseal certain government spying decisions.

ECJ to rule on whether Facebook needs to hunt for hate speech (TechCrunch) Austria's Supreme Court is referring a legal challenge over the extent of Facebook's responsibility to remove hate speech postings to Europe's top court for..

YouTube drops Logan Paul from Google Preferred and puts his Originals on hold (TechCrunch) YouTube has taken further action against social media star Logan Paul, dropping the vlogger from its Google Preferred program, which is meant to be a mark of..

Fancy Bear growls at the IOC. WhatsApp snoopable? Bitcoin and Bitcoin cash aren't the same. US House votes for Section 702.