Cyber Attacks, Threats, and Vulnerabilities
Update on Pawn Storm: New Targets and Politically Motivated Campaigns (TrendLabs Security Intelligence Blog) The active espionage actor group Pawn Storm didn’t shy away from continuing their brazen attacks in the second half of 2017. Pawn Storm's attacks usually are not isolated incidents. We can often relate them to earlier attacks by carefully looking at the technical indicators and motives.
Intel AMT Security Issue Lets Attackers Bypass BIOS and BitLocker Passwords (BleepingComputer) An F-Secure security researcher has found a way to use Intel's Active Management Technology (AMT) to bypass BIOS passwords, BitLocker credentials, and TPM pins and gain access to previously-secured corporate computers.
Security flaws in Intel AMT enable attackers to take control of laptops in 30 seconds (Computing) Pwned in 30 seconds: Warning over new security flaws in Intel Active Management Technology
Researchers uncover major security vulnerabilities in ICS mobile applications (Help Net Security) IOActive and Embedi researchers found 147 cybersecurity vulnerabilities in 34 mobile applications used in tandem with SCADA systems.
Everything running smoothly at the plant? *Whips out mobile phone* Wait. Nooo... (Register) SCADA mobile app security is getting worse
Mobile SCADA application landscape less secure than in 2015 (SC Media UK) Within just two years, the security situation for SCADA has got worse to the tune of an average increase of 1.6 vulnerabilities per application tested.
AMD says chips are also exposed to Spectre security flaw (CRN Australia) Shares were up 20 percent after bug was revealed.
NSA Didn't Know of Meltdown, Spectre, Trump Cyber Czar Says (Tom's Guide) The NSA didn't know about the Meltdown and Spectre computer-security flaws, the agency's former top hacker said in New York today.
G DATA Sicherheitsexperte über seine Forschung zu "Spectre" und "Meltdown" (Pressebox) Anders Fogh von der G DATA Advanced Analytics gibt im Interview Einblick in seine Grundlagenarbeit, die zur Entdeckung der Schwachstellen geführt hat
Spyware targets North Korean dissidents via social links, says McAfee (ComputerWeekly.com) Researchers at security firm McAfee have confirmed that social networks are being used to target North Korean dissidents with spyware.
Russia-linked hackers apparently targeting 2018 Olympics (TheHill) Hackers calling themselves "Fancy Bears" release alleged confidential communications from International Olympic Committee officials.
Duping Doping Domains (ThreatConnect) Possible Fancy Bear domains spoofing anti-doping and Olympic organizations
Russians may be planning hack to cast shadow on Olympics: researchers (Reuters) A Virginia-based cybersecurity firm said on Thursday it had found early indications that Russia-based hackers may be planning attacks against anti-doping agencies in retaliation for Russia's exclusion from next month's Winter Olympic Games.
The Other Scary Foreign Hacking Threat Trump Is Ignoring (Fast Company) Russia didn’t just meddle in the U.S. election: it’s trying to hack our critical infrastructure–and Trump may be keeping Americans in the dark.
Apps Exposing Children to P[0]rn Ads Booted From Google Play (Threatpost) Researchers identified 60 apps on Google Play infected with AdultSwine malware that in some cases displayed graphic adult-themed ads on apps intended for children.
Malware infected fake Telegram Messenger app found in Play Store (HackRead) Another day another Android malware, this time a fake Telegram Messenger app on Play Store has been found infecting users with a malware that spams devices with ads.
Warning over unpatched Oracle WebLogic Servers being targeted with Monero-mining malware (Computing) Rule number one of IT security: Always. Patch. Promptly...
Hackers Make Whopping $226K Installing Monero Miners on Oracle WebLogic Servers (BleepingComputer) A group of hackers has made over a quarter-million dollars worth of Monero by breaking into Oracle WebLogic servers and installing a cryptocurrency miner.
Bitcoin Blackmail by Snail Mail Preys on Those with Guilty Conscience (KrebsOnSecurity) KrebsOnSecurity heard from a reader whose friend recently received a remarkably customized extortion letter via snail mail that threatened to tell the recipient’s wife about his supposed extramarital affairs unless he paid $3,600 in bitcoin. The friend said he had nothing to hide and suspects this is part of a random but well-crafted campaign to prey on men who may have a guilty conscience.
Coprocessor Attacks: the Hidden Threat (Infosecurity Magazine) Coprocessors typically run their own firmware which—like any other computer code—can be vulnerable to attack.
Can’t assess extent of damage from Android malware as hacker yet to use info: Sanjay Katkar, Quick Heal Tech (The Economic Times) “Our focus area has been adding more features on larger enterprises and data breach threats.”
Is This The End Of Bitcoin's Ransomware Monopoly? (Information Security Buzz) News broke overnight that , a new variant of the HC7 Ransomware is in the wild that encrypts a victim’s files and appends the .PLANETARY extension to the filename. What makes this particular ransomware variant unique is that it may be the first one that accepts the Ethereum cryptocurrency as a ransom payment. Andy Norton, Director of Threat Intelligence at Lastline commented …
Warbiking in Perth – how does Wi-Fi security stack up these days? (Naked Security) Perth, Western Australia. Christmas in summer. Warbiking in the sunshine! Here’s what we found…
Security Patches, Mitigations, and Software Updates
Dell EMC patches vulnerabilities in its data protection products (Network World) The vulnerabilities affect Dell EMC's Avamar Server, NetWorker Virtual Edition, and Integrated Data Protection Appliance. Users should apply patches now.
Here’s how, and why, the Spectre and Meltdown patches will hurt performance (Ars Technica) Now that microcode and patches are starting to ship, a clearer picture is emerging.
AMD confirms that its CPUs are exposed to all variants of Spectre - promises patches ASAP (Computing) No Meltdown at AMD, but company admits vulnerability to Spectre flaw
Intel Releases Linux CPU Microcodes To fix Meltdown & Spectre Bugs (BleepingComputer) On January 8th Intel released new Linux Processor microcode data files that can be used to mitigate the Spectre and and Meltdown vulnerabilities in Intel CPUs. Using microcodes, an operating system can fix known bugs in Intel CPU without having to perform a BIOS update on the computer.
Intel says patches can cause reboot problems in old chips (Reuters) Intel Corp on Thursday said that recently issued patches for flaws in its chips could cause computers using its older Broadwell and Haswell processors to reboot more often than normal and that Intel may need to issue updates to fix the buggy patches.
Microsoft rolling out Surface firmware updates with Meltdown, Spectre mitigations (Windows Central) Microsoft is rolling out a new round of firmware updates for Surface devices, bringing mitigations for Spectre and Meltdown in the process.
Intel and Microsoft sow confusion over security flaw (Financial Times) Chipmaker talks down impact on PC performance from fixing Meltdown and Spectre issues
Those pesky registry keys required by critical security patches (SANS Internet Storm Center) With the “storm” around Meldown and Spectre slowly winding down, I would like to remind everyone on registry changes that are required by the latest patches released by Microsoft.
Meltdown and Spectre fallout: patching problems persist (Malwarebytes Labs) In the days since Meltdown and Spectre have been made public, we’ve tracked which elements of the design flaw, known as speculative execution, are vulnerable and how different vendors are handling the patching process.
No need to rush network patching for Spectre and Meltdown (SearchNetworking) Security experts said Spectre and Meltdown pose a low risk to networking gear. Nevertheless, network patching should be done following extensive testing.
Microsoft details Windows 10 security, touts it as a 'worthy upgrade' (Neowin) Microsoft has touted the multi-layered defense strategy of Windows 10, saying that the increased security of its latest operating system against ransomware attacks make it a "worthy upgrade".
Microsoft adds end-to-end encryption to Skype for secure conversations (TechRepublic) Available to Skype Insiders, the Private Conversations feature is built on the Signal Protocol by Open Whisper Systems.
Cyber Trends
The 2018 Eye on Privacy Report (MediaPro) The 2018 Eye on Privacy Report is now available. Download it now for details on how the average U.S. employee responds to sensitive data in real world scenarios.
Median 'dwell' time for cyber intrusion highest in APAC at 172 days: FireEye (ZDNet) The time between an attacker compromising a secured network and the breach being detected is the highest in the APAC region, with the median 'dwell' time 73 days above the global median of 99 days.
Former Michigan CISO: Don't Ignore Security Predictions (BankInfo Security) It seems like every vendor in the data security industry makes predictions this time of year. Which ones should you pay attention to? All of them, says Dan
Marketplace
Endgame Endpoint Protection Platform Wins Contract with U.S. Navy to Protect Critical Assets (PRNewswire) Endgame wins competitive selection process against other endpoint security platforms
Context Labs Acquires IoT ImpactLABS (Business Insider) Context Labs (CXL) announced today that it has acquired IoT ImpactLABS. The acquisition will further accelerate CXL's blockchain-based Immutably™ platform in its movement upstream in the supply chain, enabling the "Supply Chain of Everything." The acquisition will accelerate integration with IoT-connected devices, sensors and systems.
Inpixon (NASDAQ:INPX) is Mingling Blockchain and Security (Finance Registrar) Inpixon (NASDAQ:INPX) is another company emerging that will get you that blockchain fix you need. INPX was up as much as +40% early in the ...
VMware confirms job cuts (CRN) Vendors says it's cutting 'a small percentage' of its workforce
15 companies graduate from UMBC's bwtech, ready to grow on their own (Baltimore Business Journal) More than 110 companies have graduated since bwtech@UMBC began offering incubation services in 1989.
IBM Layoffs 2018: 10,000 Staff Cuts in Global Technology Services (GTS)? (ChannelE2E) IBM may lay off 10,000 employees from the Global Technology Services (GTS) team, according to a report about alleged IBM staff cut plans from The Register.
IBM just replaced its chief financial officer (Business Insider) The change comes hours after reported layoffs in IBM's computer service delivery business.
Artificial Intelligence Leader Beyond Limits to Drive Growth with New Chief Marketing Officer (Business Insider) Beyond Limits, a developer of advanced artificial intelligence (AI) and cognitive computing solutions, today announced it has appointed Dann Wilkens as its new Chief Marketing Officer.
New CSO, CISO appointments (CSO Online) Find up-to-date news of CSO, CISO and other senior security executive appointments.
Products, Services, and Solutions
New infosec products of the week: January 12, 2018 (Help Net Security) Code42 enhances data security and recovery solution Code42 announced enhancements to its data security solution. The Security Center helps detect and mitig
2017's Top stories from Prey users who fought theft and won! (Pry Project) Our users, the Preyans, are a brave bunch! They continuously share their cool stories about how they kicked crime's butts and retrieved their stolen devices.
Protecting Security-Sensitive Software From Spectre (PRNewswire) GrammaTech, Inc., a leading developer of commercial embedded software...
Code42 Enhances Its Data Security and Recovery Solutions in a Market Defined by Global Cyberattacks (BusinessWire) Code42, the global leader in cloud-based endpoint data protection and recovery, today announced enhancements to its data security solution.
Express Logic’s X-Ware IoT Platform receives Thread product certification (Embedded Computing) The X-Ware IoT Platform provides industrial-grade implementations of IPv6 over 6LoWPAN, CoAP, and DTLS.
Technologies, Techniques, and Standards
Strong security simplifies compliance for French operators of vital industry (Help Net Security) In 2014, France’s National Agency for the Security of Information Systems, or ANSSI, issued two detailed cybersecurity guidance documents for Industrial Co
3 ways DHS is helping states with election security (FCW) A DHS official touted better relationships with state and local governments, increased information sharing and better tools as election security areas of focus before the upcoming midterm elections.
AI’s Biggest Impact in the Data Center is Cybersecurity (Data Center Knowledge) AI tools can handle more data than human security pros ever can and find anomalies that are invisible to humans.
Protecting Yourself From Ransomware (New York Times) Common sense and software can keep your system safer from security threats.
What Can We Learn from Counterterrorism and National Security Efforts? (Dark Reading) The best practices and technologies that originated in the intelligence realm can help businesses stay safer, too.
Design and Innovation
After Logan Paul incident, Google Preferred YouTube videos will face further vetting (Ars Technica) Videos with the top ads will be examined by human moderators and AI software.
Facebook plans major news feed changes (BBC News) CEO Mark Zuckerberg says he plans to make posts from businesses, brands and media less prominent.
Facebook feed change sacrifices time spent and news outlets for “well-being” (TechCrunch) CEO Mark Zuckerberg wrote on Facebook today, "I'm changing the goal I give our product teams from focusing on helping you find relevant content to helping you..
Facebook Is Deprioritizing Our Stories. Good. (Motherboard) A society that relies on a centralized portal to get its news may very well be doomed.
Research and Development
Power-Hog Bitcoin May Find Answers in Scientific Bounty Hunt (SWI swissinfo.ch) Methods used by computers programmed to run a 350-year-old equation may also offer answers to bitcoin’s out-sized demand for ...
Pulses of light to encrypt data and protect security of cryptocurrencies (EurekAlert!) Data travels through thousands of miles of fiber optic cables underneath the world's oceans--via pulses of light. And according to experts, the data in these cables is at great risk of being intercepted. However, a newly designed frequency comb--recently developed by researchers at the USC Viterbi School of Engineering might be an effective tool for data encryption.
Academia
5 Baltimore city high school students got top secret clearances, and are interning at the NSA (Technical.ly Baltimore) The Carver VoTech High School students are the first from the city to participate in the NSA's work study program. Delali Dzirasa of Fearless and Aisha DaCosta of I Am OKah talk about getting the program off the ground.
Good Will Hacking: How Brooklyn Is Training Cyber Sleuths (The Bridge) A new degree program at NYU Tandon is part of the city's effort to address a critical shortage of cybersecurity experts
Cyber Security Challenge UK Appoints New CEO (Infosecurity Magazine) Colin Lobley will take up the role following the death of Stephanie Daman
Legislation, Policy, and Regulation
Interview: Former British intelligence director calls for enforced rules in cyberspace (Xinhua) The Internet "cannot be a values-free area" and the government needs to closely collaborate with tech companies to counter online illegality and ensure cyber security, said Robert Hannigan, former director of Britain's Government Communications Headquarters (GCHQ).
Abe to seek Estonia's help in cyberdefense on European tour (Nikkei Asian Review) Baltic and Balkan visit will also focus on IT, politics and economy
What’s Behind Vietnam’s New Military Cyber Command? (The Diplomat) The institution is just the latest move by the government to respond to growing challenges in the cyber realm.
New bill bans US government agencies using contractors with Huawei or ZTE tech (TechCrunch) There's more misery ahead for Huawei, which just saw AT&T pull out of a deal to carry its first smartphone, and fellow Chinese tech firm ZTE. The duo..
Litigation, Investigation, and Law Enforcement
GDPR Meltdown: EU Regulator Sends Warning on Chip Flaws (Digital Guardian) Failing to patch the Meltdown and Spectre processor flaws could expose organizations to steep fines under the EU’s General Data Protection Regulation (GDPR) officials in the UK have warned.
Democratic report warns of Russian meddling in Europe, US (Federal Times) A new report by Senate Democrats warns of deepening Russian interference throughout Europe and concludes that even as some Western democracies have responded with aggressive countermeasures, President Donald Trump has offered no strategic plan to bolster their efforts.
Russia dismisses Democratic US Senate report as unfounded (Federal Times) The 200-page report is the first from Congress to detail alleged Russian efforts to undermine democracies since the 2016 U.S. presidential election. Putin’s spokesman, Dmitry Peskov, said “the accusations of alleged meddling leveled against our country are absolutely unfounded.”
Director Addresses Cyber Conference (Federal Bureau of Investigation) At the International Conference on Cyber Security in New York, FBI Director Christopher Wray discussed how the FBI is evolving to stay ahead of threats in the digital age.
Ten biggest fines dished out by the ICO (CRN) Following Carphone Warehouse's £400,000 penalty, we count down the 10 biggest fines handed down by the UK's data watchdog
Facebook settles after 14-year-old sues over n[*]de image reposting (Naked Security) The alleged extortionist, still facing charges, reposted the image to shame sites multiple times. Why didn’t Facebook use hashes to stop it?
Blue Coat granted non-infringement ruling in Finjan patent case (World Intellectual Property Review) Cyber security company Blue Coat Systems has been granted a judgment of non-infringement in a cyber security patent case.
Whiffyleaks: Julian Assange told to take shower (Times) Julian Assange’s poor hygiene has played a role in the latest agitations by Ecuador to extricate him from his five-year standoff in its embassy, a well-placed source has told The Times. Staff at...
Drunk droning could cost you jail time in New Jersey (Naked Security) The New Jersey law would make inebriated droning a disorderly person’s offense.