Cyber Attacks, Threats, and Vulnerabilities
Iran ready to launch cyber attacks against the west, warn threat intelligence specialists (Computing) Iran to respond to sanctions with a new wave of cyber attacks on banks, governments and critical infrastructure,Security ,hacker,Government,Iran,Levi Gundert,nuclear,Recorded Future
Industry Reactions to Iran Cyber Retaliation Over U.S. Nuclear Deal Exit (SecurityWeek) Industry professionals comment on the possibility that Iran will launch cyberattacks in response to the US’s withdrawal from the nuclear deal
Release of Thousands of Russia-Linked Facebook Ads Shows How Propaganda Sharpened (Wall Street Journal) Newly released documents show how Russian propagandists on Facebook grew increasingly sophisticated and inflammatory in their tactics over two years as they worked to sow discord in the U.S. before and after the 2016 presidential election.
Five Types of Facebook Memes Russia Used to Influence the 2016 US Election (Motherboard) A giant data dump from Congress revealed a ton of Russian memes, aimed at Americans around the presidential election.
Vigilante Hacks Government-Linked Cyberespionage Group (Motherboard) Earlier this month, Kaspersky published research on the so-called ZooPark group, which ran a hacking campaign towards Android devices across the Middle East. Now, a hacker has allegedly stolen ZooPark's own data and provided it to Motherboard.
Georgia’s Anti-Hacking Bill Dies By Veto, Taking an Outspoken Hacking Group with It (Government Technology) The group of hackers who claim to have penetrated several Augusta networks said it will disband now that the legislation will not become law.
Alexa and Siri Can Hear This Hidden Command. You Can’t. (New York Times) Researchers can now send secret audio instructions undetectable to the human ear to Apple’s Siri, Amazon’s Alexa and Google’s Assistant.
Electroneum Cryptomining Targets Microsoft IIS 6.0 Vulnerability (Dark Reading) New campaign shows that there are still systems exposed to the year-old CVE-2017-7269 vuln on an operating system that was declared end-of-life three years ago.
New Vega Stealer shines brightly in targeted campaign (Proofpoint) Proofpoint researchers describe a new information stealer distributed in a campaign with unusual targeting.
Malicious Chrome extensions infect 100,000-plus users, again (Ars Technica) Over two months, seven extensions stole credentials and installed currency miners.
Many Vulnerabilities Found in OPC UA Industrial Protocol (SecurityWeek) Kaspersky researchers find a significant number of vulnerabilities in OPC UA, a widely used industrial communications protocol
Kaspersky Lab Finds 17 Critical Vulnerabilities in OPC UA (Computer Business Review) Kaspersky identified 17 zero-day vulnerabilities during the protocol’s implementation that could result crippling cyberattacks
TreasureHunter PoS Malware Source Code Leaked Online (SecurityWeek) Source code of the TreasureHunter point-of-sale (PoS) malware was leaked online in March, according to Flashpoint, raising concerns that new variants will soon emerge.
Oh, Joy! Source Code of TreasureHunter PoS Malware Leaks Online (BleepingComputer) On the malware scene, there is no clearer sign of trends to come than the leaking of a malware family's source code. Based on this assumption, we can now expect an influx of Point-of-Sale malware in the coming months after the release of the source code of the TreasureHunter PoS malware on a Russian-speaking cybercrime forum.
TreasureHunter Source Code Leak Makes Payload, Builder Available to All (Flashpoint) The source code for the notorious TreasureHunter point-of-sale malware and its GUI builder and admin panel have been leaked. The TreasureHunter source code leak was discovered by Flashpoint researchers and advanced mitigations have been updated by Cisco in its Snort and ClamAV rules.
GPON Exploit in the Wild (I) - Muhstik Botnet Among Others (360 Netlab Blog) On May 1st, VPN Mentor disclosed two vulnerabilities against GPON home router. Since then, at least 5 botnet families have been actively exploiting the vulnerability to build their zombie corps, including mettle, muhstik, mirai, hajime and satori. It is the first time we have seen so many botnets competing for
Watch out: photo editor apps hiding malware on Google Play (Naked Security) Innocent-looking apps with ad clicker malware have bypassed Google’s safeguards
Hacker Kevin Mitnick shows how to bypass 2FA (TechCrunch) A new exploit allows hackers to spoof two-factor authentication requests by sending a user to a fake login page and then stealing the username, password, and session cookie. KnowBe4 Chief Hacking Officer Kevin Mitnick showed the hack in a public video. By convincing a victim to visit a typo-squatting…
Packets over a LAN are all it takes to trigger serious Rowhammer bit flips (Ars Technica) The bar for exploiting potentially serious DDR weakness keeps getting lower.
GandCrab Ransomware Found Hiding on Legitimate Websites (Threatpost) The GandCrab ransomware continues to virulently spread and adapt to shifting cyber-conditions, most recently crawling back into relevance on the back of several large-scale spam campaigns.
Chinese Robocalls Bombarding The U.S. Are Part Of An International Phone Scam (NPR.org) The Mandarin-language messages are part of a "parcel scam" that falsely accuses Chinese immigrants of money laundering and then extorts them.
ATM attacks: How hackers are going for gold (Help Net Security) Imagine winning the lottery and having an ATM spit huge amounts of cash at you. That’s exactly what some cyber criminals are after. They’re targeting ATMs and launching “jackpotting” attacks, forcing them to dispense bills like a winning slot machine.
Nigerian BEC Scammers Growing Smarter, More Dangerous (Threatpost) Nigerian-based cybercriminals are growing more dangerous as they add sophisticated tools to their arsenal, including complex remote access trojans, a new report reveals.
Nest warns user of password breach - but not from its own systems (Computing) Smarthome vendor did the right thing says the Internet Society,
EE Fix Portal Which Was Secured with 'Admin' Password (Infosecurity Magazine) EE fix portal flaw accused of exposing over two million lines of private source code
5,000 Routers With No Telnet Password. Nothing to See Here! Move Along! (BleepingComputer) A Brazilian ISP appears to have deployed routers without a Telnet password for nearly 5,000 customers, leaving the devices wide open to abuse.
Cyber attack affects Goodyear’s payment processing system (The Seattle Times) Officials in Goodyear say a cyber attack has affected the software in the city's payment processing system. The city became aware of the situation early Monday. Goodyear officials say customers who paid the city using a...
Can Google Be Selling the Future Using our Personal Data? (TechnoStalls) Google CEO Sundar Pichai stood on platform in the organization’s annual programmer conference on Tuesday and gathered a number of its innovative technology: a helper that may schedule appointments for you on the telephone, customized suggestions from Google Maps, and also a new feature which may help complete your paragraphs as you form an email. It …
Google sells the future, powered by your personal data (NBC News) Personal data collection practices are in the hot seat. So why isn't Google, which collects more data than Facebook, feeling the heat?
Security Patches, Mitigations, and Software Updates
LG resolves keyboard vulnerabilities which allow remote code execution attacks (ZDNet) The severe security flaws impact mainstream LG smartphones.
How to use Confidential Mode in Gmail (TechRepublic) Gmail's new Confidential Mode has been rolled out. This how-to walks you through the process of making use of this dealing-making feature.
Patch Tuesday problems, fixes — but no cause for immediate alarm (Computerworld) Important takeaways from this month’s Patch Tuesday: Get Win10 1803 updated if you can, but watch out for bogus lingering partitions; Remote Desktop flakiness has a solution; and the VBScript zero-day reiterates how badly broken patching has become.
Windows-crashing bug not patch-worthy, says Microsoft (Naked Security) When is a bug not a bug? That’s the question raised by researcher Marius Tivadar’s latest Windows-crashing proof of concept.
Cyber Trends
75% of cybersecurity professionals see the benefits of AI (Gigabit Magazine) According to new report from Exambeam, three quarters of cybersecurity professionals believe that artificial intelligence (AI) and machine learning (ML) are beneficial to their roles.
Netwrix Survey: Government’s rapid cloud adoption lacks security (Netwrix) The 2018 Netwrix Cloud Security: In-Depth Report found that 74% of government agencies plan to move more data to the cloud, but only 13% feel that it has improved their security
One Year After WannaCry: What's Changed & What Hasn't? (May 12 Marks One Year) (Information Security Buzz) With the one-year anniversary of WannaCry (May 12th) approaching, two cybersecurity experts with Juniper Networks commented below on what’s changed and what hasn’t, and advice on what works to minimize the impacts of ransomware attacks. Mounir Hahad, Head of Juniper Threat Labs at Juniper Networks: “Immediately after the WannaCry epidemic last year, most security researchers advised people to disable SMBv1 …
Organisations across the UK are still struggling with ransomware (Help Net Security) A year after the WannaCry ransomware attack impacted an estimated 200,000 victims, new research has revealed that organisations across the UK are still struggling to deal with ransomware.
Marketplace
What are you worth? The Exabeam Security Professionals’ Salary, Job Satisfaction, and Technology Outlook Report (Exabeam) The Exabeam 2018 Cyber Security Professionals Salary and Job Report is based on a global survey of 481[...]
Chinese phonemaker ZTE near collapse after parts run out because of U.S. sanctions (Los Angeles Times) The No. 2 Chinese telecom equipment manufacturer said Thursday its three main divisions — network gear, devices and enterprise solutions — have all but halted sales and aren’t bringing in sizable income, a person familiar with the matter told Bloomberg.
Symantec shares slump after revealing internal investigation (Register) It's not a security problem, but full-year results will likely be late
Cyber security firm Avast falls in LSE's biggest debut of the year (Reuters) Cyber security firm Avast shares were down 2.6 percent in early trade on Thursday in the London Stock Exchange's biggest debut in almost a year.
Valve debuts public bug bounty board in an effort to improve security (Gamasutra) Valve is joining Nintendo, Oculus, and a litany of other tech companies in establishing a public bug bounty program to encourage folks to report security vulnerabilities in its services.
DB Networks Announces Company Name Change to DB CyberTech (PR Newswire) DB CyberTech, a pioneer in machine learning based predictive database data...
Products, Services, and Solutions
New infosec products of the week: May 11, 2018 (Help Net Security) Infosec products of the week include releases from Blue Cedar, NOS Microsystems and Onapsis.
Oracle CEO Mark Hurd: How To Instantly Prevent 95% Of Database Cyberattacks (Forbes) As Oracle expands its Autonomous Cloud services and looks to claim a leadership position in cloud cybersecurity, CEO Mark Hurd said this week that 95 percent of cyberattacks are on databases that administrators have failed to patch for more than 9 months—and that Oracle's Autonomous Database can instantly drive that deeply alarming figure to zero.
GRIDSMART Creates First of Its Kind Cybersecurity Division to Tackle Road Infrastructure Transportation Security Threat (BusinessWire) GRIDSMART Technologies, Inc., announced the formation of a first-of-its-kind cybersecurity group to help the transportation industry.
With Android P, Google Stops Playing Catch-Up on Security (PCMAG) Google I/O makes it clear that Google is ready to do more with Android and do it securely. That includes controlling an insulin pump with your phone.
Microsoft Offers a Peek at Its IoT DevelopmentsMicrosoft Offers a Peek at Its IoT Developments (Automation World) With a focus on manufacturing at the recent Hannover Fair, Microsoft unveiled extensions of its Azure IoT Suite related to security, on-premise...
Technologies, Techniques, and Standards
Ready or Not: Transport Layer Security 1.3 Is Coming (Dark Reading) Better encryption could mean weaker security if you're not careful.
Three IoT encryption alternatives for enterprises to consider (SearchSecurity) There are several key IoT encryption alternatives for connected devices that pose certain risks and benefits. Discover each alternative with expert Judith Myerson.
26% of Companies Ignore Security Bugs Because They Don’t Have the Time to Fix Them (BleepingComputer) A survey compiled last month at the RSA security conference reveals that most companies are still behind with proper security practices, and some of them even intentionally ignore security flaws for various reasons ranging from lack of time to lack of know-how.
The Multiplier Effect of Collaboration for Security Operations (SecurityWeek) Enabling collaboration and coordination across all security teams to accelerate security operations should be the norm.
Detecting Bad Actors Early in the Kill Chain (Security Boulevard) Cybersecurity borrows a lot of terms and tactics from the military, and kill chain is one such term used to describe the steps an attacker takes to perform a breach. Malware attacks are among the most prevalent threats that enterprises face, and there are
Cyber training needs pain and consequences (C4ISRNET) Fully experiencing the disruptions caused by cyberattacks during training exercises can provide important lessons for commanders on how to deal with network attacks in the field, according to experts who spoke at the 2018 C4ISRNET conference.
IBM bans USB drives – but will it work? (Naked Security) Can you blindly ban all USB drives, or will it lead to “shadow IT” where staff use them anyway? Sophos CISO Ross McKerchar has his say…
Design and Innovation
Risky Business: Deconstructing Ray Ozzie's Encryption Backdoor (Dark Reading) With the addition of secure enclaves, secure boot, and related features of Clear, the only ones that will be able to test this code are Apple, well-resourced nations, and vendors who sell jailbreaks.
Opinion | Could Google’s creepy new AI push us to a tipping point? (Washington Post) Our machines so far have been at once humanlike and machinelike enough to set us at ease.
How to Tell If You’re Talking to a Robot (Motherboard) Mundane small talk could unravel an artificially intelligent phone assistant's otherwise-realistic speech patterns.
Facial Recognition Tech Is Creepy When It Works—And Creepier When It Doesn’t (WIRED) It's a powerful tool, but recent incidents have shown that there's no winning with facial recognition.
Verizon’s Open Innovation Lab Shows Off 5G Use Cases (Wireless Week) Verizon on Monday opened the doors of its 5G-enabled Open Innovation Lab at Alley in New York City to give reporters a peek at some of the applications that a handful of startups and universities are cooking up.
Research and Development
DARPA multidomain program to focus on ‘kill webs’ (C4ISRNET) If the U.S. is serious about bringing a greater capability to bear on the adversary, how can the military plan and manage across domains?
‘It’s Either a Panda or a Gibbon’: AI Winters and the Limits of Deep Learning (War on the Rocks) From a Nobel Laureate on the MIT faculty: “Intuition, insight, and learning are no longer exclusive possessions of human beings: any large high-speed computer can be programed to exhibit them also.” Herbert Simon wrote this in 1958. Could it have been last week? Today, the defense community is considering artificial
CIA to Use Amazon Cloud to Run Big Data Intelligence Experiments (Bloomberg Government) The Central Intelligence Agency is looking to team up with industry experts to run a series of open-source intelligence projects using its Amazon cloud.
How the big data revolution is a game changer for intel (C4ISRNET) The deputy director of the National Geospatial-Intelligence Agency spoke candidly about how big data is transforming his agency and what they're doing to keep up.
Legislation, Policy, and Regulation
Cyber deterrence is about more than punching back (FCW) Politicians and experts routinely call for a strategy that imposes costs on nation states for cyberattacks, but going on offense isn't always the answer.
US introduces legislation for Chinese tech sales (ZDNet) Citing national security and intellectual property theft, the proposed Fair Trade with China Enforcement Act would also prevent Huawei and ZTE equipment and services from being sold to government in the US.
ZTE is now center stage in the US-China trade fight (CNNMoney) If Chinese tech company ZTE falls, the shock waves will be felt around the globe.
Trump Administration Vows to Maintain U.S. Edge in AI Technology (Wall Street Journal) White House officials promised to keep the U.S. in the lead on emerging artificial-intelligence technologies, despite competition from China and worries about potential impacts on American workers.
The Trump Administration Plays Catch-Up on Artificial Intelligence (WIRED) At the Trump White House's first major engagement with leaders in AI, the administration mostly watched and learned.
Intel Editorial: The U.S. Needs a National Strategy on Artificial Intelligence (BusinessWire) In an opinion editorial, Intel CEO Brian Krzanich says the U.S. needs a national strategy on artificial intelligence.
Committee urges broader election security protections (GCN) The Senate Select Committee on Intelligence is calling for states to protect voter registration databases, assess voting machines for risk and deploy better detection technology across their election infrastructure.
Four Cybersecurity Policies Transforming Government (SIGNAL) These directives begin impacting agencies this year.
A bureaucratic mess (Federal Times) How the formation of a cyber center turned into a personnel scandal at the Department of Health and Human Services.
Bolton, team mull eliminating White House cybersecurity coordinator position (SC Media US) President Obama fulfilled a campaign pledge to prioritize cybersecurity by creating the position and tapping the late Howard Schmidt in 2009 as the first White House cybersecurity coordinator.
Bolton’s Magnificent Idea: Nix the White House Cyber Czar (Lawfare) John Bolton wants to get rid of the White House cybersecurity coordinator position. What could go wrong?
Gina Haspel and the Enduring Questions About Torture (The New Yorker) At her confirmation hearing, the nominee to head the Central Intelligence Agency faced intense questioning over the morality of enhanced interrogation.
Litigation, Investigation, and Law Enforcement
6 States Hit Harder By Cyberattacks Than Previously Known, New Report Reveals (NPR.org) Two years later, the report underscores that it's hard to know with complete certainty the extent of the Russian cyberattacks.
Ex-CIA agent charged with spying for China (Axios) A suspected mole, and how the CIA's network in China collapsed
Man Charged With Hacking Into and Defacing Military and Government Websites (New York Times) A California man is believed to have accessed sites for West Point’s Combating Terrorism Center and the New York City Comptroller’s Office, along with thousands of others.
California Man Arrested For Hacking Websites For The Combating Terrorism Center At West Point And The New York City Comptroller (US Department of Justice) The Defendant Committed More Than 11,000 Defacements of Various Military, Government, and Business Websites Around the World Using the Online Pseudonym “Alfabetovirtual”
Report: Bitcoin money laundering suspect spared from prison poison plot (Ars Technica) "There are people who are extremely interested in him not coming to Russia."
D.C. Police Sought a Contract With Palantir, But It Never Materialized (Washington City Paper) Residents who want to weigh in on big data policing in D.C. should study up on contracting and procurement.
FCC slaps robocaller with record $120M fine, but it’s like ’emptying the ocean with a teaspoon’ (TechCrunch) Whoever thought we would leave telemarketing behind in this brave new smartphone world of ours lacked imagination. Robocalls are a menace growing in volume and even a massive $120 million fine leveled against a prominent source of them by the FCC likely won't stem the flood.