Cyber Attacks, Threats, and Vulnerabilities
Chinese military to replace Windows OS amid fears of US hacking (ZDNet) Chinese military won't move to Linux, but develop a custom OS instead.
First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records (KrebsOnSecurity) The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. [NYSE:FAF] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity.
885M Financial Records—Dating Back 16 Years—Exposed Online (WIRED) Real estate giant First American left Social Security numbers, tax documents, and more publicly available.
Security blog reports that First American left hundreds of millions of records exposed (Washington Post) A leading mortgage settlement and title insurance company, First American Financial Corporation, left hundreds of millions of customer records accessible on the web, including personal information such as Social Security numbers, according to a report on a security blog Friday.
Intense scanning activity detected for BlueKeep RDP flaw (ZDNet) A threat actor hidden behind Tor nodes is scanning for Windows systems vulnerable to BlueKeep flaw.
Canva under cyber-attack, with reportedly as many as 139 million users affected (Business Insider Australia) Australian-founded global graphic design website Canva has experienced what it describes as a “security incident” and is advising users to change their passwords.
Canva hacked - user details accessed, but passwords safe (CRN Australia) 130m+ users urged to pick new passwords, FBI helping to find culprits.
MySQL databases targeted for installing GandCrab on Windows servers (2Spyware) Hackers deploy GandCrab ransomware with the help of malicious SQL commands. Security experts uncovered a unique set of attacks that employ Windows machines running the open-source
In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc (New York Times) American cities are being hijacked with an N.S.A. cyberweapon that has already done billions of dollars in damage overseas. The N.S.A. will say nothing.
Analysis | The Cybersecurity 202: Security pros divided over NSA's responsibility for Baltimore hack (Washington Post) The NSA lost the tool but Baltimore didn’t protect against it
American towns under cyberattack from an NSA-built software (PBS NewsHour) Over the last few weeks, the city of Baltimore essentially went offline after a cyberattack was followed by a ransom demand which the city refused to pay. According to the New York Times, ‘EternalBlue’, the software that wreaked havoc in Baltimore and other cities, was actually created by the National Security Agency. New York Times reporter Scott Shane joins Hari Sreenivasan for more.
Hackers Reportedly Used Leaked NSA Cyber Tool In Baltimore Ransomware Attack (WBAL) A New York Times article released on Saturday reports that a leaked NSA cyber tool called "Eternal Blue" was a key component used in the cyber attack on Baltimore City Government computer systems.
Infosec pros defend NSA against NYT claims on EternalBlue (iTWire) A number of information security professionals in the US have sharply criticised The New York Times over an article it ran recently, claiming that a r...
Baltimore is not EternalBlue (CyberSecPolitics) Recently a misleading and terribly researched article (via Nicole Perlroth and Scott Shane ) came out in the NYT which essentially blam...
Baltimore ransomware attack linked to leaked NSA EternalBlue exploits (SiliconANGLE) Baltimore ransomware attack linked to leaked NSA EternalBlue exploits - SiliconANGLE
NSA Involved in US Cyberattacks (KoDDoS Blog) The US city of Baltimore has been under attack for nearly three weeks by cyber extortionists. Thousands of computers have been frozen. Email, as well as online real estate, utility, social, and health services have been disrupted.
Baltimore political leaders seek briefings after report that NSA tool was used in ransomware attack (Baltimore Sun) A congressman representing Baltimore seeks a briefing from the NSA after a report that a tool developed by the agency was used to spread ransomware.
Cyber-spies tight-lipped on Baltimore hack (BBC News) Politicians seek briefings from the US cyber-agency over claims it has links to a ransomware breach.
Report: Chinese Spies Stole NSA Hacking Tools (WLTZ) Share This Story:TwitterFacebookLinkedinMore(CNN) – North Korea, Russia and now China. Security experts say state hackers from all three countries have used the same tool to carry out cyberattacks. A tool created by the U.S. government. It’s called Eternalblue and it was built by the National Security Agency. At first, it was a reliable tool used in countless intelligence-gathering and counterterrorism...
NYT: Component of ransomware gripping Baltimore was developed by NSA (WBAL) The New York Times is reporting that a key component of the ransomware gripping Baltimore City government was developed by the National Security Agency.
Researchers find inherent security flaws in FPGAs (eeNews Europe) Field Programmable Gate Arrays (FPGAs) are electronic components that can be used more flexibly than standard processors. They are also used in large data centers for cloud services. Until now, the use of such services has been considered relatively safe. But researchers at the Karlsruhe Institute of Technology (KIT) have now found potential entrance gates for cyber-criminals.
Fake Pelosi video sparks fears for campaigns (TheHill) A fake video of House Speaker Nancy Pelosi (D-Calif.) posted to Facebook on Thursday that was edited to make her appear drunk is underscoring a quickly evolving danger for 2020 campaigns.
Vulnerability Summary for the Week of May 20, 2019 (US-CERT) The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Space: New cybercrime battlefield? (Deccan Chronicle) Satellites and Space Stations, despite being in space, are susceptible to cyberattacks.
Interpol intervenes in Fort Collins-Loveland Water District cyberattack (Coloradoan) Memo: No customer information was breached in cyberattack on water district; Interpol found key to unlock data
The Bitcoin Cash Hardfork – Three Interrelated Incidents (BitMex) The 15 May 2019 Bitcoin Cash hardfork appears to have suffered from three significant interrelated problems.
Briefing: Hackers hit Chinese ride-hailing firm Yidao, demand large sums of bitcoin (TechNode) Just days ago, the company’s platform suffered from a system malfunction, which affected users’ account balances.
Family finances: Don't get hooked by fake messages (Chicago Tribune) Phishing schemes can come in the form of emails, texts, social media messages or phone calls that try to extract personal information from you or infect your
Security Patches, Mitigations, and Software Updates
BlueKeep RCE Flaw Gets Micropatch for Always-On Servers (BleepingComputer) The 0patch platform issued a fix for the Remote Desktop Services RCE vulnerability known as BlueKeep, in the form of a 22 instructions micropatch which can be used to protect always-on servers against exploitation attempts.
Safari test points to a future with tracker-free ads (Naked Security) Apple thinks it has come up with a way for advertisers to track how well their ads are doing without compromising user privacy.
Cisco vulnerability fix for thrangrycat carries risks (SearchNetworking) The Cisco vulnerability fix for thrangrycat-affected hardware is risky. But the vendor said it's prepared to replace routers and switches that become unusable.
Cyber Trends
Cyber adversaries flock to apps where the users are online and active (BW CIOWORLD) Fortinet Threat Landscape Report Reveals Nearly 60% of Threats Shared at Least One Domain, Indicating the Majority of Botnets Leverage Established Infrastructure
Snapchat Privacy Faux Pas Piques Concerns About Insider Threats (Threatpost) After a report found that Snap employees were abusing their access to Snapchat data, experts are warning that insider threats will continue to be a top challenge for privacy.
Digital Transformation Is Undermined by Telcos’ Lack of Agility, Finds Cato Networks Survey of More Than 400 IT Executives (Cato Networks) Respondents complain about long problem resolution times and lack of innovation with telcos.
Bitcoin price reaches a 12 month high: Why the 'crypto winter' may be over (The Telegraph) In the final weeks of 2017, Bitcoin’s price was rising at a seemingly inexorable rate.
Strides in Altcoin Launches Are Helping to Fuel the Crypto Bull Run (Bitcoinist.com) After more than a year, crypto is making a comeback. Analysts aren’t predicting the same price mania we saw in 2017, the market sentiment is bullish.
Ethiopia records 488 cyber attacks in 9 months
(Xinhua) Ethiopia has recorded 488 cyber attacks in the last nine months of the current Ethiopian Fiscal Year 2018/19 that started on July 8, an Ethiopian official said on Friday.
Just over half of UK firms don’t have a cyber resilience plan (ComputerWeekly.com) Many UK firms still lack cyber resilience and data protection capabilities covering email a year after the implementation of the GDPR aimed at improving personal data protection
Marketplace
F.A.Z. exklusiv: Siemens, Bosch und SAP prüfen Geschäftsbeziehungen mit Huawei (Frankfurter Allgemeine) Im Handelskrieg zwischen den Vereinigten Staaten und China gerät die deutsche Wirtschaft immer stärker in die Schusslinie. „Die Entflechtung der chinesischen und westlichen Wirtschaft läuft längst“, sagt ein Fachmann der F.A.Z.
Microsoft Pulls Huawei Products From One of Its Cloud Server Catalogs (Bloomberg) Software maker still hasn’t said whether it is rescinding Huawei’s Windows license.
Exclusive: Huawei reviewing FedEx relationship, says packages... (Rueters) Chinese telecoms equipment maker Huawei is reviewing its relationship with FedEx...
Huawei’s Yearslong Rise Is Littered With Accusations of Theft and Dubious Ethics (Wall Street Journal) The Chinese giant says it respects intellectual property rights, but competitors and some of its own former employees allege the company goes to great lengths to steal trade secrets.
Moody's Downgrading of Equifax Is a Message to Boards (Infosecurity Magazine) Downgrading Equifax's outlook is a warning in a language boards can understand.
Cybersecurity survey spotlights insurers' core capabilities (PropertyCasualty360) There are several core traits shared by insurers that are operating at the highest cybersecurity level.
Heimdal™ Security acquires BasicBytes and launches Thor AdminPrivilege™ (Heimdal Security Blog) Heimdal Security A/S has acquired the BasicBytes IVS. Heimdal™ plans to further develop it and is launching unique techs like AdminPrivilege.
The Raytheon Company Is Sitting On Nearly $1.5bn Of Free Money (Seeking Alpha) Raytheon, a federal defense contractor valued as such, is the 80% owner of cybersecurity software company Forcepoint.
Palantir's Hotly Anticipated IPO Set to Slide to 2020 (Bloomberg) The 15-year-old startup is taking its time preparing for its stock market debut.
UNITED ARAB EMIRATES : Abu Dhabi's Protect takes over DarkMatter's cyber-offensive role (Intelligence Online) Abu Dhabi's cyber-attack firm Protect is likely to be a talking point at the upcoming ISS, which opens in Prague on May 28.
Carbon Black: Examining The Growth Story (Seeking Alpha) Hyper-growth stories needs to be backed by numbers. A congested cybersecurity space is putting a drag on Carbon Black's momentum. What is a good price?
Cyber firm Deep Instinct gets deal to secure HP laptops (Reuters) HP Inc is working with Israeli cybersecurity firm Deep Instinct to launch HP Sur...
Big Four dominate cyber security job space (Accountancy Daily) KPMG and PwC are the UK's biggest recruiters of cyber security experts, with EY and Deloitte close behind, making the Big Four the country’s top four cyber employers
Products, Services, and Solutions
Bittium Launches New Ultra Secure Bittium Tough Mobile™ 2 Smartphone (PR Newswire) Bittium, the provider of world's most secure smartphone-based communication systems, launches the ultra secure...
Integrated WhiteHawk and EZShield product a game changer (Finfeed) The WhiteHawk CyberPath AI Questionnaire used by customers to create a cyber risk profile and maturity assessment is now integrated into the EZShield Small Business Suite online platform.
Hunchly is Perfect for Cyber Security Research (Hunchly) Keep track of all your steps when researching threat actors. Easily bring Hunchly data into your other research tools.
L&T Technology Services and Kudelski Group join forces to deliver simple and secure industrial and automotive IoT solutions (ANI News) Bengaluru (Karnataka) [India] May 28 (ANI/BusinessWire India): L&T Technology Services (LTTS'), a leading global pure-play engineering services company and the Kudelski Group, a leader in digital security, today announced a multi-faceted partnership to enable connected cars and industrial systems with robust device identity and protect the device, data, decisions, commands and actions.
Technologies, Techniques, and Standards
The Pentagon has its own island off New York where nobody can go that it's using to run war games for a giant cyber attack on power grid (Business Insider) DARPA ferries specialists to Plum Island, a restricted site in the Long Island Sound, to train for a worst-case cyber war scenario.
S4 presentation on cyber security of Level 0,1 devices (Control Global) The January 2019 S4 presentation on cyber security of Level 0,1 devices and actual case histories is on Dale Peterson’s Youtube channel - https://www.youtube.com/watch?v=c2gK8Zp6dv8&feature=youtu.be
Army to deliver network updates every 2 years (C4ISRNET) This approach to incrementally improve capability is a departure from previous efforts, where the Army was locked into one vendor and one technology set.
Key Insights from a Simulated Cyber-Attack on Your Business (PaymentsJournal) Red team operations have become an increasingly popular way for businesses to evaluate and test their cyber security. In fact,
Influential Hacker Has Tips on How to Do Cybersecurity Better (Wall Street Journal) Securing corporate data and networks from hackers is complex and challenging, but companies compound their problems by making many needless errors, according to serial entrepreneur and hacker Dug Song.
Act fast to recover assets after cyber fraud (CSO Online) Here's what companies can do to recover lost assets in the wake of a data theft or a BEC scam.
All the Ways Google Tracks You—And How to Stop It (WIRED) Google knows more about you than you might think. Here's how to keep it from tracking your location, web browsing, and more.
What is EMV 3-D Secure? (FIME) EMV 3-D Secure, EMV 3DS, Mastercard, Visa
Research and Development
The Pentagon is Trying to Secure Its Networks Against Quantum Codebreakers (Nextgov.com) The Defense Information Systems Agency is exploring new encryption strategies that could withstand an attack from quantum computers.
Academia
The National Guard's cyber escape room (GCN) The Massachusetts Army National Guard is building a cyber and network security themed escape room it can take to schools to get students interested in cybersecurity.
Legislation, Policy, and Regulation
German Minister Wants Secure Messengers To Decrypt Chats (BleepingComputer) Germany's Interior Minister Horst Seehofer purportedly wants to force messaging providers such as WhatsApp, Telegram, and Threema to provide plain text chats to law enforcement agencies on a court order as reported by Der Spiegel and from a number of other German news outlets.
Germany demands an end to working cryptography (Boing Boing) Germany's Interior Minister Horst Seehofer -- a hardliner who has called for cameras at every "hot spot" in Germany -- has announced that he will seek a ban on working cryptography in Germany; he will insist that companies only supply insecure tools that have a backdoor that will allow the German state to decrypt messages and chats on demand.
Backbytes: If social media firms can see inside black holes they can create cast-iron age verification, claims Children's Commissioner Anne Longfield (Computing) Who on Earth would drive a Facebook driverless car?
Japan to limit foreign ownership of firms in its IT, telecom sectors (Reuters) Japan's government said on Monday that high-tech industries will be added t...
()
Huawei: Beijing Retaliates, New Cyber Law Could Block U.S. Technology From China (Forbes) At the end of a nightmare week for Huawei, with its smartphone supply chain seeming to evaporate in the wake of U.S. sanctions coming into effect, Beijing has now hit back with its own proposed cybersecurity laws which could be used to restrict U.S. tech from being sold in China's vast marketplace.
Is Huawei a security threat to Canada? Risks could be closer to home, says columnist (CBC) Canada is under pressure to ban Huawei from supplying technology to build the country's 5G wireless network, a move that allies like Germany and Australia have already undertaken. We talk to a panel of experts to discuss the security risks, and the politics.
History Gives No Clues To Trump-Huawei Endgame (Law360) President Donald Trump’s recent blacklisting of Huawei marked the second time in just over three years that the U.S. moved to block a Chinese telecom giant from the domestic supply chain. But unlike before, the path to a resolution of this high-stakes trade dispute is not immediately clear.
Trump Linking Huawei Sanctions With Trade Defies Security Claims (Bloomberg) Concessions could include exceptions to blacklist, import ban. Can soybean sales help to free Huawei executive, analyst asks.
Trump’s feud with Huawei and China could lead to the balkanization of tech (MIT Technology Review) Trade barriers and immigration controls might lead different countries to adopt incompatible products, impeding global innovation.
Trump Wants to Wall Off Huawei, but the Digital World Bridles at Barriers (New York Times) Washington argues that global leaders must choose between an internet of Western values and one based on an authoritarian regime. If they do, how will data be divided? And would a self-reliant China be an even greater threat?
If China and the US split the tech world, that could come at a cost to consumers (CNBC) Mahendra Negi, chief financial officer of Trend Micro, says if companies are forced to develop different sets of technologies, then it will raise costs and create compatibility issues.
Senators introduce new bill to out-innovate China (C4ISRNET) By coordinating standards and offering new shared resources, bipartisan legislation attempts to build a tangible advantage in artificial intelligence.
NATO Getting More Aggressive on Offensive Cyber (Defense One) Secretary General Stoltenberg says NATO pushes limits of what the alliance can do in cyberspace.
Estonia signs defense agreement with the US (Defense News) Estonia has become the last of the Baltic nations to sign a defense agreement with the Pentagon.
What the hell is a 'cyber diplomat'? (The Next Web) TNW spoke with Estonia’s first Ambassador at Large for Cybersecurity, Heli Tiirmaa-Klaar, about the new emerging field of cyber diplomacy.
Analysis | The Cybersecurity 202: FEC approves free cybersecurity for campaigns despite influence concerns (Washington Post) A nonprofit plans to give campaigns free security tools and run cyber bootcamps.
Microsoft, Facebook to help tame internet ahead of Canada's... (Reuters) Microsoft Corp and Facebook Inc have agreed to help boost the security of Canada...
Former NSA Officer Talks Dangers Of Information Ops (Cyber Security Hub) Former National Security Agency (NSA) Tailored Access Operations (TAO) Officer, and the Chief of Outreach at the Army Cyber Institute at West Point, Dr. Michael Klipstein appeared on Episode #85 of Task Force 7 Radio this week, with host George Rettas, president and CEO of Task Force 7 Radio and Task Force 7 Technologies.
What’s the Point of Charging Foreign State-Linked Hackers? (Lawfare) It’s not clear whether criminal charges against hackers deter foreign adversaries, but they are still valuable.
Our take: Interpreting recent signals from US regulatory agencies (Circle | The new shape of money) We want to highlight how recent signals from U.S. regulators are creating an uncertain environment for crypto assets, prompting us to take actions that we—and our customers and community—find deeply frustrating. The heart of our argument for a clear, forward-looking regulatory framework for crypto has long been
OMB’s new identity management policy brings CDM more to the forefront (Federal News Network) Kevin Cox, the program manager of the CDM program at the Homeland Security Department, said agencies have a need for broader capabilities with lifecycle identity access and credential management.
Former Optus exec Paul Fletcher becomes Comms Minister (CRN Australia) Mitch Fifield takes diplomatic post.
Litigation, Investigation, and Law Enforcement
How Ireland became Europe's data watchdog (BBC News) Big tech companies are feeling the heat as the General Data Protection Regulation gathers momentum.
Google Ad Exchange in data privacy probe (Naked Security) It was triggered by a complaint filed by Dr. Johnny Ryan, CPO of privacy-focused Brave browser, which is fighting Google’s search domination.
Significant GDPR enforcement action imminent (Cooley) The EU General Data Protection Regulation (the “GDPR”) has been in force for just under a year now. Prior to its coming into effect, a key topic of concern for many companies was the ability of Sup…
Intel chief warns Barr could imperil national security by declassifying documents (POLITICO) The remarks come after Trump granted Barr sweeping investigative powers Thursday.
Barr could expose secrets, politicize intelligence with review of Russia probe, current and former officials fear (Washington Post) An executive order gave the attorney general broad authority to disclose classified intelligence.
Potential clash over secrets looms between Justice Department and CIA (SFGate) President Trump's order allowing Attorney General William Barr to declassify any intelligence that sparked the opening of the Russia investigation sets up a potential confrontation with the CIA, effectively stripping the agency of its most critical power: choosing which secrets it shares and which ones remain hidden.
Opinion | Where’s the spotlight on ‘Spygate’? (Washington Post) Impeachment is a doomed undertaking, and House Speaker Nancy Pelosi knows that focusing on it would also bring a focus on possible abuses of power by a handful of FBI officials.
EU Authorities Shut Down Bitcoin Transaction Mixer (CoinDesk) A bitcoin transaction mixer has been seized and shut down by authorities in the European Union.
Navy: Sailor contacted Russians, pleads guilty to espionage (Navy Times) Electrician’s Mate (Nuclear) 2nd Class Stephen Kellogg III wanted to turn over nuclear secrets to Sevmash, Russia's largest shipbuilding enterprise, according to the FBI.
Some federal prosecutors disagreed with decision to charge Assange under Espionage Act (Washington Post) The prosecutors feared such charges posed serious risks for First Amendment protections and had other concerns, according to people familiar with the matter.
Perspective | How the new Assange indictment ‘crosses a bright red line for journalists’ (Washington Post) Press-rights advocates see serious danger in the charges that depict newsgathering as criminal acts.
NSS Labs Admits Its Test of CrowdStrike Falcon Was 'Inaccurate' (Dark Reading) CrowdStrike, NSS Labs reach confidential settlement over 2017 endpoint product testing dispute.
Exclusive: Behind Grindr's doomed hookup in China, a data misstep... (Reuters) Early last year, Grindr LLC's Chinese owner gave some Beijing-based enginee...
New Zealand Crypto Firm Hacked to Death, Seeks U.S. Bankruptcy (Bloomberg) Cryptopia still has millions in digital assets to distribute. Showdown with Arizona server company jeopardizes company data.