Cyber Attacks, Threats, and Vulnerabilities
Suicide bomber strikes military academy in Kabul (FDD's Long War Journal) An Islamic State suicide bomber struck outside the Marshal Fahim National Defense University in Kabul earlier today. It is the second time the so-called Khorasan province has attacked the academy. According to UNAMA, the jihadists launch more "suicide and complex attacks" in the Afghan capital than in any other area of the country.
Warning over 'HiddenWasp' Linux backdoor undetectable by antivirus software (Computing) China-linked HiddenWasp Linux malware is being used in sophisticated, targeted attacks.
Advanced Linux backdoor found in the wild escaped AV detection (Ars Technica) Fully developed HiddenWasp gives attackers full control of infected machines.
HiddenWasp Malware Stings Targeted Linux Systems (Intezer) Intezer has discovered a new, sophisticated malware named HiddenWasp, targeting Linux systems. Unlike common Linux malware, HiddenWasp is not focused on crypto-mining or DDoS activity, but rather it is a trojan purely used for targeted remote control.
Sophisticated HiddenWasp Malware Targets Linux (SecurityWeek) Sophisticated "HiddenWasp" malware is targeting Linux and providing attackers with remote control of the infected systems, security researchers say.
North Korean Hackers Target Crypto Exchange UPbit's South Korean Users (CoinDesk) North Korean hackers have been using a familiar phishing tool to steal UPbit customer details, security experts allege.
New Zealand’s “hacked” budget was found on a website (Naked Security) Police close their investigation, concluding that New Zealand’s “wellbeing” budget wasn’t hacked.
New Zealand Says Budget Leak Was Bungled, Not Hacked (SecurityWeek) New Zealand's Treasury Secretary Gabriel Makhlouf said his department had fallen victim to a "systematic" and "deliberate" hack, which turned out to be false.
The cryptominer that kept coming back (Naked Security) A Monero cryptominer made a home on an Apache Tomcat server and just wouldn’t stay away.
High-Risk Flaws Found in Process Control Systems From B&R Automation (SecurityWeek) Several vulnerabilities, including ones classified as “high risk,” have been found in APROL process control systems from B&R Industrial Automation.
AVEVA Vijeo Citect and CitectSCADA (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 6.5ATTENTION: Low skill level to exploitVendor: AVEVAEquipment: Vijeo Citect and CitectSCADAVulnerability: Insufficiently Protected Credentials2. RISK EVALUATIONSuccessful exploitation of this vulnerability could allow a locally authenticated user to obtain Citect user credentials.
Venafi: Four Ways Open Source Libraries Leave Organizations at Risk (BusinessWIre) Venafi warns that the growing reliance on OSLs for software development leaves many companies vulnerable to trust-based attacks
How secure is the intelligence community’s IT supply chain? (Fifth Domain) Concerned over threats to the acquisition supply chain from foreign actors, the Senate Select Committee on Intelligence included the establishment of a supply chain risk management task force in the latest Intelligence Authorization Act, approved May 14.
DoD bought phony military gear made in China, including counter-night vision clothing that didn’t actually work (Military Times) The counterfeits included clothing that used a near-infrared fabric to make the wearer more difficult for enemy forces to detect with night-vision goggles.
Report: Security Platform Leaking Hotel Security Logs, Including Marriott Properties (vpnMentor) vpnMentor’s research team has recently discovered that Marriott and other hotel brands managed by The Pyramid Hotel Group have experienced a cybersecurity ...
Report: Theta360 Data Breach Leaks Millions of Private Photographs (vpnMentor) vpnMentor‘s research team has discovered that Theta360 experienced a huge data breach. Hacktivists from our research team, Noam Rotem and Ran Locar, ...
POS Malware Found at 102 Checkers Restaurant Locations (Threatpost) One of the most popular U.S. drive-through restaurants has been hit with a data breach due to POS malware.
Data Breach – Checkers (Checkers) To Our Valued Checkers and Rally’s Guests: We recently became aware of a data security issue involving malware at certain Checkers and Rally’s locations.
Analysis Shows Poor GDPR Compliance in European Websites (SecurityWeek) A web-scanning service has analyzed the visible GDPR compliance of the 100 most popular websites in each of the 28 European member states.
Ethiopian INSA Agents Hacked: 142 agents chose the predictable password...Report (Borkena) Safety Detective which cliams to be World's largest antivirus review website says 142 agents Ethiopian Intelligence INSA agents are hacked
Microsoft's BlueKeep Bug Isn't Getting Patched Fast Enough (WIRED) At this rate, it will take years to fix a critical vulnerability that remains in over 900,000 Windows machines. A worm will arrive much sooner.
Baltimore's risk assessment called a pair of aged city computer systems a 'natural target for hackers' (Baltimore Sun) Baltimore’s IT office issued a warning that the city was using computer systems that were out of date, vulnerable to attack and not backed up.
Ransomware Succeeds Because Targets Don't Learn From History (Forbes) The recent ransomware attack on the city of Baltimore is just one more of close to 200 on governments. And it surely won't be the last, since municipalities don't seem to be learning from history.
NSA Deflects Blame for Baltimore Ransomware Attack (Nextgov.com) The city of Baltimore had more than two years to defend itself against the attack, and it’s officials’ fault they dropped the ball, according to NSA cyber chief Rob Joyce.
Luzerne County needs outside assistance to overcome cyber attack (Times Leader) Luzerne County is calling in an outside vendor to help assess the extent of damage caused by a cyber attack that has prompted the administration to shut down some computer work stations and servers…
Cyberattacks by email impersonators are on the rise (CIO Dive) Seven in 10 companies hit by email impersonation lost data, money or customers, a Mimecast survey shows. Here are three ways to stave off attackers.
Kaspersky Lab reports 61% jump in mobile banking malware (ATM Marketplace) Mobile banking Trojans are among the most rapidly developing, flexible and dangerous types of malware, according to Kaspersky Lab, which found a 61% increase in the number of files (from 18,501 to 2,841) of this type of malware between Q4...
White Nationalist Groups Banned By Facebook Are Still On The Platform (BuzzFeed News) “Facebook likes to make a PR move and say that they’re doing something, but they don’t always follow up on that.”
Gaming Industry Exploits User Addiction (Avast) The gaming industry uses psychological tactics to trigger addiction and more spending, but gamers can stay safe and sane with these tips.
Cybercrime: An Inside View from Ex-Hacker Brett Johnson (InCyberDefense) Recently, Looking Glass Solutions sponsored an event featuring Brett Johnson. Johnson said that there are only three reasons why a cybercrime is committed.
Security Patches, Mitigations, and Software Updates
Microsoft warns users to patch as exploits for ‘wormable’ BlueKeep bug appear (TechCrunch) Microsoft has issued its second advisory this month urging users to update their systems to prevent a re-run of attacks similar to WannaCry. The software giant said Thursday that the recently discovered “wormable” vulnerability in Remote Desktop Services for Windows can allow attackers …
Apple Patches SQLite, WebKit Bugs in iTunes and iCloud for Windows (SecurityWeek) Apple released updates for iTunes and iCloud for Windows applications, to address recently disclosed SQLite and WebKit security flaws in them.
G Suite to get Gmail confidential mode, on by default (Help Net Security) Starting on June 25, Gmail confidential mode will be turned on by default for G Suite users and it will be on admins to turn it off.
Google Is Finally Making Chrome Extensions More Secure (WIRED) Third-party developers don't always build extensions with security best practices in mind. Now Google is taking steps to better protect user data.
Geopolitical Cyber Threats and Business Operations (Infosecurity Magazine) Cyber-attacks can be easily cross-continentally conducted by a small number of personnel in contrast to conventional warfare
Nation-State Security: Private Sector Necessity (SecurityWeek) While threats facing private industry and government may once have looked distinctly different, the line separating attackers pursuing these two arenas is now so blurred that it’s often hard to distinguish one from another.
Industry is Not Prepared for the IIoT Attacks that Have Already Begun (SecurityWeek) A new survey from Irdeto demonstrates that direct cyber-attacks against IIoT have already started, and that industry is not yet well prepared.
Many are seeing the damage of cybercrime and identity theft firsthand (Help Net Security) As massive data breaches continue to make international headlines and the Internet is an integral part of our daily lives, consumers are now grasping the
Businesses are struggling to implement adequate IAM and PAM processes, practices and technologies (Help Net Security) Businesses find identity and access management (IAM) and privileged access management (PAM) security disciplines difficult yet un-concerning.
Data Breaches Make Zero Trust The New Buzzword In Cybersecurity (Investor's Business Daily) Despite huge spending on computer security, the good guys aren't even close to getting the upper hand vs. hackers.
Number of exposed health files 'alarming' says data security firm - Digital Health Age (Digital Health Age) The number of sensitive data files in healthcare, pharma and biotech accessible to every employee should leave us alarmed according to data security company Varonis, after a report highlighted the data risk in several industries a year after the implementation of GDPR. The Global Data Risk Report from the Varonis Data Lab suggested that in...
UAE, Saudi firms still unprepared for cyber-attacks: IBM Security (TahawulTech.com) Organisations in the UAE and Saudi Arabia are still unprepared to respond to cyber-attaks, according to the latest study by IBM Security.
Parting Shots (Q1 2019 Issue) (Infosecurity Magazine) What term do you prefer to describe what we do?
Huawei bars staff from having technical meetings with US contacts (TechCrunch) Reeling from the ongoing U.S.-China trade war, Chinese technology giant Huawei has found itself in yet another dilemma: How to pursue internal communications with its own U.S. employees? For now, the company has ordered its Chinese employees to bar technical meetings with their U.S. contacts and se…
Cybersecurity Jobs Added to Government's Shortage Occupation List (Infosecurity Magazine) Cybersecurity roles have been recognized as an official shortage by the UK Government's Migration Advisory Committee
20 public cybersecurity companies you should know (Built In) In our digitally hyperconnected world, cybersecurity companies are more in demand than ever. We've rounded up 20 publicly traded ones.
A veteran's look at the cybersecurity industry and the problems that need solving (Help Net Security) In this interview, Daniel Miessler, a 20-year industry veteran, talks with Help Net Security about the cybersecurity industry in general.
The Snowden effect: Privacy is good for business (CNET) Tech companies didn't look so good when Edward Snowden revealed they were helping governments spy on average people. But the revelations have worked in the industry's favor.
Palo Alto Networks Snaps Up Two Startups For $400M+ As Its Taste For Acquisitions Grows (Crunchbase News) The company has ramped up its buying activity over the past 14 months with a total of six known acquisitions since March 2018, according to Crunchbase data.
Twofer: Palo Alto to Buy TwistLock, PureSec in Major Cloud Security Play (Channelnomics) Visit the post for more.
Palo Alto Networks stock drops as cloud-transition pain concerns analysts (MarketWatch) Palo Alto Networks Inc. shares fall Thursday as several analysts cut their price targets as the cybersecurity company’s transition to annual cloud-based...
Sequoia leads $110M funding round for password security startup Dashlane (SiliconANGLE) Sequoia leads $110M funding round for password security startup Dashlane
Enterprise cybersecurity startup BlueVoyant raises $82.5M at a $430M+ valuation (TechCrunch) The pace of malicious hacks and security breaches is showing no signs of slowing down, and spend among enterprises to guard against that is set to reach $124 billion this year. That’s also having a knock-on effect on the most innovative cybersecurity startups, which continue to raise big mone…
NetApp buys data security developer Cognigo (CRN Australia) Develops data security and GDPR compliance software.
Three MSSPs Merge To Take On Security Giants Secureworks, IBM (CRN) Three smaller MSSPs have joined forces to gain the scale necessary for competing against larger managed security players like Secureworks, IBM and Arctic Wolf Networks.
GDIT, Leidos among those on $49M AI contract for HHS (Washington Business Journal) A spate of D.C.-area technology companies will compete to bring artificial intelligence and other solutions to an HHS shared services office.
Army names Silicon Valley’s data mining company Palantir to lead battlefield intelligence (MuckRock) Palantir, a data mining startup based in Silicon Valley, will be handling initial delivery of the U.S. Army’s battlefield intelligence network, the Pentagon confirmed earlier this year, positioning the company to influence the Army’s long-term implementation of its artificial intelligence priorities.
DCMS selects Bristol consultancy for Cyber Security discovery project (Consultancy) UK consultancy Mace & Menter has been appointed as the partner to the Department for Digital, Culture, Media and Sport on a discovery project to better understand the users of the Cyber Exchange serv
Big Data startup weighs cutting 122 jobs, shutting Santa Clara HQ (Silicon Valley Business Journal) Big Data platform provider MapR Technologies, led by founder and CEO John Schroeder, may close its Santa Clara headquarters and cut 122 jobs.
Google relies on growing underclass: temps who outnumber full-timers (Silicon Valley Business Journal) Google has long used contractors, but some employees worry that a growing reliance on them represents a shifting, less admirable work culture.
Why ICS security startup Dragos’ CEO puts a premium on people not profits (TechCrunch) Written in its company’s handbook, there’s one rule for working at Dragos. “Don’t be an asshole.” “The first key to our success is our people and that we hire good people,” said Robert Lee, the company’s founder and chief executive, in an interview wi…
Cisco Stock Is a Top Pick During the Trade War, Analyst Says (Barron's) Cisco Systems stock is attractive because it is relatively insulated from the escalating trade conflict between the U.S. and China, according to JPMorgan.
SafeBreach Joins Microsoft Intelligent Security Association (AP NEWS) SafeBreach, a leader in breach and attack simulation, today announced that it has joined the Microsoft Intelligent Security Association, a collaborative initiative to help organizations defend against increasingly sophisticated, fast moving threats worldwide.
Proofpoint sends channel a reminder to focus on email security (MicroscopeUK) Ahead of InfoSec the security vendor has highlighted the importance of resellers helping customers secure their communications
'We'd like to dump them like so many bricks': Most brutal burns from CRN Vendor Report - so far…. (CRN) Vendors variously branded 'appalling', 'elitist' and 'anti-channel' in CRN 2019 Vendor Report.
Capsule8 Names Scott Kenerly as Chief Financial Officer (Capsule8) Capsule8, the only company providing high-performance attack protection for Linux production environments, today announced the appointment of Scott Kenerly as Chief Financial Officer … Read of "Capsule8 Names Scott Kenerly as Chief Financial Officer"
Products, Services, and Solutions
SOSA and Elron Partner to Boost Innovation within the International Cyber Ecosystem (Smart Cities Dive) SOSA, the leading global innovation platform that connects international organizations to innovative technology, has entered into a strategic partnership with Elron, a top Israeli early stage investment firm specializing in cyber.
Infoblox Unveils Simplified Security Platform to Detect and Stop Threats in Today's Borderless Networks (PR Newswire) Infoblox Inc., the leader in Secure Cloud-Managed Network Services, today announced BloxOne™ Threat Defense,...
Phunware Announces Dual Token Structure (Yahoo) Phunware, Inc. (PHUN), a fully-integrated enterprise cloud platform for mobile that provides products, solutions, data and services for brands worldwide, today announced the introduction of the Phun utility token (“Phun”) for its Multiscreen as a Service (MaaS) platform.
Elcomsoft Phone Viewer 4.50 adds data export support, allows evidence analysis in external tools (openPR) Press release - ElcomSoft Co. Ltd. - Elcomsoft Phone Viewer 4.50 adds data export support, allows evidence analysis in external tools - published on openPR.com
CREST and EC-Council Announce Certification Equivalency for Penetration Testers (openPR) CREST and EC-Council Announce Certification Equivalency for Penetration Testers - published on openPR.com
New infosec products of the week: May 31, 2019 (Help Net Security) New infosec products of the week include releases from the following vendors: AccessData, Bittium, Moogsoft, SailPoint, StorageCraft and Zyxel.
Technologies, Techniques, and Standards
What a teen grade hacker’s confession can teach us (Naked Security) “We had access to the grade book. Now we could change the grades.”
4 tips for getting the most from threat intelligence (CSO Online) It’s easy to gather data on potential threats, but you have to know what to do with that intelligence if you want to improve your security stance.
How Did You Celebrate National Password Day? (Interfocus) In light of National Password Day, here are some tips and tricks to improve your online security, and that of your business, related to passwords.
Plan like a marketer, test like an attacker (ITWeb) Most IT security failures occur because cyber criminals know the psychology of human nature and how to exploit it.
Sumo Logic Co-founder: Beware of These Dangers with Data (Investing News Network) Christian Beedgen of data analytics firm Sumo Logic discussed subjectivity and confirmation bias in algorithms and data models at Collision.
Design and Innovation
The Army wants C5ISR systems on demand (C4ISRNET) The Army is focusing on global hot spots where it thinks it might have to respond with soldiers by sending the proper technicians ahead first. Army staffers are also making sure they configure systems as much as possible in advance of competition, however, but forward technicians can assist if systems break or need to be tweaked.
AI, the Mandatory Element of 5G Mobile Security (Threatpost) The complexity and scale of the 5G ecosystem, combined with a lack of skills and training in software-centric security, will be important drivers for AI deployment in the carrier space.
ODNI Seeks Industry Innovation (SIGNAL Magazine) The intelligence agency is looking for industry to present capabilities to enhance national security.
AI May Pose More Questions Than Answers (SIGNAL Magazine) Classified Cyber Forum seeks to answer some of the questions AI and machine learning pose to the military and intelligence agencies.
Your starter for ten: Why aren't Universities winning the cyber-security challenge? (SC Magazine) A quarter of UK universities believe their research programmes may have been infiltrated, and more than half confirm that a cyber-attack has led to research data ending up in foreign hands.
UK Universities Facing Daily State-Sponsored Attacks (Infosecurity Magazine) UK universities are facing increased attacks from state-sponsored hackers
Legislation, Policy, and Regulation
Following US Huawei ban, China threatens own blacklist for foreign firms (TechCrunch) Odds of the U.S. and China cooling off their trade war further diminished on Friday after the world’s most populous nation said it would create a list of “unreliable” foreign firms of its own. Gao Feng, a spokesman of China’s commerce ministry, said today that the nation will create an “entity list…
Donald Trump set to confront May over Huawei risks on London trip (Times) Donald Trump will confront Theresa May over the security risk posed to Britain by the Chinese company Huawei during his visit next week, a senior aide to the president has said. John Bolton, the...
Huawei: Trump Will Threaten U.K. With Intelligence-Sharing Cuts During Visit (Forbes) President Trump has decided to take a hard line with the U.K. government over Huawei during his visit next week, threatening to cut intelligence-sharing unless the controversial decision to allow the Chinese company's equipment into the U.K. network is reversed.
Britain may not have made final decision on Huawei and 5G: Bolton says (Reuters) Britain may not have made a final decision on allowing China's Huawei a res...
China’s saber-rattling on rare-earths trade has US officials looking for options (Ars Technica) Coal runoff could be a solution; Pentagon wants funding for rare-earths independence.
Lawmaker: China’s rare earths threat ‘could cripple a nation’ (Washington Examiner) China’s threat to restrict rare earth exports to the United States could have devastating results, a senior Republican lawmaker said.
British Spies Tried to End Tech's Encryption Debate. But Their 'Ghost Proposal' Only Rekindled It (Fortune) Apple, Microsoft and Google have rejected a plan that would've allowed law enforcement to eavesdrop on communication.
Apple and WhatsApp hit back at GCHQ eavesdropping plans (The Telegraph) Several of the world’s largest technology companies have publicly rejected a proposal by British security services for a system which could give the government access to people’s encrypted messages.
Apple, Google and WhatsApp condemn UK proposal to eavesdrop on encrypted messages (CNBC) In an open letter to GCHQ, 47 signatories including Apple, Google and WhatsApp have jointly urged the U.K. cybersecurity agency to abandon its plans for a so-called "ghost protocol."
Germany proposes Europe’s first diversity rules for social media platforms (Media Policy Project) Tighter regulation of social media and other online services in now under discussion in several European countries, as well as in the UK where the government has released a white paper outlining it…
Lowdown: Sri Lanka's Cyber Security Bill provides for cybersecurity agency, penalties, and more (MediaNama) The Sri Lankan government has drafted a ‘Cyber Security Bill’ to protect vital information and essential services from cyber attacks, reports Daily News. The bill vests the government with powers to establish a ‘Cyber Security Agency’ and is meant to ‘empower’ the Sri Lanka Computer Emergency Readiness Team and National Cyber Security Operations Centre, which …
Cryptocurrency Firms Renew Push to Break Free From SEC Rules (WIRED) Kik has started a crowdfunding campaign to support its legal battle, asserting that its kin coins are not securities.
Rep. Sherrill Introduces Bipartisan Bill to Safeguard Federal Research from Foreign Espionage (TAP into Sparta) Today, Representative Mikie Sherrill (D-NJ) joined with Representatives Anthony Gonzalez (R-OK), Jim Langevin (D-RI), Elise Stefanik (R-NY), Eddie Bernice Johnson (D-TX), and Frank Lucas (R-OK) to announce the introduction of the bipartisan Securing American Science and Technology Act of 2019 (SASTA) to address academic espionage at our institutions of higher education.
Maine passes bill requiring ISPs to ask permission before selling data (Engadget) Maine's legislature might protect privacy with a newly-passed bill that requires consent before ISPs sell your data.
Cyber Command names Navy admiral as new deputy (Fifth Domain) Following the retirement of Deputy Commander Lt. Gen. Vincent Stewart, Cyber Command has been operating without a deputy commander. Now, a new deputy commander has been appointed to help Cyber Command further define its new role as a unified combatant command.
Litigation, Investigation, and Law Enforcement
ProtonMail Accused of Voluntarily Helping Police Spy on Users (SecurityWeek) Privacy-focused ProtonMail has been accused of voluntarily helping law enforcement spy on users, but the company has denied the accusations.
ProtonMail denies that it offers real-time surveillance assistance (HackRead) A Swiss lawyer has accused ProtonMail that the company has initiated offering IP Logging upon request of Swiss authorities.
Trump opens new rift with ‘conflicted’ Robert Mueller (Times) Calls by the Democrats for impeachment grew louder yesterday as Donald Trump railed against Robert Mueller, the special counsel who used his only public statement to declare that his investigation...
Mueller's Bottom Line: Indicting Trump Wasn't Even an Option (WIRED) Robert Mueller outlined the conclusions of the Russia investigation and made clear, in his own obtuse way, that the next steps belong to Congress.
Why Is The Info Generating Mueller's Probe All Linked To Hillary Clinton? (The Federalist) At a certain point, it can’t be mere coincidence that every major figure involved in probing Trump’s campaign is linked to Hillary Clinton in some manner.
SEC Policy Incentivizing Whistleblowers Weakened by Ruling, Lawyers Say (Wall Street Journal) A recent U.S. Supreme Court decision that raised questions about protections for whistleblowers weakens the regulator’s policy, according to lawyers who fear tipsters may now be more reluctant to report information to company compliance officers.
Prosecutor downplays email tracking in Navy SEAL murder case (Navy Times) Defense lawyers accuse prosecutors of engaging in misconduct and want charges against Gallagher dismissed or prosecutors removed from the case.
Canada Uses Civil Anti-Spam Law in Bid to Fine Malware Purveyors (KrebsOnSecurity) Canadian government regulators are using the country’s powerful new anti-spam law to pursue hefty fines of up to a million dollars against Canadian citizens suspected of helping to spread malicious software.