Cyber Attacks, Threats, and Vulnerabilities
New Email Hacking Tool from OilRig APT Group Leaked Online (BleepingComputer) A tool for hijacking Microsoft Exchange email accounts allegedly used by the OilRig hacker group has been leaked online. The utility is called Jason and it is not detected by antivirus engines on VirusTotal.
Quest Diagnostics says 11.9 million patients affected by data breach (TechCrunch) Medical testing giant Quest Diagnostics has confirmed a third-party billing company has been hit by a data breach affecting 11.9 million patients. The laboratory testing company revealed the data breach in a filing on Monday with the Securities and Exchange Commission. According to the filing, the …
12M Quest Diagnostics Patients May Have Had Data Breached (NBC New York) Quest Diagnostics, one of the biggest blood testing providers in the country, warned Monday that nearly 12 million of its customers may have had personal, financial and medical information breached due to...
Billing Details for 11.9M Quest Diagnostics Clients Exposed (BleepingComputer) Quest Diagnostics Incorporated, a Fortune 500 diagnostic services provider, says that approximately 12 million of its clients may have been impacted by a data breach reported by one of its billing providers.
Quest Diagnostics discloses breach of patient records (Washington Post) The medical testing firm said the data of about 11.9 million people was affected in the breach, which it learned about in May.
AMCA Breach Hits 12 Million Quest Diagnostics Patients (SecurityWeek) A breach at billing collections service provider American Medical Collection Agency (AMCA) could impact many of its customers. One victim is Quest Diagnostics and 12 million of its patients.
8-K 1 ss138857_8k.htm CURRENT REPORT (US Securities and Exchange Commission) On May 14, 2019, American Medical Collection Agency (AMCA), a billing collections vendor, notified Quest Diagnostics Incorporated (“Quest Diagnostics”) and Optum360 LLC, Quest Diagnostics’ revenue cycle management provider, of potential unauthorized activity on AMCA’s web payment page. Quest Diagnostics and Optum360 promptly sought information from AMCA about the incident, including what, if any, information was subject to unauthorized access.
Lab Testing Firm Eurofins Scientific Hit by Ransomware (SecurityWeek) Some IT systems at testing services giant Eurofins Scientific disrupted by ransomware.
Windows 10 security: Are ads in Microsoft's own apps pushing fake malware alerts? (ZDNet) Windows 10 users say they're being targeted by fraudsters through ads being delivered to Microsoft's apps.
An APT Blueprint: Gaining New Visibility into Financial Threats (Bitdefender Labs) This new Bitdefender forensic investigation reveals a complete attack timeline and behavior of a notorious financial cybercriminal group, known as Carbanak. In mid-2018, Bitdefender researchers investigated a targeted attack on an Eastern European financial... #bitdefenderresearch #Carbanak #cobalt
Scientists uncover vulnerability in FPGAs, affecting cloud services and IoT (Help Net Security) Ironically, just the versatility of FPGAs enables clever hackers to carry out so-called side-channel attacks, researchers have found.
rkt Container Runtime Flaws Give Root Access to Host (SecurityWeek) Unpatched vulnerabilities found in the rkt container runtime can be exploited by an attacker to escape the container and gain root access to the host.
42 Percent of Email Phishing Attacks are Polymorphic (PRWeb) IRONSCALES, the world’s first automated phishing prevention, detection and response platform, today announced that 42% of all email phishing attac
Email Still Major Attack Vector: Security Research (eSecurity Planet) Email users continue to be one of the easiest marks for cybercriminals, according to the latest cybersecurity research.
Report: Native Email Security Systems Open Doors to Vulnerabilities (Nasdaq) Latest ESRA Finds Tens of Thousands of Impersonation Attacks, Malware Attachments and Malicious URLs being Delivered to Users' Inboxes
New Phishing Scam Asks You to Manage Your Undelivered Email (BleepingComputer) A new phishing campaign is underway that pretends to be a list undelivered email being held for you on your Outlook Web Mail service. Users are then prompted to decide what they wish to do with each mail, with the respective links leading to a fake login form.
Too Many Businesses Taking The Impersonation Phishing Attack Bait (Today's Conveyancer) 964 (94%) global IT decision makers from a survey size of 1,025 have found impersonation phishing attacks have had a severe impact on their business.
The ultimate control system cyber security nightmare – using process transmitters as Trojan Horses (Control Global) There is still a gap in cyber security at the process device level. May 28, 2019, two independent announcements affecting control system supply chain cyber security were made that taken together spell a lack of cyber security, safety, and resilience of all infrastructures including the electric grid. If you have control of the transmitters, you own the process.
Serious Vulnerabilities Found in Kace K1000 Appliance (SecurityWeek) Serious vulnerabilities have been found and patched in the Kace K1000 systems management appliance from Quest (formerly offered by Dell).
New Attack Targets the Touchscreen of Smartphones, Researchers Reveal (SecurityWeek) Researchers have devised a new proof-of-concept attack that targets the touchscreen of Near-Field Communication (NFC)-enabled mobile devices such as smartphones and allows remote control of the devices.
Ransomware Attack Against Baltimore: Tweet from Hacker or Malicious Prankster? (Armor) Last Updated: 5/29/2019 Eric Sifford, security researcher with Armor’s Threat Resistance Unit (TRU), found new tweets on Saturday, May 25, 2019 and on Tuesday, May 28, 2019 from a Twitter account , which appears to be connected to the City of Baltimore ransomware attackers. Both tweets were directed squarely at Baltimore’s mayor, Bernard C. “Jack” …
Analyst finds no evidence of NSA EternalBlue in Baltimore ransomware attack (SiliconANGLE) Analyst finds no evidence of NSA EternalBlue in Baltimore ransomware attack - SiliconANGLE
Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware (KrebsOnSecurity) For almost the past month, key computer systems serving the government of Baltimore, Md. have been held hostage by a ransomware strain known as “Robbinhood.” Media publications have cited sources saying the Robbinhood version that hit Baltimore city computers was powered by “Eternal Blue,” a hacking tool developed by the U.S. National Security Agency (NSA) and leaked online in 2017. But new analysis suggests that while Eternal Blue could have been used to spread the infection, the Robbinhood malware itself contains no traces of it.
Fake news writer: If people are stupid enough to believe this stuff… (Naked Security) …then maybe they deserve this drivel, says a Macedonian copy-paste/turn-it-into-clickbait-bile writer who says it’s all about the money.
America’s Enemies Are Using Social Media To Spread Fake News – And U.S. Media Are Falling For It (Daily Wire) In a little-known report published last week, the cybersecurity firm FireEye found that Facebook and Twitter accounts linked to Iran imperso
Vulnerability Summary for the Week of May 27, 2019 (US-CERT) The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
FedEx Misrouted Huawei Packages After Changes to Internal Protocols (Wall Street Journal) Changes to FedEx’s internal protocols to comply with the Trump administration’s crackdown on Huawei Technologies caused the delivery giant to misroute two of the Chinese company’s packages to the U.S.
How likely are weaponized cars? (Help Net Security) It is easy to become absorbed by the exaggerated Hollywood depictions of car hacking scenarios - to imagine a not-so-distant future when cars or their
County gets new firm to resolve cyber attack (Citizens' Voice) Luzerne County has hired a new vendor to help resolve a cyber attack that shut down most computers at the county courthouse, and hopes to have the system back up and running this week. That will not happen today, however. Most of the computer network at t
Security Patches, Mitigations, and Software Updates
A Reminder to Update Your Systems to Prevent a Worm (MSRC) On May 14, Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. In our previous blog post on this topic we warned that the vulnerability is ‘wormable’, and that future malware that exploits this vulnerability...
New controversy erupts over Chrome ad blocking plans (Naked Security) Changes to extensions will limit the way that Chrome lets browsers block content – unless you’re an enterprise user.
Cyber Trends
Trouble at the top: The boardroom battle for cyber supremacy (Nominet) In the current landscape of pervasive cyber threats, every business needs a clear strategy that outlines how to deal with and mitigate the risk of attack, as well as a response prepared should the worst happen. However, the lines are often blurred. At the top of every large organisation is a group of very knowledgeable, strong leaders, each with their own skillsets and opinions.
Growing reliance on open source libraries leaves many companies vulnerable (Help Net Security) Organizations are becoming increasingly dependent on open source libraries (OSLs) to develop code for software and websites.
Infosec Europe: ‘The bad guys are no longer outside of the organisation’ warns Centrify European Chief (Commentator) Andy Heather, VP at Centrify has warned businesses that malicious parties are now more likely than ever to have broken into the business, underlining the urgent need for identity-based security. Heather was speaking at a special Parliamentary Summit on the Infosec threat, alongside a panel of cyber industry experts including Symantec, HackerOne and Nimbus Hosting.
Forcepoint Says Boards Are Unprepared For Human Centered Security (Forbes) Forcepoint Chief Revenue Officer Kevin Isaac says boards need governance standards to help manage cyber risk.
Q&A: Joseph Menn on the Cult of the Dead Cow (Decipher) In his new book on the Cult of the Dead Cow hacking group, Joseph Menn describes the environment that led to the cDc’s creation and why the group remains so influential after more than 35 years.
Marketplace
Apple announces web login feature in privacy challenge to Facebook and Google (The Telegraph) Apple has stepped up its privacy war with Facebook and Google by unveiling a challenger to the internet login systems that the two digital advertising giants use to gather data from around the web.
Huawei Selling Stake in Undersea-Cable Firm as U.S. Pressure Mounts (Wall Street Journal) China’s Huawei Technologies plans to sell its majority stake in an undersea-cable venture, in a move that follows a U.S. pressure campaign against Huawei and efforts to block the cable venture’s projects.
Nasdaq Slides Into Correction Territory (Wall Street Journal) Technology stocks tumbled, hit by fears that regulators might take a fresh shot at industry giants such as Alphabet and Facebook.
ThreatConnect Receives Investment from Providence Strategic Growth (ThreatConnect) New Funding Aimed at Accelerating ThreatConnect’s Go-to-Market Strategy and Product Development
Sophos Acquires Rook Security to Provide Managed Detection and Response (Benzinga) Sophos (LSE: SOPH), a global leader in network and endpoint security, today announced that it has acquired Rook...
Twitter Buys Artificial-Intelligence Startup to Help Fight Spam, Fake News and Other Abuse (Variety) Twitter, as part of ongoing efforts to improve the “health” of discussions on the platform, announced that it has acquired U.K.-based artificial-intelligence startup Fabula AI. Terms of…
Vector Security Acquires ADS Security to Grow Subscriber Base to 400K (Security Sales & Integration) Collectively both companies will have close to $20 million in recurring monthly revenue (RMR) and a customer base of nearly 400,000 subscribers.
Future Data Completes Acquisition of 64.86% Equity Stake in Cyber Security Specialist Maximus (Yahoo) GEM Board-listed Future Data Group Limited ("Future Data" or the "Group", stock code: 8229), a technology services company specializing in system integration and cyber security, today announced that it has successfully completed the acquisition
Palo Alto, Recorded Future and FireEye go shopping (SC Magazine) The cyber-security sector saw three major acquisitions announced last week
Recorded Future, just sold for $780 million, wants to scour the internet for threat data 'down to the damn electrons' (CNBC) Recorded Future, backed by the venture arms of Google and the CIA, was purchased by Insight Partners this week. Here's what they do, and how threat intelligence may represent one of the most promising sectors of the cybersecurity market.
Why Palo Alto Networks Is Gobbling Up Smaller Cybersecurity Companies (The Motley Fool) One day, one quarterly earnings report, and two acquisitions.
Intelligent ID Rebranded As innerView (PRWeb) OnGuard Systems is proud to announce the re-release of their flagship product, Intelligent ID, as the newly renamed innerView. Innovators in insider threat p
Raytheon wins U.S. Air Force contract to mentor a small business on cybersecurity best practices (PR Newswire) Raytheon Company (NYSE: RTN) and Infinity Technology Services, LLC, won a two-year Mentor Protégé program contract...
Mayor Rahm Emanuel and Keeper Security Announce Plans to Add Over 100 Jobs in Chicago Amid Rapid Growth in B2B (Newkerala.com News) Mayor Rahm Emanuel and Keeper Security, Inc. announced plans to add 130 new jobs in Chicago over the next six months.
LORCA Announces Additions to Cybersecurity Program (Infosecurity Magazine) Companies from Spain, UK, Italy and South Korea are among 15 successful candidates to be mentored by LORCA, Deloitte, CSIT and Plexal.
EY launches its largest cybersecurity centre in APAC in Melbourne (CIO) EY has launched its biggest cyber security facility in the Asia Pacific region, in Melbourne.
Forescout Adds Two New Board Members and Updates Its Board Chair (Yahoo) Forescout Technologies, Inc. (FSCT), the leader in device visibility and control, announced today the appointment of Kathy McElligott and Elizabeth Hackenson to its board of directors, effective immediately. McElligott currently serves as executive vice president, chief information officer and chief
Products, Services, and Solutions
Cyberbit Announces Enhancements to Cyberbit Range That Personalize and Scale Cybersecurity Training and Education (PR Newswire) Cyberbit, today announced enhancements to Cyberbit Range, the most widely deployed cybersecurity training and...
CyberX Launches Single Unified Solution for Securing Unmanaged IoT and ICS Devices (West) Extends Market-Leading, Agentless Industrial Cybersecurity Platform to Protect All Unmanaged IoT Devices in the Enterprise
Nucleus Cyber Brings Data-Centric Security Capabilities to Dropbox (PRWeb) Nucleus Cyber, the intelligent data-centric security company for the modern workplace, announced its NC Protect solution now supports Dropbox and Dropbox Business wit
IOActive and Bugcrowd Combine Forces to Extend Security Service Offerings (West) Strategic partnership provides Global 1000 customers with more options to reduce risk and identify security gaps
SecureAuth Innovates Secure Identity Management with its Intelligent Identity Cloud Service (SecureAuth) Latest innovations advance usability and security giving enterprise customers deployment freedom (hybrid, on-premises and cloud) and ability to consolidate multiple solutions
Frontline.Cloud™ App from Digital Defense, Inc. Now Available on Cortex by Palo Alto Networks (Benzinga) Building on Cortex allows partners to use normalized and stitched together data from customers' entire enterprises to build cloud-based apps that constantly deliver innovative...
Saab and Orolia team to protect navigation systems from cyber attack (Marine Log) Saab is collaborating with Orolia on a suite of technologies that detect and mitigate cyber-attacks on navigation systems onshore or on vessels. As the 2021 deadline gets nearer for implementation of IMO’s
BT selects Juniper Networks to underpin 5G capability with cloud network rollout (iTWire) British Telecommunications has selected Juniper Networks to deliver its network cloud infrastructure which the telco says will pave the way for its ne...
Technologies, Techniques, and Standards
Protecting Your Business Against Automated Intruders (New York Law Journal) Bots add value by facilitating the execution of online tasks at speeds and scales unreachable by human users. But the ubiquity of bots has a dark side, threatening both governmental and commercial institutions.
A Line in the Clouds: Whose Cybersecurity Goes Where? (New York Law Journal) The problem involved with assessing and addressing fair allocation of cybersecurity responsibilities, in a new kind of commercial relationship with interactive, interconnected and interdependent IT products and services, reflects the need for lawyers to evolve if they aspire to competently serve enterprise clients.
Striking a Balance Between Cybersecurity and Employee Privacy (New York Law Journal) Most successful approaches for striking the proper balance involve having clear policies.
Enterprise Application Access | Remote Access to Applications (Akamai) Enterprise Application Access provides a SaaS service that delivers access to applications without providing user access to your entire network.
Why zero trust is crucial to compliance (Help Net Security) Zero trust verifies identity and payload each time an east-west movement is attempted, stopping the attack before data can be reached, much less breached.
How a Presidential Commission Was Tracking Hackers in 1996 (OODA Loop) The President's Commission on Critical Infrastructure Protection is often cited as one of the most important initiatives from the 1990s that advanced our cybersecurity programs in the U.S. The commission, which looked at cyber threats
Design and Innovation
Microsoft says mandatory password changing is “ancient and obsolete” (Ars Technica) Bucking a major trend, company speaks out against the age-old practice.
Academia
SAU ranked first in state, second in the nation in Cyber FastTrack program (Arkansas Online) SAU is currently ranked No. 1 in Arkansas and No. 2 in the nation in the national Cyber FastTrack competition.
Legislation, Policy, and Regulation
Mutual trust urged to deal with challenges in cyberspace (China Daily) Remarks by Senior Captain Xu Manshu, professor at National Defense University of People's Liberation Army
Deterrence in Cyberspace (Project Syndicate) Understanding deterrence in cyberspace is often difficult, because our minds remain captured by an image of deterrence shaped by the Cold War: a threat of massive retaliation to a nuclear attack by nuclear means. A better analogy is crime: governments can only imperfectly prevent it.
Ignatius: America is at war, in cyberspace (Record-Courier) One of the least-discussed but perhaps most consequential comments by special counsel Robert Mueller in his appearance before reporters this
Russia demands Tinder give user data to secret services (KOKH) Russia is requiring dating app Tinder to hand over data on its users - including messages - to the national intelligence agencies, part of the country's widening crackdown on internet freedoms. The communications regulator said Monday that Tinder was included on a list of online services operating in Russia that are required to provide user data on demand to Russian authorities, including the FSB security agency.
U.S. Requiring Social Media Information From Visa Applicants (New York Times) The State Department is asking visa applicants to submit social media accounts that they have used in the past five years under a new policy that took effect on Friday.
Sri Lanka's new Cyber Security Bill is ready: Cyber Security Agency, designation of Critical Information Infrastructure and more (MediaNama) The Sri Lankan government has drafted a Cyber Security Bill to protect vital information and essential services from cyber attacks, reports Daily News. The bill gives the government the power to establish a Cyber Security Agency, the Sri Lanka Computer Emergency Readiness Team, and the National Cyber Security Operations Centre to protect “critical information infrastructure” …
Trump dangles big trade deal at meeting with PM (Times) President Trump said he hoped Britain would secure a “very substantial trade deal” with the US as the two leaders were set for a confrontation over Huawei. The prime minister was expected to rebuff...
If China Really Wants to Retaliate, It Will Target Apple (WIRED) As the trade war heats up, Apple is an enticing target for Chinese reprisals. It derives a nearly 20% of its revenue from the country, and its supply chain is based there.
Analysis | The Cybersecurity 202: Trump’s ban on U.S. companies supplying Huawei will not make the country safer, experts say (Washington Post) We asked 100 experts.
The GCHQ’s Vulnerabilities Equities Process (Lawfare) The GCHQ’s disclosure of the “BlueKeep” vulnerability offers an opportunity for the U.S. to learn from how the British handle the question of vulnerabilities equities.
Inside GCHQ's Proposed Backdoor Into End-to-End Encryption (SecurityWeek) The Open Technology Institute (OTI) has responded to GCHQ/NCSC's article on 'Principles for a More Informed Exceptional Access Debate' with an 'Open Letter to GCHQ on the Threats Posed by the Ghost Proposal'.
Britain’s intelligence service stretched to breaking point, says security minister (The National) While extremists such as ISIS are the biggest threat to safety, far-right terrorists are growing in number
Why Congress has concerns about DoD cyber (Fifth Domain) A House subcommittee wants more details regarding Department of Defense cyber acquisition.
Does the U.S. Need a Cabinet-Level Department of Cybersecurity? (Wall Street Journal) Two experts square off. One says a new department can coordinate the nation’s defenses. One says it would only weaken those defenses.
Schumer says McConnell has agreed to Senate briefing on election security (TheHill) Senate Minority Leader Charles Schumer (D-N.Y.) said the Senate will get an election security briefing, after weeks of public clamoring for Majority Leader Mitch McConnell (R-Ky.) to agree to the demand. &
Connecting the Dots on the Regulation of Connected Medical Devices (New York Law Journal) This article will discuss several critical lessons that manufacturers of connected medical devices can learn from recent unprecedented coordination among the FDA, the Department of Health and Human Services Office of Inspector General and the Department of Homeland Security, respectively, as well as the increasingly important role the Federal Trade Commission has come to occupy with respect to the cybersecurity of connected medical devices.
How Much Will Be Enough? Third-Party Diligence Under the NYDFS Cybersecurity Requirements (New York Law Journal) Recent enforcement actions by other regulatory bodies in response to data breaches attributable to third parties may shed some light on what Covered Entities should do and what level of due diligence DFS may expect when it comes to third parties.
Litigation, Investigation, and Law Enforcement
Israeli intelligence purportedly linked Iran to UAE tanker sabotage — report (Times of Israel) US to present Mossad-gathered evidence to Security Council in coming days; source tells public broadcaster attack on Gulf oil vessels was 'a pretty good operation'
Facebook, Google and other tech giants to face antitrust investigation by House lawmakers (Washington Post) The probe announced Monday by the House Judiciary Committee's competition-minded panel, led by Rep. David Cicilline (R.I.), is expected to be far-reaching, covering the extent to which a company like Google favors its products over rivals or Facebook clones or acquires competitors in an attempt to ensure its continued dominance in social networking.
Report: US Justice Department given the green light to investigate Apple for antitrust violations (Silicon Valley Business Journal) Officials with the U.S. Justice Department have reportedly met with their counterparts at the Federal Trade Commission, to hammer out who would have jurisdiction to investigate Apple.
FTC Gets Jurisdiction for Possible Facebook Antitrust Probe (Wall Street Journal) The Federal Trade Commission will lead any antitrust investigation into Facebook under an arrangement that gives the Justice Department chief oversight of Alphabet’s Google, as the U.S. government gears up for scrutiny of the country’s major tech companies over competition concerns.
Swedish court rules not to extradite Assange for rape probe (Washington Post) A Swedish court has ruled that WikiLeaks founder Julian Assange, who is now jailed in Britain and suspected of rape in Sweden, should not be detained in absentia
The Obligation to Secure Your Opponent’s Data in the Age of Hacking (New York Law Journal) The question is not whether a receiving party has a duty to take reasonable steps to protect data, but what is reasonable and proportionate in the context of the matters.
Ukrainian extradited to US to face hacking attack charges (Washington Post) A Ukrainian man charged in a massive hacking attack on restaurants, casinos and other business in 47 states has been extradited to the U.S. to face charges
Military judge removes prosecutor from Navy SEAL murder case (Washington Post) A military judge has removed the lead prosecutor accused of misconduct from the war crimes case of a decorated Navy SEAL
First American Mortgage Faces NY Regulator Inquiry, Lawsuit (BankInfo Security) First American Mortgage Corp., the title insurance company that left hundreds of millions of personal documents exposed on the internet, is now facing a lawsuit and
Census’ Cybersecurity Plan is Full of Holes, Watchdog Says (Nextgov.com) The 2020 Census will be a prime target for digital adversaries, but the plans for fighting those threats are incomplete and outdated, the Government Accountability Office found.