Cyber Attacks, Threats, and Vulnerabilities
Election Security Is Still Hurting at Every Level (WIRED) With the 2020 election fast approaching, too many problems from 2016 persist.
EU mission in Moscow discovers potential hack into systems (POLITICO) The attack reportedly took place in 2017 but was only discovered in April this year.
The EU’s Embassy In Russia Was Hacked But The EU Kept It A Secret (BuzzFeed News) A “sophisticated cyber espionage event” began in February 2017. Russian entities are believed to be behind the hack, a source told BuzzFeed News.
Vietnam Cyber Threat: Government-Linked Hackers Ramping Up Attacks (SecurityWeek) Vietnam-linked hackers have ramped up their efforts in recent years, attacking foreign economic competitors and governments alike.
Russia Effort in 2016 US Election Was 'Vast,' 'Professional' (SecurityWeek) Russia's efforts to sow misinformation on Twitter ahead of the 2016 US election was more extensive and professional than earlier believed, security researchers from Symantec say.
Russia's manipulation of Twitter was far vaster than believed (POLITICO) A cybersecurity firm analyzed a massive data set Twitter released in October 2018 on nearly 3,900 accounts and 10 million tweets.
Did Russia spoof coastal GPS to protect Putin from drones? (C4ISRNET) Multiple spoofing incidents showed ships unusually close to airports.
New BlueKeep malware proof-of-concept enables full system takeover, warns researcher (Computing) The vulnerability has seen Microsoft quickly release patches for end-of-life Windows products.
Warnings of world-wide worm attacks are the real deal, new exploit shows (Ars Technica) Latest Metasploit module is being kept private, but time is running out.
BlueKeep ‘Mega-Worm’ Looms as Fresh PoC Shows Full System Takeover (Threatpost) A working exploit for the critical remote code-execution flaw shows how an unauthenticated attacker can achieve full run of a victim machine in about 22 seconds.
NSA warns that 'BlueKeep' vulnerability in Windows XP and Windows 7 is especially dangerous (PCWorld) The National Security Agency has joined Microsoft in warning that a recent vulnerability for Windows 7 and Windows XP is "wormable" and can be exploited by malware without user intervention.
Platinum Hackers Use Steganography to Mask C&C Communications (SecurityWeek) Attacks recently attributed to the "Platinum" cyber espionage group have employed an elaborate, previously unseen steganographic technique, researchers from Kaspersky say.
Fake Cryptocurrency Trading Site Pushes Crypto Stealing Malware (BleepingComputer) Malware distributors have setup a site that impersonates the legitimate Cryptohopper cryptocurrency trading platform in order to distribute malware payloads such as information-stealing Trojans, miners, and clipboard hijackers.
Monero-Mining Malware PCASTLE Zeroes Back In on China, Now Uses Multilayered Fileless Arrival Techniques (TrendLabs Security Intelligence Blog) We saw a campaign that uses multiple fileless techniques to deliver a cryptocurrency-mining malware, including the use of EternalBlue exploit.
440 Million Android Users Plagued By Extremely Obnoxious Pop-Ups (Threatpost) The mobile ad plugin, found in hundreds of Google Play apps, uses well-honed techniques from malware development to hide itself.
New adware "BeiTaAd" found hidden within popular applications in app store (Lookout) BeiTaAd is a well-obfuscated advertising plugin hidden within a number of popular applications in Google Play. The plugin forcibly displays ads on the user’s lock screen, triggers video and audio advertisements even while the phone is asleep, and displays out-of-app ads that interfere with a user’s interaction with other applications on their device.
Wajam: From start-up to massively-spread adware (WeLiveSecurity) ESET researchers show how a "social search engine" application has become an adware operation that keeps changing its tactics in a bid to avoid detection.
Critical Vulnerabilities Lead to Account Takeover in Major IPTV Streamer (SecurityWeek) Critical vulnerabilities have been found in the Ukrainian IPTV video streaming platform Ministra, which uses Infomir-manufactured set top boxes (STBs) to transmit streaming content from the platform to end users' televisions.
Crime doesn't pay? Crime doesn't do secure coding, either: Akamai bug-hunters find hijack hole in bank phishing kit (Register) Absolutely criminal behavior – unrestricted file upload, really?
Buggy Phishing Kits Allow Criminals to Cannibalize Their Own (Threatpost) The vulnerable kits also offer a point of entry to compromise legitimate website servers.
Identifying Vulnerabilities in Phishing Kits (Akamai) While recently examining hundreds of phishing kits for ongoing research, Akamai discovered something interesting - several of the kits included basic vulnerabilities due to flimsy construction or reliance on outdated open source code. Considering the impact phishing kits have on...
LabCorp: 7.7 Million Consumers Hit in Collections Firm Breach (KrebsOnSecurity) Medical testing giant LabCorp. said today personal and financial data on some 7.7 million consumers were exposed by a breach at a third-party billing collections firm. That third party — the American Medical Collection Agency (AMCA) — also recently notified competing firm Quest Diagnostics that an intrusion in its payments Web site exposed personal, financial and medical data on nearly 12 million Quest patients.
#Infosec19 Dark Web Sales Offer Network Access for $10,000 (Infosecurity Magazine) Access to FTSE 100 and Fortune 500 corporate networks has increased on the dark web.
Inside the Operations of a West African Cybercrime Group (SecurityWeek) Security researchers documented the of evolution a Nigerian cybercriminal group from its emergence as a one-man shop into a large business email compromise (BEC) operation employing dozens of threat actors.
The People of Baltimore Are Beginning Their Fifth Week Under Electronic Siege (Defense One) It's more important than ever to be vigilant, responsible digital citizens.
Baltimore calls for federal emergency declaration after cyber attack (Smart Cities World) City council president wants the federal government to have a larger supporting role in helping the city recover from the attack that disabled computer systems and key citizen services.
Cyber Criminals Are Making Bank Using Stolen Doctor Credentials on the Dark Net (Gizmodo) A new report by a leading cybersecurity firm finds that healthcare organizations are becoming an increasingly attractive target for criminal hackers due to the premium that black markets place on private health information—and in particular, the credentials of physicians that can be used to facilitate health insurance fraud.
Healthcare Cyber Heists in 2019 | Carbon Black (Carbon Black) To better determine how these cybercriminals are hiding behind invisibility cloaks to remain undetected, Carbon Black conducted a survey, comprising input from CISOs of many of the world’s largest financial institutions. The purpose of the survey is to improve telemetry for threat hunt teams and defenders. Read the report to learn more.
Ellwood City Medical Center Victim Of Cyber Attack, Not Sure If Patient Records Were Exposed (CBS Pittsburgh) Ellwood City Medical Center officials are investigating whether any patient records were compromised Tuesday after a cyber attack.
Comment: Australian uni breach (Information Security Buzz) Following news that an Australian university has been hacked, affecting sensitive data going back 19 years, please find below comment from SailPoint, the identity governance experts. The comment covers the importance of ensuring that sensitive data is governed by cybersecurity measures, regardless of the system in which it is kept – on premises or in the …
Security Patches, Mitigations, and Software Updates
NSA, Microsoft implore enterprises to patch Windows' 'BlueKeep' flaw before it's too late (Computerworld) The warnings refer to vulnerabilities in Windows' Remote Desktop Services that could be exploited by attackers; patches have been available since May 14.
GitLab urges users to upgrade after disclosing 13 security flaws (Computing) GitLab advises users to upgrade immediately after admitting to a series of vulnerabilities.
Patch Android! June 2019 update fixes eight critical flaws (Naked Security) It’s that time again. June’s patches for Android are here.
Unofficial Patch Available for Recent Windows 10 Task Scheduler Zero-Day (SecurityWeek) An unofficial patch has been released for a recently disclosed zero-day vulnerability in Windows 10’s Task Scheduler.
Cisco Fixes High Severity Flaws in Industrial, Enterprise Tools (BleepingComputer) Cisco patched two high severity improper input validation vulnerabilities found in the update feature of the Cisco Industrial Network Director (IND) software and the authentication service of Cisco Unified Presence (Cisco Unified CM IM&P Service, Cisco VCS, and Cisco Expressway Series).
Cyber Trends
Trust nothing: A life in infosec is a life of suspicion (Help Net Security) Like many before him, Amit Serper started his cybersecurity career in one of Israel's intelligence agencies. Nine years later, he left for the private
Do personality traits matter in cyber security? (ITWeb) Certain personality traits seem to make us more or less likely to fall prey to specific attacks or scams, says Anna Collard, MD and founder of Popcorn Training – a KnowBe4 company.
SolarWinds Finds Insider Threats Cited as Leading Cause of Security Incidents (Nasdaq) New Study Underscores the Need for Affordable, Accessible Security Solutions
Many Americans Say Made-Up News Is a Critical Problem That Needs To Be Fixed (Pew Research Center's Journalism Project) Many Americans say the creation and spread of made-up news and information is causing significant harm to the nation and needs to be stopped, according to
#Infosec19: Infosecurity's Second State of Cybersecurity Report, Available Now (Infosecurity Magazine) Launching Infosecurity's second State of Cybersecurity Report
Apps: Gateway to Your Private Data (Infosecurity Magazine) For companies that store personal data, there is a hefty burden of responsibility.
Marketplace
China grants first 5G licenses amid Huawei global setback (TechCrunch) It’s official. After much anticipation, China named the first companies to receive 5G licenses for commercial use on Thursday. The announcement from the Ministry of Industry and Information Technology, the country’s telecoms authority, came as Huawei, the Chinese company that captured n…
In race for 5G, European companies hope to profit from security doubts over Chinese giant Huawei (Yahoo News - Latest News & Headlines) Nokia CEO Rajeev Suri in the past has boosted Nokia’s more secure products and hinted Huawei’s failure would be Nokia’s ultimate gain. “Ultimately, it’s for the country” looking to purchase 5G networks “to decide, not for Nokia,” said Lindroos.
Sophos Halts Cybersecurity Sales, Patches to Huawei (ChannelE2E) Sophos halts sales to Huawei; tells channel partners to cease cybersecurity sales to the China-based technology company. U.S. vs. Huawei showdown escalates.
Ripping Huawei out of US networks could be a nightmare for rural providers (The Verge) As the US tries to drive out the Chinese manufacturer, rural carriers are bracing for impact
Rural telecoms, including Alaska, worry over Huawei order (Alaska Journal) A new rule about how telecommunications companies can use some of their funding from the federal government may poke a hole in their wallets, especially as they are looking to migrate their networks to 5G.
Which Cybersecurity Career Is Right For Me? (Inside Out Security) Finding the right career path in the cybersecurity industry isn’t always easy. We interviewed cybersecurity experts to find out what inspired them!
CrowdStrike cybersecurity competitor scores $120M in funding (Silicon Valley Business Journal) Mountain View-based SentinelOne, led by Tomer Weingarten, raised $120 million in new funding for its automated endpoint data security.
Elastic Announces Intent to Acquire Endgame (Elastic) Proposed acquisition will add Endgame’s endpoint security product into the Elastic Stack; joint product development and go-to-market will extend Elastic’s existing SIEM efforts
Welcome Endgame: Bringing Endpoint Security to the Elastic Stack (Elastic Blog) We are excited to announce that we have entered into an acquisition agreement to join forces with Endgame, Inc. an endpoint security company.
He Sold His First Business For $190 Million And Just Sold His Second One For $780 Million (Forbes) Christopher Ahlberg has raised millions of dollars for his data intelligence, AI and cybersecurity startups, and just sold his most recent venture for $780 million.
Advancing transparency and accountability in the cybersecurity industry (Help Net Security) NSS Labs, the Texas-based company that specializes in testing the world’s security products, has a new CEO: Jason Brvenik.
Palo Alto Networks Investors Shouldn't Miss the Big Picture (The Motley Fool) The cybersecurity specialist's drop is a buying opportunity.
The Most Important Details Behind The CrowdStrike IPO (Seeking Alpha) CrowdStrike, a cybersecurity firm famous for its fighting against foreigner hackers, has filed for a $4.5 billion IPO which could raise up to $476 million. The
Palantir Dropped by Berkeley Privacy Conference After Complaints (Bloomberg) Privacy Law Scholars Conference ends sponsorship arrangement. Critics of data-mining company cite work on U.S. immigration.
Labs are for nerds, it's simply Kaspersky now – just hold still while we cyber-immunise you (Register) Inoffensive, nondescript logo screams 'building a safer world'
Dimension Data name and brand to start disappearing next month (CRN Australia) Parent company is rebranding everything to NTT.
Innovative Solutions to Enhance Cybersecurity (Times of Israel) In recent years, our world has become hyper-connected, and while that offers many substantial benefits to both corporations as well as individuals, these benefits come with a hefty price tag on our privacy and security.
Armis Expands Leadership Team with the Appointment of Jeff Williams as CRO to Fuel Next Stage of Growth (PR Newswire) Armis, the enterprise IoT security company, today announced Bain Capital Ventures Operating Partner Jeff...
Products, Services, and Solutions
7 Big Security Surprises Coming to macOS 10.15 Catalina (SentinelOne) Apple have announced big security changes to macOS 10.15 Catalina. How will they affect the enterprise? Find out with our early-bird take on what's new.
Teramind Puts Privacy First: Delivers Industry's Most Privacy-aware Employee Monitoring, Insider Threat Prevention and DLP Platform (Benzinga) Teramind Inc. (https://www.teramind.co/), a leading global provider of employee monitoring, user & entity behavior analytics ("...
Application Security – Solving the Hardest Problem First (Cequence Security) CQ appFirewall takes full advantage of the ongoing customer feedback, threat research, and feature enhancements we have made over the past three years.
Furnace - Developers Eliminate Cloud Lock-In and Accelerate Data Driven Businesses with Powerful Serverless Platform: Now Native Across AWS, Microsoft Azure and Google Cloud Platform (West) Simplifies multi-Cloud strategies, speeds development of complex ‘big data’ pipelines and creates new levels of application-dev velocity - ‘Zero to Hero’ in days, not months
Fugue Releases Unified SaaS Product for Autonomous Cloud Infrastructure Security & Compliance (Fugue) Fugue Platform and Risk Manager merge along with a new API for an easy-to-use solution that enables a “Shift Left” on cloud security and compliance
Optiv Security Launches New Cloud Threat Monitoring and Compliance as-a-Service Offering to Help Organizations Harden Security Fundamentals and Reduce Cyber Digital Transformation Risk (BusinessWire) Cloud services provide the speed and agility necessary for enterprises to transform business. However, the dynamic and intangible nature of cloud is c
Optiv Security Doubles Down On Client Success with New Services Approach, Business and Engagement Model; Further Advances Ability to Help Global Clients Optimize, Integrate and Operationalize Cybersecurity (BusinessWire) Optiv Security today announced it has implemented a new cybersecurity services approach, business and engagement model.
35 of the Best Information Security Podcasts to Follow in 2019 (Digital Guardian) Podcasts are a go-to resource for security professionals – here's our roundup of 35 of the top podcasts covering information security.
Technologies, Techniques, and Standards
The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) Joins Cyber Readiness Institute (CRI) Champion Network (Cyber Readiness Institute) The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today was named a Cyber Readiness Champion, enabling retailers, restaurants, hotels, gaming casinos, consumer product manufacturers and other customer-facing companies to access free resources and tools from the Cyber Readiness Institute (CRI).
How William Hill's CISO sells cyber security to the board: Simple, practical, pragmatic and obvious (Computing) CISOs need to sell security to the board like a marketeer, says William Hill's Group CISO Killian Faughnan.
How Deception Technology Can Defend Networks and Disrupt Attackers (SecurityWeek) Experts say that deception technology works and it’s one of the last bastions of active asymmetrical defense that we have to help blue teams start to gain ground on defending their organizations.
Creating Data-Powered Products and Services in the Age of Privacy (Cooley) On Friday, June 14, Cooley’s cyber/data/privacy practice will be hosting an event focused on the use of data in the development of products and services in our New York office. The intense fo…
Unclassified data creates security blind spots for most companies (Help Net Security) 52% of all data within organizations remains unclassified, indicating that businesses have no visibility, creating a target for hackers.
Embrace chaos to improve cloud infrastructure resilience (Help Net Security) Netflix is a champion of using chaos engineering to improve the resilience of its cloud infrastructure. That’s how it ensures its customers don’t have
#Infosec19: Identify and Protect your Very Attacked People (Infosecurity Magazine) Identify and protect your “very attacked people” as attackers look for high value targets
82nd Airborne Division hosts cyber network defense class (DVIDS) The 82nd Airborne Division hosted its first cyber network defenders class at the division headquarters, on Fort Bragg, May 31, 2019.
The All American Cyber Academy provided 15 students further training on network defense tools taught in Advanced Individual Training. It also introduced students, attending the academy, to new techniques and practices to better defend Army networks.
Design and Innovation
Created By Former Palantir and Microsoft Engineers, Tonic Makes Fake Data That Looks Just Like the Real Thing (Hypepotamus) Synthetic data provider Tonic generates realistic synthetic data that looks and acts just like your actual customer data, with just a few clicks.
Our ongoing work to tackle hate (Official YouTube Blog) Over the past few years, we’ve been investing in the policies, resources and products needed to live up to our responsibility and protect th...
In trying to clear “confusion” over anti-harassment policy, YouTube creates more confusion (TechCrunch) After a series of tweets that made it seem as if YouTube was contradicting its own anti-harassment policies, the video platform published a blog post in an attempt to clarify its stance. But even though the post is supposed to “provide more details and context than is possible in any one string of …
YouTube just banned supremacist content, and thousands of channels are about to be removed (The Verge) YouTube is trying to reduce the prevalence of extremist content on the platform
YouTube bans hate speech in crackdown on white supremacists (The Telegraph) YouTube will delete tens of thousands of videos glorifying Nazi ideology and extremist views online in its latest move against "hateful" speech.
YouTube bans neo-Nazi and Holocaust-denial videos in push against hate speech (Ars Technica) White supremacists and others who promote discrimination will be banned.
YouTube says 'homophobic harassment' is allowed on its site (The Telegraph) YouTube has been accused of allowing homophobic slurs and harassment on its service after it declined to remove videos which targeted a gay journalist.
YouTube deletes award-winning history teacher's videos in 'hate speech' purge (The Telegraph) A history teacher said he was “devastated” after his YouTube account, which has become popular among GCSE students learning about World War II, was banned by the video-sharing website for violating its hate speech policy.
YouTube Confuses Everyone, Satisfies Nobody With Half-Measure Against Homophobe Steven Crowder (The Daily Beast) Right-wing performer gay-bashed a Vox reporter for years. They initially declined to do anything, then ‘demonetized’ him, then gave alternating explanations for why.
How Mr. Robot ‘fudged’ its hacks to protect the public (IT PRO) Showrunners debated over how accurate to make the show’s exploits
Research and Development
Following Schrödinger’s cat to its death and giving it a reprieve (Ars Technica) Spotting a superposition state's formation predicts oncoming random event.
Academia
Augusta Cyberworks Academy offers free course to community (WRDW) The Augusta and CSRA community has the chance to learn a little more about the cyber world.
NETSCOUT Partners with UMass Lowell to Protect the University’s Network from Cyber Attacks (BusinessWire) NETSCOUT Donating Arbor Edge Defense Software and Hardware to IT Department
Legislation, Policy, and Regulation
Russia and Iran Plan to Fundamentally Isolate the Internet (WIRED) Opinion: Russia and Iran’s decisions to build isolated, domestic internets represent a new form of internet fragmentation—one that is far more physical than what we’ve seen before.
Trump to seek consensus on China pressure with France's Emmanuel Macron (Foreign Brief) President Trump is set to meet with French President Emmanuel Macron today in Normandy. The two will focus on the
Pentagon, NASA seek industry advice on banning Huawei, ZTE products before August deadline (Inside Cybersecurity) The Defense Department and NASA have announced a public meeting next month to get industry advice and concerns about implementing a ban on federal purchases of telecommunications equipment from China-based companies Huawei and ZTE, prior to an August deadline under the defense authorization law enacted last year.
HikVision's Case Raises Awareness of National Security and Human Rights Risks (NTD News) The Trump administration may place restrictions on five Chinese companies that make surveillance equipment in an effort to ...
Government can’t clearly say what £1.9bn security strategy will achieve, warn MPs (NS Tech) The Cabinet Office has come under fire for failing to clearly articulate what the £1.9bn National Cyber Security Strategy will have achieved by the time it has concluded in 2021. A review by the Publi
Experts Call For IoT Security Regulation (Threatpost) Experts hope to see regulation for connected devices security in 2020.
A Cyber Force for Persistent Operations (Joint Forces Quarterly) Harvard’s Samuel Huntington, then just 27, asked the U.S. Navy in 1954, “What function do you perform which obligates society to assume responsibility for your maintenance?”
Cyber Command’s Strategy Risks Friction With Allies (Lawfare) The U.S. may have to operate in allied networks to adequately check its adversaries. Allies may not be so keen.
Senate Intelligence Committee summons mysterious British security consultant (POLITICO) The committee has asked Walter Soriano for a closed-door interview and documents.
Securing Our Cyber Future (Stanford University) Download the new white paper "Securing American Elections: Prescriptions for Enhancing the Integrity and Independence of the 2020 U.S. Presidential Elections and Beyond," by Stanford scholars affiliated with the new Cyber Policy Center using the button below.
DHS needs help peeking into state and local networks, cybersecurity official says | StateScoop (StateScoop) Rick Driggers, the deputy assistant director of the Cybersecurity and Infrastructure Security Agency, said more information-sharing agreements are needed.
Feds to test North Carolina election computers for hacking (Bismarck Tribune) More than two years after North Carolina check-in software failed on Election Day, federal authorities will finally examine equipment from a company targeted by Russian military
A Push to Protect Political Campaigns from Hackers Hits a Snag (WIRED) The FEC may prevent an anti-phishing firm providing its services to campaigns for free or cheap.
Analysis | The Cybersecurity 202: FEC poised to limit who can give political campaigns free cybersecurity help (Washington Post) Non-profits are OK. Companies, apparently not.
Lawmakers promotes cyber education, accountability in defense bill (FCW) House defense panels think DOD's cyber recruiting efforts -- and cyber tools -- are too spread out to be effective.
Draft NDAA Includes Multiple Requirements for DoD IT (MeriTalk) The House Armed Services Committee draft version of the fiscal year 2020 National Defense Authorization Act (NDAA), released June 3, includes multiple provisions that would increase congressional oversight over multiple Defense Department (DoD) technology initiatives.
Rebel with a cause (C4ISRNET) Chris Lynch reflects on his years guiding the Defense Digital Service and how his
CYBERCOM Official Calls Data Fusion ‘Critical’ Among Intel Agencies (MeriTalk) David Luber, Executive Director and third highest ranking official at U.S. Cyber Command, said today it is vital for intelligence agencies to embark on “data fusion” efforts that will create interoperability of data and data-handling systems between agencies.
Litigation, Investigation, and Law Enforcement
Kelkoo contacts US antitrust authorities over Google (Computing) Kelkoo believes that not enough is being done in Europe to tackle Google's unfair promotional practices.
’A bad, sad and dangerous day’: Australian police raid public broadcaster, seize emails and documents (Washington Post) Federal police reviewed thousands of documents related to the Australian Broadcasting Corporation's reporting on misconduct by soldiers in Afghanistan.
Meg Whitman: Mike Lynch's conduct during HP's Autonomy takeover was 'completely unnacceptable' (Computing) Whitman claims that Lynch only informed her of impending quarterly revenue shortfalls at Autonomy at 'the eleventh hour'.
Despite disclosure laws, cybercrime may be widely underreported (Help Net Security) ISACA's 2019 State of Cybersecurity Study found that attack volume will increase and cybercrime may be vastly underreported.
Tennessee Valley Authority Isn't Compliant with Federal Directives (Infosecurity Magazine) The review was part of an annual audit plan to ensure the TVA's websites and emails were federally compliant.
ATM skimming crook behind bars after draining bank accounts for 2 years (Naked Security) A multi-state ATM card-skimming spree netted his gang over $800k from 531 people’s bank accounts.
Judge allows racist FB page as evidence in fatal stabbing of newly commissioned 2nd lieutenant (Army Times) Racist memes on a cellphone and a racist Facebook page can be used as evidence in the trial of a white man charged with murder and a hate crime in a black student’s fatal stabbing on the University of Maryland’s campus, a judge ruled Wednesday.