Cyber Attacks, Threats, and Vulnerabilities
Threat Proliferation in ICS Cybersecurity: XENOTIME Now Targeting Electric Sector, in Addition to Oil and Gas (Dragos) The most dangerous threat to ICS has new targets in its sights. Dragos identified the XENOTIME activity group expanded its targeting beyond oil and gas to the electric utility sector. This expansion to a new vertical illustrates a trend that will likely continue for other ICS-targeting adversaries.
SECURITY: 'Most dangerous' hackers targeting U.S. utilities — report (E&E News) Some of the world's most infamous hackers have zeroed in on the U.S. power sector in recent months, according to a nonpublic alert issued by the North American Electric Reliability Corp. and new research.
The Highly Dangerous 'Triton' Hackers Have Probed the US Grid (WIRED) The same hackers behind a potentially lethal 2017 oil refinery cyberattack are now sniffing at US electrical utility targets.
Telegram: Hackers in China Disrupted Service During Hong Kong Protests (Defense One) Bogus signals inundated an encrypted-messaging service that helped demonstrators coordinate, the company says.
Telegram founder links cyber attack to China (BBC News) The messaging service suffered a massive cyber attack during violent protests in Hong Kong on Wednesday.
Surveillance-Savvy Hong Kong Protesters Go Digitally Dark (SecurityWeek) Hong Kong's tech-savvy protesters are going digitally dark as they try to avoid surveillance by disabling location tracking on their phones, buying train tickets with cash and purging their social media conversations.
Hong Kong protests: activists call for further action (Guardian) People urged to continue protests after day of violent clashes with policeWhat are the Hong Kong protests about?
How Surveillance Cameras Could Be Weaponized With A.I. (New York Times) Advances in artificial intelligence could supercharge surveillance cameras, allowing footage to be constantly monitored and instantly analyzed, the A.C.L.U. warned in a new report.
‘Chinese’ cyber spies accused of targeting key belt and road players (South China Morning Post) Annual report by US security firm FireEye says the group has been collecting business intelligence focusing on sectors such as engineering, transport and defence.
Ransomware disrupts worldwide production for Belgian aircraft parts maker (Help Net Security) Belgian manufacturer of aerospace components ASCO Industries has been hit with ransomware, which ended up disrupting its production around the world.
Experts: Spy used AI-generated face to connect with targets (AP NEWS) Katie Jones sure seemed plugged into Washington's political scene. The 30-something redhead boasted a job at a top think tank and a who's-who network of pundits and experts, from the...
Fake online videos growing corporate threat: Cybersecurity expert (Fox Business) A cyber security expert says U.S. corporations may becoming more susceptible to the threat and harm caused by bogus online videos.
Millions of Exim Mail Servers Are Currently Being Attacked (BleepingComputer) Millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions are currently under siege, with attackers gaining permanent root access via SSH to the exploited machines according to security researchers.
Exim email servers are now under attack (ZDNet) Almost half of the internet's email servers are now being attacked with a new exploit.
Aircraft Parts Maker ASCO Severely Hit by Ransomware (SecurityWeek) ASCO, a Belgium-based company that provides aircraft parts to Airbus, Boeing and Lockheed Martin, has been severely hit by a ransomware attack.
Criminal campaign uses leaked NSA tools to set up cryptomining scheme, Trend Micro says (CyberScoop) Since March, criminals have been using hacking tools that were reportedly stolen from the National Security Agency in targeting companies around the world as part of a cryptomining campaign, researchers with cybersecurity company Trend Micro said Thursday.
Critical Flaw in Evernote Add-On Exposed Sensitive Data of Millions (BleepingComputer) A critical flaw in the Evernote Web Clipper Chrome extension could allow potential attackers to access users' sensitive information from third party online services.
Ad Stacking targets in-app video: Buyers poised to pay 9X the impression cost (The Media Trust) Pat Ciavolella writes about a large-scale ad stacking incident with digital buyers poised to pay 9 times the cost of an in-app video impression
Facebook keeps deepfake of Mark Zuckerberg (Naked Security) “Whoever controls the data, controls the future,” says the evil Zuck, who, according to the platform’s current policy, won’t be taken down.
XSS Vulnerability Exposed Google Employees to Attacks (SecurityWeek) A researcher discovered an XSS vulnerability that could have been exploited to attack Google employees and possibly gain access to invoices and other sensitive information.
A devastating exploit using 'ticking-bomb' BlueKeep is "only weeks away" (SC Magazine) BlueKeep vulnerability could prove more serious than EternalBlue, the vulnerability that was exploited by the WannaCry attacks, and an attack exploiting BlueKeep is now only weeks away say some experts.
Microsoft’s battle with SandboxEscaper zero days turns into grim Groundhog Day (Naked Security) Why is SandboxEscaper releasing vulnerabilities in such an irresponsible way? It matters not – Microsoft must patch what’s in front of it whatever the backstory.
Symantec breach revealed client list, passwords: report (CRN Australia) Vendor's Australian demo lab suffered data breach in February.
SEC security alert warns about misconfigured NAS, DBs, and cloud storage servers (ZDNet) SEC OCIE inspections finds that companies have failed to properly secure network-accessible storage systems.
WAGO Industrial Managed Switches 852-303, 852-1305, and 852-1505 (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 9.8ATTENTION: Exploitable remotely/low skill level to exploitVendor: WAGOEquipment: Industrial Managed Switches 852-303, 852-1305, and 852-1505Vulnerabilities: Use of Hard-coded Credentials, Use of Hard-coded Cryptographic Key, Using Components with Known Vulnerabilities2.
Critical Vulnerabilities Found in WAGO Industrial Switches (SecurityWeek) Several serious vulnerabilities have been found by a researcher in WAGO 852 industrial managed switches.
Johnson Controls exacqVision Enterprise System Manager (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 6.7Vendor: Johnson ControlsEquipment: exacqVision Enterprise System Manager (ESM)Vulnerability: Improper Authorization2. RISK EVALUATIONSuccessful exploitation of this vulnerability could allow malicious code execution.
BD Alaris Gateway Workstation (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 10.0ATTENTION: Remotely exploitable/low skill level to exploitVendor: (BD) Becton, Dickinson and CompanyEquipment: Alaris Gateway WorkstationVulnerabilities: Improper Access Control, Unrestricted Upload of File with Dangerous Type2.
Medical infusion-pump system has two serious bugs, researchers say (CyberScoop) Researchers have found two vulnerabilities in a type of infusion-pump system, which hospitals used to administer medication, that they say could allow a hacker to disable the device, infect it with malware, or create false readings. The vulnerabilities are in a pump system known as the Alaris Gateway Workstation made by Becton, Dickinson and Company (BD), a New Jersey-based medical equipment vendor.
Gaming's All Fun and Games Till Someone Gets Hacked (Infosecurity Magazine) The gaming industry is increasingly the target of cyber-criminals looking to turn a quick profit.
Baltimore won't be able to send water bills again this month as ransomware recovery continues (Baltimore Sun) As the city digs out from the ransomware attack, officials said they would be unable to send water bills in June.
Baltimore officials rebuffed offers of state help for a 'week' after crippling hack of city computers (Baltimore Sun) Baltimore refused help from Maryland information technology experts in the first week after the city’s computer networks were shut down by a ransomeware attack
City of Burlington defrauded out of $503,000 due to phishing scam (Global News) The city of Burlington says it has been defrauded out of more than half a million dollars due to a "complex phishing email".
Majority of FTSE 250 Companies Expose Multiple Weaknesses to Internet: Analysis (SecurityWeek) Rapid7 analyzed the visible cyber exposure of some of the UK's largest companies, and several internet-exposed security weaknesses.
Security Patches, Mitigations, and Software Updates
Cisco alert: Patch this dangerous bug open to remote attacks via malicious ads (ZDNet) Cisco discloses a new high-severity bug in the web interface of its IOS XE software for switches and routers.
Intel joins Patch Tuesday with 11 security updates (SC Magazine) The three most critical patches cover three product categories: Intel Accelerated Storage Manager in Intel Rapid Storage Technology Enterprise, Intel NUC PC and Intel Raid Web Console 3 for Windows
Yubico to replace vulnerable YubiKey FIPS security keys (ZDNet) Yubico staff discovers bug in YubiKey FIPS Series keys; offers replacements for affected customers.
Cyber Trends
Why hackers ignore most security flaws (Axios) Not every security hole turns out to be worth exploiting.
The 2019 A.T. Kearney Global Services Location Index (A.T. Kearney) Automation and cybersecurity are increasingly becoming key factors in outsourcing decisions.
AI Can Thrive in Open Societies (Foreign Policy) The belief that China’s surveillance gives it an advantage is misleading—and dangerous.
Americans Worried About Digital and Physical Security in Large Venues (Mobile ID World) The 2019 Unisys Security Index suggests that people are increasingly worried about their safety in large venues, with digital security being another concern
Phishing of SaaS and Webmail Brands Surpasses Phishing Attacks on Payment Brands for the First Time | HostReview.com (HostReview.com) According to the APWG’s new Q1 2019 Phishing Activity Trends Report, users of Software-as-a-Service (SaaS) and webmail services are being target
Marketplace
DoD to Streamline Cyber Acquisition With New Certification Model (Meritalk) The Defense Department (DoD) Office of Under Secretary Acquisition of Sustainment is creating a new certification model to streamline DoD’s cybersecurity acquisition processes, Special Assistant to DoD’s Assistant Secretary of Defense Acquisition for Cyber Katie Arrington said at the Professional Services Council Federal Acquisition Conference today.
The new way security factors into acquisitions (Fifth Domain) Department of Defense leaders said they are willing to pay more for security measures in defense systems bought from contractors.
General Dynamics CEO ‘alarmed’ by tech industry reaction to Pentagon (Defense News) Phebe Novakovic is warning that internal tensions in the United States could be more dangerous than external ones.
Cybersecurity Turns To Crowdsourcing Amid Hiring Woes (PYMNTS.com) Cybersecurity is one of the main tasks in the world of digital commerce and payments, and it’s a task that is getting more attention from consumers, companies, regulators and others. But there’s a big problem in this realm — a shortage of cybersecurity experts, the people with the training and expertise to defend retail and […]
Inner Loop Capital Launches $2.6M Syndicate Fund to Invest in D.C. Area Seed-Stage Founders Building Venture-Scale Companies (Yahoo) Justin Label, former Partner at Bessemer Venture Partners, leads investments on behalf of eight L.P.’s, anchored by Ron and Cyndi Gula, formerly of Tenable Network Security, Inc.
General Electric wants to sell its stake in more than 100 start-ups (CNBC) Sources tell CNBC that GE Ventures, the corporate venture arm for GE, is looking to sell off its entire portfolio of investments.
IBM launches accelerator program to help startups grow and prioritize security - MedCity News (MedCity News) The program is open to early-stage health tech and fintech startups that are pre-Series A, less than five years old and have less than $1 million in revenue. The application deadline is 5 PM PT on July 31, 2019.
Huawei trademarks its own mobile OS following US ban (Engadget) And it's continued to be vocal about the ban's security implications.
CrowdStrike Joins Cybersecurity Winning Streak (Wall Street Journal) All the fretting about online privacy and security is paying off for some investors. Shares of cybersecurity company CrowdStrike jumped on their second day of trading, rising to nearly double their IPO price.
China has targeted 'every top US company', says CrowdStrike chief (The Telegraph) Chinese hackers have targeted every Fortune 500 company, according to George Kurtz, the boss of CrowdStrike after the cybersecurity company debuted in New York with an $11bn (£8.
How CrowdStrike's $11bn valuation compares with its rivals (CRN) CrowdStrike's IPO yesterday saw its share price quickly rise over 70 per cent
CrowdStrike IPO success puts spotlight on endpoint security (SearchSecurity) The CrowdStrike IPO earned the company a valuation of more than $11 billion. The endpoint security vendor made its Wall Street debut Wednesday and opened trading at $63.50 a share.
The UTC-Raytheon deal highlights the changing nature of war (The Economist) Better to fight the next one than the last
Spring Labs raises $23M to stop loan fraud with blockchain technology (Built In Chicago) Spring LabsFinancial information is extremely sensitive. If bad actors get their hands on it, they can potentially ruin your life.
Palo Alto Networks Completes Acquisition of PureSec (PR Newswire) Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, announced today that it has completed its...
Capstone Headwaters Advises Rook Security on its Acquisition by Sophos (Capstone Headwaters) Indianapolis, Ind. - Capstone Headwaters, a leading international investment banking firm, advised Rook Security on its acquisition by Sophos (LSE: SOPH). Barnes & Thornburg LLP served as legal counsel to Rook on the transaction. Terms of the deal were not disclosed.
Top 100: Booz Allen pushes into second century with AI focus (Washington Technology) Booz Allen Hamilton is over 100 years old and sees a bright future marrying cutting edge technology to its management consulting legacy.
Security Industry Association Announces 2019 Legislator of the Year Award Winners (Security Industry Association) Sens. Amy Klobuchar and Deb Fischer and Rep. Donald Payne, Jr., will be honored at SIA GovSummit 2019 in Washington, D.C.
Deborah Golden to Lead the US Cyber Practice for Deloitte Risk and Financial Advisory (Yahoo) Deloitte today announced Deborah Golden, principal, Deloitte & Touche LLP, as the new leader of its U.S. cyber practice. A respected authority on cyber issues to boards, industries and organizations, Golden specializes in collaborating with clients on cybersecurity
Products, Services, and Solutions
RedSeal Launches New Suite of Professional Services to Accelerate Hybrid Network Modeling and Enhance Risk Management (West) Cybersecurity services increase productivity for resource-constrained security teams
Open Bug Bounty pursues a steady growth in 2019 with over 212,148 fixed vulnerabilities (Open Bug Bounty) Hi Folks, Some inspiring statistics [January – June 2019] of our community for your attention...
Advanced security analytics for all your CloudGen Firewall deployments. (Barracuda Networks) Retrieve, analyze, and report all the data you need to manage your large, complex WAN without the overhead and cost of error-prone manual processing.
Identity Automation Launches VIP Partner Program to Fuel 2.0 Growth Strategy (Identity Automation) Identity Automation today announced the launch of the Identity Automation Partner Program - VIP as the next piece of its 2.0 growth strategy.
New MiFi® 8000 Mobile Hotspot Delivers Gigabit LTE Speeds to Sprint Customers (BusinessWire) Inseego Corp. (Nasdaq: INSG), a pioneer in 5G and intelligent IoT device-to-cloud solutions, today announced the MiFi® 8000 Mobile Hotspot, Sprint’s f
5G, the end of location privacy? (Silent Pocket) As 5G is starting to become a reality with our smartphones and their carriers, but at what cost? 5G cellular network has a much smaller broadcast range than the 4G networks at current, which means more cell towers overall.
Threat Stack and JASK speeding incident response times, improving productivity (Help Net Security) Threat Stack and JASK to help security operations teams reduce the time and effort needed to detect and respond to cloud security incidents.
inSOC Launches ONE STOP SOC at dattoCON19 (PR Newswire) Formed in 2018 by CEO Eric Rockwell, CIO Jeff Gulick and CFO Dave Watts, inSOC's mission is to enable MSPs and MSSPs ...
GraceKennedy enters cyber-insurance market (Loop Jamaica) Local insurance provider GK Insurance (GKI) is introducing a cyber-insurance product designed to help businesses and individuals survive cyberattacks by offsetting the co
Atos and Virtru announce partnership to offer data security solution for digital workplace (Express Computer) Atos has announced a strategic partnership with Virtru, which will provide global organisations with a joint encryption solution for digital workplace, protecting customer data across cloud-based platforms
Facebook’s New Cryptocurrency Gets Big Backers (Wall Street Journal) Facebook has signed up more than a dozen companies including Visa, Mastercard, PayPal and Uber to back the new cryptocurrency that the social-media giant plans to unveil next week.
Technologies, Techniques, and Standards
Analysis | The Cybersecurity 202: Two leading Democratic 2020 candidates won't say if they've taken basic cybersecurity measures (Washington Post) Biden described some digital protections, but Sanders and Warren wouldn’t.
Common service centres to restart Aadhaar related work within a week (LiveMint) CSC stopped providing Aadhaar-related services after the UIDAI withdrew authorisation from them following debates around data security.There are 3.9 lakh village level entrepreneurs (VLE) that are running common service centres in rural areas across the country
Design and Innovation
Will Analog AI Make Mythic a Unicorn? (Next Platform) There are two trends converging in AI inference and so far, only a small number of companies are enmeshed. The first trend takes us back to the future
Another Big Question in Blockchain Market: Safety. It seems solved! (Forbes) The big question of blockchain market; safety. It seems solved.
Converging on a Better Approach to Security (SecurityWeek) Blending security technology and human intelligence for a “solutions focus” sets organizations up for success and closes the gap on cyber risk.
Research and Development
Top AI researchers race to detect ‘deepfake’ videos: ‘We are outgunned’ (Washington Post) Researchers fear it is only a matter of time before the AI-generated fake videos are deployed for maximum damage — to sow confusion, fuel doubt or undermine an opponent, potentially on the eve of a White House vote.
Academia
Trump administration reviewing foreign money to US colleges (WHSV 3) The U.S. Education Department has opened investigations into foreign funding at Georgetown University and Texas A&M University as part of a broader push to monitor international money flowing to American colleges.
NSA dares students to break the cyber code, and then recruits them (Federal News Network) NSA’s six-year-old program challenges students and others to solve a multi-step cybersecurity problem as a way to expose them to the type of work the agency and the government does.
Legislation, Policy, and Regulation
Broken Net Neutrality Laws Are On the Rise in Europe – So Are the Worries. (My TechDecisions) Concerns about net neutrality rules are on the rise while the European government works with telcos to develop new ones.
Congress Gives 'Hack Back' Legislation Another Try (Dark Reading) Officials reintroduce a bill that would let businesses monitor attacker behavior and target intruders on corporate networks.
Who does what for DoD cyber? Congress wants to know (Fifth Domain) Cyber Command has pointed to recent successes for operating forces globally, but questions remain regarding how it uses forces.
Lawmakers grapple with deepfake threat at hearing (TheHill) The House Intelligence Committee heard alarming testimony Thursday that deepfake videos could be weaponized by foreign adversaries to sow divisions in the United States.
Litigation, Investigation, and Law Enforcement
Facebook Settles Class Action Claiming Company Inflated Video Viewership Metrics (The Hollywood Reporter) Facebook was alleged to have been knowingly overstating viewership by as much as 900 percent.
Senators Question FBI on Russian Hack of Voting Firm (SecurityWeek) Two U.S. senators asked the FBI on Wednesday to explain what it has done to investigate the suspected hack by Russian intelligence of a Florida-based voting software company before the 2016 election.
Suspected New Zealand mosque gunman pleads not guilty (Al Jazeera) Australian-born Brenton Tarrant denies guilt in killing of worshippers at two Christchurch mosques in March.
Julian Assange to appear in court after Javid signs US extradition request (Guardian) Home secretary opens way for court to consider whether Assange should be sent to US
Next step in Assange extradition case due in UK court on Friday (Reuters) WikiLeaks' founder Julian Assange is due before a London court on Friday, f...
Backpacker claims to find a network of hidden webcams in farm stay (Naked Security) In the bug repellent gizmo, in the shower, in the little birds glued to the footboard—all hiding webcams, alleges the Dutch backpacker.