The CyberWire Daily Briefing 6.17.19

Cyber Attacks, Threats, and Vulnerabilities

How a cyber attack hampered Hong Kong protesters (MENAFN) Massive public proteststaking place in Hong Kong over the past week are aimed at a new extradition law, known as the Fugitive...

U.S. Escalates Online Attacks on Russia’s Power Grid (New York Times) The Trump administration is using new authority to take more aggressive digital action in a warning to Moscow and in a demonstration of its abilities.

New York Times: US ramping up cyber attacks on Russia (CNN) The US is escalating cyber attacks on Russia's electric power grid and has placed potentially crippling malware inside the Russian system, The New York Times reported Saturday.

US ramping up digital attacks on Russia's power grid: report (TheHill) The U.S. is reportedly ramping up attacks on Russia's electric power grid.

U.S. Ramps Up Online Attacks on Russian Power Grid, NYT Says (Bloomberg) Aggressive staging of malware described as warning to Putin. U.S. has probed Russian electric grid since at least 2012.

US Cyber Command has reportedly been aggressively targeting Russia’s electrical grid (The Verge) Officials describe their efforts as more aggressive than they would have contemplated a few years ago

US Cyber Command is reportedly going on offense against Russia's power grid (Task & Purpose) U.S. Cyber Command is reportedly going on offense against Russia's power grid by placing "potentially crippling malware" in its systems, The New York Times reported Saturday.

US Steps Up Cyber Attacks on Russia’s Power Grid - Report (Sputnik) The report comes a year after President Trump handed over the digital offence and defence domain to a narrowly specialised Pentagon arm called the US Cyber Command.

Trump slams NYT report on U.S. cyberattacks against Russia (POLITICO) Trump called the story "a virtual act of Treason."

Trump appears to confirm cyberattack against Russian entity during midterms (CNN via NBC 2) President Donald Trump appeared to confirm that the United States had conducted a cyberattack against a Russian entity during last year's midterm elections in an...

Hackers behind dangerous oil and gas intrusions are probing US power grids (Ars Technica) Group responsible for safety tampering Triconex malware has expanded, researchers say.

50 million people lose electricity in South American blackout (Quartz) Argentina and Uruguay have come to a screeching halt, while parts of Chile, Paraguay, and Souther Brazil are also affected by the unprecedented outage.

‘Massive Failure’ in Power Grid Causes Blackout in Argentina and Uruguay (New York Times) The blackout, whose cause was unclear, may have affected a population greater than California’s in an area four times the size of Texas.

Argentina Isn’t Ruling Out a Cyberattack in Major Power Outage (Bloomberg) Argentina said it isn’t ruling out a cyberattack after what President Mauricio Macri called an “unprecedented” power blackout struck five South American countries on Sunday.

Power mostly restored after massive blackout in Argentina, but... (Reuters) Power returned to much of Argentina and two neighboring countries following a ma...

EU accuses Russia of spreading misinformation on social media (HackRead) Apparently, Russia has carried out several activities attributed to continuous disinformation, with the purpose of suppressing voter turnout in voting sessions, in addition to influencing their preferences.

Report on the implementation of the Action Plan Against Disinformation (European Commission) Protecting our democratic processes and institutions from disinformation is a major challenge for our societies. In order to tackle this challenge, the EU has put in place a robust framework for coordinated action which is fully in line with our European values and fundamental rights.

Twitter Shuts Down 5000 State-Sponsored Accounts (Infosecurity Magazine) Social network closes down further inauthentic behavior on site

Information operations on Twitter: principles, process, and disclosure (Twitter) Information operations on Twitter: principles, process, and new disclosures

Microsoft Operating Systems BlueKeep Vulnerability (US-CERT) The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems (OSs), including both 32- and 64-bit versions, as well as all Service Pack versions:

Ransomware: A Persistent Scourge Requiring Corporate Action Now (Threatpost) ASCO is the latest headline-making organization to be hit by ransomware, prompting many companies to consider what to do to minimize their risk.

Security researcher finds critical XSS bug in Google's Invoice Submission Portal (ZDNet) Security bug would have allowed hackers access to one of Google's backend apps.

Study finds that a GPS outage would cost $1 billion per day (Ars Technica) 90 percent of the technology's financial impact has come since just 2010.

The biggest Microsoft Azure security issues you need to know about (CRN Australia) Azure introduces a unique set of challenges to grapple with.

Hardware Security Keys Keep Getting Recalled; Are They Safe? (How-To Geek) We recommend hardware security keys like Yubico’s YubiKeys and Google’s Titan Security Key. But both manufacturers have recently recalled keys due to hardware flaws, and that sounds a little worrying. What’s the problem? Are these keys still safe?

Responds: Woman Loses Entire Life Savings In Wire Fraud Scam (NBC10 Boston) Bank wire transfers are fast and final, making them an appealing target for scammers. A Harvard University faculty member learned that the hard way. Christine Lu recently fell victim to a scam and lost...

Target Stores Hit by Technical Snafus Over Weekend (Wall Street Journal) Technical problems at Target stores this weekend frustrated shoppers, who were unable to make purchases for two hours on Saturday or use a credit card at some stores on Sunday.

Millions of Venmo transactions scraped in warning over privacy settings (TechCrunch) A computer science student has scraped seven million Venmo transactions to prove that users’ public activity can still be easily obtained, a year after a privacy researcher downloaded hundreds of millions of Venmo transactions in a similar feat. Dan Salmon said he scraped the transactions dur…

AMCA data breach has now gone over the 20 million mark (ZDNet) Healthcare billing vendor got hacked last year and hackers put patient data for sale online.

'Elaborate' Uni Fraud Scamming Aussie Businesses Of Millions (10 daily) A new phone and email scam has swindled Australian business owners more than one million dollars in just a matter of weeks, police have warned.

Phishing Scam Asks You to Login to Read Encrypted Message (BleepingComputer) A new phishing campaign is underway that pretends to be an alert from your email server that it has received an encrypted message for you. It then prompts you to login to a fake OneDrive site in order to read the message.

YouTube Testimonials Lure Patients to Shady Stem-Cell Clinics (WIRED) Emotional videos, often paid for by clinics, are attracting desperate patients to unproven stem-cell treatments that can be dangerous—or even deadly.

Security Patches, Mitigations, and Software Updates

Microsoft Urges Azure Customers to Patch Exim Worm (Infosecurity Magazine) Threat is targeting millions of globe’s email servers

Chrome 76 beta blocks Flash by default, stops Incognito detection, lets sites auto-enable dark modes, more (9to5Google) Following version 75's release on Android, Mac, Windows, and Linux, the next beta release of Google's browser is rolling out. Chrome 76 beta features...

Cyber Trends

Data Privacy and Security: Why Mobile Apps are the New Weak Link (Infosecurity Magazine) Mobile apps are the new weak link when it comes to user data and privacy abuse

Endpoints and Endpoint Security: A Brief History (Webroot) To many people, the term “endpoint” just means a computer or server connected to some kind of network. But the real definition is much more broad—an endpoint can actually be a desktop, laptop, server, workstation, tablet, or even a smartphone. While computational devices have, in fact, existed for thousands of years, modern endpoints and their security have a very recent history.

Cybersecurity: From both sides of the fence (Federal News Network) Mark Testoni, CEO of SAP National Security Services, explains how new technologies can help federal agencies solve their cybersecurity problems.

Republican lawmaker pulled from keynote at cyber conference (Fifth Domain) Critics pointed to the Texan's record on women's issues

Analysis | The Cybersecurity 202: Will Hurd controversy shows security community can no longer avoid partisan politics (Washington Post) Black Hat's decision to cancel his keynote over his antiabortion views is dividing security pros.

The New Wilderness (Idle Words) The need to regulate online privacy is a truth so universally acknowledged that even Facebook and Google have joined the chorus of voices crying for change.

Tim Cook on Silicon Valley: 'If you’ve built a chaos factory, you can’t dodge responsibility for the chaos' (Silicon Valley Business Journal) Delivering Stanford's commencement speech on Sunday, Apple CEO Tim Cook took subtle jabs at companies like Facebook and Theranos, made the case for a privacy-focused digital future, and shared the personal struggle he went through in the wake of Apple co-founder Steve Jobs' death.

Governing Over Critical Data in the Internet of Things (Infosecurity Magazine) How can government entities better secure their IoT devices and endpoints?

Marketplace

Huawei Expects $30 Billion Revenue Hit From U.S. Clampdown (Wall Street Journal) The U.S. campaign against Huawei Technologies is taking a toll, with the company’s founder forecasting a hit to revenue of about $30 billion over the next two years.

Report: Huawei expects international smartphone shipments to plummet (TechCrunch) A month after being placed on a trade blacklist by the Trump administration, Huawei is reportedly steadying itself for international shipments of its smartphones to decline by 40% to 60%. According to a report in Bloomberg, Huawei may end up pulling shipments of the Honor 20, its flagship phone for…

Huawei says it's readying possible Hongmeng software roll-out (CRN Australia) Replacing US Android OS.

Why is Huawei seeking $1 billion patent deal with Verizon? (ETCIO.com) Patent licensing is very common, particularly in complex industries like telecommunications.

Broadcom warns US$2b in lost sales with Huawei ban (CRN Australia) Shares of other chipmakers also fall.

Pioneer of Next Generation Email Security, IRONSCALES, Closes $15 Mill (PRWeb) IRONSCALES, the world’s first automated phishing prevention, detection and response platform, today announced that it has closed a $15 million S

Telstra Ventures' investment in CyberGRX profiled in THE AUSTRALIAN (Telstra Ventures) Telstra Ventures has invested in third party risk innovation company CyberGRX.

Bristol's Graphcore burns through $60m as it tries to bring AI chips to market (The Telegraph) British chipmaking start-up Graphcore has burned through more than $50m (£39m) in one year as it seeks to get its AI-powered silicon chips onto the market and into data centres and driverless cars.

Meet The World's Most Valuable AI Startup: China's SenseTime (Forbes) Chinese company SenseTime has only been around for four years, but it is already one of the world’s leaders in AI and machine vision. The company’s technology is impacting not only China but other countries.

Here’s how CrowdStrike Holdings performed after its IPO (Fifth Domain) Crowdstrike Holdings Inc. traded as high as 97 percent over its initial public offering price June 12, according to MarketWatch.

These CrowdStrike IPO winners' stakes are now worth billions (Silicon Valley Business Journal) Three early investors in the Sunnyvale cloud security business each have stakes of more than $1 billion.

‘Have I Been Pwned’ is for sale, but what is it worth and who will buy it? (CSO Online) The question in my mind about Have I Been Pwned has always been about the value of the service aside from the brilliant analysis and PR generated by its creator, Troy Hunt.

Lockheed Martin venture arm makes another big play (Washington Business Journal) This is a proof-of-concept artificial intelligence chip that was developed by Austin startup, Mythic, which is the latest investment for Lockheed Martin Ventures.

Products, Services, and Solutions

New infosec products of the week: June 14, 2019 (Help Net Security) New infosec products this week include releases from Aruba Networks, Avast, Edgewise Networks, HID Global, Orca Security, Secbi and Skybox Security.

Keyfactor and Thales Address Code Signing Cyber-Attacks Targeting Businesses (BusinessWire) Security leaders announce industry-first code signing product

Sequoia Launches Combine 6.0 for AWS, Expanding Cloud Orchestration to Enterprise Customers (PR Newswire) Today, Sequoia Holdings LLC., a leading provider of software engineering solutions for the defense and intelligence...

Technologies, Techniques, and Standards

Cellebrite Says It Can Unlock Any iPhone for Cops (WIRED) In a strangely public product announcement, the phone-cracking firm revealed a powerful new device.

DNS hijacking grabs headlines, but it’s just the tip of the iceberg (CSO Online) DNS pioneer Paul Vixie contemplates missed opportunities for improving internet security and advocates for widespread use of DNSSEC, which he helped create, and which he believes would go a long way toward improving DNS security.

How contractors can guard against cyber intrusions (Fifth Domain) Contractors, facing an increasing barrage of cyber intrusions by foreign entities, should protect themselves using traditional regulatory approaches but also new techniques such as blockchain and artificial intelligence, according to a new report from Deloitte.

Good riddance, GandCrab! We’re still fixing the mess you left behind. (Bitdefender Labs) On January 28th 2018, our analysts on watch saw a small blip pop up on the Bitdefender Threat Map. It was one of millions of blips we see daily here at Bitdefender, but that blip marked the birth of a new family of ransomware that would cause great pain to... #decryption #GandCrab #lawenforcement

Remove [My0day@aol.com].0day ransomware (Virus Removal Guide) (MalwareTips Guides) This guide teaches you how to remove [My0day@aol.com].0day ransomware for free by following easy step-by-step instructions.

It's Time to Switch to a Privacy Browser (WIRED) Ad trackers are out of control. Use a browser that reins them in.

Army project develops first cyber agility framework to train officials to out-maneuver cyber attacks (U.S. Army Research Laboratory) To help train government and industry organizations on how to prevent cyberattacks, as part of a research project for the U.S. Army, scientists at The University of Texas at San Antonio, developed the first framework to score the agility of cyber attackers and defenders.

Pentagon, VA say new joint office will assume authority for multibillion-dollar EHR projects (Federal News Network) Federal Electronic Health Record Modernization program office will be a single point of accountability for EHR modernization, but lawmakers are skeptical.

Design and Innovation

This neural network detects whether faces have been Photoshopped (TechCrunch) Using Photoshop and other image manipulation software to tweak faces in photos has become common practice, but it's not always made clear when it's been done. Berkeley and Adobe researchers have made a tool that not only can tell when a face has been Photoshopped, but can suggest how to undo it.

Europol Gamifies Cryptocurrency Crime Prevention (Infosecurity Magazine) Policing organization hails success of industry conference

Does Google not realize Beto O’Rourke is running for president? (Quartz) Google has been treating some Beto campaign ads as if they weren’t political, raising questions over whether it's capable of keeping its promise of ad transparency.

'This Is Censorship': Pinterest Is Latest Tech Company Dragged Into Culture Wars (Fortune) An anti-abortion group says its content is blocked on Pinterest.

Twitter Bans Conservatives Reporting On Big Tech's Abortion Activism (The Federalist) Twitter once again censors pro-life content, choosing to enforce their 'rules' only when it shields the pro-abortion mob.

Academia

US Cyber Challenge Eastern Regional Cyber Camp (Virginia Tech) Weeklong camp for students comprised of cyber security workshops, labs, and a competition held on the last day. The camp will focus on topics such as intrusion detection, penetration testing, and forensics. Workshops will be taught by instructors from the SANS Institute, the largest source for information security training and certification in the world. The overall objective is to attract as many talented and skilled people as possible to this field of study and career path.

Legislation, Policy and Regulation

4 new members for NATO cyber defense organization (Fifth Domain) A NATO cyber defense organization welcomed four new member nations: Bulgaria, Denmark, Norway, and Romania.

The background you need on the Hong Kong protests (BBC News) There's a lot of important context that explains why people in Hong Kong are taking to the streets.

Hong Kong’s Retreat Chips Away at Xi Jinping’s Iron Image (New York Times) The suspension of legislation to extradite suspects to China was the biggest political reversal of Xi Jinping’s years in power. Will it undermine his rule?

Hong Kong protesters return to demand Carrie Lam’s resignation (Times) Protesters in Hong Kong turned out in their hundreds of thousands today to demand the resignation of their chief executive, Carrie Lam, the day after she pulled back from a bitterly unpopular law...

How Hong Kong’s Unrest Plays to Beijing’s Hawks (Foreign Policy) Hard-liners say the protests only prove that America’s hidden hand is everywhere.

Xinjiang Visit by U.N. Counterterrorism Official Provokes Outcry (Foreign Policy) Rights activists say upcoming trip by U.N. diplomat could reinforce Beijing’s line that Uighur activists are terrorists.

Cyber and space threats reshaping defence strategy (ABC Radio) The US army has realised that more than a decade running counter-terror operations in Iraq and Afghanistan has left it lacking in taking on nation states in war. PM speaks to General John "Mike" Murray, the commanding general with the US Army Futures Command.

The United States Needs an Information Warfare Command: A Historical Examination (War on the Rocks) Recently, the House and Senate have been evaluating Defense Department plans to set up a new Space Force. However, without any fanfare, a more important

Litigation, Investigation, and Enforcement

After Equifax breach, US watchdog says agencies aren’t properly verifying identities (TechCrunch) A federal watchdog says the government should stop relying on the credit agencies to verify the identifies of those using government services. In a report out this week, the the Government Accountability Office said several government departments still rely on the credit agencies — Equifax, Experia…

Hurdles To Certifying A Cyber-Attack Class Action (Mondaq) A recent decision from the Ontario Superior Court of Justice highlights some of the difficulties plaintiffs might face when seeking to certify a class action relating to the disclosure of personal information from a cyber-attack. Canada Litigation, Mediation & Arbitration Goodmans LLP 16 Jun 2019

With a new team of prosecutors, the Navy takes a final shot at SEAL Eddie Gallagher (Navy Times) Jury selection begins in the war crimes case on Monday, with a trial expected to kick off two days later.

Justice Department creates task force to help find schemes targeting seniors (Federal News Network) In today’s Federal Newscast, a provision in the annual Defense bill the Senate Armed Services Committee released this week would order a top-to-bottom review of the contractor…

Cop arrested following explicit chat with bogus 16yo girl (Naked Security) A male college student Snapchat-filtered himself into a young girl and went out to catch a predator. The first one he caught was a Californian cop.

Porn trolling mastermind Paul Hansmeier gets 14 years in prison (Ars Technica) Judge blasts Hansmeier for "almost incalculable" harms to justice.

Bring your own context.