Cyber Attacks, Threats, and Vulnerabilities
The History of Ashiyane: Iran's First Security Forum (Recorded Future) In this analysis, Insikt Group explores the historical links between Iran’s first and largest security forum, Ashiyane Forum, and the Iranian government.
Disclosure of Chilean Redbanc Intrusion Leads to Lazarus Ties (Flashpoint) Flashpoint analysts have linked Chilean Redbanc's December 2018 intrusion to PowerRatankba, a malware toolkit with ties to APT group Lazarus.
Another huge database exposed millions of call logs and SMS text messages (TechCrunch) An unprotected server storing millions of call logs and text messages was left open for months before they were found by a security researcher. If you thought you’d heard this story before, you’re not wrong. Back in November, another telecoms company, Voxox, exposed a database containin…
Old RF Protocols Expose Cranes to Remote Hacker Attacks (SecurityWeek) The use of old and insecure radio frequency (RF) protocols exposes cranes and other heavy machinery to remote hacker attacks, researchers warn.
Ryuk ransomware targets big businesses (TechRadar) New ransomware group waits and gathers intel before attacking large enterprises
Redbanc cyber attack linked to Lazarus group (SC Media) Cyber attack against the Chilean interbank network Redbanc was linked to the North Korean APT group Lazarus.
Researchers Create PoC Malware for Hacking Smart Buildings (SecurityWeek) ForeScout researchers create PoC malware that demonstrates how malicious actors could hack smart buildings and building automation systems.
To raise security awareness, researchers spent months hacking mock building systems (CyberScoop) Security experts have in recent months warned that building-automation lags behind other critical infrastructure sectors when it comes to awareness of cyberthreats and appreciation of their potential impact. Now an 18-month research project, which tested malware and exploits on gear made by top vendors, is trying to change that.
Decades-Old Flaws Found in SCP Clients (Decipher) Several SCP clients, including OpenSSH, are vulnerable to a set of bugs that can allow an attacker to download arbitrary files.
Fortnite security issue would have granted hackers access to accounts (ZDNet) Check Point recommends that Fortnite players enable two-factor authentication (2FA) for their accounts.
Hacking Fortnite (Check Point Research) Research by: Alon Boxiner, Eran Vaknin and Oded Vanunu, January 16th, 2018 Played in a virtual world, players of ‘Fortnite’, the massively popular game from game developer Epic Games, are tasked with testing their endurance as they battle for tools and weapons that will keep them secure and the ‘last man standing’. In the last... Click to Read More
Fortnite's Vulnerability: Only the Secure Survive (Check Point Software Blog) Check Point discovered security vulnerabilities in Fortnite's login process that could have allowed a threat actor to take over the account of any user, view their personal account information, purchase virtual in-game currency and eavesdrop on in-game chatter as well as home conversations.
Kids playing Fortnite are boosting organised crime (European Union Anti Corruption ) The virtual currency of Fortnite, a massively popular video game, is being used to launder money, according to the Independent. Though the game is free, additional items can be bought, such as outfits and weapons. It is now a firm favourite with the underworld. Criminals use stolen credits cards to purchase the in-game currency, and...
Researchers Uncover Serious Flaws in Access Management System (Decipher) Tenable Security researchers have found a series of flaws in the PremiSys access management system that can allow admin access to the application.
Report: We Tested 5 Popular Web Hosting Companies & All Were Easily Hacked (Website Planet) The goal of this research was to try and see if websites hosted on Bluehost, Dreamhost, HostGator, OVH, or iPage could be compromised with one click client-side vulnerabilities. Unfortunately, we found at least one client-side vulnerability in all the platforms we tested, allowing account takeover when the victim clicks a link or visits a malicious …
Ransomware Claims to Fund Child Cancer Treatments (BankInfo Security) Ransomware attacks continue, with the city of Del Rio, Texas, saying its operations have been disrupted by crypto-locking malware. Meanwhile, CryptoMix urges
CryptoMix Ransomware Exploits Crowdfunding Sites for Child Cancer Treatment (Coveware) A recent CryptoMix Ransomware campaign is exploiting real crowdfunding sites set up to benefit children’s cancer treatment.
Blockchain burglar returns some of $1m crypto-swag (Naked Security) In an interesting move for villainy, a thief who stole over $1 million from the Ethereum Classic blockchain has given some of it back.
Israel company admits spying on Emir of Qatar (Middle East Monitor) The CEO of Israeli spyware company NSO Group has admitted that its software was used to spy on the Emir of Qatar. In an interview with Yedioth Ahronoth this weekend, Shalev Hulio admitted that his...
Cybercrime Gangs Advertise Fresh Jobs, Hacking Services (BankInfo Security) Numerous cybercrime gangs continue to use darknet forums to seek fresh recruits, sell stolen data or advertise hacking services. One recent job listing from the
Security Patches, Mitigations, and Software Updates
Windows 7 extended support to stop in one year's time (Computing) Not planning a migration from Windows 7 this year? You should be…
Windows 7 users get fix for latest updating woe (Naked Security) Microsoft has vexed its Windows 7 users with a misbehaving update that caused licensing and networking errors.
Top Cybersecurity Breaches in 2018 Could Have Been Avoided, According to Cybersecurity Firm, VirtualArmour (GlobeNewswire News Room) Several major cybersecurity breaches surfaced last year, from Google, Facebook and British Airways to T-Mobile, Uber and Marriott. Lapses in security exposed the personal data of hundreds of millions of individuals to unauthorized users. These were in addition to the countless number of other breaches around the world that went unreported.
Top five emerging trends in cyber security (Computing) Dr Adrian Nish, Head of Threat Intelligence at BAE Systems, reveals his cyber predictions for 2019. Adrian regularly advises both businesses and governments on cyber breaches...
Palo Alto Networks gets to the ‘root’ of cloud security problems in new report (IT World Canada) Moving to the cloud has pretty much become an imperative for organizations of all sizes, yet the elephant in the room is
WhiteHat Security: Top 10 Application Security Vulnerabilities of 2018 - WhiteHat Security (WhiteHat Security) Today’s applications touch millions if not billions of people on a daily basis. With virtually every business using applications to grow, they are critical to companies’ success—yet the vulnerabilities and risks associated with them continue to increase exponentially. And the proof is in the breach. British Airways, Ticketmaster, the United States Postal Service (USPS), Air …
The Telecom Wars Put Huawei In The Hot Seat (Forbes) Chinese IT giant Huawei’s integral role in building China’s hegemony over the future of 5G, and hence of the future of telecommunications, is finally getting the global scrutiny it deserves.
Shutdown May Have Lasting Effect on Government Cybersecurity Jobs (Credit Union Times) Expert says furloughing cybersecurity specialists creates a vulnerability for government networks.
Zix to acquire AppRiver, cloud-based cybersecurity solutions provider (Help Net Security) The acquisition helps companies expand customer base, enhance threat protection position, and accelerate go-to-market strategy through partnerships.
Check Point to Beef Up Cybersecurity Architecture with ForceNock Buy (Channel Partners) Founded in 2017, ForceNock developed a web application and API protection (WAAP) technology that utilizes machine learning, behavioral and reputation-based security engines, and Check Point plans to integrate the startup's technology into its Infinity total protection architecture.
Imperva to Lay Off Dozens of Employees Following Acquisition by Thoma Bravo (CTECH) The technology investment firm completed Imperva's $2.1 billion acquisition Thursday
Researchers Invited to Hack a Tesla at Pwn2Own 2019 (SecurityWeek) Pwn2Own 2019 introduces automotive category – researchers can earn up to $300,000 and a Tesla Model 3 if they hack a Tesla.
Want to get rich from bug bounties? You're better off exterminating roaches for a living (Register) Before you outsource security to strangers, try boosting internal cybersecurity skills
On Bounties and Boffins - Security Boulevard (Security Boulevard) Trying to make a living as a programmer participating in bug bounties is the same as convincing yourself that you’re good enough at Texas Hold ‘Em to quit your job. There’s data to back this up in Fixing a Hole: The Labor Market for Bugs, a chapter in New Solutions for Cybersecurity by MIT Press.
Booz Allen leader on defense issues stresses move to technology, cybersecurity 'solutions' (Inside Cybersecurity) The head of Booz Allen Hamilton's defense business said the firm has shifted its focus into deeper technology work, including cybersecurity, and is seeking to position itself as a "solutions" provider.
Microsoft continues to build government security credentials ahead of JEDI decision (TechCrunch) While the DoD is in the process of reviewing the $10 billion JEDI cloud contract RFPs (assuming the work continues during the government shutdown), Microsoft continues to build up its federal government security bona fides, regardless. Today the company announced it has achieved the highest level o…
CyberArk: An Ideal Candidate For Acquisition (Seeking Alpha) CyberArk is one of the few IT security companies that is growing at a fast pace while generating profits. The company is an ideal candidate for an acquisition f
Could Splunk Buy Boost Cisco Stock And Fit With Other Purchases? (Investor's Business Daily) Cisco Systems (CSCO) could buy Splunk (SPLK) or Nutanix (NTNX) and return to an acquisition spree that targets software companies, says an RBC Capital analyst. Cisco stock edged down on Monday as the Nasdaq composite fell.
Thales to establish £20m cyber security centre in south Wales (NS Tech) French multinational Thales has joined forces with the Welsh government to develop a £20m cyber security centre in the heart of one of Wales's most deprived regions. The project, dubbed the National D
OTRS Group Joins the National Cyber Security Alliance in Global Effort to Support Data Privacy Day by Becoming a 2019 Champion (OTRS) Each Jan. 28, Hundreds of Organizations and Individuals Collaborate to Generate Awareness About the Importance of Respecting Privacy, Safeguarding Data and Enabling Trust Cupertino, CA, January 15, 2019 – OTRS Group has announced its commitment to Data Privacy Day ‒ an international effort held annually on Jan. 28 to create awareness about the importance of
Cavirin Appoints Industry Veteran Praveen Jain as Chief Technology Officer (Cavirin Systems) Cavirin's newest executive, Praveen Jain, an ex-SVP of engineering at Cisco, brings over 25 years of leadership in innovation, strategy, and execution of products in data centers and cloud businesses,
FIME boosts payment strategy on security and consulting with key hires (FIME) Enhances payment security and consultancy support for banks & retailers.
Exclusive: Local cyber firm beefs up exec team with veteran hires (Washington Business Journal) Its new CMO hails from Virtru and Sonatype.
Products, Services, and Solutions
Mocana Announces Integration with Unified Automation’s High Performance OPC UA SDK (GlobeNewswire News Room) Simplifies Replacement of OpenSSL with Mocana’s FIPS 140-2 Validated Cryptographic Engine
IBM MaaS360 with Watson Among First-Ever Android Enterprise Recommended EMM Solutions (IBM News Room) IBM (NYSE: IBM) today announced that IBM® MaaS360® with Watson™ has been named by Google as an Android Enterprise Recommended solution for company-owned, BYOD, and dedicated devices. Android...
Quali introduces SaaS cloud management platform CloudShell Colony for accelerating DevOps (Help Net Security) CloudShell Colony automates DevOps environments from development to production, while allowing IT and project managers to govern the use of cloud resources.
Pulse Secure launches new vADC Community Edition to help developers build smarter applications (Help Net Security) Pulse Secure vADC Community Edition offers a platform for software developers with seamless transition into production environments.
KnowBe4 Launches Password Exposure Test to Tackle At-Risk Employees (PRWeb) KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced a new complimentary tool aimed a
Acronis slips into the hyperconverged infrastructure market (CRN Australia) Storage product gains compute and cloud capabilities.
Rapid7 Revs Metasploit to Boost Performance, Extensibility (Channelnomics) First major release in eight years promises security service practitioners new ways to integrate with external tools
Metasploit 5.0: What’s New? (From APIs to Python) (Computer Business Review) Rapid7, the Boston-based cybersecurity company, has released Metasploit 5.0, the first major release of the popular pen testing framework since 2011.
OpinionWay chooses Darktrace AI to fend off novel threats (Cambridge Network) Darktrace, the world’s leading AI company for cyber defence, has today announced that OpinionWay, a leading market research company, has chosen its cyber AI to protect proprietary research from phishing attacks, novel malware and insider threat.
Uganda's border-crossing gets fast-tracked with Gemalto (IT News Africa) Gemalto together with local partner SCINTL, has been awarded the contract for the supply of a Border Management System (BMS) including airport self-service eKiosks
ACSC shutters 2019 conference (InnovationsAus.com) The federal government’s Australian Cyber Security Centre has quietly shuttered the 2019 iteration of its annual conference leaving the security sector scrambling.
InSecurity Podcast: Dave Bittner on Why the CyberWire is the Security Paper of Record (Security Boulevard) In this week’s episode of InSecurity, Matt Stephenson chats with the CyberWire’s Dave Bittner about cybersecurity in the year that was and the year to come. We also quote Albert Brooks, discuss octopus eyeballs, and debate the merits of vinyl LPs and cassettes compared to digital music and streaming. You’re not going to want to miss this one.
Technologies, Techniques, and Standards
Filled with malware, phishing and scams, does the web need a safety manual? (ZDNet) Web users are still making the same mistakes over and over again. How do we make it safer online?
3 Reasons Why the Integration of Cybersecurity Tools is a Growing... (Bricata) In cybersecurity, the whole of security data is greater than the sum of its parts. Unfortunately, the way many security products are engineered, analysts are relegated to using individual tools – just the ‘parts’ – and struggle to see the ‘whole’ picture... #ciso #cloudsecurity #cybersecuritytrends
Why Security Data Outliers Should Never Be Ignored (Tapscape) Most security officials aren’t trained on how to handle outliers in the data that they collect. When these anomalies finally grow to the point of leading
Don’t Overlook the Business Risk in BRI (SecurityWeek) A business risk intelligence (BRI) program needs to understand and account for the different categories of risk faced by all business functions across an enterprise.
To improve supply chain risks, agencies should double-down on visibility (Fifth Domain) Agencies can increase their resilience in the face of supply chain risk by improving the visibility of the devices on their networks.
Vera Research Reveals Why Encryption Deployed Everywhere Fails to Contain Data Breaches’ Mounting Fallout and Costs (GlobeNewswire News Room) One of the most recognized and mandated security controls, installed encryption protects only 4 percent of breached files; survey shows 68 percent of organizations are concerned about the lack of control over their files as they travel outside of the network and only 26 percent have the ability to locate and revoke access quickly
Improve cyber defenses to protect grid (Post and Courier) An insidious and highly threatening Russian campaign has laid the groundwork for taking down major portions of the U.S. electrical grid whenever the order is given. We must do everything
Navy reservists power a new cyber development unit (Fifth Domain) The new unit will focus on delivering capabilities to Navy cyberwarriors.
Design and Innovation
Facebook to start fact-checking fake news in the UK (Naked Security) Facebook’s relying on demotion instead of removal, so users will still be able to share content, even if Full Fact rates it inaccurate.
Facebook, Twitter Turn to Right-Leaning Groups to Help Referee Political Speech (Wall Street Journal) Advisers on touchy issues include Tony Perkins’ Family Research Council, Grover Norquist’s Americans for Tax Reform and, on the left, the Southern Poverty Law Center. Their involvement behind the scenes, designed to tamp down a furor over social media’s policing of content, has instead kicked up a new range of disputes.
YouTube’s guidelines now address dangerous pranks following Bird Box, Tide Pod challenges (The Verge) YouTube to creators: don’t
YouTube is playing favorites, and it all comes down to advertisers (Polygon) The creator base is stewing
Roku now deleting Infowars from its platform after customer outcry (TechCrunch) Roku is deleting the Infowars channel from its platform, a couple days after adding it as a supported channel. In a tweet, Roku said after the channel became available, “we heard from concerned parties and have determined that the channel should be removed from our platform. Deletion from the chann…
Research and Development
DARPA Awards GrammaTech $8.4M for Autonomous Cyber Hardening Technology (PR Newswire) GrammaTech, Inc., a leading developer of commercial embedded software assurance tools and advanced cybersecurity...
Lorrie Faith Cranor named new director of Carnegie Mellon University's CyLab (PR Newswire) Lorrie Faith Cranor has been named the next director of the CyLab, Carnegie Mellon University's security and privacy...
Legislation, Policy, and Regulation
India Wants Access to Encrypted WhatsApp Messages (Wall Street Journal) Facebook’s WhatsApp is facing pressure in India to let authorities trace and read the encrypted messages of its more than 200 million Indian users in a new attempt at constraining global tech giants.
Buhari challenges Africa’s traditional, religious leaders on cyber-crime, disruptive social media (Pulse) The president made the call at ongoing Regional Conference for African Traditional and Religious Leaders on Keeping Girls in School held at NICON Luxury Hotel, Abuja, on Monday.
Singapore says it won't name hackers who targeted PM (AP NEWS) Singapore officials say it isn't in the country's interest to nab — or even name — the perpetrators behind a cyberattack that breached 1.5 million health records, including those of Prime Minister Lee Hsien Loong. An inquiry into the July 4 breach, believed to be the largest in Singapore's history, concluded that it was likely state-linked. The inquiry called for hearings and considered factors like the attacker's persistence, resources and advanced tactics. Lee, a two-time cancer survivor, had his personal and outpatient medication data repeatedly targeted.
Are Cyber Indictments the New “Persona Non Grata”? (Foreign Policy Journal) To be effective in deterring illegal state cyber activities, the US must shift its all-or-nothing strategy and be willing to barter.
The Myth of the Cyber Offense: The Case for Restraint (Cato Institute) Great-power competition in the 21st century increasingly involves the use of cyber operations between rival states. But do cyber operations achieve their stated objectives? What are the escalation risks? Under what conditions could increasingly frequent and sophisticated cyber operations result in inadvertent escalation and the use of military force? The answers to these questions should inform U.S. cybersecurity p...
Scholars examine cyber warfare in new book (CISAC) War is changing, and the U.S. military can now use cyber weapons as digital combat power.
Analysis | The Cybersecurity 202: Government cyber workers increasingly concerned hackers will strike during shutdown (Washington Post) A furloughed worker says a bare-bones staff isn't enough.
Hurd & Kelly Bipartisan Cybersecurity Bill Passes House Unanimously (Congressman Will Hurd) One of the first pieces of legislation to pass this year is a bill to help make sure that Americans’ online identities safe from hackers. Today the House unanimously voted to strengthen national cybersecurity by passing U.S. Reps. Will Hurd (TX-23) and Robin Kelly (IL-02)’s Federal CIO Authorization Act of 2018.
Litigation, Investigation, and Law Enforcement
Singapore imposes $740,000 fines over major cyber attack (New Straits Times) Singapore’s privacy watchdog Tuesday imposed fines of Sg$1 million ($740,000) on a healthcare provider and an IT agency over a cyber-attack that saw health records of about quarter of the population stolen.
SEC Brings Charges in Edgar Hacking Case (US Securities and Exchange Commission) The Securities and Exchange Commission today announced charges against nine defendants for participating in a previously disclosed scheme to hack into the SEC’s EDGAR system and extract nonpublic information to use for illegal trading.
Two Ukrainian Nationals Indicted in Computer Hacking and Securities Fraud Scheme Targeting U.S. Securities and Exchange Commission (US Department of Justice) Two Ukrainian men have been charged for their roles in a large-scale, international conspiracy to hack into the Securities and Exchange Commission’s (SEC) computer systems and profit by trading on critical information they stole.
U.S. Charges 2 With Hacking Into S.E.C. System in Stock-Trading Scheme (New York Times) Federal prosecutors in New Jersey said the men had breached a Securities and Exchange Commission database to obtain information about companies that was not yet public.
How to Make Money Trading: Hack Into SEC, Peek at 157 Secret Earnings Reports (Wall Street Journal) According to a government complaint, a hacker and his associates spent six months rooting around the SEC’s corporate-filing system. The disclosures of how the hack worked is a black eye for the agency, which is itself responsible for policing companies’ cyber defenses.
U.S. Brings Multiple Charges over 2016 SEC Data Hack (Fortune) DOJ alleges seven individuals and two companies made $4.1 million in illegal profits from the 2016 SEC hack.
U.S. Charges 8 in Securities Hacking Scheme (SecurityWeek) US authorities on charged eight people in a scheme to trade on and profit from stolen corporate information hacked from a government database, court papers showed.
SEC Brings Charges In EDGAR 'Hacking' Case Against Traders Who Made $4M (Forbes) The U.S. SEC has brought charges in a hacking case against a group international traders who gained insider information into the EDGAR database that listed companies use to file corporate and financial documents. The traders are estimated to have made at least $4.1 million in illegal profits.
Russian, Ukrainian defendants among those charged with hacking SEC system in trading scheme (Washington Post) Federal authorities on Tuesday filed charges accusing eight people, including individuals from Russia and Ukraine, of hacking into a government database holding corporate secrets in a scheme that led to at least $4.1 million in illegal trading profits.
Polish Ex-Security Official Charged With Spying for China During Government Service (Wall Street Journal) A former senior Polish intelligence official, arrested with a Huawei Technologies employee last week, has been charged with spying for China while he worked in government with top-level access to Polish and allied intelligence.
Germany arrests Afghan dual national on suspicion of spying for Iran (Reuters) A 50-year-old Afghan-German dual national who worked for the German military was...
The Spyware That Brought Down El Chapo’s Drug Empire (The Atlantic) For months, the FBI listened as Mexico’s infamous drug kingpin allegedly trafficked drugs and arranged assassinations. Here’s how.
Conservative writer Jerome Corsi says Mueller has summoned his stepson to testify before grand jury (Washington Post) Corsi said Mueller appears focused on text messages he and his stepson exchanged about scrubbing a computer.