Cyber Attacks, Threats, and Vulnerabilities
Iranian Hackers Launch a New US Campaign as Tensions Mount (WIRED) Three cybersecurity firms have identified phishing attacks stemming from Iran—that may lay the groundwork for something more destructive.
CYBERSECURITY: U.S. grid kept clean sheet against hackers in 2018 — report (E&E News) Despite a steady stream of bomb threats, "phishing" emails, gunfire and malware, U.S. electric utilities never lost power due to a physical or cyberattack in 2018, according to a new report from the North American Electric Reliability Corp.
What a U.S. Operation in Russia Shows About the Limits of Coercion in Cyber Space (War on the Rocks) The New York Times recently reported that the United States planted computer code in the Russian energy grid last year. The operation was part of a
Russian meddling in U.S. elections ‘blown out of proportion,’ says intelligence-studies researcher (MarketWatch) Sven Dekleva from the University of Ghent in Belgium says Russia is undoubtedly interested in U.S. affairs, but its priorities are on internal control.
Leaked hacking tools leveraged in wide ranging espionage campaign: Report (The Washington Times) Cyber spies conducting an international hacking campaign have leveraged several leaked tools likely created by the U.S. government, a security firm warned Thursday.
Critical Security Warning For iPhone Users (Forbes) The roughly 1.4 billion users of Apple's iOS powered iPhone and iPad devices have been warned of a critical security issue that could leave their personal data at risk. Here's what you need to know.
CVE-2019-8635: Double Free Vulnerability in Apple macOS Lets Attackers Escalate System Privileges and Execute Arbitrary Code (TrendLabs Security Intelligence Blog) We discovered a double free vulnerability (assigned as CVE-2019-8635) in macOS. The vulnerability is caused by a memory corruption flaw in the AMD component. If successfully exploited, an attacker can implement privilege escalation and execute malicious code on the system with root privileges.
Felipe, a new infostealer Trojan (Zscaler) The Zscaler ThreatLabZ team came across the Felipe infostealer Trojan, which silently installs itself onto a user’s system and connects to a command-and-control (C&C) server to send system information and bank card numbers from the compromised system.
Desjardins, Canada's largest credit union, announces security breach (ZDNet) Data for 2.9 million bank members was taken from the bank's system by a now-fired employee.
Important message for our members (Desjardins.com) Visit www.desjardins.com to learn more about our products and services: savings, investments, loans, insurance, online brokerage, transaction services and more.
Cryptocurrency-Mining Botnet Malware Arrives Through ADB and Spreads Through SSH (TrendLabs Security Intelligence Blog) We observed a new cryptocurrency-mining botnet that arrives via open ADB ports and can spread via SSH. This botnet’s design allows it to spread from the infected host to any system that has had a previous SSH connection with the host.
Warning Made on Cross-Platform Cryptominer (Infosecurity Magazine) LoudMiner uses virtualization software to mine cryptocurrency
ESET details VM-based cryptominer (Computerworld) Security firm ESET has released details of a malicious cross-platform cryptocurrency miner dubbed LoudMiner.
Bird Miner: This Cryptominer Malware Emulates Linux To Attack Macs (Fossbytes) One of the biggest disadvantages of using pirated software is the increased risk of letting your computer get infected with malware. Cybercriminals often bundle the cracked versions of paid software on piracy websites with adware and cryptominer to earn free cash. So, if you're installing such programs from unknown sources, the chances of you getting hacked are pretty good.
Verizon Users Loses Coinbase Funds Following SIM Hijack (The Merkle Hash) There are numerous ways for cryptocurrency enthusiasts and speculators to lose their funds. In a lot of cases, this is due to an error on their part. However, there are external circumstances which often go beyond the user’s control. Especially when it comes to SIM swap fraud and similar criminal business models, things get out of hand fairly quickly. Verizon Users Loses Thousands of Dollars Cryptocurrency users have fallen victim to mobile phone hijacking over the past few years. This particular method is used by criminals as a way to gain full control over one’s mobile number. In most cases,
Firefox Zero-Day Exploited to Deliver Malware to Cryptocurrency Exchanges (SecurityWeek) The recently patched Firefox zero-day vulnerability (CVE-2019-11707) has been exploited to deliver Windows and Mac malware to cryptocurrency exchanges.
NASA Lab Hacked Using A $25 Raspberry Pi Computer (Fossbytes) A NASA lab was hacked using a Raspberry Pi. This breach occured in April 2018 where NASA's Jet Propulsion Laboratory (JPL) was hacked and 500MB of data from major mission systems was stolen. A federal report of the incident confirms that a Raspberry Pi to gain access to the system. It also highlighted the major security lapses that were present in NASA's network for about a decade and made the breach possible.
Interview: Chris Goettl, Ivanti (Infosecurity Magazine) We've heard about BlueKeep for a month, will there be an impact?
Hunting for Linux library injection with Osquery (AT&T Cybersecurity) When analyzing malware and adversary activity in Windows environments, DLL injection techniques are commonly used, and there are plenty of resources on how to detect these activities. When it comes to Linux, this is less commonly seen in the wild.
PHOENIX CONTACT Automation Worx Software Suite (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.8ATTENTION: Exploitable remotely/low skill level to exploitVendor: Phoenix ContactEquipment: Automation Worx Software SuiteVulnerabilities: Access of Uninitialized Pointer, Out-of-bounds Read, Use After Free2.
Report: Theta360 Data Breach Leaks Millions of Private Photographs (vpnMentor) vpnMentor's research team has discovered that Theta360 experienced a huge data breach. Hacktivists from our research team, Noam Rotem and Ran Locar, ...
Meds prescriptions for 78,000 patients left in a database with no password (ZDNet) Database containing 390,000 Vascepa prescriptions for 78,000 patients left open on the internet.
Customers of 3 MSPs Hit in Ransomware Attacks (Dark Reading) Early information suggests threat actors gained access to remote monitoring and management tools from Webroot and Kaseya to distribute malware.
Match, Tinder Swipe Right For Privacy Red Flags, Say Experts (Threatpost) Analysts at PrivacyPro say the dating apps' privacy policies should be of concern to users.
Analysis | The Cybersecurity 202: This Florida city just paid hackers a huge ransom. Is that better or worse for taxpayers? (Washington Post) Taxpayers will pay to get city systems back online either way. But there's a moral question.
A Florida city paid a $600,000 bitcoin ransom to hackers who took over its computers — and it's a massive alarm bell for the rest of the US (Business Insider) Riviera Beach's city council voted to pay the money after an attack in May disrupted services, including its email network and 911 dispatch system.
Village of Palm Springs confirms cyber attack (WPTV) Riviera Beach isn't the only local municipality paying ransom to cyber hackers. The Village of Palm Springs said it too was hit by hackers.
Process Reimaging: A Cybercrook’s New Disguise for Malware (McAfee Blogs) As of early 2019, Windows 10 is running on more than 700 million devices, including PCs, tablets, phones, and even some gaming consoles. However, it turns
Steganography and Stock Photos: Are These "Cheesy" Images a Security Risk? (Computer Business Review) Steganography is a perfect tool for the malicious insider. They can easily pass information out of networks, without alarming Data Loss Prevention software.
Email scammers use corporate consultant sites to find victims (Axios) They operate just like any other small business.
Security Patches, Mitigations, and Software Updates
Dell patches vulnerability that put millions of PCs at risk — Update yours now (The Next Web) Dell released a security advisory urging consumers to update their laptops and PCs to patch a security vulnerability the company says could have enabled hackers to access sensitive information.
IBM Security Bulletin: IBM MessageSight is affected by the following four IBM Java vulnerabilities - IBM PSIRT Blog (IBM PSIRT Blog) IBM MessageSight has addressed the following Java vulnerabilities...
Webroot Cybersecurity: 2FA Now Mandatory As Hackers Target MSPs (ChannelE2E) Webroot makes two-factor authentication (2FA) mandatory as attackers target MSP software in a bid to spread malware / ransomware to end-customer systems.
Samsung asks users to scan their Smart TVs for malware - Here's how to (HackRead) Samsung tweeted and then deleted that tweet stating that users should scan their Smart TVs for malware “every few weeks.”
Cyber Trends
Overlooked ‘internet letter boxes’ behind over $1m cyber breaches in 2019 (Data Economy) New EfficientIP report, in partnership with IDC revealed that there is a 34% increase in cyber breaches, and the average DNS attack cost has risen by 49%.
Fraudulent internet sites can remain anonymous due to privacy laws (KamloopsMatters.com) Online hucksters a growing concern: analysts, government
Which states have the most data breaches? Data breaches by US state (Comparitech) Data breaches are common in headlines these days, but they are not equally spread out in terms of location. Data breaches occur far more often in some US states than others, and the number of records lost or stolen varies as well. Comparitech analyzed data on the last 10 years worth of data breaches to …
The U.S. Loses Over $1.5 Trillion in a Decade of Data Breaches (BleepingComputer) A decade's collection of data breaches shows a bleak picture with billions of records exposed in this type of incidents and financial damages of more than $1.6 trillion.
Performance Anxiety and the Inability to Stop Access Threats (Infosecurity Magazine) The impact from access threats has increased, users feeling an increased impact from access security incidents in comparison with a year ago
Marketplace
Ethiopia’s bid to become an African startup hub hinges on connectivity (TechCrunch) Ethiopia is flexing its ambitions to become Africa’s next startup hub. The country of 105 million with the continent’s seventh largest economy is revamping government policies, firing up angel networks, and rallying digital entrepreneurs. Ethiopia currently lags the continent’s tech standouts—like …
IT pros brace for wave of M&A in microservices security (SearchITOperations) Microservices security trends will touch off widespread M&A activity and consolidation in a fragmented IT security software market, IT pros and industry watchers predict.
Why Cybersecurity Takeovers Are Surging As Stocks Reach New Highs (Investopedia) The venture capital cycle and concerns about a recession are 2 big forces driving the wave.
ZTE targets bigger role in UK's 5G build out - Mobile News Online (Mobile News Online) The Chinese operator showcased a lag free 5G hologram call earlier this week with Orange Spain ZTE has laid down its aim to make the UK a major footprint for the Chinese firm in Europe as it expressed confidence it can compete with rivals in 5G build outs. Speaking to Mobile News at Global 5G
Facebook usage falling after privacy scandals, data suggests (the Guardian) Actions such as likes and shares down nearly 20%, though user numbers still growing
Facebook’s Libra Reveals Silicon Valley’s Naked Ambition (WIRED) Cloaked in the guise of making the world a better place, the cryptocurrency project is really another attempt to go big or go home.
UK rights advocate co-owns firm whose spyware is ‘used to target dissidents’ (Infosurhoy) Exclusive: Yana Peel co-owns NSO Group that licensed Pegasus software to authoritarian regimes
Druva Raises $130M for Cloud Data Protection, Becomes Latest SaaS Unicorn (Crunchbase News) The company saw its annual recurring revenue (ARR) climb by more than 50 percent last year.
A Year Since IPO, Zscaler Delivers Through Acquisitions And Partnerships (Seeking Alpha) Zscaler is not new to the small startup world. It was founded in 2008 and was initially bootstrapped for four years. It raised the first of its three funding rounds in 2012.
COPT adds cybersecurity leases as Columbia’s industry appeal endures (Maryland Daily Record) Corporate Office Properties Trust said it has signed leases with a pair of cybersecurity firms in Columbia, benefiting from the area’s continued allure for that industry.
Winners Announced for the 2019 Women in Biometrics Awards (Security Industry Association) The Security Industry Association and SecureIDNews will honor four female leaders in biometrics and security for their contributions at SIA GovSummit 2019.
Zscaler Appoints James Cater as Vice President and General Manager of EMEA (Yahoo) Zscaler, Inc., the leader in cloud security, has appointed James Cater as Vice President and General Manager for the EMEA region. With more than 25 years of experience in security, Cater will lead Zscaler’s business across the region, including adding and expanding relationships with local and regional
Teradata Appoints Scott Brown as Chief Revenue Officer (AiThority) Teradata , the industry’s only Pervasive Data Intelligence company, announced that it has appointed Scott Brown as Chief Revenue Officer, effective June 17, 2019.
Products, Services, and Solutions
New infosec products of the week: June 21, 2019 (Help Net Security) The infosec products of the week include releases from: CipherCloud, Scytale, Sectigo, Threat Stack, ManageEngine, Imperva and Arctic Wolf Networks.
Complete Security to Secure Development and Runtime Environments (Lacework) Cloud and container security leader now extends host-based configuration and compliance solution with Shift Left strategy.
Cybeta™ Launched to Protect Businesses from Cyber Attacks (Yahoo) Liberty Advisor Group is proud to announce the launch of Cybeta™, a suite of intelligence products and services designed to help keep your business off the Cyber X. The product suite is effectively predictive of future breaches and can give you the business threat intelligence needed to outpace your
Indegy Revs Cloud-based Security for Industrial Control Systems (Channelnomics) New CIRRUS suite looks to bring ICS and operational defenses to smaller firms, channel partners...
BlackBerry devices unaffected by Triada malware (CrackBerry.com) In response to Google publishing details surrounding the Triada family of malware, BlackBerry has posted a new blog post noting BlackBerry devices are unaffected while highlighting their approach to security.
Google responds to a WSJ report that concluded there are millions of fake business listings on Maps (TechCrunch) After a Wall Street Journal investigation concluded that there are millions of fake business listings on Google Maps, the company has issued a response detailing the measures it takes to combat the problem. According to estimates from online advertising experts surveyed by the WSJ, there are “rough…
Technologies, Techniques, and Standards
Cyber Militia Launches Non-Profit to Share Technology (SIGNAL Magazine) Creating a nonprofit organization ensures that a cybersecurity solution created by the Missouri National Guard Cyber Team will remain freely available.
What is Homomorphic Encryption? (Hashed Out by The SSL Store™) Homomorphic encryption solves a vulnerability inherent in all other approaches to data protection Imagine if you work in the financial services industry — or, maybe you already do. Every day,...
The Murky Value Proposition Of Cyber Threat Intelligence And How To Make It Shine (Forbes) If CTI isn’t both held accountable to show more value and enabled to do so, then a huge opportunity to simply do security better is being lost.
How Federal Agencies Manage Their Risk in the Cloud (FedTech) As federal agencies push their data to the cloud, how are they enhancing their risk management capabilities along the way?
Who's Responsible for a Cloud Breach? It Depends - Security Boulevard (Security Boulevard) When a breach happens through the cloud the customer is the real victim. But who's ultimately responsible for those breaches?
4 Bug Bounty Myths Dispelled (GovInfo Security) Bug bounty myths: All such programs must be public, run nonstop, pay cash to bug-spotters and allow anyone to join. But HackerOne's Laurie Mercer says such programs
Design and Innovation
Facebook adds new limits to address the spread of hate speech in Sri Lanka and Myanmar (TechCrunch) As Facebook grapples with the spread of hate speech on its platform, it is introducing changes that limit the spread of messages in two countries where it has come under fire in recent years: Sri Lanka and Myanmar. In a blog post on Thursday evening, Facebook said that it was “adding friction” to m…
Cybersecurity's Automation Imperative (BankInfo Security) With cybersecurity becoming ever more difficult to monitor and manage, and product and data overload triggering cyber fatigue amongst cybersecurity professionals,
Is Going 'Passwordless' Really The Future For Enterprise Security? (Forbes) It would be hard to imagine a world without passwords, but Okta customers Zurich Insurance and Dubai Airports think it could happen - it's just a question of when
Research and Development
Researchers develop 'vaccine' against attacks on machine learning (Phys.org) Researchers from CSIRO's Data61, the data and digital specialist arm of Australia's national science agency, have developed a world-first set of techniques to effectively 'vaccinate' algorithms against adversarial attacks, a significant advancement in machine learning research.
Amazon patents ‘surveillance as a service’ tech for its delivery drones (The Verge) Including technology that cuts out footage of your neighbor’s house
Academia
Our Lady of the Lake University's Computer Information Systems and Security Degrees (CyberTalkRadio San Antonio) Bret Piatt, CTR Host, and Dr. Vanessa Clark, OLLU Assistant Professor of Computer Information Systems and Security, discuss the university’s cybersecurity-fo...
Legislation, Policy, and Regulation
Hungary has no evidence of Huawei threat, plans rapid 5G rollout:... (Reuters) Hungary has no evidence that equipment from Chinese telecoms giant Huawei poses ...
NCSC Stresses 5G's Challenges Outweigh China Threat (Infosecurity Magazine) There’s much more to 5G security than Huawei, says NCSC.
Tactical Cyber Weapons For Future French Battlefield Ops? (Breaking Defense) "We cannot accept that the decision to kill anybody is taken by a machine or software," says retired French Lt. Gen. Alain Bouquin, speaking about France's policy on the use of AI.
Senate wants to boost oversight of Pentagon’s cyber activities (Fifth Domain) Several provisions in the Senate’s version of the annual defense policy bill aim to increase oversight of cyber activities in the Department of Defense, including a new two-star general officer to serve as the senior military adviser to cyber policy.
Congress: New devices=new threats=new security? (Fifth Domain) New legislation directs the National Institute of Standards and Technology to issue security standards for government devices connected to the internet.
Could a new office protect critical US tech? (Fifth Domain) Legislation is being added to the defense authorization bill that would create an executive office dedicated to cybersecurity protection, as well as reform security clearance procedures.
UK to launch security standard for surveillance cameras (ComputerWeekly.com) The UK is launching the world’s first voluntary cyber security standard and compliance certification mark for the manufacturers of surveillance cameras at IFSEC in London
Government error hits porn age-check plan (BBC News) A scheme hoping to stop under-18s stumbling across adult content was due to come into force in July.
YouTube's toxic videos are warping young minds - it's time to fight back (The Telegraph) It seems that barely a week can go by without Google’s monolithic video-streaming site YouTube becoming embroiled in yet another controversy.
Terry Gou resigns as Foxconn’s chairman to run for president of Taiwan (TechCrunch) Terry Gou said at Foxconn’s annual general meeting today that he is leaving the electronics manufacturing giant as he prepares to run for president of Taiwan. Gou, who founded Foxconn (also known as Hon Hai Precision Industry Co.) 45 years ago and is also its biggest shareholder, will remain on the…
Litigation, Investigation, and Law Enforcement
Behavioural advertising is out of control, warns UK watchdog (TechCrunch) The online behavioural advertising industry is illegally profiling internet users. That’s the damning assessment of the U.K.’s data protection regulator in an update report published today, in which it sets out major concerns about the programmatic advertising process known as real-time…
Death linked to prank - France seeks extradition of hacker from Israel (HackRead) The incident took place in 2014 in which father of a French journalist died of a heart attack soon after prank call made by the hacker.
Group sues for records on US election hacking vulnerability (Washington Post) A voting security advocacy group is trying to force a leader of a state election officials association to release documents on whether she wrongly asserted that U.S. election systems are safe from hacking
Prosecutors rebut Roger Stone: U.S. caught Russian election hackers on its own (POLITICO) Trump ally has alleged the government relied solely on 'an inconclusive and unsubstantiated report' written by a cyber research firm.
Inside the FBI's Fight Against Cybercrime (Dark Reading) Heavily outnumbered and outpaced by their targets, small FBI cybersquads have been quietly notching up major wins against online criminals operating out of home and abroad.