Cyber Attacks, Threats, and Vulnerabilities
As Iran Warns, US Officials Mum on Launch of Cyber Attack (Military.com) President Donald Trump reportedly approved a cyber attack on Iran while calling off airstrikes.
Analysis | The Cybersecurity 202: Here's how Iran disrupted U.S. businesses the last time it launched major cyberattacks (Washington Post) Including Sheldon Adelson's casino.
What to make of US cyber activities in Iran (Fifth Domain) Experts told Fifth Domain that a cyberattack in Iran signals that U.S. leaders are becoming increasingly comfortable with cyberwarfare and, in some cases, now view cyber operations as a half-step removed from a kinetic conflict.
[Heads-up] The U.S. Launched A Cyber Attack On Iran, And We're Expecting Spear Phishing Strike Backs (KnowBe4) The tension in the Middle-East apparently prompted a game-changing move by the U.S. President.
U.S. Sees Russia, China, Iran Trying to Influence 2020 Elections (Bloomberg) Cybersecurity firm says Iran spearphishing at U.S. banks. Trump expected to meet Putin, Xi at G-20 later this week.
Operation Soft Cell: A Worldwide Campaign Against Telecommunications Providers (Cybereason) In 2018, the Cybereason Nocturnus team identified an advanced, persistent attack targeting global telecommunications providers. Read about it first here.
A Likely Chinese Hacker Crew Targeted 10 Phone Carriers to Steal Metadata (WIRED) In one case, they stole the location and call record data of 20 specific individuals.
Hackers are stealing years of call records from hacked cell networks (TechCrunch) Security researchers say they have uncovered a massive espionage campaign involving the theft of call records from hacked cell network providers to conduct targeted surveillance on individuals of interest. The hackers have systematically broken in to more than 10 cell networks around the world to d…
What the cell...? Telcos around the world were so severely pwned, they didn't notice the hackers setting up VPN points (Register) Revealed: Long-running espionage campaign targets phone carriers to snoop on VIPs' location, call records
Hackers linked to China breach 10 mobile operators to steal call records (Computing) The espionage campaign has been conducted for the past seven years, claim security specialists
Eurofins ransomware attack affected UK police work (Help Net Security) Operations are returning to normal after the recent Eurofins ransomware attack, but the impact on financial results "may unfortunately be material."
iOS Devices Compromised…Again (The Media Trust) Malware Targeting iOS Devices Outsmarts a Popular Malware Blocker to Steal Consumer Data
Mobile apps riddled with high-risk vulnerabilities, warns report (Naked Security) Be careful before installing that mobile app on your iOS or Android device – many mobile applications are riddled with vulnerabilities.
New cryptomining botnet malware hits Android devices (HackRead) The new malware exploits Android Debug Bridge (ADB) ports.
Botnet Abusing Android Debug Bridge, SSH is Back (Infosecurity Magazine) A cryptocurrency-mining botnet leverages open ADB ports, researchers say.
Positive Technologies research finds an attacker rarely needs physical access to a victim's smartphone to steal data (Positive Technologies) Positive Technologies research finds an attacker rarely needs physical access to a victim's smartphone to steal data
BGP super-blunder: How Verizon today sparked a 'cascading catastrophic failure' that knackered Cloudflare, Amazon, etc (Register) 'Normally you'd filter it out if some small provider said they own the internet'
How Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Today (The Cloudflare Blog) Today at 10:30UTC, the Internet had a small heart attack. A small company in Northern Pennsylvania became a preferred path of many Internet routes through Verizon (AS701), a major Internet transit provider.
Incomplete Fix Leads to New Kubernetes Bug (Infosecurity Magazine) A high-severity vulnerability impacts kubectl.
ATM Shimmers Supplanting Skimmers (Flashpoint) With the widespread implementation of EMV chip cards, attackers are now focusing on capturing data from the chip.
When Myspace Was King, Employees Abused a Tool Called ‘Overlord’ to Spy on Users (Vice) Several employees were caught abusing the tool, which let them read users’ messages and passwords.
Vulnerability Summary for the Week of June 17, 2019 (US-CERT) The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
Mozilla patched two Firefox zero-day flaws in one week (Naked Security) Two emergency zero days affecting a browser in one week counts as unusual – especially when they pop up as separate alerts two days apart.
OpenSSH adds protection against Spectre, Meltdown, RAMBleed (Help Net Security) OpenSSH has been equipped with protection against side-channel attacks that could allow attackers to extract private keys from memory.
Using Whitelisting to Remediate an RCE Vulnerability (CVE-2019-2729) in Oracle WebLogic (TrendLabs Security Intelligence Blog) We took a closer look at CVE-2019-2729 to see how this class of vulnerability has been remediated and why it has become a recurring security issue.
Cyber Trends
Forescout Study Reveals Cybersecurity Concerns on the Rise Amid M&A Activity - Forescout (Forescout) Global research survey discovers that 65% of respondents experience buyers’ remorse after closing an M&A deal due to cybersecurity concerns Among IT Decision Makers (ITDMs), 53% say they find unaccounted IoT and OT devices after completing the integration of a new acquisition
Cybersecurity Risks Are Threatening Deals, Industry Survey Shows (Bloomberg) Cybersecurity issues are increasingly becoming a concern in mergers and acquisitions, a new survey shows, and lapses can jeopardize deals or haunt purchasers long after the deal is done.
How past threats and technical developments influence the evolution of malware (Help Net Security) "The evolution of malware-related threats is like a sine wave movement, re-infused by new technology developments," Christiaan Beek told Help Net Security.
#DISummit19: Fraudsters Always React & Respond to Better Security (Infosecurity Magazine) Collaboration is key to preventing online fraud
Cyber security blighted by bias (Fudzilla) More dangerous than a Russian hacker A study of cybersecurity professionals indicates that their confirmation bias is probably more likely to sink the...
Ethics and Compliance Programs Growing More Mature (Infosecurity Magazine) Strong buy-in from leadership drives success of ethics and compliance programs, study finds.
UK Firms Riddled With Vulnerable Open Source Software (Infosecurity Magazine) UK Firms Riddled With Vulnerable Open Source Software. Sonatype warns they each downloaded 21,000 flawed components in 2018
Marketplace
Exclusive: Huawei's U.S. research arm builds separate identity (Reuters) The U.S.-based research arm of China's Huawei Technologies Co Ltd - Futurew...
Huawei: 'No doubt' that we will meet German 5G security standards (Reuters) Huawei, the Chinese technology and telecoms group hit by U.S. sanctions, said on...
Sting Catches Another Ransomware Firm — Red Mosquito — Negotiating With “Hackers” (ProPublica) We recently wrote about two U.S. firms that promised high-tech ransomware solutions but instead paid the cyber-attacker. A U.K. company appears to do the same.
Products, Services, and Solutions
Keeper Announces 24/7 Dark Web Monitoring Solution for Businesses (PR Newswire) Keeper Security, Inc., provider of the leading cybersecurity platform for preventing password-related data breaches and...
DivvyCloud Enhances Industry-Leading Cloud Security With Expanded IAM Capabilities, Compliance Scorecard, and Threat Protection; Achieves 230 Percent YoY Revenue Growth (BusinessWire) DivvyCloud announced new capabilities and technological advancements to its solution, as well as company growth.
Twistlock Releases Twistlock 19.07 with an enhanced enterprise manageability and configurability while continuing to leverage automation and learning (West) Twistlock, the leading provider of container and cloud-native security solutions, today announced the availability of Twistlock 19.07. This release builds on the existing cloud-native network firewall (CNNF) to provide enhanced visualization and manageability, adds threat visualization radar for serverless, automated image trust policies, and broader forensic data collection.
Mist Systems Partners with Forescout to Bring Secure Wireless Access and IoT Policy Enforcement to the AI-Driven Enterprise (Mist Systems) Mist Systems, a Juniper Networks (NYSE: JNPR) company, today announced a strategic relationship with Forescout Technologies, Inc. (NASDAQ: FSCT), the leader in device visibility and control, that enables interoperability between the Mist Learning WLAN and the Forescout platform. This partnership provides comprehensive AI-driven security via automation and programmability to protect Wi-Fi client and Internet of Things...
Cisco’s Duo Security Now Offers Out-of-the-Box Multi-Factor Authentication for Amazon Web Services (Duo Security) Cisco’s Duo Security, the leading multi-factor authentication (MFA) and Zero Trust for the Workforce provider, today announced enhanced MFA support for Amazon Web Services (AWS). AWS customers can add additional protection to their AWS Directory Service applications with Duo’s Push-based MFA in less than 10 minutes. Using the Duo MFA Quick Start for Directory Service, customers can easily deploy Duo MFA by automating hundreds of procedures into a single click.
Technologies, Techniques, and Standards
Opinion | Hackers are taking cities hostage. Here’s a way around it. (Washington Post) Ransomware attacks on U.S. cities are on the rise, and it’s time to break the cycle.
Link security key aim for cyber age - DB - Digital Battlespace (Shephard Media) Cyber security has rapidly grown as a priority for Link 16 and C2 tactical data links more broadly, according to Northrop Grumman, with the company lo
The Rise of Employee Monitoring: Ensuring Security without Sacrificing Trust (Infosecurity Magazine) The burden has shifted to employers to detect and respond to abnormal or anomalous employee-related behavior
4 tips for building a strong security culture (CSO Online) Instead of blame and fear, security teams need to create a culture of personal responsibility to best protect data. Here's how two security leaders do it.
Legislation, Policy, and Regulation
Iran Greets Latest U.S. Sanctions With Mockery (New York Times) Both hard-liners and reformers argued that the new sanctions would have little practical impact. One Iranian joked on Twitter: “The only people left to sanction are me, my dad and our neighbor’s kid.”
Iran calls new US sanctions 'outrageous and idiotic' (AP NEWS) Iran on Tuesday sharply criticized new U.S. sanctions targeting the Islamic Republic's supreme leader and other top officials, saying the measures spell the "permanent closure"...
Netanyahu tells Russian official: We will do ‘anything’ to prevent nuclear Iran (Times of Israel) At Jerusalem meet ahead of trilateral summit, Moscow's national security adviser promises to pay 'special attention to ensuring Israel's security'
Trump imposes new sanctions on Iran, warns U.S. ‘restraint’ is limited (Washington Post) President Trump, warning that U.S. “restraint” has limits, signed an executive order Monday imposing additional economic sanctions on Iran in apparent retaliation for the downing of a U.S. drone last week.
EXCLUSIVE: Trump: I do not need congressional approval to strike Iran (TheHill) President Trump told Hill.TV in an exclusive interview Monday that he does not need congressional approval to strike Iran.
Disclaiming responsibility: How platforms deadlocked the Federal Election Commission's efforts to regulate digital political advertising (Telecommunications Policy) Digital advertisements used to interfere in the 2016 U.S. presidential election lacked disclaimers stating who paid for them. This was deliberate on t…
Bipartisan US DASHBOARD Act aims to force tech giants to disclose monetary value of personal data (Computing) Draft bill by Democrat and Republican senators seeks to give users of Facebook, Google and Amazon more control of their data
DoD changes name of security clearance agency, appoints new leadership (Federal News Network) The Defense Department has officially assumed responsibility for the governmentwide security clearance portfolio and has named new leadership.
House panel to hold hearing on Facebook cryptocurrency project (TheHill) The chairwoman of the House Financial Services Committee announced Monday that the panel will hold a hearing next month on Facebook’s plan to develop a cryptocurrency-based payments platform.
Three big holes in Sir Nick Clegg's defence of Facebook (The Telegraph) Sir Nick Clegg has given many speeches in his life.
Watchdog ‘naive’ to think it can regulate social media (Times) The broadcasting watchdog’s plan to regulate social media is unworkable and naive, an online privacy group has said. Digital Rights Ireland said it was concerned that the Broadcasting Authority of...
Updated Guide to Posted Documents Regarding Use of National Security Authorities (IC ON THE RECORD) On September 19, 2017, we posted a guide with links to certain officially released documents related to the use by the Intelligence Community (IC) of national security authorities. Today, we have once again updated that Guide to include links to additional officially released documents...
Litigation, Investigation, and Law Enforcement
Federal Cybersecurity: America's Data at Risk (United States Senate Permanent Subcommittee on Investigations, Committee on Homeland Security and Governmental Affairs) Federal government agencies are the frequent target of cybersecurity attacks. From 2006 to 2015, the number of cyber incidents reported by federal agencies increased by more than 1,300 percent.
Facebook fails to kill class-action lawsuit over data breach (CyberScoop) The lawsuit against Facebook will continue after a judge disagreed with the company’s contention it shouldn't be held liable for not protecting users' info.
QuadrigaCX CEO Set Up Fake Crypto Exchange Accounts With Customer Funds (CoinDesk) QuadrigaCX CEO and founder Gerald Cotten reportedly created fake accounts at other crypto exchanges and funded them with his customers' money.
German regulator says it discovered new illegal software on Daimler diesels (Ars Technica) Daimler is being forced to recall 42,000 vehicles in Europe.
Police suspend work with major forensics firm after cyber-attack (the Guardian) More than half of outsourced case work disrupted due to Eurofins security breach
Ex-chair of FCC broadband committee gets five years in prison for fraud (Ars Technica) Telecom CEO forged contracts in order to raise $270 million from investors.
