Cyber Attacks, Threats, and Vulnerabilities
Why the S-400 and the F-35 Can’t Get Along (Defense One) Today's radar systems and aircraft need to share a lot of information. That's a problem when the countries that produce them aren't on the same side.
Sprint data breach highlights "importance of third-party risk assurance" (Verdict) The Sprint data breach saw attackers gain access to customer details such as first and last names, phone numbers and billing addresses.
Malicious Python libraries targeting Linux servers removed from PyPI (ZDNet) Security firm scanned over one million PyPI packages and found three backdoored libraries.
Darktrace commente la cyberattaque contre l'Agence Nationale du Revenu bulgare (Global Security Mag Online) Emmanuel Meriot, Country manager France & Espagne chez Darktrace, commente le piratage de millions de données fiscales de Bulgares, enregistrées à l’Agence Nationale du Revenu :
Microsoft reports hundreds of election-related cyber probes (USA TODAY) In bid to sell election software, Microsoft gives update on cyber election tampering, and its new ElectionGuard program, which offers checks and balances.
Microsoft: Foreign hackers still active against US political targets (WISC) Americans involved in the democratic process were heavily targeted by foreign government hackers in the past year, according to Microsoft.
New cyberthreats require new ways to protect democracy (Microsoft on the Issues) Starting today at the Aspen Security Forum we’re demonstrating the first voting system running Microsoft ElectionGuard as an example of how ElectionGuard can enable a new era of secure, verifiable voting. The demo shows how it’s also possible to make voting more accessible for people with disabilities and more affordable for local governments while increasing...
Google’s Tool to Tame Election Influence Has Flaws (Wall Street Journal) Google’s searchable database of political ads, set up to bring more transparency to digital campaign advertising, is fraught with errors and delays, according to candidates’ digital staffers and political consultants.
FaceApp denies storing users' photographs without permission (the Guardian) App was launched by Russian developer in 2017 and uses AI to change people’s features
DNC warns 2020 campaigns not to use FaceApp 'developed by Russians' (CNN) The Democratic National Committee sent a security alert to 2020 presidential campaigns Wednesday afternoon warning them not to use the popular smartphone application FaceApp, CNN has learned.
FaceApp privacy: Why you should think twice before using Russian photo editor (The Telegraph) Have you ever wondered what you will look like in 40 years' time?
FaceApp makes you look older — what else is it doing with your face? (National Post) While selfie-takers obsesses over what they’ll look like in the future, privacy experts are concerned about the photos they send today
Threat Spotlight: Lateral Phishing (Barracuda) Account takeover continues to be one of the fastest growing email security threats, but attackers are starting to adapt, introducing new ways to exploit compromised accounts.
Google removes stalkerware apps after researchers discover trackers on Play Store (CNET) The apps had been installed more than 130,000 times and promoted stalking people's location and providing call logs.
New EvilGnome Backdoor Spies on Linux Users, Steals Their Files (BleepingComputer) A new Linux malware masquerading as a Gnome shell extension and designed to spy on unsuspecting Linux desktop users was discovered by Intezer Labs' researchers in early July.
Group Behind Windows 10 App Malvertising Pushed 100M Ads in 2019 (BleepingComputer) A group behind the recent outbreaks of malicious advertisements being displayed through Windows 10 apps and Microsoft games has been identified as being based out of Hong Kong. This group is behind millions of advertisements that redirect users to scams, malware, and adware bundles.
Massive Malvertising Campaign Reaches 100M Ads, Manipulates Supply Chain (Threatpost) A sophisticated and growing malvertising attacker is partnering with legitimate ad tech platforms to drop malware at scale.
Meet Extenbro, a new DNS-changer Trojan protecting adware - Malwarebytes Labs (Malwarebytes Labs) We found a new Trojan that uses aggressive techniques, including blocking access to security sites, to deliver an adware bundler. Read up on what Extenbro can do and how to get this pest off your system.
American Express Customers Targeted by Novel Phishing Attack (BleepingComputer) A phishing attack using a novel technique to steal credentials from American Express customers was recently found in an email inbox protected using Microsoft's Office 365 Advanced Threat Protection (ATP) by Cofense Phishing Defense Center researchers.
This Phishing Attacker Takes American Express—and Victims’ Credentials (Cofense) Recently, the CofenseTM Phishing Defense CenterTM observed a phishing attack against American Express customers, both merchant and corporate card holders. Seeking to harvest account credentials, the phishing emails use a relatively new exploit to bypass conventional email gateway URL filtering services. Email Body Take a look at the email below—the body of the message is riddled with grammatical errors. It asks the would-be victim to verify his or her personal information “Due to a recent system maintenance” and says that failure to comply would lead to a “temporary suspension” of the account. This is a tactic we see from attackers...
Hong Kong Based Malvertiser Brokers Traffic To Fake Antivirus Scams — Over 100 Million Ads… (Medium) This blog post explores the techniques and tactics of a persistent malvertiser that operates under a company called “fiber-ads”. We…
RDP exposed: the wolves already at your door (Naked Security) While everyone waits for BlueKeep to be exploited, another RDP threat is already at the door, according to new research from Sophos.
BlueKeep patching isn’t progressing fast enough (WeLiveSecurity) As of early July, more than 805,000 internet-facing systems remained susceptible to the BlueKeep vulnerability, according to a scan by BitSight.
Why Microsoft’s BlueKeep Bug Hasn’t Wreaked Havoc—Yet (WIRED) Microsoft's critical vulnerability remains unpatched in hundreds of thousands of computers, and it may already be exploited in secret.
TrickBooster malware is compromising millions of email accounts (ITWire) Security vendor Deep Instinct has detected malware that has compromised more than 250 million email accounts.
TrickBooster – TrickBot’s Email-Based Infection Module (Deep Instinct) TrickBooster – TrickBot’s Email-Based Infection Module. With 250 million plus email addresses harvested, the malware evaded detection by leading security.
Vulnerable Firmware in the Supply Chain of Enterprise Servers (Eclypsium) Eclypsium examines how BMC firmware vulnerabilities in the supply chain of major server manufacturers put customers at risk of data loss and attack. Technical analysis into BMC firmware vulnerabilities in the supply chain of major server manufacturers. Weaknesses in third party BMC firmware affected multiple vendors and made customers susceptible to data loss and permanent damage to hardware, while enabling attackers to persist even across new operating system installation.
Party Like a Russian, Carder’s Edition (KrebsOnSecurity) “It takes a certain kind of man with a certain reputation To alleviate the cash from a whole entire nation…”
Lenovo Confirms 36TB Data Leak Security Vulnerability (Forbes) Lenovo has issued yet another security advisory, in what has proven to be a busy few weeks as far as vulnerability disclosures are concerned. This one exposed at least 36TB of storage drive data.
Another 2.2 million patients affected by AMCA data breach (TechCrunch) Another clinical lab ensnared in the AMCA data breach has come forward. Clinical Pathology Laboratories (CPL) says 2.2 million patients may have had their names, addresses, phone numbers, dates of birth, dates of service, balance information and treatment provider information stolen in the previous…
Hackers Made an App That Kills to Prove a Point (WIRED) Medtronic and the FDA left an insulin pump with a potentially deadly vulnerability on the market—until researchers who found the flaw showed how bad it could be.
Maryland says confidential data must be encrypted. For 1.4 million students, it wasn’t. (Washington Post) Auditors said deficiencies in the State Department of Education computer system put individuals at risk of identity theft.
Henry County shuts down all systems after possible cyberattack (WSBTV) The move is meant to protect confidential information such as court records, police records and property tax records.
EXCLUSIVE: Why are we facing surge in Cyber Attacks? Malwarebytes expert explains here (International Business Times, Singapore Edition) How the cyber attacks are taking place and what we should know about it, Adam Kujawa, Security Evangelist / Director Malwarebytes Labs has described everything.
Bitglass 2019 Cloud Security Report: Only 20 Percent of Organizations Use Cloud Data Loss Prevention Despite Storing Sensitive Information in the Cloud (BusinessWire) Bitglass releases findings from its latest report on cloud security: Guardians of the Cloud.
FinCEN Warns Banks of Business Email Compromise Scams (ABA Banking Journal) Business email compromise schemes—though which fraudsters target businesses and their fund transfers—generated more than $300 million a month in illicit revenue during 2018, the Financial Crimes Enforcement Network reported today.
Updated Advisory on Email Compromise Fraud Schemes Targeting Vulnerable Business Processes (FinCEN) Criminals continue to exploit vulnerable business processes with business email compromise schemes – over $9 billion in possible losses affecting U.S. financial institutions and their customers since 2016.
Companies still don't understand the importance of DMARC adoption (Help Net Security) Global DMARC adoption report released by 250ok, reveals nearly 80 percent of companies leave consumer data vulnerable to phishing attacks.
Tech journalism’s ‘on background’ scourge (Columbia Journalism Review) <p>One of the most pernicious tools that Silicon Valley uses to control the flow of information to the public is decidedly low-tech: briefing reporters “on background.” According to the Associated Press, an on background arrangement with a reporter means that “information can be published but only under conditions negotiated with the source. Generally, the sources […]</p>
IP and 5G: what can we learn from Huawei and Verizon? (IT Pro Portal) What are the challenges in patenting 5G technologies? How can we create a fair 5G future?
CEOs’ Cyber Ignorance Costing Firms Dear (Infosecurity Magazine) RedSeal uncovers potential security risk in the smart home
As cyber attacks increase, the cloud-based database security market grows - Help Net Security (Help Net Security) The cloud-based database security market is expected to register a CAGR of 19.5% over the forecast period 2019-2024, according to ResearchAndMarkets.
DISA Turns to Governmentwide Contract to Manage Security of Classified Network (Nextgov.com) The Pentagon will be awarding the DCMA Cybersecurity Center support contract through the National Institute of Health’s governmentwide contract instead of a full and open competition.
Ex-White House cybersecurity chief says Peter Thiel is right to call out Google for working with China (CNBC) "Here's what I think is true: Google refused to work for the Pentagon on artificial intelligence" and it works on AI in China, says Richard Clarke.
DUST Identity Raises $10M For Supply Chain Security (PYMNTS.com) Pioneers of the first diamond-coated unclonable security tag for supply chain security and end-to-end tracking, DUST Identity has announced $10 million in Series A funding. The investment will be used to accelerate product development and engineering while also fueling global go-to market strategy and deployment, DUST Identity said in a press release. Led by Kleiner Perkins, […]
Arrow Electronics to exit ITAD business (Recycling Today) The company says it plans to wind down its personal computer and mobility asset disposition business by the end of 2019.
'I cannot rule it out' - Computacenter CEO on buying Arrow's ITAD unit (CRN) Computacenter in talks with Arrow about how best to guarantee continuity of service for customers of its former RDC business
ERI Offers Former Arrow Electronics Asset Disposition Customers a Smooth Transition (BusinessWire) After Arrow Electronics' announcement yesterday that it will wind down its asset disposition business, ERI offers invitation to help customers.
IBM Revenue Lags as Cloud Pivot Remains a Challenge (Wall Street Journal) International Business Machines reported another drop in quarterly revenue as Chief Executive Ginni Rometty struggles to remake Big Blue for the modern computing age.
Small businesses struggle to climb the FedRAMP (Federal Times) As lawmakers work to codify FedRAMP in statute, industry and federal CIOs addressed struggles small business face in the approval process.
Israel is way ahead in cybersecurity (The Suburban Newspaper) I just got back from the 9th edition of Cyber Week in Tel Aviv, a global cybersecurity conference that drew 8,000 participants, and it is clear that
Optiv Security Brings Cybersecurity Innovation to Dallas-Fort Worth (Optiv) Enterprise digital transformation efforts combined with advanced and innovative attack intents have left many organizations’ security operations teams overwhelmed by an inordinately high volume, velocity and variety of cybersecurity data and threats.
Florin Vasile abruptly departs Eset Australia following internal investigation (ARN) Security vendor, Eset Australia is searching for a new country manager following the abrupt departure of Florin Vasile who was suspended due to an internal company investigation.
Products, Services, and Solutions
Enzoic Launches Real-Time Password Monitoring in Active Directory (BusinessWire) Enzoic launches real-time password monitoring in active directory. The first solution that helps prevent compromised passwords being used.
Fugue Announces Support for Microsoft Azure, Delivering Unified Multi-Cloud Security and Compliance (Fugue) Fugue now provides enterprises with continuous visibility into the security posture of their Microsoft Azure and Amazon Web Services (AWS) cloud environments and protects critical resources with self-healing infrastructure.
NSS Labs Announces 2019 NGFW Group Test Results (NSS Labs, Inc.) Next generation firewalls are core to many cybersecurity strategies, and yet most of these products were easily evaded in this test.
WatchGuard Blocks 100% of Evasions and Earns Recommended Rating from NSS Labs’ Next Generation Firewall Test for Third Straight Year (West) Company believes continued focus on the evasion resiliency of its IPS engine and other security controls serves as major differentiator as just two vendors achieve the zero-evasion benchmark
SynED™ Reorganizes Pillar Program (PR Newswire) In line with requests from both other states across the nation and international audiences, synED, a...
The SANS Institute Receives EARN Maryland Grant Renewal; Continues To Grow State's Cybersecurity Talent Pipeline (PR Newswire) The SANS Institute today announced an expansion of funding for the SANS Cyber Workforce Academy – Maryland, a...
Free Tool Reveals the True Cost of 'Free' Online Services - Your Data and Identity (PR Newswire) Cyber security provider F-Secure has released a free new online tool that helps expose the true cost of using some of...
Synack launches a new crowdsourced penetration test designed specifically for government (Help Net Security) Synack announces the availability of the market’s first comprehensive crowdsourced penetration test designed specifically for government.
Claroty extends platform to include IoT device security (SearchSecurity) Claroty's Continuous Threat Detection cybersecurity platform expanded to support IoT device security, along with noise reduction, increased visibility and root cause analytics.
Canadian Businesses Must Deploy Disruptive Technologies to Mitigate Risks of Online Fraud (Yahoo) The increased sophistication of online fraudsters continues to pose significant risks to Canadian businesses and the customers they serve. Deploying advanced fraud prevention solutions that mitigate cyber frauds - without compromising the customer experience – is gaining ground fast. It calls for businesses
FireEye launches two new service delivery options for managed detection and response (Help Net Security) FireEye, the intelligence-led security company, announced the availability of two new managed detection and response (MDR) service offerings.
Lantech launches cybersecurity partnership with Proofpoint (Telecompaper) Lantech, a supplier of security and managed infrastructure services, has entered into a partnership with US cybersecurity specialist Proofpoint. Both parties hope in this way to strengthen their position in the field of email security and security awareness within the SME and enterprise segment.
Secure-D Releases the First Ever Mobile Malware Analytics Platform (BusinessWire) Secure-D releases the first ever mobile malware analytics platform, Secure-D Index. More than 1,500 suspicious Android apps listed.
Navisite and Alert Logic Provide New Managed Threat Detection and Remediation Solution through Expanded Global Partnership (PR Newswire) Navisite, a part of Spectrum Enterprise, the enterprise-focused arm of Charter Communications, Inc., and Alert...
Technologies, Techniques, and Standards
IRS Urges Tax Pros to Take Cyber Seriously (Nextgov.com) The agency released a list of basic cybersecurity procedures the entire tax industry should use to stop digital identity theft.
U.S. Cyber Command simulated a seaport cyberattack to test digital readiness (CyberScoop) When U.S. Cyber Command simulated a cyberattack against a seaport last month, military personnel hunted for adversaries who appeared to be using malware against a critical trade hub. It was the latest version of an annual weeklong test known as “Cyber Flag” that teaches cyber staffers better defend against critical infrastructure attacks, military commanders involved in the exercise told reporters in a briefing Tuesday.
WaterISAC Releases Cybersecurity Fundamentals (CISA) The Water Information Sharing and Analysis Center (WaterISAC) recently released an updated cybersecurity fundamentals guide for water and wastewater utilities. The guide includes cybersecurity best practices, grouped into 15 categories, to help sector utilities reduce exploitable weaknesses and attacks. WaterISAC is a CISA partner focused on protecting Water and Wastewater Systems Sector utilities from all hazards.
How Electric Utilities Can Reduce Their Cyber Risk (Technology Solutions That Drive Business) The energy sector has become a favorite target for cyber attackers, and utilities need to proactively protect their infrastructure to ward off disaster.
The importance of hardening firmware security (Help Net Security) Researchers are developing firmware hardening technologies for UEFI that will restrict what an attacker can do, even with code execution inside firmware.
US Govt Rolls Out New DNS Security Measures for .gov Domains (BleepingComputer) New DNS security measures for all .gov domains will be implemented by the U.S. government starting today to help mitigate risks associated with future DNS hijacking incidents.
Microsoft will give away software to guard U.S. voting machines (NBC News) The tech giant says it has tracked more than 700 cyberattacks by foreign adversaries against U.S. political organizations so far this election cycle.
MITRE ATT&CK Framework Not Just for the Big Guys (Dark Reading) At Black Hat, analysts from MITRE and Splunk will detail how organizations of many different sizes are leveraging ATT&CK's common language.
Does YouTube Ban Hacking Videos? (Acunetix) An ethical hacking channel had their YouTube videos removed. This caused a wrath of angry computer nerds, which helped to reinstate the videos. It also spawned a discussion on Google's policies.
Cyber Security Decision Paralysis (LinkedIn) In a recent article published by Psychology Today, Eva Krockow provided the following observation: “With 80,000 different options, how do you ever find your favorite drink? If you took a diligent approach and tested every single coffee drink, you’d end up spending 109 years trying two different Sta
Design and Innovation
How to train your algorithm (FCW) The federal government is starting to bet big on artificial intelligence in the federal space, but agencies must be careful not to repeat IT mistakes of the past that have resulted in insecure legacy technology.
Goodbye Passwords! Biometrics to Protect Companies from Cyber Attacks (EuroPlat) Computers and mobile phones are an integral part of our lives, and an attack on either of them can cost us dearly. With almost 80% of our routine online, there is a sea of data available on our phones or computers.
True passwordless authentication is still quite a while away (Help Net Security) The transition to truly passwordless authentication is going to be a journey. All passwordless authentication is reliant on a password and username.
Researchers hail the demise of an online security algorithm (TechXplore) An international team of mathematicians has hailed the end of a variant of a code that is widely used to protect online transactions.
How Deception Technology Is Evolving (BankInfo Security) Deception technology is becoming more sophisticated, enabling organizations to battle against emerging threats, says Alissa Knight, senior analyst at Aite Group, a
Research and Development
U.S. Cyber Command Lists Technical Challenge Areas (SIGNAL Magazine) The U.S. Cyber Command has released a list of 39 challenge problems fitting under 12 categories.
Researchers hide data in music – and human ears can’t detect it (Naked Security) It’s now possible to secretly transfer data inside music without turning it into unlistenable mush.
The 5G Health Hazard That Isn’t (New York Times) How one scientist and his inaccurate chart led to unwarranted fears of wireless technology.
University offering three new degrees (Grand Rapids Business Journal) A local university is offering three new degrees in the cybersecurity and biomedical engineering fields.
Legislation, Policy, and Regulation
'Highly intrusive' facial recognition trials should be suspended, urge MPs (Computing) MPs question legal basis for facial recognition trials conducted by police forces
ZTE, Huawei call for fair 5G policy (SHINE) ZTE Corp and Huawei warned the Italian government's newly strengthened power to intervene in the dev
ZTE says Italy's new powers to intervene in 5G will delay deployment (WSAU) Chinese telecom equipment firm ZTE Corp warned on Wednesday that the Italian government's newly strengthened power to intervene in the development of fifth-generation telecoms networks may further delay 5G mobile services in the country.
OPSEC: Why this retired one-star says service members should trash their Chinese Huawei smartphones (Military Times) OPSEC: Military service members should trash China's Huawei smartphones, this retired Air Force general says.
Microsoft, Google and Apple clouds banned in Germany’s schools (Naked Security) Citing privacy issues, Germany just banned its schools from using Microsoft Office 365, Google Docs, and Apple’s iWork cloud services.
Facebook Denies App Changes to Avoid Breakup: Antitrust Update (Bloomberg) U.S. technology giants are headed for their biggest antitrust showdown with Congress in 20 years as lawmakers and regulators demand to know whether companies like Alphabet Inc.’s Google and Facebook Inc. use their dominance to squelch innovation. The House Judiciary antitrust subcommittee is holding a hearing Tuesday on the market power of the largest tech companies.
A Google VP Told The US Senate The Company Has “Terminated” The Chinese Search App Dragonfly (BuzzFeed News) But Karan Bhatia did not explicitly rule out working on tools for China in the future.
Facebook’s regulation dodge: Let us, or China will (TechCrunch) Facebook is leaning on fears of China exporting its authoritarian social values to counter arguments that it should be broken up or slowed down. Its top executives have each claimed that if the U.S. limits its size, blocks its acquisitions or bans its cryptocurrency, Chinese company’s absent …
Facebook’s Cryptocurrency Faces Second Day of Critical Hearings (New York Times) Skeptical House committee members said Facebook’s Libra plans could be a threat to central banks and aid tax evaders and drug dealers.
Facebook Pressed on Protections for Cryptocurrency Users (Wall Street Journal) House lawmakers questioned Facebook about how its cryptocurrency should be regulated and its plans to protect users, underscoring the political hurdles facing the company as it seeks to issue the digital cash called Libra.
House passes annual intelligence bill (TheHill) The House on Wednesday passed legislation authorizing funding for U.S. intelligence agencies and activities, including key intelligence collection efforts targeting countries like Iran, North Korea, China and Russia.
What Does ‘Collection’ Mean? Discretion and Confusion in the Intelligence Community (Lawfare) Intelligence agency procedures have varied both within and across agencies in the intelligence community—making it difficult for Congress, the public and even the agencies themselves to determine the scope of intelligence gathering.
Does funding for cyber and tech in civilian agencies help enough? (Fifth Domain) A new analysis from big data firm Govini found that federal agencies are still lacking resources to meet the standards laid out in the national security and national defense strategies.
Analysis | The Cybersecurity 202: States don't have enough money to secure the 2020 election, new report warns (Washington Post) There are still gaping holes after Congress's cash infusion.
Senate passes bill making hacking voting systems a federal crime (TheHill) The Senate passed legislation on Wednesday night that would make it a federal crime to hack into any voting systems used in a federal election. The bill, known as
House panel advances bill to protect elections from foreign interference (TheHill) The House Foreign Affairs Committee advanced legislation on Wednesday intended to safeguard elections from foreign interference, sending it to the House floor for a vote following a heated debate among lawmakers over the bill.
Hassan Talks Cybersecurity After Strafford County Virus Attack (New Hampshire Public Radio) Senator Maggie Hassan visited Strafford County on Monday to learn how officials there dealt with a June cyberattack . Hassan, a member of the Senate
Vermont develops action plan for tackling cybersecurity issues (Digital Journal) The demand for cybersecurity talent is at an all-time high and supply struggles to keep pace. To address this, Vermont, a U.S. state of fewer than 650,000 people, is tackling this cybersecurity skills shortage in novel ways.
Litigation, Investigation, and Law Enforcement
Watchdog groups want Pennsylvania to examine election machines for possible security flaws (TheHill) Four watchdog groups are calling on Pennsylvania to re-examine a widely used election machine, citing concerns about its security and accessibility.
Standing to be Dismissed – The U.S. D.D.C. Weighs in on “Actual Damage” in Data Breach Litigation (Cooley) In Attias v. CareFirst, Inc., the U.S. District Court for the District of Columbia (D.D.C.) jumpstarted the debate concerning the harm plaintiffs must allege to move forward with data breach class …
'Wizard' hacker charged after financial records of nearly every Bulgarian exposed (the Guardian) Cyber attack compromised records on incomes, tax, health insurance and loans of millions of people
Man from Utrecht arrested for producing and distributing malware (Openbaar Ministerie) Recently the high tech crime team (THTC) of the Dutch National Police Unit arrested a 20 year old resident of the Dutch city of Utrecht. He is suspected of large-scale production and selling of malware. The young man offered programs with names like Rubella, Cetan and Dryad, enabling the buyer to include secret code or malware in amongst others Word or Excel files. In view of the ongoing investigation, the arrest could not be disclosed earlier by police and National Prosecutor’s Office.
McAfee ATR Aids Police in Arrest of the Rubella and Dryad Office Macro Builder Suspect (McAfee Blogs) Everyday thousands of people receive emails with malicious attachments in their email inbox. Disguised as a missed payment or an invoice, a cybercriminal
NSW Police smash fake telco service scam (CRN Australia) Convinced victims to enable remote access to fix 'internet flaw'.
FBI's spreadsheet puts a stake through the heart of Steele's dossier (TheHill) Using Steele’s belated cooperation with the inspector general investigation to prop up the credibility of his 2016 anti-Trump memo is misguided.