Cyber Attacks, Threats, and Vulnerabilities
Data from hacked Bulgarian tax office systems now being circulated on hacking forums (Computing) Hacked data trader called 'Instakilla' shared download links for around half the compromised data
Is industry cyber(in)security DoD’s Achilles’ heel? (Fifth Domain) The Department of Defense hosted a prototyping event to test tools that can monitor manufacturing company networks for cyber intrusions.
It's never good when 'Magecart' and 'bulletproof' appear in the same sentence, but here we are (Register) Ukrainian civil war a bonanza for dodgy malware hosting firms
FaceApp privacy panic: Be careful which apps you use (Help Net Security) The privacy panic over FaceApp, the selfie-editing mobile app that makes photo subjects younger or older, has been overblown.
Threat Spotlight: Sodinokibi ransomware attempts to fill GandCrab void (Malwarebytes Labs) There’s a new ransomware-as-a-service (RaaS) in town, and it can twist tongues for giggles as much as twist organizations' arms for cash. Get to know the Sodinokibi ransomware, including how to protect against this fledgling threat.
Personal Data (Incl. SMS & Calls) of Mobile Loan App Users in China Left OPEN for ALL to See (Safety Detective) SafetyDetective discovered a massive leak in a China-based server, leaking personal credit information reports of million Chinese citizens.
My browser, the spy: How extensions slurped up browsing histories from 4M users (Ars Technica) Have your tax returns, Nest videos, and medical info been made public?
Ke3chang APT Linked to Previously Undocumented Backdoor (Threatpost) The cyberspy group's activities are broader than originally thought.
Okrum: Ke3chang group targets diplomatic missions (WeLiveSecurity) ESET researchers have discovered new versions of malware families linked to the elusive Ke3chang APT group, as well as a previously unreported backdoor.
New Malware Confirms User Activity Before Exploiting Backdoor To Conduct Cyber-Espionage (Appuals.com) Cybersecurity company ESET has discovered a known and elusive hacking group has been quietly deploying a malware that has some specific targets. The
I Can't Believe Mirais: Tracking the Infamous IoT Malware (Security Intelligence) Mirai malware is often perceived as a low-risk threat to enterprise security, but consumer devices in the home, when connected to corporate networks, can expose corporate networks to botnet attacks.
Spam Campaign Targets Colombian Entities with Custom-made ‘Proyecto RAT,’ Uses Email Service YOPmail for C&C (TrendLabs Security Intelligence Blog) We observed a recent campaign that primarily targets financial institutions and governmental organizations in the South American region, particularly in Colombia.
Johnson Controls exacqVision Server (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.7 Vendor: Exacq Technologies, Inc., a subsidiary of Johnson Controls Equipment: exacqVision Server Vulnerability: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated user to elevate their privileges.
Think FaceApp Is Scary? Wait Till You Hear About Facebook (WIRED) The idea that FaceApp is somehow exceptionally dangerous threatens to obscure the real point: All apps deserve this level of scrutiny.
This strange new phishing attack uses a surprise bill to trick you into clicking (ZDNet) Researchers uncover a campaign which uses SHTML files - commonly associated with web servers - to direct users to malicious, credential-stealing websites.
New Phishing Attack Emerges using SHTML file attachments (Mimecast) This blog describes a rare type of SHTML based phishing attack emerging from the UK that the Mimecast Threat Center was alerted to.
Researchers Easily Trick Cylance's AI-Based Antivirus Into Thinking Malware Is 'Goodware' (Vice) By taking strings from an online gaming program and appending them to malicious files, researchers were able to trick Cylance’s AI-based antivirus engine into thinking programs like WannaCry and other malware are benign.
A new Equation Editor exploit goes commercial, as maldoc attacks using it spike (Sophos News) Weaponized RTF documents adopt CVE-2018-0798, another Equation Editor vulnerability
Hacked Bluetooth hair straighteners are too hot to handle (Naked Security) The Glamoriser Smart Bluetooth straightener offers up yet another example of how not to add a risky product to the Internet of Things (IoT).
Thousands of NHS computers are still running Windows XP (The State of Security) Two years after the WannaCry outbreak shone a light on the computer security of the NHS it still has 2,300 PCs running XP, an outdated operating system.
Nigerian scammers slide into DMs, so Ars trolls them (Ars Technica) Romance scams persist, somehow, by preying on the gullible; Twitter is fertile ground.
Henry County government operations may have been hit by cyber attack (Atlanta Journal Constitution) Henry County operations were taken offline after potential cyber attack
Laporte County government pays $130K ransom to hackers (WGN-TV) The government of Laporte County was the latest to have its computer systems taken over by hackers and held for ransom.
County responds to cyber scare (The Conway Daily Sun) In the wake of a serious cyberattack on neighboring Strafford County, Carroll County’s IT contractor assured commissioners that Carroll County’s data has been secured but the threats to
Why are so many US public entities being hit by ransomware? (Emsisoft | Security Blog) Many cities across the US have been hit by ransomware. What motivates hackers to target the public sector and why have these attacks been so successful?
Cities Under Siege: AppRiver’s Midyear Cybersecurity Report Finds: Local Governments in Hackers’ Sights More Often Than Ever (Yahoo) According to the new Mid-Year Global Security Report, released today by AppRiver, a Zix company (ZIXI), cyberthreats targeting municipalities are on the rise. Through the first half of 2019, a growing number of municipalities across the US were hit with crippling ransomware attacks, while several large
Security Patches, Mitigations, and Software Updates
Slack resets user passwords after 2015 data breach (TechCrunch) Slack will reset the passwords of users it believes are affected by a historical data breach that affected the company more than four years ago. In 2015, the company said it was hit by hackers who gained access to its user profile database, including their scrambled passwords. But the hackers inser…
Still not using HTTPS? Firefox is about to shame you (Naked Security) Two years after promising to report all HTTP-based web pages as insecure, Mozilla is about to deliver.
Cyber Trends
Secureworks 2019 Incident Response Insights Report (Secureworks) Learn how organizations undermine their security program and provide opportunities to threat actors.
BEC Scams Cost US Firms $300m Each Month (Infosecurity Magazine) US government stats reveal soaring number of victims
22% of users would quit WhatsApp if encryption is banned | Comparitech (Comparitech) WhatsApp encryption may come to end, potentially signalling a big drop in its user numbers. Find out what our survey uncovered.
Lenovo Patches Security Flaw Exposing 36TB Of Financial Data In The Wild (Z6 Mag) The compromised data include sensitive financial information like card numbers and financial records.
Reputations are at risk as executives feel the weight of emerging threats (Insurance Business) From cyber to pollution, no company is safe in today’s evolving risk landscape
Half of Manx people 'at risk of online scams' (BBC News) More than 50% of people on the Isle of Man use the same password for several accounts, a survey finds.
Marketplace
InCountry raises $15M for its cloud-based private data storage-as-a-service solution (TechCrunch) The rise of data breaches, along with an expanding raft of regulations (now numbering 80 different regional regimes, and growing) have thrust data protection — having legal and compliant ways of handling personal user information — to the top of the list of things that an organization n…
VComply raises $2.5 million seed round led by Accel to simplify risk and compliance management (TechCrunch) Risk and compliance management platform VComply announced today that it has picked up a $2.5 million seed round led by Accel Partners for its international growth plan. The funding will be used to acquire more customers in the United States, open a new office in the United Kingdom to support custom…
VMware to acquire AI, ML acceleration firm Bitfusion (CRN Australia) Bitfusion's platform virtualises GPUs to share across infrastructure.
F-Secure's Managed Detection and Response Solution Countercept Wins EUR 2m+ Deal (Yahoo) F-Secure's Managed Detection and Response (MDR) solution Countercept has won a multi-year deal worth than more than EUR 2m to defend a major European enterprise ...
Fujitsu launches Canberra Cyber Resilience Centre (ITWire) Fujitsu has launched its new Cyber Resilience Centre (CRC) in Canberra, with the facility to oversee managed and professional security services across the Oceania region.
Google will now pay bigger rewards for discovering Chrome security bugs (TechCrunch) Bug hunting can be a lucrative gig. Depending on the company, a serious bug reported through the proper channels can earn whoever found it first tens of thousands of dollars. Google launched a bug bounty program for Chrome in 2010. Today, they’re increasing the maximum rewards for that progra…
Atlantic Council Announces Trey Herr as Director of the Cyber Statecraft Initiative (Atlantic Council) The Atlantic Council today announced Trey Herr as Director of the Cyber Statecraft Initiative in its Scowcroft Center for Strategy and Security. Dr. Herr will be central to further strengthening the Initiative’s continued work on...
Callsign Adds Industry Veteran Tom Noonan to Board of Directors (Callsign) Callsign, a London-based company at the forefront of the identity revolution, today announced the addition of Tom Noonan to its board of directors.
Products, Services, and Solutions
42Crunch Announces Full Kubernetes Support to Automate Zero-Trust API Security Across Microservices Architecture (Yahoo) 42Crunch Allows Organizations to Extend Comprehensive API Security Beyond the Edge, to Each and Every Container in Kubernetes Environments
Dropbox silently installs new file manager app on users’ systems [Update] (Ars Technica) Dropbox ambushes its users with a radically different version of its sync app.
Reducing attack surface with SDP, Safe-T wins contract with Israeli utility (Warrior Trading News) The Safe-T Group (SFET) security company is up 15% pre-market on news that a national Israeli utility has adopted its Software Defined Perimeter technology.
Bitdefender 2020 protects against cyberbullying and online predators (BetaNews) What do you perceive as the primary threat to your devices for the year ahead? Most people are now fairly self-aware to be wary of phishing attempts and illegitimate websites, while basic security software will prevent you from accidentally installing malicious software.
Technologies, Techniques, and Standards
FBI senior IT official: Bug bounties still useful, but ‘a little over-hyped’ (Federal News Network) Manny Castillo, a senior IT security adviser at the FBI, said the bureau does all its penetration testing internally and has no plans on changing that.
We Spend Billions on Information Security, So Why do Companies Continue to get Owned? (Bromium) Back in 2013, General Keith Alexander of US Cyber Command sounded an alarm at a cybersecurity conference, alerting corporations and government agencies of an increased threat of cyberattacks. He called the billions of dollars in intellectual property flowing out of the country “the greatest transfer of wealth in history” and warned that unless we do something, the consequences would only intensify.
Boost Infrastructure Immunity Against the Ransomware Epidemic (SecurityWeek) Following basic security best practices and backing up data regularly can minimize an organization’s exposure to becoming a casualty of ransomware.
Adding VPN protection to your iPhone is easier than you think (Cult of Mac) A VPN can keep your online activity secure by preventing malware and trackers. You should use one anytime you use a public Wi-Fi network.
Four Questions Organisations Need To Ask After A Cyber Attack (Information Security Buzz) Cyber attacks are inevitable, but it’s how an organisation deals with them that can make or break their business. Have they got all the answers, and do they fully understand the implications? Can they be sure the attack won’t happen again? Swift and comprehensive incident response is a critical step to ensuring the future security of a business …
DHS is Looking to Upgrade Its FISMA Compliance Tools (Nextgov.com) The new and improved information assurance system would help officials better understand and manage the department’s sprawling IT infrastructure.
How Capture the Flag Competitions Strengthen the Cybersecurity Workforce (Dark Reading) These competitions challenge participants with problems involving digital forensics, cryptography, binary analysis, web security, and many other fields.
Emsisoft releases a free decryptor for the ZeroF[**]ks ransomware (Emsisoft | Security Blog) Our malware team has just released a decryptor for the ZeroF[**]ks ransomware.
Protect Your Organization Against Password Spraying (Infosecurity Magazine) Password spraying, unlike traditional brute force attacks, often stays under the radar
Design and Innovation
High-Stakes AI Decisions Need to Be Automatically Audited (WIRED) Opinion: The current standard for evaluating AI is insufficient. AI systems should be instantly interrogated for bias by a third party.
Kaspersky offers cybersecurity training in video game form (CRN Australia) Targeted to IT managers and business leaders.
How to protect the growing internet of battlefield things (Fifth Domain) The incoming Secretary of Defense needs to make funding the deployment of Comply to Connect, which monitors networks for unauthorized devices, one of his first priorities.
Academia
Cadets build relationships, knowledge on Cyber AIAD (Pointer View) The U.S. Military Academy’s Academic Individual Advanced Development program is a key portion of the institution’s margin of excellence
Legislation, Policy, and Regulation
Kazakhstan government is now intercepting all HTTPS traffic (ZDNet) Kazakh government first wanted to intercept all HTTPS traffic way back in 2016, but they backed off after several lawsuits.
Why the Ghost Keys `Solution’ to Encryption is No Solution (Just Security) An encryption back-door proposal from Britain's GCHQ poses serious risks to privacy and digital security on apps like Signal and Whatsapp.
Central Bankers Doubt Facebook’s Cryptocurrency (Daily Forex) The G7 finance chiefs expressed their skepticism towards Facebook's attempt to issue a digital currency, as they consider that several regulatory problems shoul
Congressional testimony reveals some faults in Facebook’s digital currency plans (TechCrunch) As Facebook continues to lay the foundation for getting some of the world’s largest payment processing and technology companies a seat at the global monetary policy table, the company faces significant obstacles to enacting its plans from both sides of the congressional aisle. In the second o…
Everyone Wants Facebook's Libra to Be Regulated. But How? (WIRED) Facebook's planned blockchain-based currency poses nettlesome questions: Is it money? Is the Libra Association a bank?
Facebook accused of contradicting itself on claims about platform policy violations (TechCrunch) Prepare your best * unsurprised face *: Facebook is being accused of contradicting itself in separate testimonies made on both sides of the Atlantic. The chair of a UK parliamentary committee which spent the lion’s share of last year investigating online disinformation, going on to grill mult…
Senators Introduce Bill Restricting Huawei From Buying, Selling U.S. Patents (Wall Street Journal) Republican senators introduced legislation aimed at blocking Huawei from buying or selling U.S. patents in the latest action by Washington targeting the Chinese telecom giant.
U.S. tech firms push Trump to allow sales to Huawei, set up White House meeting next week (Washington Post) Tech companies are asking the administration to allow sales of chips and other parts for Huawei-made smartphones and laptops, arguing such sales won’t hurt U.S. national security, according to people familiar with the matter.
Banning Huawei Could Make U.K. Networks Less Secure, MPs Say (Bloomberg) Parliament’s security committee says China isn’t the issue. Limiting suppliers might increase risk of malicious attacks.
Is Huawei a Security Threat? Vietnam Isn’t Taking Any Chances (New York Times) As the world splits along U.S.-China fault lines, telecom companies in Vietnam appear to be quietly avoiding the Chinese tech giant in their 5G plans.
The FTC looks to change children’s privacy law following complaints about YouTube (TechCrunch) The U.S. Federal Trade Commission is considering an update to the laws governing children’s privacy online, known as the COPPA Rule (or, the Children’s Online Privacy Protection Act). The Rule first went into effect in 2000 and was amended in 2013 to address changes in how children use …
How Cyber Weapons Are Changing the Landscape of Modern Warfare (The New Yorker) Unlike conventional weapons, cyber weapons lend themselves to plausible deniability. How do you levy a threat when it’s not clear where an attack is coming from or who is responsible?
Cybersecurity industry can contribute its expertise to cyberspace peace (RSA Conference Blog) The list of attacks in the Asia-Pacific, and elsewhere in the world, is long and growing. Is the world on the brink of cyberwar?
New rules on paying for campaign cybersecurity (Axios) Nonprofits can offer campaigns free services or special deals, but for-profit companies can't.
Pentagon Will Default To Trusting Other Agencies’ Cloud Security Assessments (Nextgov.com) The department has had success reusing other agencies’ authorizations and will make reciprocity the rule rather than the exception.
Pentagon reconsiders plan to relocate key US intelligence hub within Britain (Stars and Stripes) A U.S. intelligence gathering hub at RAF Molesworth, one of several American bases that had been slated for closure, could stay where it is as the Pentagon reconsiders a plan to move the center to a different site.
Litigation, Investigation, and Law Enforcement
EXCLUSIVE: Career officials rebut claims of White House interference in security clearance process (TheHill) Two career White House security officials have testified in a closed door session with the House Oversight Committee that no political pressure was asserted on their office in determining security clearances, according to a GOP staff memo obt
Ex-Microsoft dev used test account to swipe $10m in tech giant's own store credits, live life of luxury, Feds allege (Register) 'No safeguards' on QA accounts, and suddenly this guy gets a Tesla and $1.6m home, say prosecutors
Ex-NSA contractor to be sentenced in stolen documents case (Washington Post) A former National Security Agency contractor awaits sentencing in Baltimore’s federal court for storing two decades’ worth of classified documents at his Maryland home
U.S. Senator Asks FBI to Investigate Russia's FaceApp Over Security Concerns (The Moscow Times) Schumer said the photo editing app's location in Russia raises questions
Actor Ajaz Khan held for posting objectionable videos (The Times of India) Actor Ajaz Khan is in trouble again, this time for uploading a communally incendiary video on a popular website that could have led to communal tensio