Cyber Attacks, Threats, and Vulnerabilities
Tapping Telegram Bots (Forcepoint) At Forcepoint Security Labs we are always looking at the methods threat actors use to circumvent existing protections. One such investigation saw us looking into the usage of the Telegram encrypted messaging service as a Command and Control (C2) infrastructure for malware. Malware that uses Telegram as a C2 channel typically uses the Telegram Bot API for communications. In the course of an investigation into one piece of malware, we discovered a significant flaw in the way Telegram handles messages sent through its Bot API.
Facebook Shuts Hundreds of Russia-Linked Pages, Accounts for Disinformation (Dark Reading) Facebook says the accounts and pages were part of two unrelated disinformation operations aimed at targets outside the US.
Massive breach leaks 773 million email addresses, 21 million passwords (CNET) The best time to stop reusing old passwords was 10 years ago. The second best time is now.
The Collection #1 data breach - what you need to do about it (Graham Cluley) A huge collection of email addresses and passwords, which can be used in attempts to break into online accounts, has been discovered.
If you are one of the affected users, what should you do about it?
The 773 Million Record "Collection #1" Data Breach (Troy Hunt) Many people will land on this page after learning that their email address has appeared in a data breach I've called "Collection #1". Most of them won't have a tech background or be familiar with the concept of credential stuffing so I'm going to write this post for the masses
The ‘Biggest EVER’ Collection of Hacked Passwords Is Not That Bad (Motherboard) Someone put together a massive list of 773 million unique email addresses and 21 million unique passwords. But there’s really no reason to panic.
773M Password ‘Megabreach’ is Years Old (KrebsOnSecurity) My inbox and Twitter messages positively lit up today with people forwarding stories from Wired and other publications about a supposedly new trove of nearly 773 million unique email addresses and 21 million unique passwords that were posted to a hacking forum.
Malware Used by “Rocke” Group Evolves to Evade Detection by Cloud Security Products (Unit42) Palo Alto Networks Unit 42 recently captured and investigated new samples of the Linux coin mining malware used by the Rocke group.
Removing Coordinated Inauthentic Behavior from Russia (Facebook Newsroom) Today we removed multiple Pages, groups and accounts that engaged in coordinated inauthentic behavior on Facebook and Instagram.
Hacked Instagram Influencers Rely on White-Hat Hackers to Get Their Accounts Back (Motherboard) Leaked internal documents and stories from influencers show that Instagram has an influencer-hacking problem.
Underground Tradecraft (Underground Tradecraft) A proposal outlining , at a high level, an influence campaign and an intelligence collection operation. The content is extremely interesting reading. Moreso when you realize you’re reading a proposal...
IoT insecurity is opening the door for deadly-accurate AI-powered swarmbot attacks (CSO) Cybercriminals’ increasing use of artificial intelligence (AI) will create autonomous, self-changing botnets that will be able to tweak and re-deploy attacks in seconds, a security strategist has warned.
Throwback Thursday: Whatever happened to Stuxnet? (Security Boulevard) Whatever happened to Stuxnet? Since it destroyed hundreds of centrifuges at a nuclear enrichment facility in Iran in 2010, the worm’s been quiet—but not idle. Compared to many of its malware colleagues, the Stuxnet worm has had a lot more than the proverbial 15 minutes of fame. With good reason. It was precedent-setting. It was The post Throwback Thursday: Whatever happened to Stuxnet? appeared first on Software Integrity Blog.
These are all the federal HTTPS websites that’ll expire soon because of the US government shutdown (TechCrunch) We like to think of ourselves as nerds here at TechCrunch, which is why we’re bringing you this. During the government shutdown, security experts noticed several federal websites were throwing back browser errors because the TLS certificate, which lights up your browser with “HTTPS” or flashe…
Manufacturing.gov and White House security suffer under U.S. shutdown (Netcraft) Dozens more U.S. government websites have become inaccessible since last week, when Netcraft highlighted the impact of security certificates expiring during the
Emotet infections and follow-up malware (SANS Internet Storm Center) Three major campaigns using malicious spam (malspam) to distribute malware stopped sending malspam before Christmas--sometime during the week ending on Sunday 2018-12-23.
Bitcoin rival Ethereum saved from CYBER-ATTACK threat by THIS accidental discovery (Express) BITCOIN rival Ethereum was saved by an accidental discovery during a training exercise.
Email crooks swindle woman out of $150K from home sale (Naked Security) She sent her bank account details three times, she said. Unfortunately, they wound up in crooks’ hands, and her money wound up in their pockets.
Most Facebook users aren't aware that Facebook tracks their interests (Help Net Security) Many Facebook users don't know that the company uses their info and their online actions to create a list of their interests for ad targeting purposes.
NSFOCUS Identifies IP Chain-Gangs in New Cybersecurity Insights Report (BusinessWire) NSFOCUS, a leader in holistic hybrid security solutions, today released its Behavior Analysis of IP Chain-Gangs report, a follow up to their H1 Cybers
As States Lag on Cyber Training, Agencies Are Fertile Phishing Grounds (Governing) A 2018 survey by NASCIO and consulting firm Deloitte & Touche LLP found that only 45 percent of states require that all executive branch employees complete cyber training.
SAH among northeastern Ontario hospitals plagued by zero day virus (Sault Star) The privacy of patients has not been breached despite the presence of a so-called a zero day virus in its computer systems, Health Sciences North said Thursday.Since Wednesday at 8 a.m., all 24 nor…
Security Patches, Mitigations, and Software Updates
Windows Zero-Day Bug that Overwrites Files Gets Interim Fix (BleepingComputer) A micropatch has been released today for a vulnerability in Windows that allows overwriting files, even system one, with arbitrary data.
Cyber Trends
Risk managers see cybersecurity as the biggest threat to business (Help Net Security) Sword GRC canvassed amost 150 risk managers from highly risk-aware organizations worldwide for their opinions. Overall, cybersecurity was seen as the
Marketplace
The next development in cyber insurance that brokers need to watch for in 2019 (Insurance Business) A comparison between earthquakes and hacks helps show why insurers are still nervous about this space
Venture capital funding of cybersecurity firms hit record high in... (Reuters) Venture capital investments in cybersecurity firms hit a record high last year a...
2019 cybersecurity workforce: Recruiting vs. re-skilling (Help Net Security) The cybersecurity talent gap is not just an IT industry crisis. It’s one with global ramifications. As the inevitable march towards digitalizing the world
Onapsis signs agreement to acquire ERP cybersecurity company Virtual Forge (Help Net Security) The combination of Onapsis and Virtual Forge will empower customers to have visibility, incident response, management and compliance for applications.
Harris Technology enters blockchain world with $2.45 million acquisition (CRN Australia) Plans to acquire blockchain solution provider Lincd.
WISeKey Completes Sale of QuoVadis SSL/TLS, PKI Businesses to DigiCert for $45 Million (AP NEWS) WISeKey International Holding Ltd (SIX: WIHN), a leading Swiss cybersecurity and IoT company, announced today that is has completed the sale of QuoVadis TLS/SSL, PKI businesses to DigiCert, the leading global provider of TLS/SSL, IoT and other PKI solutions, for US$45 million cash.
What Capital-Efficient Startup Should Okta Acquire Next? (Seeking Alpha) Okta has grown through product upgrades and acquisitions. Earlier this year, it announced the acquisition of zero trust security firm ScaleFT. The stock is curr
IBM to lead Juniper Networks’ US$325 million digital transformation (CRN Australia) Using IBM Watson to enhance IT infrastructure and drive cloud adoption.
SA cybersecurity company expands to Port San Antonio (San Antonio Business Journal) The new research and development center is an investment to meet demand for new cybersecurity contracts with the U.S. Air Force.
Immuta expands GRC expertise to help enterprises build data science programs (Help Net Security) Richard Geering joins Immuta as VP of governance, risk, and compliance to help regulated enterprises transform GRC into an innovation accelerant.
Exclusive: Offensive Security Names New CEO; Former No. 2 at HackerOne, Lynda (Fortune) Ning Wang is on a mission to train the next generation of hacking talent.
FireEye's President Travis Reese Joins Board of Israeli Cybersecurity Company Waterfall (CTECH) Founded in 2007, Waterfall provides a firewall-alternative for industrial networks and critical infrastructure
Lastline Announces Sales Veteran, Gregory Enriquez, as New Chief Revenue Officer (PR Newswire) Lastline®, the leader in AI-powered network security, is continuing to build a world-class organization...
Products, Services, and Solutions
New infosec products of the week: January 18, 2019 (Help Net Security) XebiaLabs launches new DevOps risk and compliance capability for software releases The XebiaLabs DevOps Platform provides a single pane of glass for
Barracuda boosts Total Email Protection with Forensics and Incident Response (Barracuda Networks) Barracuda Networks is the worldwide leader in Security, Application Delivery and Data Protection Solutions.
Amazon Web Services announces AWS Backup (Help Net Security) The AWS Backup service helps customers to automate backups of their data across AWS services and on-premises, and meet business and regulatory requirements.
Advanced Fraud Solutions partners with Q6 Cyber to fight card fraud (Help Net Security) Advanced Fraud Solutions and Q6 Cyber have partnered to integrate Q6 data feeds directly into the TrueCards fraud prevention software platform.
Microsoft's Outlook app is now secure enough for US government use (TheINQUIRER) The app now meets the DoD's compliance standards, apparently,Security ,outlook,Pentagon,office,contract,mobile security,department of defence
Dagobert Levy, Tanium : Avant d’imaginer toute cyberdéfense, il est indispensable de maitriser l’ensemble de ses actifs informatique (Global Security Mag Online) Pour sa première participation au FIC, Tanium, un nouveau venu sur le marché français, présentera sa plateforme Tanium Reveal qui permet d’identifier rapidement les données sensibles stockées sur les endpoints : serveur, poste de travail. Dagobert Levy, responsable Europe du sud de Tanium estime qu’avant d’imaginer toute cyberdéfense, il est indispensable de maitriser l’ensemble de ses actifs informatique.
Watch out: hackers are upping their game (The Royal Gazette) Hackers are upping their game and many organisations are not even aware of serious holes in their own network defences.That is the warning from Hari
Emsisoft Browser Security Protects You from Malicious Sites (BleepingComputer) For those looking for extra protection while browsing the web, Emsisoft has a released a browser extension that will block you from interacting with known phishing, malware, or scam sites.
EY to establish Security Operations Centres across India in collaboration with IBM (Consultancy) In keeping with its strategy of expanding its digital services segment in India, global professional services firm EY has announced a strategic partnership with IT giant IBM to launch a Security Oper
Cybersecurity Startup Rivetz to Integrate Sentinel Protocol Threat Intelligence Platform (Coinjournal) Cybersecurity startup Rivetz has partnered with Sentinel Protocol, a crowdsourced threat intelligence platform built on blockchain technology, to implement the Sentinel Protocol threat intelligence platform as an oracle for the Rivetz Network.
Technologies, Techniques, and Standards
What to Make of the U.K.’s New Code of Practice on Internet-of-Things Security (Lawfare) The document offers one of the clearest policy positions articulated yet by any national government.
New requirements for the secure design and development of modern payment software (Help Net Security) New PCI Software Security Standards provide a way for developers to demonstrate their software protects payment data for applications.
Protecting privileged access in DevOps and cloud environments (Help Net Security) While security strategies should address privileged access and the risk of unsecured secrets and credentials, they should also align with DevOps culture.
Cyber risk management and return on deception investment (Help Net Security) This article is fifth in a five-part series being developed by Dr. Edward Amoroso in conjunction with the deception technology team from Attivo Networks.
Encryption is key to protecting information as it travels outside the network (Help Net Security) The State of Enterprise Encryption report reveals stark numbers behind the mounting toll of data breaches triggered by cybercrime and accidents.
Transforming Law Firm Culture to Ensure Information Security (Legaltech News) Changing the culture of law firms when it comes to information security has less to do with age and generational differences and more to do with acknowledging and accepting the current environment.
8 Tips for Monitoring Cloud Security (Dark Reading) Cloud security experts weigh in with the practices and tools they prefer to monitor and measure security metrics in the cloud.
Research and Development
WPI Computer Scientist Developing New Technology to “Contain” Hackers’ Attacks (WPI) A computer scientist at Worcester Polytechnic Institute (WPI) is developing a new technology designed to protect companies—and computer users—from damaging and expensive malware attacks. Known as single-use services, the technology is being developed by Craig Shue, associate professor of computer science at WPI, with a three-year, $265,631 grant from the National Science Foundation. It is designed to prevent an attack on a commercial website from compromising other servers, data, and users.
IBM Lattice Cryptography Is Needed Now To Defend Against Quantum Computing Future (Forbes) When it comes to securing data, it is not too early to start anticipating the future threat of quantum computing. You need to plan today for the Quantum future. I talked to IBM - a company that understands both side of this problem.
Academia
Oxford University suspends research grants from Huawei over security concerns (The Telegraph) Oxford University has cuts ties with Huawei amid security concerns.
Former FTC chief technologist named director of CMU's CyLab (Pittsburgh Post-Gazette) Lorrie Faith Cranor, also a co-founder of Wombat Security in the Strip District, replaces CyLab’s interim director, Douglas Sicker.
Legislation, Policy, and Regulation
Japan, US vow to cooperate in space, cyber domains, over North Korea (Nikkei Asian Review) Japanese Defense Minister Takeshi Iwaya and U.S. Acting Defense Secretary Patrick Shanahan agreed Wednesday to cooperate in new domains of warfare like outer space and cyberspace in a veiled response to China's quest for military supremacy in such areas.
Social Media In Zimbabwe Now Inaccesible To Those With VPNs As Well (Techzim) Internet access has been restored but it seems the lockdown on social media is still going strong and though earlier you could access the social media sites along with YouTube and WhatsApp if you had a VPN installed it seems that government has taken things further by blocking most VPNs as well which means most …
UPDATE 1-Germany considers barring Huawei from 5G networks (CNBC) *Discussion continues, no decisions yet- Interior Ministry.
U.K. Doubles-Down on Criticism of Huawei's Flawed Systems (Bloomberg) U.S., Canadian lawmakers tell U.K. of Huawei safety ‘concern.’ U.K. sees dialog, oversight as future of Huawei relationship.
Bipartisan Bill introduced to ban sale of US tech to Huawei and ZTE (ZDNet) US lawmakers introduce bipartisan Bill that, if passed, would ban the export of US chips and other components to the two Chinese tech companies.
The Promise of 5G Is the Problem With Huawei in Eyes of Critics (Bloomberg) Billions of connected devices offer more ways to attack. Huawei rejects notion it might serve the Chinese government.
It's Time for Action on Privacy, Says Apple's CEO Tim Cook (Time) We all deserve control over our digital lives
Cooley’s Michael Rhodes Joins 41 California Privacy Experts Urging Major Changes to the California Consumer Privacy Act (cyber/data/privacy insights) Michael Rhodes, chair of Cooley’s cyber/data/privacy practice, joins 41 California privacy lawyers, professionals and professors urging major changes to the California Consumer Privacy Act (CCPA). …
How U.S. surveillance technology is propping up authoritarian regimes (Washington Post) NSO Group, an Israeli cyberintelligence firm, makes spyware that it sells to a variety of government clients around the world.
Litigation, Investigation, and Law Enforcement
China hits back at DoJ's Huawei investigation (IT PRO) Chinese authorities say the US wants to block its tech companies
Judge won’t dismiss libel suit against Fusion GPS over dossier (POLITICO) The judge turned down Fusion’s motion to dismiss the suit on the grounds that the Russians are public figures.
Microsoft font gives away forgery in bankruptcy case (Naked Security) In a case that could be straight out of a legal TV drama, a computing font has cost a couple two houses in a Canadian bankruptcy case.
Did Iran shut down Adelson hackers for online gambling ties? (Calvin Ayre) An Iranian hacker forum was reportedly shut down by the government after forum members were linked to online gambling operations.