Cyber Attacks, Threats, and Vulnerabilities
DHS issues emergency order to civilian agencies to squelch cyber-hijacking campaign that private analysts say could be linked to Iran (Washington Post) Attackers have affected “multiple executive branch” agencies by redirecting and intercepting Web and mail traffic, according to the directive.
US intelligence warns of ‘ever more diverse’ threats (Military Times) Russia’s efforts to expand its influence and China’s modernizing military are among the “ever more diverse” threats facing the U.S., according to a major intelligence report released Tuesday.
Russia infiltration ‘not taken seriously by some’ (Times) Russia is sowing division and confusion in the Scottish independence campaign, the SNP’s defence spokesman has warned. Stewart McDonald said that the nationalist grassroots and some senior...
New intelligence strategy warns of threats to Western democracy (Washington Post) Russia will seek to challenge the United States “in multiple regions,” spy agencies say.
2019 National Intelligence Strategy (Office of the Director of National Intelligence) This National Intelligence Strategy (NIS) provides the Intelligence Community (IC) with...
DHS Emergency Directive Looks to Block Iranian DNS Threat (Infosecurity Magazine) Agencies told to act within 10 days
Emergency Directive 19-01 (US Department of Homeland Security) Section 3553(h) of title 44, U.S. Code, authorizes the Secretary of Homeland Security, in response to a known or reasonably suspected information security threat, vulnerability, or incident that represents a substantial threat to the information security of an agency, to “issue an emergency directive to the head of an agency to take any lawful action with respect to the operation of the information system, including such systems used or operated by another entity on behalf of an agency, that collects, processes, stores, transmits, disseminates, or otherwise maintains agency information, for the purpose of protecting the information system from, or mitigating, an information security threat.”
Belgian metals producer Nyrstar hit by cyber-attack (Reuters) Metals producer Nyrstar was hit by a cyber-attack on Tuesday and shut down some ...
Marriott CEO says hotels aren't a national security target, but experts beg to differ (CNBC) Marriott CEO Arne Sorenson offered further clarity on the data breach the company announced in November.
Two Elasticsearch Databases Found Unprotected (Infosecurity Magazine) Millions of records were left unprotected in a AIESEC database and a variety of online casinos.
Police license plate readers are still exposed on the internet (TechCrunch) Smile! You’re on camera. At least, your license plate is. You might have heard of automatic license plate recognition — known as ALPR (or ANPR in the U.K. for number plates). These cameras are dotted across the U.S., and are controlled mostly by police departments and government agencies to t…
Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com (KrebsOnSecurity) Two of the most disruptive and widely-received spam email campaigns over the past few months — including an ongoing sextortion email scam and a bomb threat hoax that shut down dozens of schools, businesses and government buildings late last year — were made possible thanks to an authentication weakness at GoDaddy.com, the world’s largest domain name registrar, KrebsOnSecurity has learned.
Rogue websites can turn vulnerable browser extensions into back doors (Naked Security) A researcher has found that websites can use some extensions to bypass security policies, execute code, and even install other extensions.
Servers Grab Client Files via MySQL Design Flaw (Infosecurity Magazine) Design flaw makes MySQL server able to request any local file.
Fake Quotation Request with malformed RTF file attachments delivering Lokibot (My Online Security) Another day and yet another malformed. malicious word doc attachment that is a renamed RTF file delivering Lokibot malware. These criminal gangs are really playing around with RTF files and constantly…
New Evidence Might Link Lazarus Tool Found in Chile RedBanc Intrusion to Previous Attacks in… (Medium) QuoScient’s Intelligence Operations Team (QuoINT) has uncovered an attack against a Pakistani financial service provider’s employee that highly matched the Tactics, Techniques, and Procedures (TTPs) reported in a recent intrusion at the Chilean interbank network Redbanc linked by Flashpoint to the prolific North Korea-linked Advanced Persistent Threat (APT) group Lazarus (also known as HIDDEN COBRA).
Hack of Plug-in Website Ruffles WordPress Community (Dark Reading) An intruder thought to be a former employee used a backdoor into the WPML website to skim email addresses and send a mass email blast.
Top Exploit Kit Activity Roundup – Winter 2019 (Zscaler) Zscaler security research team discussed exploit kit activity, including RIG, which is dropping ransomware and banking Trojans; GrandSoft, which dropped password stealers and Trojan malware; Fallout EK, and others. Read more.
Real-World Threats That Trump Spectre & Meltdown (Dark Reading) New side-channel attacks are getting lots of attention, but other more serious threats should top your list of threats.
New Ransomware Encrypts Data And Steals Payment Info | neoRhino IT Solutions (neoRhino) There's a new strain of ransomware being deployed with increasing frequency. Believe it or not, it's even more dangerous than the strains we&...
Cyber Fraud by Chinese Hackers Makes Headlines in India (CPO Magazine) Chinese hackers have just pulled off one of India’s biggest cyber fraud ever by convinceing the head of a local Indian subsidiary of an Italian firm to wire $18.6 million from bank accounts in India to a bank account in Hong Kong.
How Cybercriminals Clean Their Dirty Money (Dark Reading) By using a combination of new cryptocurrencies and peer-to-peer marketplaces, cybercriminals are laundering up to an estimated $200 billion in ill-gotten gains a year. And that's just the beginning.
Most out of date applications exposed: Shockwave, VLC and Skype top the list (Help Net Security) More than half (55%) of PC applications installed worldwide are out-of-date, making PC users and their personal data vulnerable to security risks.
Courts in chaos as trials halted by IT breakdown (Times) Criminals could go free because of a nationwide IT breakdown that has caused chaos in the courts, lawyers have told The Times. Thousands of cases have been disrupted, with trials adjourned and...
Lawyers' secure email network goes down, firm says it'll take 2 weeks to restore (Register) 75,000 lawyers subject to potential fortnight of faffery
Vandal severs Telstra services in Lismore (CRN Australia) Crews work to restore vandalised cables.
Security Patches, Mitigations, and Software Updates
Unofficial Patches Released for Three Unfixed Windows Flaws (SecurityWeek) ACROS Security’s 0patch releases unofficial micropatches for three unfixed vulnerabilities affecting Windows, including DoS, file read and code execution issues.
Adobe Patches Information Disclosure Flaws in Experience Manager (SecurityWeek) Adobe patches several information disclosure vulnerabilities in Experience Manager and Experience Manager Forms.
Let's Encrypt Begins Retirement of TLS-SNI-01 Validation (SecurityWeek) Free and open Certificate Authority (CA) Let’s Encrypt has started the process of completely retiring TLS-SNI-01 validation support.
VLC Responds to Criticism Over Lack of HTTPS for Updates (SecurityWeek) VLC responds to criticism over the lack of HTTPS for software updates, claiming that the security risk is not as big as some suggest.
Cyber Trends
Global Threat Report: Year of the Next-Gen Cyberattack (Carbon Black) To better understand the current attack landscape as we head into 2019, the Carbon Black Threat Analysis Unit (TAU) researched the current state of cyberattacks across the Carbon Black customer base and in conjunction with our incident response (IR) partners.
60 Percent of Organizations are Infected With Malware Through Web Browsing, According to Latest Research Sponsored by Light Point Security (PR Newswire) Light Point Security, the pioneer of Browser Isolation, today announced the results of a study investigating...
The Top 10 Network Security Challenges in 2019 (Bricata) Most security professionals say network security is harder this year when compared to last year – according to a survey we recently conducted. When asked “why?” respondents pointed to a range of challenges. Some of those included the... #behaviordetection #networkmetadata #NetworkSecurity
Cybercriminals increasingly taking aim at businesses (Help Net Security) 2018 has been the year when cybercriminals definitely realized businesses are juicier targets than individuals and began targeting them more and more.
Security in an IoT World: Your Big Data Problem is Getting Bigge (SecurityWeek) The ability to aggregate, score and prioritize data and alerts within the context of your environment can allow you to take the right actions faster to mitigate IoT risk.
Should enterprises delay efforts to remediate most vulnerabilities? (Help Net Security) Companies today appear to have the resources needed to address all of their high-risk vulnerabilities. The research demonstrates that companies are
Debunking conventional wisdom to get out of the security and privacy rut (Help Net Security) Andrea Little Limbago, PhD, outlines four beliefs that must be debunked in order to make progress towards a society that values and protects data privacy.
World on the brink of facing mega cyber attack; enterprises must be prepared: Check Point CEO (Times Now) According to him, most companies focus particularly on detecting the fraud. By the time a cyber attack is detected, which, according to the industry standard, is 5-6 months, the damage is already done.
The Geopolitical Influence on Business Risk Management (SecurityWeek) Security teams need a geopolitical risk understanding when helping to source new purchases, and must be ready to source and test alternatives whenever and wherever necessary.
The 1968 Book That Tried to Predict the World of 2018 (The New Yorker) For every amusingly wrong prediction, there’s one unnervingly close to the mark.
Is Big Tech Merging With Big Brother? Kinda Looks Like It (WIRED) The all-seeing Amazon, Google, and Facebook have every incentive to help the national security state undermine privacy, free speech, and democracy. We’ve read this book before.
Marketplace
Security Talent Continues to Fetch Top Dollar on IT Job Market (Dark Reading) IT and cybersecurity positions continue to rank near the top of the salary ranges paid to IT professionals, according to a new survey.
The top-performing unlevered ETF in Canada in 2018 had nothing to do with cannabis (Financial Post) The unhedged Evolve Cyber Security Index ETF generated a 19.4 per cent return for investors in 2018
Former Oath Execs Launch Startup To Fight Malware Before It Strikes (AdExchanger) Does the world need yet another tech company to combat malvertising on the internet? “Well, do you still constantly see malvertising when you browse the internet?” said Seth Demsey, co-founder of Clean Creative, an anti-malware company started by a handful of security experts and Oath vets who exited before the name change. Touché. Based in... Continue reading »
Juniper Networks invests $2.5M in enterprise tech accelerator Alchemist (TechCrunch) Alchemist, which began as an experiment to better promote enterprise entrepreneurs, has morphed into a well-established Silicon Valley accelerator. To prove it, San Francisco-based Alchemist is announcing a fresh $2.5 million investment ahead of its 20th demo day on Wednesday. Juniper Networks, a n…
Google.org donates $2 million to Wikipedia’s parent org (TechCrunch) Google, as well as many other companies, has long relied on Wikipedia for its content. Now, Google and Google.org are giving back. Google.org President Jacquelline Fuller today announced a $2 million contribution to the Wikimedia Endowment. An additional $1.1 million donation went to the Wikimedia …
UK security startup Barac sets sights on America (SecurityBrief) “Malware hidden in encrypted traffic is one of the biggest threats organisations are facing today,” says new EVP global sales.
BakerHostetler Adds Longtime FinTech Privacy Lawyer as Partner in D.C. (Baker Hostetler) Eulonda G. Skyles brings experience as a leading privacy lawyer for the technology and banking industries to firm's award-winning privacy and data protection team
Google hires British entrepreneur Wendy Tan White to help run its 'moonshot' division (The Telegraph) Following from Facebook's hire of Sir Nick Clegg, Silicon Valley has again turned to the UK to bring in new talent at a senior level.
Leading Cybersecurity Executive Joins Port Team (Port San Antonio) Will Garrett draws from wide-ranging industry experience to support top cyber operations and their growth at the Port and in the region
Products, Services, and Solutions
Varonis Launches v 7.0: Major New Version Boosts Threat Detection and Response, Data Protection and Compliance Capabilities in Cloud and Hybrid Environments (GlobeNewswire News Room) The new Varonis Data Security Platform 7.0 showcases incident response playbooks, Active Directory risk dashboards, enhanced cloud coverage, threat intelligence, and accelerated investigations with lightning- fast query response
Cavirin Pioneers Machine Learning Driven CyberPosture Scoring and Closed Loop Security for Google Cloud, AWS and OS Resources (Cavirin Systems) Winter release includes closed-loop security for Google Cloud and Amazon Web Services (AWS), Google Cloud Security Command Center (SCC) integration, Ansible auto-remediation for Linux workloads, and machine learning-based CyberPosture scoring that helps customers prioritize remediation based on risk.Cavirin Systems, Inc., the only company providing risk, cybersecurity and compliance posture for the enterprise hybrid cloud, today announced the general availability of its Winter 2019 CyberPosture Intelligence release.
Recorded Future Unveils Third-Party Risk Intelligence for Comprehensive View of Cyber Threats | 23.01.19 | finanzen.ch (Finanzen.ch) Recorded Future, the leading threat intelligence company, today announced the availability of a new offering: Third-Pa...
Plixer Unifies Security and Network Visibility With New FlowPro Probes and Real-Time DDoS Detection (GlobeNewswire News Room) New solution lowers cost, reduces complexity, and improves security
Summit Business Technologies Selected as Cybersecurity Resource for MD Defense Contractors (Summit Business Technologies) Summit Business Technologies (Summit) has been selected as an expert resource under a program to help Maryland defense contractors comply with NISY 800-171 cybersecurity requirements to protect sensitive, defense-related information.
StackRox Enhances Container Security Platform with Deeper Kubernetes Integrations to Operationalize Container Security (BusinessWire) The StackRox Container Security Platform leverages multiple new integrations with Kubernetes.
Osterman Research White Paper: Why You Should Seriously Consider Web Isolation Technology (Light Point Security) To make web browsing dramatically safer, organizations should deploy remote browser isolation technology.
Advanced API Cybersecurity Solution from Ping Identity Protects Organizations Against Growing API Threats (BusinessWire) Ping Identity, the leader in Identity Defined Security, today announced that it has made several significant updates to PingIntelligence for APIs, its
BioCatch Launches New Behavioural Biometrics Offering to Combat Vishing, the Fastest-Growing and Hardest-to-Detect Authorised Push Payment Fraud Scam in the UK (BusinessWire) BioCatch, the global leader in behavioural biometrics, has introduced a new offering to help protect consumers from phone scams known as vishing, a ty
Zentera Systems Powers Cybriant Managed Security Services (PR Newswire) Zentera Systems, Inc., the leader in zero trust networking for the digitally-transformed enterprise, announced...
Google Made a Quiz to See if You Can Identify Phishing Emails (Motherboard) Alphabet’s Jigsaw has a new quiz to test your ability to distinguish phishing emails from regular, benevolent ones.
Google considers move that would block ad blockers in Chromium (Computing) Technical change intended to improve browser security would bork ad blockers in Chrome, Opera and Vivaldi,Cloud and Infrastructure,Software ,Google,Chrome,Chromium,Opera,vivaldi,declarativeNetRequest,webRequest,Security
Technologies, Techniques, and Standards
DNS Firewalling with MISP (SANS Internet Storm Center) If IOC’s are very useful to “detect” suspicious activities, why not use also them to “prevent” them to occur? DNS firewalling can be an efficient way to prevent your users to visit malicious online resources.
How the Secure Development Lifecycle Can Help Protect IIoT Deployments (SecurityWeek) The Secure Development Lifecycle (SDL) is key both to protecting industrial components and networks from cybersecurity risks, and improving the level of trust and confidence that users will ultimately place in them.
4 tips to mitigate Slack security risks (CSO Online) A Slack breach would be a nightmare in terms of exposed sensitive data. Here's how to lock down your Slack workspaces.
The Fact and Fiction of Homomorphic Encryption (Dark Reading) The approach's promise continues to entice cryptographers and academics. But don't expect it to help in the real world anytime soon.
Design and Innovation
Mitsubishi Develops Cybersecurity Technology for Cars (SecurityWeek) Mitsubishi Electric develops cybersecurity technology designed to protect connected cars, including their automotive head unit and control systems, against hacker attacks.
Researchers discover state actor’s mobile malware efforts because of YOLO OPSEC (Ars Technica) Ran malware on own phones as test, uploading all their WhatsApp messages, other data.
An inside look at nation-state cyber surveillance programs (Lookout) On Saturday, January 19, Lookout researchers presented on their latest investigation into nation-state surveillance programs during a session called, “Behind Enemy Lines: Inside the operations of a nation state’s cyber program” at ShmooCon in Washington, DC.
WhatsApp fights the spread of deadly fake news with recipient limit (Naked Security) WhatsApp has capped the number of people you can forward messages to, after India was seized by rumour-inspired mob lynchings.
Research and Development
The Army wants to use AI to prevent cyberattacks (Fifth Domain) New research and investments are spearheading how the Army is using AI for cybersecurity.
Social media can predict what you’ll say, even if you don’t participate (Ars Technica) On Twitter, your words are predictable using the words of your network.
Academia
UTSA wins global cyber security challenge (UTSA) The University of Texas at San Antonio (UTSA) has taken the top prize at an international competition for providing a better solution to detect malware using artificial intelligence.
California Cyberhub Creates Collaborative Model for Tackling the Cybersecurity Education Crisis (PR Newswire) The best work happens when people come together to build things that are greater than the sum of their...
Marquette cybersecurity specialization catches national attention (Marquette Wire) Marquette’s recognition was attributed to the university offering a specialization in information assurance and cyber defense for students pursuing a master of science in computing.
Brexit May Mean Shortage Of Cyber Talent - We Should Be Looking To Our Own Students (Information Security Buzz) Following Theresa May’s defeat in Parliament earlier in the week, the Brexit process looks to be in a state of confusion. With that confusion comes the question of how the cybersecurity industry in the UK will keep its reputation of a world-class workforce when visas and potentially employees not wishing to stay in the UK …
Legislation, Policy, and Regulation
Florence Parly : « La guerre cyber a commencé » (Le Point) La ministre des Armées a dévoilé vendredi la nouvelle doctrine d'emploi des armes informatiques et annoncé le recrutement de 1 000 cybercombattants.
En garde! 'Cyber-war has begun' – and France will hack first, its defence sec declares (Register) Parly-vous cyber-security? No plan to surrender, military bug bounty coming
Brexit and its Possible Impact on Data Transfers (Cooley cyber/data/privacy insights) In its strictest construction, what ‘Brexit’ means is clear, what it entails and what comes next is absolutely not. Therefore, this article will not focus on matters relating to any such futu…
Did Australia Poke a Hole in Your Phone’s Security? (New York Times) A law passed last month allows the authorities to compel tech companies to build tools to bypass their products’ encryption. It has global implications.
Proposed Law Classifies Ransomware Infection as a Data Breach (SecurityWeek) The newly announced Act to Strengthen Identity Theft Protections in North Carolina proposes that ransomware attacks be treated as data breaches.
Strengthen North Carolina Identity Theft Protection Act (Attorney General Fact Sheet) Prevents Breaches: Updates what constitutes a security breach.
Can the National Guard help solve states' cyber problems? (Fifth Domain) The Department of Defense, in conjunction with the National Guard, has drafted a plan to allow for better coordination and information sharing to states in the event of a cyber emergency.
Litigation, Investigation, and Law Enforcement
China deletes 7 million pieces of online information, thousands of... (Reuters) China's cyber watchdog said on Wednesday it had deleted more than 7 million...
U.S. to proceed with case against Huawei executive held in Canada (Washington Post) The news will intensify a diplomatic standoff with China that has officials and scholars worried.
Analysis | The Cybersecurity 202: FBI cyber investigations hit hard by shutdown (Washington Post) Agents are working. But they lack money for investigative tools.
GDPR Complaints Filed Against Eight International Streaming Companie (SecurityWeek) European NGO noyb ('none of your business') filed ten GDPR-related complaints against eight international streaming services on January 18, 2019, including Amazon, Apple, Netflix and YouTube.
'It's better to learn from another's mistakes than your own' - channel reacts to Google's mammoth GDPR fine (CRN) CRN gauges channel opinion on the news of the tech giant's record fine and the marketing methods firms employ to get around it
Community Project Crushes 100,000 Malware Sites in 10 Months (SecurityWeek) Nearly 100,000 malware distribution websites have been identified and taken down over the course of 10 months as part of an abuse.ch project called URLhaus.
DNA calls for update on BCB’s cyber-attack (EyeWitness News) The Democratic National Alliance (DNA) expressed on Monday that it is gravely concerned about recent reports regarding a cyber-attack on the Broadcasting Corporation of the …
Bicycle-riding hitman convicted with Garmin GPS watch location data (Naked Security) Location data extracted from the athletic hitman’s Garmin GPS watch and TomTom sat nav led to his conviction in two gangland murders.