Cyber Attacks, Threats, and Vulnerabilities
Anomali Threat Research Team Identifies North Korea Based Cyber Attack Targeting Stanford University, Government Agencies, Think Tanks (West) Suspect Group May be Engaged in Phishing Campaign to Conduct Espionage, Anomali Researchers Believe
Hacking group targets organizations focused on North Korea's missile program - CyberScoop (CyberScoop) Hackers using web infrastructure associated with a known North Korean threat group are behind a dormant phishing campaign that’s targeted the ministry of foreign affairs in at least three countries, as well as a number of research organizations, according to findings shared exclusively with CyberScoop before their publication Wednesday.
State-Sponsored Cyberattacks Target Medical Research (Dark Reading) Cancer research is a particular target among Chinese espionage groups, says security firm FireEye.
Chinese Cyberspies Continue Targeting Medical Research Organizations (SecurityWeek) Chinese cyberspies continue targeting medical research organizations in the U.S. and elsewhere, and cancer-related research appears to be of particular interest.
Russian APT 'Silence' Steals $3.5 Million in One Year (SecurityWeek) A Russian-speaking threat group has managed to steal roughly $3.5 million since September 2018 by increasing the frequency of attacks.
Silence APT group eyes APAC banks (ComputerWeekly.com) Russian-speaking advanced persistent threat group has set its sights on banks in the region, customising its arsenal for targeted attacks.
Hackers cloned NordVPN website to drop banking trojan (HackRead) Follow us on Twitter @HackRead
Nasty Botnet Neutrino Caught Hacking Other Hackers' Web Shells (Fossbytes) A crypto mining botnet operation, going for almost a year, is hijacking web shells of other hackers, according to report from Positive Technologies. Researchers have linked the source of the dangerous botnet to Neutrino gang.
Backdoor Found in Utility for Linux, Unix Servers (Threatpost) Backdoor was intentionally planted in 2018 and found during the DEF CON 2019 security conference when researchers stumbled upon malicious code.
Spot the fake: copies of victim's corporate Microsoft 365 page used in attacks (SC Magazine) Azure Blob Storage and Web Sites misused by scammers to create a semi-targeted and rather convincing credential harvesting page tailored to the user's organisation to fool users
Microsoft Contractors Listened to Xbox Owners in Their Homes (Vice) Multiple contractors working for Microsoft explain how they listened to audio captured by Xbox consoles.
Second Steam Zero-Day Impacts Over 96 Million Windows Users (BleepingComputer) A second Steam Windows client zero-day privilege escalation vulnerability affecting over 96 million users has been publicly disclosed today by Russian researcher Vasily Kravets.
New Cyberattack Warning For Millions Of Home Internet Routers: Report (Forbes) A new study reports that insecure separation between host and guest networks on home internet routers has put millions at risk.
PokerTracker.com Hacked to Inject Payment Card Stealing Script (BleepingComputer) A curious case of web-based card skimming activity revealed that the Poker Tracker website had been compromised and loaded JavaScript that stole payment information from customers.
Fortnite players targeted with ransomware in fake 'aimbot' (SiliconANGLE) Fortnite players targeted with ransomware in fake 'aimbot'
ECB takes blame for Bird website infection (bobsguide) A malware infection which caused the shutdown of a European Central Bank (ECB) website should not be blamed on its third-party service provider, according to a spokesperson at the ECB, as the central bank is responsible for its upkeep.
Hackers Want $2.5 Million Ransom for Texas Ransomware Attacks (BleepingComputer) The threat actor that hit multiple Texas local governments with file-encrypting malwarelast week may have done it by compromising a managed service provider. The attacker demanded a collective ransom of $2.5 million, the mayor of a municipality says.
A Huge Ransomware Attack Messes With Texas (WIRED) A coordinated strike against 23 local governments is called the largest such hack from a single source.
While one Texas county shook off ransomware, small cities took full punch (Ars Technica) Lubbock County managed to isolate the attack quickly. Others, not so much.
Ransomware Attacks Are Testing Resolve of Cities Across America (New York Times) As hackers lock up networks that power police forces and utilities, municipalities must operate with hobbled computer systems, and decide whether to pay ransoms.
HOAX ALERT! Facebook ‘deadline’ on making your content public is fake (Naked Security) There’s no privacy Armageddon coming “TOMORROW!” If there was, you couldn’t copy and paste your way out of it!
An Old Instagram Hoax Fools a Bunch of Celebrities (Wired) Instagram users like Usher, Martha Stewart, and Rick Perry posted a meme warning about a new rule that doesn't actually exist.
Nampa School District victim of cyber attack (Idaho Press) The Nampa School District’s network services, including internet, is expected to be down for several days following a malware attack.
Glenwood schools recover from cyber-attack for new school year (NBC 6 News) The school year for the Glenwood District is off to a challenging start as schools recover from a cyber-attack back in July.
Angry Veracruz fans hack president's Twitter (ESPN.com) Mexican side Veracruz confirmed the Twitter account of club president Fidel Kuri Grajales was hacked by a group of angry supporters on Tuesday.
Security Patches, Mitigations, and Software Updates
New tool enables users to disconnect their off-Facebook activity from their account (Help Net Security) Facebook has announced the (partial) roll-out of a long-awaited "Clear History" privacy tool for users, only it called "Off-Facebook Activity".
Cisco Patches Six Critical Bugs in UCS Gear and Switches (Threatpost) Six bugs found in Cisco’s Unified Computing System gear and its 220 Series Smart switches can allow unauthenticated remote hackers to take over equipment.
The patching paradox: vulnerability scoring leads to slower high-risk remediation (SC Magazine) Companies focused on compliance tended to struggle to patch all high-risk vulnerabilities across their organisation and tended to be slower in patching high-risk vulnerabilities. Those performing better used....
Cyber Trends
What's in a Malvertisement? More Magecart and a 186% Spike in Drive-by Delivery (RiskIQ) What's in a malvertisement? The answer lies in a six-month sample of RiskIQ's threat detection data, which shows a stark increase in drive-by malvertising.
Employee Error Behind Half of Industrial Network Incidents (Infosecurity Magazine) Kaspersky report warns of crucial skills gaps
Amazon, Microsoft, May be Putting World at Risk of Killer AI, Says Report (SecurityWeek) Amazon, Microsoft and Intel are among leading tech companies that could spearhead a global AI arms race, according to a report that surveyed major players from the sector about their stance on lethal autonomous weapons.
Marketplace
Researcher publishes second Steam zero day after getting banned on Valve's bug bounty program (ZDNet) Valve gets heavily criticized for mishandling a crucial bug report.
Online Security - a Fine Line between Clients Feeling Benefit Versus Burden (PR Newswire) Whether a recommended security measure or good practice is implemented by an online user often depends on how...
Remediant Secures $15 Million in Series A Funding Round Co-led By Dell Technologies Capital and ForgePoint Capital (Remediant) Remediant Introduces SecureONE – Advanced PAM Software Solutions for Regulatory Compliance and Enterprise Management. Evolving Privileged Access Management, Just-in-Time
MxD to Develop a ‘Cybersecurity in Manufacturing’ Workforce Development Program with $1.25 Million Grant from the Siemens Foundation | MxD (UI LABS) MxD today announced a comprehensive workforce development program for cybersecurity in manufacturing, underwritten with a $1.25 million grant from the Siemens Foundation. The grant will fund the development and implementation of a highly-skilled cybersecurity for manufacturing initiative as part of MxD’s workforce strategy known as MxD Learn.
VMware acquires application security startup Intrinsic (CRN Australia) Vendor's seventh acquisition of the year.
Splunk to buy San Mateo cloud monitoring startup SignalFx for $1.05B (Silicon Valley Business Journal) San Francisco-based Splunk is paying double what SignalFx was valued at by private investors in June.
Splunk to Acquire Cloud Monitoring Leader SignalFx (Seeking Alpha) Splunk to Redefine APM Category with Any Data at Any Scale to Help Organizations Navigate Cloud Journey; Establishes Splunk as a Leader in Observability
Honeywell builds out building IoT applications, cybersecurity tools (ZDNet) Honeywell's most recent move adds to its smart buildings software and aims to meld operations and information technologies.
Microsoft, Tech Leaders Back Confidential Computing Consortium (Redmond Channel Partner) The Linux Foundation on Wednesday announced the formation of a new group that aims to ensure the security of processed data.
Intel Joins Industry Consortium to Accelerate Confidential Computing (Intel Newsroom) By Lorie Wigle Leaders in information and infrastructure security are well versed in protecting data at-rest or in-flight through a variety of methods.
CashFlows turns to Akamai for cyber protection (Finextra Research) Akamai (NASDAQ: AKAM), the intelligent edge platform for delivering and securing web experiences, today announced it is protecting CashFlows, an innovative FinTech offering comprehensive merchant services, alternative payments, and BIN Sponsorship solutions (card issuing and ATMs), from the growing threat of Distributed Denial of Service (DDoS) attacks against its cloud-based services.
Checkmarx beats US firms to provide US Navy with fast, secure coding (The Jerusalem Post) The Israeli firm offers a comprehensive solution to coding security issues, vastly reducing waiting times to implant them.
SAIC announces prime spots $812M worth of national security, intelligence contracts (Intelligence Community News) Science Applications International Corp. of Reston, VA announced on August 21 that it was awarded $812 million in contracts to support various U.S. government national security and intelligence act…
AttackIQ Deepens Leadership Bench, Appoints Dariush Afshar as VP Business Development and Corporate Strategy (BusinessWire) AttackIQ™, the leading, independent player in the emerging market of continuous security validation, today announced Dariush Afshar has joined the com
Google DeepMind Co-Founder Placed on Leave From AI Lab (Bloomberg) The co-founder of DeepMind, the high-profile artificial intelligence lab owned by Google, has been placed on leave after controversy over some of the projects he led.
Cybersecurity Luminary Etay Maor Joins IntSights as Chief Security Officer (PR Newswire) IntSights, the threat intelligence company focused on enabling enterprises to Defend Forward™, announced today that...
Products, Services, and Solutions
Capacity Unveils AI Knowledge Sharing Platform to Boost Workplace Productivity (PR Newswire) Today, Capacity officially introduced its secure, AI-native knowledge sharing platform. Designed to meet the...
Flashpoint - A Clean View of Vulnerabilities Helps Prioritize Patching (Flashpoint) Matthew Howell weighs in on risk-based vulnerability prioritization and how the Flashpoint CVE Dashboard supports it.
Just Released: New WeChat Compliance & Cybersecurity Capability (Safeguard Cyber) New capability to secure conversations in WeChat, making it one of the only entities to provide security & real-time compliance protection for businesses.
Infoblox Announces Cloud Managed DDI to Extend Foundational Network Services at Branch Offices (PR Newswire) Infoblox Inc., the leader in Secure Cloud-Managed Network Services, today announced the launch of BloxOne...
Digital Defense, Inc. Technology Partnership with Cherwell Automates Prioritization and Response to Security Threats (Yahoo) Organizations Benefit from Reduction of Noise and False Positives SAN ANTONIO , Aug. 21, 2019 /PRNewswire-PRWeb/ -- Digital Defense, Inc. today announced the integration of their Frontline.Cloud™ vulnerability ...
Visa Tackles Payment Fraud with New Security Services (SecurityWeek) Visa this week announced a new set of capabilities aimed at improving fraud prevention and cybersecurity of payment systems.
Box adds native security controls to content management (ZDNet) With Box Shield, customers get machine learning-powered threat detection, as well as the ability to set classification-based security policies.
Technologies, Techniques, and Standards
‘Desperate Need For Speed’ As Army Takes On Chinese, Russian, ISIS Info Ops (Breaking Defense) The Army wants to move much faster in cyberspace against espionage, subversion, and disinformation -- but that means accepting higher risks.
Forced Password Reset? Check Your Assumptions (KrebsOnSecurity) Almost weekly now I hear from an indignant reader who suspects a data breach at a Web site they frequent that has just asked the reader to reset their password.
Properly Safeguarding Distributed Internet of Things Networks (DH2i) Aside from the internet itself, The Internet of Things has the potential to become the most transformative technological application of our times. Conservative estimates indicate it will encompass approximately 30 billion devices in the next couple years, more than half of which will include machine to machine communication. With each of those smart devices connected Read More...
NIST Recommendations For IoT & ICS Security (CyberX) NIST’s latest report demonstrates how purpose-built IoT & ICS anomaly detection technologies can effectively reduce the risk of destructive cyberattacks.
A new, more secure GPS signal could be ready by 2020 (C4ISRNET) A fix that will allow ground systems to receive M-Code Early Use from GPS III satellites is on track for early 2020, according to Lockheed Martin executives.
Why the intel community wants to improve its top-secret intranet (Fifth Domain) As the Defense Intelligence Agency looks to overhaul JWICS, it’s looking to move from defending the network as a whole to protecting the data within the network.
Analyzing Packed Malware (Infosec Resources) Malware is created with deception in mind. Malware authors want to go undetected in order to steal, alter or delete as much information as possible.
Three essential elements of a successful Zero Trust cybersecurity program (Help Net Security) This article contains three essential considerations that help organizations move toward a stronger Zero Trust cybersecurity program.
How solid is your cyber incident response strategy? (Information Age) Don't become the next headline.
Ignore these 3 cybersecurity risks at your own peril (Podium | The Next Web) 3 missing pieces in your all-encompassing cybersecurity strategy
The difference between zero-day vulnerability and zero-day exploit (SearchSecurity) Software flaws, if not fixed in a timely manner, can be devastating to an enterprise. Read on to learn about two zero-day terms -- zero-day vulnerability and zero-day exploit -- and why CISOs should be on high alert for any zero-day issue.
Why You Need Intelligence Driven Threat Detection to Stay Secure () The importance of integrating Threat Intelligence into Your Security Strategy to Counter Threats
U.S. Army Cyber School puts its defense system to the test against the Japanese Ground Defense Force in a game of capture the flag (WJBF) The International Parsons Capture the Flag Challenge is the only time hackers are welcome to attack a network.
Design and Innovation
Facebook’s New Privacy Feature Comes With a Loophole (WIRED) "Off-Facebook Activity" will give users more control over their data, but Facebook needs up to 48 hours to aggregate your information into a format it can share with advertisers.
Google denies reports of unannounced changes to Android app review process (TechCrunch) Multiple reports this week claimed Google had quietly rolled out a more in-depth app review process to all developers — changes designed to keep the Play Store safer from spam, malware and copycat apps. Those reports are inaccurate, Google tells TechCrunch. Instead, the company is giving itse…
YouTube killing built-in 'Messages' feature next month (9to5Google) In August 2017, YouTube introduced a "Messages" feature for its mobile apps and later the web. Two years later, YouTube killing Messages should...
Why These Social Networks Failed So Badly (Gizmodo) Sixteen years ago, the sun set on Web 1.0, and we embarked by the light of our smartphones to 24/7 connectivity, down a road paved with corporate blunders, littered with yesterday’s top 8 friends, scrubbed n00ds, trashed chiptune tracks, bomb threats, and downy unicorn costumes. Comedic treasures were born and abandoned by parent companies; screaming crowds running through billowing tear gas from police vanished behind defunct video players. Devs dreamed of love, artists of postmodern interfaces, and unknowns of entertainment careers. Netizens injured themselves for stunts, by accident, and on purpose. We submitted to our overlord Mark Zuckerberg and the army of influencers. And so many rubber ducks wailed.
Why Do Tech Companies File So Many Weird, Alarming Patents? (Slate Magazine) Most of these patents are basically science fiction. Companies love them anyway.
Badge life: The story behind DEFCON’s hackable crystal electronic badge (Ars Technica) Original DEFCON hackable badge creator Joe "Kingpin" Grand gives Ars the story behind his comeback.
Research and Development
Galois Awarded $8.6 Million DARPA Contract To Build Cyber Reasoning Tool that Discovers Security Vulnerabilities (Galois, Inc.) Galois will partner with Harvard University and Trail of Bits to build scalable and more cost-effective tools that identify hard-to-find vulnerabilities. Galois has been awarded an $8.6 million contract by the Defense Advanced Research Projects Agency (DARPA) to build a tool that uses a hybrid human-machine approach to detecting cyber security vulnerabilities that go undetected …
Cyberthreat assessment tool contract signed between USAF, Radiance Technologies (Military Embedded Systems) Cyberengineering firm Radiance Technologies has won a potential five-year, $99.9 million contract to design, build, develop, and integrate a set of tools and models for the U.S. Air Force to use in the assessment of cyber vulnerabilities on Internet of things-based devices and other distributed systems.
You Won't See Quantum Internet Coming (Gizmodo) The quantum internet is coming sooner than you think—even sooner than quantum computing itself. When things change over, you might not even notice. But when they do, new rules will protect your data against attacks from computers that don’t even exist yet.
Academia
Virginia Tech receives federal award for counterintelligence work (VT News) The award, given annually since 2010, recognizes up to four companies and/or institutions, out of about 10,000, that exhibit the best counterintelligence results and cooperation to support the U.S. government’s efforts to detect and stop foreign entities from stealing national security information.
Cyberbit and Purdue Partner to Advance Cybersecurity Workforce Education (PRWeb) Cyberbit and Purdue today announced they are entering into a partnership to enhance cybersecurity workforce education and trainin
UMaine Augusta opens state-of-the-art Maine Cyber Range (WABI) We're told there's only about a dozen facilities in the country with these capabilities.
Universities Working to Fill High Cybersecurity Job Demand (Diverse) There is a shortage of qualified professionals within the cybersecurity field across the globe, and universities in the United States are looking for solutions.
Legislation, Policy, and Regulation
South Korea to withdraw from military intelligence sharing pact with Japan (Stars and Stripes) South Korea scrapped an intelligence sharing pact with Japan because of a trade spat between the two U.S. allies.
When will the GDPR pot boil over? It's sooner (and different) than you think (Help Net Security) Let’s take a look at the security and privacy lessons from GDPR enforcement actions, especially for security, privacy professionals and executives.
Australia’s data encryption laws an oppression of freedom: Joseph Carson (CIO) Australia’s data encrytion laws, which compel tech firms to give police and security agencies access to encrypted messages, are an oppression of human rights, according to a visiting cyber expert.
Google and Mozilla Block Kazakhstan’s Browser Spying Tool (Vice) Browser makers announced they would block the Kazakhstan government’s root certificate, which was designed to spy on citizens’ internet usage.
Firefox and Chrome Fight Back Against Kazakhstan's Spying (WIRED) The Central Asian country’s government has repeatedly threatened to monitor its citizens’ internet activities. Google and Mozilla aren’t having it.
Israel eases rules on cyber weapons exports despite criticism (Reuters) Israel is easing export rules on offensive cyber weapons, despite accusations by...
The Cybersecurity 202: Chinese-built tech poses danger throughout the Pentagon, lawmaker warns (Washington Post) The Defense Department is filled with Chinese commercial products that pose hacking risks
Huawei is embedded in our infrastructure and the federal government subsidized it (TheHill) After having allowed Huawei and ZTE to penetrate the American communications networks, it is now up to the government to undo the damage it facilitated. Despite the huge cost that this will incur, it will no doubt be the American taxpayer who foots the clean-up bill.
Suzanne Spaulding: Cyberspace Solarium Commission to Publish Security Recommendations Early Next Year (Executive Gov) Suzanne Spaulding, a member of the Cyberspace Solarium Commission, said the group will release cyber
Defense Intelligence Agency cyber operations chief talks cybersecurity (DVIDS) The Joint Worldwide Intelligence Communications System and the Department of Defense Intelligence Information System are major topics this week at the Defense Intelligence Agency Department of Defense Intelligence Information Intelligence System Worldwide Conference, Aug. 18-22, 2019.
New Army units worth the risk (Fifth Domain) Army leaders are ok with accepting some risk in haste to create new multidomain units.
How the Army is helping combatant commands with cyber planning (Fifth Domain) Army Cyber Command is building cyber planning organizations within the staffs at Africa Command, Central Command and Northern Command.
California’s Cybersecurity task force leads charge to defeat hackers (Fox Business) California’s cybersecurity voluntary task force is aimed at transforming municipalities’ approach to cybersecurity.
Schools Brace for Cyberattacks (Wall Street Journal) As hacks against schools wreak more damage, state governments are moving to help school districts recover from attacks and prevent new ones.
Litigation, Investigation, and Law Enforcement
Suspect in Huge Capital One Breach Seeks Release From Jail (SecurityWeek) Lawyers for a transgender woman charged in a massive data breach at Capital One asked a judge to release her from federal custody, saying that for her to remain jailed with men is a serious threat to her mental health.
Ring asks police not to tell public how its law enforcement backend works (Ars Technica) Ring asks cops not to call its security cameras "security cameras" in public.
Who's in Town Denies Instagram Block (Infosecurity Magazine) App Who's in Town has hit back against claims it was blocked on Instagram and Facebook.
LinkedIn blocked 21.6M fake accounts in first half of year, as scrutiny of social media giants grows (GeekWire) LinkedIn blocked or removed 21.6 million fake accounts on its platform from January to June of this year, a sign that the Microsoft-owned social network is actively fighting some of the same issues…
Covington Interim Report (Facebook) Facebook strives to “give people the power to build community and bring the world closer together.” Consistent with that mission, over 2 billion people use Facebook’s products and services to share ideas and news, organize events, and promote candidates for federal, state, and local office.
Opinion | Why Conservatives Don’t Trust Facebook (Wall Street Journal) My independent team of investigators looked into the complaints, and the company has taken action.
Exclusive: The results from Facebook's conservative bias audit (Axios) Facebook will release the findings of a roughly year-long conservative bias audit.
Analysis | The Technology 202: Facebook attracts swift blowback from report on anti-conservative bias (Washington Post) Neither Republicans nor civil rights groups are happy.
Here's the data Facebook's bias report doesn't show you (Media Matters for America) Facebook issued a report regarding right-wing cries of bias on the platform. Notably, the report includes no actual data supporting those claims. Nor does the Wall Street Journal op-ed penned by former Sen. Jon Kyl.
U.S. charges five in scheme to swindle millions from military personnel (CyberScoop) The U.S. Department of Justice on Wednesday announced the indictment of three Americans, an Australian, and a South Korean for their alleged involvement in a plot to steal millions of dollars from current and former American military personnel.
Online sneaker reseller StockX faces lawsuit over data breach (Engadget) The lead plaintiff is a minor from Kansas whose information was stolen in the breach.
Blockchain Capital Says UK Crypto Firm Is Copying Its Name (Law360) Tech-focused venture capital firm Blockchain Capital LLC sued a London-based company for trademark infringement on Wednesday, claiming Blockchain Capital Ltd.'s effort to market itself in New York is causing confusion.