Cyber Attacks, Threats, and Vulnerabilities
A Cyber Command Operational Update: Clarifying the June 2019 Iran Operation (Lawfare) It turns out that Cyber Command’s June 2019 Iran operations may have been narrower—and more effective—than previously understood.
Ransomware surge linked to Russian criminal group (StateScoop) An executive at the cybersecurity firm CrowdStrike said a recent spike of incidents points to increased activity by a hacker group it calls Wizard Spider.
Is ransomware driving up the price of Bitcoin? (Emsisoft | Security Blog) Cybercriminals may be partially responsible for driving up the price of Bitcoin.
Do Ransomware Attackers Single Out Cyber Insurance Holders? (BankInfoSecurity) Do criminal organizations prefer to target organizations that hold cyber insurance policies? A ProPublica report suggests that because cyber insurance policyholders are more likely to pay ransoms, they're a more frequent target. But some cybersecurity experts have expressed skepticism.
Advanced SMS Phishing Attacks Against Modern Android-based Smartphones (Check Point Research) Research By: Artyom Skrobov, Slava Makkaveev Introduction Check Point Researchers have identified a susceptibility to advanced phishing attacks in certain modern Android-based phones, including models by Samsung, Huawei, LG and Sony. In these attacks, a remote agent can trick users into accepting new phone settings that, for example, route all their Internet traffic through a... Click to Read More
Modified Orcus and Revenge RATs Infesting Networks (Decipher) Researchers have found modified versions of the Orcus and Revenge RATs being delivered through effective phishing campaigns.
Krypton Stealer – Kryptonite for Credentials (CyberArk) As a member of the Malware-as-a-Service (MaaS) world, Krypton Stealer is sold on foreign forums for the modest price of $100 (payable in cryptocurrencies only). Krypton is a small size binary and it is an...
Fraudsters exploit new security checks (Which? News) Scammers are mimicking new security measures designed to keep you safe online, by sending fake emails that attempt to steal your personal data.
Deobfuscating Ostap: TrickBot’s 34,000 Line JavaScript Downloader (Bromium) For a malicious actor to compromise a system, they need to avoid being detected at the point of entry into the target’s network. Commonly, phishing emails delivering malicious attachments (T1193) serve as the initial access vector.[1]
19 million Canadians have had their data breached in eight months (CTVNews) An estimated 19 million Canadians have been affected by data breaches between November 2018 and June 2019, according to numbers obtained by 'Attention Control with Kevin Newman,' a new podcast that launched Monday.
WeChat Restricts Face-Swapping App Over Security Risks (Infosecurity Magazine) Viral Chinese face-swapping app ZAO banned on WeChat
XKCD forums breached (Naked Security) How did the Correct Horse Battery get Stapled?
Cosmetics Giant Yves Rocher Caught in Data Leak Impacting Millions of Customers (Threatpost) International cosmetics brand Yves Rocher found itself caught in a third-party data exposure incident that leaked the personal information of millions of customers.
UK Holidaymakers’ Data Exposed for Three Years in Privacy Snafu (Infosecurity Magazine) Teletext Holidays gaffe compromises over 200,000 audio files
Heap Exploit Development (Azeria-Labs) Last week, Google published a series of blog posts detailing five iOS exploit chains being used in the wild that were found by Google’s Threat Analysis Group (TAG) team back in February
EZAutomation EZ PLC Editor (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: EZAutomation
Equipment: EZ PLC Editor
Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the application.
EZAutomation EZ Touch Editor (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: EZAutomation
Equipment: EZ Touch Editor
Vulnerability: Stack-based Buffer Overflow
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the application.
German Bank “OLB” Loses €1.5 Million from Fraudulent Withdrawals (TechNadu) A German bank has suffered a cloned card withdrawal attack originating from Brazil, stealing 1.5 million Euros from 2,000 of their clients' accounts.
German bank loses €1.5 million in mysterious cashout of EMV cards (ZDNet) Brazilian criminal gang cloned Mastercard debit cards issued by German bank OLB and withdrew more than €1.5 million from about 2,000 of its customers.
NY School Delays Start of Year After Cyber Attack (NBC New York) The Orange County school district delayed the first day of the school year until Thursday as they deal with a ransomware attack. It is not clear if the hackers demanded money, as other tri-state school districts have dealt with. NBC 4 New York's Michael George reports.
Cyber Attack On Orange County School District's Computers Delays First Day Of School (CBS) The Monroe-Woodbury school district was supposed to welcome back students on Wednesday, but their superintendent has announced that a cyber attack has disrupted the school’s computer network.
Jackson Co. is preparing for a possible cyber attack | KMVU Fox 26 Medford (Fox 26 Medford) Jackson County says it's taking steps to prepare for a ransomware attack. A ransomware attack is when a criminal infects your computer, locks you out of all your data, and you ha
Security Patches, Mitigations, and Software Updates
How MuleSoft patched a critical security flaw and avoided a disaster (ZDNet) MuleSoft deals with a sensitive security issue and sets up an example for the whole industry to follow.
Mozilla flips the default switch on Firefox tracker cookie blocking (TechCrunch) From today Firefox users who update to the latest version of the browser will find a pro-privacy setting flipped for them on desktop and Android smartphones, assuming they didn’t already have the anti-tracking cookie feature enabled. Mozilla launched the Enhanced Tracking Protection (ETP) fea…
Google finally adds image blocking to Gmail on the iPhone (The Verge) The setting will let you block unwanted email tracking
An Update About Face Recognition on Facebook (Facebook Newsroom) Our face recognition setting provides an easy on or off switch.
Cyber Trends
Nearly 2 in 5 Enterprises Have Lost Business Due to Cybersecurity Performance, New Independent Study Finds (BitSight) A commissioned study conducted by Forrester Consulting on behalf of BitSight shows that effective security performance is crucial to commercial success.
Cardholders still dropping the ball when it comes to basic ID theft prevention (Help Net Security) Two years after Equifax breach, millions of cardholders still not taking basic steps against identity theft, CompareCards survey finds.
UAE cyber experts unite to warn against unprecedented criminal threat (The National) Scammers are presenting increasingly sophisticated threats as their targets struggle to keep up with sinister technology
Aussies fear mobile phones ‘listening’ (NewsComAu) Australians are asking if their smartphone is listening in after seeing spookily relevant advertisements pop up on social media when they have spoken about a particular product.
Marketplace
McAfee CEO Chris Young Contemplates The Future Of Cyber Security (Forbes) Chris Young has been in the cyber security industry for a quarter of a century, having been an entrepreneur in the space, having run security businesses units within Intel, Cisco, and AOL, and now as the CEO of McAfee. In this interview, he describes how he stays current in a rapidly evolving field.
The Cyber Insurance Question: Additional Protection Beyond Prevention (Forbes) Regardless of whether your company provides cyber-related services or, more simply, you use data and technology to run your business, the question of cyber insurance becomes critical as part of breach response.
Cyber Insurance: You Get What You Pay For (CPO Magazine) Boom in cyber insurance market is no surprise with high-profile data breaches happening one after another. Do companies really understand what they are covered for?
How DreamPort is creating space for collaboration on cyber challenges (Technical.ly Baltimore) As the Columbia space looks to double in size, it's reaching out in Maryland: "It's a great way for small businesses or businesses of any size to directly engage with the government," Director Armando Seay said.
PerimeterX Extends Series C to $57M to Expand Web Application Protection Platform and Fuel Go-To-Market Growth (PerimeterX Bot Defender) Deutsche Telekom Capital Partners and Salesforce Ventures Added as Strategic Investors
Android exploits are now worth more than iOS exploits for the first time (ZDNet) Exploit broker Zerodium increases zero-day prices for Android, now worth more than iOS.
Why 'Zero Day' Android Hacking Now Costs More Than iOS Attacks (Wired) Brokers of so-called zero day exploits are paying out more for Android than iOS—which would have been unthinkable until recently.
Huawei touts more than 50 contracts for 5G as US pressure continues to mount (CNBC) The latest announcement from Huawei puts it ahead of its closest competitors Nokia and Ericsson, according to their latest publicly released contract numbers.
Huawei ready to work with foreign nations to ease security concerns (Kyodo News+) Huawei Technologies Co., China's tech giant, is ready to work together with foreign nations to eliminate security concerns, a company executive says, amid lingering anxiety that its products may facilitate spying.
Apple still has work to do on privacy (TechCrunch) There’s no doubt that Apple’s self-polished reputation for privacy and security has taken a bit of a battering recently. On the security front, Google researchers just disclosed a major flaw in the iPhone, finding a number of malicious websites that could hack into a victim’s device by …
Broadcom gets early HSR termination for Symantec deal (Seeking Alpha) Broadcom (AVGO -3.4%) has won early termination of the Hart-Scott-Rodino waiting period from the FTC for its deal to acquire Symantec's (SYMC -1.1%) enterprise business.
Through Pivotal and Carbon Black, VMware enters new territory (Channel Asia) In taking control of Pivotal and Carbon Black, VMware unveiled acquisitions number 10 and 11 during the past 12 months.
VMware signals the end of 'endpoint' detection and response (ZDNet) VMware recently announced the acquisition of Carbon Black.
Bitdefender signs NEXTGEN, they hunt new partners together (CRN Australia) Security vendor also names Shane Hoffman channel strategy lead
Why CrowdStrike Is Poised to Rise (The Motley Fool) The cybersecurity firm is positioned for continued growth. With a recent stock dip, is now the time to invest?
5 Security Stocks in Focus as Zero Trust Approach Evolves (Yahoo) Here we discuss five stocks that are increasingly trying to secure organizations in a hybrid cloud environment based on a Zero Trust approach.
US Navy chooses Israel’s Checkmarx to bolster security (Israel21c) Strategic partnership will speed process of making new naval applications available from 24 months to 24 hours, while strengthening software security.
Shadow IT, the next big thing in IT security (Intelligence Online) Launched by former Darpa and CIA experts, the startup Expanse is helping the Pentagon to detect the connection of unauthorised computers to its networks. Other companies, such as Israel's Axonius,
BakerHostetler Bolsters Privacy Team With Former Comcast VP, Deputy General Counsel and Privacy Officer (BakerHostetler) Daniel Pepper brings 25 years of experience, including significant roles at Verizon, BEA Systems and Oracle.
Richard Benigno Joins XM Cyber as SVP of Global Sales (PR Newswire) XM Cyber, the multi-award-winning breach and attack simulation (BAS) leader, today announced the appointment of...
ZeroNorth Appoints Karen Higgins as Chief Financial Officer (Yahoo) ZeroNorth, the industry’s first provider of risk-based vulnerability orchestration across applications and infrastructure, today announced the appointment of Karen Higgins as chief financial officer (CFO). Reporting to John Worrall, chief executive officer, Higgins will oversee the company’s corporate
Joe Sechman Joins Bishop Fox as Associate Vice President of Applied Research and Development (PR Newswire) Bishop Fox, the largest private professional services firm focused on offensive security testing, announced today that...
Products, Services, and Solutions
MSP or System Integrator? Add Incident Response to Your Portfolio at No Cost (Threatpost) Cynet is now providing its IR services at no cost, which will enable MSPs and SIs to include IR in their portfolio of security services.
AlgoSec Enhances Application Visibility and Cisco ACI Automation to Strengthen SDN and Cloud Security Management (West) New version of Network Security Policy Management Solution with new AppViz and AppChange add-ons brings unsurpassed application visibility and network auto-discovery capabilities
Proofpoint and CrowdStrike Partner, Announce Integration to Protect Organizations from Advanced Threats Across Email and Endpoints (Proofpoint) Proofpoint, Inc., a leading cybersecurity and compliance company, today announced a partnership and integration with CrowdStrike, a leader in cloud-delivered endpoint protection, to provide organizations worldwide with advanced threat protection across email and endpoints.
An Answer for Cybersecurity Cost Exposure (PR Newswire) To assist small and midsized businesses make risk-based decisions based on cybersecurity cost exposure,...
New Net Technologies Teams with Cherwell to Offer Intelligent Change Control (PR Newswire) New Net Technologies (NNT™) and Cherwell Software, LLC (Cherwell) announced that they have teamed to deliver an...
IDology Announces the Addition of Powerful Address Intelligence Data to Its Flagship Identity Verification Platform, ExpectID (Yahoo) IDology, a GBG company, announced today that ExpectID, the industry's leading identity verification and anti-fraud platform, will integrate leading-class address verification intelligence from Loqate, the premier provider of global address verification and geocoding
Nozomi Networks Advanced Cyber Security Now Embedded in Ruggedcom (Yahoo) Nozomi Networks, Inc., the leader in industrial cyber security and operational visibility is now bundling its solutions for real-time cyber security and OT network visibility on the Ruggedcom Multi-Service Platform RX15xx from Siemens AG. The consolidated solution is now available as a certified partner
VMware launches free Kubernetes training platform (CRN Australia) 'Kubernetes Academy' features current VMware staff as instructors.
Technologies, Techniques, and Standards
Hong Kong Protestors Using Mesh Messaging App China Can't Block: Usage Up 3685% (Forbes) Mesh networking: how you communicate when China censors the internet.
How federal agencies can reduce dwell times (Fifth Domain) Feds should pay more attention to improving detection measures. Recognizing abnormalities early would give agencies an advantage to stop hackers sooner.
Disrupting Cybercriminal Strategy With AI and Automation (SecurityWeek) Many cybersecurity companies claim to have introduced AI capabilities into their solutions, but most fall short of true AI because their underlying infrastructure is too small or their learning models are incomplete.
Spam In your Calendar? Here’s What to Do. (KrebsOnSecurity) Many spam trends are cyclical: Spammers tend to switch tactics when one method of hijacking your time and attention stops working.
How to reduce the attack surface associated with medical devices (Help Net Security) Most medical devices available in the healthcare system today were not built with security in mind and it will take years until they are replaced.
Interfaith’s zero trust network protects against cyberattacks, saves $2 million (Healthcare IT News) Interfaith Medical Center deployed a variety of network security technologies to ward off ransomware and other attacks, virtualizing its servers in the process, which resulted in cost savings of more than $2 million over a seven-year period.
Israel Railways builds new cyber-monitoring center (Israel National News) New center to provide greater cyber-security to Israel's railways systems.
Design and Innovation
QR codes need security revamp, says creator (Naked Security) QR codes have been around since 1994, but their creator is worried. They need a security update, he says.
Research and Development
Researchers develop cheaper, more efficient Internet connectivity for IoT devices (Help Net Security) A cheaper and more efficient method for Internet of Things (IoT) devices to receive high-speed wireless connectivity has been developed.
How Misinformation Spreads—and Why We Trust It (Scientific American) The most effective misinformation starts with seeds of truth
Introducing KiloGram, a New Technique for AI Detection of Malware (InfoQ) A team of researchers recently presented their paper on KiloGram, a new algorithm for managing large n-grams in files, to improve machine-learning detection of malware. The new algorithm is 60x faster than previous methods and can handle n-grams for n=1024 or higher. The large values of n have additional application for interpretable malware analysis and signature generation.
Academia
Teen Cybersecurity Training Program Returns For Third Year (Infosecurity Magazine) Government-backed Cyber Discovery program has launched across the UK
Government backed Cyber Discovery launches third year, identifying the 'terrifyingly talented' (SC Magazine) Cyber Discovery year three launched today to identify elite cyber talent, strengthening their capabilities to help industry deal with the velocity of change - but should cyber now it be part of the school curriculum?
Teenage Hackers Wanted: Could Your Kid Be The Next £20M Cybersecurity Superhero? (Forbes) This £20 million government scheme turns teens into superhero hackers. Could your kid be next?
The “Olympics” of cyber culture coming to Oshawa | The Oshawa Express (The Oshawa Express) Regional chair John Henry, Elaine Popp (left) and Debbie McKee Cemczyk of Durham College sat down to discuss the importance of the Cyberlympics.
Murray State Program Designated A National Center Of Academic Excellence In Cyber Defense Education (WKMS) The National Security Agency and the Department of Homeland Security have designated Murray State University’s Telecommunications Systems Management (TSM)
Legislation, Policy, and Regulation
Meet the Coalition Pushing for 'Cyber Peace' Rules (Defense One) A growing group of governments and NGOs is trying to figure out what limits can and should apply to online attack, defense, and behavior.
Voronkov: Belarus becomes a leader in combating misuse of cyberspace (BELTA) Under-Secretary-General of the United Nations Counter-Terrorism Office Vladimir Voronkov named today's conference as a perfect opportunity to assess rapidly developing threats, work out innovative approaches to address common issues.
The US is unprepared for space cyberwarfare (Military Times) China and Russia have placed a high priority on developing superiority within the electromagnetic battlespace, the author of this commentary says.
U.S. counter-spies launch campaign against 'insider' threats (Reuters) The office of the top U.S. counterintelligence official is launching a campaign ...
OMB’s regulatory review is creating a backlog of cyber standards | Federal News Network (Federal News Network) NIST has been waiting since January for OMB to finish its review of the new and expanded privacy controls in SP 800-53, Revision 5.
Unlike U.S., Canada plans coordinated attack on foreign election interference (POLITICO) Ahead of the October election, Canada finds itself on the front lines of the war on disinformation and hacking.
Lawmakers offer bill to shore up federal cybersecurity (TheHill) Reps. John Ratcliffe (R-Texas) and Ro Khanna (D-Calif.) will introduce a bill this week intended to modernize a Department of Homeland Security (DHS) program that ensures the cybersecurity of federal agencies.
Air Force intel and cyber organization gets new commander (C4ISRNET) Maj. Gen. Timothy Haugh has taken command of 25th Air Force.
California adopted the country’s first major consumer privacy law. Now, Silicon Valley is trying to rewrite it. (Washington Post) Adopted last year, the California Consumer Privacy Act grants web users the right to see the personal information that companies collect about them and stop it from being sold. But powerful business organizations representing retailers, marketers and tech giants are seeking sweeping revisions before the law goes into effect.
Google, Industry Try to Water Down First U.S. Data-Privacy Law (Bloomberg) Lobbyist for Google pushes changes to California privacy act. Internet giant backs industry bid to protect targeted ads.
YouTube’s FTC Penalty Exposes Divisions Among Federal Regulators (Wall Street Journal) YouTube agreed to provide new protections for children on its platform and pay a $170 million fine, in a settlement that divided federal authorities over how to rein in technology giants.
Litigation, Investigation, and Law Enforcement
Huawei Says, Without Evidence, That U.S. Pressured Its Employees (New York Times) The Chinese technology giant said the American government had used harassment, entrapment and cyberattacks to disrupt its operations in recent months.
Media Statement Regarding Reported US DoJ Probes into Huawei (Huawei) On August 30, 2019, the Wall Street Journal reported that the US Department of Justice probed Huawei on alleged theft of smartphone-camera patents. These allegations are false. Huawei would like to issue the following clarifications regarding these claims, as well as recent probes by the US government mentioned in the Wall Street Journal's report:
Google emerges as target of a new state attorneys general antitrust probe (Washington Post) More than half of the nation’s state attorneys general are readying an investigation into Google, scheduled to be announced next week.
Feds Allege Adconion Employees Hijacked IP Addresses for Spamming (KrebsOnSecurity) Federal prosecutors in California have filed criminal charges against four employees of Adconion Direct, an email advertising firm, alleging they unlawfully hijacked vast swaths of Internet addresses and used them in large-scale spam campaigns.
Hacker linked to WikiLeaks says he’s been brought to Virginia for testimony (Washington Post) Jeremy Hammond is serving a 10-year prison sentence for hacking.
FBI asks Google for help finding criminals (Naked Security) FBI agents issued Google with a warrant in November 2018, seeking its help with a bank robbery the month before.
US plans for fake social media run afoul of Facebook rules (AP NEWS) Facebook said Tuesday that the U.S. Department of Homeland Security would be violating the company's rules if agents create fake profiles to monitor the social media of...
South Wales Police's facial recognition ruled lawful (Computing) Judicial review brought by Liberty concludes that the current legal framework governing police use of facial recognition is sufficient
Gigamon Takes Action to Protect Its Intellectual Property (BusinessWire) Gigamon Inc., the leader in network visibility and analytics for digital innovators, today announced they have filed suit in Federal District Court ag