Cyber Attacks, Threats, and Vulnerabilities
Israel accused of planting mysterious spy devices near the White House (POLITICO) The likely Israeli spying efforts were uncovered during the Trump presidency, several former top U.S. officials said.
North Korean hackers target U.S. entities amid stalled denuclearization talks (CyberScoop) A hacking group with ties to North Korea has been targeting U.S. entities with malicious documents as it works to hide its tracks better, according to research from Maryland-based cybersecurity firm Prevailion.
Joker trojan found on Android store (Information Age) Money siphoning malware installed nearly 500,000 times.
New 'The Joker' malware targeting Android users (Deccan Chronicle) A new kind of malware called 'The Joker' is putting to risk Android devices, researchers at cybersecurity firm CSIS have revealed.
Ryuk Related Malware Steals Confidential Military, Financial Files (BleepingComputer) A new malware with strange associations to the Ryuk Ransomware has been discovered to look for and steal confidential financial, military, and law enforcement files.
Could hackers gain a global ‘kill click’? (Fifth Domain) Congress is worried that it's not clear who is securing certain internet cables.
Privacy researcher discovers potential health data breach – over radio frequencies (Insurance Business) Researcher found that patient data was being transmitted without encryption
Wikipedia fights off huge DDoS attack (Naked Security) Wikipedia has suffered what appears to be the most disruptive Distributed Denial of Service (DDoS) attack in recent memory.
Threats to macOS users (SecureList) An extremely dangerous threat is a targeted attack on macOS and iOS users, mainly business users. Several well-known cybercriminal groups are currently working to develop malware for these operating systems.
Multiple Vulnerabilities in Comba and D-Link Routers (Trustwave) There are five new credential leaking vulnerabilities discovered and disclosed by Simon Kenin. Two are in a D-Link DSL modem typically installed to connect a home network to an ISP. The other three are in multiple Comba Telecom WiFi devices. All the vulnerabilities involve insecure storage of credentials including three where cleartext credentials available to any user with network access to the device.
Sophisticated Law Firm Email Domain Impersonation Fraud Concerning (Today's Conveyancer) In September alone, the Solicitors Regulation Authority (SRA) has issued three separate and sophisticated fraudulent emails using the details of SRA regulated firms and solicitors.
ThreatList: Amidst Data Breaches, Account Creation Fraud Soars in 2019 (Threatpost) Cybercrooks are using bots to create synthetic digital identities, to carry out various types of fraud.
New report reveals growing threat of cyber-attacks to food safety (New Food Magazine) A new report has warned that the food industry is vulnerable to cyber-attacks as it is not prepared and could pose risks to public health.
Agroterrorism: What Is the Threat and What Can Be Done About It? (RAND) A study by RAND researcher Peter Chalk focuses attention on the issue of agroterrorism—the deliberate introduction of a disease agent, either against livestock or into the food chain, to undermine socioeconomic stability and/or generate fear.
FBI Cyber Warning: Attacks On Key Employees Up 100%, As 281 Are Arrested (Forbes) Cyberattacks targeting individuals in businesses has now become an epidemic—and it's getting much worse.
Ransomware attack on Premier Family Medical reportedly impacts records of 320K patients (SC Magazine) US-based health care practice Premier Family Medical was struck by ransomware in July, affecting the records of roughly 320,000 patients.
Groton schools suffer data breach (Ithaca Times ) Groton Central School District announced on Aug. 29 that it was one of over 13,000 school districts across the nation victimized in a security data breach that exposed student information.
Local courts effected by cyber attack on Administrative Office of the Courts (Claxton Enterprise) Evans County Magistrate and Probate Courts were effected by a cyber attack of the Administrative Office of the Courts (AOC) located in Atlanta. The attacked occurred on June 29, 2019 but local officials only disclosed the information publically during a Evans County Commissioner’s meeting last week. The AOC provides support to state, probate, magistrate, and municipal court councils.
The New Target That Enables Ransomware Hackers to Paralyze Dozens of Towns and Businesses at Once (ProPublica) Cybercriminals are zeroing in on the managed service providers that handle computer systems for local governments and medical clinics.
Cyber Trends
2019 Verizon Incident Preparedness and Response Report (Verizon Enterprise) Read the new 2019 Verizon Incident Preparedness and Response Report (VIPR). Leverage insights from hundreds of data breach simulations to improve your incident response reporting and mitigation efforts.
39% of European Businesses Admit to Being Breached by a Cyberattack But the Majority of Hacks Remain Hidden From Public (PR Newswire) Almost half (46%) of successful attacks target under-trained employees. 75% of attacks never become public knowledge despite GDPR breach notification...
F Secure Oyj : Attacks using IoT devices and Windows SMB escalate in 2019 (MarketScreener) Cyber criminals upped the intensity of IoT and SMB-related attacks in the first half of 2019, according to a new F-Secure report, 'Attack...
Fraudsters no longer operate in silos, they are attacking across industries and organizations (Help Net Security) LexisNexis Risk Solutions' Cybercrime Report tracks growing threat of networked cybercrime from January 2019 through June 2019.
Redscan Reveals the most Googled People, Businesses, Scams and Breaches in the History of Cyber Security (PR Newswire) Redscan, the managed threat detection, incident response and penetration testing specialist, today released its 'Cyber...
Smart Cities Will Require Smarter Cybersecurity (Wall Street Journal) As cities become smarter, officials and security experts say that current defenses are unlikely to keep hackers at bay.
Marketplace
The Impact of China-US Trade Fight and Huawei and ZTE Bans on the Global Communications Equipment Supply Chain (Yahoo) Dublin, Sept. 11, 2019 -- The "The Impact of China-US Trade Fight and Huawei and ZTE Bans on the Global Communications Equipment Supply Chain" report has been added to.
Wikipedia Gets $2.5m Donation to Boost Cybersecurity (Infosecurity Magazine) Craigslist founder boosts non-profit’s efforts to recover from DDoS
KKR Makes Major Investment in Leading Labor Market Analytics Provider Burning Glass (BusinessWire) KKR, a leading global investment firm, and Burning Glass Technologies, the world’s leading real-time labor market data source, today announced that KK
Mountain View cybersecurity giant Symantec begins layoffs (San Francisco Chronicle) Cybersecurity company Symantec cut 152 jobs at its Mountain View headquarters and 18 in San Francisco, along with 36 in Culver City in L.A. County.
VMware COO: We Have a Bigger Plan For Security (WebProNews) Fundamentally, we have a bigger plan for security, says VMware COO Sanjay Poonen. We felt it was the perfect time for us to come up with a disruptive play that was based on big data, was AI, and was cloud-based. There were only two companies doing it, CrowdStrike and Carbon Black.
These Howard County cybersecurity companies formed a biz partnership (Technical.ly Baltimore) Elkridge's Atlantic Data Forensics and Columbia-based Bricata are teaming up on digital forensics and incident response.
Why Companies Are Forming Cybersecurity Alliances (Harvard Business Review) They’re stepping up where governments haven’t.
Garrison Appoints Deepak Kumaraswamy as Vice President, Technical Operations (Garrison) Garrison has been selected from a pool of hundreds of candidates across the globe as one of the World Economic Forum’s “Technology Pioneers”
Singapore-based Enterprise Data and Encryption Security Provider, SecureAge Technology, Launches in the US; Opens D.C. Area Headquarters (SecureAge Technology) Data security and encryption solution company used by Singapore government and military brings enterprise-class data protection technology to the US market
Onapsis Expands Executive Team with Leaders from Fossil Group, Carbon Black, Trustwave and Synopsys (Yahoo) The Business Applications Protection Leader Appoints New VP of Business Application Cybersecurity, VP of Global Marketing, Chief Legal Officer and VP of Human Resources
CyberSN Appoints Cyber Staffing Industry Veteran as President (Techfunnel) The largest technology, and cybersecurity talent acquisition firm, CyberSN, appointed Mark Aiello as its President. He was Co-Founder of Cyber 360
Products, Services, and Solutions
Amazon's Quantum Ledger Database is now generally available (SiliconANGLE) Amazon's Quantum Ledger Database is now generally available
Argus Cyber Security Targets IFEC Hackers With New Software (APEX | Airline Passenger Experience) Argus Cyber Security is bringing its extensive experience in the automotive sector to bear on security issues facing IFEC systems.
C2A Security and NXP collaborate on cybersecurity solution
(New Electronics) C2A Security, a specialist in automotive cybersecurity, has announced a comprehensive automotive security solution, developed in collaboration with NXP that uses the company's secure CAN (Controller Area Network) transceivers.
Radiflow Extends Its Industrial Threat Detection Solution With Business-oriented Risk Analysis (PR Newswire) Radiflow, a leading provider of cybersecurity solutions for industrial automation networks, today announced...
New Platform Aims to Keep Kids Safe Online (Infosecurity Magazine) ESET launches Safer Kids Online platform to protect youngsters in the digital world
Technologies, Techniques, and Standards
Cyber: DHS, DoD Thrash Out Command Details In Wargames (Breaking Defense) "If it’s a hurricane, [at the Defense Department], they’ve got the mission assignments. They know, 'OK, we’ve got to send people to fill sandbags,'" DHS's Jeanette Manfra explained. For cyber responses, she said, "that part is not mature enough."
Scrambling to become PSD2 compliant? You might have time. (iovation) In their recent opinion the EBA has also provided more clarity on whether specific authentication factors will satisfy SCA requirements for the elements categorized as: inherence, possession and knowledge. The EBA has confirmed that biometric authentication factors such as fingerprint, hand and…
NIST seeks comment on privacy framework (FCW) The latest version comes with a number of notable additions, such as increased flexibility for organizations and a concerted effort to align the agency's privacy and cybersecurity efforts.
NIST Requests Comments on Draft Privacy Framework (NIST) Protecting our privacy while keeping the digital wheels of society turning may feel mutually exclusive at times, but a...
To secure industrial IoT, use segmentation instead of firewalls (Network World) Firewalls have been the de facto standard for securing internal devices, but the industrial internet of things (IIoT) will change that. Segmentation is the better option in those scenarios.
Dark Web Forensics - EC-Council Official Blog (EC-Council Official Blog) You have, no doubt, seen the term ‘dark web’ in various news stories. However, many people in cybersecurity don’t know much about it, nor how to investigate it. The dark web is a web of sites that are available only via the TOR network. Now certainly not all of these are criminal sites. Many are... Read More
Anti-disassembly, Anti-debugging and Anti-VM (Infosec Resources) IT Security Training & Resources by Infosec
What You Need to Know — and Ignore — about Machine Reasoning (Intellyx) Recently, several technology companies have briefed me and professed to use a new type of artificial intelligence (AI) technology: machine reasoning. If [...]
Phishing: what it is, how to prevent it and how to respond to an attack (IT Pro Portal) Phishing is a widespread scam that can easily be prevented.
Security and compliance considerations for Microsoft Teams (CSO Online) Admins will need to make these decisions around security and governance when porting from Office 365 Pro Plus to Microsoft Teams.
The importance of cybersecurity (The Telegraph) Cybersecurity is a huge issue for businesses and it's imperative that as well as utilising technology, companies embed it in their culture
Design and Innovation
Regulations are driving innovation toward an identity layer on the Internet (Help Net Security) The security community often points to the inherent lack of an encryption layer on the Internet as a factor behind many of the related threat vectors. The
Why can’t the Pentagon use more open source code? (Fifth Domain) Congress' watchdog agency found that the Pentagon is well short of compliance on making custom code open source.
Security And Usability. Why Are We Still Getting It So Wrong? (Forbes) Problems typically arise because users feel that in order to effectively get through their to-do list, they simply don’t have time or the inclination to scrutinise the warnings they are given or install the necessary updates.
Web feature developers told to dial up attention on privacy and security (TechCrunch) Web feature developers are being warned to step up attention to privacy and security as they design contributions. Writing in a blog post about “evolving threats” to Internet users’ privacy and security, the W3C standards body’s technical architecture group (TAG) and Privacy…
Research and Development
Quantum Physics Protects Data From Cyberattack Over Standard Telecom Networks (Fortune) Quantum Xchange uses quantum technology to guard encryption keys.
Turing Institute launches £3.5m security research centre (NS Tech) Some of the UK's leading data scientists are joining forces with the security services to explore how AI and other cutting-edge technologies can bolster Britain's defences. The initiative will be hous
Academia
Mercyhurst to Help Expand Cyber Jobs in Federal Agencies (Erie News Now) The jobs will be tailored for neurodiverse individuals at federal agencies.
Stanford Launches Foundations of Information Security Course (Dark Reading) Cyber security's comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.
Legislation, Policy, and Regulation
Deterrence in Cyberspace Requires Multifaceted Approach (U.S. DEPARTMENT OF DEFENSE) A senior Defense Department official spoke to lawmakers on Capitol Hill about how the Defense Department is securing the nation's internet infrastructure.
Moving the Encryption Policy Conversation Forward (Carnegie Endowment for International Peace) The encryption of data and communications has long been understood as essential. Strong encryption thwarts criminals and preserves privacy for myriad beneficiaries, from vulnerable populations to businesses to governments. At the same time, encryption has complicated law enforcement investigations, leading to law enforcement calls for lawful access capabilities to be required of encryption technologies.
China 'must clean up its cyber act' for Huawei to be used in 5G network (the Guardian) UK defence secretary urges code of ‘fair play’ as he says decision on firm coming soon
UK says to decide on Huawei soon but China must play by rules (Reuters) Britain will make a decision soon about whether to allow Huawei equipment to be ...
We Can’t Secure 5G Networks by Banning Huawei Gear (Defense One) The next-generation network simply doesn’t work like the current one. Staying safe will require a new relationship between business and government.
China’s Long March to Technological Supremacy (Foreign Affairs) The roots of Xi Jinping’s ambition to “catch up and surpass.”
Analysis | Why U.S. foes around the world will welcome Bolton’s departure, and why they shouldn’t get too excited (Washington Post) North Korea, Iran and Russia in particular considered Bolton a key obstacle and are unlikely to miss him.
Trump says he has five "highly qualified people" to consider for John Bolton's job (CBS News) He fired Bolton by Tweet Tuesday. The ex-national security adviser says he resigned
Legislators Introduce Bipartisan Bill to Fortify Federal Cybersecurity (MSSP Alert) A bipartisan bill would update a Department of Homeland Security (DHS) program that provides tools and services to lock down federal cybersecurity.
Lawmakers weigh responses to rash of ransomware attacks (TheHill) Lawmakers on both sides of the aisle are mulling how to address the spate of ransomware attacks that have brought some state and local governments to their knees over the past few months.
Analysis | The Cybersecurity 202: Warren and Sanders still won’t say how they’re protecting campaigns against hackers (Washington Post) Security questions are more urgent as the field winnows.
Litigation, Investigation, and Law Enforcement
Cloud-Services Company Cloudflare Discloses Potential Sanctions Violations (Wall Street Journal) Cloudflare, a provider of cloud-based networking and cybersecurity services, may have violated U.S. economic and trade sanctions regulations, the company disclosed in a regulatory filing.
Amazon Probed by U.S. Antitrust Officials Over Marketplace (Bloomberg) The FTC is interviewing merchants to determine whether the e-commerce giant is using its market power to hurt competition.
Dimitar Georgiev, State National Security Agency: We have found a memo written in Russian by Nikolay Malinov on the need for geopolitical reorientation of Bulgaria (FOCUS Information Agency) Sofia. In the course of our investigative actions, we have found a memo written in Russian by Nikolay Malinov on the need for geopolitical reorientation of Bulgaria, and information on the so-called Project Bulgaria, Chairman of the State Agency for National Security (SANS) Dimitar Georgiev said during a hearing in Parliament over the ongoing Russian spy scandal, Focus News Agency reported.
CIA Rebuke Wasn't Enough...GOP Rep Wants Investigation Into Shoddy CNN Spy Story (Townhall ) The CIA rarely rebukes a media report, but the agency made an exception for CNN this week. The network recently claimed that two years ago the U.S. pulled an American spy out of Russia. The sources they chose to rely on were "multiple Trump administration officials with direct knowledge told CNN" and "a person."
Ex-Russian official thought to have spied for the U.S. was hiding in plain sight (Washington Post) The man and his family appear to have abruptly left their home outside of Washington.
Leaked tapes reveal plan to kill and cut up Jamal Khashoggi (Times) The men who ran the secret operation to kill the Saudi journalist Jamal Khashoggi referred to him as the “animal to be sacrificed” as they discussed how to dismember his warm body, leaked...
U.S. government defends constitutionality of banning Huawei products (Inside Cybersecurity) The Justice Department is defending the authority of Congress to ban the gove
FIN7's IT admin pleads guilty for role in billion-dollar cybercrime crew (CyberScoop) Fedir Hladyr, 34 plead guilty to wire fraud and conspiracy to commit computer hacking as part of a deal with prosecutors.
Chinese woman found guilty on two counts related to Mar-a-Lago security breach (CNN) Yujing Zhang, the Chinese woman arrested at Mar-a-Lago, President Donald Trump's private Florida club, earlier this year, has been found guilty on counts of unlawfully entering a restricted building and making false statements to a federal officer.
College student tried to hack into Trump’s taxes by creating a fake FAFSA application (The Verge) He faces up to two years in prison for violating the Computer Fraud and Abuse Act.
The DEA Didn’t Buy Malware From Israel’s Controversial NSO Group Because It Was Too Expensive (Vice) Emails between the DEA and NSO obtained by Motherboard explain why the DEA didn't purchase the company's malware in 2014.
ICE Has a New $30M Contract With Israeli Phone Cracking Company Cellebrite (The Daily Beast) The agency's previous contract with Cellebrite was worth $2.2 million.