Cyber Attacks, Threats, and Vulnerabilities
North Korea Seen Using ELECTRICFISH, BADCALL Malware Variants (Dark Reading) The FBI and CISA issued an alert the same week researchers disclosed a new campaign launched by actors with North Korean ties.
Cyber Attack against Hungarian Government Organization (Hungary Today) The Hungarian Development Center (MFK) is forced to reorganize its administration from scratch after a hacker attack destroyed its entire digital database in mid-July, news site 24.hu reports. Allegedly, the attack most likely came from North Korea. The Ministry of Foreign Affairs later confirmed the cyber attack but denied any data loss, stating the MFK […]
EXCLUSIVE: Israel needs to be ready for terrorist 'dirty' cyber bomb (Jerusalem Post) Ex-deputy head of US Cyber Command warns that the West is not prepared for an attack.
Russian Hackers Behind Ukraine Power Outage May Have Sought More Damage (SecurityWeek) The Russian hackers behind the 2016 Crashoverride/Industroyer attack that caused a power outage in Ukraine may have been hoping to cause more serious damage.
New Clues Show How Russia’s Grid Hackers Aimed for Physical Destruction (Wired) A fresh look at the 2016 blackout in Ukraine suggests that the cyberattack behind it was intended to cause far more damage.
Air APT (NETSCOUT) Executive Summary
Airlines and the airport industry in general are highly lucrative targets for APT groups; they are rife with information that other countries would f
InnfiRAT: A new RAT aiming for your cryptocurrency and more (Zscaler) Zscaler ThreatLabZ team discovered a new RAT, InnfiRAT, which is written to look for cryptocurrency wallet information, such as Bitcoin and Litecoin. This malware creates a backdoor to steal additional user information, including usernames and passwords.
Simjacker attack exploited in the wild to track users for at least two years (ZDNet) Simjacker attack abuses STK and S@T Browser technologies installed on some SIM cards.
Autumn Aperture Report (Previllion) Autumn Aperture: Threat Campaign Highlights New Evasion Technique using an Antiquated File Format Authors: Danny Adamitis and Elizab...
How disinformation could sway the 2020 election (The Conversation) The Russians won’t be alone in spreading disinformation in 2020. Their most likely imitator will be Iran. Also, Instagram could get even more infected with intentional misinformation than it has been.
3S-Smart Software Solutions GmbH CODESYS V3 Products Containing a CODESYS Communication Server (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: 3S-Smart Software Solutions GmbH
Equipment: CODESYS V3 products containing a CODESYS communication server
Vulnerability: Improper Input Validation
2. RISK EVALUATION
Successful exploitation of this vulnerability could cause a denial-of-service condition.
3S-Smart Software Solutions GmbH CODESYS Control V3 OPC UA Server (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: 3S-Smart Software Solutions GmbH
Equipment: CODESYS Control V3 OPC UA Server
Vulnerability: NULL Pointer Reference
2. RISK EVALUATION
Successful exploitation of this vulnerability could cause a denial-of-service condition.
3S-Smart Software Solutions GmbH CODESYS Control V3 Online User Management (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: 3S-Smart Software Solutions GmbH
Equipment: CODESYS Control V3 online user management
Vulnerability: Incorrect Permission Assignment for Critical Resource
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow unauthorized actors access to unintended functionality and/or information.
3S-Smart Software Solutions GmbH CODESYS V3 Web Server (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: 3S-Smart Software Solutions GmbH
Equipment: CODESYS V3 web server
Vulnerabilities: Path Traversal, Stack-based Buffer Overflow
2.
3S-Smart Software Solutions GmbH CODESYS V3 Web Server (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: 3S-Smart Software Solutions GmbH
Equipment: CODESYS V3 web server
Vulnerabilities: Path Traversal, Stack-based Buffer Overflow
2.
3S-Smart Software Solutions GmbH CODESYS V3 Library Manager (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.6
ATTENTION: Low skill level to exploit
Vendor: 3S-Smart Software Solutions GmbH
Equipment: CODESYS V3 Library Manager
Vulnerability: Cross-site Scripting
2. RISK EVALUATION
Successful exploitation of this vulnerability may allow malicious content from manipulated libraries to be displayed or executed.
Philips IntelliVue WLAN (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.4
Vendor: Philips
Equipment: IntelliVue M3002A X2 MMS Transport Monitor/Module and IntelliVue MP monitors (MP2/X2, MP5, MP20-MP90, MX600, MX700 and MX800)
Vulnerabilities: Use of Hard-coded Password, Download of Code Without Integrity Check
2.
Report on Election Security Gains Attention, and a Sharp Rebuke (ProPublica) A Virginia cybersecurity company asserted many states were vulnerable to election system intrusions. Critics called the report flawed and questioned whether the company was looking to exploit legitimate anxiety about election security.
Fraudsters Obtained $30 Million Worth of IP addresses in South Africa: Expert’s Comments (Global Security Mag Online) Earlier this month, South African media revealed an elaborate fraud scheme where IPv4 addresses reportedly worth at least $30 million on the second-hand market were stolen or misappropriated from large multinational companies based in South Africa.
Ireland Hit by Pedophile Sextortion Email Scam (Infosecurity Magazine) Aggressive sextortion emails are being sent to Irish inboxes, threatening to expose people as pedophiles
Baltimore acknowledges for first time that data was destroyed in ransomware attack (Baltimore Sun) Baltimore's auditor said Wednesday that IT department performance data was lost when hackers locked city files in May — the first disclosure of data being destroyed in the attack.
Salamanca schools among 13,000 districts affected by data breach (The Salamanca Press) The Salamanca City Central School District was one of the 13,000 schools and universities recently hacked with a data breach to Pearson Education, district officials reported last week.
Rockford Public Schools hold ‘State of the District’ luncheon amidst cyber attack (MyStateline.com) Amidst a cyber attack against Rockford Public Schools, District 205 leaders are discussed the State of the District at Giovanni’s on Thursday. Superintendent Dr.…
Cyber Trends
Attack Landscape H1 2019: IoT, SMB traffic abound (F-Secure Blog) In the first half of 2019, traffic measured by F-Secure's global network of honeypots was twelve times higher when compared with the same period in 2018.
Thycotic Research Reveals Where Hackers and Security Professionals Agree and Where They Differ (PR Newswire) Thycotic, provider of privileged access management (PAM) solutions to more than 10,000 organizations, including 20...
New Poll Shows Consumers' Expectations on Data Privacy Evolve, But So Does Technology (Security Intelligence) Consumers' understanding of data privacy is evolving. Nearly two-thirds of poll respondents strongly agree that companies should be doing more to protect them against cybersecurity threats.
Beware! In most of the cases, hackers need their victims' help to launch a successful cyber attack (CyberByte Blog) Hackers target people more often than infrastructure. For example, last year, from all emails found distributing malware 99% of them did require human interacti
Facebook Suspends Netanyahu Campaign Bot for Hate Speech (New York Times) A message sent out by Prime Minister Benjamin Netanyahu’s campaign accused Israel’s Arab politicians of wanting “to destroy us all.”
Marketplace
2019 SINET 16 Innovators Announced (Yahoo) Winners Selected from an Increasingly Competitive Applicant Pool of Disruptive Cybersecurity Companies Across the Globe
Shape Security eyes IPO after raising $51 million at $1 billion valuation (VentureBeat) Shape Security, which uses AI and machine learning to help businesses block automated online fraud, has raised $51 million in a fresh round of funding.
Lacework Closes $42 Million Financing Round Adds Cloud Security Leader (Lacework) Addition of VC veterans Mike Speiser and John McMahon prepare Lacework for aggressive growth within cloud, container and DevOps security markets
Shift5 Raises $2.5 Million in Seed Round (PR Newswire) Shift5, Inc. a cybersecurity company that builds hardware and software products to defend weapon systems, air...
The A.I. Boom Helped This Data Cleaning Startup Collect $100 Million From Investors (Fortune) Data-cleaning tools will help scientists put an end to wasting time working as “glorified data janitors.”
Amid censorship storm, Cloudflare makes way for a $4.4B IPO (PitchBook) Cloudflare priced its IPO at $15 per share, giving the internet services provider an initial market cap of around $4.4 billion. We took a look at the company's journey from founding to the NYSE.
Implementing a successful cyber insurance program: Key steps and considerations (CSO Online) In a first, a Black Hat micro summit explains how insurers assess risk to write cyber insurance policies as more organizations seek to indemnify themselves against potential breach losses.
NightDragon Security Announces Addition of Admiral Mike Rogers, Nadav (PRWeb) NightDragon Security, a dedicated cybersecurity investment firm, today announced an expansion of its team by adding Admiral Mike Rogers, Nadav Zafrir, and
Products, Services, and Solutions
Acceptto Achieves FIDO2 Certification to Help Organizations Move Beyond Passwords (Markets Insider) Acceptto, the leading provider of Continuous Behavioral Authentication, has been certified by the FIDO (Fast ...
Tier 1 Cyber Certification Puts Cybersecurity Defense on the Offense (Tier 1 Cyber) The over-1,000-point assessment is the most aggressive on the market by the most elite team.
IBM looks to secure hybrid multi-cloud space with z15 (ITWeb Africa) Enterprise platform said to encompass first technology in the industry to manage privacy of customer data across hybrid multi-cloud environments.
Technologies, Techniques, and Standards
Five Recommended Ransomware Defenses For MSPs … And Our Experts Add Three More (CRN) In the wake of the ransomware attack on 22 Texas towns three weeks ago, the Texas Department of Information Resources provided a list of recommended actions to help MSP stop intrusions into their networks
OWASP API Security Project (OWASP) A foundational element of innovation in today’s app-driven world is the API. From banks, retail and transportation to IoT, autonomous vehicles and smart cities, APIs are a critical part of modern mobile, SaaS and web applications and can be found in customer-facing, partner-facing and internal applications. By nature, APIs expose application logic and sensitive data such as Personally Identifiable Information (PII) and because of this have increasingly become a target for attackers. Without secure APIs, rapid innovation would be impossible.
Leveraging AI to transform power grid security (Atlantic Council) Given our acute dependency on an uninterrupted supply of power, it is hardly surprising that power grids are among the most strategically important pieces of infrastructure for economic and national security alike.
Data Breaches Elicit Calls for More Transparency (Wall Street Journal) Companies are coming under increasing pressure to release details about how hackers infiltrate their systems and steal sensitive information.
4 Key Lessons for Enterprise Mobile Device Security (Endpoint Security Solutions Review) Mobile devices continue to prolifferate. Therefore, we present our favorite lessons about enterprise mobile device security.
6 Cybersecurity Best Practices For Your Small Business (Business 2 Community) When was the last time you checked a piece of news about small business being hacked? Small business owners often……
Design and Innovation
Updating the Values That Inform Our Community Standards (Facebook Newsroom) We’re expanding the values that serve as the basis for our Community Standards — the guidelines for what is and isn’t allowed on Facebook.
Facebook updates policy on limiting expression (Seeking Alpha) Facebook (FB -0.4%) has issued a policy update, "expanding the values that serve as the basis for our Community Standards."
Elevating original reporting in Search (Google) Google makes ranking changes to highlight original reporting.
Exclusive: Amazon will let anyone answer your Alexa questions now (Fast Company) The Alexa Answers crowdsourcing platform is now open to everyone in the United States. Amazon says it has measures in place to prevent misuse.
This Liberal Group’s Website Was Deemed Porn by the Trump Administration (The Daily Beast) No one thinks the citizen advocacy group Public Citizen is racy. And yet for months its website was being deemed adult content by the Department of Education’s web filter.
Opinion: The security necessity for U.S. innovation in 5G networks (Silicon Valley) How we build our next generation 5G network has profound implications
Research and Development
IBM and Fraunhofer Join Forces on Quantum Computing Initiative for Germany (Quantaneo, the Quantum Computing Source) Agreement Bolsters Germany's Innovation Agenda with focus on Creating New Community around Quantum Research and Skills. IBM (NYSE: IBM) and one of Europe's leading organization for applied research, Fraunhofer-Gesellschaft announced an agreement to partner in the area of quantum computing wit...
Academia
Sixteen Graduate from Cyber Florida’s Veteran-Friendly Rapid Training Program (Tampa Bay Newswire) An innovative approach to addressing Florida’s critical cyber workforce shortage, the program prepares veterans and members of other underrepresented groups for entry-level cybersecurity positions September 9, 2019 – Tampa, FL: Dignitaries from Cyber Florida, the University of South Florida, and JPMorgan Chase & Co. were on hand the afternoon of Friday, September 5, to celebrate the graduation of sixteen…
Legislation, Policy, and Regulation
Facebook's Libra cryptocurrency 'will be blocked in Europe' (The Independent) French finance minister says: ‘We cannot authorise the development of Libra on European soil’
France calls for EU rules on cryptos (Seeking Alpha) As Facebook (NASDAQ:FB) aims to get a payment system license from Switzerland's FINMA, France said it will block the crypto's development until consumer risk and governments' monetary sovereignty were addressed.
NZ to fund NZ$10m to support Pacific cybersecurity strategy (ZDNet) Over the next five years, the New Zealand government will support Pacific countries as they secure their infrastructure and data, enhance online safety, and implement new cyber crime laws.
U.S. flags Huawei 5G network security concerns to Gulf allies (Reuters) The United States has raised its concerns with Gulf allies over a possible secur...
NSA Publishes Threatening Letter Calling for Encryption Backdoors (The Mac Observer) Glenn S. Gerstell, general counsel for the National Security Agency (NSA) published a letter in the New York Times.
New internet security policy will help agency cloud migration (Fifth Domain) A new memo from the Office of Management and Budget outlines four approved use cases for Trusted Internet Connections.
Litigation, Investigation, and Law Enforcement
Google to pay $1 billion in France to settle fiscal fraud probe (Reuters) Google agreed to pay close to 1 billion euros ($1.10 billion) to French authorit...
Coinbase UK Settles Lawsuit With Victim of Email Phishing Attack (Cointelegraph) The U.K. arm of cryptocurrency exchange Coinbase settled a lawsuit with a man who lost 80 Bitcoins in an email phishing attack.
WSJ News Exclusive | Government Orders Google: Let Employees Speak Out (Wall Street Journal) Federal regulators have ordered Google to assure employees they are allowed to speak out on political and workplace issues, as part of a settlement of formal complaints that the search giant punishes those who do just that.
Google will confirm employees can discuss "workplace issues" as part of a settlement (The Verge) A complaint alleged it unfairly fired a conservative employee.
The FBI is investigating a venture capital fund started by Peter Thiel for financial misconduct (Vox) Mithril Capital raised over $1 billion on the name of Thiel, one of Silicon Valley’s biggest celebrities. Now federal investigators are looking under the hood.
Trump says he does not believe Israelis are spying on the U.S. (Reuters) U.S. President Donald Trump said on Thursday he does not believe Israel is spyin...
Pentesters arrested probing courthouse security charged as criminals (Mashable) The two men had been hired to do a security test. Apparently no one bothered to tell the police.
Edward Snowden Tells NPR: The Executive Branch 'Sort Of Hacked The Constitution' (NPR) In an interview with NPR about his memoir, Permanent Record, former NSA contractor Edward Snowden denies any cooperation with Russian intelligence and says he would return if guaranteed a fair trial.
Ukrainian man pleads guilty to hacking, wire fraud charges (Washington Post) A member of a sophisticated international hacking group that authorities say targeted businesses to steal credit and debit card records has pleaded guilty to hacking and wire fraud charges