National Harbor: news from the 2nd Annual National Cybersecurity Summit
Idols of the tribe and the marketplace: clickbait populism and social media nationalism (The CyberWire) What do social media serve up? A lot of confirmation bias (plus, of course, those selfies and pictures of pets).
Fear impedes clarity (The CyberWire) A whole-of-nation approach is important, but some contributions to that approach aren't particularly welcome. Take vendor FUD, for example.
Government cyber reskilling programs are just getting started, Federal CIO says (CyberScoop) Federal Chief Information Officer Suzette Kent says she expects the government’s Cybersecurity Reskilling Academies to keep expanding over the next few years.
What would a vulnerability disclosure program look like for voting equipment? Expect an RFI soon - CyberScoop (CyberScoop) Voting-equipment vendors are preparing to formally ask security researchers for ideas on building a coordinated vulnerability disclosure (CVD) program, the next step in the industry’s gradual move to work more closely with ethical hackers. The Elections Industry-Special Interest Group, which includes the country’s three largest voting-systems vendors, will this week release the request for information (RFI), Chris Wlaschin, vice president of systems security at one of those vendors, Election Systems & Software, told CyberScoop.
What to expect from the NSA’s new cyber directorate (Fifth Domain) The head of the NSA's cybersecurity directorate shared her goals for organization's first two months.
NSA’s Neuberger explores pilot project to inform 'security standards' for private sector (Inside Cybersecurity) The National Security Agency is preparing to launch an ambitious pilot project over the next two months to move cyber policy “beyond information sharing,” with extensive input from CISA, according to the NSA official leading the effort.
Cyber threat from Iran ‘very active’ following tensions in Gulf (Fifth Domain) As the United States contemplates a response to strike on Saudi oil facilities, Iran's cyberoperations against the U.S. are not abnormal
Cyber Attacks, Threats, and Vulnerabilities
Meet Panda, an illicit cryptocurrency mining crew terrorizing organizations worldwide (Hard Fork | The Next Web) Panda isn't very sophisticated, but it is absolutely prolific: researchers say the crew could've earned roughly $90,000 in Monero cryptocurrency already.
Smominru Mining Botnet In Cyber Turf War With Rival Malware (BleepingComputer) The Smominru mining botnet continues to wreck havoc on corporate machines by not only installing cryptominers, but also stealing credentials, installing backdoors, and making system configuration modifications that could affect the proper operation of an infected machine.
Cryptominer Attacks Ramp Up, Focus on Persistence (Dark Reading) The latest attacks, such as Skidmap and Smominru, add capabilities to allow them to persist longer on Windows and Linux systems, surviving initial attempts at eliminating them.
IoT devices lacking basic security assessments (IT Brief) Research firm Independent Security Evaluators (ISE) found 125 vulnerabilities in 13 IoT devices, reaffirming an industry-wide problem of a lack of basic security diligence.
Magecart Skimming Attack Targets Mobile Users of Hotel Chain Booking Websites (TrendLabs Security Intelligence Blog) We discovered a series of incidents where the credit card skimming attack Magecart was used to hit the booking websites of chain-brand hotels — the second time we’ve seen a Magecart threat actor directly hit ecommerce service providers instead of going for individual stores or third-party supply chains.
Adware found on Google Play Store (Wandera) Wandera’s threat research team has discovered two adware apps on the Google Play Store with a combined 1.5M+ downloads. The apps are both selfie filter camera apps with similar functionality.Adware is usually viewed as a nuisance for the end-user. However, mobile adware can kill productivity l
Two Android adware apps with 1.5 million downloads removed from Google Play Store (ZDNet) Researchers detail two malicious adware applications - one of which has been in the official Android store for two years.
Universities at risk from hackers, warn NCSC (SC Media) The UK's NCSC has published a report warning UK universities that "state espionage will continue to pose the most significant threat to the long-term health of both universities and the UK itself".
In the Dark - Dark Web Report (VPN Overview) How much does it cost to gain access to your personal information on the Dark Web?
Why WeWork's at risk of sharing customers' private info (CNET) Weak Wi-Fi security means the shared workspace could leave you vulnerable to hackers.
Thinkful Resets All User Passwords After Security Breach (BleepingComputer) Online developer bootcamp company Thinkful is sending out email notifications that state an unauthorized user was able to gain access to employee accounts credentials. Due to this, they are requiring all users to reset their passwords the next time they login.
How Hackers Could Break Into the Smart City (Wall Street Journal) The more connected a city is, the more it may be vulnerable to cyberattacks. Here are some of the potential weak spots.
The Internet of Things Is Still a Privacy Dumpster Fire, Study Finds (Vice) Biggest IoT study ever finds “smart” devices hoover up a universe of user behavior data and share it with a laundry list of global third parties, frequently with little transparency to the end user.
'Security' Cameras Are Dry Powder for Hackers. Here's Why (Fortune) Hundreds of thousands of vulnerable "security" cameras are a major factor in a new, very powerful distributed denial of service attack, or DDoS attack.
Privacy advocates worry that consumer license plate readers are creating a nosier neighborhood watch (Washington Post) License plate scanners were once a law enforcement tool. Now, private citizens have access to this powerful surveillance technology through new starts ups like Flock Safety. But privacy advocates say the implications around the consumer use of license plate scanners are troublesome.
Tridium Niagara (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: Tridium
Equipment: Niagara
Vulnerabilities: Information Exposure, Improper Authorization
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow a local user to escalate their privileges.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Tridium products are affected:
Rockwell Automation Arena Simulation Software (Update B) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.6
ATTENTION: Low skill level to exploit
Vendor: Rockwell Automation
Equipment: Arena Simulation Software
--------- Begin Update B Part 1 of 2 ---------
WECON LeviStudioU (Update A) (CISA) EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: WECON Technology Co., Ltd (WECON)
Equipment: LeviStudioU
Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Memory Corruption
Eight US Cities See Payment Data Card Stolen (BankInfo Security) Click2Gov municipal payment portals for eight U.S. cities were compromised after an apparent vulnerability in the software. More than 20,000 payment card records
Cyber attack targets Travis Central Appraisal District, demands ransom (KXAN.com) TCAD said it became aware of the attack at 9:30 p.m. Sept. 11, which affected website property search, phone, email and computer-assisted mass appraisal systems. All core systems were fully restore…
Stratford paid $75,091 to end recent cyber attack (Kitchener) The city says no significant data was compromised during the ransomware attack.
Security Patches, Mitigations, and Software Updates
A bug made some Windows Defender antivirus scans fail (Help Net Security) Microsoft fixes bug that made its Windows Defender Antivirus fail after a few seconds when users opted for a Quick or Full scan of the system.
Windows Defender Antivirus Scans Broken After New Update (BleepingComputer) Microsoft has released a new update for Windows Defender that has broken both the Quick and Full antivirus scans. When users use these scan options, Windows Defender will only scan approximately 40 files.
iOS 13 is now available to download (The Verge) Dark mode is the big new addition.
A New iOS Arrives, Along With a Few Bugs (Wired) Your iPhone will get a software update this week, but you might want to wait for iOS 13.1.
Marketplace
Air Force Bids $95M Cloud Contract To Support Unified Cybersecurity Platform (Nextgov.com) The service plans to pick 15 vendors to support the LevelUP program with cloud-based DevOps platforms.
Microsoft seeks end to Huawei tech ban (BBC News) The US company's president warns of a "digital iron curtain down the Pacific Ocean".
HP acquires Bromium, a startup behind its Sure Click security (ZDNet) Bromium will be integrated with other HP security offerings as the company looks to use security as a selling point for its devices.
HP Inc. Announces Acquisition of Bromium (HP) HP Inc. (NYSE: HPQ) today announced the acquisition of end point security start-up Bromium. Bromium’s application and browser isolation technology stops attacks that other solutions miss. The technology complements and enhances HP’s existing security platform with hardware enforced application isolation and containment to protect against advanced attacks while providing real-time threat intelligence.
Datadog valued at $10.9B after reportedly rebuffing $7B offer from Cisco Systems (Silicon Valley Business Journal) The New York City subscription software provider is trading on the Nasdaq under the symbol DDOG. Its stock premiered at $40.50 per share, up from the $27 IPO price, before closing the day at $37.55, CNBC reported.
The Startup That Runs Background Checks on Uber and Lyft Drivers Is Now Worth $2.2 Billion (Forbes) Ride-sharing helped its business take off, but the company is now processing background checks for retailers like Hot Topic to staffing agencies like Adecco: a total of 42 million reviews and counting.
Peter Thiel's Palantir set to delay IPO under bumbling leadership of CEO Alex Karp (The Next Web) Bloomberg today reported that Palantir Technologies, a Peter Thiel-founded company that builds mass-surveillance solutions for law enforcement agencies, will delay its highly-anticipated IPO indefinitely. According to the report, CEO Alex Karp needs more time to woo foreign investors. Thiel‘s also reportedly sent a memo to employees indicating they shouldn’t expect the company to IPO within “the next …
Palantir CEO Alex Karp Takes a Crack at Corporate Patriotism (Triple Pundit) Palantir CEO Alex Karp raised an interesting point about patriotism and corporate responsibility in a recent op-ed critical of Google.
Splunk adds new pricing options and launches venture capital arm (SiliconANGLE) Splunk Inc. is introducing new pricing options, an assortment of new partner initiatives and the establishment of a venture capital arm to invest in data-focused businesses.
US Cybersecurity Firm to Create 52 Jobs in Ireland (Infosecurity Magazine) Security Risk Advisors opens European HQ in Kilkenny
INKY Enhances Leadership Team with New Chief Revenue Officer (Yahoo) Anti-Phishing Start-Up Adds Cybersecurity Industry Veteran to Lead Company Go-to-Market Sales Effort
Jamie Fiedrich Joins Bishop Fox as Vice President of IT Operations (Yahoo) Bishop Fox, the largest private professional services firm focused on offensive security testing, announced today that Jamie Fiedrich has joined the firm as Vice President of Information Technology (IT) Operations. Fiedrich will help define and execute the corporate
Products, Services, and Solutions
Ownera Partners with Amazon on Hackathon to Launch the Revolutionary Ownera Digital Securities API (BusinessWire) Ownera, the institutional-grade blockchain network for digital securities (AKA Security Tokens), has announced it will be releasing its Digital Securi
Azul Systems Bridges Java Feature-Support Availability Gap (West) Java Runtime solutions specialist gives Java community greater choice, support for Java platform feature releases, plus quarterly security updates and bug fixes
Automox Launches Community to Help Organizations Automate Cyber Hygiene Best Practices (Yahoo) Automox, the cloud-native cyber hygiene platform provider, today announced the launch of Automox Alive, a community for IT and security practitioners that facilitates the sharing of extensible Automox Worklets™ to improve cyber hygiene. “Early on, Automox Alive has exceeded our expectations and proven
Jamf Announces Day-Zero Support for iOS 13 Across its Product Portfolio (West) New Apple platform capabilities improve management, identity, privacy and security for organizations and end users
Sisense Reaches New Security Standards With ISO 27001 Compliance (Newswire) Continues Investments in Protecting and Securing Customer Data
ThreatConnect Partners with RSA(R) To Bring New SOAR Solution to Market (Dark Reading) ThreatConnect and RSA to provide users with intelligence-driven security orchestration, automation, and response
Carbonite, Webroot debut unified partner program (CRN Australia) Standardised margins across entire product portfolio coming next year.
SECUDE’s SAP Data Security Solution, HALOCORE, Launched in SAP App Center (West) HALOCORE’s presence in SAP App Center validates its value as a critical data-centric security solution that augments SAP GRC.
Illumio Adds Container Support, Battles VMware, Cisco (SDxCentral) Security startup Illumio added container support to its segmentation platform, which means that companies can set and enforce consistent security policies across data center, cloud, and containerized workloads.
Odo Security unveils agentless, cloud-native platform that allows secure access management (Help Net Security) OdoAccess provides visibility into all user activity, can be set-up in less than 3 minutes and eliminates the administration burdens associated with VPNs.
Viasat announces network encryption products available for Five Eyes use (Shephard Media) Viasat has announced that its line of network encryption products are now available for use by all Five Eyes partner nations.The company said that its ...
Huawei’s New Smartphone Is 'Practically Useless' Thanks to Trump's Security Ban (Vice) The ban means Huawei can't do business with Google, so the cutting-edge new phone has none of the apps you need.
Thales adds new capabilities to its SafeNet Authentication Service - Help Net Security (Help Net Security) New adaptive authentication, single sign on and application visibility capabilities are available for Thales’ SafeNet Authentication Service customers.
MacKeeper Continues Transformation Launching 24/7 Data Breach Monitoring (Yahoo) Mackeeper—a software known and used by over 1.4 million users for performance, protection and MAC optimisation—is continuing its transformation to offer a one-stop solution for MAC digital protection and privacy. Today the company is launching two new features:
StrongVPN Deploys Global WireGuard Platform (PR Newswire) StrongVPN has announced worldwide support and availability of its new VPN platform built on top of WireGuard®, a new,...
Technologies, Techniques, and Standards
New Research Reveals Companies and Security Researchers Are Coordinating More Closely Than Ever Before (West) 90% of respondents believe coordinated disclosure of vulnerabilities is a public good
Election commission says it won’t de-certify voting systems running old software, highlighting security challenges (CyberScoop) The U.S. Election Assistance Commission has told lawmakers that it will not de-certify certain voting machines using outdated Microsoft Windows systems.
Design and Innovation
The Viral App That Labels You Isn't Quite What You Think (Wired) ImageNet Roulette reveals biases in artificial intelligence algorithms. But the vast majority of tags attached to people are rarely used.
ACT government and AustCyber launch Canberra Cyber Security Innovation Node (ZDNet) This brings the total number of innovation nodes in Australia to seven.
Academia
Davenport University receives $4M grant to train, educate cybersecurity experts (Michigan Live) Davenport University announced Thursday, Sept. 19, it received a five-year, $4 million grant from the National Science Foundation to train and educate cybersecurity experts as part of their CyberCorps® Scholarship for Service program.
UNSW professor wants to see more 'rascals' taking up cyber (ZDNet) Calling out those who are willing to question the status quo and change the way cybersecurity is taught at Australian education institutions.
Legislation, Policy, and Regulation
U.S. consulting with Saudi Arabia on ways to counter threats from... (Reuters) The U.S. military said on Thursday it was consulting with Saudi Arabia on ways t...
U.S. building coalition after Saudi oil attack, Iran warns against war (Reuters) The United States said on Thursday it was building a coalition to deter Iranian ...
Trump Orders Substantial New Sanctions on Iran (Wall Street Journal) President Trump said on Wednesday that he ordered Treasury Secretary Steven Mnuchin to substantially raise sanctions on Iran, the first U.S. policy response to last week’s attack on critical Saudi Arabian oil facilities.
Esper Exhorts Allies To Ban Chinese 5G: Britain’s Huawei Dilemma (Breaking Defense) London is on the verge of a much-delayed and debated decision about allowing Huawei to build "non-core" components of its 5G network.
The Right Way to Deal With Huawei (Foreign Affairs) The United States needs to compete with Chinese firms, not just ban them.
Now’s the time to respond to North Korean cyber operations (Fifth Domain) The United States and its allies should also impose additional sanctions on the key financiers of North Korea’s Reconnaissance General Bureau, which oversees North Korea’s cyber operations.
Lawmaker wants the White House to have a cyber czar again (Fifth Domain) The new national security adviser's
Analysis | The Cybersecurity 202: Lawmakers want to bring back top White House cybersecurity post (Washington Post) The absence of a White House cybersecurity coordinator imperils the nation, they say
Cyber teams deploying to safeguard national security (Mat-Su Valley Frontiersman) During the midterm elections last year, U.S. Cyber Command had three teams deployed forward in Europe working with partner nations to “hunt and track” adversaries attempting
DOD advancing cyber capabilities in preparation for 'enduring' election security mission (InsideDefense.com) Defense Secretary Mark Esper considers election security an "enduring mission" for the Defense Department, as DOD advances its cyber capabilities to thwart potential influence operations executed by adversaries like Russia and China ahead of 2020.
USAF’s New Info Warfare Group Coming Into Focus (Air Force Magazine) Air Combat Command on Sept. 18 announced that its new organization spearheading information warfare is called 16th Air Force and will tentatively be led by now-25th Air Force Commander Maj. Gen. Timothy Haugh, pending his confirmation by the Senate.
Air Force announces new information warfare entity (FCW) After some delay, the Air Combat Command will combine its 24th (cyber) and 25th (intelligence, surveillance and reconnaissance) Numbered Air Forces into one.
Air Force creates new information warfare organization, revamps Cyber Command teams (Fifth Domain) The Air Force is creating 16th Air Force that will combine cyber, electronic warfare, intelligence, surveillance and reconnaissance and information operations into a single organization.
Air Force Reserve boosts cyber capacity looking ahead to election season (FCW) The Air Force Reserve is showing higher retention rates among cyber operators compared to its general workforce.
Navy moves to penalize contractors for poor cybersecurity (InsideDefense.com) A new acquisition rule published this month details how the Navy could levy financial penalties against contractors for not meeting cybersecurity standards, as the service aims to better protect sensitive data in the face of what it considers a "cyber siege" by China and other competitor nations.
Analysis | The Cybersecurity 202: McConnell's support for election security funding is just the start of a big fight (Washington Post) Democrats say there's more to be done.
DNC chairman sounds alarm on potential interference in 2020 election, saying Trump’s words hinder the government’s security role (Washington Post) The concerns came in response to a request from Sen. Ron Wyden, which went unanswered by the GOP.
Who Is Robert C. O'Brien? Trump Names New National Security Adviser (International Business Times) O'Brien replaces John Bolton, who was ousted last week because of major policy differences with the president.
In Robert C. O’Brien, Trump picks the national security adviser he and the country need (Washington Post) My friend Robert C. O’Brien is a superb selection for the role.
NY SHIELD Act: New Extensive Cybersecurity Protocols and Expanded Data Breach Reporting for New York Businesses (Herrick, Feinstein LLP) On October 23, 2019, new cybersecurity laws begin to take effect in New York that will impact most New York businesses.
Closing Bell: California Legislature Passes Numerous CCPA Amendments and Other Privacy Bills on Final Day of 2019 Session (Cooley) The last day of California’s 2019 legislative session on Sept. 13, 2019 saw a flurry of legislative activity as numerous CCPA amendments passed in the Assembly, after being amended in the Sen…
Litigation, Investigation, and Law Enforcement
'Potential risk' intelligence from Australia leaked by Canadian police officer (Click Lancashire) Brenda Lucki, the RCMP commissioner, has confirmed that Ortis had access to both domestic and global information.
France dismisses Snowden’s latest request for asylum (Washington Post) France’s foreign minister says “it’s not the time” to grant a new asylum request from former U.S. National Security Agency contractor Edward Snowden
American Airlines mechanic accused of sabotaging flight has ties to ISIS, prosecutors say (WPLG) An American Airlines mechanic accused of disabling a navigation system on a flight scheduled to take off from Miami International Airport appeared in federal court Wednesday morning, at which time he was denied bond.
Huawei Tries to Overturn U.S. Ban That Cites 'Cyber-Exploitation' Risk (Claims Journal) Huawei Technologies Co. is making a Hail Mary bid to undo a U.S. law that prohibits federal agencies and contractors from buying or using the Chinese
Huawei Argues Ban on Doing Business with U.S. Government is Unconstitutional (Wall Street Journal) Attorneys for China’s Huawei Technologies argued in federal court in Texas that a law barring it from doing business with the U.S. government is unconstitutional.
Justice Dept. IG referred James Comey for criminal prosecution (The Washington Times) Justice Department Inspector General Michael E. Horowitz said Wednesday that he referred former FBI Director James B. Comey for criminal prosecution this year after concluding he leaked sensitive materials to a friend.
Coalfire Comments on Penetration Tests for Iowa Judicial Branch (Yahoo) Global cybersecurity firms such as Coalfire involved in technical testing are professionally contracted to simulate attacks using the same techniques any attacker may use to test the company's defenses so that they can remedy their vulnerabilities before a real-world incident occurs. Recently, two
Massive IT Support Fraud ‘Made $10 Million From Thousands Of Elderly Victims’ (Forbes) Hackers used fake virus alerts to dupe thousands of elderly PC users into coughing up cash.
FS-ISAC and Europol Partner to Combat Cross-Border Cybercrime (Infosecurity Magazine) Memorandum of Understanding aims to reduce cyber-risk in the financial system through intelligence sharing
FBI seized 3 hard drives with former Baltimore Mayor Pugh’s emails and other records, documents show (Baltimore Sun) The FBI seized former Baltimore Mayor Catherine Pugh’s emails and other computer records — along with those of one of her longtime aides — as part of its investigation into her financial dealings, according to documents obtained by The Baltimore Sun.