Cyber Attacks, Threats, and Vulnerabilities
Philippines church bombing: Twin blasts hit Jolo cathedral (Al Jazeera) ISIL claims responsibility for the attacks that killed 20 people and wounded more than 100.
Huge Trove of Leaked Russian Documents Is Published by Transparency Advocates (New York Times) Files and messages on Russia’s war in Ukraine, the business dealings of oligarchs and other issues were published online by a group called Distributed Denial of Secrets.
Transparency advocate group releases trove of hacked Russian documents (TheHill) A group of transparency advocates released a massive number of hacked and leaked Russian documents on Friday in what is being viewed as retaliation against Russia's sharing of hacked Democratic National Committee
This former Google exec talked to the social media trolls the Russians paid to influence elections (CNBC) Camille François of Graphika, formerly a principal researcher for Google Jigsaw, got inspired by research she did for the U.S. Senate on Russian influence in the 2016 election, and decided to take it one step further.
Exclusive: Ukraine says it sees surge in cyber attacks targeting... (Reuters) Hackers likely controlled by Russia are stepping up efforts to disrupt Ukrainee&#...
APNewsBreak: Undercover agents target cybersecurity watchdog (The Seattle Times) The researchers who reported that Israeli software was used to spy on Washington Post journalist Jamal Khashoggi's inner circle before his gruesome death are being targeted in turn by international undercover operatives, The Associated Press has...
Internet watchdog Citizen Lab targeted in comically inept undercover sting (Ars Technica) Goons quiz researchers about their work exposing Israeli exploit seller NSO Group.
Statement from Citizen Lab Director on Attempted Operations Against Researchers (The Citizen Lab) Over the last month, two Citizen Lab staff members were contacted by two separate individuals in what appears to be an attempt to compromise our work. Each of the contacts purported to show an interest in the staff members’ personal, non-Citizen Lab related interests, and presented themselves as serious and professional.
[Documents concerning approaches to Citizen Lab researchers] (Citizen Lab) [Citizen Lab has posted documents, including emails, it says were exchanged during an approach two of its researchers sustained.]
How Hacktivism Led to Discovering Digital Arms Dealers (CSO Online) Under Surveillance: Investigating digital arms dealers is a documentary that globe hops from France to Libya, Syria, London and ends pointing a finger at a digital arms dealer in the USA. Entire countries are monitored for voices of dissent against their government, places where bloggers are tortured and killed for telling the truth, for fighting for freedom. These mass surveillance systems would not have been uncovered had it not been for hacktivists. (#OpBullAmesys)
"Cobalt" Hackers Use Google App Engine in Recent Attacks (SecurityWeek) Infamous "Cobalt" hacking group has been using Google App Engine for the delivery of malware through PDF decoy documents, security researchers say.
DailyMotion discloses credential stuffing attack (ZDNet) DailyMotion falls to credential stuffing attack two weeks after Reddit had the same fate.
Phishing Campaign Delivers Nasty Ransomware, Credential-Theft Duo (Threatpost) A spate of phishing emails with Word attachments deliver both the Gandcrab ransomware and Ursnif executable.
Lessons for Organizations from the South Korea Defense Agency Cyber Attack (CPO Magazine) A major cyber attack on South Korea is usually not a stop-the-presses global news item; it's fairly routine for North Korea and China to make attempts. But what's interesting are the organizational failures that this cyber attack highlights.
Razy Malware Attacks Browser Extensions to Steal Cryptocurrency (Threatpost) The malware targets victims in multiple, sneaky ways as they move around the web.
Mac users affected by ‘Shlayer Trojan’ dropped via a Steganography-based Ad Payload; Confiant and Malwarebytes report (Security Boulevard) Recently, Confiant and Malwarebytes analyzed a steganography based payload which was utilized by a “malvertizer” dubbed “VeryMal” by the two firms, to infect Macs. According to the firms, the attempted attack ad was viewed on as many as 5 million Macs. This campaign was active from 11th January 2019 until 13th January 2019. Confiant detected The post Mac users affected by ‘Shlayer Trojan’ dropped via a Steganography-based Ad Payload; Confiant and Malwarebytes report appeared first on Packt Hub.
Vulnerable cloud infrastructure experiencing increasing attacks (Help Net Security) Attackers are increasingly targeting vulnerable cloud infrastructure to exploit it for covert cryptojacking or to deliver ransomware.
Hackers Using RDP Are Increasingly Using Network Tunneling to Bypass Protections (SecurityWeek) Hackers conducting Remote Desktop Protocol (RDP) attacks are increasingly using network tunneling and host-based port forwarding to bypass network protections, FireEye says.
Fighting Emotet: lessons from the front line (Naked Security) Emotet is moving, shape-shifting target for admins and their security software. Here’s what we’ve learned from dealing with outbreaks.
Data Leak in Ghostscript Could Allow Command Execution (SecurityWeek) Data leak vulnerabilities in Ghostscript could allow an attacker to take over a routine and even execute commands on systems.
Flaws Expose Phoenix Contact Industrial Switches to Attacks (SecurityWeek) Phoenix Contact industrial switches are affected by vulnerabilities that can be exploited to obtain credentials for the web interface, conduct unauthorized activities, cause a DoS condition, and launch MitM attacks.
Singapore says personal details of 14,200 HIV patients were posted online (TechCrunch) For the second time inside a year, private health information belonging to people in Singapore has been compromised. Following a hack disclosed last summer that affected the patient records of up to 1.5 million citizens, Singapore’s Ministry of Health revealed today that personal details and …
If you bought anything from these 10 companies in the last year, your data may have been stolen (Business Insider) Data breaches continue to be a threat. In the last year, at least 10 consumer companies reported that customer information was made vulnerable.
City of Akron targeted in cyber attack (Fox8.com) The city of Akron is investigating what is described as “criminal virus activity” on its servers.
Ransomware attack takes down city services in Sammamish, Washington (StateScoop) The city says it’s now working with a security firm to identify its attacker and measure data loss.
Security Patches, Mitigations, and Software Updates
LabKey Vulnerabilities Threaten Medical Research Data (Threatpost) LabKey Server version 18.3.0-61806.763, released on January 16, patches all three issues, so users should update as soon as possible.
WordPress Users Urged to Delete Zero-Day-Ridden Plugin (Theatpost) The development team of the vulnerable Total Donations plugin appears to have abandoned it, and did not respond to inquiries from researchers.
Facebook debuts scam ads reporting tool (Naked Security) Adverts on Facebook featuring fake celebrity endorsements scam people out of their savings, and Facebook is now doing something about it.
Cyber Trends
Too few cybersecurity professionals is a gigantic problem for 2019 (TechCrunch) As the new year begins gaining steam, there is ostensibly a piece of good news on the cyber front. Major cyber attacks have been in a lull in recent months and still are.
Has the fight over privacy changed at all in 2019? (TechCrunch) Few issues divide the tech community quite like privacy. Much of Silicon Valley’s wealth has been built on data-driven advertising platforms, and yet, there remain constant concerns about the invasiveness of those platforms. Such concerns have intensified in just the last few weeks as France’s priv…
Thycotic research reveals IT security pros suffering image problem (Intelligent CIO Middle East) The majority of UK IT security professionals feel they’re suffering from an image problem among fellow workers, according to new research commissioned by Thycotic, a provider of privileged access management (PAM) solutions for more than 10,000 organisations worldwide. Nearly two thirds of respondents (63%) feel that their security teams are either viewed as the company […]
Everybody hates cybersecurity professionals (The Next Web) Infosec has an image problem.
Mark Carney: 'Assume failure' in cyber attacks on banks (Yahoo) The governor of the Bank of England said the UK's financial sector had to "assume failure" in cyber attacks.
Most IT Pros Share and Reuse Passwords: Report (Infosecurity Magazine) Data Protection Day shock as Yubico reveals poor security and security practice
The new Two Minutes Hate (TechCrunch) You see it first on Facebook or Twitter. Something contemptible: an image, or a video, or a tweet. One accompanied by a furious, snarky caption, highlighting just how awful and unacceptable it is, a dunk fueled by rage. The outrage rises within you. How can it not? You’re primed for outrage. …
Opinion | Twitter is the crystal meth of newsrooms (Washington Post) For journalists, the social media platform is a drug that insinuates itself into our vulnerabilities only to leave us toothless and disgraced.
Davos Edition: China-US Contest 'Problem of Our Time' (Atlantic Council) DAVOS, SWITZERLAND – Former U.S. National Security Adviser Stephen Hadley poses the most significant question hovering over the global future as the World Economic Forum's annual meeting opens here Monday. "Can the United States and China be...
Marketplace
Cybersecurity investment set to level out after years of historic growth (Fifth Domain) IPO investment into the cybersecurity market is set to suffer setbacks in 2019, a sign that the market is overheating.
For tech all-stars, working at the Pentagon can be a career killer (Defense News) The Pentagon is struggling to attract and retain talent for technology-centric jobs related to artificial intelligence, coding and software development.
‘It wasn’t a fun place to work’: DoD’s cultural hurdles in attracting tech talent (Defense News) Experts and former officials provided candid insights into the cultural hurdles that impede the DoD from attracting needed outside tech talent.
Vodafone Halts Purchase Of Huawei Equipment (Nasdaq) Vodafone Group plc (VOD, VOD.L) said Friday it is suspending the purchase of components made by Chinese tech giant Huawei Technologies Co. Ltd. for its core telecom networks.
Trump Finds An Unlikely And Powerful Ally In George Soros As US’s Tariff War Against China Heats Up (Daily Caller) 'Trump needs to crack down on them'
Without proof, is Huawei still a national security threat? (TechCrunch) It’s Huawei vs. the U.S., the U.K., Canada, Australia, New Zealand, and most of Europe and Japan. It’s almost as if the world’s biggest surveillance superpowers don’t want Huawei cell tower and networking router equipment inside critical networks in their countries, amid con…
UC Berkeley reacts to 'uni Huawei ban' reports: We unplugged, like, one thing no one cares about (Register) Meanwhile, Canada to sign 5G R&D collab with Nokia
Facing Backlash, Silicon Valley Says It Can Change (Wall Street Journal) At the annual World Economic Forum in Switzerland, some tech executives have a message for leaders concerned about their increasing size and power: We’re changing our ways.
Tech Playing Defense at Davos (The Information) Towards the end of 2018, as Facebook, Google, Twitter, Tesla and others were trying to put major scandals behind them, tech executives started talking privately about setting a new tone in 2019. This was the year companies would start talking about great new products and innovation again, going ...
Mark Zuckerberg’s WSJ op-ed was a message to would-be regulators: Hands off our ad business (Recode) It sure feels like regulation is coming for Facebook.
Sir Nick Clegg's Facebook army and its plans to fight off global regulation (The Telegraph) Facebook is hiring a host of new lobbyists, policy experts and spin doctors as it prepares for a regulatory onslaught from governments around the world.
Softbank spinoff's AI fund invests in British ID checking start-up Onfido (The Telegraph) Japanese financial services giant SBI Holdings is eyeing an investment in London-based online identity start-up Onfido, The Sunday Telegraph has learned.
Thales eSecurity spins out nCipher (ComputerWeekly.com) After just over a decade, Thales eSecurity has announced that it has spun out HSM specialist nCipher, the UK based encryption firm it acquired for $100m in 2008
Internet pioneer Dr Paul Vixie on pushing back against cyber crime (TechCentral.ie) This week TechCentral editor Niall Kitson meets with the inventor of the Domain Name System Dr Paul Vixie to talk about how his company Farsight Security is changing the way we handle online security. To never miss an episode of TechRadio subscribe, comment and rate us on iTunes, Soundcloud, Stitcher, Spreacker, iHeartRadio or paste the [&hellip
James Yeager: CrowdStrike Aims to Help Secure Gov’t Networks With Endpoint Protection Tech (Executive Biz) CrowdStrike has started to offer a cloud-based endpoint protection platform to state and local government customers via a procurement vehicle managed by the California Department of General Services.
Q&A: CEO Justin Fimlaid sees impressive growth for NuHarbor Security (VTDigger) The Essex Junction-based firm expects to roughly double last year’s revenues in 2019 and add 30-40 security engineer jobs in Vermont in the next five years.
Former Neustar CEO Lisa Hook to Join Unisys Board (GovCon Wire) Lisa Hook, former president and CEO of information services provider Neustar (NYSE: NSR), has been a
Products, Services, and Solutions
New cybersecurity tool launched (Insurance Business) The tool will allow organisations to act more quickly to reduce risk
Technologies, Techniques, and Standards
Japanese government plans to hack into citizens' IoT devices (ZDNet) Japanese government wants to secure IoT devices before Tokyo 2020 Olympics and avoid Olympic Destroyer and VPNFilter-like attacks.
The Pentagon’s Cybersecurity Is Falling Behind (Bloomberg) The U.S. military’s cybersecurity capabilities aren’t advancing fast enough to stay ahead of the “onslaught of multipronged” attacks envisioned by adversaries, the Pentagon’s combat testing office is warning.
Why America is not prepared for a Stuxnet-like cyber attack on the energy grid (CSO Online) The U.S. energy grid continues to be vulnerable to Aurora-like attacks that could cause blackouts lasting a year or more.
Utilities Brace For FERC Scrutiny Of Vendor Cybersecurity (Law360) U.S. utility companies are preparing to satisfy new rules from the Federal Energy Regulatory Commission that transfer cybersecurity standards onto third-party vendors, an area expected to be an enforcement priority in the coming year with regulators and defense officials identifying contracted services as weak links in the nation's power grid.
Moody’s concerns with cyber security of utilities – an open letter to utility Boards of Directors (Control Global) Moody’s Investor Services believes all utilities are prized targets for cyber attackers and sophisticated nation state actors may seek to exploit potential cybersecurity vulnerabilities. I think it is reasonable to assume that Moody’s is not comfortable that utilities are cyber secure regardless of the reassurances from industry organizations.
How accepting that your network will get hacked will help you develop a plan to recover faster (Help Net Security) Successful implementation of network security resilience relies upon making a fundamental shift in both security strategy and mindset.
Geolocating SSH Hackers In Real-Time (Medium) Tracking Hackers location using rsyslog, Influx and Grafana. Hackers beware!
15 secure coding practices to use in digital identity (CSO Online) Secure coding of any application or service is important, but it is vital in systems that process personal data.
Akamai director on how to prevent rise in cryptocurrency mining attacks (Intelligent CIO Middle East) Opinion piece from Richard Meeus, Security Technology and Strategy Director at Akamai Coin-mining malware isn’t a new threat. Although it has received increased attention over recent months following the fluctuations in the value of bitcoin and other digital currencies, it has roots dating back to 2011. The term ‘coin-mining malware’ is used to refer to malware […]
How to know when you're ready for a fractional CISO (Help Net Security) Fractional CISO providers can be chosen to deliver the exact skills you require, exactly when you require them.
Design and Innovation
What the Pentagon could learn from unicorns (Defense News) The promise of Silicon Valley is built on unicorns — startup companies valued at more than $1 billion — where the payoff is big enough that venture capitalists are willing to funnel a lot of money toward unproven technologies.
Cultural divide: Can the Pentagon crack Silicon Valley? (Defense News) The cultural divide between the East and West coasts is perhaps too big to be crossed.
Can the Pentagon convince Silicon Valley to move beyond walled gardens? (C4ISRNET) For the military, making the most out of the data it collects might mean letting more contractors use it.
Can facial recognition start-ups navigate privacy concerns to seek tech riches? (The Telegraph) Criminals in London attempting to hoodwink the police now have a new challenge to contend with:
YouTube Will Crack Down on Toxic Videos, But It Won’t Be Easy (WIRED) YouTube wants to remove videos promoting conspiracy theories and other false claims from recommendations, but that’s easier said than done.
As Clegg appears in Brussels, Facebook tightens controls on political ads, opens Dublin control center ahead of European elections (TechCrunch) Facebook continues to feel the heat over its role in how people communicate — and more importantly, miscommunicate — globally, so today in Europe it redoubled its efforts to counter critics by rolling out new controls specifically around election misinformation ahead of European Parliam…
How Facebook Trains Content Moderators to Put Out ‘PR Fires’ During Elections (Motherboard) Internal Facebook documents obtained by Motherboard show specific steps and strategies taken by the company to fight content moderation issues that may spike during an election season.
Facebook Details the "Defense-in-Depth” Approach Used to Secure its Platform (BleepingComputer) Facebook revealed the "defense-in-depth" approach it uses to make sure that its platform and services are secure and to find, fix, and prevent security issues to reach live deployment and affect end users.
The Pitfalls of Facebook Merging Messenger, Instagram, and WhatsApp Chats (WIRED) Facebook's effort to combine its major chat platforms could create minefields for users who rely on end-to-end encryption.
The facts about Facebook (TechCrunch) This is a critical reading of Facebook founder Mark Zuckerberg’s article in the WSJ on Thursday, also entitled The Facts About Facebook. Yes Mark, you’re right; Facebook turns 15 next month. What a long time you’ve been in the social media business! We’re curious as to whet…
Academia
Baylor Seeks to Educate, Raise Awareness of Data Privacy and Cyber Security (Baylor University) WACO, Texas (Jan. 25, 2019) – On Monday, Jan. 28, Baylor University will kick off a weeklong awareness campaign in conjunction with Data Privacy Day, an international effort launched by the National Cyber Security Alliance (NCSA) to educate people about the importance of respecting privacy, safeguarding data and enabling trust.
Budding UK cyber strategists gear up for national competition (ComputerWeekly) Teams of UK university students are preparing to compete for the second time in analysing the threat of a simulated cyber attack to develop policies and strategies.
WVU to research artificial intelligence to combat online opioid trafficking (WV News) Computer science researchers at West Virginia University plan to tackle the state’s opioid epidemic through the use of technology and artificial intelligence.
Legislation, Policy, and Regulation
EU states need to debate cyber security, Czech PM says, according... (Reuters) European Union countries should coordinate their approach to cyber security, Cze...
Without a clearer ethics policy, the US could lose the military tech battle with China (C4ISRNET) Nearly three decades after the Cold War ended, a new strategy of containment is underway at the Pentagon.
George Soros Attacks China's AI Push as 'Mortal Danger' (WIRED) In a speech at Davos, financier and philanthropist George Soros warned of the dangers of combining government and corporate AI efforts.
Russia, China block U.S. push for U.N. to back Venezuela's Guaido (Reuters) Russia, China, South Africa and Equatorial Guinea blocked on Saturday a U.S. pus...
Analysis | Russia spent billions to build influence in Venezuela. Now it faces a bet gone bad. (Washington Post) With Moscow’s Latin American influence at stake, Russian officials are furious over what they say is a U.S. regime-change effort in Caracas.
BAE boss: UK should be 'critical friend' to Saudi Arabia after Khashoggi murder (Sky News) The chairman of defence company BAE systems, Sir Roger Carr, says the Khashoggi murder damaged the position of Saudi Arabia.
France tightens 5G network controls amid Huawei backlash (Reuters) France is stepping up controls of telecoms infrastructure used in next-generatio...
In 5G Race With China, U.S. Pushes Allies to Fight Huawei (New York Times) With 5G networks about to remake the internet, the Trump administration fears decisions made in the next six months on China’s role will resonate for decades.
Matt Hancock tells social media giants to remove suicide and self-harm material (The Telegraph) Social media giants have been told by the Health Secretary to purge their sites of self-harm and suicide material, or face legislation.
Microsoft calls for new rules amid tech scrutiny (Reuters) Microsoft CEO Satya Nadella tried to calm growing concerns about facial recognition and other artificial intelligence during a sit-down talk at the World Economic Forum in Davos as experts warned more needs to be done to protect digital privacy.
US government agencies gear up to restart operations Monday (CNBC) U.S. government agencies that had largely shuttered operations for five weeks during a budget standoff said they were moving swiftly to resume operations and compensate employees for missed paychecks.
Analysis | The Cybersecurity 202: The government's cyber workers are back in action. First task: Checking for hacks (Washington Post) It could take weeks to uncover damage done during the shutdown.
Litigation, Investigation, and Law Enforcement
NATELCO Launches Comprehensive Investigation into Cyber-attack on ISPs (Liberian Observer) Authorities of the National Association of Telecom-Consumers (NATELCO) on Thursday, January 24, said they have initiated a comprehensive investigation into a cyber-attack on several Internet Servic…
United Nations launches investigation into Saudi journalist Khashoggi's murder (ABC News) The United Nations' human rights office will send international experts to Turkey to conduct an inquiry into the murder of Saudi journalist Jamal Khashoggi.
Canadian PM fires envoy to China after remarks on Huawei case (Reuters) In an unprecedented move, Canadian Prime Minister Justin Trudeau on Saturday sai...
Kremlin accused of laying false trail linking Sergei Skripal to ex-MI6 officer behind Trump dossier (The Telegraph) Russian intelligence created a false trail linking the double agent Sergei Skripal to the former MI6 officer behind the Trump dossier before carrying out the Salisbury nerve agent attack, the Telegraph has been told.
Google and IAB ad category lists show “massive leakage of highly intimate data”, GDPR complaint claims (TechCrunch) Male impotence, substance abuse, right-wing politics, left-wing politics, sexually transmitted diseases, cancer, mental health. Those are just a few of the advertising labels that Google’s adtech infrastructure routinely sticks to Internet users as it watches and tracks what they do online in…
Flood of Complaints to EU Countries Since Data Law Adopted (SecurityWeek) More than 95,000 complaints have been filed with EU countries since the bloc's flagship data protection laws took effect eight months ago, says the European Commission.
The Roger Stone indictment shows a conspiratorial comedy of Opsec errors (Ars Technica) Allegations show eagerness to connect with Assange along with some really bad covering up.
The Roger Stone Indictment: 4 Key Takeaways (WIRED) The indictment of longtime Trump adviser Roger Stone sheds new light on where the special council believes the Trump campaign and WikiLeaks intersected.
User of the world’s biggest DDoS-for-hire website? Police say... (HOTforSecurity) When police shut down the notorious website webstresser.org last year and arrested its administrators, a clear message was sent to the site's 151,000 users: you're next. Until its takedown, webstresser.org was believed to the world's biggest marketplace for the... #DDoSforhire #Europol #Webstresser
Cops catch $15m crypto-crook (Naked Security) A man has been arrested a year after stealing €10m ($15m) of the IoT-focused cryptocurrency IOTA using bogus software that tricked users.
Three Charged for Working With Serial Swatter (KrebsOnSecurity) The U.S. Justice Department has filed criminal charges against three U.S. men accused of swatting, or making hoax reports of bomb threats or murders in a bid to trigger a heavily armed police response to a target’s address. Investigators say the men, aged 19 to 23, all carried out the attacks with the help of Tyler Barriss, a convicted serial swatter whose last stunt in late 2018 cost a Kansas man his life.
There could be more than meets the eye in deportation of MTN (Daily Monitor) Although police did not provide any details on the matter, rumours made rounds that the MTN officials could have been involved in intercepting calls of government officials, business people and
Google Maps help Police catch serial masturbator after 4-year hunt (HackRead) An alleged “serial masturbator” who has been causing disturbance among citizens around Brisbane’s inner-city for the past four years has finally been caught by the Queensland Police thanks to Google Maps.