Cyber Attacks, Threats, and Vulnerabilities
eGobbler Malvertiser Uses WebKit Exploit to Infect Over 1 Billion Ads (BleepingComputer) Roughly 1.16 billion ad impressions have been hijacked in a malvertising campaign operated by a threat group dubbed eGobbler to redirect potential victims to malicious payloads, between August 1 and September 23.
Under-Detected ODT Files Deliver Common Remote Access Trojans (BleepingComputer) Security researchers noticed multiple cybercriminal operations using OpenDocument Text (ODT) files to distribute malware that is typically blocked by antivirus engines. The campaigns target English and Arabic-speaking users.
Disinformation for Hire: Russian PR Firms Co-Opt Western Media, Tech Firms (Fortune) Welcome to the next phase of propaganda.
Twenty million Russians have their tax records exposed online (Computing) Names, addresses, passport numbers, Tax IDs - the whole lot - exposed on unsecured, unencrypted Elasticsearch cluster
FakeUpdates hackers are back to spread ransomware (SC Magazine) Hackers have restarted a campaign to spread ransomware in a bid to extort millions of pounds from victims with Dridex and NetSupport used to drop BitPaymer or DoppelPaymer ransomware
FBI is investigating alleged hacking attempt into mobile voting app (CNN) The FBI is investigating after someone allegedly tried to hack into West Virginia's mobile voting app during the 2018 midterm elections.
New Bug Found in NSA’s Ghidra Tool (Threatpost) Flaw in National Security Agency's Ghidra reverse-engineering tools allows hackers to execute code in vulnerable systems.
New Exim Vulnerability Exposes Servers to DoS Attacks, RCE Risks (BleepingComputer) A new critical vulnerability in the Exim mail transfer agent (MTA) software was patched to prevent denial of service (DoS) or possibly remote code execution attacks.
New Adwind Campaign targets US Petroleum Industry (Netskope) A new campaign spreading the Adwind RAT has been seen in the wild, specifically targeting the petroleum industry in the US. The samples are relatively new and implement multi-layer obfuscation to try to evade detection. We found multiple RAT samples hosted on the serving domain and spread across multiple directories, all hosted within the last …
Checkm8 Apple iOS Forever Day Exploit Explained (MobileIron) checkm8 revealed an Apple iOS device vulnerability called Forever Day Exploit. Learn more about this iPhone exploit & how MobileIron UEM defends against it.
The iOS Checkm8 jailbreak is hugely significant, but not for you (WIRED UK) A hacker has revealed an iOS exploit that's unpatchable and could impact millions of iOS devices. But, it's 2019. A jailbreak is only really useful for security researchers
Armis Discovers Expanded Reach of URGENT/11 That Highlights Risk to Medical Devices (PR Newswire) Armis, the leading enterprise IoT security company, announced today the discovery that URGENT/11 impacts...
Inadequate Patch in Hewlett Packard Enterprise iMC 7.3 E0703 (Medium) On March 20, 2019, we released a research advisory detailing two vulnerabilities in HPE iMC 7.3 E0605P06 that could reward a remote, unauthenticated attacker with admin access.
OYO Security Flaw Leaves Customer Data, Phone Numbers Unprotected (Inc42 Media) Budget lodging chain OYO comes under the ambit of privacy breaches due to a flaw in its security system that left customer data unprotected.
Vulnerability in Cisco Webex and Zoom may expose online meetings to snooping (Help Net Security) Cequence Security’s CQ Prime Threat Research Team discovered of a vulnerability in Cisco Webex and Zoom video conferencing platforms that potentially
Yokogawa Products (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.4
ATTENTION: Low skill level to exploit
Vendor: Yokogawa
Equipment: Exaopc, Exaplog, Exaquantum, Exasmoc, Exarqe, GA10, and InsightSuiteAE
Vulnerability: Unquoted Search Path or Element
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow a local attacker to execute malicious files.
Interpeak IPnet TCP/IP Stack (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available
Vendors: ENEA, Green Hills Software, ITRON, IP Infusion, Wind River
Moxa EDR 810 Series (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.2
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Moxa
Equipment: EDR 810
Vulnerabilities: Improper Input Validation, Improper Access Control
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow remote code execution or access to sensitive information.
Email is an open door for malicious actors looking to exploit businesses (Help Net Security) The Wire report parallels the latest statistics on cybercrime with high-risk events commonly seen in the business world and everyday life.
Employee negligence can be a leading contributor to data breaches (Help Net Security) Shred-it and Ponemon Institute study finds seemingly innocent workplace mistakes put north american businesses at risk for data breaches.
Ransomware attacks force US and Australian hospitals to shut down their systems (Computing) The affected hospitals are turning away new patients and cancelling elective surgeries
Security Patches, Mitigations, and Software Updates
Fixes Ready for Interpeak IPnet TCP/IP Stack Holes (ISSSource) ENEA, Green Hills Software, ITRON, IP Infusion, Wind River all have various fixes available to mitigate multiple vulnerabilities in its OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, Zebos by IP Infusion, and VxWorks by Wind River products, according to a report with CISA.
Keeping privacy and security simple, for you (Google) We’re expanding our easy-to-use privacy controls to products like the Assistant, Maps and YouTube and announcing new ways of protecting your data online.
Guess what? You should patch Exim again! (Help Net Security) Hot on the heels of a patch for a critical RCE Exim flaw comes another one that fixes a DoS condition (CVE-2019-16928) that could also lead to RCE.
Singapore Government launches Vulnerability Disclosure Program (CISO MAG) The Government of Singapore announced that it has rectified 31 vulnerabilities in its network systems that are found by ethical hackers
Cyber Trends
2019 Cyber Threat Intelligence Estimate (Optiv) The best-practice recommendations in this report are practical next steps that help immediately improve cybersecurity posture.
Financial crime and fraud in the age of cybersecurity (McKinsey & Company) Institutions are crossing functional boundaries to enable collaborative resistance against financial cybercrime and fraud.
Allot Sees Increased Demand for Network Visibility and Control Solutions from Regulatory Agencies (West) First Half of 2019 Shows Marked Acceleration in Demand for Advanced Solutions Offering Actionable Insights into Network Usage and Abuses
Cybersecurity Programs Shown to Have Tangible Value in M&A Assessments (Yahoo) (ISC)² – the world's largest nonprofit association of certified cybersecurity professionals – today released the findings from its Cybersecurity Assessments in Mergers and Acquisitions report, which surveyed 250 U.S.-based professionals with mergers
C-Suite execs are the worst at cybersecurity compliance: report (Which-50) C-Suite executives are the least likely to comply with organisational cybersecurity policy, according to a new study. The report from Bitdefender found
New Research Shows Businesses Aren't Proactive Enough When it Comes to Managing Online Reputation (PR Newswire) To stay ahead of potential crises, most small businesses (88%) monitor their online reputation at least quarterly,...
Where's the CISOs? - missing from more than a third of Fortune 500 (SC Magazine) Shocking new report finds that not only are many major enterprises missing a CISO, but also security strategy roles and data protection mission statements are also absent.
Marketplace
Cyber insurance cover sales rise as attacks increase (The Asian Age) Top insurance brokers who deal with the crisis are of view that cyber risk is a top order item for any board across the globe.
Are there too many vendors in the federal cyber market? (Washington Business Journal) As CIOs and CISOs try to shape the nature of their technology environments, some are wondering whether the focus on cyber has led to a surfeit of options in the market.
ReFirm Labs Closes $2 Million Pre-A Funding Round to Accelerate Contin (PRWeb) ReFirm Labs, a provider of the industry’s first proactive IoT and firmware security solutions, today announced the closing of a Pre-A round of $2 million in f
HYPR Secures $18.3 Million Series B to Eliminate Passwords Across the Enterprise (PR Newswire) HYPR, the leading provider of True Passwordless Security, announced today the company has closed $18.3 Million in Series...
Acronis Announces a $147 Million Investment Round Led by Goldman Sachs - Media Releases - CSO | The Resource for Data Security Executives (CSO) Funding to allow Acronis to make acquisitions, expand the engineering team and accelerate the business growth in North America in the partnership with Acronis SCS
HW Kaufman acquires cyber MGA Node International (Reinsurance News) HW Kaufman Group, the parent company of wholesale brokerage and managing general underwriter Burns & Wilcox has acquired Node international, a
ReliaQuest Acquires Threatcare to Improve Proactive Management of Enterprise Security (PR Newswire) ReliaQuest, the leader in enterprise cybersecurity, today announced that it has entered into an agreement to acquire...
Danish company Demant expects to suffer huge losses due to cyber attack (Help Net Security) Danish hearing health care company Demant has estimated it will lose between $80 and $95 million due to a recent "cyber-crime" attack.
Visa, Mastercard, Others Reconsider Involvement in Facebook's Libra Network (Wall Street Journal) Cracks are forming in the coalition Facebook assembled to build a global cryptocurrency-based payments network.
How Kaspersky is moving from cybersecurity to cyber immunity (BNamericas.com) Russian-based cybersecurity firm Kaspersky believes that the only way to provide security protection to the next wave of connected devices is to migrate from a concept of cybersecurity to cyber immunity.
Products, Services, and Solutions
WatchGuard’s New DNSWatchGO Service Eliminates Evolving Security Blind Spots, Blocks Phishing Attempts (West) New service fills major security gap beyond the network perimeter, as new research shows 64% of remote users have fallen victim to a cyber attack
LogRhythm | LogRhythm Releases True Unlimited Data Plan for SIEM (RealWire) Industry’s first-ever fixed cost licensing model means businesses don’t have to sacrifice security because of cost unpredictability London, UK – 1st October, 2019 – LogRhythm, the company powering the world’s enterprise security operations centers (SOCs), announced today that it launched the first True Unlimited Data Plan for its NextGen SIEM
Exabeam Announces Enhancements to SIEM Platform at Spotlight19 (BusinessWire) During its annual user conference, Spotlight19, Exabeam, the announced enhancements to the Exabeam Security Management Platform.
NSS Labs Announces 2019 Next Generation Intrusion Prevention Systems (NGIPS) Group Test Results (NSS Labs, Inc.) Evasions Remain an Issue for Market Leaders AUSTIN, Texas – October 1, 2019 – NSS Labs, Inc., a global leader and trusted source for independent cybersecurity product testing, today announced the results of its 2019 Next Generation Intrusion Prevention System (NGIPS) Group Test. Five of the industry’s leading NGIPS products were tested to compare product capabilities for …
Checkmarx Achieves AWS Security Competency Status (Checkmarx) Checkmarx Software Security Platform available as a managed service on Amazon Web Services, in addition to on-premises and hybrid cloud environments RAMAT GAN, ISRAEL – October 2, 2019 – Checkmarx, a global leader in software security solutions for DevOps, today announced that it has earned Amazon Web Services (AWS) Security Competency status for its market-leadingRead More ›
Turn on EA Login Verification and get a free* month of Origin Access (EA) When you turn on EA Login Verification during October 2019, you add an extra layer of protection to your EA Account and we’ll give you a month of Origin Access. It’s as easy as that.
Exclusive Networks Partners with Bitglass to Accelerate the Adoption of Real-Time Cloud Security (EIN News) Exclusive Networks, the global specialist VAD for cybersecurity and cloud solutions, today announced its U.S. and Canadian partnerships with Bitglass, the
Huawei's first Google-free phone loses ability to install Google apps (Computing) Now with even less Google
Technologies, Techniques, and Standards
New Findings and Recommendations Issued by Shared Assessments on The Board’s Role in Effective Risk Management (BusinessWire) New Findings, Recommendations Issued on The Board’s Role in Effective Risk Management from Shared Assessments third party risk management leader
How One Alaskan Borough Stood Up to A Cyber Attack (CitiesSpeak) In today’s cyber landscape, every city, town and village in America is vulnerable to hackers. And while some local governments are taking steps to prevent and mitigate harm, many more municip…
Does addition by subtraction work for cyber tools? (Fifth Domain) The Department of Homeland Security looks to attack simulation technology and the Lockheed Martin Kill Chain to evaluate which tools are effective and which ones officials should remove.
Research and Development
Acalvio awarded seminal U.S. Patent that makes Deception Technology practical and cost-effective to deploy (West) Innovation allows for a first of its kind Projection of Deceptions – making Deception technology safe, easy and cost-effective
Legislation, Policy, and Regulation
New U.N. Debate on Cybersecurity in the Context of International Security (Lawfare) The U.N.’s open-ended working group on international law and norms in relation to cyberspace met for the first time earlier this month.
Trump intensifies ‘Arab NATO’ talks after Iran strike (Al-Monitor) The Donald Trump administration is working to push forward with a military alliance of Middle Eastern states as the international community looks to respond to a suspected Iranian attack on a Saudi oil facility.
Lawmakers Propose $1 Billion Purge of Chinese Telecom Equipment (Nextgov.com) The Secure and Trusted Communications Networks Act would help small and rural providers pay to replace equipment from Huawei, ZTE and other foreign vendors with safer alternatives.
America’s Answer to Huawei (Foreign Policy) The Pentagon is relying on U.S. commercial carriers to help win the 5G race against China.
Senate Bill Creates DHS Threat Hunting Teams (Decipher) The Senate has passed a measure that creates threat hunting and response teams to help government agencies and enterprises respond to major cybersecurity incidents.
Lawmakers advance bills that would add to DHS' cyber-responsibilities (SC Magazine) The US Senate pass a bill requiring the Department of Homeland Security to maintain cyber-hunt and incident response teams
NSA activates Cybersecurity Directorate to protect weapons, industrial base (UPI) The NSA activated its new Cybersecurity Directorate to bring the agency's foreign intelligence and cyberdefense missions together in an effort to better protect weapons security and the defense industrial base.
New NSA unit to monitor cyberattacks (Arkansas Online) The National Security Agency today will launch an organization to prevent cyberattacks on sensitive government and defense industry computers -- with an eye also toward helping shield critical private-sector systems.
Army Cyber Policy Focuses on Warfighters (SIGNAL Magazine) New initiatives emphasize cybersecurity in the tactical environment, including networks, weaponry and any other systems used by warfighters.
Monitoring capabilities, ISR tech will deter America’s adversaries (C4ISRNET) Increasing persistent surveillance in the Gulf — and perhaps more importantly making adversaries believe they’re being watched — is part of an effective peacekeeping strategy for the volatile region.
Background investigations move to their new home at the Pentagon (Federal Times) Officials at the Department of Defense and civilian agencies successfully orchestrated the transfer of nearly 3,000 employees from the Office of Personnel Management to the Pentagon.
Litigation, Investigation, and Law Enforcement
Ukrainian president: Trump didn’t use US military aid as lever (Military Times) Ukraine’s president said Tuesday that no one explained to him why millions of dollars in U.S. military aid to his country was delayed, dismissing suggestions that President Donald Trump froze the funding to pressure Ukraine to investigate Democratic rival Joe Biden.
FBI called in as Strathroy auto parts factory suffers cyber attack (The London Free Press) Local authorities have called in the FBI as the investigation deepens into a rare cyber attack against an auto parts manufacturer here.But even with the involvement of the U.S. la…
CCPA FAQs Part 3: Litigation, Regulatory Actions and Liability (Cooley) As we approach the January 1, 2020 effective date of the California Consumer Privacy Act (“CCPA” or “Act”) it is a good time to consider what is at stake for businesses that…
How to handle cyberspace security during a divorce (KHOU) How to handle cyberspace security during a divorce