Atlanta: the latest from SecurityWeek's 2019 ICS Cyber Security Conference
Risk management, cyber operations, and the Westphalian system (The CyberWire) Understanding the opposition's strategy is essential to sound risk management.
Outdated OSs Still Present in Many Industrial Organizations: Report (SecurityWeek) Outdated and unsupported operating systems are still present and they still pose a serious risk in many industrial organizations
How to reduce the risk posed by vulnerabilities in IoT/ICS networks? (Help Net Security) New CyberX analysis of real-world network traffic reveals alarming prevalence of IoT and industrial control system (ICS) vulnerabilities.
New Analysis of Real-World Network Traffic Reveals Alarming Prevalence of IoT and Industrial Control System Vulnerabilities (CyberX) “2020 Global IoT/ICS Risk Report” illustrates why organizations are susceptible to costly downtime, catastrophic safety incidents and theft of sensitive intellectual property
Forescout Joins Global Cyber Security Alliance for Operational Technology (Forescout) New Cyber Security Alliance will develop comprehensive cyber security guidelines for operational technology infrastructure SAN JOSE, Calif., October 22, 2019 – Forescout Technologies, Inc. (NASDAQ: FSCT), the leader in device visibility and control, today announced that it has joined a new alliance to provide a technical and organizational framework for safe and secure operational technology …
Gerry Cauley, Head of Strategy at Siemens, is Creating a New Program to Perform NERC Compliance for Power Plants (Yahoo) Gerry Cauley is the Principal Consultant and Head of Strategy and Planning Practice at Siemens Energy Business Advisory in Fairfax, VA. Cauley's team works tirelessly to anticipate extreme risk events that threaten to hinder energy companies and shares
Cyber Attacks, Threats, and Vulnerabilities
Just say the 'magic password': Boffins turn up potential backdoor in SQL Server 2012, 2014 (Register) Admin rights needed to fire up the malware and – hey presto!
The Pradeo Lab identifies another app with Joker malware on Google Play (Pradeo) Joker is a malware that silently exfiltrates data and subscribes users to unwanted premium subscription. The malware was found in 24 apps on Google Play.
New Variant of Gustuff Android Banking Trojan Emerges (SecurityWeek) Recent Gustuff Android banking Trojan campaigns featured an updated malware version.
Attackers improving BEC skills (SC Magazine) Business email compromise or impersonation attacks overall rises 25 percent during the second quarter of 2019
Supply Chain Impersonation: Just Another Tool in a Threat Actor’s Bag (FireEye) Many companies are experiencing supply chain impersonation attacks that involve their vendors being spoofed.
New Winnti Backdoor Targets Microsoft SQL (SecurityWeek) A recently identified backdoor used by the China-linked Winnti hackers and which targets Microsoft SQL (MSSQL) is very stealthy.
Historical Breadcrumbs Link Magecart 5 to Carbanak Group (SecurityWeek) Malwarebytes has found sufficient evidence to suggest that Magecart 5 is really the APT group known as Carbanak
Magecart group linked to Dridex banking Trojan, Carbanak (ZDNet) Domain tracking has led to connections between different cyberattack campaigns.
'Sensitive US Army data 'exposed online' (BBC News) Hotel room numbers, phone numbers and names were left exposed on an unencrypted server, researchers say.
Autoclerk leak exposing US military “should never have been possible” (Verdict) A vast leak of a database belonging to reservations management system Autoclerk has been condemned by the cybersecurity industry.
Here's what the NordVPN hack means (Tech Advisor) With news of a serious security breach on one of its severs, you’d be forgiven for wondering whether NordVPN is safe to use. We explain what you need to know.
Samsung Galaxy S10 Banned by Banks Due to Buggy Fingerprint Reader (BleepingComputer) At least three banks operating in the UK have decided to temporarily suspend their mobile banking services for Samsung Galaxy S10 users.
Malicious Apps on Alexa or Google Home Can Spy or Steal Passwords (BleepingComputer) Google and Amazon smart speakers can be leveraged to record user conversation or to phish for passwords through malicious voice apps, security researchers warn.
Configuration mistakes that provide field days for hackers (AME Info) Common security mistakes and overlooked misconfigurations can open the door for malware or attackers, potentially leaving your environment and any exposed data ripe for the picking
SafeBreach discloses vulnerabilities in Avast, AVG, Avira (The Parallax) Exploiting newly-revealed vulnerabilities in popular antivirus programs Avast, AVG, and Avira requires a hacker to have administrator privileges.
UC Browser Android Users are Vulnerable to Man-in-the-Middle Attacks (CISO MAG) Security experts found unusual activities in UC Browser for Android exposing more than 500 million users to Man-in-the-Middle attacks.
Schneider Electric ProClima (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Schneider Electric
Equipment: Proclima
Vulnerabilities: Code Injection, Improper Restriction of Operations within the Bounds of a Memory Buffer, Uncontrolled Search Path Element
2.
Vulnerability Summary for the Week of October 14, 2019 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Billing Provider Billtrust Suffers Outage After Malware Attack (BleepingComputer) U.S. financial services provider Billtrust experienced an outage affecting all of its services after some of the company's computing systems were impacted by a malware attack on October 17.
What I learned by chatting with Chinese robocallers (Marketplace) Those Chinese-language phone scams are on the rise again.
Pay and the Ransomware May Not Go Away, Warns Databarracks (Fintech Times) Earlier last week, US shipping tech firm, Pitney Bowes, was hit with a ransomware attack that encrypted information on its systems. While it is reported
'Your whole business is basically gone': Gillian Franklin hit by $2 million cyber attack (The Sydney Morning Herald) The Heat Group's founder logged on from London to discover all her online documents and files were missing and were replaced by a ransom note demanding payment of the equivalent of $40,000 in Bitcoin.
A terrifying 650 cyber attacks designed to wreak havoc across Britain thwarted last year (Express.co.uk) More than 650 cyber plots designed to wreak havoc across the country were foiled last year, the intelligence services have revealed. Hostile foreign states, criminals and activists were behind attempts to crash vital public services, businesses and university systems.
Email scams target UNL students (The Daily Nebraskan) Students at the University of Nebraska-Lincoln have been targets of recent scam emails.
Security Patches, Mitigations, and Software Updates
Firefox 70 arrives with social tracking blocked by default, privacy report, and performance gains on macOS (VentureBeat) Mozilla today launched Firefox 70 with social tracking protection, a Privacy Protections report, new Lockwise features, and performance improvements.
Cyber Trends
SonicWall: Encrypted Attacks, IoT Malware Surge as Global Malware Volume Dips (SonicWall) Exclusive cyber threat intellignce through the first three quarters of 2019. Only from SonicWall.
Ransomware Attacks Map (StateScoop) Innovative Digital Reference Tool Provides Up-to-Date View of Ransomware Attacks Against State and Local Governments, K-12 Districts, Higher Education Institutions in the U.S.
Perceptions on the impact of data breaches and identity protection (Help Net Security) 4iQ recently completed research focusing on Americans’ attitudes about cybersecurity breaches and the efforts that organizations make to mitigate
The Internet and the Third Estate (Stratechery by Ben Thompson) Mark Zuckerberg suggested that social media is a “Fifth Estate”; in fact, social media is a means by which the Third Estate — commoners — can seize political power. Here history matters…
Cyber Security Connect UK Advice British Businesses To Enhance Their Protection Against Cyberattacks (Security Informed) British businesses should drastically up their game when it comes to being prepared and able to effectively deal with cyberattacks, according to Cyber Security Connect UK (CSC UK), the industry forum...
Cybersecurity: Hostile nations responsible for 'significant' number of attacks against UK organisations (ZDNet) The NCSC annual report reveals the number of incidents it has had to help organisations deal with in the past 12 months - and points to nation-state hackers as a major source.
U.K. Repelled 600 Cyber Attacks This Year, Many From Overseas (Bloomberg) Government, universities among sectors most at risk: NCSC. Most-hacked passwords include Liverpool, Superman, 123456
NTT Report Finds Digital Natives Don’t Prioritize Cybersecurity (Valdosta Daily Times) In today’s multigenerational workforce, professionals over the age of 30 are more likely to adopt cybersecurity best practices than their younger colleagues who have grown up with technology.
Cyber threats in rail industry to worsen, warn experts (The Straits Times) Cyber security threats to rail operations are a pressing issue that will get more serious, a panel of experts said yesterday.. Read more at straitstimes.com.
Marketplace
When Espionage Skills Are for Sale, So Is Your Security (Stratfor) Everything has a price. And increasingly that includes world-class tools and capabilities on par with top intelligence agencies, changing how we understand and protect against corporate espionage threats.
ZTE calls for joint effort on security (Mobile World Live) LIVE FROM ZTE WIRELESS USER CONGRESS AND 5G SUMMIT 2019, VIENNA: A ZTE executive tackled ...
ZTE gets ready for 5G security assessments in Brussels’ lab: executive (RCR Wireless News) ZTE’s labs in China, Belgium, and Italy allow local and remote source code review and security design review of 5G products
Hacker contest planned to locate defenders of cyberspace (The Asahi Shimbun) The Defense Ministry will hold its first hacking competition next fiscal year to find experts who ca
McAfee lays off 100 in Hillsboro (Portland Business Journal) The company has an office of more than 300.
Sumo Logic In Talks To Acquire Cybersecurity Startup JASK: Sources (CRN) Data analytics vendor Sumo Logic is in negotiations with JASK about purchasing the four-year-old cybersecurity startup, according to multiple sources familiar with the situation.
Splunk Buys Another Startup, Launches Mission Control (SDxCentral) Splunk bought another startup, announced a security platform called Mission Control, and new capabilities in its Data-to-Everything Platform.
What Rich McBee’s Move to Riverbed Means for SD-WAN (Insight for the Connected Enterprise) As Rich McBee assumes the role of Riverbed CEO, what acquisitions might he have on his mind?
KnowBe4 Africa expands continental reach thanks to Cyber Security Africa partnership (IT News Africa) Security awareness training company, KnowBe4 Africa announced on Monday, 21 October 2019, that has chosen Cyber Security Africa as its African distributor. The
Former Gov. McAuliffe Joins Hunton Andrews Kurth Industries (Virginia Business) Former Virginia Gov. Terry McAuliffe has joined Hunton Andrews Kurth LLP, Virginia's second-largest law firm, as the global strategy advisor for the Centre for Information Policy Leadership (CIPL), the firm's Washington, D.C.-based global privacy and cybersecurity think tank.
Marvell CFO Jean Hu Joins Fortinet Board of Directors (Yahoo) Ken Xie, CEO, founder and Chairman of the Board at Fortinet“We are pleased to have Jean join the Fortinet Board of Directors. With the.
New Claroty CEO Thorsten Freitag To Drive IT, OT Security Convergence (CRN) Rising industrial cybersecurity star Claroty has snagged industry veteran Thorsten Freitag to help organizations better close the gap between IT and OT responsibilities in security.
Former Deputy Director of the National Security Agency Chris Inglis Joins the RangeForce Advisory Board (PR Newswire) Chris Inglis, the former Deputy Director and senior civilian leader of the National Security Agency, has joined...
The Washington Post’s New Columnist Consults for Spyware Firm That Helps Saudi Arabia Surveil Journalists (Vice) The new Washington Post columnist consults for NSO Group, which is currently being sued for helping Saudi Arabia surveil Washington Post columnist Jamal Khashoggi, who was murdered.
Products, Services, and Solutions
Persistent File Protection for Gmail - Secure File Sharing from Virtru (Virtru) Virtru’s Persistent File Protection for Gmail enables private, compliant sharing of attachments beyond Gmail to desktops, Google Drive, shared network folders, and other cloud platforms—while maintaining control and visibility.
Lynx Technology Partners Receives Ivanti One Certification for Lynx Risk Manager (Ivanti) Through Certified Integration with Ivanti Service Manager, Lynx Risk Manager Simplifies and Automates Integrated Risk Management Processes
Cynet’s free vulnerability assessment offering helps organizations significantly increase their security (Threatpost) By monitoring their environment, companies can be ready to take action if any weakness – usually a software vulnerability – is found.
Bugcrowd launches Attack Surface Management platform (SearchSecurity) Bugcrowd introduced Attack Surface Management, an asset discovery and prioritization tool aimed to secure legacy and shadow IT resources by identifying and prioritizing unknown assets.
Nok Nok Labs First to Provide FIDO-Based Authentication for Smart Watches (Yahoo) Strong, FIDO-based authentication now available across all digital channels - Mobile Apps, Mobile Web, Desktop Web and Smart Watch
Splunk Mission Control Takes Off (Dark Reading) New Splunk Security Solutions Help the SOC Turn Data into Business Outcomes
Silverfort Joins the Microsoft Intelligent Security Association (BusinessWire) Silverfort, the provider of agentless authentication and Zero-Trust security solutions, announced today that it has joined the Microsoft Intelligent S
Coalfire Achieves Amazon Web Services Security Competency Status (PR Newswire) Coalfire, a provider of cybersecurity advisory and assessment services, announced today that it attained the...
Adobe intros new commerce tools for SMB, mid-market merchants (ZDNet) Key updates include the launch of an Amazon sales channel in Magento for Europe and a new multi-cloud infrastructure offering with Microsoft.
GlobalPlatform Launches Comprehensive Approach to IoT Cybersecurity Implementation - GlobalPlatform (GlobalPlatform) Building on GlobalPlatform’s previous work to secure the IoT, IoTopia proposes a common framework for standardizing the design, certification, deployment and management of IoT devices
Escalated Makes On-Demand Ad Fraud Solution Available to the Wider Market (PR Newswire) Escalated (www.escalated.io) offers real-time ad fraud protection from bots, invalid traffic, and other types of...
Technologies, Techniques, and Standards
Why organizations must arm their SOCs for the future (Help Net Security) SOC operations today are primarily reactive in nature, and the most work that organizations proactively do is patch their systems at some cadence.
How Does a Spy Operate? By Circumventing Your Facility Security (ClearanceJobs) ClearanceJobs is your best resource for news and information on security-cleared jobs and professionals. Learn more with our article, "How Does a Spy Operate? By Circumventing Your Facility Security ".
‘Don’t leave campus’: Parents are now using tracking apps to watch their kids at college (Washington Post) As Gen Z grows up and goes to college, some parents are using technology to keep a close watch
Understanding How Your Networked Enterprise Behaves Under a Cyber Attack (JSA - Jaymie Scotto & Associates) What are Cyber Attacks? A cyber attack is a deliberate attempt, using malicious software, to degrade or disable the target network’s operations or to steal or corrupt sensitive data. No organization is safe from cyber attacks on its infrastructure. Former Cisco CEO John Chambers once said, “There are two types of companies: those that have been …
What the Army learned about multidomain operations at Cyber Blitz (C4ISRNET) The Army's Cyber Blitz experiment sought to test capabilities and concepts of the new I2CEWS detachment.
US nuclear weapons command finally ditches 8-inch floppies (Naked Security) The disks are part of the command centres that run the country’s nuclear missile deterrent on behalf of SACCS.
Design and Innovation
Beware of using AI to automate bad assumptions (Computing) Our previous report explored...
A face-scanning algorithm increasingly decides whether you deserve the job (Washington Post) HireVue claims it uses artificial intelligence to decide who’s best for a job. Outside experts call it “profoundly disturbing.”
Facebook's Plan for 2020 Is Too Little, Too Late, Critics Say (Wired) The social media company says it will more closely monitor foreign outlets, and warn users when posts are considered false—unless they're from politicians.
It's Time to Outsource Your Passwords to an App (Wired) Your brain has better things to do than store secure passwords. Get a dedicated password manager to keep your login data synced and secure across all devices.
Amazon joins Facebook and Microsoft to fight deepfakes (The Next Web) Deepfakes have come across as serious problems this year and big companies are now paying attention. Amazon announced today it’s joining the DeepFake Detection challenge (DFDC) driven by major corporations such as Facebook and Microsoft to boost efforts to identify manipulated content. The company is going to contribute $1 million in AWS credits over the …
CISO/Thought Leader Napkin Sketch Challenge (LinkedIn) Sometimes the best ideas come from sketches done on cocktail napkins. I’ve been in the cyber security industry for several years and have been searching for a meaningful, comprehensive (and usable) depiction of the architecture desired by thought leaders in the CISO world.
Research and Development
IBM disputes Google claims of 'quantum supremacy' (Computing) IBM accuses Google of over-hyping its quantum computing claims
Academia
Southern University launches first Cyber security course at an HBCU (US Black Engineer) A new project at Southern University will 'create the first cybersecurity spine in an engineering program at a historically black college or university while training students in an area of critical need.'
World’s top student hackers dust off their white hats for NYU CSAW finals (StreetInsider.com) BROOKLYN, New York, Tuesday, October 22, 2019 - After besting 1,225 teams from 90 countries, an elite corps of high school, college, and graduate students will advance to the finals of...
Legislation, Policy, and Regulation
China Sharpens Hacking to Hound Its Minorities, Far and Wide (New York Times) New, more sophisticated attacks are targeting Uighurs’ phones — even iPhones and even abroad, security researchers say. They warn that foreigners could be next.
Trade tensions, jibes at U.S. overshadow Chinese cyber conference (Reuters) At one of the world's showpiece tech conferences in China, jibes at the Uni...
Nordic governments open to Huawei’s ‘no spy’ offer (ComputerWeekly.com) Chinese tech giant seeks to reassure Nordic governments over security concerns in 5G contracts.
Election security hearing breaks along stark partisan lines (Federal News Network) A congressional hearing on election security is breaking along stark political lines, with Republicans focusing on what they say is political bias within the FBI and ‘partisan ambitions to impeach the…
Senate Republicans block two election security bills (TheHill) Senate Republicans on Tuesday blocked legislation that would provide funding for states to shore up election security and create more transparency around online advertisements.
Democrats offer cybersecurity bill for 'internet of things' (TheHill) Democratic lawmakers in the House and Senate on Tuesday introduced legislation to increase the security of internet-connected devices.
Congress could require Facebook to build more open APIs under new bill (The Verge) Mark Zuckerberg wants his own apps to be interoperable, but not like this.
Why did Cyber Command back off its recent plans to call out North Korean hacking? (CyberScoop) U.S. Cyber Command was on the verge of publicly calling out North Korean hackers in late September, but ultimately backed off the plan by early October.
Cyber Defense Correlation Cell for Space stands up (DVIDS) The Cyber Defense Correlation Cell for Space stood up Oct. 18 at Schriever Air Force Base, Colorado, and will operate at the enterprise level by detecting and responding to cyber threats against Air Force Space Command mission systems.
Army Guard announces stationing of new cyber battalion (US Army) The director of the Army National Guard, Lt. Gen. Daniel R. Hokanson, announced today the stationing of the newly formed 127th Cyber Battalion in Indianapolis.
Litigation, Investigation, and Law Enforcement
Nigerian military targeted journalists’ phones, computers with “forensic search” for sources (Committee to Protect Journalists) Hamza Idris, an editor with the Nigerian Daily Trust, was at the newspaper’s central office on January 6 when the military arrived looking for him. Soldiers with AK47s walked between the newsroom desks repeating his name, he told CPJ. It was the second raid on the paper that day;...
In a First, FTC Bans Company From Selling ‘Stalkerware’ (Vice) The FTC’s move comes after Motherboard revealed a hacker had repeatedly breached Retina-X and gained access to sensitive user data.
Forty-six attorneys general have joined a New York-led antitrust investigation of Facebook (Washington Post) Forty-six attorneys general have joined a New York-led antitrust investigation of Facebook, the states announced Tuesday, commencing a high-stakes, sweeping bipartisan probe of the tech giant.
Analysis | The Cybersecurity 202: Some House Republicans also think the DNC server is in Ukraine (Washington Post) Trump defenders focused on the conspiracy theory in an elections security hearing
Targeted online messaging dissuading young gamers from getting involved in cybercrime (Help Net Security) Highly-targeted messaging campaigns from law enforcement can be surprisingly effective at dissuading young gamers from getting involved in cybercrime.