Atlanta: the latest from SecurityWeek's 2019 ICS Cyber Security Conference
Process integrity as central to ICS security (The CyberWire) "The past and future of integrity-based attacks in ICS environments." Industrial control systems aren't smart buildings, still less the whole Internet of Things. When we talk about ICS, we should be clear that we're talking about control of industrial processes.
Old Windows and bad passwords: Utility cyber vulnerabilities grow despite comparative strengths (Utility Dive) Utilities have increased cybersecurity but they remain "soft targets for adversaries" due to outdated operating systems and unencrypted passwords, security firm CyberX said.
Radiflow and Asset Guardian Introduce Joint Solution to Enrich Industrial Asset Monitoring and Risk Assessment (Yahoo) Radiflow, a leading provider of cybersecurity solutions for industrial automation networks, and Asset Guardian, a dedicated provider of leading edge protection for process control and industrial software, today jointly announced
Cyber Attacks, Threats, and Vulnerabilities
What will be the effect of the latest US cyberattack on Iran? (Fifth Domain) Recent research on the nature of international cyber conflict questions whether responding to kinetic attacks with cyber operations will create the outcome White House officials and military leaders want.
Discord Turned Into an Info-Stealing Backdoor by New Malware (BleepingComputer) A new malware is targeting Discord users by modifying the Windows Discord client so that it is transformed into a backdoor and an information-stealing Trojan.
15 Years Later, Metasploit Still Manages to be a Menace (Threatpost) A fresh look at the penetration testing tool Metasploit reveals the 15-year old hacking tool still has some tricks up its sleeves even against modern defenses.
Unveiling the Stealthworker Campaign (Fortinet) Earlier this year, FortiGuard Labs shared their findings about a malware that was linked to a compromised e-commerce website serving a malicious JavaScript skimmer. The malware forms a botnet called Stealthworker or GoBrut. It can infect both Windows and Linux machines and perform brute force attacks on targets sent by the botmaster.
Cybereason’s Nocturnus Researchers Go Hunting for Raccoons; The New Ma (PRWeb) Cybereason, creators of the leading Cyber Defense Platform, today released an investigative research report from its Nocturnus Research Group titled “Hunting Raccoon...
Malwarebytes Connects Magecart Group to Carbanak (Decipher) Researchers have linked the Magecart group known for its supply-chain attacks to Cabanak, an advanced threat group.
Hackers hover near online shopping carts, too. It's called e-skimming (Detroit Free Press) Holiday shoppers warned to watch out for e-skimming threats. Any business accepting online payments on their website is at risk, FBI says.
Cyberattack Causes Serious Disruptions at German Automation Firm Pilz (SecurityWeek) German automation firm Pilz took many systems offline after it was hit by what it described as a targeted cyberattack, with reports claiming it was a ransomware attack.
Maxthon Browser Vulnerability Can Help Attackers in Post-Exploitation Phase (SecurityWeek) Researchers have discovered a vulnerability in the Maxthon 5 browser that can be highly useful to hackers in the post-exploitation phase of an attack.
AWS Customers Hit by Eight-Hour DDoS (Infosecurity Magazine) US East Coast region particularly badly affected
AWS hit by DDoS attack dragging half of web down (CRN Australia) Confirms reports of intermittent DNS resolution errors.
Major German manufacturer still down a week after getting hit by ransomware (ZDNet) Pilz, a German company making automation tool, was infected with the BitPaymer ransomware on October 13.
Mobile Malware and APT Espionage: Prolific, Pervasive, and Cross-Platform (Threat Vector) This report examines the pervasive mobile malware dimension in APT campaigns and surveys the prevalent use of mobile malware in cross-platform surveillance and espionage campaigns by Chinese, Iranian, Vietnamese and other APT Groups.
MedusaLocker Ransomware Wants Its Share of Your Money (BleepingComputer) A new ransomware called MedusaLocker is being actively distributed and victims have been seen from all over the world. It is not known at this time, how the attacker is distributing the ransomware.
New Variant of Remcos RAT Observed In the Wild (Fortinet) Recently, our LoneWolf Spampot Monitoring System captured several new spam samples. After a quick analysis, we identified it is a Remcos RAT campaign.
Your Cache Has Fallen: Cache-Poisoned Denial-of-Service Attack (CCS '19) Web caching enables the reuse of HTTP responses with the aim to reduce the number of requests that reach the origin server, the volume of network traffic resulting from resource requests, and the user-perceived latency of resource access.
Exclusive: White House cyber memo warns of new network risks (Axios) The "White House is posturing itself to be electronically compromised once again."
Data Breach at KRH May Have Affected 129,000 Patients' Personal Information (Flathead Beacon) Beginning today, Kalispell Regional Healthcare is mailing out letters to nearly 130,000 patients whose personal information may have been involved in a data breach over the summer. Patients’ personal information... more
Dodgy mobile apps found to be on the increase: RiskIQ (ITWIre) The number of blacklisted mobile apps in the 120-odd mobile stores, examined by security firm RiskIQ on a regular basis, grew from 44,850 to 53,955, a rise of 20%, the company said in its mobile threat report for the second quarter of the year.
Huawei: Easier to bribe telco staff than build backdoors (ZDNet) It requires so much effort to build backdoors into networking equipment that work across different global communications networks and system configurations that it likely is easier and more effective to bribe a telco executive, says Huawei's chief cybersecurity officer.
Report: Billtrust Recovering From Ransomware Attack (BankInfo Security) Billtrust, a cloud-based, business-to-business payment provider, reportedly is continuing to recover from a ransomware attack that crippled its computer systems.
Hackers target schools with ransomware (KGTV) Schools and school districts have become a new target for hackers, who target computer systems with ransomware.
Analysis | When Will Boeing 737 Max Fly Again and More Questions (Washington Post) Two crashes within five months -- Lion Air Flight 610 in October 2018 off the coast of Indonesia and Ethiopian Airlines Flight 302 in March outside Addis Ababa -- killed 346 people and led to a global grounding of Boeing Co.’s 737 Max jets, the fourth generation of a venerable brand first flown in 1967. Uncertainty over when it will fly again is rippling through the airline industry and Boeing’s finances. The U.S. manufacturer’s bill is $9.2 billion and rising, as it faces questions about the pl
Cyber Trends
2019 Consumer Survey: Trust and Accountability in the Era of Data Misuse (Ping Identity) Data privacy and security are becoming central to the modern online experience.
The Underrated Risks of Data Exposure (Terbium Labs®) We surveyed over 300 information technology (IT) professionals in the United States and Canada to better understand how businesses currently monitor and detect incidents of exposed data on the Internet, their current and future risks and the potential negative outcomes.
A data breach could be game over for a brand (Help Net Security) There is a lack of confidence consumers around the world have in a brand’s ability to safeguard personal information, according to Ping Identity.
Risk Management And Black Swan Events (Forbes) Black Swans bring challenges to risk management, especially in our rapidly transforming technological landscape. However, those transformative changes in emerging technology add to the ability to analytically forecast and try to mitigate Black Swan events.
Smart cities must be cyber‑smart cities (WeLiveSecurity) As cities turn to IoT to address long-standing urban problems, what are the risks of leaving cybersecurity behind at the planning phase?
Marketplace
Spotlight: China's ZTE helps Austrian partner build "dream network"
(Xinhua) Chinese telecommunications equipment maker ZTE has been helping its Austrian partner build a "dream network," the CEO of a leading Austrian telecommunications provider said Wednesday.
Attila Security raising $4 million, planning move to Columbia (Baltimore Business Journal) Attila is led by CEO Gregg Smith, who formerly headed two other Maryland-based cyber firms, Optio Labs Inc. and Silent Circle.
CyberSeek™ Workforce Analytics Partnership Renewed Through 2022 (PR Newswire) CompTIA, The National Initiative for Cybersecurity Education (NICE) led by the National Institute of Standards and...
Booz Allen wins two AI-related contracts with Army and DoD (Consulting) Management and tech consultancy Booz Allen Hamilton was recently awarded two technology-powered defense projects.
‘It’s A Sad Day For Human Rights’ —Washington Post Slammed For Its Latest Columnist Hire (Forbes) Washington Post hires a columnist who was employed by a surveillance company that allegedly spied on associates of another prominent WaPo writer: murdered journalist Jamal Khashoggi.
Products, Services, and Solutions
Delta Risk’s New ActiveEye 2.0 Reduces 95 Percent of False Positives to Find and Resolve Cyber Threats Faster (BusinessWire) Delta Risk, a SOC-as-a-Service provider, announced the release today of version 2.0 of its cloud-native managed security platform, ActiveEye.
Endace | Network Critical Joins Endace Fusion Partner Program (RealWire) Network Visibility Specialists Endace and Network Critical, Partner to Provide Deeper Insight into Network Traffic
Bitdefender launches one-stop marketing shop for partners (CRN Australia) Focus on lead generation and prospect tracking.
Forcepoint Web Security offering reaches for the edge (SearchSecurity) Incorporating elastic cloud gateway technology, Forcepoint Web Security provides protection for the growing number of network perimeters associated with the growing corporate multi-cloud implementations. The offering grants access to content from any edge location.
3 Cool New Network Security Features in the Bricata Platform you Might have Missed - Security Boulevard (Security Boulevard) Bricata recently released a new version of its network security product with several cool new features including metadata filters, customizable dashboards and smart alert grouping.
Racing Post bolsters endpoint security with SentinelOne (Intelligent CIO Europe) Racing Post, a specialist print and online digital publisher, has protected against a growing number of cyberthreats after deploying a next-generation endpoint
Waratek Secure Debunks Industry Misconceptions of RASP Solutions (BusinessWire) Waratek launches 30-day trial and evaluation enabling businesses to test drive RASP
Felix Payment System Security Assured with Intertrust whiteCryption® (BusinessWire) Intertrust has announced a partnership to safeguard Gentek Global's Felix payment system with its whiteCryption® application shielding technology
Technologies, Techniques, and Standards
NATO set to update security requirements to counter 5G network risks (Business Standard) The topic being addressed by NATO defence ministers comes after the United States imposed restrictions on Chinese tech giant Huawei
Russia approves annual tests for national internet system (Telecompaper) Russian prime minister Dmitry Medvedev has signed a regulation on carrying out tests to support an autonomous domestic internet, reports Cnews.ru. The regulation will enter into force from 1 November.
Information Security Forum Teams with NIST to Create Online Informative References (PRLog) Information Security Forum Teams with NIST to Create Online Informative References. The Information Security Forum (ISF) has been working with the United States National Institute of Standards and Technology (NIST) as part of a pilot project to create Online Informative References (OLIRs) between information security standards and the...
How to remove human error from the cyber risk equation (Help Net Security) In attempting to fortify the enterprise’s cyber assets, we have turned much of our attention to human error. After all, the vast majority of hackers rely
Chance that flaws will ever be dealt with diminishes the longer they stick around (Help Net Security) More than half of all security findings (56%) are fixed, but a focus on fixing new findings while neglecting aging flaws leads to increasing security debt.
Design and Innovation
Pentagon Eyes Commercial 5G Experiments on Military Bases (Bloomberg Government) The Pentagon will invite companies to experiment with 5G cellular networks on military bases as the U.S. ramps up competition with China.
Cyber everywhere: Preparing for automotive safety in the face of cyber threats (Automotive News) The success of the interconnected automotive ecosystem may hinge on cybersecurity. GM's Jeff Massimilla speaks about what the company is going to protect its operations, vehicles, and consumers from cyber threats, and how the industry is moving forward in its pursuit of cyber safety.
Research and Development
Google Claims a Quantum Breakthrough That Could Change Computing (New York Times) Scientists at a company lab said they had taken a big step toward creating a machine that would make today’s supercomputers look like toys.
If Google has achieved 'quantum supremacy' it could be a gamechanger for tech (The Telegraph) It could be the working title for the next Bond movie – or possibly the scoreline in a game played at Hogwarts.
Inside Google's quantum lab as it claims a historic computing breakthrough (The Telegraph) At first sight, the future of computing looks more like an movie villain's superweapon than the history-making machine Google claims.
Google and IBM at war over claims that quantum supremacy has been achieved (The Telegraph) In the perplexing world of quantum physics it is quite normal for matter to inhabit two places at once.
On “Quantum Supremacy” (IBM Research Blog) Recent advances in quantum computing have resulted in two 53-qubit processors
Academia
TU Announces Enhanced Cyber Program (Tulsa Public Radio) The University of Tulsa together with venture group Team8, today announced a first-of-its-kind advanced degree program to create experts in cyber R&D,
Legislation, Policy, and Regulation
Should Europe Regulate American Tech Companies? (Wired) Four technology policy experts debate whether the EU has declared war on Silicon Valley.
In Hong Kong, Which Side Is Technology On? (Wired) Both. Yes, authoritarians have co-opted tech. But the story is far from over.
How America's Cyber Strategy Could Create an International Crisis (The National Interest) The United States needs to conduct cyber operations and collect intelligence so that it can effectively anticipate and defend itself against a cyberattack.
DHS is mulling an order that would force agencies to set up vulnerability disclosure programs (CyberScoop) DHS officials may soon issue an order that would require federal civilian agencies to establish vulnerability disclosure programs.
IAB Issues Draft CCPA Framework (Cooley) The Interactive Advertising Bureau (IAB) has released for public comment the IAB California Consumer Privacy Act Compliance (CCPA) Framework for Publishers and Technology Companies. According …
House Committee Advances Bill to Expand DHS Cyber Monitoring Program (Nextgov.com) As state and local governments face rising cyber threats, the legislation would give them free access to the tools provided under the Continuous Diagnostics and Mitigation program.
FBI Updates Initiative to Protect U.S. Elections from Cyberattacks (BleepingComputer) FBI has updated and expanded the resources and tools designed to help political campaigns, private businesses, and individuals to better understand and mitigate risks posed by foreign entities' cyber intrusions and disinformation efforts during the 2020 U.S. election season.
Securing America’s Elections: Oversight of Government Agencies (Federal Bureau of Investigation) Statement by Deputy Assistant Director Nikki Floris, Counterintelligence Division, before the House Judiciary Committee
NSC Makes Cyber Security For Space Industry ‘Top Priority’ (Breaking Defense) The National Security Council, Air Force Space Command, the Missile Defense Agency, and NASA among others will share analysis about, warnings of, and potential responses to cybersecurity threats to satellites and ground stations with industry under a new public-private partnership.
White House kicks infosec team to curb in IT office shakeup (Ars Technica) Senior staffer quits over "highly concerning" lack of security practices.
Gov. Edwards announces new La. Tech initiatives in Bossier, Ruston (Shreveport Times) Gov. John Bel Edwards and Louisiana Tech University President Les Guice on Wednesday announced two economic development initiatives.
Litigation, Investigation, and Law Enforcement
Sri Lanka spy chief blamed for failures before Easter attack (Federal News Network) A Sri Lankan parliamentary committee that investigated last April’s Easter suicide bombings has concluded that the country’s spy chief is primarily responsible for the intelligence failure that led to…
Former senior Australian intelligence official charged (Federal News Network) A former senior Australian intelligence official has appeared in a court charged with breaching secrecy laws over classified documents allegedly found at his home during an investigation into…
Europol and Palo Alto Networks agree to jointly fight cybercrime (New Europe) The European Union's law enforcement agency, Europol, and the American global cybersecurity company Palo Alto Networks have signed a Memorandum of Understanding to expand their collaboration in combating cybercrime.
Edward Snowden searched CIA networks for proof of aliens (WKMG) PSA for all the Area 51 stormers, chemtrail believers and climate change deniers: Edward Snowden has searched the depths of the US intelligence networks and can report the conspiracy theories are not true.