Cyber Attacks, Threats, and Vulnerabilities
Russian Trolls Are Hammering Away at NATO’s Presence in Lithuania (Nextgov.com) A broad disinformation campaign of fake news and other tricks aims to turn the Baltic nation’s public against the alliance.
China resurrects Great Cannon for DDoS attacks on Hong Kong forum (ZDNet) Two years after the last attacks, the Great Cannon is up and running again.
China Fires ‘Great Cannon’ Cyber-Weapon At The Hong Kong Pro-Democracy Movement (Forbes) Fired from behind the Great Firewall of China, a cyber-weapon known as the “Great Cannon” has taken aim at the Hong Kong pro-democracy movement.
The Great Cannon DDoS Tool Used Against Hong Kong Protestors’ Forum (BleepingComputer) The Great Cannon Distributed Denial of Service (DDoS) tool was deployed again to launch attacks against the LIHKG social media platform used by Hong Kong protesters to coordinate during this year's anti-extradition protests.
Buer, a new loader emerges in the underground marketplace (Proofpoint) New actively marketed downloader avoids CIS countries, evades detection
Buran Ransomware; the Evolution of VegaLocker (McAfee Blogs) McAfee’s Advanced Threat Research Team observed how a new ransomware family named ‘Buran’ appeared in May 2019. Buran works as a RaaS model like other
IBM sounds alarm about more data-wiping malware from Iran (CyberScoop) IBM’s security experts said Wednesday they have uncovered previously unknown malware developed by Iranian hackers that was used in a data-wiping attack against unnamed energy and industrial organizations the Middle East.
Shades of Shamoon: New Disk-Wiping Malware Targets Middle East Orgs (Dark Reading) 'ZeroCleare' shares some of the same features as its more notorious predecessor, IBM Security says.
Oil be damned: Iran-based crooks flinging malware at Middle Eastern energy plants again – research (Register) ZeroCleare wipes up where Shamoon left off
Payment card-skimming malware targeting 4 sites found on Heroku cloud platform (Ars Technica) Why host skimmers yourself when you can abuse a service to do it for free?
Increase in attacks using Outlook flaw (SC Magazine) Organisations warned of full intrusion with just flaw and one phish - due to flaw they should have fixed and is actively used by multiple threat actors.
Ransomware attack hits major US data center provider (ZDNet) CyrusOne data centers infected by REvil (Sodinokibi) ransomware.
Bitcoin-hungry hackers ‘target major US data center firm’ with ransomware (Hard Fork | The Next Web) A prominent data center provider in the US has reportedly been hit by the Sodinokibi ransomware, which several months ago earned a hacker $287,000 worth of Bitcoin in just three days.
''Ransomware attacks to morph into 2-stage extortion campaigns'' (Outlook India) Ransomware attacks are set to morph into two-stage extortion campaigns and criminals will exploit their extortion victims even more in 2020, cyber security company McAfee said on Thursday.
Scammers dupe Chinese venture capitalists out of $1 million with the 'ultimate' BEC heist - CyberScoop (CyberScoop) Scammers fleeced a Chinese venture capital firm out of a $1 million payment meant for a startup by using malicious emails to steal the cash, according to new findings from Check Point Technologies.
Thousands of U.S. cell phone bills exposed by Sprint contractor (TechCrunch) Customer phone bills from AT&T, Verizon, and T-Mobile were found on an exposed storage server.
New Genetec research shows almost 4 in 10 security cameras can be at risk of cyber-attack due to outdated firmware (West) Genetec primary data also shows that almost 1 in 4 organizations rely on default passwords for their security cameras
HackerOne breach lets outside hacker read customers’ private bug reports (Ars Technica) Company security analyst sent session cookie allowing account take-over.
'Ultimate' MiTM Attack Steals $1M from Israeli Startup (Threatpost) Researchers uncovers “ultimate man-in-the-middle attack” that used an elaborate spoofing campaign to fool a Chinese VC firm and rip off an emerging business.
Microsoft Issues Advisory for Windows Hello for Business (Dark Reading) An issue exists in Windows Hello for Business when public keys persist after a device is removed from Active Directory, if the AD exists, Microsoft reports.
Quick Analysis of CVE-2011-0609 Adobe Flash Player (AlertLogic) The attack makes use of a SWF file embedded inside an Excel file, which is delivered as an email attachment. The vulnerability can allow an attacker to inject and execute malicious code on a target system.
Hackers Find Ways Around a Years-Old Microsoft Outlook Fix (Wired) Microsoft patched a vulnerability in Microsoft Outlook in 2017. It hasn't slowed hackers down.
Valimail research demonstrates that email remains a weak link in U.S. election infrastructure (Valimail) As we head into the 2020 election season in the United States, a key component of the U.S. election infrastructure remains vulnerable to attack.
Online Trust Audit for 2020 Presidential Campaigns Update (Internet Society) On 7 October 2019, the Internet Society’s Online Trust Alliance (OTA) released the Online Trust Audit for 2020 U.S. Presidential Campaigns. Overall, 30% of the campaigns made the Honor Roll, and 70% had a failure, mainly related to scores for their privacy statements. As part of this process, OTA reached out to the campaigns, offering …
It’s Time for Presidential Campaigns to Embrace Mobile Security (Nextgov.com) It's not just campaigns, voters could be targeted too.
Special Report: 2020 U.S. census plagued by hacking threats, cost overruns (Reuters) In 2016, the U.S. Census Bureau faced a pivotal choice in its plan to digitize t...
Tyrone SFC final live stream was subject to 'cyber attack' (The Irish News) Tyrone's ill-fated live streaming of the county's Senior Football Championship final was sabotaged by cyber attackers, it has emerged.
Schools Data Breach: Nearly 6,000 Students' Personal Info Stolen (Wheaton, MD Patch) A data breach has compromised the personal information of nearly 6,000 Montgomery County students, according to school officials.
For Whom the Whistleblower Blows (City Journal) Edward Snowden’s new book is a self-indulgent omission of facts.
Security Patches, Mitigations, and Software Updates
HackerOne awards $20,000 bug bounty for private data access vulnerability on its own platform (ZDNet) An analyst and a cut-and-paste job resulted in a critical security problem.
OpenBSD patches authentication bypass, privilege escalation vulnerabilities (ZDNet) The open source project took less than 40 hours to develop fixes for the bugs.
Cyber Trends
The biggest cyber attack of 2020 has ‘already happened’ (TechHQ) The biggest cyber attack of 2020 has “already happened”, according to the CEO of the Chartered Institute of Information Security (CIISec). Words from
State of the Internet (Akamai) As 2019 comes to a close, we want to thank you, our readers, for continuing to support Akamai’s State of the Internet /Security (SOTI) report.
2019 Thales Data Threat Report Financial Services Edition (Thales) Data security, starting with encryption and access management, is an important part of the mix. As data migrates away from the enterprise premises and to the cloud, network security is no longer sufficient to protect data.
Predictions About IoT and Digital Transformation in 2020 (DigiCert) This time of year, three things are almost certain. You will be tempted by all flavors of festive treats. You will wish holiday greetings to friends, family, teammates, customers and partners so often you may go hoarse (worth it!). And you will contemplate what’s going to happen in 2020. You’ve likely even made some predictions …
Mobile Scams, Sophisticated Malspam, IoT Malware and Botnets are on 2020 Prediction List from Avast Threat Experts (PR Newswire) Avast (LSE: AVST), a global leader in online security products, today announced its cybersecurity predictions for 2020 in its annual Threat...
Kaspersky sees firms’ cybersecurity budgets increasing in 2020NEX 3: The next status symbol of power and luxurious technology (Business World) A study commissioned by Internet security firm Kaspersky said security budgets among businesses, as reported by 72% of survey respondents, including the ones in Asia and the Pacific region, will further increase in 2020.
The Copenhagen Post - Danish News in English (The Post) Elsewhere, SAS struggles, baggage strike hits CPH Airport and Shanghai to get a Legoland . Business Round-Up: Majority of Danish companies have endured a cyber attack
Marketplace
Coast Guard Intel Looking for Help on Cloud (MeriTalk) The U.S. Coast Guard (USCG) is looking to leverage the cloud for its intelligence unit as the demands of cyber combat and maritime activities are pushing the unit to embrace technology, according to a request for information released November 22. Responses are due by December 20.
Swimlane Launches Level-Up Initiative with Inaugural RSA Conference Raffle to Embolden Industry Analysts (BusinessWire) Swimlane Launches Level-Up Initiative with Inaugural RSA Conference Raffle to Embolden Industry Analysts
Cyberhaven Closes $13 Million Series A Round, Unveils Data Behavior Analytics Solution (PR Newswire) Cyberhaven today announced the close of a $13 million Series A funding round and the launch of the industry's first Data Behavior Analytics...
CyberProof Announces Acquisition of Necsia Cybersecurity Division (AiThority) CyberProof Inc., a UST Global company, announced the acquisition of Necsia Cybersecurity, a leading security provider in Spain and security
F-Secure has completed restructuring (West) F-Secure has completed restructuring of operations as planned. The restructuring was estimated to result in annual cost savings of more than EUR 5 million to be achieved by the end of 2020 as originally announced on 7 October 2019. Restructuring included personnel reduction negotiations that resulted in reduction of approximately 60 full-time equivalents globally out of which approximately 25 from Finland.
HP accused of 'rearranging the deck chairs on the titanic' as pressure to negotiate with Xerox intensifies (Channelweb) Carl Icahn pressures HP shareholders to push for a deal
Google co-founders' exit could mean end of its 'open culture' (CNET) Larry Page and Sergey Brin were the most direct link to the company's freewheeling past.
Sundar Pichai faces a dizzying list of challenges as Alphabet's new boss (The Telegraph) It’s been quite a ride.
Upstream announces Dimitris Maniatis as new CEO (RealWire)
Former CEO Guy Krief will join the Board of Directors
London, December 4th, 2019 - Leading mobile technology company, Upstream, announces former Head of Secure-D, Dimitris Maniatis, as its new CEO
Onapsis Appoints Anshuman Kanwar as General Manager of Products and Technology (BusinessWire) Onapsis today announced the appointment of Anshuman Kanwar as general manager of products and technology.
Kenna Security Names Terry Murphy as Chief Financial Officer (West) Cybersecurity veteran tapped to scale finance, legal, and business operations amid aggressive growth
Products, Services, and Solutions
XM Cyber Announces the World's First Breach and Attack Simulation (BAS) for Hybrid Cloud Environments (PR Newswire) XM Cyber, the multi-award-winning breach and attack simulation (BAS) leader, today announced that its HaXM platform is now the first BAS...
Introducing Password Cracking Manager: CrackQ (Trustwave) Today we are releasing CrackQ, a queuing system to manage password cracking that I've been working on for about a year. It is primarily for offensive security teams during red teaming and pentesting engagements. It's an intuitive interface for Hashcat served by a REST API and a JavaScript front-end web application for ease of use.
Protect private data this holiday season with Privacy Alert | Instart (Instart) Ever wonder who sees the information you enter on a website? Privacy Alert by Instart tells you exactly what information could be stolen by hackers.
MediaPRO Security Training Certified by Texas Department of Information Resources (BusinessWire) MediaPRO, a leading provider of security and privacy awareness training, announced today that it has been named a certified provider of cybersecurity
LastPass Goes Passwordless (LogMeIn) LastPass Identity solution now provides passwordless login experience for business customers
ShiftLeft and CircleCI Strengthen DevOps Security by Inserting Code Analysis as Far Left as Developer Pull Requests (DevOps.com) New Partnership and Product Integration Delivers the Industry’s Fastest and Most Accurate Vulnerability Scanning at One of the Earliest Stages in the
Netskope Security Cloud Now Available in AWS Marketplace (Netskope) Listing enhances delivery of Netskope’s data-centric, cloud-smart, and fast platform to AWS customers LAS VEGAS – AWS re:Invent 2019 – December 3, 2019 – Netskope, a leader in cloud security, today announced the availability of Netskope Security Cloud in AWS Marketplace. Amazon Web Services (AWS) customers now have greater access to a proven cloud security …
Visure Solutions Unveils New, Easy-to-Use Web Interface for Requirements Management ALM Solution (PR Newswire) As companies become increasingly aware of the importance of managing risk and improving their development process, Requirements Management (RM)...
Nozomi Networks Works with IBM to Secure Industrial Infrastructure (ARC Web) Nozomi Networks Inc. announced they are collaborating with IBM Security to answer growing demand for effective, integrated IT and OT cybersecurity services and solutions to Secure Industrial Infrastructure.
Austria Hilfswerk Niederösterreich chooses Fortinet for cost-effective WAN connectivity security solutions (Fortinet) Fortinet’s Security-Driven Networking Approach Provides Hilfswerk Niederösterreich With Cost-Effective, Secure and Reliable WAN Connectivity at Over 68 Locations
Cellebrite Introduces Breakthrough Platform That Revolutionizes Digital Intelligence Approach, Maximizes Data Collection, Extraction and Management (PR Newswire) Cellebrite, the global leader in digital intelligence solutions serving the law enforcement, government and enterprise communities, today...
Centrify Announces “Secure the Vote 2020” (BusinessWire) Centrify, a leading provider of cloud-ready Zero Trust Privilege to secure modern enterprises, today announced a new nationwide initiative to secure p
LogicMonitor Announces Innovative Enhancements to AIOps Solution (Yahoo) LogicMonitor today announced general availability of its AIOps early warning system, which marks the latest enhancement to its AIOps solution, LM Intelligence™. The new system is designed to provide actionable warning indicators for imminent issues. Combined with the single pane of glass view enabled
Amazon Detective, McAfee Hunt Down the Baddies (SDXCentral) Amazon Web Services (AWS) rolled out three new security tools at re:Invent this week.
Autotalks announces first FIPS-Compliant C-V2X/DSRC chipset for secure deployment in the US (Green Car Congress) Israel-based Autotalks announced that its second-generation chipsets are FIPS-certified for secure C-V2X or DSRC deployment in the US. The announcement comes after Autotalks’ V2X chipsets achieved Federal Information Processing Standard 140-2 (FIPS 140-2) security level 3 certification from the US National Institute of Standards and Technology (NIST). Autotalks’ CRATON2 and...
Technologies, Techniques, and Standards
Advancing Industrywide Compute Lifecycle Assurance (Intel Newsroom) The globalization of technology design, development, manufacturing and distribution has created an environment of complicated supply
Ransomware Survival Guide: What Every Organization Needs to Know Before, During, and After an Attack (Communal News) Ransomware is an old threat that has come roaring back with a new ferocity. This type of malware—which gets its name from the payment it demands after locking away victims’ files— has quickly become one of the top types of cyber attacks. More than half of companies surveyed in a recent Ponemon Institute poll said ...
YouTube CEO Wojcicki: We've Cut Amount Of Time Americans Watch "Controversial Content" By 70% (RealClearPolitics) CBS NEWS '60 MINUTES': YouTube's mission is to give everyone a voice, but the site's open platform has opened the door to hate. YouTube CEO Susan Wojcicki tells Lesley Stahl what the company's doing about it
Finding Long Connections With Zeek (Active Countermeasures) Hey folks. I’m Chris Brenton, and today I’m going to show you how to find the longest connections taking place on your network using Bro/Zeek’s conn.log.
Remove CStealer Trojan and Protect Your Passwords (SensorsTechForum.com) CStealer is a new password-stealing Trojan currently targeting Windows systems. The Trojan is designed to harvest passwords from the Google Chrome browser.
Passwords: Our First Line of Defense (Black Hills Information Security) Darin Roberts // “Why do you recommend a 15-character password policy when (name your favorite policy here) recommends only 8-character minimum passwords?” I have had this question posed to me a couple of times in the very recent past. There were 2 separate policies that were shown to me when asking these questions. First was …
Webcast: Group Policies That Kill Kill Chains (Black Hills Information Security) On this webcast, we’ll guide you through an iterative process of building and deploying effective and practical Group Policy Objects (GPOs) that increase security posture. Download slides: https://www.activecountermeasures.com/presentations/ 0:45 Introducing what a kill chain is and general background you need for this webcast 15:53 Getting into group policies, best practices, group policies that we’re not covering …
Schools Spy on Kids to Prevent Shootings, But There's No Evidence It Works (Vice) Spyware like GoGuardian, Bark, and Gaggle are monitoring students’ internet habits, both on and off school grounds.
Design and Innovation
Can a $10M Pentagon project enhance AI cyber operations? (Fifth Domain) The Joint Artificial Intelligence Center is looking to a partnership between a civilian agency and the private sector.
The Air Force wants help with these technologies (C4ISRNET) A notice is asking for industry white papers on new and innovative cyber and signals intelligence research.
Instagram to collect ages in leap for youth safety, alcohol ads (Reuters) Facebook Inc's Instagram said it will require birthdates from all new users...
Legislation, Policy, and Regulation
The West failed to prepare for cyber attacks, Nato chief admits (The Telegraph) The West was slow to respond to the threat of cyber attacks, the chief of NATO’s Cooperative Cyber Defence Centre (CCDCOE) has admitted.
Perspective | We need to hold the Kremlin responsible for its 2018 cyberattack on the Olympics (Washington Post) Failure to respond will only invite future state-sponsored cyberattacks on civilian targets.
Op-ed: Stop the rise of autonomous weapons (Navy Times) Our ever-growing appetite for intelligent, autonomous machines poses a host of ethical challenges.
Kim Jong Un again rides horse up sacred peak as North Korea raps Trump (Military Times) North Korean leader Kim Jong Un rode a white horse up a sacred mountain in his second symbolic visit in less than two months, state media reported Wednesday, as his military chief lashed out at U.S. President Donald Trump for talking about a possible military option against the North.
Boris Johnson may block Huawei's role in building 5G networks (Computing) President Trump had pressed Mr Johnson on the issue on Tuesday, during a meeting in Downing Street.
On Huawei, PM Johnson says Britain cannot prejudice security or cooperation (The Mighty 790 KFGO) Britain's decision on whether to allow Huawei a role in building 5G telecoms networks will be based on ensuring the national security and ensuring cooperation with the U.S.-led Five Eyes intelligence alliance, Prime Minister Boris Johnson said on Wednesday.
Trump says Huawei is a security risk as NATO seeks secure 5G (The Mighty 790 KFGO) U.S. President Donald Trump said on Wednesday that Chinese telecommunication firm Huawei was a security risk after NATO said it needed secure next-generation 5G technology.
U.S. Government to Tap Federal Funds to Thwart Huawei, ZTE (Yahoo) The move is the latest in a string of concerted efforts by the U.S. government to dissuade other sovereign countries from using Huawei and ZTE gear to preempt alleged spying and siphoning of data.
Senators urge FERC to protect critical infrastructure from Huawei threats (TheHill) Six senators on Wednesday sent a letter to the Federal Energy Regulatory Commission (FERC) urging the body to combat threats posed by using technology from Chinese telecommunications giant Huawei.
U.S. Senate committee to consider bill to impose stiff new sanctions on Russia (Reuters) The U.S. Senate Foreign Relations Committee will vote as soon as next week on le...
Senators sound alarm on dangers of ransomware attacks after briefing (TheHill) Senators from both sides of the aisle sounded the alarm Wednesday on the dangers posed to small businesses and government entities by ransomware cyberattacks following a classified briefing from a key Department of Homeland Security (DHS
Here’s what senators learned about the ransomware threat (Fifth Domain) The director of the Department of Homeland Security’s cybersecurity agency held a classified briefing with senators, who shared some thoughts.
Ransomware devastated cities this year. Officials hope to prevent a repeat in 2020 (CNET) More than 70 state and local governments across the US suffered from ransomware attacks in 2019.
Senators inch forward on federal privacy bill (TheHill) Senators argued for their dueling proposals for a federal privacy law during a highly anticipated hearing on Wednesday, marking the first time key Republicans and Democrats have taken their disputes public after months of closed-doors negotiations.
Text - S.2961 - 116th Congress (2019-2020): A bill to establish duties for online service providers with respect to end user data that such providers collect and use. (US Congress) Text for S.2961 - 116th Congress (2019-2020): A bill to establish duties for online service providers with respect to end user data that such providers collect and use.
WSJ News Exclusive | Nancy Pelosi Pushes to Remove Legal Protections for Online Content in Trade Pact (Wall Street Journal) House Speaker Nancy Pelosi is pushing to strip out sweeping legal protections for online content in the new trade pact with Mexico and Canada, in what would be a blow for big technology companies.
House passes bipartisan anti-robocall bill (Fox Business) Top Republican is "sure" President Trump will sign it.
Facebook's Mark Zuckerberg says the social network should not be 'censoring politicians' (USA TODAY) Facebook CEO Mark Zuckerberg and wife Priscilla Chan told CBS This Morning's Gayle King that Facebook should not ban political ads.
Litigation, Investigation, and Law Enforcement
Australia to probe foreign interference through social media platforms (Reuters) Australia on Thursday established an investigation into potential foreign politi...
Huawei files appeal in U.S. court against FCC's rural carrier purchase ban (CNBC) The FCC last month voted unanimously to designate Huawei Technologies Co Ltd and peer ZTE Corp as national security risks, barring their U.S. rural carrier customers from tapping an $8.5 billion government fund to purchase Huawei or ZTE telecommunications equipment. Huawei filed a petition with the Fifth Circuit Court in New Orleans challenging the FCC...
Analysis | The Cybersecurity 202: Huawei doubles down on legal fight with U.S. (Washington Post) The Chinese telecom is challenging an FCC directive barring it from rural systems.