Cyber Attacks, Threats, and Vulnerabilities
Iran APT Group Targets Foreign Embassies (Infosecurity Magazine) Kaspersky Lab claims group looks more like sysadmins than expert hackers
Security firm identifies hacker behind Collection 1 leak, as Collection 2-5 become public (ZDNet) Billions of users records continue to leak. Some data leaked years before, some of it is new.
Threat Actor Behind Collection #1 Data Breach Identified (Recorded Future) In this report, Insikt Group uncovers new information pertaining to the Collection #1 data breach collection, including details about its original creator.
The Age of Big Leaks (New York Times) A terabyte of data — 100 million pages or 1,000 hours of video — can be shared on a thumb drive. But stolen secrets come with complications.
Where do nation-states fit into the ecosystem? (SC Media) While official governments generally are smart enough not to directly employ attackers to carry out their missives, none of the researchers discovered
OceanLotus group uses new Kerrdown downloader to deliver payloads (SC Media) Researchers have discovered a previously unknown custom downloader that reputed Vietnamese APT group OceanLotus has been using since at least early 2018.
Tracking OceanLotus’ new Downloader, KerrDown (Unit42) OceanLotus (AKA APT32) is a threat actor group known to be one of the most sophisticated threat actors originating out of south east Asia. Multiple attack campaigns have been reported by number of security organizations in the last couple of years, documenting the tools and tactics used by the threat actor. While OceanLotus’ targets are global, their operations are mostly active within the APAC region which encompasses
Russia's propaganda machine discovers 2020 Dem contender Tulsi Gabbard (NBC News) Experts who track websites and social media linked to Russia have seen stirrings of a possible campaign of support for Hawaii Democrat Tulsi Gabbard.
Fake news on Twitter during the 2016 U.S. presidential election (Science) There was a proliferation of fake news during the 2016 election cycle. Grinberg et al. analyzed Twitter data by matching Twitter accounts to specific voters to determine who was exposed to fake news, who spread fake news, and how fake news interacted with factual news (see the Perspective by Ruths). Fake news accounted for nearly 6% of all news consumption, but it was heavily concentrated—only 1% of users were exposed to 80% of fake news, and 0.1% of users were responsible for sharing 80% of fake news. Interestingly, fake news was most concentrated among conservative voters.
UAE buys its way toward supremacy in Gulf cyberwar, using US and Israeli experts (Ars Technica) UAE hired ex-NSA employees to build a spying operation possibly targeting US citizens, others.
Revealed: Secretive UAE cybersecurity firm with a history of spying on dissidents is operating in Finland (Helsinki Times) Investigations have revealed that Dark Matter, a company with links to the UAE government that is known to conduct spying and intimidation campaigns against dissidents and journalists, has been operating in Finland for years.
New Malware Siphons Cryptocurrency Wallets and Credentials, Credit Cards (BleepingComputer) CookieMiner is a new malware strain capable of stealing and exfiltrating web browser cookies related to online wallet services and cryptocurrency exchange websites, as well as passwords, text messages, and credit card credentials.
Deloitte: Nation states, organized crime and angry employees threaten utility cybersecurity (Utility Dive) The electric utility sector faces growing threat of cyber attacks as technology and a more distributed grid increase access points, according to a new report.
Siri Shortcuts can be abused for extortion demands, malware propagation (ZDNet) If weaponized, Siri Shortcuts could be an effective tool for extortionists, malware and scareware groups.
Multiple malware versions via malspam emails | My Online Security (My Online Security) The start to another week with several different malspam emails arriving overnight to start off Monday Morning with a bang. They are all typical subjects & email content and all deliver various well…
Basecamp Fights Off Mass Login Attempt With Quick Cyber Response (Computer Business Review) Chicago-based web application developers Basecamp successfully mitigated a mass-login attempted on their network by attackers using...
Houzz Urges Password Resets After Data Breach (Threatpost) The decorating website said that account usernames, passwords and more have been compromised as part of a breach.
The parking system cyber attack: 2 cities, 2 stories (CBC) They are two cities of similar size, both victimized in the same cyber attack. But Ames, Iowa, a 26-hour drive from Saint John, had a much different experience after the attacker slipped malicious malware into its parking fine server.
Cybercriminals Aim for the Super Bowl Goal Posts (Threatpost) Scams, infrastructure attacks, data harvesting and attacks on streamers are all in the offing.
New Scam Holds YouTube Channels for Ransom (BleepingComputer) Scammers are abusing the YouTube policy violation system by filing fake copyright infringements against content creators until their channel is close to being suspended. These scammers then hold the channel ransom by telling YouTubers to send a payment or they will file another copyright infringement to have the channel suspended.
Sextortion Scam Stating Xvideos Was Hacked to Record You Through Webcam (BleepingComputer) A sextortion scam variant is going around that states the popular adult site called Xvideos.com was hacked to include malicious script that records a visitor through their webcam and sends it to the hacker. The scam emails also states that this script was able to connect back to the visitors computer to steal their data and contacts.
Security Patches, Mitigations, and Software Updates
Kaspersky Lab identifies 7 vulnerabilities in industrial IoT platform (FutureIoT) Cybersecurity firm Kaspersky Lab experts have helped to identify and patch seven previously unknown vulnerabilities in the ThingsPro Suite, an
Cyber Trends
Wicked (dark web) wish list (SC Media) The dark web can be a fairly lawless place, but even the most hidden corners of the darknet are not immune to the laws of supply and demand.
Hacking Video Conferencing Platforms - The Next Big Thing? (Infosecurity Magazine) Has society realized the vulnerability dangers within video calling and conferencing technologies.
Location matters; with beverages and malware (Avira Blog) Since malware is like going out to a restaurant at times, you might have many of the same questions: Why is my waiter so slow (cryptominers), why the meal was horrible when it was perfect a week ago (HTML infections), and whether it is really important to change the oil in the car before heading out for a night on the town (CVE-2015-2426)?
CISOs: Change your mindset or lose your job (Help Net Security) Capgemini commissioned IDC to produce a new piece of research, which reveals the increasing pressure on the Chief Information Security Officer to drive
Email authentication use growing steadily in every industry sector (Help Net Security) U.S. federal government agencies and many major enterprises have made significant strides to thwart the spread of fake emails, a major cybersecurity
Cyber crime: Utah's tech success makes it a target (GOOD4UTAH) Utah is one of America's fastest growing states, one that is quickly becoming a major tech center. And largely because of that growth, Utah is a target.
Marketplace
Australian Cyber Security Centre to invest in new threat intelligence sharing platform (Computerworld) The Australian Cyber Security Centre has provisionally shortlisted half a dozen potential platforms that could make it easier to exchange threat intelligence with its partners.
Can the government make cyber cool for college grads? (Fifth Domain) “Recent college graduates think that they are changing the world doing their apps.”
Is cybersecurity more important than cost, schedule or performance? (Fifth Domain) With foreign hackers more active, government leaders must embrace cybersecurity as a fourth pillar of acquisition.
Huawei’s Clout Is So Strong It’s Helping Shape Global 5G Rules (Bloomberg) Edge in standards-setting boards can lead to edge in markets. Huawei says it works with other companies as standards are set.
Are The U.S., U.K. And E.U. About To Deal Death Blows To Huawei's 5G Ambitions? (Forbes) This year, Huawei’s future will be defined by the global tug-of-war between the commercial appeal of state-subsidized Chinese technology and U.S. political and economic influence. If there is no lessening of tensions, Huawei will not survive in its current form.
European telecoms’ dilemma: Huawei or fade away? (Arab News) PARIS: It’s a dilemma for European telecoms firms: Should they steal a march on competitors and rapidly roll out next-generation 5G mobile networks using equipment from top supplier Huawei? Or should they heed US-led warnings of security threats and sit tight, and possibly fall behind? Getting it right will have big consequences as 5G networks are the next milestone in the digital revolution, bringing near-instantaneous connectivity, vast data capacity and futuristic technologies.
UPDATE: Snopes quits and AP in talks over Facebook’s fact-checking partnership (TechCrunch) Two of Facebook's four fact-checking partners in the U.S. have left the program as of the beginning of this year: Snopes, which recently rebuffed reports that its relationship with Facebook was strained, and the Associated Press. Both confirmed they are leaving the program, but left the possibility…
Thales seeks to expand Cyberlab beyond Belgium (Jane's 360) Thales has secured a range of military customers for its ‘Cyberlab’ in Tubize, Belgium, and now plans to roll the concept out to its subsidiaries in other countries, the company has told Jane’s .
The Belgian Cyberlab was established in 2017, with three major functions in mind,
Billion-dollar cybersecurity firm Darktrace is opening a base in Dublin (Fora.ie) The UK company is expanding its hefty global footprint with another office.
Netanya to New York: How to take Israeli hi-tech global (The Jerusalem Post) Sitting in his New York office on the corner of West 36th Street and Broadway, Sisense CEO Amir Orad has realized the dreams of thousands of budding Israeli hi-tech entrepreneurs.
Cybersecurity Vet Abdul Rahman Joins Fidelis as Chief Scientist (GovCon Wire) Abdul Rahman, a former Mantech (Nasdaq: MANT) vice president with more than 10 years of cyber defens
Products, Services, and Solutions
Coalfire Announces "CoalCast Podcast" on First Anniversary of Research and Development Team (PR Newswire) Coalfire, a provider of cybersecurity advisory and assessment services, today announced the launch of its new...
Extreme Networks Makes Securing Edge Devices Easy with Defender for IoT (Extreme Networks, Inc.) The Investor Relations website contains information about Extreme Networks, Inc.'s business for stockholders, potential investors, and financial analysts.
NAB takes aim at supply chain attacks (iTnews) By creating a new 'integrated security function'.
Technologies, Techniques, and Standards
Managing cyber risk in the electric power sector (Deloitte Insights) The power sector is one of the most frequently targeted and first to respond to cyber threats with mandatory controls. But threats continue to evolve, reaching into industrial control systems and supply chains, and requiring even greater efforts to manage risk.
ZTE establishes ITU-T project on network threat detection (Telecom Asia) The first ITU-T standard project in the field of unidentified threat detection and prevention
Here’s how DHS prepared to keep hackers out of the Super Bowl - CyberScoop (CyberScoop) When the New England Patriots and Los Angeles Rams kick off in Atlanta on Sunday, a network of at least nine operational centers staffed by city, state, and federal officials will be humming with activity near the stadium to monitor for cyber and physical threats. About 60 employees from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) will be onsite — with a cyber official at each operational center — making it one of the biggest DHS cybersecurity operations at a Super Bowl to date.
Bratton on Verizon's $97M Ramp Up to Secure Super Bowl LIII (See Videos) - American Security Today (American Security Today) Tammy Waitt, American Security Today’s editorial director caught up Bill Bratton, former police commissioner of New York & Boston and former chief of LAPD, for an exclusive interview last week, to outline Verizon’s $97 million commitment to help secure the Big Game on Sunday. To comprehend the enormity of the project, Mr. Bratton explained that Verizon began …
Census adds bug bounty, 'red team' testing to 2020 cybersecurity arsenal (Federal News Network) The Census Bureau will join a growing number of agencies in offering a bug bounty program as it ramps up security preparations for the 2020 population count.
Flavors Of Risk And A Better Definition Of Cyber (Forbes) Cyber is an overused prefix. Security has to align with the business better around risk, so let's use the term to mean activities around the most important form of risk: the one that requires real security skills to stop the malicious, Human intelligence threatening the connected world and us all
Cyber red teams find DOD systems tougher to crack (FCW) A Pentagon watchdog noted improvements in cyber capabilities but worried that adversaries are improving their attacks faster than defenders are shoring up their systems.
Cyber Soldiers talk about their mission and Army opportunities (DVIDS) Army cyber warriors often say one of the things they like about cyber as a career is that it offers the challenges and opportunities of engaging in cyberspace operations at a desk as well as in a tactical environment.
SWIFT says helping Bangladesh Bank rebuild network after cyber heist (BD News 24) International payments network SWIFT said on Saturday it had signed an agreement with Bangladesh’s central bank to help it rebuild its infrastructure after hackers used it to steal $81 million in 2016 in the world’s biggest cyber heist.
Design and Innovation
Google works on spotting dodgy 'evil domains' (BusinessGhana) Google is working on a way for Chrome to do a better job of spotting fake websites that seek to trick people into...
Research and Development
NIST shortlists submissions for post-quantum crypto competition (Daily Swig) Quest to find new quantum-resistant standards
DigiCert Labs to research postquantum cryptography & ML (Security Brief) The new research lab will collaborate with university researchers and industry leaders on ways to develop innovative approaches to security challenges.
Lockheed to develop cyber/EW podded system (Shephard Media) Lockheed Martin has received an $18 million contract to design, develop and test a cyber/EW podded system for the Air Large component of the US ...
Academia
UCA Cyber Range to Produce Needed Talent (Arkansas Business) The new cyber range at the University of Central Arkansas will complement the school's new bachelor's degree program and deliver to a fast-growing job field the talent it desperately needs to combat cybercrime.
Students put to test in cybersecurity competition (Journal Gazette) It was quiet in the halls of Ivy Tech's Coliseum Campus on Saturday as a series of collegiate teams focused on beating back a group of hackers bent on ...
Volunteer Staff Editor Opportunities at the Journal of Law and Cyber Warfare (Journal of Law & Cyber Warfare) The Journal of Law & Cyber Warfare is currently accepting applications from lawyers, law students, CISOs/cyber professionals, government executives, and students to serve as unpaid staff editors for a two-year term (shorter terms may be considered on a case by case basis). This is an excellent opportunity for students to be immersed in a critical area of the law, network with industry experts, and to hone their personal writing and editing skills. Email Business Editor John Kilgore at jkilgore@jlcw.org copying Editor-in-Chief Daniel Garrie at daniel@jlcw.org if you're interested.
Legislation, Policy, and Regulation
Huawei spying alert 6 years ago ‘wholly ignored’ (Times) Ministers were warned six years ago about the grave risks of Chinese infiltration of national infrastructure in a report citing Huawei’s involvement in UK telecoms. A leading security academic told...
Damning government report reveals Huawei 'failed to address security concerns' in the UK (The Telegraph) Huawei is set to face fresh pressure on its long-term role in the UK as an upcoming government report will find it has failed to address security concerns raised last year.
The plot to bring down Huawei and sever its 'deeply disturbing' ties to the UK (The Telegraph) Huawei employees in the UK are proud of their close links to some of this country’s most trusted institutions.
With security concerns and criminal charges – should Canada allow Huawei to operate in Canada? (Global News) As countries and institutions around the world are dropping Chinese tech giant Huawei from their contact lists, many are asking if Canada will do the same.
Wicker highlights national security risks of China’s efforts to dominate in 5G technology (Ripon Advance) U.S. Sen. Roger Wicker (R-MS), a senior member of the U.S. Senate Armed Services Committee, questioned national security experts about the risk of Chinese technology dominance in next-generation wireless communications at a Jan. 29 hearing on the growing threat of Read more...
America’s cybersecurity in context, not panic mode (TheHill) We need to rack and stack priorities, risks, costs and benefits with rational thought, not just restating fears.
Four differences between the GDPR and the CCPA (Help Net Security) The CCPA is a strong step in the right direction for the U.S. However, it does not go as far as European Union’s GDPR, which went into effect May 25, 2018.
DHS Cyber Hunt Teams to Be Authorized by Reintroduced Bipartisan Bill (BleepingComputer) The bipartisan Department of Homeland Security (DHS) Cyber Hunt and Incident Response Teams Act which would require the DHS to authorize "cyber incident response" and "cyber hunt" teams was reintroduced on January 31.
Portman introduces cybersecurity bill (Bryan Times) Sen. Rob Portman is keeping cybersecurity as a legislative priority.
Analysis | The Cybersecurity 202: State officials want election security cash. But some don't like the strings attached. (Washington Post) House Democrats are pushing a slew of voting mandates in H.R. 1.
State rep. backs off bill to censor internet content (Albuquerque Journal) Measure aimed to require publishers to remove 'inaccurate ... excessive content' 30 days after request
Litigation, Investigation, and Law Enforcement
Facebook warned over privacy risks of merging messaging platforms (TechCrunch) Facebook’s lead data protection regulator in Europe has asked the company for an “urgent briefing” regarding plans to integrate the underlying infrastructure of its three social messaging platforms. In a statement posted to its website late last week the Irish Data Protection Comm…
Duke Energy Broke Rules Designed to Keep Electric Grid Safe (Wall Street Journal) Duke Energy faces a record $10 million fine from federal authorities for serious and pervasive violations of rules designed to keep the nation’s electric system safe from physical and cyber attacks, according to a filing.
Fed backs Bangladesh as cyber-heist lawsuit kicks off (Reuters) The Federal Reserve will lend a hand to Bangladesh's central bank as it sue...
ICO Fines Brexit Campaign and Key Backer (Infosecurity Magazine) Leave.EU and Eldon Insurance broke data protection laws
Digital exchange loses $137 million as founder takes passwords to the grave (Ars Technica) QuadrigaCX survivors try to hack encrypted laptop in hopes of accessing cold wallet.
Bitcoin dealer seeks credit protection; dead owner had sole access to $250M (Times Colonist) Canada’s largest cryptocurrency exchange, QuadrigaCX, has filed for credit protection in Nova Scotia, just the latest in a series of bizarre turns for the Vancouver-based Bitcoin dealer. . .
250 Webstresser Users to Face Legal Action (KrebsOnSecurity) More than 250 customers of a popular and powerful online attack-for-hire service that was dismantled by authorities in 2018 are expected to face legal action for the damage they caused, according to Europol, the European Union’s law enforcement agency.
QuadrigaCX Chain Analysis Report (Pt. 1): Bitcoin Wallets (Medium) This report provides an in-depth analysis of QuadrigaCX’s Bitcoin holdings.
Why we should all be worried about Britain's facial recognition experiment (The Telegraph) As you read this, police are preparing to record people walking down the high street in Romford, East London with cameras capable of mapping their faces with millimetric precision.
Microsoft President says it's “cruel” to not give governments facial recognition tech (Neowin) Microsoft President, Brad Smith, has spoken out against activists who asked Microsoft not to sell facial recognition technologies to governments. He responded saying they should, but cautiously.