San Francisco: the latest from RSA Conference 2019
Agari expands its Secure Email Cloud solution (Help Net Security) Agari announced two complementary innovations that extends the coverage and effectiveness of the Agari Secure Email Cloud.
Silicon Valley and the FBI Take Their Encryption Fight Behind Closed Doors (Gizmodo) The encryption war is quiet now, but the murky back-and-forth between Silicon Valley and Washington, D.C., is far from over.
At RSA, governments still prove to be more powerful than cyber (Fifth Domain) The ‘S’ in RSA is missing. One of the namesake cryptographers at the venerable security conference was barred from attending by immigration authorities, casting a shadow of state power over the whole affair.
Analysis | The Cybersecurity 202: U.S. to try new approach to punish hacking nations: Working with allies (Washington Post) State Department cyber chief wants "swift and transparent consequences that will change their calculus."
Swimlane Removed from RSAC for not Adhering to Monopoly Rules; RSAC Unavailable for Comment (Press of Atlantic City) Swimlane, a leader in security orchestration, automation and response (SOAR), was removed from RSA Conference (RSAC) yesterday after staging a protest to draw attention to some
Academic Study Exposes Booming SSL/TLS Certificate Marketplaces on the Dark Web (BusinessWire) Venafi sponsors first ever study into availability of TLS machine identities on the dark net
Completing $2.4 Million Financing, inBay Technologies Comes to the RSA (PRWeb) inBay Technologies, developers of ‘passwordless’ authentication solutions, today announced the company is at the RSA conference riding on the coattails of a
Capsule8 Expands Leadership Team with Key Executive Hires (Capsule8) Capsule8, the only company providing high-performance attack protection for Linux production environments, today announced additions to its executive team, appointing …
Tripwire Extends Reach Across DevOps Environments with Expanded Security Capabilities (Tripwire) New vulnerability scanning and compliance functionality covers more DevOps environments, extending security across enterprises
Photo gallery: RSA Conference 2019 Expo, part three (Help Net Security) Here are a few photos from the Expo floor. Featured vendors include: Zscaler, Corero Network Security, ZeroFox, Dell, Secureworks, Tripwire, Veracode.
Cyber Attacks, Threats, and Vulnerabilities
UK charity set up to counter Russian disinformation targeted in cyber attack (The Independent) National Crime Agency investigating 'theft of data' from Institute for Statecraft
Health records giant Epic temporarily halts additions to its app store because of privacy concerns (CNBC) Epic stopped enrolling third-party health developers in its app store, citing concerns about the safety and security of patient data.
The Prototype iPhones That Hackers Use to Research Apple’s Most Sensitive Code (Motherboard) Very few people have heard of them, but "dev-fused" iPhones sold on the grey market are one of the most important tools for the best iOS hackers in the world.
UltraHack: The Security Risks of Medical IoT (Check Point Software Blog) IoT devices make our lives easier. Smart home technology, for example, can help users improve energy efficiency by enabling them to turn appliances on and off with the tap of a touchscreen. Likewise, organizations across all industries have also rapidly adopted them to improve operational efficiency. However, in our recent report into Cloud, Mobile and…
New SLUB Backdoor Uses GitHub, Communicates via Slack (Trend Micro) We discovered a malware that uses three different online services -- including Slack and GitHub-- as part of its routine. Analysis of the attacker's tools, techniques, and procedures lead us to believe that this might be a targeted attack from very capable threat actors.
Stalkers and Debt Collectors Impersonate Cops to Trick Big Telecom Into Giving Them Cell Phone Location Data (Motherboard) In several cases, a stalker impersonated a US Marshal and reported a fake kidnapping in order to get telecom companies to give them real-time cell phone location data.
Rural Jackson County, Ga. recovering from ransomware attack (StateScoop) The attack knocked out all county email services and forced the sheriff’s department to revert to recording arrests and jail bookings on paper.
Beyond Hybrid War: How China Exploits Social Media to Sway American Opinion (Recorded Future) Insikt Group analyzes data from Western social media platforms to determine how the Chinese state exploits social media to influence the American public.
Scammers Use Cheap and Squatted Domains to Create Fake Sites (Zscaler) Zscaler security research observed development of scam campaigns in which bad actors are making use of cheap domains, registering them in bulk, and scamming people in an attempt to generate revenue. In this blog, we will cover a few of such campaigns.
WDS bug lets hackers hijack Windows Servers via malformed TFTP packets (ZDNet) Last warning to apply Microsoft's November security updates for Windows Servers.
Iranian Hackers Have Hit Hundreds of Companies in Past Two Years (Wall Street Journal) Cyberattacks linked to Iranian hackers have targeted more than 200 companies over the past two years, Microsoft said, part of a wave of computer intrusions from the country that researchers say has hit businesses and government entities around the globe.
Cisco tells Nexus switch owners to disable POAP feature for security reasons (ZDNet) Cisco releases new Nexus firmware that includes a new command to turn off POAP.
Sparrow Hospital and McLaren Greater Lansing Patients Affected by Cyber Attack (WLNS) Its a fear we all have. Receiving a notice that your social security number, medical records and other personal information could land in the wrong hands.
Banking Trojans flood the enterprise, Android attacks surge (ZDNet) Kaspersky Labs detected 900,000 attacks against users in 2018 alone.
Scope of MUDCARP Attacks Highlight Third-Party Risk (Infosecurity Magazine) A Chinese threat group is believed to have targeted the DoD supply chain, an iDefense report says.
Pirate Bay malware buries nuisance program bundles in a single click (ZDNet) PirateMatryoshka is described as a “Russian doll” for adware programs and tools.
Adware Apps in Google Play Simulate Uninstall for Persistence (BleepingComputer) Three adware apps discovered in Google Play use a special trick to ensure they stay on the victim device for a longer time. They pose as camera-related utilities and have recorded over 700,000 installations, combined.
Hackers Revive Microsoft Office Equation Editor Exploit (BleepingComputer) Hackers used specially-crafted Microsoft Word documents during the last few months to abuse an Integer Overflow bug that helped them bypass sandbox and anti-malware solutions and exploit the Microsoft Office Equation Editor vulnerability patched 15 months ago.
StealthWorker Malware Uses Windows, Linux Bots to Hack Websites (BleepingComputer) Hackers are running a new campaign which drops the StealthWorker brute-force malware on Windows and Linux machines that end up being used to brute force other computers in a series of distributed brute force attacks.
Several Industrial Automation Products Affected by WibuKey DRM Flaws (SecurityWeek) The products of several industrial automation companies are affected by the recently disclosed vulnerabilities in the WibuKey DRM solution.
Cybercrime Costs Firms $13m Each as Malicious Insider Threat Grows (Infosecurity Magazine) Cybercrime Costs Firms $13m Each as Malicious Insider Threat Grows. Accenture and Verizon reports detail growing menace from within
#Opfail: Phisher Attaches Powershell Exec Instead of Malware (BleepingComputer) The security community has seen its share of mistakes made by cybercriminals, and quickly took advantage of them to stop the threat. But some of them have reached blooper level.
For enterprises, malware is the most expensive type of attack (Help Net Security) The cost to companies from malware and “malicious insider”-related cyberattacks jumped 12 percent in 2018 and accounted for 1/3 of all cyberattack costs.
Unpatched UPnP-Enabled Devices Left Exposed to Attacks (BleepingComputer) Outdated software on UPnP-enabled devices exposes them to attacks designed to exploit a wide range of vulnerabilities found in UPnP libraries used by various daemons and servers reachable over the Internet.
Fake Dun & Bradstreet Company Complaint delivers Trickbot (My Online Security) Continuing with the recent changes to the Trickbot delivery system and possibly the payloads and configs today. This example is today’s latest spoof or imitation of a well-known company…
FTC Issue PSA on Social Security Number Scams (BleepingComputer) Scammers pretending to be employees of the Social Security Administrations (SSA) have caused last year losses of at least $16.6 million.
Jokeroo Ransomware-as-a-Service Offers Multiple Membership Packages (BleepingComputer) A new Ransomware-as-a-Service called Jokeroo is being promoted on underground hacking sites and via Twitter that allows affiliates to allegedly gain access to a fully functional ransomware and payment server.
Internet of Termites (AT&T Cybersecurity) Termite is a tool used to connect together chains of machines on a network. You can run Termite on a surprising number of platforms including mobile devices, routers, servers and desktops.That means it can be used used to bounce a connection between multiple machines, to maintain a connection that otherwise wouldn’t be possible:Termite is a useful networking and penetration testing tool, but we’re seeing it used in attacks to enable access to machines too. There has been little
PXE Dust: Finding a Vulnerability in Windows Servers Deployment Services (Check Point Research) Many large organizations use Windows Deployment Services (WDS) to install customized operating systems on new machines in the network. The Windows Deployment Services is usually, by its nature, accessible to anyone connected via an LAN port and provides the relevant software. They determine the Operating System as well as...
You Think That's Air You're Breathing? (Capsule8) An Exercise in Practical Container Escapology Introduction Containerization has revolutionized how software is developed and deployed, by providing powerful specificity and control for devs and ops alike. By isolating software …
12,449 Data Breaches Confirmed in 2018, a 424% Increase Over the Previous Year (OODA Loop) A new 4IQ report found that 12,449 data breaches occurred in 2018, which is a staggering increase of 424% compared to the year before. However, the number of records exposed per breach was 4.7 times
Security Patches, Mitigations, and Software Updates
Google Chrome Update Patches Zero-Day Actively Exploited in the Wild (BleepingComputer) Google updated the release announcement for the Chrome web browser version 72.0.3626.121 with a warning that the 0day patched in the release is being actively exploited in the wild.
Users of Cisco switches, security appliances need to get patching (Help Net Security) Administrators of Cisco switches, firewalls, and security appliances are advised to take a look at the latest collection of security advisories.
Rockwell Automation Patches Critical DoS/RCE Flaw in RSLinx Software (SecurityWeek) A critical vulnerability in Rockwell Automation’s RSLinx Classic software can be exploited for DoS attacks and possibly for remote code execution.
Cyber Trends
Do Not Despair, Good Privacy Days Ahead (Decipher) The future of privacy is neither futile or pretty good. New regulations are on the way, but there will also be more challenge about rampant surveillance, ACLU tech fellow Jon Callas said.
Mobile World Congress 2019: A payments perspective (Rambus) Andre Stoorvogel, Director, Product Marketing, Rambus Payments For anyone attending Mobile World Congress last week, they have no doubt gone to bed dreaming of 5G networks and foldable smartphones. But dig a little deeper, and there was a lot more up for discussion (honestly). As always, the show offered insight into the big trends that …
Global Privacy Study Finds Firms Failing on Accountability (Infosecurity Magazine) Global Privacy Study Finds Firms Failing on Accountability. ICO warns of 15% with no incident response measures in place
CEOs face test of resilience in 2019 as geopolitical cyber activity picks up (PwC) PwC explains what you need to know and do as cyber geopolitics increase the costs for businesses and nations.
2019 Global ICS & IIoT Risk Report (CyberX) A data-driven analysis of real-world vulnerabilities observed in more than 850 production ICS networks across all industrial sectors and 6 continents worldwide.
Control Systems Cybersecurity: A Grim Gap - A Conversation with Joe Weiss (Momenta Partners) In this weeks IoT Podcast Ed Maguire speaks with Joe Weiss, Managing Partner of Applied Control Solutions and Managing Director of the ISA99 standards organization. He has a deep background in control systems security, and has been active in the cyber security community for decades.
Mobile Security Report (Pradeo) Results based upon the analysis of a sample of 3 million mobile applications and 500K mobile devices
Marketplace
Security startup RackTop Systems secures $15 million (CISO Magazine) Cybersecurity startup RackTop Systems recently raised $15 million in Series A funding to accelerate the growth of its CyberConverged Data Storage and Security Platform.
NTT Acquires WhiteHat Security (SecurityWeek) NTT Security, the cybersecurity company of the NTT Group, has acquired application security firm WhiteHat Security for an undisclosed sum.
Zuckerberg says Facebook's future is going big on private chats (Reuters) Facebook Inc Chief Executive Mark Zuckerberg said on Wednesday the company would...
Why Huawei's Lawsuit Against The U.S. Government Is Not Aimed At The U.S. Government (Forbes) Huawei has now filed its expected lawsuit against the U.S. ban on its products, a move that is much more focused on how the world sees the company than sales of 5G equipment to benefit American consumers.
Facebook's privacy pivot vs Microsoft's 2002 security pivot: Facebook has more to prove (ZDNet) Facebook CEO Mark Zuckerberg outlined a privacy first vision for the social network, but it's a hard sell. Facebook has to prove over time that it is serious about privacy. It can be done. Microsoft took security seriously in 2002, but had more customer trust built up.
Mark Zuckerberg discovers privacy (TechCrunch) With the swelling confidence of a colonial power happening upon a long-settled distant land, today Mark Zuckerberg discovered the concept of privacy. In a ballooning 3,225 words — a roughly average word count for the terminally verbose Facebook founder — Zuckerberg informed his miserably loyal 2.3 …
After buying firm run by HackingTeam vets, Coinbase CEO has some regrets (Ars Technica) CEO Armstrong "transitions out" Neutrino leaders who worked for exploit dealer.
Products, Services, and Solutions
Fidelis Cybersecurity Launches Threat Research Service to Provide Customers with Finished Intelligence and Tailored Countermeasures (Business Wire) Fidelis Cybersecurity, a leading provider of threat detection, threat hunting, and response solutions, today announced the launch of Threat Research a
Centrify ushers in new era of privileged access management (Help Net Security) Centrify announced new cloud-ready solutions to help stop the leading cause of data breaches ― privileged credential abuse.
Basil Security unveils security policy enforcement solution (Help Net Security) Basil Security, the Zero Trust Operations company, announced general availability of the world's first policy-as-code platform.
Alphabet’s Chronicle launches security telemetry service Backstory (ZDNet) The company wants to merge “massive computational capacity” with today’s enterprise security needs.
Firefox to add Tor Browser anti-fingerprinting technique called letterboxing (ZDNet) Firefox gets another new feature from the Tor Uplift project started in 2016.
Google rolls out Web Risk API in beta to help businesses protect their users (ZDNet) Additionally, Google announced the general availability of Cloud Armor, a DDoS defense and WAF service, and Cloud HSM, a managed hardware security module service.
Verizon Expands Managed Security Services Portfolio with BlackBerry Cylance AI-Based Endpoint Security (PR Newswire) Verizon today announced the addition of BlackBerry Cylance's AI-driven antivirus security solutions to its...
Gemalto Expands Cloud HSM On Demand Solutions (BusinessWire) Gemalto, the world leader in digital security, today announced the availability of three new cloud-based Hardware Security Module (HSM) services, HSM
Fidelis Cybersecurity Launches Threat Research Service to Provide Customers with Finished Intelligence and Tailored Countermeasures (BusinessWire) Fidelis Cybersecurity, a leading provider of threat detection, threat hunting, and response solutions, today announced the launch of Threat Research a
Optiv Security Announces New Risk Transformation Service™ to Help Organizations Mitigate Enterprise Risk (Financial Post) — Enables Clients to Embrace the Risk Revolution and Fundamentally Rewrite How They Manage Cybersecurity to Achieve Business Resilience
wolfSSL Announces FIPS-Ready Solution (PRWeb) wolfSSL, the leading provider of TLS cryptography and the world’s first commercial release of TLS 1.3, announces the wolfSSL FIPS-Ready solution! Federal Inf
WatchGuard Expands Secure Wi-Fi Portfolio with 802.11ac Wave 2 Access Point for Midsize Enterprises (GlobeNewswire News Room) Complete with WatchGuard Wi-Fi Cloud, new access point offers fast, reliable, secure Wi-Fi and location analytics for restaurants, medical offices, retail branches and distributed enterprise offices
FEITIAN Technologies Launches Advanced Technology Power Cards (PRWeb) FEITIAN Technologies US Inc, a world leader in strong two-factor and advanced multi-factor authentication and self-powered and battery-less multipurpose
Technologies, Techniques, and Standards
Fear & Loathing In AI: How The Army Triggered Fears Of Killer Robots (Breaking Defense) Why did an obscure Army program inspire headlines about "killer robots"?
How are execs tackling cyber risk that comes with digital transformation? (Help Net Security) As organizations embrace digital transformation, simplifying technology infrastructure and outsourcing workload, they are also expanding their cyber risk.
Organizations still ignoring a large piece of their cybersecurity defense (Help Net Security) More organizations are prioritizing incident response teams trained to address and defeat attacks that make it past existing protections.
New CISA director outlines top 5 priorities for protecting U.S. critical infrastructure (CSO Online) CISA’s Christopher Krebs has a two-year plan for his new cybersecurity agency, with China, supply chain and 5G as top priorities.
Design and Innovation
A Privacy-Focused Vision for Social Networking (Facebook) My focus for the last couple of years has been understanding and addressing the biggest challenges facing Facebook. This means taking positions on importan
Facebook Plans New Emphasis on Private Communications (Wall Street Journal) Facebook is making a major bet that the future of social media will be in private messaging and small group chats, not the public sharing of photos and messages that it pioneered.
Why Chinese Companies Plug a US Test for Facial Recognition (WIRED) A US government agency tests the accuracy of facial recognition programs. The top spots are routinely filled by Chinese and Russian companies.
Research and Development
Northrop Grumman Sponsors 2019 CyberCenturion Competition in London (Northrop Grumman Newsroom) LONDON – March 7, 2019 – Northrop Grumman Corporation (NYSE: NOC) welcomes some of the UK’s brightest 12-18 year olds to compete in the fifth National Finals of CyberCenturion, a nationwide cyber defence competition led by Northrop Grumman, in...
Academia
ISI’s Matt Green Receives $100,000 Google Security and Privacy Research Award (JHU Information Security Institute) Cutting-edge research plays a key role in advancing the security and privacy of users across the Internet. To accelerate the next generation of security and privacy breakthroughs, Google has created the Security and Privacy Research Awards. In February 2019, Google announced that Matthew Green, cryptographer and assistant professor at Johns Hopkins University’s Information Security Institute, …
Californians Across the State are Stepping Up to Tackle Cybersecurity Awareness and Education (PR Newswire) The California Mayors Cyber Cup competition is over, but the work of Team California to educate the next...
Legislation, Policy, and Regulation
GAO Report Finds Cyber Mission Force Training Gaps (MeriTalk) The Government Accountability Office recommended that the Department of Defense address training gaps at U.S. Cyber Command to main a properly trained Cyber Mission Force (CMF) in a report released today.
U.S. allies differ on difficulty of containing Huawei security threat (Washington Post) Despite a months-long campaign, the United States hasn't dissuaded Europeans from buying Huawei equipment.
NSA-Cyber Command Chief Recommends No Split Until 2020 (Defense One) That’s another delay for a separation planned several Defense Secretaries ago.
Census braces for cyberattacks (FCW) With less than a year before the 2020 census officially begins, the bureau knows it'll be a prime target for cybersecurity attackers.
Progress Made, But Additional Efforts Are Needed to Secure the Election Infrastructure (Office of Inspector General) The Department of Homeland Security has taken some steps to mitigate risks to the Nation’s election infrastructure; however, improved planning, more staff, and clearer guidance could facilitate its coordination with states.
Homeland Security hasn’t done enough to protect election infrastructure, says watchdog (TechCrunch) Homeland Security could do more to protect election infrastructure, according to a new report by the department’s watchdog. The report from the inspector general, out Wednesday, said progress had been made but Homeland Security, the department charged with protecting elections and the back-en…
Top US general in Europe wants to keep China out of 5G networks (C4ISRNET) Who the European nations pick to build their 5G network could have a huge influence on the U.S. military.
The US-China Tech War Is Being Fought in Central Europe (Defense One) The Czech Republic’s complicated relationship with the Chinese giant Huawei offers a lesson in the benefits and pitfalls of courting Beijing.
Putin urges stronger protection of Russian military secrets (AP NEWS) MOSCOW (AP) — President Vladimir Putin urged Russia's top domestic security agency on Wednesday to tighten its protection of information related to new weapons and other sensitive data. In a...
Britain's Hunt promises 'doctrine of deterrence' against cyberattacks on democracy (iTnews) Economic and diplomatic counter-measures.
Facebook rejects Australian regulator's push for scrutiny of news feeds (iTnews) Like Google, denies market power.
FTSE 350 Boards Still Struggling on Cyber Awareness (Infosecurity Magazine) FTSE 350 Boards Still Struggling on Cyber Awareness. Government report highlights progress but lack of maturity in several areas
Singapore proposes new security guidelines to beef up financial resilience (ZDNet) Monetary Authority of Singapore is looking to introduce changes to existing technology risk and business continuity management guidelines that will require financial organisations to implement more measures, including cyber surveillance, to boost operational resilience.
Litigation, Investigation, and Law Enforcement
Huawei Sues the U.S., Says Congress Acted as ‘Judge, Jury and Executioner’ (WSJ) Huawei Technologies filed a lawsuit challenging a law that restricts federal agencies from doing business with the Chinese company, the latest in a series of countermoves by the telecommunications giant.
Huawei sues US government over 'unconstitutional' ban (The Telegraph) Huawei is suing the US government arguing that a ban on using its equipment in federal systems is "unconstitutional".
Long before Trump’s trade war with China, Huawei’s activities were tracked (Reuters) The surprise arrest of Huawei's chief financial officer in December quickly...
Sonic hit by $5 million suit over 2017 data breach (SC Media) The drive-in fast food chain Sonic is being sued by the American Airlines Federal Credit Union for $5 million in an attempt to recoup money the credit
Police warn of imposters demanding money for bogus crimes (WHTM) Imposters are posing as Warwick Police and demanding money for bogus crimes, according to the Northern Lancaster County Regional Police Department (NLCRPD).