Cyber Attacks, Threats, and Vulnerabilities
North Korean hackers cited in rare attack in Israel (Haaretz) The plot was uncovered when an employee of the unidentified Israeli firm received an email from a colleague in broken Hebrew
Several webpages from Elections Canada and MPs lack basic data protections (CBC News) Several Elections Canada webpages and personal websites from MPs don't have the basic encryption necessary to stop your information from being hacked as it's sent from point A to point B.
Microsoft Finds Privilege Escalation, Code Execution Flaws in Huawei Tool (SecurityWeek) Microsoft researchers find privilege escalation and code execution vulnerabilities in Huawei’s PCManager tool. Huawei has released patches.
China Is Spying On Israel to Steal U.S. Secrets (Foreign Policy) Benjamin Netanyahu ignored the intelligence operations of Beijing and Moscow for too long. Now, the Israeli government is finally paying attention, but it could be…
Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers (Motherboard) The Taiwan-based tech giant ASUS is believed to have pushed the malware to hundreds of thousands of customers through its trusted automatic software update tool after attackers compromised the company’s server and used it to push the malware to machines.
ASUS Live Update security issues known in 2016 (iTWire) Security issues with the ASUS Live Update utility, which is claimed to have been used in a supply chain attack by a nation-state, were highlighted as...
Hackers Used Malicious Update To Target 1 Million Asus Devices (Forbes) How to check if your device is part of what is described as the most sophisticated supply chain attack ever
Hijacked ASUS Live Update software installs backdoors on countless PCs worldwide (ZDNet) ASUS reportedly distributed the hijacked software to users last year.
Supply-Chain Attack Used to Install Backdoors on ASUS Computers (SecurityWeek) Over 1 million ASUS users were likely impacted after attackers managed to inject a backdoor in the ASUS Live Update utility, Kaspersky Lab reports.
Hackers Attack Asus Computers Using Routine Software Update (Consumer Reports) Consumer Reports explains what you need to know about Operation ShadowHammer, a small but sophisticated cyberattack that tricked Asus computer owners into downloading malware.
How to Check Your Computer for Hacked Asus Software Update (WIRED) Hackers compromised Asus’s Live Update tool to distribute malware to almost 1 million people. Here’s how to see if your computer has it.
Venezuela Says Power Coming Back After New 'Attack' on Grid (Bloomberg) Most of country has power restored, information minister says. Says power grid’s hub was again victim of opposition ‘attack’.
LockerGoga bug crashes ransomware before encrypting files (ZDNet) Bug could be used to create (temporary) LockerGoga vaccines.
A Guide to LockerGoga, the Ransomware Crippling Industrial Firms (WIRED) The new strain of malware represents a dangerous combination of aggressive disruption and high-stakes targets.
How LockerGoga, The Ransomware Crippling Industrial Firms Operates (KnowBe4) Technically, LockerGoga is just another ransomware strain and not even a very good one. It's got bugs and it's slow. However, the gang behind it represents a dangerous combination of aggressive disruption and high-stakes targets.
Major U.S. Chemical Firms Hit by Cyberattack (SecurityWeek) Operations at two major US-based chemical companies, Hexion and Momentive, have been disrupted by a cyberattack reportedly involving LockerGoga, the ransomware that recently hit aluminum giant Norsk Hydro.
Hexion Inc. Addresses Network Security Incident (BusinessWire) Hexion Inc. (“Hexion” or the “company”) today announced it has taken steps to restore its network and resume normal operations as quickly as possible
Momentive Responds to Network Security Incident (BusinessWire) MPM Holdings Inc. (“Momentive” or the “Company”) (OTCQB: MPMQ) today announced it has taken steps to restore its network and resume normal operations
Norsk Hydro steps up production at business hit by cyber attack (Reuters) Norsk Hydro, one of the world's largest aluminum producers, said on Monday ...
Hydro reports on ongoing recovery from cyber-attack (Magnolia Reporter) Hydro said Monday that progress was made during the weekend in resolving the effects of a cyber-attack.
Analysis | The Cybersecurity 202: The fallout from FEMA's massive compromise is just beginning (Washington Post) Expert hope potential consequences will serve as a "wake up call" for other agencies.
The odd case of a Gh0stRAT variant (AT&T Cybersecurity Alien Labs) This is a guest post by independent security researcher James Quinn. This will be Part 1 of a series titled Reversing Gh0stRAT Variants. As 2018 drew to a close and 2019 took over, I began to see a different behavior from SMB malware authors. Instead of massive, multi-staged cryptocurrency miners, I began to see more small, covert RATs serving as partial stage1’s. Of these samples, there was one specific sample that stood out to me. A Gh0stRAT variant, this
Barracuda intel exposes latest strategies cybercriminals use to get past email security gateways (CRN - India) Barracuda has released key findings from a report, ‘Spear Phishing: Top Threats and Trends’. Barracuda researchers evaluated more than 360,000 spear-phishing emails in a three-month period, identifying and analysing three major types of attacks: brand impersonation, business email compromise, and blackmail. The report takes an in-depth look at how these three types of attacks work, …
KnowBe4 sees a significant rise in blackmail-type phishing attacks (PR Newswire) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, is...
The 11 most sophisticated online scams right now that the average person falls for (SFGate) Online scams prey on internet users' sympathy, fear, and greed.
Researchers Uncover Vulnerabilities in LTE Wireless Protocol (SecurityWeek) Researchers have discovered 36 previously undisclosed vulnerabilities in the Long Term Evolution (LTE) protocol used by most mobile carriers.
Thousands of API and cryptographic keys leaking on GitHub every day (Naked Security) Researchers have found that one of the most popular source code repositories in the world is still housing thousands of publicly accessible user credentials.
Guilty by association: The reality of online retail third-party data leaks (Help Net Security) tThe retail industry suffered more data breach incidents than any other sector as attackers become more organized and targeted with their efforts.
Vulnerability Summary for the Week of March 18, 2019 (US-CERT) The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Cyber Attack At Contra Costa Elections Department Started With An Email (CBS San Francisco) Federal officials are investigating after a hacker attempted to access the election internet system for the Contra Costa County Clerk and Recorder’s office.
Reported hacking attempt at Contra Costa Co. Election Division foiled (ABC7 San Francisco) A still unknown hacker tried to gain access to Contra Costa County's elections office internet system last week and now both the state and federal government are investigating.
Security Patches, Mitigations, and Software Updates
iOS 12.2 Patches Over 50 Security Vulnerabilities (BleepingComputer) Apple released today security updates for iOS, fixing 51 vulnerabilities in version 12.2 of the operating system. The products impacted are iPhone 5s and later, iPad Air and newer, 6th generation iPods.
Google fixes Chrome 'evil cursor' bug abused by tech support scam sites (ZDNet) Evil cursor trick was being abused by Partnerstroka gang to trap users on tech support sites.
Cyber Trends
Annual SonicWall Cyber Threat Report Details Rise in Worldwide, Targeted Attacks (SonicWall) Record-high 10.52 billion malware attacks in 2018 391,689 new attack variants identified Escalation of IoT attacks, 217 percent increase from 2017 2 percent malware attacks leveraged non-standard ports MILPITAS, Calif. — March 26, 2019 — SonicWall today announced the release of the 2019 SonicWall Cyber Threat Report that delivers an in-depth look at threat intelligence …
Internet Security Report - Q4 2018 (WatchGuard) The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet. Their smart, practical security advice contained in the Internet Security Report will enable you to better protect your organization in the ever-changing threat landscape.
Security Analytics and Machine Learning Fuel Next-Generation Cyber Defenses, Finds ‘2019 Cyberthreat Defense Report’ (BusinessWire) CyberEdge Group, the leading research and marketing firm serving the security industry’s top vendors, today announced the availability of its sixth an
2019 SonicWall Cyber Threat Report - SonicWall (SonicWall) SonicWall's 2019 Cyber Threat Report uncovers the attack plans and how you can stop them. We monitor, analyze, and share what we know.
A third of organisations encounter multiple cyber-attacks every week (Computing) Computing research shows that more than 30 per cent of UK firms confirm multiple security incidents targeting them every week
Cybercriminals are increasingly using encryption to conceal and launch attacks (Help Net Security) Cybercriminals are increasingly using encryption to conceal and launch attacks. Deepen Desai, Head of Security Research at Zscaler, talks about the report.
Security top priority for Filipinos when choosing a bank - Unisys (Security Brief) Filipinos have greatest appetite in Asia Pacific to use biometrics to access banking services
Most Filipinos trust physical biometrics for mobile or ATM financial transactions (Biometric Update) Filipinos have relatively high comfort levels with biometric identity verification for financial transactions, with 85 percent saying they are comfortable using voice, face, or fingerprint biometri…
Marketplace
NAS vendor RackTop Systems gets first funding haul (Tech Target) With $15 millon in funding, RackTop Systems ramps up the detection and prevention capabilities of its ‘cyber-converged’ BrickStorhybrid NAS
Merlin invests in Wickr cybersecurity platform (Washington Technology) In a move beyond traditional reselling agreements, Merlin International has invested in Wickr, a company with a secure, anti-hacking communications platform, to develop more of those solutions for the government space.
Bolton Labs Expands Presence in Southeast Asia With Acquisition of Cybersecurity Solutions Provider, Phylasso Security (PR Newswire) Bolton Labs today announced their acquisition of Philippines-based cybersecurity solutions firm, Phylasso...
Spotting Privacy Breaches Before They Cause Harm: Why We Invested in Terbium Labs. (Omidyar Network) Data privacy is among the highest priorities for Omidyar Network. The amount of data collected by companies multiplies every second, making them very powerful and, at the same time, very vulnerable to cyberattacks.
Baltimore cyber company Terbium Labs raises $2M from eBay founder's investment firm (Baltimore Business Journal) This round brings five-year-old Terbium's fundraising total to about $19 million.
At the RSA Conference: Oh, That Security Talent Crunch? (InformationWeek) Keeping pace with the changes in IT security calls for new tactics in developing and acquiring security talent.
FireEye: Staying Behind In All Metrics (Seeking Alpha) The slow growth of FireEye and its weak fundamentals have led to low performance in the stock, causing it to trade at a discount compared to the cybersecurity industry.
Akamai CEO On The Company's Push Toward Cybersecurity (Forbes) In the five plus years since Akamai co-founder, Tom Leighton, ascended to the role of CEO, revenues have more than doubled. The biggest source of growth has been the company's cybersecurity products. Leighton predicts that they will soon be the biggest part of Akamai's business.
AT&T Cybersecurity Sets Sights on Threat Intelligence (BankInfo Security) AT&T has just re-branded its AlienVault acquisition as AT&T Cybersecurity. Javvad Malik, security advocate for the firm, explains its place in the global market and
CEO of Israeli spyware-maker NSO on fighting terror, Khashoggi murder, and Saudi Arabia (60 Minutes) An Israeli company licenses software around the world that can crack just about any smartphone, but is its use always on the side of good?
It's OK to Hack Lawyers and Journalists: Notorious Cyberweapons Firm (Gizmodo) The founder and CEO of NSO Group, the notorious Israeli hacking company with customers around the world, appeared on CBS’s 60 Minutes Sunday night to defend the use of his company’s tools in hacking and spying on lawyers, journalists, and minors when the company’s customers determine the ends justify the means.
Tesla Model 3 Hacked on the Last Day of Pwn2Own (BleepingComputer) During the last day, Fluoroacetate's Amat Cama and Richard Zhu successfully targeted and successfully hacked their way into a Tesla Model 3's Chromium-based infotainment system as part of their automotive category demo, using "a JIT bug in the renderer to display their message."
Cato Expands Executive Team to Meet Surging Demand for Cloud-Native Network Services (Cato Networks) Luca Simonelli to serve as vice president of sales for Europe, Middle East, and Africa (EMEA); Eyal Heiman to serve as vice president of engineering
Products, Services, and Solutions
Guardicore Labs Launches Freely Available Public Resource ForInvestigating Malicious IP Addresses and Domains (Guardicore - Data Center and Cloud Security) Guardicore today announced the launch of its Guardicore Threat Intelligence community resource. Developed by the Guardicore Labs research team.
ConnectWise Launches New Security Assessment Tool (ConnectWise) Company will also resell the Perch Community Defense Platform, purpose built for MSPs
QuintessenceLabs, Tech Mahindra and BT demonstrate an end-to-end video messaging solution secured by Quantum Key Distribution (QKD) (QuintessenceLabs) Solution will be showcased at the launch of the UKQNtel Quantum Network
ConnectWise warns MSPs - you're under attack! (CRN Australia) Launches new security service and boosts protection for its portal.
Entersekt and BioCatch Collaborate to Deliver Streamlined and Enriched Digital Banking and Payments Experiences (BusinessWire) Entersekt, an innovator in mobile-first fintech solutions, and BioCatch, the global leader in behavioral biometrics, today announced a partnership, an
Terbium Labs Shines a Light on the Dark Web With Matchlight (eWEEK) Finding an organization's personally identifiable information that might be lurking on the Dark Web is a complex engineering challenge that Terbium Labs' Matchlight platform looks to solve.
New Kaspersky endpoint security solutions offers automatic anomaly detection (Back End News) Cybersecurity solutions firm Kaspersky Lab has unveiled the next generation of its endpoint protection with new Kaspersky Endpoint Security for Business. The product features Adaptive Anomaly Contr…
Technologies, Techniques, and Standards
Financial Data Exchange, OpenID Foundation Take Step Towards Global Standard for Financial Data Sharing (Morningstar) Financial Data Exchange, OpenID Foundation Take Step Towards Global Standard for Financial Data Sharing, Read most current stock market news, Get stock, fund, etf analyst reports from an independent source you can trust – Morningstar
NSA teams with Trusted Computing Group on software could help secure the supply chain (Military & Aerospace Electronics) The U.S. National Security Agency (NSA) and the Trusted Computing Group (TCG) industry consortium in Beaverton, Ore., have come up with validation software that could go a long way to securing the supply chain for computing devices
DoD testing secure cloud to help small contractors protect data (Federal News Network) In a recognition that smaller firms don't have the infrastructure to defend themselves against sophisticated attacks, DoD will experiment with a secure cloud approach to defending sensitive information.
The Security and Social Media Dilemma (SecurityInfoWatch) Today’s CSO must be aware of risks posed by insiders and possess potential mitigation strategies
The Effective CISO Needs More Than a Control Framework (SecurityInfoWatch) Chief Information Security Officers (CISOs) often talk about reducing the risk of financial loss to their organizations – whether it be through reducing...
Decryptertool for ransomware designed to boost PewDiePie subscriptions (SC Media) An anti-malware company has released a decrypter for ransomware created by a PewDiePie fan who wanted to increase the YouTube star's subscriber count.
Design and Innovation
Industry Perspectives: Understanding the Impact of Predictive Analytics on Security Operations (SecurityInfoWatch) Milestone's Jeremy Scott shares his insights on how predictive analytics has emerged as a key part of any risk mitigation strategy
Microsoft will be adding AI ethics to its standard checklist for product release (GeekWire) Microsoft executive Harry Shum says the company will “one day very soon” add an AI ethics review to its standard checklist of audits for new products.
Machines Shouldn’t Have to Spy On Us to Learn (WIRED) We need a breakthrough that allows us to reap the benefits of AI without savaging data privacy.
Research and Development
DHS Invests $5.9 Million into Cyber Training Tool for Energy Sector (Nextgov.com) The project will expand a strategic decision-making and communication exercise tool developed for the finance sector to the energy sector.
Sandia’s synthetic network offers new insight into how cyber attackers work (Federal News Network) Vince Urias, a distinguished member of the technical staff at Sandia National Laboratories, said the HADES programs creates a fake environment where cyber defenders can lure hackers and better understand their techniques.
DISA wants to keep cyber attackers locked in web browser (Federal News Network) Steve Wallace, a systems innovation scientist in the Emerging Technology Directorate at the Defense Information Systems Agency, said the agency soon will choose vendors to develop a prototype to protect the network and data from attacks that come through web browsers.
China and the Bay Area face off over AI (Silicon Valley Business Journal) The competition between the world's two premier hotbeds for artificial intelligence is really a race for who gets to define the future.
Legislation, Policy, and Regulation
Could Offensive Cyber Capabilities Tip India and Pakistan to War? (The Diplomat) The escalation risks in South Asia stemming from offensive cyber capabilities must be carefully considered.
Moscow flies troops and equipment into Venezuela (Times) The United States has warned it “will not stand idly by” if Moscow continues to raise tensions in Venezuela after it emerged that two Russian aicraft landed in the country, one carrying around 100...
European Parliament approves controversial online copyright law (Computing) Legislators ignore protests, experts and activists to sign directive - including Articles 11 and 13 - into law
Norway Mulls Huawei 5G Decision That’s Not ‘Black and White’ (Bloomberg) Norwegian minister says security and speed most crucial now. Norway telecom companies intend to roll-out 5G network in 2020.
INTERVIEW: Chinese-made devices pose risk to security (Taipei Times) Liberty Times (LT): What are your thoughts on the attempts by the US to block the spread of Huawei Technologies Co?
Newly Disclosed NSA Documents Shed Further Light on Five Eyes Alliance (Lawfare) In response to a Freedom of Information Act lawsuit, the NSA released several batches of records concerning the history and nature of the agreement that led to the Five Eyes alliance.
Subcommittee on Economic and Consumer Policy Hearing on Improving Data Security at Consumer Reporting Agencies (House Committee on Oversight and Reform) PURPOSE The hearing will examine: (1) the options available to the Federal Trade Commission and the Consumer Financial Protection Bureau to promote the improvement of cybersecurity at consumer reporting agencies; and (2) the Government Accountability Office’s recommendations for improving those options.
Litigation, Investigation, and Law Enforcement
The Mueller Report Is a Test for the United States (Foreign Policy) As the world looks on, it’s up to Washington to demonstrate the strength of its institutions.
Mueller report: Witch-hunt leaders are guilty of treason, President Trump declares (Times) President Trump is pushing for an investigation into the “treasonous” behaviour of those behind the two-year-long special counsel “witch-hunt” after being cleared of liaising with Russia. Mr Trump...
Virginia Marine who discovered Russia hack praises Mueller’s ‘definitive’ interference finding (WUSA) Robert Johnston sounded the alarm on Russian interference well before Special Counsel Robert Mueller became a household name.
Analysis | All your big questions about the Mueller report, answered (Washington Post) The Post will answer your questions about Attorney General William Barr's just-delivered letter on the Mueller report's principal conclusions.
Mueller report fallout: Trump, Russia, others react to Barr summary (Washington Post) A fierce debate continued Monday about the implications of a report that cleared Trump of coordinating with Russia during the 2016 presidential campaign but reached no conclusion about attempted obstruction of justice.
Kremlin reacts cautiously to Mueller report findings (ABC7 New York) The Kremlin declined to comment on the Mueller report.
Kremlin declines to comment on Mueller report findings (Beatrice News Channel) The Kremlin has responded cautiously to the conclusion of special counsel Robert Mueller’s investigation that found no evidence of a conspiracy by Donald Trump’s presidential campaign to help Russia interfere in the 2016 U.S. election. Russian President Vladimir Putin’s spokesman Dmitry Peskov told reporters on Monday he couldn’t comment on Mueller’s findings since [...]
Perspective | One person the Mueller report didn’t ‘exonerate’? Vladimir Putin. (Washington Post) The president’s reluctance to agree that Russia interfered in 2016 means he has delayed taking crucial steps to safeguard future elections.
Democratic committee chairmen shift focus to Barr as House investigations forge ahead (Roll Call) House Democrats made clear AG’s four-page summary of Mueller’s key findings doesn’t quell their appetite for info about special counsel’s 22-month probe.
Autonomy’s value ‘was pumped up before sale’ (Times) Mike Lynch, the technology tycoon, “deliberately” misrepresented dozens of contracts to “pump” up Autonomy’s revenues and make the software company appear more valuable than it was, the High Court...
HPE accuses Mike Lynch of using reciprocal transactions with customers to drive revenue growth (Computing) While revenues increased, Autonomy suggested that lower than expected profit margins were due to investment in new products, HPE claims in court
Symantec 'Ghost Revenue' Flagged In New Chancery Suit (Law360) Investors in software and security company Symantec Corp. opened a Delaware Chancery Court derivative suit Monday seeking to recover for losses incurred after the company allegedly put hundreds of millions of dollars in "ghost revenue" on its books by using nonstandard accounting practices.
Canada Gives Asylum to Refugee Who Sheltered Edward Snowden (New York Times) A Filipino woman and her daughter arrived in Toronto, while five others who allowed the former National Security Agency contractor into their Hong Kong homes are awaiting decisions.