Cyber Attacks, Threats, and Vulnerabilities
"LPR" reportedly behind recent phishing attack on Ukraine govt agencies, military – threat research (UNIAN) The malware is spread via emails with malicious LNK files with PowerShell scripts designed to download a second-stage payload from the command and control server.
Source code of Iranian cyber-espionage tools leaked on Telegram (ZDNet) APT34 hacking tools and victim data leaked on a secretive Telegram channel since last month.
Cyberspies Hijacked the Internet Domains of Entire Countries (WIRED) A mysterious new group called Sea Turtle targeted 40 organizations in a DNS hijacking spree.
Sea Turtle Attackers Play Shell Game With DNS (Decipher) A group of attackers has been running a DNS hijacking campaign known as Sea Turtle that targets energy, intelligence, and military organizations.
Hackers Are Messing With the 'Web's Phone Book' For Espionage (PCMAG) The suspected government-backed hackers have been infiltrating companies that run the Domain Name System, including internet service providers and web-hosting organizations, allowing them to corrupt the "phone book of the internet," security researchers warn.
CyberInt Reports: Suspected Russian-speaking Threat Actors 'TA505' Continues Cybercrime Spree against Global Retailers & Financial Institutions (PR Newswire) Investigation from CyberInt's Research Lab has connected a single gang to a range of attacks against retailers ...
CyberInt Reports: Suspected Russian-speaking Threat Actors Targeting Korea (Korea IT Times) [Tel Aviv] Investigation from CyberInt’s Research Lab announced on April 17 that has connected a single gang to a range of attacks against retailers and financial institutions around the world using legitimate remote access software. CyberInt’s managed detection and response solutions protect the wo
Meet Scranos: New Rootkit-Based Malware Gains Confidence (Dark Reading) The cross-platform operation, first tested on victims in China, has begun to spread around the world.
Romania, world’s most affected country by new cyber threat that steals passwords, payment data (Romania Insider) Security researchers have discovered an aggressive computer threat that hides on the infected devic
Russian Hackers Scrambled to Erase Digital Footprints After Triton Attribution Report (TechBizWeb) Some of the pieces of digital evidence that led to security researchers linking the notorious Triton malware to a Russian research institute were removed after the information was made public. A blog post published in October 2018 by cybersecurity firm FireEye assessed with “high confidence” that …
Malicious AutoHotkey Scripts Used to Steal Info, Remotely Access Systems (BleepingComputer) Attackers are targeting potential victims using a malicious AutoHotkey script to avoid detection and to steal information, to drop more payloads, and to remotely access compromised machines using TeamViewer.
Massive eGobbler Malvertising Campaign Leverages Chrome Vulnerability To Target iOS Users (Confiant) As publishers have become increasingly aware over the last week, there’s a series of rampant malvertising campaigns on the loose…
Wipro breach highlights third-party risk from large IT services providers (CSO Online) After outsourcing giant Wipro suffered a phishing incident, attackers used its email system to target the company’s customers. The breach demonstrates the dangers of supply chain and third party risk.
How Not to Acknowledge a Data Breach (KrebsOnSecurity) I’m not a huge fan of stories about stories, or those that explore the ins and outs of reporting a breach.
Popular Android Apps From A Major Chinese Developer Were Caught Committing Ad Fraud (BuzzFeed News) Following a BuzzFeed News investigation, Google removed six apps from the Play store that belonged to a major Chinese developer.
Fraudsters Exploiting the Notre Dame Tragedy (ZeroFOX) ZeroFOX is actively monitoring for malicious activity and fraudulent crowdfunding sites on social media related to the Notre Dame fire.
Facebook says it uploaded email contacts of up to 1.5 million users (Reuters) Facebook Inc said on Wednesday it may have "unintentionally uploaded" ...
Facebook uploaded email contacts of 1.5m users without consent (the Guardian) Company says it has stopped using password verification feature that collected data
Chipotle customers are saying their accounts have been hacked (TechCrunch) A stream of Chipotle customers have said their accounts have been hacked and are reporting fraudulent orders charged to their credit cards — sometimes totaling hundreds of dollars. Customers have posted on several Reddit threads complaining of account breaches and many more have tweeted at @Chipotl…
What is a side channel attack? How these end-runs around encryption put everyone at risk (CSO Online) Side channel attacks on cryptography break confidentiality by exploiting information produced by the encryption — such as van Eck phreaking in a TEMPEST attack, courtesy the van across the street.
Cyber-security firm Verint hit by ransomware (ZDNet) In an extreme case of irony, ransomware hits cyber-security firm.
Ransomware Attack Blocked Successfully, Says Cyber Company Verint (CTECH) On Wednesday night, Israeli media reported that the Israeli offices of the surveillance and business intelligence company were under attack, though the nature of the ransomware and the demands of the attackers were unclear
Ad blocker firms rush to fix security bug (Naked Security) If you’re using an ad blocker to filter out online commercials, then beware: You might be vulnerable to a new attack revealed on Monday that enables hackers to compromise your browser.
New Business Email Compromise Scheme Reroutes Paycheck by Direct Deposit (Trend Micro) A new business email compromise (BEC) scheme, where attacker tricks the recipients into rerouting paychecks by direct deposit, has emerged.
Kaspersky Lab Saga Grows Weirder as Critics of the Security Firm Say Bumbling Spy Tried to Discredit Them (Gizmodo) A man who goes by the name Lucas Lambert reportedly spent months setting up meetings with three cybersecurity experts under false pretenses last year, hoping to get them to say that they were paid to criticize Kaspersky Lab. Lambert was unsuccessful, but the attempt sheds new light on alleged covert activity potentially carried out on behalf of the Moscow-based cybersecurity firm.
New Research from Terbium Labs Shows How Criminals Use Fraud Guides to Exploit and Defraud Organizations for Less than Eight Dollars (Globe Newswire) Thorough Review of Dark Web Fraud Trade Helps Organizations Guard Against the Most Common Schemes and Tactics Used by Cybercriminals
Criminals are putting old tax returns up for sale on the dark web (CBS News) Identity theft has never been this cheap — you can buy anything from old tax returns to bank accounts on the dark web
Cybercrime a 'true economy of scale,' expert warns (Fox Business) Most Americans personal information is available to criminals on the dark web.
Security Patches, Mitigations, and Software Updates
Oracle security warning: Customers told to patch ASAP to swat 297 bugs (ZDNet) Update addresses multiple flaws that can be remotely exploited without user credentials.
Evernote Fixes Remote Code Execution Vulnerability in macOS App (BleepingComputer) A local file path traversal vulnerability which allows attackers to run arbitrary code on their targets' Macs remotely was fixed by Evernote after receiving a report from security researcher Dhiraj Mishra.
A third-party patch for Microsoft's Internet Explorer zero-day vulnerability (Graham Cluley) Don’t want to wait for Microsoft to fix the problem in how Internet Explorer handles .MHT files? Other security researchers come to the rescue.
Cyber Trends
SonicWall Detects, Reports Dramatic Rise in Fraudulent PDF Files in Q1 2019 (SonicWall) SonicWall Capture Labs threat researchers are reporting a substantial increase of fraudulent PDF files. This fraud campaign takes advantage of recipients’ trust in PDF files as a “safe” file format that is widely used and relied upon for business operations.
Protecting People: A Quarterly Analysis of Highly Targeted Cyber Attacks (Proofpoint) Among the most targeted malware and credential phishing attacks, nearly 30 percent targeted generic email aliases. These email addresses are shared typically within an organization.
Bots drove nearly 40% of internet traffic last year — and the naughty ones are getting smarter (The Next Web) Bots walk among us.
How to make AI ethics a priority at your company: 5 tips (TechRepublic) One-third of professionals see ethical risks as a top concern about artificial intelligence and technology, according to a Deloitte report.
Why India's trojan menace will only increase (Live Mint) Almost three in four banks in Asia Pacific anticipate that fraud in their country will increase in 2019, said a new report by FICO.Cybersecurity continues to be a major issue in India with 76.3% of organizations hit by cyber attacks in the last year, a global survey from security firm Sophos corroborated
Over 80% of All Phishing Attacks Targeted U.S. Organizations (BleepingComputer) U.S. entities remained the most attractive targets of phishing attacks throughout 2018, with an estimated 84% of the total volume of millions of incidents analyzed during the last year by threat intelligence company PhishLabs.
Marketplace
Manufacturers' cyber risk is about far more than data breach (Insurance Business) Following the Norsk Hydro hit, one expert reveals why the industry needs more comprehensive cyber coverage
Cyber pricing: Have carriers got it right? (Canadian Underwriter) Cyber insurance is a good tool to help clients understand their vulnerabilities, but carriers need to do a better job of pricing according to risk, speakers suggested at a recent conference. “There seems to be a lot of spit-balling on…
Astroscreen raises $1M to detect social media manipulation with machine learning (TechCrunch) In an era of social media manipulation and disinformation, we could sure use some help from innovative entrepreneurs. Social networks are now critical to how the public consumes and shares the news. But these networks were never built for an informed debate about the news. They were built to reward…
Tesserent builds cyber security strength with Rivium buy (ARN) Tesserent builds upon its cyber security business spending $3.5 million on buying Melbourne-based enterprise security specialist and Splunk reseller, Rivium.
Tech Nation's national cyber security growth programme revealed (Information Age) Tech Nation's initiative is designed to spur the UK’s cyber sector, accelerate the growth of its members and build a cross-industry network
Microsoft Unveils Two Secret Data Centers Built for Classified Government Data (Nextgov) Microsoft is building data centers and expanding security capabilities to compete with Amazon to host sensitive government data.
Orange Cyberdefense s’implante à Casablanca (afriqueactudaily) Le groupe Orange renforce ses solutions au profit des entreprises marocaines en procédant, vendredi, à l’implantation à Casablanca de sa filiale Orange Cyberdefense, spécialisée dans la sécurisation des actifs numériques.
Accenture Opens Federal Cyber Center in San Antonio (Hastings Tribune) Accenture (NYSE: ACN) has launched the Accenture Federal Services (AFS) Cyber Center, a state-of-the-art facility in San Antonio that provides cybersecurity capabilities on an as-a-service basis
Jon Rose Joins Bishop Fox as Vice President of Managed Security Services (PR Newswire) Bishop Fox, the largest private professional services firm focused on offensive security testing, announced today that...
Cofense Announces Key Additions to Leadership Team (PR Newswire) Today Cofense™, the global leader in intelligent phishing defense solutions, announced the addition of four...
Products, Services, and Solutions
BitDam Launches Email Security Penetration Testing Tool (PRWeb) BitDam, provider of cybersecurity solutions that protect enterprise communications from advanced threats hidden in files and links, today announced the ava
Mimecast Customer Case Study (Gigamon) Mimecast: Source of Better Actionable Intelligence in the Quest to Secure the Network
Ridding Email Phish at Massive Scale | SendGrid (SendGrid) Learn more about Twilio SendGrid’s Inbox Protection Rate, which measures compliance efforts to prevent malicious email from reaching SendGrid’s email recipients.
CyFlare selects Syncurity as SOAR provider to enable global scale (Help Net Security) CyFlare has announced that it has selected Syncurity as the Security Orchestration Automation and Response (SOAR) provider to enable global scale.
CyberSaint launches CyberStrong, a new integrated risk management solution (Help Net Security) CyberSaint announced the general availability of the latest version of its CyberStrong integrated risk management platform.
Verint says Video Investigator will shorten banks’ investigation time by more than 50% (IFSEC Global) Verint Systems has launched a platform designed to simplify and automate security, surveillance and fraud investigations undertaken by banks and …
You're fired: Network-driven security does it better for distributed IT (SiliconANGLE) You're fired: Network-driven security does it better for distributed IT
EY Launches Beta Test Version of Smart Contract Analyzer for Ethereum Blockchain (Cointelegraph) Big Four auditing firm EY has launched a private beta test version of its new Smart Contract Analyzer tool for the public Ethereum blockchain.
IoT device monitoring added to Nyansa Voyance (SearchNetworking) Nyansa has added IoT device monitoring to its network monitoring software. The latest version of Nyansa Voyance can monitor the activity of IoT devices found in healthcare and retail.
ThreatModeler Improves Platform Training with Launch of ThreatModeler Academy (PR Newswire) ThreatModeler Software Inc., provider of the industry's #1 Automated Threat Modeling Platform, announced...
Technologies, Techniques, and Standards
In Case of Emergency: A Disaster Recovery Plan Checklist for Data Security (Hashed Out by The SSL Store™) Hurricane season is around the corner and cyber attacks are ever-increasing — is your business prepared for any incident with a disaster recovery plan? While it’s important to plan for...
The Economic Side Of Cyber Security Risk Management (Cyber Security Hub) Robert (Bob) Vescio is the Chief Analytics Officer of Secure Systems Innovation Corporation, and he is recognized as one of the industry's foremost experts in the area of cyber risk economics. He joined Host George Rettas, president and CEO of TF 7 Radio on Monday night.
‘Locked Shields’ 2019 seeks to clarify domestic and military cyber response roles (Jane's 360) Cyber exercise ‘Locked Shields’ 2019, which was held on 8-12 April, focused on gaining a better functional understanding between technical experts and strategic decision-makers, as well as between operators from different NATO nations, the event’s organisers told Jane’s .
Locked Shields (CCDCOE) Locked Shields is a unique international cyber defence exercise offering the most complex technical live-fire challenge in the world
When malware hits an F-16, call these new Air Force cyber teams (Fifth Domain) New cyber teams will defend things like the avionics in a fighter jet.
Design and Innovation
The hot, new cyber trend: people (Fifth Domain) The security industry hasn’t spent much time thinking about security through a human-focused lens. That's changing.
Mozilla to Apple: Protect user privacy with rotating phone IDs (Naked Security) Mozilla has criticized Apple for its latest privacy marketing campaign, urging it to provide more automatic protection for users behind the scenes.
Emotionally intelligent AI will respond to how you feel (The Next Web) Artificial intelligence offers us an opportunity to amplify service and the integration of technology in everyday lives many times over. But until very recently, there remained a significant barrier in how sophisticated the technology could be. Without a complete understanding of emotion in voice and how AI can capture and measure it, inanimate assistants (voice …
Research and Development
Army researchers identify new way to improve cybersecurity (U.S. Army Research Laboratory) With cybersecurity one of the nation's top security concerns and billions of people affected by breaches last year, government and businesses are spending more time and money defending against it. Researchers at the U.S. Army Combat Capabilities Development Command's Army Research Laboratory, the Army's corporate research laboratory also known as ARL, and Towson University may have identified a new way to improve network security.
IARPA working on protecting AI training data from tampering (Federal News Network) IARPA Director Stacey Dixon said the agency has laid the groundwork for two programs focused on ways to overcome adversarial machine learning.
Researchers claim breakthrough in secure quantum communications (Computing) The researchers were able to coordinate the path of a pair of photons - one photon for each party - through different fibre network paths
Closing Quantum Cybersecurity Gap an Imperative: Industry and Government to Warn at Toronto Quantum Summit (PR Newswire) More than 100 senior-level participants from government, private industry, universities and...
Analysis | The Cybersecurity 202: This is the biggest problem with cybersecurity research (Washington Post) Private companies are wary of sharing data on hacking attempts with researchers.
Cybersecurity Research Datasets: Taxonomy and Empirical Analysis (Tandy School of Computer Science, University of Tulsa) We inspect 965 cybersecurity research papers published between 2012 and 2016 in order to understand better how datasets are used, produced and shared.
Academia
UofL, IBM create academy to teach AI, IoT, cybersecurity, quantum computing (Insider Louisville) UofL is joining forces with IBM to better be able to equip students with skills for in-demand fields such as cybersecurity and quantum computing.
Legislation, Policy, and Regulation
Want protection from online scams? Try these tips (Newsroom) Kiwis lost $33m in online scams last year, so what can we do? Dr Rizwan Asghar has some suggestions.
China criticizes telecom supply-chain proposal at WTO; U.S. says it's a 'matter of national security' (Inside Cybersecurity) China has raised concern at the World Trade Organization that a proposed Federal Communications Commission rule unfairly paints firms like Huawei and ZTE as cybersecurity threats and could exclude them from the build-out of next-generation “5G” networks by U.S. telecom providers in rural areas.
U.S. ban on Chinese telecom equipment moves forward amid concerns (Yahoo News) A ban on U.S. government business deals with several Chinese telecom companies, including Huawei and ZTE, is on track to be implemented by late summer, according to the Pentagon.
FCC chairman cites national security, opposes China Mobile's bid to access US market (TheHill) Ajit Pai, the chairman of the Federal Communications Commission (FCC), announced his opposition Wednesday to allowing state-backed Chinese telecommunications company China Mobile to enter the U.S. market.
German Spies Dismiss Trump’s Huawei Threats, Sources Say (Bloomberg) Authorities see data-sharing warning as political sparring. U.S.-German security cooperation too close to risk disrupting.
Huawei CEO offered Berlin no-spy deal to soften 5G concerns: Wirtschaftswoche (The Mighty 790 KFGO) China's Huawei offered Berlin a "no-spy agreement" to address security concerns over the Chinese company's involvement in building Germany's next-generation 5G mobile infrastructure, a German magazine said on Wednesday. "Last month, we talked to the German Interior Ministry and said that we were ready to sign a no-spy agreemen...
A Risk Analysis of Huawei 5G (Lawfare) What a country needs to consider before buying Huawei 5G equipment.
Federal CISO floats potential for new supply chain regs (FCW) The federal government's top IT security chief and canvassed industry for feedback on how to shape new rules of the road for federal acquisition and procurement.
Defining “Emerging Technologies”: Industry Weighs In on Potential New Export Controls (China Business Review) What exactly qualifies as an "emerging technology," and how would the United States go about placing export controls on them? Feedback from industry and other stakeholders continues to inform this rulemaking process.
EU Parliament Votes to Ban Ticketing Bots (Billboard) The European Parliament has voted to ban the use of automated software -- or "bots," as they are more commonly known -- to mass-purchase concert tickets which are then resold at inflated rates on the secondary market.
The Evolution Of Cyber Security In The Nigerian Banking Sector (Mondaq) Nigeria moved from a country with zero legislation on cyber security to a country with an extensive law with the enactment of the Cybercrime (Prohibition, Prevention, Etc.) Act (the Act) in 2015. Nigeria Security AELEX 16 Apr 2019
Liberia allays cyber security threat fears (Journal du Cameroun) Liberia’s Ministry of Posts and Telecommunications has assured the business community that the government will ensure that their businesses are protected against cyber security threats in the country.According to Posts and Telecommunications Minister Cooper Kruah, the Coalition for Democratic Change (CDC) led Government takes the protection of businesses and the general economy from this growing threat very …
Under 18s to be barred from porn websites under age restrictions to be introduced on July 15 (The Telegraph) Children and youths will be banned from viewing pornography in Britain on July 15 under a crackdown requiring pornographic websites to verify users are over 18.
Litigation, Investigation, and Law Enforcement
Who’s Afraid of the Mueller Report? (The Atlantic) Trump aides are serenely confident that the special counsel’s fine print won’t hurt the boss.
How to Read Between the Lines of the Mueller Report (Foreign Policy) Here’s what to expect from the long-awaited—and now heavily redacted—probe into Trump’s Russia ties.
The Courts and Canada Are Doing What the U.S. Government Won’t on Data Breaches (Slate Magazine) The federal government doesn’t care much about data breaches. Courts are stepping in.
Police launch specialist team to combat cyber criminals in Sunderland and South Tyneside (Sunderland Echo) Police have launched a specialised team aimed at tackling cyber criminals.
Feds Bust Phony Lawyer Whose Website Cribbed From Cravath (New York Law Journal) Prosecutors say John Lambert, whose website borrowed from the profiles of real Cravath lawyers, bilked thousands of dollars from people and businesses by impersonating a high-powered New York attorney.
Student used "USB Killer" device to destroy $58,000 worth of college computers (The Verge) The former student now faces up to 10 years in prison