Cyber Attacks, Threats, and Vulnerabilities
Embassies targeted in ongoing spearphishing campaign that weaponized Microsoft Excel files (CyberScoop) Embassies around the world have been targeted in a recent spate of spearphishing email attacks from Russian hackers, according to Check Point Technologies.
Loose online lips sink hack targeting governments and embassies (Ars Technica) "EvaPiks" spills code and techniques used in ongoing hack campaign.
FINTEAM: Trojanized TeamViewer Against Government Targets (Check Point Research) Recently, Check Point researchers spotted a targeted attack against officials within government finance authorities and representatives in several embassies in Europe. The attack, which starts with a malicious attachment disguised as a top secret US document, weaponizes TeamViewer, the popular remote access and desktop sharing software, to gain full control of the infected computer....
Hacker dumps thousands of sensitive Mexican embassy documents online (TechCrunch) A hacker stole thousands of documents from Mexico’s embassy in Guatemala and posted them online. The hacker, who goes by the online handle @0x55Taylor, tweeted a link to the data earlier this week. The data is no longer available for download after the cloud host pulled the data offline, but …
Who’s Behind the RevCode WebMonitor RAT? (KrebsOnSecurity) The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT, a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.
Facebook’s Burglary Shopping List (7 Elements) Whilst investigating the technical feasibility of scraping Facebook Marketplace to aid in the recovery of stolen goods, it was possible to identify sensitive data disclosing the exact location of the sale item. The Location data contained within the JSON responses of adverts made through the Facebook Mobile Application, seemed… a little specific. Which goes against …
A 'Blockchain Bandit' Is Guessing Private Keys and Scoring Millions (WIRED) The larger lesson of an ongoing Ethereum crime spree: Be careful with who's generating your cryptocurrency keys.
Ethercombing: Finding Secrets in Popular Places (Independent Security Evaluators) ISE discovered 732 private keys as well as their corresponding public keys that committed 49,060 transactions to the Ethereum blockchain. Additionally, we identified 13,319 Ethereum that was transferred to either invalid destination addresses, or wallets derived from weak keys.
Analyzing C/C++ Runtime Library Code Tampering in Software Supply Chain Attacks (TrendLabs Security Intelligence Blog) For the past few years, the security industry’s very backbone — its key software and server components — has been the subject of numerous attacks through cybercriminals’ various works of compromise and modifications. Such attacks involve the original software’s being compromised via malicious tampering of its source code, its update server, or in some cases, both.
Millions of Medical Documents for Addiction and Recovery Patients Leaked (Threatpost) The information includes data on all rehab treatments and procedures, linked with patients' names and other info.
Security lapse at contract startup Evisort exposed sensitive data (TechCrunch) Evisort, a document and contract management company, left one of its document databases unsecured, exposing customer data. The startup, founded by former Harvard and MIT students in 2016, bills itself as an artificial intelligence contract management company, which it says helps to better organize …
Microsoft Office now the most targeted platform, as browser security improves (CSO Online) The number of attacks carried out using the popular suite has increased in the past two years, Kaspersky Lab researchers say.
Vulnerability Summary for the Week of April 15, 2019 (US-CERT) The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Killer USB Breach Highlights Need For Physical Security (Infosecurity Magazine) Former college student in court facing up to 10 years in prison and a maximum of $250,000 in fines
‘Days, not hours’: Stratford still dealing with effects of cyber-attack (Kitchener) Eight days after a cyber-attack hit Stratford, the city says it is still working to restore its systems and regain access to its data.
Cyber Trends
What's the Best Way to Build Digital Trust? Show Your Customers You Care About Their Data Privacy (Security Intelligence) Focusing on data privacy can have major benefits, including enhanced security, improved compliance and business growth — not to mention increased digital trust among your customer base.
Cyber Readiness Worsens as Attacks Soar (Infosecurity Magazine) Hiscox report finds 61% of firms have been hit
Fragile Cybersecurity Receiving Knocks from Unexpected Quarters (Infosecurity Magazine) Are governments leading efficiently and effectively on cybersecurity matters?
India expected to surpass the UK for second place in payment card fraud (ZDNet) Prices for stolen Indian payment cards has also gone up by 150% in 2018 to around $17/card.
'Korea coming under increasing cyberattacks' (Korea Times) Korea and other countries around the world are facing growing threats of cyberattacks, such as supply chain compromises and cryptocurrency mining over the past year in addition to widespread phishing attacks, Microsoft Korea said Monday.
Marketplace
Jacobs to acquire KeyW (Intelligence Community News) Jacobs of Dallas, TX announced on April 22 that they have entered into a definitive merger agreement pursuant to which Jacobs will acquire KeyW for $11.25 per share in cash. The transaction has an …
A $603 Million Deal Sheds Light on Cybersecurity Space (Bloomberg) Jacobs Engineering to buy KeyW, boosting top-secret access. Dallas-based firm has been making deals in cybersecurity.
Symantec joins DOD cyber threat-sharing group (FCW) The addition of Symantec, which already has a robust threat intelligence network in place, could help bolster the quality and sophistication of the information that flows through the program.
EMT Distribution adds IoT security vendor ReFirm Labs (CRN) US-based IoT security vendor ReFirm Labs has appointed EMT Distribution to distribute its Centrifuge Platform in Australia and New Zealand.
How New York City plans to become a cybersecurity hub (CSO Online) America's largest city has been hit hard by the cybersecurity skills shortage and is working to grow its cybersecurity workforce.
Imperva Appoints Jim Dildine as Chief Financial Officer (BusinessWire) Imperva, Inc., the cybersecurity leader championing the fight to secure data and applications wherever they reside, today announced the appointment of
Facebook Hires Top State Department Lawyer and Bill Gates’s Former PR Chief (Wall Street Journal) Facebook is bringing on a new top lawyer and a communications boss to handle the mounting regulatory and public-relations crises facing the social-media giant.
Products, Services, and Solutions
OPAQ Announces Hyperscale Security-as-a-Service Networking to Simplify Digital Transformation (BusinessWire) New offerings combine gigabit connectivity and comprehensive network security for organizations that require carrier-grade performance and protection.
Technologies, Techniques, and Standards
What is network tokenization? (Rambus) We are seeing an unprecedented shift in consumer spending habits. One in five global transactions are now ‘digital’, with online commerce growing at over six times the rate of in-store sales. But this rapid growth is introducing new challenges. Fraud is rising, yet merchants are under pressure to …
Cyberwarriors get first look at critical new tools (Fifth Domain) The U.S. Air Force delivered to U.S. Cyber Command the first iteration of Unified Platform, a new cyber platform that will give teams important tools and help with coordination.
How the Navy is changing its thinking on information warfare (C4ISRNET) Vice Adm. Matthew Kohler, the Navy’s top information warfare officer, reveals how the service is shifting as the battlefield evolves.
Homomorphic Encryption for Secure Elastic Data Stream Processing (Infosecurity Magazine) How Fully Homomorphic Encryption can aid your cloud security
Debunking the Discourse Around Cloud Security (Infosecurity Magazine) A widespread embrace of the cloud has brought benefits for collaboration and communication.
Collaboration Can Curb Adversarial Threats (SIGNAL Magazine) Defeating hostile threat attempts depends on building effective private-public partnerships.
Why Third-Party Risk Assessment must be an Ongoing Process (Infosecurity Magazine) As companies rely on many partners and suppliers, prioritization is an essential first step to managing third-party risk
Jack Voltaic 2.0 Gives a Glimpse of Future Infrastructure Protection (SIGNAL Magazine) A 2018 exercise developed by the Army Cyber Institute at West Point and hosted by the city of Houston provided participants with a full view of potential critical infrastructure crises while also offering a path to security and resiliency.
Critical Infrastructure Protection Looks Inward (SIGNAL Magazine) The growing interconnection among the elements of the critical infrastructure may hold the key to safeguarding it against an increasingly sophisticated threat picture.
Stopping the Flow of Cyber Breaches (SIGNAL Magazine) The water and wastewater treatment industry is facing cybersecurity threats. The risks affect the sector disproportionately compared to other utilities.
Research and Development
Northrop to Help Develop, Implement Tools on Cybercom's Unified Platform (ExecutiveBiz) Northrop Grumman received a two-year, $24M contract from the U.S. Air Force to develop and incorporate technical capabilties into a unified platform designed to support U.S. Cyber Command operations.
Academia
JSCC cyber defense program receives national certification (WBBJ TV) Jackson State Community College is the only community college in the state with a cyber defense program certified by the U.S. National Security Agency and Department of Homeland Security. Jackson State Community College students Megan Hamilton, left, and Holly Lott work on a server in the school’s computer lab.
Legislation, Policy, and Regulation
Sri Lanka’s social media shutdown illustrates global discontent with Silicon Valley (Washington Post) The Sri Lankan government’s decision to shutter access to social-media sites after Sunday’s deadly bombings may mark a turning point in how countries around the world perceive Silicon Valley -- and their willingness act to stop the spread of falsehoods online.
European Parliament Approves Mass ID Database Plans (Infosecurity Magazine) European Parliament Approves Mass ID Database Plans. Privacy fears of Big Brother state swirl around Brussels
What is the EU's revised Payment Services Directive (PSD2) and its impact? (CSO Online) The upcoming PSD2 requirements, which include multifactor authentication for online European payment card transactions, will have a ripple effect on the payments processing industry in the U.S. and elsewhere.
Russia: Adversary or Enemy? Depends on Your Definition of Cyber Attack. (ClearanceJobs) Russia remains a serious adversary, but is not an enemy of the United States. Its interference in the election may have been meddling, but was it an act of war?
The Mueller Report Shows Politicians Must Unite to Fight Election Interference (Foreign Affairs) It's time to put partisanship aside and come together to protect U.S. democracy.
Singapore Responds to Recent Cybersecurity Attacks (Infosecurity Magazine) Singapore comes back strong after recent data breaches.
Litigation, Investigation, and Law Enforcement
Sri Lanka blames local Islamist extremist group for Easter bombings that killed 290; U.S. offers FBI assistance in probe (Washington Post) Authorities say the local National Thowheed Jamaath group may have had foreign help.
Analysis | Sri Lanka’s bloody Easter puts spotlight on a new terror threat (Washington Post) Experts suspect the deadly series of bombings can't just be the work of "local" actors.
NIH, FBI accuse scientists in US of sending IP to China, running shadow labs (Ars Technica) Federal officials say there's "systematic" meddling by foreign entities.
Inside the special counsel’s long hunt to uncover whether the Trump campaign conspired with Russia (Washington Post) A reconstruction of the investigation by Robert S. Mueller III’s team shows why it was often a maddeningly difficult task — and why some mysteries were left unanswered.
14 Mueller Report Takeaways You Might Have Missed (WIRED) When you dig into the Mueller report, a lot of important details start to jump out.
WannaCry hero Hutchins now officially a convicted cybercriminal (Naked Security) The youngster who spent his own money to protect people from the WannaCry virus has pleaded guilty to malware-related cybercrime charges.
Chelsea Manning will have to stay in jail for contempt, appeals court says (Military Times) The former Army intel analyst is behind bars for refusing to testify to a grand jury investigating Wikileaks.
Democrats Urge Judge Not to Dismiss Russian Hacking Suit (Bloomberg) While much of the U.S. was poring over the Mueller Report, the Democratic National Committee argued Thursday that its civil suit against President Donald Trump, the Russian Federation, WikiLeaks and members of the Trump campaign and White House should go forward.
GAO: GSA Must Do More on Cybersecurity, Property Management (Nextgov) A federal watchdog agency’s reminder on outstanding recommendations comes as the Trump administration pushes for the agency to take on new responsibilities.
Legal opinion: Why Bounty was smacked with a £400,000 fine (Computing) Wedlake Bell's James Castro-Edwards explains why Bounty received such a big fine under the old Data Protection Act - which would almost certainly have been much larger under GDPR