Cyber Attacks, Threats, and Vulnerabilities
Emotet Trojan Is the Most Prevalent Threat in Healthcare Systems (BleepingComputer) Almost 80% of the malware affecting computer systems in the healthcare industry are trojans and the most common of them is Emotet, a report today shows.
Ransomware Attacks Enjoying a Spring Renaissance (CPO Magazine) Are ransomware attacks making a comeback as a dominant cyber security threat? Norsk Hydro, Verint, Weather Channel and Arizona Beverages are among the big names who have fallen victim in recent weeks.
Buhtrap backdoor and ransomware distributed via major advertising platform (WeLiveSecurity) ESET researchers document how cybercriminals abused the online advertising network of Russia's leading search engine to distribute malware.
Citycomp Ransomware Attack Nabs Financial Data From Several Large Companies (Channel Futures) A ransomware attack on a large Germany-based IT provider, Citycomp, has put the financial data of several of the world’s biggest companies at risk, including Oracle, Airbus, Toshiba and Volkswagen.
Zero-day attackers deliver a double dose of ransomware—no clicking required (Ars Technica) High-severity hole in Oracle WebLogic under active exploit for 9 days. Patch now.
Mysterious hacker has been selling Windows 0-days to APT groups for three years (ZDNet) Hacker has sold Windows zero-days to the likes of Fancy Bear, FruityArmor, and SandCat.
Leak Reveals Iran’s Wildest Hacker Crew Stole 13,000 Passwords From 98 Organizations (Forbes) Iran-backed hackers targeted a large number of Middle Eastern organizations, as they pilfered passwords to all manner of government and private entities.
Docker breach of 190,000 users exposes lack of two-factor authentication (Naked Security) The containerisation platform has asked 190k users to change their passwords after hackers gained access to a database of personal data.
A ‘Cyber Event’ Disrupted the Power Grid in California and Wyoming, But Don’t Panic Just Yet (Motherboard) The Department of Energy says a “cyber event” disrupted operations in California, Wyoming, and Utah last month. But it’s unclear if hackers were behind it.
SECURITY: 'Cyber event' disrupted U.S. grid networks — DOE (E&E News) A report posted by the Department of Energy found that a potentially unprecedented "cyber event" hit grid operations in the western United States last month. Who was behind it?
Africa, Mideast record stunning increase in cyber-attacks (CAJ News Africa) There have been more than 150 million malware attacks in Middle East, Turkey and Africa (META) since the beginning of the year.
Cyberattacks increasing in UAE, study says (Khaleej Times) A total of 1,101,745 phish attacks were recorded in the UAE during the first quarter of 2019.
Cyberattack hits Verint's low profile (Globes) A cyberattack and complaints from a dissastified investor have put the media shy tech company in the headlines.
Data Risk Report: 1000s of Stale Accounts, Exposed Files Revealed (Computer Business Review) A data risk report by Varonis that analysed more than 54 billion files via 785 data risk assessments carried out by the data security company's engineers,
Norsk Hydro Cyber Attack Cost It Nearly $52M in First Quarter (Insurance Journal) Norsk Hydro said the March cyber attack that paralyzed its computer networks would cost the aluminum maker up to 450 million Norwegian crowns ($52
Cryptocurrency thefts, fraud hit $1.2 billion in first quarter: report (Reuters) Losses from the theft of cryptocurrencies from exchanges and fraud-related activ...
Microsoft Outlook Security Breach Targeted Bitcoin Accounts (BTCMANAGER) Earlier in April 2019, Microsoft Hotmail, MSN, and Outlook email accounts suffered a severe security breach. Now, a good number of the victims have revealed that their cryptocurrency wallets were hacked during the ugly incident, reports Motherboard on April 29, 2019. Microsoft Customer Support Account Hacked Per the report, the…
Cybersecurity: The key lessons of the Triton malware cyberattack you need to learn (ZDNet) Triton is a particularly dangerous form of malware; learning these lessons could make you a lot safer.
Mobile Chrome Hoax Could Target Android Users (TechNewsWorld) A new method for hiding the true location of a website from users of the mobile Chrome Web browser has come to light. Phishers can trick users into revealing their credentials for a legitimate website to operators of a malicious one, security researcher James Fisher reported. Scammers can exploit mobile Chrome's feature that hides the address bar when users are scrolling on a Web page.
Warren Buffett: ‘Cyber poses real risks to humanity’ (Yahoo) Berkshire Hathaway CEO Warren Buffett says that cyber attacks are as dangerous as nuclear, biological, and chemical weapons.
SECURITY: 'Cyber event' disrupted U.S. grid networks — DOE (E&E News) A report posted by the Department of Energy found that a potentially unprecedented "cyber event" hit grid operations in the western United States last month. Who was behind it?
Hackers Steal and Ransom Financial Data Related to Some of the World’s Largest Companies (Motherboard) The data was stolen from Citycomp, which provides internet infrastructure for dozens of companies including Oracle, Airbus, Toshiba, and Volkswagen.
Zero-day attackers deliver a double dose of ransomware—no clicking required (Ars Technica) High-severity hole in Oracle WebLogic under active exploit for 9 days. Patch now.
Oh dear. Secret Huawei enterprise router snoop 'backdoor' was Telnet service, sighs Vodafone (Register) We all want to see hard proof of deliberate espionage. This is absolutely not it
Android users: watch out for this fake address bar trick (Naked Security) When is an address bar not an address bar? When it’s a fake.
Updated: This DDoS Attack Unleashed the Most Packets Per Second Ever. Here’s Why That’s Important (Imperva) (Updated April 30, 2019 with new data from an even larger attack. Skip directly to the bottom to learn more.) DDoS attacks are usually measured by the amount of bandwidth involved, such as the 1.35 Terabits per second (maximum) attack directed at GitHub last year, the largest DDoS attack ever at the time. However, in …
Nozomi Networks Labs Finds New Rockwell PLC Vulnerability (Nozomi Networks) Nozomi Networks Labs responsibly disclosed a PLC vulnerability in Rockwell Automation CompactLogix controllers to CISA and Rockwell Automation.
Rockwell Automation CompactLogix 5370 (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 8.6ATTENTION: Exploitable remotely/low skill level to exploitVendor: Rockwell AutomationEquipment: CompactLogix 5370Vulnerabilities: Uncontrolled Resource Consumption, Stack-based Buffer Overflow2.
Most 2020 U.S. Presidential Campaigns Unprotected Against Nation-State Email Attacks (Agari) The campaigns for nearly all top-tier candidates running for President of the United States in 2020 are unprotected against email attacks, fraud and data breaches typically instigated by nation-states, according to a new report published today by Agari. Agari, the next-generation Secure Email Cloud that restores trust to the …
Philips Tasy EMR (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 4.1ATTENTION: Low skill level to exploitVendor: PhilipsEquipment: Tasy EMRVulnerability: Cross-site Scripting2. RISK EVALUATIONSuccessful exploitation of this vulnerability could impact or compromise patient confidentiality and system integrity.
Man posing as Hollywood superstar scams woman out of a ‘fortune’ (Naked Security) She must have been star-struck, she said, after the fraudster hid behind the Fast & Furious star’s photo and reached out from a fan page.
Schools’ cyber fraud has others on alert (News-Graphic.com ) Crimes like the cyber fraud that struck Scott County Schools for $3.7 million last week, are part of a growing trend of crimes using the internet to target businesses and government agencies, said Scott Hall, executive director of the Georgetown/Scott County Revenue Commission. Hall also assists the FBI as a member of InfraGard, a public-private partnership which focuses specifically on such attacks.
Resilient staff restoring newspaper’s systems following cyber attack (Watertown Daily Times) The recovery from Saturday’s cyberattack is continuing at the Watertown Daily Times.
Security Patches, Mitigations, and Software Updates
Microsoft Adding Office 365 Security and Compliance Capabilities (Redmondmag) Microsoft on Tuesday announced various Office 365 security and compliance improvements, mostly for Microsoft 365 subscribers.
Cyber Trends
Threat Intelligence Firms Look to AI, but Still Require Humans (Dark Reading) Machine learning and artificial intelligence are helping threat-intelligence firms cover a greater area of the darknet, but human analysts will always be necessary, experts say.
Email attacks targeting financial services up 60% - Proofpoint (SecurityBrief) These attacks are socially engineered to target specific people within financial services organisations who can execute requests on the attacker’s behalf.
Social Media Platforms Increasingly Popular With Cybercriminals (Forbes) Social media is increasingly being used to perpetrate fraud against users. People who are active on Facebook, Instagram, and Snapchat are 30% more likely to be victims of fraud due to increased exposure and information sharing.
The Internet Risk Surface Report (RiskRecon) The Internet Risk Surface Report is a new research collaboration between RiskRecon and the Cyentia Institute. As the name implies, the focus of this initiative is to map, measure, and ultimately manage risk associated with the internet facing assets of an enterprise and its 3rd party partners.
Cyber Breach Intensification Provides Backdrop to DefenseStorm Session at NAFCU CEO and Senior Executives Conference (AP NEWS) Cyber breaches are up 50% in 2019, while research predicts a 3-million-person global shortage in qualified cybersecurity talent by the end of the year.
Marketplace
US ‘Undermining Political Independence Of Europe,’ Huawei Says (Eurasia Review) The US campaign against Chinese telecoms manufacturers is undermining the “political independence of Europe” to decide commercial partnerships for itself, Huawe…
Analysis | How Huawei Became a Target for Governments (Washington Post) Huawei Technologies Co., one of China’s most-global companies, is increasingly in the cross-hairs of the U.S. government and its Western allies, just as it’s pushing for a leadership role in the new wireless standard known as 5G.
At F8, Zuckerberg unveils Facebook's new mantra: 'The future is private' (CNET) CEO Mark Zuckerberg extols the virtues of private spaces online.
Facebook relaunch: from shopping on WhatsApp to no more likes on Instagram - all the new features explained
(The Telegraph) Facebook has announced its biggest redesign in a decade as well as a series of new features at F8, the company's annual conference in San Jose, California.
Boston-Based Orchestrated Risk Management Company ZeroNorth Raises $10 Million (Pulse 2.0) Boston-based orchestrated risk management company ZeroNorth announced it raised $10 million in Series A funding led by ClearSky Ventures.
Red Canary raises $34 million to detect and remediate cyber threats (VentureBeat) Red Canary, a startup developing a suite of managed detection and response tools, has raised $34 million in an equity growth round.
ESET Agrees to Furnish Google's Chronicle with Threat Data (Computer Business Review) Bratislava-based security firm ESET has agreed to furnish Alphabet’s new cybersecurity spinoff Chronicle with threat data.
SolarWinds buys Passportal to boost security portfolio (CRN Australia) Buys password management firm to help MSP customers.
Akamai beats revenue estimates on cyber-security strength (Yahoo) Akamai Technologies Inc beat analysts' estimates for first-quarter revenue on Tuesday, powered by demand for its cyber-security services and its traditional business of helping speed up content delivery on the web. Revenue from the security business, which helps data centers operate and deliver
Ken Green Joins Bishop Fox as Vice President of Product Management (Yahoo) Leading security executive will manage technology products for new Managed Security Services business PHOENIX , April 30, 2019 /PRNewswire/ -- Bishop Fox , the largest private professional services firm ...
Products, Services, and Solutions
Verint adds Anomaly Detection to its VoC solutions (Help Net Security) Verint Systems announced the addition of Anomaly Detection as a powerful new capability to its expanding Voice of Customer (VoC) solutions.
Secureworks Launches New Cybersecurity Analytics Application (AiThority) Secureworks, a leading cybersecurity company that keeps organizations safe in the digitally connected world
Nextgen boosts security portfolio with Netskope (New Zealand Reseller News) Nextgen has further bolstered its security portfolio through adding Netskope to the mix, gaining full distribution rights across Australia and New Zealand.
Qualys Releases Innovative Extension to its Groundbreaking Cloud Agent Platform with New Cloud Agent Gateway (CAG) Service (Qualys) Strengthening the company’s groundbreaking Cloud Agent Platform, Qualys’ new high-availability proxy appliances simplify and secure connectivity for large-scale Cloud Agent deployments
Cynash’s SerialTap™ Cybersecurity Sensor Now Commercially Available (PRWeb) Cynash Inc., a leading developer of cybersecurity solutions for critical energy, water, transportation and industrial control systems, announces the commercial
STEALTHbits Launches Free Permissions Auditing Capabilities for Cloud and On-Premises Resources (Yahoo) STEALTHbits’ Access Library Now Available
Agari Helps Protect US Presidential Candidates from Email Attacks (Agari) More than 90% of campaigns do not have email security. We're making our solutions available to every candidate to protect our elections from attack.
Technologies, Techniques, and Standards
Is there such a concept as ‘cyber deterrence?’ (Fifth Domain) Officials and commentators warn cyber should be a component of a larger deterrence strategy.
Securing edge devices – how to keep the crooks out of your network (Naked Security) The Good Guys from the Cyber Threat Alliance just published a report to help you keep the Bad Guys out of your network
Cybersecurity is everyone’s business (IOL Business Report) Everyone from the top down including government, banks, service providers and municipalities are responsible for promoting cybersecurity awareness.
As organizations continue to adopt multicloud strategies, security remains an issue (Help Net Security) 97% of organizations are adopting multicloud strategies for mission-critical apps and nearly 2/3 are using multiple vendors for mission-critical workloads.
CIOs can stay ahead of cyber threats with these practices (ETCIO.com) To ensure safety from cyber threats, CIOs must follow these practices
Securing edge devices – how to keep the crooks out of your network (Naked Security) The Good Guys from the Cyber Threat Alliance just published a report to help you keep the Bad Guys out of your network
Research and Development
Match me if you can: Cryptographic breakthrough helps spies to shake hands (Tech Xplore) When spies meet, they use secret handshakes to confirm their identities, ensuring they are who they say they are. Now, researchers at Stevens Institute of Technology, and colleagues, have solved a 15-year-old problem that allows handshake-style encryption to be used for time-delayed digital communications such as email—a challenge once thought to be impossible.
SwRI develops system to legally test GPS spoofing vulnerabilities in automated vehicles (Southwest Research Institute) SwRI developed an automotive cyber security system to legally test for GPS spoofing vulnerabilities in autonomous vehicles.
Academia
Raytheon launches cyber apprenticeships as part of £2m investment in UK technology education (Business Quarter) Raytheon launched a new cybersecurity apprenticeship programme in the UK in the latest stage of a £2m investment benefitting British technology education.
Legislation, Policy, and Regulation
NSA unmasked more U.S. identities, likely to warn victims of foreign spying, new report suggests (Washington Post) The unmasking process has been a major source of controversy for President Trump, but new figures show the practice increased under his administration.
Privacy Advocates Urge Creation of Data Protection Agency (Decipher) As Congress considers various privacy bills, advocates are pushing for a federal data protection agency to enforce any new law.
UK Government Announces Cyber Security Ambassador (Infosecurity Magazine) UK Government Announces Cyber Security Ambassador. Henry Pearson will try and help UK security firms sell abroad
IoT security crackdown: Stop using default passwords and guarantee updates, tech companies told (ZDNet) Smart device makers will have to keep to these three rules if they want to sell their gadgets.
DHS tells agencies to move faster to fix critical cyber vulnerabilities (Federal News Network) DHS issued a new binding operational directive replacing a 2015 mandate and accelerating the time for agencies to mitigate problems.
DHS Says Federal Agencies Have 15 Days to Fix Critical Flaws (BleepingComputer) The Department of Homeland Security' Cybersecurity and Infrastructure Security Agency issued the Binding Operational Directive 19-02 which requires federal agencies to remediate critical security vulnerabilities within 15 days since the initial detection.
Binding Operational Directive 19-02: Vulnerability Remediation Requirements for Internet-Accessible Systems (Cyber.dhs.gov) This page contains a web-friendly version of the Cybersecurity and Infrastructure Security Agency’s Binding Operational Directive 19-02, “Vulnerability Remediation Requirements for Internet-Accessible Systems”. A binding operational directive is a compulsory direction to federal, executive branch, departments and agencies for purposes of safeguarding federal information and information systems.
Time to Pursue an International Cyber Treaty? (The Nation) The Mueller report findings show a cyber “wild west” is not in the US national interest.
Litigation, Investigation, and Law Enforcement
WikiLeaks Founder Julian Assange Sentenced to 50 Weeks in Jail (Wall Street Journal) WikiLeaks founder Julian Assange has been sentenced to 50 weeks in jail for breaching bail while awaiting extradition to Sweden on sexual assault accusations in 2012.
Facebook under investigation for harvesting 1.5m users’ contact lists (Naked Security) For years, Facebook asked some new users for email passwords, then grabbed their contacts without consent (or any way to stop the process).
Chinese dev jailed and fined for posting DJI's private keys on Github (Register) Hapless soul repents 'unintentionally' sharing drone makers privates in repo
PTAB Says Juniper Patent Challenge Would Be 'Inefficient' (Law360) With Cisco’s challenge to a Finjan patent on cybersecurity technology in its final stages, the Patent Trial and Appeal Board on Monday said starting a new review of the patent based on a request from Juniper Networks would be an “inefficient” use of resources.