Cyber Attacks, Threats, and Vulnerabilities
'Cyberspace eases jihadists' evil acts' (NST Online) The advent of cyberspace had facilitated militant groups in carrying out dastardly acts.
Middle East-linked hacking group is working hard to mask its moves (CyberScoop) Some of the code the group has used in its attacks is the same as that used by a group known as MuddyWater, according to Cisco's Talos team.
MuddyWater Hacking Group Upgrades Arsenal to Avoid Detection (BleepingComputer) The MuddyWater threat group has been updating its tactics, techniques, and procedures (TTPs) to include a number of new anti-detection techniques designed to provide remote access to compromised systems while evading detection as part of a new campaign dubbed BlackWater.
Recent MuddyWater-associated BlackWater campaign shows signs of new anti-detection techniques (Cisco Talos) A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Millions of Instagram influencers had their private contact data scraped and exposed (TechCrunch) A massive database containing contact information of millions of Instagram influencers, celebrities and brand accounts has been found online. The database, hosted by Amazon Web Services, was left exposed and without a password allowing anyone to look inside. At the time of writing, the database had…
ZombieLoad: How Intel’s Latest Side Channel Bug Was Discovered and Disclosed (Threatpost) Daniel Gruss, the researcher behind Spectre, Meltdown – and most recently, ZombieLoad – Intel CPU side channel attacks, gives an inside look into how he discovered the flaws.
A Huge Chinese Video App Is Charging People, Draining Batteries, And Exposing Data Without Their Knowledge (BuzzFeed News) VidMate told BuzzFeed News it was investigating the claims, but declined to share basic information about its employees and ownership.
Brave browser concerned that Client Hints could be abused for tracking (Naked Security) Privacy-focused browser Brave has criticised an industry proposal it says would make browser fingerprinting easier.
TeamViewer Confirms It Was Hacked in 2016 (SecurityWeek) TeamViewer confirms it was hacked in 2016 -- likely by Chinese cyberspies -- but the company decided not to make the breach public as it found no evidence that it affected users.
Teamviewer: Wie Hacker das deutsche Vorzeige-Start-up ausspionierten (Spiegel) Die deutsche Tech-Firma Teamviewer wurde Opfer einer Cyberattacke, wohl im Auftrag Chinas. Warum hat das Unternehmen seine Kunden nicht informiert?
Google research: Most hacker-for-hire services are frauds (ZDNet) Survey of 27 hacker-for-hire services found that only five launched attacks against victims.
Citing data security concerns, DHS warns industry of Chinese-made drones (CyberScoop) The Department of Homeland Security is warning companies that their data may be at risk if they use commercial drones manufactured in China.
U.S. Census Vulnerable to Russian Meddling, Top Official Warns (Bloomberg) ‘We are very concerned,’ senior official tells Fed conference. Planning to prevent an outside attack remains secret, he says.
Analysis | The Cybersecurity 202: The DNC and RNC are still vulnerable to hackers, new report finds (Washington Post) It's a stark warning about political groups' cyber insecurity heading into 2020.
Root account misconfigurations found in 20% of top 1,000 Docker containers (ZDNet) Issue similar to Alpine Linux's CVE-2019-5021 impacts 194 other Docker images.
Thanks to Facebook, Your Cellphone Company Is Watching You More Closely Than Ever (The Intercept) Legal experts believe Facebook profiling may run afoul of federal law on credit checks.
Vulnerability Summary for the Week of May 13, 2019 (US-CERT) The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
DHS Highlights Common Security Oversights by Office 365 Customers (SecurityWeek) As organizations migrate to Microsoft Office 365 and other cloud services, many fail to use proper configurations that ensure good security practices.
Baltimore ransomware nightmare could last weeks more, with big consequences (Ars Technica) Houses can't be sold, bills can't be paid while city networks are shuttered.
Hackers can steal your identity and bank details from a coffee machine! (CISO MAG) Steckler stated that cybercriminals can make use of potential vulnerabilities in the Internet of Things (IoT) devices and compromise them to steal their owner's sensitive details.
Grandma says pornography has hijacked her DirecTV account (KSDK) "I'm watching TV, and all of a sudden there's a scene change and there's naked people. There were naked ladies wrestling and then there was a naked man and woman exposing themselves."
Mother's Day Online Shoppers Were Active, and So Were Threat Actors (Akamai) Mother's Day is a major online shopping event that attracts both shoppers as well as threat actors. Earlier in the year, we reported on the United Kingdom's version, called Mothering Sunday....
Security Patches, Mitigations, and Software Updates
Microsoft Releases Security Update for Remote Desktop Services Vulnerability (ICS-CERT) Microsoft has released security updates to address a remote code execution vulnerability (CVE-2019-0708) in Remote Desktop Services on the following operating systems:
Sophos tells users to roll back Microsoft's Patch Tuesday run if they want PC to boot (Register) Yes, the one with the critical security fixes
Cyber Trends
2019 State of Enterprise Secure Access (Pulse Secure) IT is more complex than ever today as organizations accelerate digital transformation and broadly adopt public and private cloud infrastructure.
'Why do we need to wait for people to be hurt?' Medical cyber attacks soar 1400% (SFGate) Strapped to a stretcher, surrounded by medics, nurses and doctors, a middle-aged man was about to play patient zero in what America's health care industry fears could be the next major pandemic: "cybergeddon."
As Cyberattacks Rise, U.S. Business Readiness Falls (The National Law Review) Two recent reports reflect that cyberattacks and resulting data breaches continue to threaten U.S. companies and public entities. The Hiscox Cyber Readiness Report (April 23, 2019), compiled
Marketplace
Huawei ban: Don’t underestimate us, firm’s chief warns after Google curbs (Times) Millions of Britons could be at greater risk from hackers after Google announced that it was cutting services to Huawei smartphones to comply with an order from President Trump. The US technology...
Huawei responds to Android ban with service and security guarantees, but its future is unclear (TechCrunch) Huawei has finally gone on the record about a ban on its use of Android, but the company’s long-term strategy on mobile still remains unclear. In an effort to appease its worried customer base, the embattled Chinese company said today that it will continue to provide security updates and afte…
Millions of UK smartphones rendered dumb as Google pulls Android services from Huawei (The Telegraph) Millions of smartphones will become 'dumbphones' in the UK after Google vowed to stop working with Huawei in the latest twist to the US-China trade war.
U.S. Plans Temporary Exemptions to Huawei Blacklist (Wall Street Journal) U.S. officials said they would grant a handful of temporary exceptions to an export blacklist against Huawei Technologies Co., giving suppliers and customers of China’s telecom giant a 90-day reprieve from tough trade penalties.
Blacklisting Huawei from Android upgrades will end up hurting Google (New Scientist) Huawei may end up making its own operating system, after Donald Trump put the company on a blacklist forcing Google to revoke its Android licence
AP Explains: US sanctions on Huawei bite, but who gets hurt? (Washington Post) AP Explains: US sanctions on Huawei bite, but who gets hurt?
F5 Networks expert on fantastic (ethical) hackers and where to find them (Intelligent CIO Middle East) Tabrez Surve, Regional Director – Gulf, Levant and Turkey, F5 Networks, discusses how ethical hackers could be the missing puzzle piece for cybersecurity teams. Data breaches and cyberattacks are …
KnowBe4 Acquires CLTRe; Shines Spotlight on Security Culture Measurement (KnowBe4) KnowBe4 Acquires CLTRe; Shines Spotlight on Security Culture Measurement
Identity platform provider Auth0 raises $103 million at a valuation of $1 billion (VentureBeat) Bellevue, Washington-based Auth0, which developers a cloud-based identity authentication platform, has raised $103 million at a valuation of $1 billion.
Bitglass Strengthens Leadership Team with New Vice President of Worldwide Channels and Vice President of Worldwide Business Development (BusinessWire) Bitglass, the Next-Gen CASB, today announced the appointments of Jon Peppler as Vice President of Worldwide Channels and Benjamin Rice as Vice Preside
Products, Services, and Solutions
ExpressVPN Launches an Industry-First TrustedServer Technology (PRWeb) ExpressVPN, a top-ranked VPN provider, today announced their industry-first TrustedServer technology, which completely re-imagines server administation...
Data Vault Alliance Launches to Unite Global Community of Data Vault Experts, Vendors and Practitioners (WRCB TV) Today, at the World Wide Data Vault Consortium, Dan Linstedt, inventor of Data Vault 2.0 and renowned expert in data warehousing and BI implementation launched the Data Vault Alliance, a new global community which seeks to...
Lattice’s New MachX03D FPGA Enhances Security with Hardware Root-of-Trust Capabilities (SYS-CON Media) Lattice Semiconductor Corporation (NASDAQ: LSCC), the low power programmable leader, today announced the MachXO3D™ FPGA for securing systems against a variety of threats
Crossword Cybersecurity Consulting unit launches new information security product (Proactiveinvestors UK) "We are delighted to have launched our virtual CISO service with a three-year contract, Crossword's largest value contract to date,” said Stuart Jubb, managing director of the unit
TrapX Security Launches an Army of Artificial Users to Expose Cyber Attackers (Yahoo) The latest version of DeceptionGrid 6.3, enables unpreceded visibility of attacks against devices and users SAN JOSE, California , May 20, 2019 /PRNewswire/ — TrapX Security ®, the global leader in cyber ...
Firefox Lockwise Aims to Revamp Browser Password Management (BleepingComputer) Mozilla is rebranding their LockBox password management service as Lockwise and getting ready to start a trial for the desktop versions of Firefox.
Cubic to Showcase Industry-leading Expeditionary C4ISR Solutions at Special Operations Forces Industry Conference (PR Newswire) Cubic Corporation (NYSE: CUB) today announced that its Cubic Mission Solutions (CMS) business division will demonstrate ...
The CyberWire's Hacking Humans podcast renewed for a second season (PR Newswire) During the inaugural live episode of the Hacking Humans Podcast May 9th at KB4-CON 2019 in Orlando, the CyberWire...
Technologies, Techniques, and Standards
Appealing for collaboration, DHS nudges ICS companies toward a more 'proactive' defense - CyberScoop (CyberScoop) With the private industrial cybersecurity market thriving, the Department of Homeland Security is continuing to push for closer coordination with experts on the front lines of defending facilities like power plants from hackers. In speeches last week to vendors, security researchers, and state officials, DHS personnel said they wanted to help put companies on a more proactive defensive posture to thwart hacking threats to industrial environments. The department has been working with ICS vendors to test security products before they go to market, but more needs to be done, Jeanette Manfra, assistant director for cybersecurity at DHS’s Cybersecurity and Infrastructure Security Agency, said last Wednesday at Hack the Capitol, an ICS security conference in Washington, D.C. “In this space, unlike really, frankly, any other, we have got to have much more capability to prevent the attacks from happening before they get in there – or at least detect them quickly so …
Current and future tips for Huawei Users (Avira Blog) Trade issues have shut out Huawei users from Google updates. While they can still use Google services, the lack of updates is a serious longterm issue.
How to Evaluate Threat Intelligence Vendors That Cover the Deep & Dark Web (SecurityWeek) Because all dark web sites are technically deep web sites but not vice versa, it’s also important to ensure a vendor covers not just dark web sources—but also deep web sources that fall outside the dark web.
How to check if my computer has a virus: Top 10 symptoms of malware infection | Emsisoft | Security Blog (Emsisoft | Security Blog) Is your PC showing signs of a computer virus? Here are the 10 most common symptoms of malware and how you can keep your PC clean from future malware infections.
How security leaders can minimize human error (Fifth Domain) Hackers aren’t doing technical gymnastics to navigate through agency firewalls or network defenses. Instead, they’re favoring some particularly vulnerable targets: employees.
Emsisoft releases a free decrypter for JSWorm 2.0 Ransomware | Emsisoft | Security Blog (Emsisoft | Security Blog) Our malware research team just released a decrypter for the new ransomware we nicknamed JSWorm 2.0. JSWorm 2.0 is written in C++ and uses Blowfish encryption. We call it “2.0” because there was another C# ransomware that used the “.JSWORM” extension. Some strings also suggest this ransomware may be from the same author. Notable callouts …
Could behavioural analytics have stopped the Binance crypto hack? (iTWire) A recent, sophisticated attack on the popular Binance cryptocurrency trading platform saw users’ accounts compromised and simultaneous withdrawals mad...
Design and Innovation
Xbox chief Phil Spencer outlines plans for fighting toxicity in gaming (The Verge) Spencer says Microsoft is treating safety as a paramount issue for the industry.
Research and Development
Evaluating Login Challenges as a Defense Against Account Takeover (IW3C2) In this paper, we study the efficacy of login challenges at preventing account takeover, as well as evaluate the amount of friction these challenges create for normal users.
You `Might' Be Affected: An Empirical Analysis of Readability and Usability Issues in Data Breach Notifications (Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems) Data breaches place affected individuals at significant risk of identity theft. Yet, prior studies have shown that many consumers do not take protective actions after receiving a data breach notification from a company
Academia
University of Central Florida's cyber defense team competing in national competition (WOFL) The University of Central Florida’s Cyber Defense Competition Team is competing against 10 universities across the country in the 2019 National Collegiate Cyber Defense Competition.
Legislation, Policy, and Regulation
Cyber attacks are rewriting the 'rules' of modern warfare -- and we aren't prepared for the consequences (GCN) The inevitable blending of traditional warfare and cyber warfare will pose intellectual and regulatory challenges that will get more complicated as technology develops.
Huawei ban sparks fears of technology Cold War (Times) Tens of billions of dollars have been wiped off the value of some of Silicon Valley’s biggest players over fears that a technology Cold War is breaking out between the two economic superpowers.
Lawmakers applaud Google for revoking Huawei’s Android license (The Verge) ‘Huawei and ZTE pose a threat to our privacy and national security,’ Sen. Van Hollen said
Huawei 5G in Europe and Beyond (Carnegie Endowment for International Peace) In the past five years, there have been growing cybersecurity concerns about the Chinese company Huawei’s involvement in the deployment of 5G across the world. This timeline shows over 100 events related to Huawei and 5G in the EU and NATO member states, as well as Australia, Japan, New Zealand, the Philippines, and South Korea.
Europe was worried Russia would mess with its elections. Now it has other fears. (Washington Post) Domestic disinformation and U.S. money are raising alarms.
Sajid Javid prepares to clamp down on spies with new treason laws (Times) Hostile state actors including spies are to be targeted under Home Office plans to update espionage and treason laws, the home secretary announced. Sajid Javid said that he is planning a new...
U.S. Slows Hiring of Chinese Nationals by Chip Makers (Wall Street Journal) The U.S. has sharply slowed approvals for the nation’s semiconductor companies to hire Chinese nationals for advanced engineering jobs, limiting access to talent.
Do not underestimate the depth of US concern over Huawei (The Telegraph) There is a mistaken impression concerning the US national security policy-making process that says somehow our government is not serious because decision-making in the Trump administration can be capricious and arbitrary.
Lack of Secure Coding Called a National Security Threat (InfoRisk Today) The lack of secure coding is a pervasive and serious threat to national security, according to a new paper from the Institute for Critical Infrastructure
DOJ Leans Against Approving T-Mobile’s Takeover of Sprint (Bloomberg) Carriers’ concessions don’t resolve DOJ’s competition concerns. Antitrust officials consider different standard than FCC.
Bipartisan group of lawmakers seeks restraints on export of surveillance tools (Washington Post) The request follows media reports indicating some companies may be providing powerful capabilities to foreign governments that in turn are using them to surveil journalists, political dissidents and U.S. citizens.
U.S. lawmakers call on spy chief to rein in spread of hacking tools (Yahoo News) The effort, led by Democratic Representative Tom Malinowski, is the second request in the last week asking the State Department to provide information about its approval process for U.S. companies that sell offensive cyber capabilities and other surveillance services to foreign governments. The letter
How government can finally move beyond the OPM data breach (Fifth Domain) One of the largest cyberattacks in U.S. government history, the Office of Personnel Management hack prompted the government to look at the root cause of the incident. Where should public agencies continue to focus to make sure they are protected from cyberthreats?
CCPA Amendments: Expanded Private Right of Action Blocked; Exclusion of HR Data Advances (Cooley) A number of bills seeking to amend the California Consumer Privacy Act of 2018 (CCPA) have been introduced this year, none more closely watched than SB 561, which would have extended the private ri…
Bills aim to protect Louisiana from cyber attacks (The Advertiser) The bills passed without objection and now move to the House floor.
Litigation, Investigation, and Law Enforcement
NZ mosque attacker charged with terrorism (BBC News) Christchurch mosque attacker Brenton Tarrant is formally charged with terrorism for the March killings.
Battle breaks out for WikiLeaks founder Assange’s computers (Washington Post) With Julian Assange locked away in a London jail, a new battle has broken out over what may contain some of the WikiLeaks founder’s biggest secrets: his computers
Trey Gowdy: FBI withheld 'game changer' transcript material from FISA Court (Washington Examiner) Former Rep. Trey Gowdy, R-S.C., says there are unreleased transcripts of recorded conversations between FBI informants and former Trump campaign associate George Papadopoulos that “has the potential to be a game changer.”
CEO told to hand back 757,000 fraudulently obtained IP addresses (Naked Security) A company accused of fraudulently obtaining 757,000 IPv4 addresses has been ordered to hand them back.
'Organized crime' behind TrickBot cyberattack on Coventry schools, says FBI (Akron Beacon Journal) A cyberattack that closed Coventry Local Schools on Monday and compromised the district’s computer system has drawn the attention of the FBI,
Cybersecurity Co. Sued Over Jacobs' Planned $815M Deal (Law360) A stockholder hit KeyW with a proposed class action in Maryland federal court Friday, alleging that the cybersecurity firm failed to disclose key details about its planned $815 million acquisition by Texas-based Jacobs Engineering.