This Week in Cybersec Headlines, 26 JAN 2018
By MDL on January 26, 2018
of Hawaii Data Breach Affects 2,400, CSCC article
Russian government inspected source code for Symantec, McAfee, other software used US government
Reuters, Tech firms let Russia probe software widely used by U.S. government
“Major global technology providers SAP (SAPG.DE), Symantec (SYMC.O) and McAfee have allowed Russian authorities to hunt for vulnerabilities in software deeply embedded across the U.S. government, a Reuters investigation has found.”
SC Media, Global tech firms let Russian defense agency peek into source code to search for flaws
“To do business with Russia, U.S. tech companies often must obtain certification from the country’s Federal Service for Technical and Export Control (FSTEC), the FSB, the Russian intelligence agency, and other agencies.”
RATANKA, North Korea-Linked Lazarus Targets Cryptocurencies
Trend Micro, Lazarus Campaign Targeting Cryptocurrencies Reveals Remote Controller Tool, an Evolved RATANKBA, and More
“The malware known as RATANKBA is just one of the weapons in Lazarus’ arsenal. This malicious software, which could have been active since late 2016, was used in a recent campaign targeting financial institutions using watering hole attacks.”
Security Week, North Korea-linked Lazarus Hackers Update Arsenal of Hacking Tools
Dutch Intelligence Service Spied into Cozy Bear’s Networks During the 2016 US Elections
Volkskrant.nl, Dutch agencies provide crucial intel about Russia’s interference in US-elections
“Hackers from the Dutch intelligence service AIVD have provided the FBI with crucial information about Russian interference with the American elections. For years, AIVD had access to the infamous Russian hacker group Cozy Bear.”
FinFisher Cracked?
SC Media, Elusive FinFisher spyware can finally be cracked, researchers believe
ESET, We Live Security blog, ESET’s guide makes it possible to peek into FinFisher
Maersk chair describes NotPetya Aftermath
The Register, IT ‘heroes’ saved Maersk from NotPetya with ten-day reinstallation bliz
“Speaking on a panel at the World Economic Forum this week, Møller-Maersk chair Jim Hagemann Snabe detailed the awful toll of the ransomware epidemic as necessitating the reinstall ‘4,000 new servers, 45,000 new PCs, and 2,500 applications’… ‘And that was done in a heroic effort over ten days,’ he said.”
Social Media and Foreign Interference
Twitter, Update on Twitter’s Review of the 2016 U.S. Election
“As previously announced, we identified and suspended a number of accounts that were potentially connected to a propaganda effort by a Russian government-linked organization known as the Internet Research Agency (IRA).” “In total, during the time period we investigated, the 3,814 identified IRA-linked accounts posted 175,993 Tweets, approximately 8.4% of which were election-related.”
Reuters. Facebook: Russian agents created 129 U.S. election events
“Facebook Inc said Russian agents created 129 events on the social media network during the 2016 U.S. election campaign, according to testimony to Congress”
Washington Post, Russians got tens of thousands of Americans to RSVP for their phony political events on Facebook
Washington Post, Twitter to tell 677,000 users they were had by the Russians. Some signs show the problem continues
“Twitter says it will notify nearly 700,000 users who interacted with accounts the company has identified as potential pieces of a propaganda effort by the Russian government during the 2016 presidential election.”
In Other News
Dark Reading, Industrial Safety Systems in the Bullseye
Triton/TRISIS article
Infosecurity Magazine, Mastercard to Implement Biometrics for In-Store Card Payments
“The financial giant said that all consumers will be able to identify themselves with biometrics such as fingerprints or facial recognition whenever they pay in stores with Mastercard.”
Infosecurity Magazine, High-Profile Twitter Accounts Hit by Turkish Propaganda Campaign
CyberScoop, New global cybersecurity center announced at Davos
“The World Economic Forum announced plans Wednesday to launch a new coordinating group to counter emerging cybersecurity threats and help connect leaders from business and government to collaborate on various security issues as well as share best practices.Named the “Global Centre for Cybersecurity,” the loosely defined, Geneva-based organization will act as a sort of independent, multinational cyberthreat information sharing platform for companies to improve digital security writ [sic] large”
-
This Week in CyberSec Headlines, 21 May 2018
This Week in CyberSec Headlines, 21 May 2018
6/22/2018 -
This Week in CyberSec Headlines, 02 March 2018
This Week in CyberSec Headlines, 02 March 2018
3/2/2018 -
This Week in CyberSec Headlines. 09 FEB 2018
This Week in CyberSec Headlines. 09 FEB 2018
2/9/2018