Pages

Wednesday, February 13, 2019

Bezos and Hacking


There were rumors. There were suspicions. There were accusations ...
Labor has asked the Speaker of the House of Representatives to consider referring Liberal MP Tim Wilson to Parliament's powerful privileges committee.

The Victorian MP has faced a week of criticism after it was revealed he collaborated with Wilson Asset Management on a campaign against Labor's franking credit policy, failed to declare his investments in funds run by the firm to inquiry hearings, and used the taxpayer-funded probe to help spruik Liberal Party fundraisers.

No thank you, Mr. Pecker Jeff Bezos, Medium (fine word, “legitimate”) and Amazon CEO Jeff Bezos accuses National Enquirer of extortion over intimate photos WaPo.



Bezos’s Wild Days: Lurid Selfies, Blackmail, Amazon Drama in NYC Bloomberg



Is it really a myth that our data isn’t safe?



Vanessa Teague

New legislation aims to expose the communications of serious criminals, but it might undermine our security too.






Wow, where to even begin with this story?


Amazon founder and Washington Post owner Jeff Bezos, in a bombshell blog post on Medium Thursday evening, accused the parent company of the National Enquirer of trying to blackmail him. Wait, it gets even more bizarre.
Bezos claims AMI threatened that the Enquirer would post sexually explicit photos that he had sent to his girlfriend Lauren Sanchez. Bezos said AMI wanted him to halt an investigation into how the Enquirer obtained texts messages he had sent Sanchez.
According to Bezos’ post, AMI also wanted Bezos to publicly deny any political motivation in the Enquirer’s coverage of his divorce to wife, MacKenzie. The Enquirer broke the story last month that Bezos was seeing Sanchez on the same day Bezos and his wife announced they were divorcing.
Bezos’ stunning Thursday night blog post includes what Bezos claims is an email from AMI that goes into explicit detail of at least 10 photos the Enquirer claimed to have. But Bezos said he would not be blackmailed. He wrote:
“Any personal embarrassment AMI could cause me takes a back seat because there’s a much more important matter involved here. If in my position I can’t stand up to this kind of extortion, how many people can?’’
He closed his post by writing:
“Of course I don’t want personal photos published, but I also won’t participate in their well-known practice of blackmail, political favors, political attacks, and corruption. I prefer to stand up, roll this log over and see what crawls out.’’
As CNN’s Brian Stelter pointed out in his newsletter, “The consensus in media and tech circles Thursday night: Bezos did a brave and admirable thing by going public with this. By exposing what he called an ‘extortion’ attempt, he has won a lot of goodwill.”
One of those reactions was Wired editor Nicholas Thompson, who tweeted:
“Amazing that the National Enquirer has been so repulsive that the whole Internet is rooting for a billionaire who got busted for an affair.”






CyberScoop

February 7, 2019

The Department of Homeland Security should assess the security threat posed by foreign VPN applications to U.S. government employees, a bipartisan pair of senators says. Some popular VPN apps send a phone’s web-browsing data to servers in countries interested in targeting federal personnel, raising “the risk that user data will be surveilled by those foreign governments,” Sens. Marco Rubio, R-Fla., and Ron Wyden, D-Ore., wrote in a letter to DHS Thursday. VPN providers promise to obfuscate the physical location of a web browser, but users are generally at the mercy of those companies’ decisions to collect and log data. The senators cite government warnings about products made by Chinese telecommunications companies and Russian antivirus vendor Kaspersky Lab as examples of the surveillance that certain foreign technology can enable. (Kaspersky and Chinese companies Huawei and ZTE have denied those allegations.)



FCW

February 7, 2019

Four senators have reintroduced legislation that would make it easier for cyber specialists in the federal government to detail at other agencies and lend their expertise. The Federal Rotational Cyber Workforce Act was introduced in September 2018 by Sens. Gary Peters (D-Mich.) and John Hoeven (R-N.D.) and referred to the Senate Homeland Security and Governmental Affairs Committee, where it was reported on favorably. Peters is now the ranking Democrat on the committee. Chairman Ron Johnson (R-Wis.) and Sen. Maggie Hassan (D-N.H.) have signed on to the reintroduced bill as cosponsors.



Nextgov

February 6, 2019

As misinformation campaigns and cyberattacks threaten to undermine democracy around the world, lawmakers want the State Department to play a bigger role in helping other countries secure their elections. Sens. Amy Klobuchar, D-Minn., and Dan Sullivan, R-Alaska, on Tuesday reintroduced legislation that would create a program at State to share information about election threats with other countries. Through the Global Electoral Exchange Program, the department would assist allies in adopting best practices around election cybersecurity, transparency and auditing. It would support work to combat misinformation campaigns and end discriminatory voter registration practices. An earlier version of the bill passed the House in September but was never put to a vote in the Senate.



The Hill

February 6, 2019

Congress has a new rising target when it comes to cyber: The Pentagon. The U.S. military last year was given the green light to start offensive cyber operations against foreign adversaries, an area that one new Democratic subcommittee chair says he will keep a close eye on in the coming months. But recent internal reports have pointed to a lack of basic cybersecurity measures within the Department of Defense (DOD) itself, with one DOD report last week finding that the military is “at risk from adversarial cyber operations.” And lawmakers have indicated that they will use this upcoming Congress to look at the Pentagon's cyber preparedness, both in terms of carrying out and fending off cyberattacks. Rep. Jim Langevin (D-R.I.), the chair of the House Armed Services Committee’s intelligence subcommittee, which oversees cybersecurity for the Pentagon, said he is particularly concerned about the offensive cyberattacks that the U.S. could carry out. He said that in the past, the U.S may have been too cautious in conducting cyber operations. But he warned against officials going too far and fast in exercising their newly found authorities and said that he plans to hold hearings on the topic.



ADMINISTRATION



AP

February 8, 2019

A ruling by a federal appeals court in Atlanta clears the way for two lawsuits challenging Georgia's use of paperless electronic voting machines to move forward. The lawsuits, filed by Georgia voters and an election integrity group, seek to bar Georgia from using the machines in future elections. In an opinion Thursday, a three-judge panel of the 11th U.S. Court of Appeals did not rule on the merits of the case but rejected arguments that state officials have immunity from the suits. The lawsuits argue that the touchscreen voting machines Georgia has used since 2002 are vulnerable to hacking and provide no way to confirm that votes have been recorded correctly because there's no paper trail. They sought in motions filed in August to force the state to use paper ballots in the November midterm election. U.S. District Judge Amy Totenberg in September denied those requests, saying she worried it would be too chaotic or problematic to make the switch so close to the election. But she found that the Georgia voters and election integrity advocates who filed the suits had demonstrated "the threat of real harms to their constitutional interests."



BuzzFeed

February 7, 2019

They know that hackers will be back in 2020. They know that presidential campaigns, which initially operate for weeks and months via personal email accounts and shared links to Google Docs before they begin to resemble full-scale political machines, are most vulnerable to the threat in their early stages. And they know that the task ahead of them — ensuring the digital security of a field of Democratic presidential campaigns that will vary wildly in degrees of size, resources, and professional infrastructure — presents an urgent challenge that begins now. Officials at the Democratic National Committee, the arm of the party that oversees the nominating process every four years, believe they have the tools to help candidates guard against the foreign actors that upended the 2016 election. A few simple steps, they say, can instill a strong culture of cybersecurity from the outset. But over the last month, as announcements rolled in from Elizabeth Warren, Julián Castro, and Kamala Harris, DNC officials held off on contacting campaigns directly about their security practices. They’re bound by another concern: avoiding the appearance of partiality.



FCW


An attack by bad guys online and on the ground on a big city's critical infrastructure can straddle jurisdictional lines between local and federal authorities, making coordination among those groups critical but tricky, according to participants in a recent resilience exercise. "We're outgunned when it comes to nation-state cyberattacks" that could target cyber and physical targets at the same time, said Mike Bell, chief technology officer at the Houston Police Department. A drill last July dubbed Jack Voltaic 2.0, demonstrated gaps in operational and legal authorities as well as confusion about first response. "The assumption is that [the Department of Homeland Security] will be there," Bell said at a Feb. 6 AFCEA event devoted to the lessons of the exercise. But that's not entirely the case, City of Houston personnel, regional emergency management officials and the Army Cyber Institute found out during the exercise.



CyberScoop

February 6, 2019

U.S. officials on Wednesday continued to warn industry about the threat posed by Chinese government-backed hackers by detailing how those teams have evolved and urging companies to better secure IT services that can be an avenue for stealing proprietary data. “Their strategies have shifted from labor-intensive, one-off compromises of individual targets to the use of the force-multiplier effects that enable them to compromise multiple targets through a single attack,” Rex Booth, a Department of Homeland Security cyber official, said during a webinar presentation to the private sector. “That shift in strategies increases the risk for all of us.” The public webinar focused on APT10, a group tied to China’s civilian intelligence agency, the Ministry of State Security. Analysts say the MSS has supplanted the People’s Liberation Army to become Beijing’s preferred arm for conducting economic espionage. U.S. officials and security researchers say APT10 has targeted the “managed service providers” that corporations use for IT configuration, exploiting that access to scope the networks of data-rich companies.



FCW

February 5, 2019

The federal government has determined that foreign interference campaigns had no material impact on the outcomes of the 2018 midterm elections. The Departments of Justice and Homeland Security announced Feb. 5 that they have submitted a classified report to President Donald Trump in accordance with an executive order issued last year to root out and investigate foreign interference targeting American elections or campaigns. "Although the specific conclusions within the joint report must remain classified, the Departments have concluded there is no evidence to date that any identified activities of a foreign government or foreign agent had a material impact on the integrity or security of election infrastructure or political [and] campaign infrastructure used in the 2018 midterm elections for the United States Congress," said DOJ in a statement.



FCW

February 5, 2019

tate election officials want Congress to deliver more funding for election security with fewer strings attached. At the Feb. 2 National Association for Secretaries of State annual winter conference, Alabama Secretary of State John Merrill asked authors of the Secure Elections Act to be open to the idea of block granting federal funds for equipment upgrades "through applications from the states who know our states, our counties and our communities best." The House Democratic majority is preparing to vote on H.R. 1, a massive campaign and election reform bill with a number of security-related provisions, including requirements for election equipment vendors. The Republican-controlled Senate is working out final details before reintroducing the Secure Elections Act in the next few weeks. While some state officials, like California Secretary of State Alex Padilla and Colorado Secretary of State Jena Griswold, backed more proscriptive federal efforts, many other state officials echoed Merrill's request.



Federal News Network


The Defense Department is tightening the cybersecurity standards contractors need to meet in order to do business with the Pentagon. DoD released a handful of new guidance and memos over the last three months, giving teeth to rules that require companies to shape up their cybersecurity practices or risk losing business. The policies are based off of a rule DoD tried to implement back in 2013, but realized contractors needed more time to comply. The rule finally took effect at the end of 2017, and companies that want to work with the Pentagon need to make sure they are up to snuff when complying with the National Institute of Standards and Technology Special Publication 800-171. “DoD wants to get everyone to a certain cybersecurity level,” Susan Cassidy, a partner specializing in defense and procurement at Covington and Burling LLP told Federal News Network. “Now they are tightening up and they are going to make it a performance and award differentiator.” The two policies outline what the Pentagon expects from contractors and what consequences there will be for noncompliance.



INDUSTRY



CyberScoop

February 8, 2019

An Apple security update released Thursday includes fixes for three vulnerabilities hackers already have exploited, leaving customers who fail to download the new software unprotected from known threats. The security patch, iOS 12.1.4, squashes the widely-publicized FaceTime bug that allowed attackers to spy on others via audio and video. It also fixes two zero-day vulnerabilities that Ben Hawkes, a researcher on Google’s Project Zero security team, said had been exploited before the update was issued. The bugs, dubbed CVE-2019-7286 and CVE-2019-7287, would have allowed attackers to gain elevated privileges, and execute arbitrary code with kernel privileges, respectively. Few details were immediately available about how and when those bugs were exploited, though prominent experts are encouraging users to update their phone as soon as possible.



Reuters

February 7, 2019

Computer maker Dell Technologies Inc is exploring a sale of SecureWorks Corp, a U.S. provider of cybersecurity services with a market value of close to $2 billion, people familiar with the matter said on Thursday. A sale of SecureWorks, in which Dell holds an 85 percent stake, would allow the latter to trim its $50 billion debt pile, after it decided to become a publicly traded company last year through a complex deal involving its software subsidiary VMware Inc. SecureWorks is working with investment bank Morgan Stanley on a sale process for the entire company that is in its early stages, the sources said, asking not to be identified because the matter is confidential. Dell and SecureWorks declined to comment, while Morgan Stanley did not respond to a request for comment.



ZDNet

February 7, 2019

Security vulnerabilities in some connected video conferencing products could allow hackers to remotely gain control of equipment and use it as a snooping tool. The remote OS command injection vulnerabilities affect four Lifesize enterprise collaboration products - Lifesize Team, Lifesize Room, Lifesize Passport and Lifesize Networker and have been uncovered by researchers at security firm Trustwave. Exploiting the vulnerability requires attackers to gain access to the firmware of Lifesize products, which also requires them to know the serial number of the device. But if this can be obtained, researchers say it's "trivial" to gain control of the device with some software tools and information from the Lifesize support page, which can help provide a backdoor into the device. The devices are also linked to a default support account which come with a default password – something which many users won't have changed, providing attackers with a crucial piece of the puzzle of the compromise.



Bloomberg

February 7, 2019

Cybersecurity has unlocked riches for Ken and Michael Xie. The Chinese-born brothers are now billionaires from their stakes in Fortinet Inc., the Silicon Valley-based network security software firm they co-founded almost two decades ago, according to the Bloomberg Billionaires Index. Spurred by high-profile data breaches and malware attacks, cybersecurity has become a growing priority for companies. Cloud-focused firms including Fortinet and Palo Alto Networks Inc. have benefited as businesses update their computer infrastructures, posing a threat to more established network software providers such as Cisco Systems Inc. and Juniper Networks Inc. Fortinet counts most Fortune 500 companies as its customers, according to its website.



The Hill

February 7, 2019

Microsoft has expanded a program meant to protect political candidates and groups to Canada, the company announced Thursday. AccountGuard, which is included in Microsoft’s Defending Democracy program, is now available to think tanks, political groups and candidates, the president of Microsoft Canada Kevin Peesker wrote in a post. The program offers free cybersecurity protections for users with existing Microsoft Office 365 products, including monitoring for potential hacking attempts by nation-state actors. The service is already offered to similar groups in the United States, the U.K. and Ireland.



Nextgov

February 6, 2019

Digital adversaries are adopting more sophisticated strategies to mask their identities, which could make it harder for the U.S. to attribute cyberattacks to specific groups, according to a recent report. In recent years, the cybersecurity community has found itself vexed by a handful of attacks that couldn’t be easily pinned on a single group, security researchers at Booz Allen Hamilton said in an annual report on cyber trends. The uptick in unidentifiable incidents suggests state-sponsored hacking rings have gotten better at tricking researchers into assigning blame to the wrong group, they said, which would undermine the government’s primary cyber deterrence strategy.



Reuters

February 6, 2019

FireEye Inc forecast a surprise loss for the current-quarter after edging past earnings estimate for the last three months of 2018, sending the cybersecurity firm's shares down 7 percent in extended trading on Wednesday. The company forecast first-quarter billings in the range of $170 million to $180 million, falling short of analysts' expectations of $191.9 million. "We had some significant growovers in Q1 of 2018 with deals greater than $10 million," Chief Financial Officer Frank Verdecanna told Reuters. "If we take this into consideration, we get a more normalized growth rate for Q1 2019." Billings include revenue recognized plus the change in deferred revenue and is an important indicator of the health of a company's business. The Milpitas, California-based company forecast adjusted net loss of 2 cents to 4 cents per share and revenue in a range of $208 million to $212 million for the current quarter.



ZDNet

February 5, 2019

Microsoft said last Fall that it would offer paid Windows 7 Extended Security Updates on a per-device basis for big customers willing to pay for them after the company ends Windows 7 support on January 14, 2020. Microsoft officials wouldn't talk about how much those updates would cost, beyond saying they'd get more expensive over time.  However, Microsoft has briefed some of its partners and salespeople about the cost of these Extended Support Updates (ESUs). And, as you'd expect, they're not cheap, especially for customers who may want to apply them on multiple PCs. They're even more expensive for customers using the Pro version of Windows than the Enterprise one.



Wired

February 5, 2019

Data breaches that compromise people's usernames and passwords have become so common, and used in crime for so long, that millions of stolen credential pairs have actually become practically worthless to criminals, circulating online for free. And that doesn't even begin to scratch the surface of the more current credentials sold on the black market. All of this means that it's increasingly difficult to keep track of which of your passwords you need to change. So Google has devised a Chrome extension to watch your back. On Tuesday, the company is announcing "Password Checkup," which runs in Chrome all the time as you go about your daily web browsing, and checks passwords you enter on all sites against a database of known compromised passwords. Password Checkup isn't a password manager, a gauge of how weak or strong your passwords are, or a source of advice. It just sits quietly until it detects a credential pair that is known to be exposed, and then it shows a warning. That's it.



Nextgov

February 5, 2019

When asked, many government leaders say one of the major impediments to a strong cybersecurity posture in the U.S. is the lack of trained cyber professionals. But at least one former federal cybersecurity leader says this thinking is backward and is doing more damage than the workforce gap itself. Federal agencies are in the midst of tallying up their cybersecurity workforce needs for reports due to the Office of Personnel Management by April. Concerns within government mirror those of the private sector, with reports claiming a shortage of some 3 million needed cyber professionals worldwide, 500,000 in North America alone. That focus puts the onus on users, rather than attacking the source of the problem more globally, according to Steven Chabinsky, a partner at White and Case who formerly served as deputy assistant director of the FBI Cyber Division and as a senior cyber adviser to the director of national intelligence. “That’s like having an arsonist in the neighborhood and saying, ‘We don’t need to get the arsonist, let’s get more firefighters,’” Chabinsky said during a discussion of a tabletop exercise and report from the Foundation for Defending Democracies.



ZDNet

February 4, 2019

US-based casual dining and fast food restaurant chain Huddle House announced late Friday last week a security breach that impacted its point of sale (POS) system. "Criminals compromised a third-party point of sale (POS) vendor's data system and utilized the vendor's assistance tools to gain remote access-and the ability to deploy malware-to some Huddle House corporate and franchisee POS systems," Huddle House said in a security alert listed on its front page. The restaurant chain says it found out about the infection after receiving notifications from a law enforcement agency and a credit card processor. Huddle House notified users right away. An investigation is still ongoing, with the help of third-party forensic experts and federal law enforcement.



INTERNATIONAL



The New York Times

February 8, 2019

In an attempt to push back against attempts to limit its reach in Europe, the Chinese technology giant Huawei threatened legal action against the Czech Republic if its cybersecurity agency did not rescind its warning about the risk the company poses to the nation’s critical infrastructure. As nations across Europe take the first steps to reconfigure the systems that control the internet, Huawei’s threat was the latest salvo in the escalating war over who will control the hardware that will underpin the new 5G, or fifth-generation, networks. For more than a year, the United States has been engaged in a global campaign aimed at limiting the reach of Chinese telecommunication firms, contending that they pose a threat to security. While American officials have not offered specific details to support their concerns, they have pointed to China’s National Intelligence Law, passed in 2017. They say the law requires Chinese companies to support, provide assistance to and cooperate in Beijing’s national intelligence work, wherever they operate. That law was one of the factors that led the Czech cybersecurity agency, Nukib, to issue a formal warning in December about the risk posed by Huawei and another Chinese technology firm, ZTE.



Reuters

February 8, 2019

Germany's federal cybersecurity agency is investigating whether China's Huawei Technologies could be a security threat after warnings from other countries, the Funke group of newspapers reported on Friday, citing Economy Minister Peter Altmaier. The government currently has no own information on whether the Chinese company could be a security threat, Altmaier was quoted as saying, adding that the Federal Office for Information Security (BSI) had been activated. Altmaier told Funke that talks on security standards for the mobile network were ongoing, adding that Germany needed to protect itself "in all sensitive areas, from hospitals to telecommunication." His comments appeared to push back against reports that Berlin had reached a consensus not to exclude Huawei from building next-generation 5G networks, deciding instead to impose tougher compliance rules on foreign vendors.



CBC

February 8, 2019

One of Canada's top cyber security experts says he's been quietly giving the main political parties threat briefings in the lead-up to the upcoming federal election. "It's an ongoing conversation," Scott Jones, head of the Canadian Centre for Cyber Security within the Communications Security Establishment, told CBC News in an interview. "We told them basic cyber security matters. Taking action and thinking about how this could be turned against you is really important." Earlier this week, Canada's chief electoral officer raised concerns about the parties' abilities to protect themselves from cyberattacks. "They don't have access to the resources we have access to," Stephane Perrault told the Canadian Press in an interview.



The New York Times

February 7, 2019

The Australian Parliament said on Friday that hackers had tried to break into its computer network, which includes lawmakers’ email archives, but that so far there were no indications that data had been stolen. “Following a security incident on the parliamentary computing network, a number of measures have been implemented to protect the network and its users,” Parliament’s presiding officers, Tony Smith and Scott Ryan, said in a joint statement. “All users have been required to change their passwords. This has occurred overnight and this morning.” “There is no evidence that any data has been accessed or taken at this time, however this will remain subject to ongoing investigation,” the statement read.



AFP

February 7, 2019

The Swiss government has issued a 150,000 Swiss franc (US$149,790) challenge to online hackers; break into our new generation electronic voting system and we'll reward you. The federal chancellery announced a dummy run election will be held from February 25 to March 24 and invited anyone who wants to display their online piracy talents to sign up at https://onlinevote-pit [dot] ch. They can then "try to manipulate the vote count, to read the votes cast, to violate voting secrecy or to bypass security systems," it said in a statement. The amount of the reward paid out will depend upon the level of intrusion achieved by each hacker. The biggest single prize, 50,000 Swiss francs, will go to anyone who manages to manipulate the vote count without being detected.



Axios

February 7, 2019

Cybersecurity stakeholders are pushing U.S. lawmakers to rescue WHOIS, a tool for identifying internet domain ownership that's been hamstrung by the EU's privacy regulations. WHOIS has been a public address book for domain owners since the earliest days of the internet. A bevy of online investigators — from law enforcement authorities to human rights groups to cybersecurity researchers — have long relied on its data. But the EU's General Data Protection Regulation (GDPR) deems the information in WHOIS to be too personal to share without a thorough consent agreement. GDPR, which turns 1 in May, applies to any company doing business with Europe. Many registrars, the authorities who dole out domains, have responded by simply not providing data to WHOIS.



The Guardian

February 6, 2019

The Chinese technology giant Huawei has said security problems raised in a government report could take between three and five years to resolve. In a letter to Norman Lamb MP, the chairman of the House of Commons science and technology committee, the firm pledged to spend £1.5bn over five years to address security concerns raised last year. However, the Chinese company warned the process could take up to five years to see “tangible results”. “Modern communications networks are complex systems that keep evolving in new and innovative ways. Enhancing our software engineering capabilities is like replacing components on a high-speed train in motion,” Huawei’s carrier business group president, Ryan Ding, said in the letter. “It is a complicated and involved process and will take at least three to five years to see tangible results. We hope the UK government can understand this.”



Gov Info Security

February 6, 2019

An international operation to target users of Webstresser, a notorious stresser/booter service launched in 2015 that allowed customers to launch distributed denial-of-service attacks on demand, is underway and has resulted in arrests, according to Europol, the EU's law enforcement intelligence agency. The police message: Using darknet cybercrime services doesn't guarantee anonymity, even if you pay with bitcoin. Using stresser/booter services is illegal. Nevertheless, Europol said Webstresser boasted 136,000 registered users and had been used to launch more than 4 million attacks against websites - ranging from banks and government agencies to police forces and gaming sites. Webstresser offered subscriptions that started at just $14.99 per month, security experts say. But the site's dominance as the world's biggest stresser/booter service came to an end in April 2018, when six of the site's suspected top administrators were arrested in the United Kingdom, Croatia, Canada and Serbia. Authorities in the Netherlands, Germany and the United States also seized Webstresser's servers, resulting in a full takedown of the service.



CyberScoop

February 6, 2019

Weeks after the Department of Justice announced the indictment of two men linked with a Chinese state-sponsored hacking group, security researchers say they have uncovered a cyber-espionage campaign by the same entity against a European software company, a U.S. law firm, and a global apparel company. Analysts at Recorded Future and Rapid7 tracked the hacking operation between November 2017 and September 2018, and publicly revealed the breaches Wednesday. The researchers assessed with “high confidence” that APT10, a group tied to China’s civilian intelligence agency, was responsible for the hacking, calling the group “the most significant Chinese state-sponsored cyber threat to global corporations known to date.” Only one of the three victims is named: Visma, a billion-dollar Norwegian software company that claims 850,000 customers around the world. The hackers likely breached Visma to gain access to other organizations’ networks, the researchers said, but targeted the law and apparel firms “to gather information for commercial advantage.”



Gov Info Security

February 6, 2019

Eight months after the EU's General Data Protection Regulation came into full effect, European data protection authorities have received more than 59,000 data breach reports, according to the law firm DLA Piper. The firm analyzed data breach reports that have been filed by 23 of the 28 EU member states since GDPR came into full force on May 25, 2018. Counting data breach reports is more difficult than it might seem. At the end of January, for example, the European Commission reported that EU data protection regulators had collectively received 41,502 data breach notifications. But that was based on voluntary data contributions from only 21 EU member states. Some of the reported breaches also occurred entirely before GDPR came into effect, meaning old data protection laws apply.



NPR

February 5, 2019

In May 2014, then-Attorney General Eric Holder announced charges against five members of the Chinese military. They'd allegedly hacked the computer networks of American companies and stolen everything from intellectual property and trade secrets to the firms' litigation strategies. The indictment was the first brought by the United States publicly against state-sponsored hackers for cybercrimes targeting U.S. firms. In the nearly five years since then, the Justice Department has unveiled one China-related hacking indictment after another, including cases against at least a dozen individuals and companies last year alone. But China's rampant cybertheft has not stopped, officials say. Most of the defendants, meanwhile, remain in China and are unlikely to ever see the inside of a U.S. courtroom. That's fueling questions about whether the strategy of indicting suspected Chinese hackers is a failure.



The Jerusalem Post

February 5, 2019

Terrorists are trying to use cyber operations to impact Israeli April 9 elections, says a report by the Herzliya-based International Institute of Counter-Terrorism (ICT) obtained exclusively by The Jerusalem Post. The report surveys a range of current and recent cyber attacks by Hamas, Hezbollah, ISIS and most importantly Iran, in terms of their potential impact on Israeli elections going forward. Since Hamas “hunted” young Israeli soldiers on social media and through WhatsApp in 2017 and July 2018 to reveal their personal details and collect information, the report says that the groups have only advanced. Hezbollah’s capabilities on social media and in “hard target” hacking of actual hardware or infrastructure is only more advanced. Last month, the report said that a “bot” associated with ISIS posted on Telegram to rally and recruit fellow cyber hackers for its various online campaigns, whether against Israel or others.



Reuters

February 5, 2019

Lithuania's intelligence agencies fear Russia will interfere in its forthcoming elections, including one in May to find a successor to the staunchly anti-Kremlin president, Dalia Grybauskaite. The Baltic state, ruled from Moscow for much of the 20th century but now a member of both the European Union and NATO, was rattled by Russia's annexation of Crimea, and hosts a German-led multinational battalion to deter any Russian invasion. It holds presidential, municipal and European Parliament elections this year and a parliamentary election in 2020. "Russian intelligence will step up its activity during the 2019-2020 election cycle," the agencies wrote in a joint annual assessment published on Tuesday. "It is possible that Russia will seek to sway the course of the elections by information and cyber means."



TECHNOLOGY



Ars Technica

February 6, 2019

LibreOffice, an open source clone of Microsoft Office, has patched a bug that allowed attackers to execute commands of their choosing on vulnerable computers. A similar flaw in Apache OpenOffice remains unfixed. Austrian researcher Alex Inführ publicly reported the vulnerability on Friday, shortly after it was fixed in LibreOffice. His disclosure included a proof-of-concept exploit that successfully executed commands on computers running what was then a fully patched version of LibreOffice. The only interaction that was required was that the target user hover over an invisible link with a mouse. On Wednesday, researcher John Lambert provided additional PoC samples.