A Review of the Best News of the Week on Cyber Threats & Defense

How Microsoft’s Windows Red Team Keeps PCs Safe (Wired, Jun 10 2018)
Microsoft’s Windows red team probes and prods the world’s biggest operating system through the eyes of an adversary.

China hacked a Navy contractor and secured a trove of highly sensitive data on submarine warfare (Washington Post, Jun 08 2018)
The stolen material included secret plans to develop a supersonic anti-ship missile for use on U.S. submarines by 2020, according to officials.

Router Vulnerability and the VPNFilter Botnet (Schneier on Security, Jun 11 2018)
On May 25, the FBI asked us all to reboot our routers. The story behind this request is one of sophisticated malware and unsophisticated home-network security, and it’s a harbinger of the sorts of pervasive threats ­ from nation-states, criminals and hackers ­ that we should expect in coming years.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

Researcher Succesfully Hacked In-Flight Airplanes – From the Ground (Dark Reading, Jun 05 2018)
IOActive researcher will demonstrate at Black Hat USA how satellite equipment can be ‘weaponized.’

Verizon Looks to Accelerate Threat Detection With New Service (eWEEK, Jun 07 2018)
Verizon is making threat intelligence from its own network and security operations available via a new Threat Intelligence Platform service that integrates with the Anomali Threat Platform.

DHS documents ‘only a matter of time’ until airline hack (SC Magazine, Jun 07 2018)
The statement came from a Department of Energy government research laboratory focusing on the lab’s findings around aviation cybersecurity and was included in government internal presentations and risk assessments.

Bad .Men at .Work. Please Don’t .Click (Krebs on Security, Jun 11 2018)
Web site names ending in new top-level domains (TLDs) like .men, .work and .click are some of the riskiest and spammy-est on the Internet, according to experts who track such concentrations of badness online.

EFAIL’ Is Why We Can’t Have Golden Keys (Dark Reading, Jun 05 2018)
A deep dive into the issues surrounding an HTML email attack.

Side-Channel Attacks & the Importance of Hardware-Based Security (Dark Reading, Jun 07 2018)
Reliably evaluating the security of modern infrastructure requires a solid understanding of the hardware supporting it.

New Backdoor Based on HackingTeam’s Surveillance Tool (SecurityWeek, Jun 04 2018)
A recently discovered backdoor built by the Iron cybercrime group is based on the leaked source code of Remote Control System (RCS), HackingTeam’s infamous surveillance tool, security firm Intezer reports.

Sophisticated keyloggers target the finance industry (Help Net Security, Jun 06 2018)
Lastline found three separate strains of keylogger malware that are currently targeting finance.

InvisiMole cyber espionage malware detailed (SC Magazine, Jun 07 2018)
A rarely used, but very powerful cyberespionage malware with the ability to install backdoors, remotely execute code and grab sound and audio from the affected device has been discovered and analyzed by ESET researchers.

Threat Landscape: Dark Reading Caption Contest Winners (Dark Reading, Jun 11 2018)
Among the 90 entries to Dark Reading’s latest cartoon caption contest. The hysterical submissions kept our editorial team smiling for days. Here are the results:

Cisco Continues to Advance Snort 3 Network Security Development (eWEEK, Jun 08 2018)
The open-source Snort intrusion detection and prevention system (IPS/IDS) is gearing up for a major update that will influence the future of Cisco’s next generation security appliances.

Wi-Fi phishing attacks discovered around Atlanta City Hall (Help Net Security, Jun 08 2018)
As Atlanta continues to fully recover from March’s ransomware attack, new evidence discovered today by Coronet reveals hundreds of active Wi-Fi phishing attacks currently ongoing both inside of and in close proximity to Atlanta City Hall.

Uptick in Threats to Job Sites, Recruitment Portals (Infosecurity Magazine, Jun 08 2018)
Cyber-criminals in in the deep and dark webs target job seekers and recruiters.

Hackers using Excel IQY files to dodge antivirus and download malware (SC Magazine, Jun 08 2018)
Security researchers have discovered a new spam email campaign using a novel approach to infect victims. Users tricked into downloading and executing malicious script via Excel.