Kaspersky counts costs. Another big WordPress vulnerability.


Not rendering correctly? View this email as a web page here.

 
Image
 
 
Facebook
 
Twitter
 
YouTube
 

WEDNESDAY

February 20, 2019

Election season means Fancy Bear hackers are as busy as ever. Kaspersky reveals the cost of the U.S. government scrutiny. And a bug bounty researcher gets into trouble. This is CyberScoop for Wednesday, February 20. 

 
OH, YOU FANCY, HUH? Infamous Russian hacking group Fancy Bear is at it again, this time targeting democracy-focused think tanks in Europe ahead of big parliamentary elections in May, Microsoft warned late Tuesday. “Many organizations essential to democracy do not have the resources or expertise to defend themselves against cyberattacks,” the tech giant said. Microsoft said that from September to December, it detected attempted hacks on 104 accounts belonging to employees of the German Marshall Fund, Aspen Institutes in Europe, and German Council on Foreign Relations. Two of the organizations contacted by CyberScoop said the efforts to breach their think tank was unsuccessful. Sean Lyngaas has the story. 

KASPERSKY CHALLENGES GET COSTLY: Global revenue for Moscow-based cybersecurity vendor Kaspersky Lab increased by 4 percent last year despite sales in North America falling by 25 percent, the company said. The privately-owned Kaspersky reported an unaudited revenue of $726 million in 2018, thanks mostly to 27 percent growth in the Middle East, Turkey and Africa. Kaspersky also reported 55 percent growth in non-endpoint products and services. But the company also acknowledged that “the challenging geopolitical situation resulted in an overall slowdown in the North American market,” where sales fell by a quarter. Kaspersky’s sales announcement offers a glimpse at how scrutiny from the U.S. government has affected the company. President Trump in 2017 signed legislation prohibiting the use of Kaspersky software on computers and devices on military and civilian networks. Jeff Stone has the report.

 

ANNOUNCING DC CLOUDWEEK

Building on the success of CyberWeek, FedScoop presents DC CloudWeek, a SXSW-style, citywide festival bringing together thousands of government and tech leaders from around the nation to share how the cloud is transforming government, academia, nonprofits and the private sector. The festival consists of dozens of community events, conferences and parties. JOIN US.

 

NO LONGER PART OF THE CROWD: A security researcher who found an old bug in the LastPass password manager was kicked off the Bugcrowd platform for breaching its terms of service when he talked to a reporter. The researcher, Adrian Bednarek, told CyberScoop he wants to be reinstated and to help improve Bugcrowd’s terms of service, which he described as overly broad. “I think some information can get lost in the whole process of using a third-party platform” for reporting vulnerabilities, Bednarek said. Bugcrowd, a widely-used clearinghouse for reporting software flaws, said it was open to feedback and to considering reinstating Bednarek. Sean has more

OH, Y’KNOW, JUST MILLIONS OF WEBSITES: Germany-based RIPS Technologies helped WordPress plug a big hole that allows for malicious script to be inserted into the popular publishing software’s image database. Websites running any WordPress version prior to 4.9.9 are vulnerable, RIPS said, and the flaw has existed for about six years. Yes, six. “An attacker who gains access to an account with at least author privileges on a target WordPress site can execute arbitrary PHP code on the underlying server, leading to a full remote takeover,” RIPS researcher Simon Scannell wrote in a blog post. The vulnerability is also potentially exploitable through third-party WordPress plugins, RIPS said. Joe Warminsky has more

 

ANNOUNCING DC CLOUDWEEK

Building on the success of CyberWeek, FedScoop presents DC CloudWeek, a SXSW-style, citywide festival bringing together thousands of government and tech leaders from around the nation to share how the cloud is transforming government, academia, nonprofits and the private sector. The festival consists of dozens of community events, conferences and parties. JOIN US.

 

HEY, I THOUGHT WE WERE FRIENDS: One of the United States’ biggest cyber adversaries has been targeting another, according to new research. Security vendor Check Point Technologies on Tuesday published findings in which its researchers “were observing what seemed to be a coordinated North Korean attack against Russian entities.” The company cautions that it’s “problematic” to definitively pinpoint who’s responsible for such an attack, though “analysis reveals intrinsic connections to the tactics, techniques and tools used by the North Korean APT group[.] "Lazarus has been blamed for highly publicized attacks on Sony Pictures, the Bangladesh Bank heist, and could be a key part of North Korean efforts to evade international sanctions by pursuing international espionage. The suspicious activity in this attack occurred “over the past few weeks,” the company said. Jeff has the details.

FOLLOWING THE MONEY: The 2016 cyberattack on the Bank of Bangladesh, in which $81 million was stolen, was allegedly carried out by a group of North Korean hackers known for digital cunning. However, a timeline released Wednesday by George Washington University’s National Security Archive shows how the hackers used low-tech means to launder the money. “Given the multitude of cyber-enabled money laundering techniques available, including cryptocurrencies and online game economies ... the comparatively analogue manner in which the spoils of one of the largest cyber-heists to date was laundered is remarkable,” The Archive said in a blog post. The timeline offers perhaps the most complete snapshot of the bank heist, based on court documents and threat reports.

 

TWEET OF THE DAY

Job requirement #1

How about tossing your favorite website a follow on Twitter and a like on Facebook? Click those shiny social buttons below to get the best we have to offer across the social web.

 

To learn about CyberScoop advertising and sponsorship opportunities, drop us a note - we look forward to hearing from you!

 
Facebook
 
Twitter
 
YouTube
 

This newsletter is produced by Scoop News Group.
Visit cyberscoop.com to read this newsletter on the web.