DISA digs into blockchain as a service

The Defense Information Systems Agency is paying close attention to the cloud-based blockchain offerings introduced by Amazon Web Services, Microsoft and IBM as it explores how to incorporate the technology into the infrastructure used by the Defense Department.

“We are looking at potentially offering something that would be secure, scalable and agile for the networks that our mission partners could create and manage on our infrastructure inside accredited DOD environments,” Sherri Sokol, innovation leader at DISA, told GCN. “It would really just be the platform, infrastructure resource management and monitoring, which are services that DISA already offers.”

Complete article on threatpost.com

The APT Name Game: How Grim Threat Actors Get Goofy Monikers

How do advanced persistent threat groups such as Darkhotel and Anchor Panda get their ridiculous names?

What’s in a name? When it comes to advanced persistent threat groups, it is often quite a bit.

While their monikers’ may seem whimsical – Fancy Bear, Nomadic Octopus, Ocean Lotus and Darkhotel – the reality is these are not arbitrary names. In fact, many are similar to schoolyard nicknames or a type of shorthand – tied to the attributes of the mysterious groups behind cyberattacks.

Complete article on threatpost.com

Americans want to regulate AI but don’t trust anyone to do it

In 2018, several high-profile controversies involving AI served as a wake-up call for technologists, policymakers, and the public. The technology may have brought us welcome advances in many fields, but it can also fail catastrophically when built shoddily or applied carelessly.

It’s hardly a surprise, then, that Americans have mixed support for the continued development of AI and overwhelmingly agree that it should be regulated, according to a new study from the Center for the Governance of AI and Oxford University’s Future of Humanity Institute.

Complete article on threatpost.com

‘Unprecedented’ DNS Hijacking Attacks Linked to Iran

The attacks, targeting several countries to redirect traffic and harvest credentials, have been linked to Iran.

A wave of DNS hijacking attacks targeting victims in North America, Europe, Middle East and North Africa have been linked to Iran. The attacks, which have been ongoing over the past two years, have had “a high degree of success” harvesting targets’ credentials, according to researchers.

Researchers at FireEye said that the attacks were launched mainly against government, telecom and internet infrastructure firms. Attacks involved intercepting traffic from firms with the goal of harvesting victims’ usernames, passwords and domain credentials.

Complete article on threatpost.com

Phishing Tactic Hides Tracks with Custom Fonts

The phishing campaign is using a new technique to hide the source code of its landing page – and stealing credentials from customers of a major U.S.-based bank.

An insidious phishing method evades detection using a never-before-seen technique that leverages custom fonts to cover its tracks.

Researchers at Proofpoint recently discovered an active credential harvesting phishing scheme. Once a victim has clicked on the initial phishing email, the resulting landing page looks like a login page for a major U.S. bank – but in reality the page is bent on stealing banking customers’ credentials, Chris Dawson, threat intelligence lead at Proofpoint, told Threatpost. The phishing kit uses custom web fonts to obfuscate the source code for the landing page – making it seem harmless.

Complete article on threatpost.com

Making a Ransomware Payment? It May Now Violate U.S. Sanctions

Thinking about making a ransomware payment? If so, you may want to think twice before doing so as it could land you in trouble for violating U.S. government sanctions.

This week the Department of Justice unsealed a grand jury indictment against two Iranian hackers allegedly responsible for the SamSam Ransomware. As part of this indictment, for the first time the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) also publicly attributed cryptocurrency addresses to individuals who were involved in the converting ransomware cryptocurrency payments to fiat currency.

Complete article on bleepingcomputer.com

Pentagon Draws Back the Veil on APT Malware with Sudden Embrace of VirusTotal

Two samples have already been added to the malware zoo, indicating a new openness from the federal government when it comes to cyber.

The Pentagon has suddenly started uploading malware samples from APTs and other nation-state sources to the website VirusTotal, which is essentially a malware zoo that’s used by security pros and antivirus/malware detection engines to gain a better understanding of the threat landscape.

Complete article on threatpost.com

Longer Minimum Passwords Help Prevent Fraud

The all-too-common practice of using the same email address/password combination to log into multiple websites can be damaging, especially for employers with many users and valuable assets protected by passwords, like universities.

“If someone uses their university email address and passphrase to sign up for, say, LinkedIn, and LinkedIn is breached by cybercriminals, that would mean their university password is sitting on the web for everyone to see,” said Indiana University’s Dan Calarco, co-author on a new paper that examines the practice of password reuse.

Complete article on securitymagazine.com

Cloudflare Advances New Internet Standards for Speed and Security

As part of its Birthday Week, Cloudflare announces support for internet standards that help to improve speed and security, as well as unveiling the new Bandwidth Alliance that could help to save customers millions of dollars in bandwidth costs.

Cloudflare is celebrating its eighth birthday this week with a series of announcements that look to accelerate and secure the internet, as well as helping organizations to save some money.

On Sept. 24, Cloudflare announced its support of the Encrypted Server Name Indication (ESNI) service in a bid to keep service providers from being able to spy on users. On Sept 25, the company announced its support for the QUIC protocol to help accelerate mobile traffic over User Datagram Protocol (UDP). On Sept. 26, Cloudflare announced the Bandwidth Alliance, which is a multi-stakeholder group of cloud providers that have pledged to reduce data transfer fees for mutual customers.

Complete article on eweek.com

For Hackers, Anonymity Was Once Critical. That’s Changing.

At Defcon, one of the world’s largest hacking conferences, new pressures are reshaping the community’s attitudes toward privacy and anonymity.

LAS VEGAS — Ask any hacker who’s been around long enough, and there’s a good chance you’ll hear an archetypal story, tinged with regret, about the first time his or her real identity was publicly disclosed.

After enjoying years of online anonymity, the hacker known as Grifter was unmasked by a less-than-scrupulous spouse. “Hey, Neil!” his wife called out at him, absent-mindedly, from across a crowded room, while accompanying him (for the very first time) at a hacking conference. “My beautiful wife, she outed me in front of the entire hacker community,” he said with a laugh.

Complete article on nytimes.com