Russian hackers already targeted a Missouri senator up for reelection in 2018

A Democratic senator seeking reelection this fall appears to be the first identifiable target of Russian hacking in the 2018 midterm race. In a new story on the Daily Beast, Andrew Desiderio and Kevin Poulsen reported that Democratic Missouri Senator Claire McCaskill was targeted in a campaign-related phishing attack. That clears up one unspecified target from last week’s statement by Microsoft’s Tom Burt that three midterm election candidates had been targeted by Russian phishing campaigns.

Malspam with password-protected Word docs pushes Hermes ransomware, (Fri, Jul 27th)


Malicious spam (malspam) with password-protected Word docs continues to be an issue.  Here’s a recent password-protected Word doc that shows a 0 / 59 detection rate in VirusTotal as I write this:  SHA256 hash 4e5f6a6e8c073828af55c830fad5ce7496313083f42f5bc655c90a9a1314cbb2.  This type of malspam was recently seen from emails with sending addresses ending in  Today’s diary reviews an example from Thursday 2018-07-26.

Australians Say No Thanks to Electronic Health Records


Editor’s Picks

A political firestorm erupted last week over the Australian government’s move to create a shareable national electronic health record for all 24.7 million of its citizens by December of this year. Unless an individual opts out of having a My Health Record by 15 October 2018, the government will create one for them that will be kept for 30 years after the person dies, or for 130 years after a person’s birth if their death date is unknown.

This Week in Security News: Scams and Security Risks

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the EU and Japan finalized an agreement enabling the cross-border transfer of data. Also, businesses are turning to machine learning to combat data threats.

Bridging the Divided Perspectives on SOC Tech and Talent

New research reveals the majority of security professionals involved in the management of a security operations center (SOC) want change. Across enterprises, however, there is a divide between the perspectives of executives, directors and individuals involved in day-to-day incident response (IR) activities.

Managing Enterprise Security Risk on Vacation

Enterprise security hardships await wherever we travel — especially during summer vacation. Connecting to an organization’s software while on vacation is different from doing so on a business trip. Employees’ mindsets are different; they’re not supposed to be working, but they’re bound to check their email or access that document that just needs a little more attention. In this increasingly digital world, it’s getting tougher for us to disconnect no matter where we are or what we’re doing. This predicament represents a huge security risk for the enterprise.

Phishing Attack Volume Growing at Most Organizations, Mimecast Reports

1 of 9

Phishing Attack Volume Growing at Most Organizations, Mimecast Reports

Email remains one of the primary ways that hackers attack organizations. That was one of Mimecast’s findings in its second annual State of Email Security report. The 21-page report, released on July 24, surveyed 800 IT decision-makers to provide insight into the current landscape of email attacks. Among the high-level findings in the report is that most organizations are seeing a rise in phishing attacks. But attacks aren’t the only risk for email—so too is simple user error, with 31 percent of C-level executives accidentally sending sensitive emails to the wrong address. The report also identified a lack of training as being a risk, with only 11 percent of organizations continuously training employees on how to spot attacks. In this slide show, eWEEK looks at some of the highlights from Mimecast’s State of Email Security report.

Zero-Day Coverage Update – Week of July 23, 2018

We’re at the end of July and the Zero Day Initiative (ZDI) has published 873 advisories so far. That’s 273 advisories this month alone – and that’s just the tip of the iceberg! Earlier this week, ZDI announced the Targeted Incentive Program, which brings over $1,500,000 USD in special bounty awards for specific targets. With an initial focus on critical class, server-side vulnerabilities, starting August 1st, this program will offer a special monetary award for specific targets, but only for the first successful entry and only for a certain period of time.

Google’s tiny chip represents a big bet on IoT

Google is taking two steps – one in hardware and one in software – to bring its analytics and machine learning capabilities to edge networks and even to individual internet-of-things devices to better deal with the data generated by a growing number of IoT devices, the company said at its Cloud Next technology conference.