Global Cyber News Digest

House bill targets use of Pentagon networks for child pornography

Source: The Hill
By: Maggie Miller
Published: July 2, 2019
* The End National Defense Network Abuse (END Network Abuse) wasintroduced in the wake of in an investigation called 'Project Flicker'carried out by U.S. Immigration and Customs Enforcement.
* This investigation identified over 5,000 individuals, includingmany affiliated with DOD, who were subscribed to child porn websites.

How a grim Eurovision Song Contest cyber attack was prevented at last second

Source: 9News
By: Fiona Willan
Published: July 2, 2019
* As millions of people around the world tuned into this yearsEurovision Song Contest final in Tel Aviv, little did they know they werewithin one second of witnessing a grim cyber attack.
* Foreign hackers infiltrated the system broadcasting the eventglobally online and tried to insert a disturbing video into the live feed.

Medtronic rushes to replace insulin pumps after flaws found

Source: Naked Security
By: John E. Dunn
Published: July 2, 2019
* US medical equipment giant Medtronic has announced the immediate recall of all MiniMed 508 and Paradigm series insulin pumps after researchers uncovered serious security flaws which can't be patched.
* The job of a pump is to deliver insulin to a patient throughout the day via a catheter implanted under the skin, which removes the need for regular injections to maintain stable blood glucose levels.

Websites go down worldwide due to Cloudflare outage

Source: The Hill
By: Maggie Miller
Published: July 2, 2019
* Internet network and security provider Cloudflare experienced a massive outage, with websites around the world unable to load and the cause of the outage not immediately clear.
* The outage did not appear to last long, with Cloudflare posting online that it had "implemented a fix for this issue" and that it was "monitoring the results" 23 minutes after it wrote that "we are working to mitigate impact to Internet users."

Mac Malware Pushed via Google Search Results, Masquerades as Flash Installer

Source: ThreatPost
By: Lindsey O'Donnell
Published: July 2, 2019
* Never-before-seen Mac malware, dubbed OSX/CrescentCore, has been discovered in the wild.
* The trojan, spotted on various websites masquerading as an Adobe Flash Player installer, drops malicious applications and browser extensions on victims' systems when downloaded.

How To Secure The Internet Of Battlefield Things From Cyber Attacks

Source: National Interest
By: Dan Goure
Published: June 30, 2019
* It should come as no surprise that the IOT has extended togovernment networks, particularly those operated by the Department of Defense (DoD).
* The result is what some observers call the 'Internet ofBattlefield Things' (IOBT). There is a general consensus among experts that the military which first creates the IOBT will gain a decisive advantage over its competitors.

AI, Cyber Get Big Boost in Senate-Passed NDAA

Source: NextGov
By: Jack Corrigan
Published: June 28, 2019
* A massive defense policy bill approved by the Senate on Thursday is loaded with provisions to advance the Pentagon's tech and protect the country against digital threats posed by Russia and China.
* The legislation would authorize hundreds of millions of dollars for artificial intelligence and cyber research, and support efforts to lockdown the government supply chain, fight foreign misinformation and bolster the Pentagon's tech workforce.

Cloud Hopper hits several tech firms in Spyware attack

Source: CISO Magazine
By: FNU LNU
Published: June 27, 2019
* Security researchers stated that a global hacking campaign backed by China's Ministry of State Security broke into various technology service providers to steal commercial secrets from their clients.
* The Reuters report revealed the compromised companies list that included Hewlett Packard Enterprise, IBM, Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation, and DXC Technology.

Hacker steals $4.5 million from Bitrue cryptocurrency exchange

Source: ZDNet
By: Catalin Cimpanu
Published: June 27, 2019
* Hackers stole $4.25 million worth of Ripple coins and $225,000 worth of Cardano coins.
* Per Bitrue's statement, administrators detected the hack and immediately shut down trading on their platform, putting the site in maintenance mode while they investigated what was happening.

NIST Updates SP 800-171 To Enhance DoD Contractor Security Against Cyber Attack

Source: JDSupra
By: Susan Ebner
Published: June 26, 2019
* Cybersecurity continues to be an imperative for the protection ofthe Department of Defense (DoD) and its contractors' supply chain.
* On June 19, 2019, the National Institute of Standards andTechnology (NIST) issued two draft updates to its Special Publication800-171, "Protecting Controlled Unclassified Information in NonfederalSystems and Organizations" (NIST SP 800-171) to invigorate securitycontrols aimed at protecting entities in this supply chain.