Cyber Attacks, Threats, and Vulnerabilities
Labour's Ben Bradshaw claims he was target of Russian cyber-attack (the Guardian) Frequent critic of Kremlin interference in the UK was sent suspicious email from Moscow
Iranian hackers deploy new ZeroCleare data-wiping malware (ZDNet) IBM identifies new ZeroCleare destructive malware targeting energy companies active in the Middle East region.
StrandHogg vulnerability enables malicious software to masquerade as trusted Android apps (Computing) The vulnerability stems from a multitasking feature in Android,Security ,StrandHogg vulnerability,Android OS,Promon,TaskAffinity
TrickBot Expands in Japan Ahead of the Holidays (Dark Reading) Data indicates TrickBot operators are modifying its modules and launching widespread campaigns around the world.
New Malware Campaign Uses Trojanized 'Tetris' Game: Report (BankInfo Security) A new malware campaign uses a Trojanized version of the game Tetris to target healthcare and educational institutions for credential stealing, according to
New Zealand’s gun buyback scheme impacted by data breach, SAP to blame (ZDNet) SAP has been left red-faced for allowing the security lapse to occur.
North Korea Hackers Breached Indian Nuke Reactor In Search For Advanced Thorium Technology (International Business Times) Thorium-based nuclear power can replace Uranium based nuclear power.
How Hackers Could Shut down America's F-15s (The National Interest) A real threat.
Millions of SMS messages exposed in database security lapse (TechCrunch) Exclusive: The exposed database was left unprotected without a password. None of the data was encrypted.
SMS company exposes millions of text messages, credentials online (Naked Security) Researchers at VpnMentor claim that the TrueDialog data leak exposure could have compromised tens of millions of people.
Ad fraud: Fake local news sites are rolling in the dough (Naked Security) “forbesbusinessinsider.com?” Names like that sound close enough to real news domains to pass, but bots are the only ones visiting.
Text-Based Deepfakes, Model Hacking Among Top AI Threats (Wall Street Journal) Companies should brace themselves for two emerging threats related to artificial intelligence: text-based deepfakes and AI model hacking, cybersecurity experts said.
SIMjacker, here’s what the latest major flaw in mobile devices teaches us (Miracle Tech) It was discovered in recent days by the security company AdaptiveMobile Security, and it is a really serious threat to the world of mobile phones and more.
Hackers Target Major Brands: Disney and Macy’s Breached (Business2Community) Fraudsters are warming up for the holidays, targeting household names through e-commerce site hacking and credential stuffing attacks. On November 19, 2019, news broke that Macy’s e-commerce site was infiltrated by a third party, embedding malicious code into Macy’s online checkout page.
Zoom Opens Video Device Security Hole — Again (No Jitter) A second Zoom operating system workaround, this one for Cisco, Poly, and Lifesize endpoints, becomes a security hack.
Moxa AWK-3121 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit/public exploits available
Vendor: Moxa
Equipment: AWK-3121
Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Access Control, Sensitive Cookie without ‘HTTPONLY’ Flag, Improper Restriction of Operations within the Bounds of a Memory Buffer, CSRF, Command Injection, Cross-site Scripting
2.
Reliable Controls LicenseManager (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: Reliable Controls
Equipment: LicenseManager
Vulnerability: Unquoted Search Path or Element
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to crash the system, view sensitive data, or execute arbitrary commands.
Colombia Warns About the Scam of Asking Ransom in Bitcoin (NameCoinNews) In Colombia, the police authorities are warning its people about the scam in which the attacker is asking for the ransom in cryptocurrency bitcoin (BTC). This ransom is demanded in exchange for not disclosing the private details of the person who had kidnapped the victims. In this scam, the victim got an email from his …
Two Weeks Later Louisiana OMV Offices Still Impacted by Cyber Attack (News15 | Lafayette, LA) Louisiana OMV offices are still being impacted two weeks after a ransomware attack. Offices in Lafayette, Baton Rouge, and New Orleans are back open, but more than a dozen Louisiana’s motor vehicle offices still remain closed from the cyber attack. Officials think the attack to several state servers happened started with an email with a link. …
Darknet: Hacking Tools and Stolen Data at Bargain Prices (The Rio Times) Stolen data, weapons, drugs and particularly cybercrime services are not only moved via dark channels but are also offered via illegal platforms and relevant forums in the dark realms of the cyber world.
When Rogue Insiders Go to the Dark Web (Dark Reading) Employees gone bad sell stolen company information, sometimes openly touting their companies, researchers say.
Rogue Staff Member at Leading Cybersecurity Company Leaks Customer Data (Comforte Insights) Another cybersecurity company has fallen victim to a data breach. This time, the attack came from within. How can attacks like this be prevented?
The Cybercriminal Forum in 2019: An Enduring Model (Digital Shadows) We took a deep-dive into the cybercriminal underground to investigate the persistence of forums, uncovering several reasons they remain attractive amid appealing alternatives.
Security Patches, Mitigations, and Software Updates
Microsoft Forms Now Automatically Blocks Confirmed Phishing (BleepingComputer) Microsoft is rolling out automatic blocking for repeated Microsoft Forms phishing attempts to boost the product's security by stopping attackers from abusing forms and surveys to harvest sensitive data from their targets.
Moxa Patches Wireless Device (ISSSource) Moxa has a patch available to handle multiple vulnerabilities in its AWK-3121 which has reached its end of life and is being replaced, according to a report with CISA.
Cyber Trends
New Report Reveals Rapid Growth in Crowdsourced Security Testing for Compliance (BusinessWire) Crowdsourced security testing adoption posed to increase by 4x in 2020 driven by compliance and a desire for a continuous cadence.
GDPR Compliance Rate Remains Low According to New Talend Research (Talend) 58% of surveyed businesses worldwide failed to address requests made from individuals seeking to obtain a copy of their personal data as required by GDPR (General Data Protection Regulation) within the one-month time limit set out in the regulation, reveals updated research from Talend (NASDAQ: TLND), a global leader in cloud data integration and data …
141 Cybersecurity Predictions For 2020 (Forbes) 141 predictions for 2020 from key participants in the cybersecurity defense industry, highlighting all that’s hot today and tomorrow
Attention finance industry: Here are the cybersecurity threats coming in 2020 (HousingWire) A new report from cybersecurity company Kaspersky states that the amount of data held by financial services companies makes them prime targets for “cyberthreat actors.” but the company cautions that even the most advanced security protocols may not be enough to protect against an attack.
Hackers to greatly diversify their tactics in 2020 (SecurityInfoWatch) Experian make five cybersecurity predictions for the year ahead in its annual ‘Data Breach Industry Forecast’
Marketplace
Columbia's Tenable makes $78 million acquisition (Baltimore Business Journal) All of Indegy's roughly 60 employees, including its CEO Barak Perelman, will be brought on as Tenable employees through the deal.
Tenable Acquires Operational Technology Security Leader Indegy (Tenable®) Cybersecurity market leaders create the industry's first unified, risk-based platform for IT and OT security Tenable®, Inc., the Cyber Exposure company, today announced that it has acquired Indegy Ltd., a leader in industrial cybersecurity which provides visibility, security and control across operational technology (OT) environments.
Panorays Raises $15 Million Series A to Accelerate Third-Party Security Management (Panorays) Panorays has raised $15 million in a Series A funding round led by Oak HC/FT, which will be used to expand marketing and sales to accelerate growth.
Patriot Technologies acquires Communication Technologies & Consulting (EnterpriseTalk) Patriot Technologies, Inc. a fast-growing Frederick, MD-based custom manufacturer of cybersecurity platforms and devices recently announced the completion of its acquisition of Communication Technologies & Consulting
Huawei to move research center to Canada over US sanctions (TheHill) The founder of Chinese tech giant Huawei has said the company is moving its U.S. research center to Canada due to U.S. sanctions on the firm.
Huawei is facing a backlash in China when it can least afford it (CNN) Huawei is facing a growing backlash in China after new details came to light in the case of a former employee who was arrested and jailed for 251 days following an unproven accusation of blackmail from the company.
Google Co-Founders Page, Brin Give Up Management Roles (Wall Street Journal) Larry Page and Sergey Brin said they would hand control of Alphabet immediately to Sundar Pichai, Google’s existing CEO, stepping back at a potential inflection point for the company.
How Google founders Larry Page and Sergey Brin left Alphabet to avoid their 'Bill Gates moment' (The Telegraph) You can hardly blame Larry Page for standing down as chief executive officer at Alphabet.
This Top Cybersecurity Stock Is a Buy After Its Latest Plunge (The Motley Fool) Weak guidance sent Palo Alto Networks' shares down, but investors need to keep their eyes on the long-term opportunity.
Peter Thiel’s Palantir has quietly secured £39m of UK government deals (NS Tech) <p>Peter Thiel’s controversial data analytics firm Palantir quietly secured a £28m contract from the Ministry of Defence last year, taking the total value of UK government deals won by the firm
Wipro to establish Cyber Defence Centre in Melbourne (The Economic Times) The new centre in South Melbourne will offer protection from cyber-attacks to the organisations and will generate 100 new tech jobs for locals. According to Wipro Senior Vice President Raja Ukil, "The launch of the centre in Melbourne showcases Wipro's commitment to leverage local talent and specialised expertise to cater to the cyber security needs of the region."
RSA Conference 2020 unveils keynote line-up with world-class experts (Help Net Security) RSA Conference today announced its initial line-up of keynote speakers for RSA Conference 2020, taking place at the Moscone Center in San Francisco.
Nuspire Hires Lewie Dunsworth As New CEO (PRWeb) Nuspire, a Managed Security Services Provider (MSSP), announced today that it has hired Lewie Dunsworth as the new CEO. Saylor Frase, Nuspire’s previous
KnowBe4 Hires Mark Patton as Senior Vice President of Engineering (PRWeb) KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced it has hired Mark Patton as sen
AlgoSec Appoints Chief Revenue Officer & Chief Financial Officer to Manage Growth Acceleration (West) Leading network security management solution provider appoints two industry veterans to drive expansion fuelled by multiple growth avenues and new revenue initiatives
Products, Services, and Solutions
ICIT and Cybrary form Strategic Partnership for Technical Cybersecurity Skills Training (West) ICIT Members Will Receive Exclusive Discounts on Cybrary Tools to Assess, Develop, and Measure Their Technical Security Skills
Collibra is FedRAMP Authorized (Collibra) No one takes security more seriously than the government. Collibra takes data protection and security seriously.
SonicWall Strengthens MSSP Security Offerings, Simplifies Account Management, Product Registration, Licensing Control (PR Newswire) Increasingly sought out and relied upon by organizations spanning all verticals, managed security service providers (MSSP) have an expanded and...
Lastline Simplifies Securing Amazon Web Services with Industry-Leading Network Detection and Response (PR Newswire) Lastline®, a cybersecurity leader in AI-powered network detection and response (NDR), today announced a technology integration with Amazon Web...
Sophos Cloud Optix Advancements Simplify Cloud Security (West) New Features and Capabilities Showcased at AWS re:Invent 2019
Aviatrix Cloud-Native Networking Software Extends to Enterprise Branch Offices with CloudWAN Servi (Aviatrix Blog) Leverages Existing Cisco IOS Branch Routers with No “Rip and Replace”; Integrates with AWS Transit Gateway Network Manager and AWS Global Accelerator for Operational Simplicity and Low Latency Branch Office Connectivity
Nomad Digital launches private Trackside Radio technology (Intelligent Transport) The Nomad Digital solution provides passengers a seamless, high speed WiFi connection throughout their journey, including through tunnels or under bridges.
ShieldX Leverages New Amazon VPC Ingress Routing to Bring Comprehensive Network Security to AWS Deployments (Yahoo) Leveraging both Amazon VPC Traffic Mirroring and the New Amazon VPC Ingress Routing Capabilities Allows Users to Monitor and Block Malicious East/West and North/South Traffic
Flashpoint Expands Business Risk Intelligence Capabilities for Managed Security Service Providers (Flashpoint) Company’s Commitment to Managed Security Service Providers (MSSPs) Helps Them Meet Growing Demand for More Proactive, Value-Added Services
Morphisec Achieves AWS Security Competency Status for Cloud Server Workload Protection (PRWeb) Morphisec, a leader in Moving Target Defense, today announced that the company has achieved Amazon Web Services (AWS) Security Competency
Darktrace’s self-learning AI security systems are now in AWS Marketplace (TechRadar) Cyber AI platform is a powerful solution for responding to emerging threats
Technologies, Techniques, and Standards
NSA to Issue Updated Cloud Security Guidance (Wall Street Journal) The National Security Agency plans to issue updated guidance to companies on cybersecurity in the cloud, a senior official said, amid a series of attacks that have targeted service providers in recent months.
NIST Developing Hardware Security Guidelines for Enterprises (Decipher) The federal government’s technical standards body is working on best practices for verifying the security and integrity of hardware, a notoriously difficult problem.
From cyber attack to heart attack: the hidden human impact of hospital hacks (New Statesman) Today’s hospitals are not sacrosanct. The large amounts of patient and staff data that they collect and store can make them prime targets for cyber attacks.
Tardy for the CCPA Party? Tips for Your Last Month Before the Deadline (Cooley) With a month left before the January 1, 2020 deadline to comply with the California Consumer Privacy Act, covered businesses should ideally be well on their way to compliance. But what if you procr…
How to migrate apps and workloads to the cloud securely and efficiently (Tufin) What’s common to all cloud migration projects, whether they are lift-and-shift, migration between cloud platforms, or app refactoring projects, is that the end results are portable workloads (e.g. application, database, storage, VM, etc.) cloud-native or not, that can potentially run in the cloud, or on-prem.
Hackers Red Team:Tribal Knowledge Offensive Cybersecurity (Irish Tech News) Tribe of Hackers Red Team: Tribal Knowledge from the Best in Offensive Cybersecurity, reviewed
Don’t obsess over the security of Chinese wireless gear. Do this instead (Fast Company) If you want to keep your data secure, it pays to worry less about Huawei and ZTE and more about the communications apps you choose to use.
Uncovering vulnerabilities in Cryptographic libraries: Mayhem, Matrixssl, and WolfSSL (ForAllSecure) ForAllSecure Engineer, Tyler Nighswander, uncovers vulnerabilities in two popular cryptographic libraries, MatrixSSL and WolfSSL, utilizing Mayhem, a next-generation fuzzer.
SystemDistrict Virus Removal Guide for Mac (SensorsTechForum.com) SystemDistrict is an undesired program that affects macOS as well as Safari and Chrome. Remove SystemDistrict virus from MacOS
Design and Innovation
New crypto-cracking record reached, with less help than usual from Moore’s Law (Ars Technica) 795-bit factoring and discrete logarithms achieved using more efficient algorithms.
Post Quantum Cryptography (DigiCert) Quantum computing will change everything. With current technology we estimate it would take a few quadrillion years to crack 2048-bit encryption.
MIT deepfake video 'Nixon announcing Apollo 11 disaster' shows the power of disinformation (Newsweek) Disinformation and deepfakes are especially acute concerns in the run-up to the 2020 presidential election.
Research and Development
How a National Lab is Securing Electric Vehicles and Smart Cars of the Future (Nextgov.com) At Argonne, a holistic approach is accelerating discoveries and bolstering the fight against emerging transportation threats.
4 INL technologies to get national recognition (Post Register) Four Idaho National Laboratory technologies recently won prestigious national awards.
Academia
IBM Canada and the University of Ottawa launch cybersecurity hub (Canadian Manufacturing) The software giant and the university say they will address critical government, public and private sector needs for advanced cybersecurity
Opinion: Why Cyber Security should be taught in our schools (Easier) Opinion: Why Cyber Security should be taught in our schools. Technology, technology and more technology. That’s all schoolchildren need to know these days with approx. nine out of 10 households having access to the internet.
Legislation, Policy, and Regulation
Power Politics Could Impede Progress on Responsible Regulation of Cyberspace (Chatham House) A new Chatham House paper examines the prospects of countries reaching agreement on issues of sovereignty and non-intervention in cyberspace in the face of persistent, low-level, state-to-state cyber attacks.
Analysis | The U.N. passed a Russia-backed cybercrime resolution. That’s not good news for Internet freedom. (Washington Post) Moscow is becoming far more skilled in advancing its agenda at the U.N.
When do cyberattacks deserve a response from NATO? (Fifth Domain) The biggest concern for the NATO alliance might not be agreeing on a framework for when collective defense is triggered from a cyberattack, but rather, how can the alliance address daily cyber events that fall below the level of armed conflict?
NATO to define plan to counter Russia’s hybrid warfare tactics (Defense News) “Maintain technological edge is the only way we can avoid obsolescence,” warns British Defence Secretary Ben Wallace.
NATO recognizes China 'challenges' for the first time | DW | 03.12.2019 (Deutsche Welle) For the first time in NATO's history, the alliance is recognizing the challenges posed by China's rise in a summit declaration. NATO's chief said Beijing's growing military capabilities had "implications for all allies."
NATO struggles with its China conundrum (Defense News) Each of the 29 NATO nations has a different relationship with China. Can the alliance find a coherent strategy for dealing with Beijing?
The US can't use Cold War tactics to engage with China, says former NSA head Michael Rogers (CNBC) China's main goal is to achieve 21st century technological dominance, argued Admiral Michael Rogers, former head of the NSA and U.S. Cyber Command, in a recent cybersecurity podcast. He also explained some of the tactics that are hard to counter, such as IP theft, government subsidies of tech companies, and linking corporate interests to education and government research.
EU countries warn on risks linked to foreign 5G suppliers (POLITICO) National capitals called on telecom companies to address risks associated with vendors from third countries.
European Commission's new president promises GDPR-style legislation on AI (Computing) Von der Leyen said that Europe set the pattern for the world the GDPR, and we have to do the same with artificial intelligence
ICO: Organisations using AI systems must provide clear explanations of decisions made (Computing) Organisations must also ensure that their use of AI is transparent and accountable
Privacy Matters | India needs a new law to regulate govt surveillance (Moneycontrol) While the State’s surveillance on its citizens is legal under certain circumstances, it’s unconstitutional. There should be judicial surveillance on the authorities who have the power to allow surveillance on individuals to stop breach of power.
China makes facial recognition mandatory for new SIM card purchases (Computing) The move will help crack down on scams, according to the government,Privacy ,Facial recognition,Wechat,Tencent,China Unicom
China protests as US House passes Uygur bill demanding sanctions over Xinjiang (South China Morning Post) Legislation urges the US government to act to counter China’s crackdown on Muslims and other minorities, and would prohibit export of certain US technologies that could be used in state-sponsored suppression.
Exclusive: White House considered kicking Huawei out of U.S. banking system - sources (Reuters) The Trump administration considered banning China's Huawei from the U.S. fi...
Verizon CEO says he doesn't want a 5G 'cold war' between the US and China (CNBC) "One of the beauties of this industry is ... that you can bring your phone from whichever country you're in and go to another country and it works," Verizon CEO Hans Vestberg says.
Senate cyber caucus to hold briefing this week on ransomware attacks (TheHill) The Senate Cybersecurity Caucus will hold a classified briefing Wednesday to address the ongoing spree of ransomware attacks on local governments, school districts and other entities nationwide.
How the Marine Corps thinks about beating adversaries in cyberspace - CyberScoop (CyberScoop) There are a lot of products on the market purporting to be the best way to run defense against nation-state adversaries’ email spearphishing attempts.
Portland plans to propose the strictest facial recognition ban in the country (Fast Company) Portland, Oregon, aims to ban the use of the controversial technology not only by city government, but also by private companies.
New Marine Corps guidance clarifies political activity allowed on social media (Marine Corps Times) Active-duty members are allowed to “friend” or “like” social media pages, but they cannot ask others to “follow” or “like” them.
National cyber policy being developed to protect citizens (Jamaica Observer) Minister of National Security, Dr Horace Chang, says that to further pro...
New Nebraska guard cyber unit deployed on its first mission (KETV) New battlefield "not about planes and tanks and infantry"
Nebraska National Guard cyber protection unit headed to D.C. to help secure networks, election system (Omaha.com) The Nebraska National Guard's 179th Cyber Protection Team, which was formed two years ago, is headed to Fort Meade, Maryland, for a year to help military and government agencies secure
Litigation, Investigation, and Law Enforcement
Merck Cyberattack's $1.3 Billion Question: Was It an Act of War? (Claims Journal) By the time Deb Dellapena arrived for work at Merck & Co.'s 90-acre campus north of Philadelphia, there was a handwritten sign on the door: The
Tories may have broken law in compiling voter data via polls spread on Facebook (The Telegraph) The Conservative Party may have broken the law by using "misleading" surveys and online games to hoover up voters' personal data without properly asking for consent, experts have warned.
Analysis | The Cybersecurity 202: Ukraine claims threaten Senate consensus on Russian hacking (Washington Post) GOP senators are increasingly willing to back Trump’s baseless claims
How the Ukraine pressure campaign began as an effort to undercut the Mueller investigation (Washington Post) Rudolph W. Giuliani’s efforts to undermine the special counsel probe eventually snowballed into the current impeachment crisis gripping the capital.
CrowdStrike, Ukraine, and the DNC server: Timeline and facts (CSO Online) Politicizing cybersecurity only serves to undermine trust in its practices and objectivity, experts fear.
IM RAT spy tool seller raided, busted, kicked offline (Naked Security) The spyware gave complete control of victimized computers, sold for as little as$25, and was bought by 14,500 hackers worldwide.
Google's proposed acquisition of Looker invites probe from UK's competition watchdog (Computing) The CMA is inviting comments from interested parties on the merger by 20th December
FBI Asked Sony for Data on User Who Allegedly Used PlayStation Network to Sell Cocaine (Vice) The search warrant application even asks what games the suspect played and their progress.
Former Google employees who say they were fired for organizing are filing labor charges against the company (Vox) The move is the latest escalation in growing tensions between employee organizers and management at the search giant.
Bestiality, Stabbings, and Child Porn: Why Facebook Moderators Are Suing the Company for Trauma (Vice) “My first day on the job, I witnessed someone being beaten to death with a plank of wood with nails in it and repeatedly stabbed.”
Facebook expands its efforts against ad discrimination (TechCrunch) Under the terms of a settlement with the ACLU and other civil rights groups earlier this year, Facebook has been taking steps to prevent discriminatory ad targeting. Specifically, the company says ads in the United States that involve housing, employment or credit can no longer be targeted based on…
NSS Labs Dismisses Antitrust Complaint Against Anti-Malware Testing Standards Organization and Endpoint Security Vendors (NSS Labs, Inc.) NSS Labs, Inc., a global leader and trusted source for independent cybersecurity product testing, today dismissed its antitrust complaint without prejudice. The lawsuit was filed September 18, 2018 with the United States District Court in Northern California against CrowdStrike, Symantec Corporation, ESET LLC, Anti-Malware Testing Standards Organization (AMTSO) and Does 1-50.
Hezbollah member gets 40 years for scouting possible sites for terrorist attacks in New York (Washington Post) Ali Kourani tried to become an FBI informant in 2017 but misled investigators.