Cyber Attacks, Threats, and Vulnerabilities
Spies and cybercriminals are sharing their supply-chain attack strategy (Intel 471) The SolarWinds incident is the latest example of government-backed hackers taking cues from the cybercriminal underground.
Microsoft source code access: assume the worst, says Israeli firm Featured (ITWire) The lack of timing and detail in Microsoft's announcement about its source code being accessed by the attackers who used SolarWinds' Orion network management software in a supply chain attack can only mean that this is bad news, the Israel-based source code control, detection, and response solution start-up Cycode, claims.
SolarWinds Cyber-Attack Has Significant Implications for Developers and Contractors (The National Law Review) ICYMI, on Wednesday, January 6, 2021, the United States Department of Justice (DOJ) issued an update about what it termed “a major incident under the Federal Information Security Moder
()
Iranian cyberspies behind major Christmas SMS spear-phishing campaign (ZDNet) Iranian hackers managed to successfully hide URLs to phishing sites behind legitimate google.com links.
Charming Kitten’s Christmas Gift (Certfa Lab) During the Christmas holidays and the beginning of the new year, the Charming Kitten group, the Iranian state-backed hackers, have begun a targeted phishing campaign of espionage against different individuals to collect information.
Remcos RAT Revisited: A Colombian Coronavirus-Themed Campaign (Bitdefender Labs) In the late summer of 2020, the Bitdefender Active Threat Control team noticed a surge of Remcos malware, with most of the attacks taking place in Colombia. While the malware family has been known for quite a while to cyber-criminals and malware researchers alike, this new campaign captured our...
Attackers Use COVID-19 Vaccine Lures to Spread Malware, Phishing and BEC (Proofpoint) Proofpoint has observed the use of COVID-19 in broad-scale social engineering attacks leading to malware, credential phishing, and BEC since the beginning of the pandemic. We have observed COVID-19 themes consistent with current events throughout this healthcare crisis. Initially, we saw lures around the virus's existence, which then turned to ancillary lures such as medical supply shortages.
Watering Hole Operation Leveraged Zero-Day Exploits (BankInfo Security) Google's Project Zero security team is describing its discovery last year of a complex "watering hole" operation that used four zero-day exploits to
Mautic Version <=3.2.2 (BIshop Fox) Bishop Fox advisory on Mautic application version 3.2.2. The Mautic application is affected by stored cross-site scripting (XSS) vulnerabilities.
Johns Hopkins security researchers 'shocked' at Android and iOS vulnerabilities (9to5Mac) A security researcher at Johns Hopkins University who led an examination into the robustness of smartphone encryption systems says he was shocked by the Android and iOS vulnerabilities they discovered. He said that iOS in particular has extremely secure encryption capabilities, but these are not in use much of the time … Wired reports. Cryptographers […]
Amazon’s Ring Neighbors app exposed users’ precise locations and home addresses (TechCrunch) The app had some four million posts at the end of 2020.
Software errors wipes 'thousands' of arrest records from police databases (Computing) Home secretary Priti Patel is under fire after a bug led to the loss of 150,000 records from the Police National Computer
Positive Technologies helps eliminate DoS vulnerability in F5 BIG-IP application delivery controller (Positive Technologies) Positive Technologies helps eliminate DoS vulnerability in F5 BIG-IP application delivery controller
Mitsubishi Electric Factory Automation Products Path Traversal (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.3
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Mitsubishi Electric
Equipment: Mitsubishi Electric, Factory Automation products
Vulnerability: Path Traversal
2.
Mitsubishi Electric Factory Automation Engineering Products (Update B) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.3
ATTENTION: Low skill level to exploit
Vendor: Mitsubishi Electric
Equipment: Mitsubishi Electric, Factory Automation Engineering products
Vulnerability: Unquoted Search Path or Element
2.
Recovery from SEPA’s cyber attack ‘could take six months’ (Ends Report) The Scottish Environment Protection Agency could take months to recover from a cyber attack over the Christmas period, experts have said, amid speculation that sensitive data may have been stolen in the incident.
Cybercriminals strike remote workers on unsecured home devices (Newsday) The 2020 pandemic struck hard and fast, bringing with it much uncertainty and chaos.
Security Patches, Mitigations, and Software Updates
Apple removes feature that allowed its apps to bypass macOS firewalls and VPNs (ZDNet) The ContentFilterExclusionList has been removed in macOS 11.2 beta 2.
Cyber Trends
Wandera Cloud Security Report 2021 | Wandera (Wandera) A close look at the threats that will impact your organization’s data via your most critical assets — your endpoints, users, and your remote access tools — plus practical advice on how to configure business tools to ensure fast and safe connectivity for all users in 2021.
StormWall: the majority of DDoS attacks in 2020 targeted the entertainment industry, telecommunications and e-commerce. - Latest Digital Transformation Trends | Cloud News | Wire19 (Wire19) StormWall experts analyzed DDoS attacks targeting multiple European online markets in 2020. The analysis revealed that the Entertainment sector
Online gaming a 'hotbed' for DDoS attacks — report (Security Brief) The latency and availability issues present in online gaming, in particular, presented an attractive target to attackers, in addition to the enduring popularity of gaming in the era of COVID-19.
Tenable Research: Publicly Known Vulnerabilities Increased in 2020 (Channel Futures) Common vulnerabilities and exposures (CVEs), or publicly known security vulnerabilities, jumped again last year, according to new Tenable research.
Nation-states and the threat to businesses (teiss) Countries such as Russia, China, Iran, and North Korea are often accused of state-sponsored hacking.
()
Growth of Remote Workspaces Reinforces the Need for Effective Cybersecurity (PR Newswire) The pandemic has resulted in many office-based teams adapting to a work-from-home environment. This new working infrastructure has also forced...
Council Post: Smashing The Crystal Ball: Four Things That Won't Happen In 2021 (Forbes) Remember that progress takes time and innovation often comes in the darkest of hours.
Marketplace
Drata Raises $3.2 Million and Launches Platform to Automate SOC 2 Compliance (PR Newswire) Drata, a next-gen compliance and security automation company, came out of stealth today and announced $3.2M in seed funding led by Cowboy...
Quick Heal to invest $2 million in Israeli cybersecurity firm (mint) With the investment, Quick Heal is planning to leverage L7 Defense’s proprietary AI powered Ammune technology, which provides protection against DDOS attacks, BOT attacks and other malicious threats targeting APIs.
LogRhythm acquires MistNet to expand reach in the threat detection space (Help Net Security) LogRhythm has acquired MistNet, a cloud-based analytics platform that delivers vast network visibility and accurate threat detection.
Leidos Completes Acquisition of 1901 Group (PR Newswire) Leidos Holdings, Inc. (NYSE: LDOS) ("Leidos"), a FORTUNE® 500 science and technology leader, today announced the completed acquisition of 1901...
Accenture acquires Brazilian infosec company (Silicon Republic) Accenture has acquired Real Protect, a Brazil-based managed security services provider, for an undisclosed sum.
Google Closes $2B Fitbit Deal Despite Ongoing Probes (Law360) Google closed its $2.1 billion purchase of fitness tracking device maker Fitbit on Thursday despite ongoing probes of the deal's competitive effects by enforcers in the U.S. and Australia.
Google completes Fitbit acquisition (Google) Google has completed its acquisition of Fitbit. Together, we can make health and wellness more accessible to more people.
Cisco and Acacia reach new $4.5 billion acquisition agreement (ZDNet) Cisco's protracted and contentious acquisition of Acacia is back on track after the networking giant substantially increased its offer price for the optical supplier.
What's CrowdStrike Doing With $750 Million in Fresh Cash? | The Motley Fool (The Motley Fool) The cybersecurity specialist doesn't need more cash to fund its ongoing operations and investments.
CrowdStrike May Look Expensive, but These 2 Key Metrics Show It's Worth It | The Motley Fool (The Motley Fool) Don't miss out on the next big SaaS stocks.
BlackBerry sells smartphone patents to Huawei (TechRadar) BlackBerry continues retreat from mobile devices
WSJ News Exclusive | Apple’s App Store Removes Social Media Platform Wimkin Over Calls to Violence (Wall Street Journal) Apple removed social-media platform Wimkin from its App Store, part of a crackdown by tech companies on potentially dangerous content during the presidential transition. The small site, which markets itself as a free-speech haven, had hosted posts that included a call for civil war.
MeWe Sold Itself on Privacy. Then the Radical Right Arrived. (One Zero) 'Have you tried to moderate 15 million people?’ MeWe founder Mark Weinstein told OneZero
Twitter CEO Jack Dorsey said the Trump ban reflected ‘a failure’ to police online discourse (Washington Post) Twitter CEO Jack Dorsey explained in a tweetstorm that he did not feel pride in the decision, and that the company faced an "extraordinary and untenable circumstance."
Okta CEO says Parler was 'not even trying' to suppress terrorist threats (CNBC) "We don't believe in unlawful activity and platforms that support unlawful activity," Okta CEO Todd McKinnon told CNBC.
New owner takes in Forcepoint, swaps out CEO (Washington Technology) Global tech investment firm Francisco Partners completes its $1.5 billion acquisition of Forcepoint from Raytheon Technologies and appoints a new CEO alongside other hires and promotions.
Alert Logic Appoints John Post as Chief Executive Officer (TylerPaper.com) Alert Logic today announced that John Post has been named Chief Executive Officer. Post's role as Alert Logic CFO will be assumed by current
Products, Services, and Solutions
Celerium Approved as a Licensed Training Provider by CMMC Accreditation Body (PR Newswire) Celerium Inc. is now one of the first organizations to be approved as both a Licensed Training Provider (LTP) and a Licensed Partner Publisher...
Netenrich Intelligent SOC Up-Levels Security Operations to Mitigate Digital Risk for Customers (PR Newswire) Netenrich, a Resolution Intelligence company, today announced the addition of OpsRamp, a SaaS provider of Information Technology Operations...
Bitglass Partners With SYNNEX Corporation to Offer Leading Security Platform to Customers (BusinessWire) Bitglass, the Total Cloud Security Company, today announced an agreement with SYNNEX Corporation, a leading provider of distribution, systems design,
RangeForce Announces Training Partnership with International Consortium of Minority Cyber Professionals (BusinessWire) More than 400 learning modules that use interactive, gaming technology will help ICMCP members acquire real-world security skills quickly and easily.
Code42 Achieves FedRAMP Authorization (BusinessWire) Code42 has received a Federal Risk and Authorization Management Program (FedRAMP) Agency Authorization through the Department of Energy.
Bodyguard Launches Social Media Solution to Protect American Users from Toxic Online Content (Bodyguard) Bodyguard - the technology startup that protects users from cyberbullying, hate speech and toxic content online - has announced a major US expansion at CES 2021, in line with its vision of creating a safer web around the world.
New Malwarebytes Integrations Make Security Management, Billing and Licensing of Software Easier Than Ever for Managed Service Providers (PR Newswire) MalwarebytesTM, a leading provider of advanced endpoint protection and remediation solutions, today announced enhanced integrations and...
Confluera Announces Interoperability with VMware Carbon Black to Expand XDR Capabilities (AiThority) Confluera, the leading provider of Extended Detection and Response (XDR), announced interoperability with VMware Carbon Black.
What is Signal, and is it really safer than WhatsApp? (Fortune) Millions are flocking to Signal and Telegram over privacy and security fears about Facebook-owned WhatsApp.
WhatsApp, Signal, Telegram and iMessage: Choosing a Private Encrypted Chat App (Wall Street Journal) Millions of users flocked to the chat apps in recent weeks. There are a few factors behind the surge.
ESET launches cloud-based endpoint security solution (Trade Arabia) ESET, a global leader in cybersecurity, has announced the launch of its new endpoint security management platform, ESET PROTECT, in selected countries.
Coalfire Federal Becomes CMMC Registered Provider Organization (RPO) (PR Newswire) Coalfire Federal, a leading cybersecurity services provider to the federal government and Defense Industrial Base (DIB), today announced it has...
Synamedia Integrates its Security and Watermarking Solutions with Akama's Intelligent Edge Platform (Fast Mode) Synamedia on Wednesday announced that its security and watermarking solutions are now integrated with Akamai, the intelligent edge platform for securing
Offensive Security Increases Adoption of Industry-leading Training and Certification to More Than 4,000 Companies Worldwide (Yahoo) Offensive Security, the leading provider of hands-on cybersecurity training and certification for information security professionals, today announced a record-breaking year of growth in 2020. Demand for its industry-leading training and certification programs was fueled by the ever-widening cybersecurity talent gap and the growing mission-critical need for enterprises to take an offensive approach to cybersecurity.
RunSafe Security Announces Partnership with ReleaseTEAM (PR Newswire) RunSafe Security, a pioneer of the patented process to immunize software from cyber-attacks and disrupt hacker economics without developer...
Technologies, Techniques, and Standards
NSA warns against using DoH inside enterprise networks (ZDNet) The NSA urges companies to host their own DoH resolvers and avoid sending DNS traffic to third-parties.
CISA tells agencies to consider ad blockers to fend off 'malvertising' (CyberScoop) The U.S. Cybersecurity and Infrastructure Security Agency urged federal agencies on Thursday to deploy ad-blocking software and standardize web browser usage across their workforces in order to fend off advertisements implanted with malware.
Pentagon testing office finds problems — again — with network security system (C4ISRNET) The Defense Information Systems Agency's Joint Regional Security Stacks still has challenges 2 years after suggestions to eliminate the platform.
Remote Images Are Pushing Email Filters to Their Limits (Vade Secure) Remote images have emerged as the latest filter bypassing technique by hackers looking to exploit weaknesses in email security technology.
5 foolproof signs of phishing scams - and how to react (TechZone 360) Phishing emails were one of the biggest cyber threats last year, and it''s no wonder why. We are all online more than ever, and cybercriminals took advantage of our lock-in lifestyles (and anxiety) by sending clever scam emails. They were successful, too: the FBI''s Internet Crime Complaint Center reported that people lost $57 million to phishing schemes in one year.
Design and Innovation
Pentagon’s weapon tester pushes for better assessments of offensive cyber tools (C4ISRNET) Annual DOT&E report says realistic simulations aren't routine or rigorous enough.
Academia
SPC and Cyberbit Partner to Advance Cybersecurity Workforce Education and Training (Alamo Colleges) St. Philip's College (SPC) and Cyberbit today announced they are entering into a partnership to enhance cybersecurity workforce education and training.
Commonwealth Cyber Initiative Technical Advisory Board ready to help make Virginia a global cybersecurity leader (VT News) The advisory board includes high-profile experts, Virginia Tech alumni, and those who represent industry giants and higher education institutions.
Legislation, Policy, and Regulation
Ministers of India, Vietnam hold security dialogue, commit to promote armed forces engagement (Jagranjosh.com) Both the countries committed to promote armed forces engagement between the two nations under the framework of comprehensive strategic partnership.
European Regulator Announces Strategic Data Protection Objectives for Upcoming Years (cyber/data/privacy insights) On 15 December 2020, the EU data protection regulator – the European Data Protection Board – adopted its Strategy for 2021-2023, which outlines its objectives and key actions for the upcoming years. At the outset, the EDPB recalls that its strategy, as well as its work in general, are guided by the
Poland plans to make censoring of social media accounts illegal (the Guardian) Following Trump’s Twitter ban, Polish government wants to protect posts that do not violate nation’s laws
Trump social media ban a 'nuclear blast in cyber space' ― Russia (Vanguard News) Russia on Thursday compared the decision of social media giants to suspend Trump's accounts to a "nuclear blast in cyberspace".
Hong Kong internet firm blocked website over security law (AP NEWS) A Hong Kong internet service provider on Thursday said it had blocked access to a pro-democracy website to comply with the city’s national security law. In a statement...
The long game: Why the US must rethink its cyber strategy (TheHill) A foreign adversary’s ability to breach networks associated with crucial U.S. agencies is unprecedented and calls into question the effectiveness of U.S. cyber-defense.
SolarWinds Is Bad, but Retreat From Defend Forward Would Be Worse (Lawfare) Russia launched SolarWinds—the latest in a long series of hostile Russian cyber operations—not because the U.S. has engaged too proactively in cyberspace. Quite the opposite; it did so, very simply, because it could.
EXCLUSIVE-Trump administration adds China's Comac, Xiaomi to Chinese military blacklist (Reuters) The Trump administration on Thursday added nine Chinese firms to a blacklist of alleged Chinese military companies, including planemaker Comac and mobile phone maker Xiaomi, according to a document seen by Reuters.
U.S. Moves to Block Telecom Tech From China and Others Deemed Foes (Wall Street Journal) It will be up to the Biden administration to follow through on the new rules, which also names Iran and North Korea.
Analysis | The Cybersecurity 202: Sen. Mark Warner plans breach-notification debate in wake of SolarWinds hack (Washington Post) Congress will consider whether to require companies – or government agencies – to disclose breaches.
Litigation, Investigation, and Law Enforcement
FBI tracking ‘extensive’ online chatter about armed protests (Military Times) Director Christopher Wray said the FBI remains concerned about the potential for violence at protests and rallies in Washington and in state capitols around the country.
Why Didn't The FBI And DHS Produce A Threat Report Ahead of The Capitol Insurrection? (NPR) The FBI and the Department of Homeland Security wrote detailed threat assessments before Black Lives Matter demonstrations last summer, but offered only general warnings before the events on Jan. 6.
WhatsApp faces first legal challenge in India over privacy (Reuters) WhatsApp's updated privacy policy verges on user surveillance and threatens India's security, a petition filed in an Indian court said on Thursday, presenting another legal challenge for the Facebook Inc-owned messenger.
Italian data authority takes aim at Whatsapp's privacy disclaimer (Reuters) Facebook Inc-owned messenger WhatsApp did not clearly communicate to users changes to its privacy policy, potentially making it difficult for people to decide whether to drop the service, Italy's data protection authority said on Thursday.
Facebook’s Sandberg deflected blame for Capitol riot, but new evidence shows how platform played role (Washington Post) Fliers and hashtags promoting the pro-Trump rally circulated on Facebook and Instagram in the days and weeks beforehand
U.S. Accuses MIT Professor of Hiding Extensive China Ties in Federal Grant Application (Wall Street Journal) MIT engineering professor Gang Chen is the latest academic charged for hiding ties to and funding from China.
Marriott Beats Suit Over Data Breach Affecting 5.2M Guests (Law360) Marriott International Inc. has won dismissal of a proposed federal class action in California stemming from hackers improperly accessing 5.2 million guests' personal information using Russia-based login credentials, after an internal probe found that no "sensitive" data was exposed.
Facebook sues makers of malicious Chrome extensions for scraping data (BleepingComputer) Facebook has taken legal action against the makers of malicious Chrome extensions used for scraping user-profiles and other information from Facebook's website and from users' systems without authorization.
Facebook sues two Chrome extension devs for scraping user data (ZDNet) Facebook filed a lawsuit today in Portugal against browser extension maker Oink and Stuff.
Massages and Private Shopping Trips Cushion Tycoon’s Detention (New York Times) The conditions of the Huawei executive, Meng Wanzhou, who is wanted in the U.S. on fraud charges, are even more luxurious than previously known.
Amazon Makes It Too Hard to Cancel Prime, Groups Tell FTC (Bloomberg) Public Citizen, others ask regulators to probe Prime rules. Report says manipulative techniques make it hard to opt out.
How to prevail when technology fails (The Litigation Landscape) We surveyed 550 businesses, and 61% told us that technology is a core part of their growth strategy. Our report looks at how businesses can maximize that opportunity, by mitigating their risks.
Florida Ethics Officer Charged with Cyberstalking (Threatpost) Judge bars former Tallahassee city ethics officer from internet-connected devices after her arrest for cyberstalking.