Attacks, Threats, and Vulnerabilities
Siloscape: First Known Malware Targeting Windows Containers to Compromise Cloud Environments (Unit42) The main purpose of Siloscape is to open a backdoor into poorly configured Kubernetes clusters in order to run malicious containers.
Organizations Warned: STUN Servers Increasingly Abused for DDoS Attacks (SecurityWeek) NETSCOUT has warned organizations that STUN servers have been increasingly abused for DDoS attacks — there are 75,000 abusable servers.
Serious Vulnerabilities Found in CODESYS Software Used by Many ICS Products (SecurityWeek) Researchers have found 10 vulnerabilities, including 9 rated critical and high severity, in CODESYS industrial automation software used in many ICS products.
Colonial Pipeline hackers entered network through a single compromised password (Computing) Password was leaked on the dark web
Hackers Breached Colonial Pipeline Using Compromised Password (Bloomberg) Investigators suspect hackers got password from dark web leak. Colonial CEO hopes U.S. goes after criminal hackers abroad.
How to hack into 5500 accounts… just using “credential stuffing” (Naked Security) Passwords – don’t just pay them lip service.
German cooperative banks hit by DDoS hack attack on IT provider (Reuters) A German company that operates technology for the nation's cooperative banks said on Friday that a cyber attack disrupting more than 800 financial institutions appeared to be easing.
Schwerer DDoS-Angriff auf die IT von Volksbanken und Raiffeisenbanken (Finanz-Szene.de) Stundenlange Störungen nach einem massivem DDoS-Angriff auf die Volksbanken und Raiffeisenbanken (bzw. ihren IT-Dienstleister Fiducia & GAD)
Cyberattack Suspected in Cox TV and Radio Outages (Threatpost) Cox Media Group tv, radio station streams affected by a reported ransomware attack.
EpsilonRed ransomware group hits one of India's financial software powerhouses (The Record by Recorded Future) Nucleus Software Exports, an Indian company that provides lending software to banks and retail stores, has suffered a major ransomware attack that crippled some of its internal networks and encrypted sensitive business information.
Dutch pizza chain discloses breach after hacker tries to extort company (The Record by Recorded Future) New York Pizza, one of the largest pizza restaurant chains in the Netherlands, has disclosed today a security breach after a hacker tried to extort the company over the weekend.
Apache Pizza suffers data breach involving customer delivery details (Irish Examiner) The fast food chain, which has more than said it was notified of the breach on Wednesday with the content of the breach confirmed on Thursday.
Ransomware warning: There's been another spike in attacks on schools and universities (ZDNet) NCSC alert says there's been a rise in ransomware attacks targeting the education sector, at a critical time in the academic calendar.
Ransomware: Huge rise in attacks this year as cyber criminals hunt bigger pay days (ZDNet) Researchers warn of a seven-fold rise in ransomware attacks compared with last year alone - and attackers are continually evolving their tactics.
Hacker selling DDOS-Guard database, source code, pirate sites data (HackRead) It is time for anti-piracy groups to rejoice as the database of DDoS-Guard is reportedly on sale on a hacking forum. It is an infamous bulletproof hosting service dubbed a ‘notorious market’ that many pirate websites use.
Fake patient reviews are making it increasingly hard to seek medical help on Google, Yelp and other directory sites (Washington Post) From rehab centers to family doctors, patients trying to find good medical care are increasingly finding fake consumer reviews — and there are no signs of an imminent crackdown.
Cryptojacking attacks rise as hackers try to exploit boom (mint) Crypto mining is a process that creates new tokens, which means attackers can earn cryptocurrencies directly, instead of having to make fiat currency deposits to an exchange or wallet
Elon Musk’s crypto tweets have ‘destroyed lives,’ says video purportedly from Anonymous (MarketWatch) The nearly four-minute video, posted Saturday, attacks the Tesla Inc. chief executive for being "another narcissistic rich dude who is desperate for...
Musk's Crypto Tweets 'Destroyed Lives,' Anonymous Says as Hacker Group Targets Tesla CEO (CoinDesk) The video accuses the Tesla CEO of abandoning bitcoin as a form of payment in order to keep government subsidies.
Azusa officials hid 2018 cyber attack, used insurance to pay $65K ransom to hackers (San Gabriel Valley Tribune) No sensitive information was compromised in the ransomware attack two years ago, but a data breach disclosed May 27 yielded police reports, jail records and payroll information that were posted to …
Alabama businesses react to JBS cyber attack and increase in meat prices (CBS 42) As one of the largest meat suppliers in the U.S. begins to bounce back after being shut down by a cyber attack, meat producers are seeing an increase in prices. The …
BPJS Kesehatan Denies Misconduct in Data Breach Allegation (Tempo) BPJS Kesehatan claims it never handed over sensitive confidential social security data of its users to outside parties.
Vulnerability Summary for the Week of May 31, 2021 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
Patch now: Attackers are hunting for this critical VMware vCentre flaw (ZDNet) In the "ransomware era" everyone needs to patch vulnerable systems as quickly as possible.
End to End Encryption is coming to Microsoft Teams Calls soon (MSPoweruser) Way back in March Microsoft announced that they will soon support End to End Encryption in Microsoft Teams and today Microsoft has finally given an update on the arrival of the feature. End-to-end encryption is the encryption of information at its origin and decryption at its intended destination without the ability for intermediate nodes to […]
Rise in low-level hacking of critical infrastructure globally (The Straits Times) Attempts to hack systems controlling critical infrastructure, such as in the energy and water sectors, have increased by 3 to 5 times.. Read more at straitstimes.com.
EfficientIP and IDC: Threat Actors Diversify Their Toolkits Throughout Pandemic with DNS Attacks Costing Nearly $1 Million Each (BusinessWire) Almost 90% of organizations have experienced a DNS attack, a rise from last year according to 2021 Global DNS Threat Report.
Nearly a Third of Malicious Emails Are Spotted by Users, Not Investigative IT Teams (The Fintech Times) Barracuda Networks find it takes roughly 83 hours from the moment a malicious email attack lands in an employees inbox, till it is discovered.
Trulioo Closes USD $394M Series D led by TCV at $1.75B Valuation (PRWeb) Trulioo, the leader in global identity verification, announced today it has completed a $394M Series D round at a $1.75B valuation. The Series D
XDR Platform Provider SentinelOne Files for IPO (SecurityWeek) Endpoint security firm SentinelOne has publicly filed its S-1 registration statement with the SEC for an initial public offering (IPO) of its stock.
FireEye: Product Strategy Largely Misunderstood, Maintaining A Bullish Outlook (Seeking Alpha) After the announced sale of the Products segment (FireEye), the market is still struggling to understand both the growth and product strategy for Mandiant (Remainco).
Why Did Microsoft Acquire ReFirm Labs? (Analytics India Magazine) ReFirm Labs was founded by a group of IoT security experts, Peter Eacmen and Terry Dunlap, in 2017.
The Technology 202: Influencers are evading TikTok's political ad ban, researchers say (Washington Post) TikTok has one of the strictest bans on political advertising in the tech industry. But partisan influencers are flying under the radar on the social network, exposing a critical blindspot in the company’s rules, researchers say.
Admit It: The Facebook Oversight Board Is Kind of Working (Wired) Facebook has agreed to follow some of the board’s nonbinding recommendations regarding the Donald Trump suspension. That’s progress.
Samsung Set To Reveal 5G Network Offering, After Huawei Banished (channelnews) As Samsung Electronics Australia, moves to grab a share of the local 5G infrastructure market, where Huawei has been banished the South Korean Company is set to reveal what their offering will look like. The Company has sent out official invitations to global media and business partners across the world for an upcoming online event... Read More
Huawei to help establish UAE as cyber security hub (The National) Protecting the digital future of Emiratis and UAE residents is the company's main priority, its chief security officer says
Huawei unit invests in lithography, aims to forge complete chip industry chain (Global Times) Huawei is apparently stepping up its foray into the field of lithography machines, which are crucial in chip production, shortly after releasing its self-developed operating system HarmonyOS, further reflecting the Chinese telecom giant’s goal to develop a complete industry chain to survive amid the US’ crackdown.
Huawei's fall hits growth of Sony's chip business (Nikkei Asia) US-China trade war radically changes smartphone market structure
Senate Poised to Pass Huge Industrial Policy Bill to Counter China (New York Times) The broad support for the bill highlights how competition with Beijing is one of the few issues that can still unite both political parties.
Here's Why Palo Alto Networks Should Be on Your Radar (The Motley Fool) Is this cybersecurity giant a good stock to buy now?
Appgate announces three promotions within its executive leadership team (Help Net Security) Appgate announces three executive leadership promotions to drive the company to its next stage of growth and support future initiatives.
Sotero Appoints Security Industry Veteran C.J. Radford as Chief Executive Officer and Welcomes Alan Kessler as the Newest Board Member (PR Newswire) Sotero, the leading next-generation data encryption provider announces strengthening of its executive team with the addition of C.J. Radford as...
Qualys Announces Passing of Former CEO and Industry Visionary Philippe Courtot (PR Newswire) It is with profound sadness that Qualys, Inc. (NASDAQ: QLYS), today announces the passing of Philippe Courtot, the company's former CEO,...
Products, Services, and Solutions
Socure Increases Approval Rates and Slashes False Positives for Capital One U.S. Card Team as Capital One Ventures Completes Strategic Investment in Company (BusinessWire) Socure, the leading platform for digital identity trust, announced today that it has received a strategic investment from Capital One Ventures, the ve
Technologies, Techniques, and Standards
How to Protect Your Files From Ransomware (Wired) It's a growing threat for individual users and businesses alike—but there are ways to protect yourself.
Cyber-attack on major shipper adds to food supply chain woes (Loadstar) A cyber-attack on giant meat processor JBS’s operations in North America and Australia has set off alarm bells along supply chains.
EU, Mideast Nations Look to Train at Cyprus Security Center (SecurityWeek) Three European Union member nations and three Middle Eastern countries are looking to train personnel in border, customs, maritime and cybersecurity techniques at a cutting-edge U.S.-funded facility in Cyprus that is expected to be ready early next year.
It’s time to put outbound email security under the spotlight – the pain points and the remedy (TechNative) With inbound email risks such as malware, phishing, and ransomware regularly making the news headlines - and often being the focus of staff cybersecurity training - a reasonable level of awareness and understanding has been reached By contrast, the risks associated with outbound email are little understood as, before now, they have been given limited attention.
MeriTalk Interview: Breaking Down Supply Chain Security With CISA’s Bob Kolasky (MeriTalk) Nothing looms larger in the policy gunsights of the Biden administration than cybersecurity – both in the Federal and private sectors – and how to improve it.
Boards need to understand the long term-harm from cyber breaches (Which-50) Serious cyber security breaches can have an immediate and noticeable impact on a company. But what about the long-term effects that boards and managers
Design and Innovation
With cyberattacks on the rise, organizations are already bracing for devastating quantum hacks (CNBC) In the U.K., a company called Arqit is quietly preparing businesses for cyberattacks in the age of quantum computing.
Microsoft’s Vote Tracking Software Clears a Major Hurdle (Wired) Hart InterCivic will be the first private vendor to partner with the company on using its open-source ElectionGuard system.
Microsoft’s Kate Crawford: ‘AI is neither artificial nor intelligent’ (the Guardian) The AI researcher on how natural resources and human labour drive machine learning and the regressive stereotypes that are baked into its algorithms
Legislation, Policy, and Regulation
Putin-Biden summit to address cybersecurity challenges — Peskov (TASS) Kremlin Spokesman Dmitry Peskov also pointed out that Russia and the United States had not yet embarked on cooperation in the field of cybersecurity
Nigeria suspends Twitter operations, says platform ‘undermines its corporate existence’ (TechCrunch) Through its Ministry of Information and Culture today, the Nigerian government announced its decision to suspend the operations of social media platform Twitter in the country. The statement, made by Minister of Information and Culture, Lai Mohammed, and signed off by his media aide Segun Adeyemi, …
Twitter ban: Nigeria's attorney general to prosecute offenders (The Guardian Nigeria News - Nigeria and World News) Nigeria's attorney general Abubakar Malami Saturday said the country will prosecute those who flout the government order to deactivate operations of twitter in the West African nation.
Like China, Buhari's Government Moves To Block Nigerians From Using VPN For Twitter, Others, Build Internet Firewall
(Sahara Reporters) The internet firewall is a way of having a separate network for the Nigerian Internet that will give the government control over social media platforms such as Twitter and Facebook.
Opinion: This is how much China’s Communist Party fears the power of public memory (Washington Post) Wearing black clothes. Writing 6.4 on light switches. Shining mobile phone lights. Sending smoke signals from a jail cell using a cigarette
Bing Censors Image Search for 'Tank Man' Even in US (Vice) "There are no results for tank man," the Bing website reads after searching for the term.
Microsoft says error caused 'Tank Man' Bing censorship (BBC News) Microsoft's Bing search engine showed no image results for the famous Tiananmen Square protester.
Microsoft’s Bing Temporarily Blocked Searches of Tiananmen Square ‘Tank Man’ Image (Wall Street Journal) Searches for “Tank Man,” a politically sensitive image in China linked to the 1989 Tiananmen Square massacre, were temporarily blocked on Microsoft’s Bing search engine in what the company called “accidental human error.”
Kazakhstan rebuffs talk of joint sanctions response with Russia (Reuters) Kazakhstan on Saturday dismissed a senior Russian official's idea of a joint response to Western sanctions against Moscow and its allies such as Belarus by a Russia-led post-Soviet trade bloc.
Analysis: Ransomware attacks saddle Biden with grave national security crisis (CNN) The Biden administration Sunday confronted the implications of a sudden and grave national security challenge as ransom-demanding cyber hackers target the staples of American life -- food, gas, water, hospitals and transport.
Are We Waiting for Everyone to Get Hacked? (New York Times) It’s been almost a decade since Leon Panetta, then the secretary of defense, warned of an impending “Cyber Pearl Harbor.” He didn’t want to be right.
The Cybersecurity 202: Ransomware has thrust cybersecurity into the spotlight (Washington Post) The Biden administration is responding to the growing threat of ransomware attacks with a vigor and seriousness unparalleled in the government’s decades-long battle against hacking.
U.S. officials up pressure on firms, foreign adversaries over cyberattacks (Reuters) U.S. officials on Sunday ratcheted up pressure on companies and foreign adversaries to fight cybercriminals, and said President Joe Biden is considering all options, including a military response, to counter the growing threat.
Global war on ransomware? Hurdles hinder the US response (ABC News) Foreign keyboard criminals with scant fear of repercussions have paralyzed U.S. schools and hospitals, leaked highly sensitive police files, triggered fuel shortages and, most recently, threatened global food supply chains
The Biden administration seeks to rally allies and the private sector against the ransomware threat (Washington Post) No longer considered only a criminal matter but a danger to national security
As Cyberattacks Surge, Biden Is Seeking To Mount A Better Defense (Houston Public Media) Russian spies have penetrated U.S. government computer networks. Russian criminals have hit the U.S. gasoline and meat supplies. Can the president figure out how to stop the non-stop intrusions?
As Ransomware Hackers Sit On Millions In Extorted Money, America’s Military Is Urged To Hack Back (Forbes) A case stemming from an attack last year shows how companies paid millions in Bitcoin to resume normal operations. It also shows the evolving tactics of law enforcement.
How ransomware hackers came for Americans’ beef
(POLITICO) Virtually no mandatory cybersecurity rules govern the millions of food and agriculture businesses that account for about a fifth of the U.S. economy. And now, the risk has become real.
Ransomware attacks are closing schools, delaying chemotherapy and derailing everyday life (Washington Post) After years of warnings, the impact of ransomware finally hits home for regular people.
Energy secretary backs ban on ransomware payments: 'You are encouraging the bad actors' (NBC News) "We need to send this strong message that paying a ransomware only exacerbates and accelerates the problem," Jennifer Granholm said on "Meet the Press."
Centralizing Cyber Ops Necessary as Cyberattacks Escalate (Government CIO) DHS cyber leaders have a laundry list of items for federal CISOs to address.
Ransomware response: What CISOs really want from the federal government (CSO Online) What should the federal government's role and responsibility be regarding ransomware? Security leaders weigh in.
Cyber Command plans bigger budget for mission planning tool (C4ISRNET) The command and control system would get one of largest increases among budget items for Cyber Command operations.
Have autonomous robots started killing in war? The reality is messier than it appears (The Verge) Squabbles over definitions are distracting from action.
DoD Outlines Tenets of Responsible Artificial Intelligence (Defense One) A memo from the deputy defense secretary also orders the JAIC director to build a strategy around those tenets.
Colorado agencies, schools, companies gird themselves against cyberattacks: “Something big on the horizon” (Greeley Tribune) The attack on JBS is one of the latest and most high-profile examples of the escalating cyberattacks in Colorado and nationwide that have hit gas pipelines, universities, transportation agencies, a…
Litigation, Investigation, and Law Enforcement
WSJ News Exclusive | Chinese Internet Regulators Investigate Startup After Tiananmen Square Anniversary Post (Wall Street Journal) Xiaohongshu’s Weibo account was blocked after a message was posted on June 4, the 32nd anniversary of the Tiananmen Square crackdown.
China Reconsiders Its Central Role in Bitcoin Mining (Wall Street Journal) Entrepreneurs who create bitcoin have long flourished in the nation, despite an uneasy relationship with the central government. A recent warning of a crackdown highlights the cryptocurrency’s tenuous status in China, and might send some crypto miners to the West.
US arrests Latvian woman who worked on Trickbot malware source code (The Record by Recorded Future) The US Department of Justice has arraigned in court today a Latvian woman who was part of the Trickbot malware crew, where she served as a programmer and wrote code for controlling the malware and deploying ransomware on infected computers.
Latvian national charged with writing malware used by Trickbot hackers (CyberScoop) U.S. prosecutors have charged a 55-year-old Latvian national with developing computer code used in tandem with the infamous malicious software known as TrickBot, which has defrauded countless people while infecting tens of millions of computers worldwide.
Latvian National Charged for Alleged Role in Transnational Cybercrime Organization (US Department of Justice) A Latvian national was arraigned in federal court in Cleveland, Ohio, today on multiple charges stemming from her alleged role in a transnational cybercrime organization responsible for creating and deploying a computer banking trojan and ransomware suite of malware known as “Trickbot.”
Don McGahn tells House panel about Trump’s bid to undermine Mueller probe (Washington Post) McGahn was the most-cited witness in the Russia investigation, explaining how the former president tried to have the special counsel fired and then asked aides to lie about it.
Senate sergeant-at-arms says a cyber attack against Congress "keeps me up at night" (Axios) She said hackers attempt intrusions into Congress' computer networks "every single day."
Google Settles Antitrust Case Over Advertising Practices (Wall Street Journal) The firm agreed to pay a fine of nearly $270 million as part of a settlement with French regulators of one of the first antitrust cases globally to allege the tech company abused its leading role in the digital advertising sector.
Facebook Faces UK, EU Antitrust Probes Over Ad Data (Law360) British and European antitrust enforcers are investigating whether Facebook has been using the data it collects from advertisers to keep its place at the top of the online advertising food chain, the watchdogs revealed Friday.
Hackers Stole $650,000 From Nonprofit and Got Away, Showing Limits to Law Enforcement’s Reach (Wall Street Journal) When criminals stole funds from One Treasure Island, the San Francisco organization turned to the cops. Getting no help, its director decided to launch her own investigation.
The All-Seeing Eyes of New York’s 15,000 Surveillance Cameras (Wired) Video from the cameras is often used in facial-recognition searches. A report finds they are most common in neighborhoods with large nonwhite populations.