Attacks, Threats, and Vulnerabilities
US Cyber Command, CISA warn of hackers exploiting critical VMware flaw (CyberScoop) Hackers have been leveraging a critical flaw in the software that Silicon Valley vendor VMware uses to manage virtual machines in large data centers, U.S. Cyber Command warned on Saturday. The flaw allows an attacker to execute code remotely and potentially infiltrate sensitive computing environments that run on VMware’s widely used server management software.
Ransomware Struck Another Pipeline Firm—and 70GB of Data Leaked (Wired) LineStar Integrity Services was hacked around the same time as Colonial Pipeline, but radical transparency activists have brought the attack to light.
Phishing Malware Hijacks Bitcoin Addresses and Delivers New Agent Tesla Variant (Fortinet Blog) FortiGuard Labs recently captured a new phishing campaign in which a MS Excel document attached to a spam email downloaded and executed several pieces of VBscript code. Used to hijack bitcoin addre…
US truck and military vehicle maker Navistar discloses data breach (BleepingComputer) Navistar International Corporation (Navistar), a US-based maker of trucks and military vehicles, says that unknown attackers have stolen data from its network following a cybersecurity incident discovered at the end of last month.
Military Vehicles Maker Navistar Reports Data-Theft Cyberattack (SecurityWeek) Truck maker Navistar International Corporation confirms data stolen in cyberattack that affected some operations.
CyRC Vulnerability Advisory: Denial of service vulnerabilities in RabbitMQ, EMQ X, and VerneMQ (Software Integrity Blog) CVE-2021-22116, CVE-2021-33175, and CVE-2021-33176 are denial of service vulnerabilities in three popular open source message broker applications.
Report: New Ransomware Variant Targeting Microsoft Exchange Servers (Health IT Security) A Sophos report shows threat actors, with likely ties to REvil ransomware, are deploying a new malware variant by exploiting flaws in Microsoft Exchange Servers.
Hackers Using Microsoft Against Itself (Avanan) Using a spoofed "onmicrosoft.com" address can fool email scanners.
De Blasio: No info compromised at this time in hack of city law department (NY1) Watch the full interview here.
Faculty members delve into recent ransomware attacks (University of Miami) University of Miami cybersecurity and supply chain experts explain why cybercriminals are finding infrastructure a lucrative target.
Four Security Vulnerabilities were Found in Microsoft Office (Check Point Software) Check Point Research (CPR) urges Windows users to update their software, after discovering four security vulnerabilities that affect products in Microsoft
Authorities Warns of New Surge in Ransomware on Education Sector (Infosecurity Magazine) Ransomware has led to the loss of student coursework, school financial records and data relating to COVID-19 testing
Insurer Chubb paid $65,000 to help a city unlock ransomware in 2018. A second hack was more expensive. (CyberScoop) A city in California didn’t disclose a ransomware payment for more than two years after its insurer covered the cost, the city manager acknowledged amid yet another ransomware attack on the municipality. In 2018, officials in Azusa, Calif. paid $65,000 through its insurer Chubb to free up its most vital system and used a free decryption key to unlock the others,
RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries (CyberNews) The 100GB archive posted on a hacker forum contains 8.4 billion entries of passwords combined from multiple previous data leaks and breaches.
This might be the mother of all password leaks, with billions of credentials exposed (Yahoo) Shortly before Apple CEO Tim Cook took the virtual stage at the iPhone maker’s Apple Park headquarters campus for WWDC 2021 on Monday — at which the company unveiled a ton of new software updates, including some major new privacy enhancements — an email landed in my inbox underscoring how critical those privacy features are …
Twitch, Pinterest, Reddit and more go down in Fastly CDN outage (Update: Outage resolved after 1 hour) (TechCrunch) Countless popular websites including Reddit, Spotify, Twitch, Stack Overflow, GitHub, gov.uk, Hulu, HBO Max, Quora, PayPal, Vimeo, Shopify, Stripe, and news outlets CNN, The Guardian, The New York Times, BBC and Financial Times are currently facing an outage. A glitch at Fastly, a popular CDN provi…
Internet Outage Hits Major Websites (Wall Street Journal) Dozens of websites in the U.S. and Europe flicked back on after being offline for roughly an hour early Tuesday, following an internal glitch at a major cloud-services provider
Security Patches, Mitigations, and Software Updates
GitHub Updates Policies on Vulnerability Research, Exploits (SecurityWeek) Code hosting platform GitHub says it has updated its policies regarding vulnerability research, malware, and exploits, to permit dual-use security research.
Apple unveils new iOS 15 privacy features at WWDC (TechCrunch) iOS 15 is expected out later this year.
Trends
PC Matic 2021 Password Hygiene and Habits Report (PC Matic) The last year has brought about many challenges for the United States. A global pandemic forced most Americans to work from home. The shift in technology usage allowed cybercriminals to execute an unprecedented number of infiltrations into private networks and systems.
Cryptocurrency attacks - What’s hot in 2021 (Digital Shadows) It’s been a pretty big year so far for cryptocurrency. After it reached an all-time high in April 2021, new investors desperate not to miss out on the digital gold rush flocked to the exchanges to buy Bitcoin and altcoins. Cryptocurrencies’ current total market cap sits just above $1.7 trillion.
Identity Theft Consumer Shopping Study: 2021 (Security.org) In 2020 and throughout 2021, the COVID-19 pandemic caused an increase in COVID-related scams, including identity theft. On March 29, 2021, the FTC received a record 3,038 COVID-related identity theft reports, the most in a single day. To see how ID theft has changed throughout the year, we surveyed more than 700 U.S. adults to … Continued
Annual Threat Report 2020 (Nexusguard) The increase in online gaming attracted attention from attackers, resulting in nearly 77% of cyber attacks targeting online gaming and gambling industries in Q3 2020, according to the Nexusguard Q3 2020 Threat Report.
Threats to Business Travel after COVID-19 | Accenture (WordPressBlog) As vaccinations roll out and international travel resumes, threat actors will likely look to exploit business travelers and the travel industry. Read more.
Malware threat looms large over Singapore cyber attack surge (Channel Asia) Cyber threats in Singapore surged in the first quarter, with malware taking its place as the undisputed driver of the intensifying threat landscape.
Marketplace
ExtraHop to be Acquired by Bain Capital Private Equity and Crosspoint Capital Partners (BusinessWire) ExtraHop to be Acquired by Bain Capital Private Equity and Crosspoint Capital Partners
Deloitte acquires cloud security orchestration provider CloudQuest (ZDNet) The deal marks Deloitte's second security-related acquisition this year as the company aims to bolster its existing cybersecurity offerings.
Blue Ridge Networks Closes Growth Capital Investment Round (AiThority) Blue Ridge Networks, Inc., announced that it closed an investment round with funding from a US private venture fund
SkyePoint Decisions Awarded $300 Million U.S. Department of Education Cyber BPA (PR Newswire) SkyePoint Decisions, Inc. (SkyePoint Decisions) is excited to announce that it received an award for a five-year, multiple award, $300 million...
CISA Selects Bugcrowd and Endyna to Run Its Vulnerability Disclosure Policy Platform (Bugcrowd) Security-First Partnership Provides Crowdsourced Vulnerability Detection, Monitoring, and Reporting Services for Federal Civilian Executive Branch Agencies SAN
The CyberTech100 for 2021 recognises the pioneering companies helping financial institutions combat cyber threats and fraud (Pressat) The second annual list of the world’s most innovative providers of digital solutions helping financial services firms fight off cyber-attacks and protect their data was announced today by FinTech Global, a specialist research firm.
Cloud-First Managed SD-WAN and SASE Pioneer Aryaka Activates EU-Friendly Dublin Services PoP to Address Growing Customer Demand (Aryaka) Aryaka Networks, the leader in fully managed Cloud-First WAN and SASE services, today announced the availability of its latest Services Point of Presence (PoP) in Dublin, Ireland, inside the newly redrawn EU boundary. This deployment was driven by enterprise customer demand for more connectivity across and into the […]
Varonis Systems to bring 60 jobs to its new office in Cork (Silicon Republic) Varonis Systems will be hiring in tech support, research and development, human resources and sales over the next three years.
NortonLifeLock to sell Mountain View campus for $358 million to TMG Partners (Silicon Valley Business Journal) After relocating to Arizona and selling off its Symantec name, NortonLifeLock has been selling off its Silicon Valley real estate portfolio.
Sotero Appoints Security Industry Veteran C.J. Radford as Chief Executive Officer and Welcomes Alan Kessler as the Newest Board Member (PR Newswire) Sotero, the leading next-generation data encryption provider announces strengthening of its executive team with the addition of C.J. Radford as...
TrapX Security Appoints Steve Preston as CEO (PR Newswire) TrapX Security, the global leader in deception-based threat detection and response, today announced that Steve Preston has been appointed Chief...
Products, Services, and Solutions
Claroty Unveils First Zero-Infrastructure Cybersecurity Solution to Protect Industrial Enterprises - Claroty (Claroty) New Claroty Edge and enhanced Continuous Threat Detection give customers faster, easier, more-flexible paths to achieve wide range of industrial cybersecurity objectives
SAFE Identity Launches Public Qualified Products List to Provide Secure, Lab-tested Identity Products to Healthcare Organizations (GlobeNewswire) SAFE Identity, an industry consortium and certification body supporting a standards-based, interoperable Trust Framework for digital identities, today announced the launch of the SAFE Identity Qualified Products List (QPL) program.
Onna Launches eDiscovery Cloud Transfer Capability to Increase Security and Cut Export Management Overheads for Customers (Corporate Compliance Insights) The automated export workflow significantly reduces time and effort while increasing predictability and strengthening security New York and Barcelona (June
Quttera Enhances Its Malware Scanning Tools With New Features (PR Newswire) Quttera has two new enhancements to its malware scanning API that strengthen website security and offer detailed threat monitoring. Quttera is...
BlackBerry and BiTECH Team Up To Build Safe, Reliable Digital LCD Instrument Cluster For Changan’s Newly Launched UNI-K SUV (BlackBerry) BlackBerry Limited (NYSE: BB; TSX: BB) today announced that its QNX® Neutrino® Realtime Operating System (RTOS), has been adopted in a new digital LCD cluster jointly developed with BiTECH Automotive (Wuhu) Co., Ltd.
Cobalt Iron Compass Now Part of IBM Product Portfolio Through Passport Advantage Program (Yahoo Finance) Cobalt Iron Inc., a leading provider of Software-as-a-Service-based enterprise data protection, today announced that its Compass® enterprise SaaS backup solution is now part of IBM’s product portfolio through the IBM Passport Advantage program. Through Passport Advantage, IBM sellers, partners, and distributors around the world will be able to sell Compass under IBM part numbers to any organizations, particularly complex enterprises, that greatly benefit from the automated data protection and an
Atlas VPN’s data breach monitor feature is now on iOS and Android platforms (Cloud7 News) Virtual network service provider Atlas VPN released a new security feature called Data Breach Monitor. The new feature, currently available
ProtectedBy.AI Launches First-of-Its-Kind Defense Against Cyberattacks (WFMZ.com) ProtectedBy.AI, a world leader in artificial intelligence driven solutions, is launching CodeLock™ – its patented revolutionary approach to defend against insertion attacks that can
Proofpoint Launches Industry’s First Cloud Native Information Protection and Cloud Security Platform (Proofpoint) Cybersecurity leader also introduces multiple people-centric advancements spanning its Threat Protection and Compliance Platforms, including Advanced BEC Defense, powered by the new Supernova detection platform.
ThycoticCentrify Service Account Governance Adds Integration with Cloud Vaults Including AWS Secrets Manager and Azure Key Vault (PR Newswire) ThycoticCentrify, a leading provider of cloud identity security solutions formed by the merger of privileged access management (PAM) leaders...
Technologies, Techniques, and Standards
Fitting Into IoT Security with a New Open-Source Encryption Standard (IoT for All) If today’s IoT devices have an Achilles heel, it’s that they’re prone to security lapses and often catastrophic data leaks. Part of that has to do with the breakneck speed at which the IoT industry developed and continues to churn out new devices. That speed made it impossible for the industry to coalesce around any agreed-upon security standards.
Modern Ransomware's Double Extortion Tactics and How to Protect Enterprises Against Them (Trend Micro) Modern ransomware like Nefilim present new challenges and security concerns for enterprises across the world. How do these new families differ from traditional ransomware? And what can organizations do to mitigate risks?
You Really Can’t Do Enough Security Training (CIO Insight) When it comes to security training in the era of near-daily phishing and ransomware attacks, can your company ever be over-prepared?
10 things to do now to reduce the cost of your next data breach (CSO Online) Taking these steps will save money, time, and reputation when that next breach hits.
The Importance of Cyber Security in B2B Business Model (Legal Reader) Cybersecurity is crucial for B2B business to function properly. We explore precautions that should be taken to shield your online shop from cyber-attacks.
Design and Innovation
Expect an Orwellian future if AI isn't kept in check, Microsoft exec says
(Live Science) AI is already being used for widespread surveillance in China.
Possible First Use of AI-Armed Drones Triggers Alarm Bells (Voice of America) Western military experts are assessing whether an autonomous drone operated by artificial intelligence, or AI, killed people — in Libya last year — for the first time without a human controller directing it remotely to do so.
A report by a United Nations panel of experts issued last week that concluded an advanced drone deployed in Libya “hunted down and remotely engaged” soldiers fighting for Libyan general Khalifa Haftar has prompted a frenetic debate among Western security officials and analysts.
Research and Development
ReliaQuest Awarded Patent Recognizing Data Comparison Capabilities (BusinessWire) ReliaQuest, the leader in Open XDR-as-a-Service, has been granted a patent recognizing innovative capabilities within its proprietary Universal Transl
Army research budget focuses on tactical electronic warfare architecture (C4ISRNET) Despite less procurement spending compared to previous years, the Army is continuing its R&D investments to build out critical electronic and cyber ops equipment.
Academia
Uncovering DePaul’s connections with Raytheon Technologies (The DePaulia) DePaul offers programs that have connections to one of the nation’s top defense companies.
Legislation, Policy, and Regulation
Update: Government to delay controversial NHS data sharing plan (Computing) Government promises extra time as opposition to 'data grab' grows
Nigerians could get arrested for tweeting. They’re protesting on Twitter anyway. (Washington Post) Nigeria’s telecom companies had officially blocked Twitter, and the attorney general vowed to prosecute those who found a way to use it, but Editi Effiong kept posting.
The Cybersecurity 202: The Justice Department is taking the fight to ransomware hackers (Washington Post) First off, don't panic. Disruptions of major websites this morning are due to an error at the cloud computing service firm Fastly and a fix is coming soon. Details from the Financial Times's Matt Taylor:
Energy Chief Cites Risk of Cyberattacks Crippling Power Grid (SecurityWeek) Energy Secretary Jennifer Granholm on Sunday called for more public-private cooperation on cyber defenses and said U.S. adversaries already are capable of using cyber intrusions to shut down the U.S. power grid.
Energy Secretary Granholm Says Hackers Could Shut Down the U.S. Power Grid (Barron's) Wedbush analyst say focus on cybersecurity should boost spending on security software -- and provide a boost to some stocks.
Biden adviser says focus on bitcoin’s role in cyber attacks must be ‘priority’ for G7 (Yahoo) Sullivan: Ransomware attacks stressed necessity of cyber defenses
Analysis: Ransomware attacks saddle Biden with grave national security crisis (CNN) The Biden administration Sunday confronted the implications of a sudden and grave national security challenge as ransom-demanding cyber hackers target the staples of American life -- food, gas, water, hospitals and transport.
Biden’s Cyber Executive Order: How It Could Impact Your Business (Bloomberg Law) President Biden’s executive order requiring the networks of federal departments and agencies to have strengthened safeguards against cyberattacks will impact federal government contractors directly and are likely to have an indirect effect on private businesses as well, say Latham & Watkins cybersecurity and data privacy attorneys.
Litigation, Investigation, and Law Enforcement
Department of Justice Seizes $2.3 Million in Cryptocurrency Paid to the Ransomware Extortionists Darkside (US Department of Justice) The Department of Justice today announced that it has seized 63.7 bitcoins currently valued at over $2.3 million.
US seizes $2.3 million Colonial Pipeline paid to ransomware attackers (Ars Technica) Funds seized after Justice Department IDs Bitcoin wallet and obtains its private key.
US recovers most of $4.4 million ransom paid to Colonial Pipeline hackers (Computing) The company says it is grateful to FBI for its 'swift work and professionalism'
U.S. Retrieves Millions in Ransom Paid to Colonial Pipeline Hackers (Wall Street Journal) U.S. officials said they had recovered roughly $2.3 million in digital currency paid to release Colonial Pipeline from a ransomware attack last month that prompted the shutdown of the main conduit for gasoline and diesel fuel to the U.S. East Coast.
First on CNN: US recovers millions in cryptocurrency paid to Colonial Pipeline ransomware hackers (CNN) US investigators have recovered millions in cryptocurrency they say was paid in ransom to hackers whose attack prompted the shutdown of the key East Coast pipeline last month, the Justice Department announced Monday.
US Recovers Most of Ransom Paid After Colonial Pipeline Hack (SecurityWeek) The Justice Department has recovered the majority of a multimillion-dollar ransom payment to hackers after a cyberattack that caused the Colonial Pipeline to halt its operations last month.
U.S. Seizes Share of Ransom From Hackers in Colonial Pipeline Attack (New York Times) Investigators traced 75 Bitcoins worth more than $4 million through nearly two dozen cryptocurrency accounts.
Justice Dept. says it recovered most of the ransom paid after the Colonial Pipeline cyber attack. (New York Times) Colonial had paid a ransom worth roughly 75 Bitcoin — or nearly $5 million — to the hacking group DarkSide after the cybercriminals used ransomware in May.
DOJ officials say they recovered most of the Colonial ransomware payment (The Record by Recorded Future) In a video press conference today, US officials said they recovered the vast majority of the $4.3 million that Colonial Pipeline paid to a ransomware gang last month after the hackers encrypted its IT network in a security incident that disrupted fuel supply for the entire US East Coast.
'Extortionists will never see this money’: US seizes ransom paid to Colonial Pipeline hacker (Sydney Morning Herald) The US Justice Department has recovered the majority of a multimillion-dollar ransom payment to hackers after a cyber attack that caused the operator of the country’s largest fuel pipeline to halt its operations last month.
FBI and Australian police ran an encrypted chat platform to catch criminal gangs (The Record by Recorded Future) The FBI and Australian Federal Police ran an encrypted chat platform and intercepted secret messages between criminal gang members from all over the world for more than three years.
ANOM: Hundreds arrested in massive global crime sting using messaging app (BBC News) Hundreds are arrested worldwide after using the ANOM app, where their messages were monitored.
Hundreds arrested around the world in global organized crime sting (NBC News) The FBI and Australian officials developed an encrypted device company which eventually gave them access to hundreds of criminal networks.
Trojan Shield: How the FBI Secretly Ran a Phone Network for Criminals (Vice) New court records detail how the FBI turned encrypted phone company 'Anom' into a honeypot for organized crime.
Trojan Shield: Europol details massive organized crime sting | DW | 08.06.2021 (Deutsche Welle) The operation was built around the ANOM messaging platform, which was being secretly run by the FBI. Some 16 countries, along with Europol, were involved in the global operation.
800 criminals arrested in biggest ever law enforcement operation against encrypted communication (Europol) The US Federal Bureau of Investigation (FBI), the Dutch National Police (Politie), and the Swedish Police Authority (Polisen), in cooperation with the US Drug Enforcement Administration (DEA) and 16 other countries have carried out with the support of Europol one of the largest and most sophisticated law enforcement operations to date in the fight against encrypted criminal activities.
Police raids across Europe after encrypted phone network shut down (the Guardian) Belgian, Dutch and French police ‘looked over shoulders’ of gangs after hacking Sky EEC network
Latvian woman charged with writing malware for the Trickbot Group (Naked Security) Looking for contract programming work? You might be surprised at what’s on offer out there.
‘Does Anybody Have a Plan?’ Senate Report Details Jan. 6 Security Failures. (New York Times) A 127-page joint report is the most comprehensive and detailed account to date on the intelligence, communications and policing failures around the Capitol riot.
Cobalt Gang Members Sentenced by Kazakhstan District Court (GovInfoSecurity) A district court in Kazakhstan sentenced two unidentified Cobalt, aka Carbanak, gang members to serve eight years in prison on robbery and attempted robbery
Осуждены члены транснациональной киберпреступной организации «Карбанак/Кобольт» (Прокуратура города Алматы) Районным судом №2 Бостандыкского района г.Алматы к 8 годам лишения свободы осуждены два участника транснациональной киберпреступной организации «Карбанак/Кобольт».
F.B.I. Investigates Cyberattack That Targeted N.Y.C. Law Department (New York Times) City lawyers’ computer network was disabled after the attack, which the police and federal officials believe was the work of hackers.
Nebraska Health System Data Breach Settlement Gets Early OK (Bloomberg Law) A Nebraska health network and tens of thousands of patients potentially affected by a 2020 data breach secured early approval of a class settlement that provides cash reimbursement for time and expenses, credit monitoring, and security enhancements.
IBM Files Lawsuit Alleging Finjan Breached 2017 Patent Agreement (Bloomberg Law) IBM accused a Finjan Holdings unit of breaching a confidential patent assignment and support agreement the companies entered in 2017, according to documentsfiled Friday in federal court in Wilmington, Delaware.