Attacks, Threats, and Vulnerabilities
Ransomware hits iConstituent, a service lawmakers use to communicate with voters - CyberScoop (CyberScoop) The scourge of ransomware has now hit closer to home for U.S. politicians. Ransomware has impacted the newsletter service of iConstituent, a firm that U.S. lawmakers use to contact constituents, the House of Representatives’ Chief Administrative Officer (CAO) said Tuesday. Individual offices choose to buy iConstituent services, which include virtual town halls, email and texting, and other data services. “At this time, the CAO is not aware of any impact to House data,” the CAO office said in an emailed statement. “The CAO is coordinating with the impacted offices supported by iConstituent and has taken measures to ensure that the attack does not affect the House network and offices’ data.” iConstituent boasts that its software “supports millions of digital interactions between people and their governments each year.” It was unclear Tuesday morning how broadly the incident would impact House legislators’ communication with constituents. The Washington-based firm did not immediately respond […]
Capitol Hill vendor hit by ransomware attack: report (TheHill) A tech vendor used by dozens of House offices on Capitol Hill for constituent outreach services has reportedly been hit by a ransomware attack, becoming the latest victim
Former Hacker Sheds Light On How Cyber Criminals Operate (NPR) Hackers in Russia are responsible for recent ransomware attacks. NPR's Leila Fadel talks to threat intelligence analyst Dmitry Smilyanets about cyber criminals.
Evil Corp Impersonates PayloadBin Group to Avoid Federal Sanctions (Threatpost) The cybercriminals try to pin new ransomware on Babuk Locker in an effort to fly under the radar of an ongoing FBI investigation.
ThunderCats Hack the FSB | Your Taxes Didn’t Pay For This Op (SentinelLabs) Early fingerpointing at Western governments for a hack against the Russian government was misplaced. Our taxes didn't pay for this one.
JBS Hackers Took Data From Australia and Brazil, Researcher Says (Bloomberg) Ransomware episode began with reconnaissance in February. JBS says investigation has found no evidence of exfiltration.
WAGO Controller Flaws Can Allow Hackers to Disrupt Industrial Processes (SecurityWeek) Vulnerabilities found in WAGO controllers can allow hackers to disrupt technological processes, which can lead to industrial accidents, researchers warned.
Positive Technologies Identifies Vulnerabilities in WAGO Industrial Controller (Positive Technologies) Attackers can access controller file system, cause a malfunction, and disrupt the technological process
Open database leaked 179GB in customer, U.S. government, and military records (Illinois News Today) Researchers have disclosed an open database that publishes records containing sensitive data from hotel customers, US military personnel, and officials. On Monday, vpnMentor’s cybersecurity team, led by Noam Rotem and Ran Locar, Database said Belonged to Autoclerk, a service owned by the Best Western Hotels and Resorts group. Auto Clark Is a booking management system …
Regulatory Notice 21-20 (FINRA) FINRA warns member firms of an ongoing phishing campaign that involves fraudulent emails (see sample in Appendix) purporting to be from FINRA and using the domain name “@gateway-finra.org.” The email asks the recipient to click a link to “view request” and provide information to “complete” that request, noting that “late submission may attract penalties.”
Threat Spotlight: Agent Tesla Infostealer (BlackBerry) Agent Tesla contains an array of powerful infostealing features, such as the ability to steal information from a user's browser, passwords, FTP, and files. Agent Tesla has been consistently utilized by cyber criminals, often using spam emails as a means of distribution onto victim machines.
Siloscape malware targets Windows containers, breaks through to the underlying Kubernetes cluster (Register) Using techniques Microsoft had previously considered 'not a vulnerability'
Organizations Warned About DoS Flaws in Popular Open Source Message Brokers (SecurityWeek) Organizations have been warned about DoS vulnerabilities found in three popular open source message brokers, namely RabbitMQ, EMQ X and VerneMQ.
Lumen's Black Lotus Labs uncovers hacktivist attack (FierceTelecom) The attacks targeted a misconfiguration of the Cisco Smart Install feature on some switches and routers.
Hacktivist Campaign Spreads Manifesto through Router Configuration Files (Lumen) The Black Lotus Labs team at Lumen Technologies recently discovered a hacktivist campaign affecting internet-exposed Cisco routers and switches.
Tunbridge Wells: Skinners' Kent schools closed after data breach (BBC News) Two schools in Tunbridge Wells are shut after "sophisticated" hackers encrypted student data.
Two schools forced to close after hackers encrypt vital pupil information (WalesOnline) Pupils from Skinners’ Kent Academy and Skinners’ Kent Primary School in Tunbridge Wells are now being taught remotely from home
No ransom demand in cyber incident at NYC law department, officials say (StateScoop) Mayor Bill de Blasio said the city has “not seen information compromised or a ransom demand,” but added that the situation is “evolving.”
Illinois County Stricken with Grief (Infosecurity Magazine) Grief ransomware gang claims to have stolen 2.5GB of personal data from St. Clair
JBS Rebuffed Call to Boost Cyber Spending, Ex-Employees Say (Bloomberg) Cyber improvements outlined in audit deemed to be too costly. JBS says quick recovery evidence of company’s robust defenses.
Ransomware boom comes from gangs that operate like cloud-software unicorns — ‘a truly incredible business model’ (MarketWatch) If ransomware attacks bring to your mind hoodie-wearing hackers in basements or bunkers full of coding soldiers, think again. These online assaults are proxy...
What Hackers Can Learn About You From Your Social-Media Profile (Wall Street Journal) That post you “liked” on Facebook? Your alma mater on LinkedIn? They are all clues that can make you—and your company—vulnerable.
Alexa, How Secure Is My Data? (Boxcryptor) Smart Speakers can be convenient assistants in everyday life, as users can control their lights just with the sound of their voice, for example. But how do Alexa, Siri and Google handle and protect your data?
Why the Hybrid Workplace Is a Cybersecurity Nightmare (Wall Street Journal) It’s a hacker’s dream: a constantly changing mix of office and remote workers, devices that move in and out of the company networks, and security staffs stretched thin
Fastly blames software bug for major global internet outage (Reuters) Fastly Inc. (FSLY.N), the company behind a major global internet outage this week, said on Wednesday the incident was caused by a bug in its software that was triggered when one of its customers changed their settings.
Security Patches, Mitigations, and Software Updates
Microsoft Raises Alarm for New Windows Zero-Day Attacks (SecurityWeek) Patch Tuesday takes on extra urgency this month with the news that at least six previously undocumented vulnerabilities are being actively exploited in the wild.
Microsoft June Security Patch Bundle Addresses 49 Vulnerabilities (Redmondmag) Microsoft released patches for 49 common vulnerabilities and exposures (CVEs) in its products in June, according to security researcher counts.
Israel researchers find four security flaws in Microsoft Office software (Times of Israel) Check Point Software Technologies says vulnerability in graph-making tool is part of legacy code and has been around for years; urge users to update software to fix
Adobe Patches Major Security Flaws in PDF Reader, Photoshop (SecurityWeek) Adobe's June batch of security patches address a swathe of potentially dangerous vulnerabilities in Adobe Acrobat and Reader, Adobe Photoshop, and the ever-present Adobe Creative Cloud Desktop Application.
Critical Vulnerabilities Patched in Android With June 2021 Security Updates (SecurityWeek) Google has patched more than 50 vulnerabilities with its June 2021 security updates for Android.
Apple Unveils VPN-Like Service and New Privacy Features at WWDC 2021 (SecurityWeek) Apple has announced a VPN-like service and several new privacy features at its 2021 Worldwide Developers Conference (WWDC).
Adobe issues security updates for 41 vulnerabilities in 10 products (BleepingComputer) Adobe has released a giant Patch Tuesday security update release that fixes vulnerabilities in ten applications, including Adobe Acrobat, Reader, and Photoshop.
SAP Security Patch Day June 2021: Multiple Memory Corruption Vulnerabilities Can Lead to System Crashes (Onapsis) SAP has published 20 new and updated Security Notes on its June Patch Day. This number includes two HotNews Notes and four High Priority Notes.
Johnson Controls Metasys (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Johnson Controls
Equipment: Metasys Servers, Engines, and Tools
Vulnerability: Improper Privilege Management
2.
Open Design Alliance Drawings SDK (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Open Design Alliance
Equipment: Drawings SDK
Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write, Improper check for Unusual or Exceptional Conditions, Use After Free
2.
AVEVA InTouch (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.6
ATTENTION: Low attack complexity
Vendor: AVEVA Software, LLC
Equipment: InTouch 2020 R2 and all prior versions
Vulnerability: Clear Text Storage of Sensitive Information in Memory
2. RISK EVALUATION
Successful exploitation of this vulnerability could expose cleartext credentials from InTouch Runtime.
Schneider Electric IGSS (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Schneider Electric
Equipment: IGSS (Interactive Graphical SCADA System)
Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read, Access of Uninitialized Pointer, Use After Free, Release of Invalid Pointer or Reference, Improper Limitation of a Pathname to a Restricted Directory
2.
Schneider Electric Modicon X80 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Schneider Electric
Equipment: Modicon X80
Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor
2.
Thales Sentinel LDK Run-Time Environment (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.6
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Thales
Equipment: Thales Sentinel LDK Run-Time Environment (RTE)
Vulnerability: Incomplete Cleanup
2. RISK EVALUATION
Products that have uninstalled software using the Sentinel LDK Run-Time Environment, may have a port left open that may allow an attacker to connect.
Siemens Mendix SAML Module (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.1
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: Mendix SAML Module
Vulnerability: Insufficient Verification of Data Authenticity
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to escalate privileges.
Siemens TIM 1531 IRC (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: TIM 1531 IRC
Vulnerability: Uncontrolled Resource Consumption
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service condition.
Siemens Solid Edge (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Siemens
Equipment: Solid Edge
Vulnerabilities: Out-of-bounds Write
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could lead to an application crash or arbitrary code execution on the target host system.
Siemens SIMATIC TIM libcurl (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SIMATIC TIM libcurl
Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Improper Certificate Validation
2.
Siemens SIMATIC NET CP 443-1 OPC UA (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SIMATIC NET CP 443-1 OPC UA
Vulnerabilities: Improper Input Validation, Improper Restriction of Operations within the Bounds of a Memory Buffer, Incorrect Calculation, Classic Buffer Overflow, Improper Authentication, Race Condition, Data Processing Errors, Exposure of Sensitive Information to an Unauthorized Actor, Out-of-bounds Read
Siemens Simcenter Femap (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Siemens
Equipment: Simcenter Femap
Vulnerabilities: Out-of-bounds Write
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could crash the device being accessed and may allow arbitrary remote code execution or data extraction.
Siemens SIMATIC RFID (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Low attack complexity
Vendor: Siemens
Equipment: SIMATIC RF Products
Vulnerability: Uncontrolled Resource Consumption
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an unauthorized attacker to crash the OPC UA service of the affected devices.
Siemens JT2Go and Teamcenter Visualization (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Siemens
Equipment: JT2Go and Teamcenter Visualization
Vulnerability: Out-of-bounds Write
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to execute code in the context of the current process.
Siemens Linux Based Products (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.4
ATTENTION: Exploitable remotely
Vendor: Siemens
Equipment: Linux based products
Vulnerability: Use of Insufficiently Random Values
2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-21-131-03 Siemens Linux Based Products that was published May 11, 2021, to the ICS webpage on us-cert.cisa.gov.
Siemens SINAMICS Medium Voltage Products Remote Access (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.7
ATTENTION: Exploitable remotely
Vendor: Siemens
Equipment: SINAMICS Medium Voltage Products, Remote Access
--------- Begin Update A Part 1 of 3 ---------
Siemens Solid Edge File Parsing (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Siemens
Equipment: Solid Edge
Vulnerabilities: Out-of-bounds Write, Improper Restriction of XML External Entity Reference, Out-of-bounds Read
2.
Rockwell Automation ISaGRAF5 Runtime (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.1
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Rockwell Automation
Equipment: ISaGRAF5 Runtime
Vulnerabilities: Use of Hard-coded Cryptographic Key, Unprotected Storage of Credentials, Relative Path Traversal, Uncontrolled Search Path Element, Cleartext Transmission of Sensitive Information
Siemens SIMATIC HMI Products (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SIMATIC HMI
Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Authentication Bypass by Primary Weakness
2.
Siemens Industrial Products (Update E) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.5
ATTENTION: Low attack complexity
Vendor: Siemens
Equipment: Siemens Industrial Products containing certain processors
Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor
2.
Siemens SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK (Update G) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.7
ATTENTION: Low attack complexity
Vendor: Siemens
Equipment: SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK
Vulnerability: Unquoted Search Path or Element
2.
Siemens PROFINET Devices (Update J) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: PROFINET Devices
Vulnerability: Uncontrolled Resource Consumption
2. UPDATE INFORMATION
This updated advisory is a follow-up to the advisory update titled ICSA-19-283-02 Siemens PROFINET Devices (Update H) that was published September 8, 2020, to the ICS webpage on us-cert.gov.
Siemens Industrial Products (Update R) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Remotely exploitable/low attack complexity
Vendor: Siemens
Equipment: Industrial Products
Vulnerability: Improper Input Validation
2. UPDATE INFORMATION
This updated advisory is a follow-up to the updated advisory titled ICSA-17-339-01 Siemens Industrial Products (Update Q) published March 9, 2021, to the ICS webpage on us-cert.cisa.gov.
Siemens PROFINET DCP (Update T) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.5
ATTENTION: Exploitable from an adjacent network/low attack complexity
Vendor: Siemens
Equipment: Devices using the PROFINET Discovery and Configuration Protocol (DCP)
Vulnerabilities: Uncontrolled Resource Consumption
2.
Trends
Radware Announces 2021 Hacker’s Almanac: Details Threat Landscape, Tactics, Techniques Used by Cybercriminals (GlobeNewswire News Room) Part I of III in Series Includes Threats From Nation States, Organized Crime, Hacktivists, Hackers and Disgruntled Insiders/Customers...
Billions of Compromised Records and Counting: Why the Application Layer is Still the Front Door for Data Breaches (Threatpost) Security teams should brace for an unsettling and unprecedented year, as we’re on pace to see 40 billion records compromised by the end of 2021. Imperva’s Terry Ray explains what security teams need to do to bolster their defenses.
TEEX CRC strives to make a difference in cybersecurity, weighs in on recent events (KXXV) There's a center in Aggieland that aims to prevent attacks before they happen and whose mission is to help organizations build cyber resiliency.
Gartner Report: 2021 Strategic Roadmap for SASE Convergence (Cato Networks) According to Gartner, "Digitalization, work-from-anywhere, and cloud computing have accelerated cloud-delivered SASE offerings to enable anywhere, anytime access from any device." Gartner affirms SASE is a pragmatic and compelling model that can be partially or fully implemented today".
Crypto-related scams rise after years of drop (mint) The number of miners, a malicious programme, grew to 200,045 in March.The vulnerabilities that the miners exploit can also be used to steal data from devices
Investment in cybersecurity often overlooked by CEOs, PwC chief warns (The Edge Markets) WHILE digitalisation is the name of the game today, an often overlooked strategy in the digital playbook is investment in cybersecurity, observes PwC Malaysia managing partner Soo Hoo Khoon Yean.Citing statistics from PwC’s recent 24th Global CEO Survey, he says nearly half of the CEOs globally — and 56% of CEOs in Malaysia — plan to increase their investment in digital transformation by 10%.Dive deeper into the data, though, and one would see that investment in cybersecurity — a
Marketplace
Cybersecurity startup Brinqa raises $110 mln from Insight Partners (MSN) CYBER-BRINQA/FUNDING (PIX):Cybersecurity startup Brinqa raises $110 mln from Insight Partners
Horizon3.ai Raises $8.5M to Disrupt Cybersecurity Assessments Market (Horizon3.ai) Former Splunk CTO Teams Up with Former U.S. Special Operations Cyber Operator to Deliver Automated Penetration Testing-as-a-Service
Aiden Technologies Secures $2.9M in Seed Funding to Grow its Automated Endpoint Management Solution (Dallas Innovates) The Dallas-headquartered autonomous endpoint security managed services provider, which just launched last year, will used the funding to ensure every Windows endpoint is consistently kept up to date and secure. Participants in the round include Right Side Capital Management, former U.S. Cyber Czar Richard Clarke, and other cybersecurity industry luminaries.
Synopsys Acquires Code Dx to Extend Application Security Portfolio (Synopsys) Synopsys, Inc. (NASDAQ: SNPS) today announced that it has acquired Code Dx, a provider of an award-winning application security risk management solution that automates and accelerates the...
AI-powered cybersecurity provider ExtraHop to be acquired for $900M (SiliconANGLE) AI-powered cybersecurity provider ExtraHop to be acquired for $900M - SiliconANGLE
Bain Capital and Crosspoint Capital Partners Buy ExtraHop Networks (Wall Street Journal) The private-equity firms are paying $900 million for the company, which provides network detection and response services.
‘Super Apps’ Prompt Cybersecurity Investment from Banks (Banking Exchange) Fintech partnerships increasingly focus on combating cyber threats, as banks fight ‘trojans’ in digital age The Covid-19 pandemic has accelerated demand for mobile banking technology and, in response, financial institutions have introduced ‘super apps’ that offer access to banking services. As a res...
Huawei to open cybersecurity center in southern China (Foreign Brief) Chinese telecommunications giant Huawei will open its Dongguan Global Cyber Security and Privacy Protection Transparency Center today. The Shenzhen-based company
Israeli company selling cyber-espionage technology to Saudi Arabia, Haaretz reports (PressTV) Secretive Israeli cyber firm Quadream has reportedly sold phone-hacking technology to Saudi Arabia to spy on the communications of dissidents and political opponents.
Elevate Security Named a CyberTech100 Company for 2021 (Elevate Security) Recognized for groundbreaking human attack surface management platform Berkeley, Calif., June 8, 2021 – Elevate Security, a leader in human attack surface management, today announced that the company has been recognized as a CyberTech100 company for
Rollbar Rounds Out First Half of 2021 With Strong Growth and New Features (BusinessWire) Rollbar announced a record-breaking first half with the addition of new customers, partnerships, programming languages and best ever usage numbers.
AUSTRALIA : Canberra's new zero-day bounty hunter Duasynt (Intelligence Online) The Australian intelligence services are constantly on the lookout for the latest cyber tools and has a growing domestic pool of talent to dip into.
Darkbit Founders Join Aqua Security to Bolster Cloud Native Security Expertise (Aqua) Brad Geesaman and Josh Larsen (Darkbit) join the Aqua family, and their expertise will strengthen Aqua's CSPM solution & Kubernetes offerings.
TrapX Security Appoints Steve Preston as CEO (PR Newswire) TrapX Security, the global leader in deception-based threat detection and response, today announced that Steve Preston has been appointed Chief...
Matthew McFadden Named Cyber VP, Distinguished Technologist at General Dynamics' IT Unit (GovCon Wire) Looking for the latest GovCon News? Check out our story: Matthew McFadden Promoted to Cyber VP Role at General Dynamics IT Unit. Click to read more!
Cybrary Announces Kevin Hanes as New CEO (PR Newswire) Cybrary, the world's leading online cybersecurity workforce development platform, today announced that Kevin Hanes will join the company as CEO....
IGI Creates Subsidiary IGI CyberLabs, Names Stuart Cohen as President (AccessWire) The cybersecurity services and software company is moving its Nodeware® SaaS platform and other IP to a wholly owned subsidiary focused on software sales and development solutions to accelerate growth PITTSFORD, NY / ACCESSWIRE / June 9, 2021 / Infinite Group, Inc. (IGI) (OTCQB:IMCI) announces today that the company is creating a wholly owned subsidiary to support its Nodeware solution and continued software development: IGI CyberLabs. The
Products, Services, and Solutions
KnowBe4 Launches New Compliance Plus Training Module (PR Newswire) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced the launch of new...
TokenEx Becomes Nacha Preferred Partner for ACH Data Protection (TokenEx) TokenEx is a Nacha Preferred Partner for ACH data protection, joining a select group of innovators whose products and services advance the ACH Network.
BITPOINT LATAM Partners with Acuant to Streamline Crypto Exchange User Experience (GlobeNewswire) Acuant®GO drives user onboardings up by 98%
Fortinet: Zero Trust Network Access (ZTNA) for secure cores, edges and clouds (Data Center News) Fortinet explains how trust has to be proven over and over again in order to ensure that every network component adheres to your overall security policies.
California School District Among 6 Getting Help from IBM Against Cyber Attacks (Techwire) The Newhall School District in Valencia will use the tech giant’s grant funding for training and assessments of schools’ strengths and weaknesses to prevent and respond to future ransomware incidents.
LookingGlass to Provide DOD With Cyber Threat Intell, Analytics Tool; Gilman Louie Quoted (ExecutiveBiz) LookingGlass Cyber Solutions has secured a five-year contract from the Department of Defense to provide the U.S. military with its cyber threat intelligence and analytics platform.The company said Monday its scoutSuite platform provides cybersecurity analysts with a threat modeling environment to process and operationalize threat intelligence and other compromise-related indicators.“Delivering an adversarial-oriented perspective in support
Panaseer issues cyber measurement guidance to protect enterprises from compromise (PR Newswire) Panaseer, the first Continuous Controls Monitoring (CCM) platform for enterprise security, today announces guidance on best practice...
GroupSense and CipherTrace Partner to Reduce Cyrptocurrency Cybercrime (Groupsense) Combined Threat and Cryptocurrency Intelligence Offerings Enable Customers to “Follow the Money”
So They Can Better Identify Threat Actors and Groups, and Thwart Ransomware Attacks
ActZero Partners with Zeguro to Provide Holistic Cyber Risk Management and Response for Small to Mid-Size Businesses (PR Newswire) Cybersecurity startup ActZero today announced a strategic partnership with cyber insurance provider Zeguro to create a comprehensive cyber risk...
Inaugural Certified Third-Party Assessment Organization Enters the CMMC Marketplace (BusinessWire) The CMMC Accreditation Body (CMMC-AB) today announced the authorization of the first Certified Third-Party Assessment Organization (C3PAO) within the
Protegrity Announces Continued Platform Innovation With New Dynamic Data Masking Capabilities (BusinessWire) Protegrity, a global leader in data security, today announced the release of the latest version of the Protegrity Data Protection Platform. Version 8.
Illumio App for Splunk Boosts Visibility and Cybersecurity Posture in Zero Trust Model (GlobeNewswire) Illumio and Splunk Customers Can Accelerate Response Times and Improve Decision Making
RSA Introduces Outseer, a Spinout of its Fraud & Risk Intelligence Unit, to Transform Customer Authentication and Accelerate Revenue for the Digital Economy (BusinessWire) RSA Security LLC (
Ontology Partners with ZAICO to Empower its Inventory Management System, Increasing Traceability, Transparency, and Trust (The Ontology Team) ZAICO’s real-time cloud storage inventory management application will leverage the Ontology blockchain to improve its services.
Technologies, Techniques, and Standards
CISA Announces Vulnerability Disclosure Policy Platform (SecurityWeek) CISA has partnered with the crowdsourced cybersecurity community to launch its vulnerability disclosure policy (VDP) platform.
CISA launches platform to let hackers report security bugs to US federal agencies (TechCrunch) The platform will allow hackers and security researchers to report vulnerabilities to government agencies.
Triad cybersecurity expert addresses recent hacks of companies, shares tips on how to avoid being hacked (myfox8.com) How safe is your computer and your security systems? There have been two major ransomware attacks in the country in just the past month. Experts told FOX8 they think more are on the …
Kaspersky releases checklist to stay safe from doxing (ITP) The checklist offers users knowledge and tools on how to treat their data securely online
Cryptography whizz Phil Zimmermann looks back at 30 years of Pretty Good Privacy (Register) The highs, the lows, the acquisitions, the resignations, and more
The FBI has touted hundreds of arrests thanks to fake apps, but experts predict the emergence of even more encrypted chat services. - Texas News Today (Texas News Today) Law enforcement agencies in 17 countries welcomed multinational efforts to disrupt multiple criminal networks, thanks to AN0M, a platform controlled by the FBI and mounted on custom smartphones. Smartphones were sold in the underground world of crime and were widely used by drug traffickers, arms dealers, murderers and others for about 18 months. The Justice …
From VPN to ZTNA - The Evolution of Secure Remote Work (Check Point Software) Is your VPN getting in the way of productivity? If so, you’re not alone. When it comes to remote network access, you have difficult choices to make. But
Academia
NYU School of Professional Studies Cybersecurity Bootcamp (NYU School of Professional Studies) Looking for a new, innovative career in technology? A career in cybersecurity may be the perfect fit. Learn more about our Cybersecurity Bootcamp today!
Legislation, Policy, and Regulation
When Biden Meets Putin (Foreign Affairs) There is a limit to how much the Putin-Biden summit can accomplish. Even so, there is real value to the optics of consultation and deliberation.
Chinese hackers implicated in breach of Russian government agencies (CyberScoop) Chinese hackers were likely behind a series of intrusions at Russian government agencies last year, security firm SentinelOne said Tuesday.
Behind the Curtain: Assessing China’s Cyber and Human Intelligence Activities (MeriTalk) Major U.S. adversaries and competitors are enhancing and exercising their military, cyber, and other capabilities, raising the risks to the nation, the Office of the Director of National Intelligence (ODNI) reported in its 2021 Annual Threat Assessment. In its public report, ODNI highlighted China’s push for global power, as well as the activities of several other nations.
Secretary General Stoltenberg explains why NATO is getting serious about cyber and China ‘is not an adversary’ (Atlantic Council) Stoltenberg delved into the array of challenges facing NATO—from Afghanistan to the Arctic. Here are a few of the key takeaways.
NATO's Stoltenberg: Sophisticated Cyber Attacks Could Trigger Collective Response (USNI News) In a warning to adversaries, NATO’s secretary general said increasingly sophisticated cyber attacks on its members could trigger an alliance response. The alliance treats cyber “as an operational military domain,” Jens Stoltenberg said Monday at The Atlantic Council. Several years ago, the alliance agreed cyber attacks needed to be regarded in the same light as …
U.S. cyber tools being turned against Americans, limiting Biden's Russia options (Newsweek) "Technically, a lot of these tools that are being leveraged for ransomware are tools that were leaked from our own organization," one cybersecurity official told Newsweek on the condition of anonymity.
FACT SHEET: Biden-Harris Administration Announces Supply Chain Disruptions Task Force to Address Short-Term Supply Chain Discontinuities (The White House) 100-Day Review Outlines Steps to Strengthen Critical Supply ChainsFINAL REPORT Today, the Biden-Harris Administration is announcing key findings from the
Senate Approves $250 Billion Bill to Boost Tech Research (Wall Street Journal) The bipartisan bill would boost government spending on technology research and development amid rising competition from China and other nations.
Executive Order on Protecting Americans’ Sensitive Data from Foreign Adversaries (The White House) By the authority vested in me as President by the Constitution and the laws of the United States of America, including the International Emergency
Trump’s TikTok, WeChat Actions Targeting China Revoked by Biden (Wall Street Journal) The president issued an executive order requiring security reviews of some foreign-owned apps.
The FBI’s Advice on Ransomware: Don’t Pay, but Tell Us if You Do (Wall Street Journal) A deputy assistant director also asks companies to make sure they report breaches.
Tough fight looms against ransomware 'epidemic' (Techxplore) The latest wave of ransomware attacks hitting the United States and globally portends a difficult battle against hackers, even as government and the private sector ramp up defenses.
Banning Ransomware Payments Could Create New Crisis Situations (Forbes) The day before the U.S. announced it recovered millions of dollars in cryptocurrency that Colonial Pipeline paid to cyber attackers, U.S. Energy Secretary Jennifer Granholm said she supported banning such payments. But prohibiting the payments could create other crisis situations for companies.
Are we overestimating the ransomware threat? (TechCrunch) On Monday afternoon, the U.S. Justice Department said it has seized much of the cryptocurrency ransom that U.S. pipeline operator Colonial Pipeline paid last month to a Russian hacking collective called DarkSide by tracking the payment as it moved through different accounts belonging to the hacking…
Colonial Pipeline CEO: Cybersecurity Mandates From TSA Might Help (Nextgov.com) Hackers breached the company after gaining access to a virtual private network not protected by multifactor authentication.
Colonial Pipeline CEO: Paying ransom was ‘one of the toughest decisions I have had to make’ (Virginia Mercury) The CEO of Colonial Pipeline, which underwent a ransomware attack in early May that led to massive shutdowns of gas stations across the Southeast, said during a U.S. Senate hearing on Tuesday that it was his decision to pay a ransom to restore the company’s operations. “It was one of the toughest decisions I […]
The Cybersecurity 202: Congress is tiring of the ‘don’t blame hacked companies’ line (Washington Post) Colonial Pipeline CEO Joseph Blount will today face his second round of congressional grilling from lawmakers who are clearly frustrated with the private sector’s slow pace in getting its cybersecurity up to snuff.
Employer data breach rules clarified in new bill awaiting governor’s OK (Hartford Business Journal) Businesses must notify the state within 60 days of any data breaches and report potential exposure of more categories of personal information under a bill now awaiting Gov. Ned Lamont’s signature.
Texas Passes Bill Establishing “Wall of Shame” for Data Breaches (JD Supra) On May 31, 2021, the Texas Legislature approved House Bill 3746, which seeks to amend the Texas Business and Commerce Code § 521.053 relating to...
OIG Finds ‘Limited Progress’ in DHS Cybersecurity CDM Program (Homeland Security Today) The Office of Inspector General (OIG) has found that the Department of Homeland Security (DHS) has not yet strengthened its cybersecurity posture by implementing a Continuous Diagnostics and Mitigation (CDM) program.
Federal Laboratory Consortium Elects NSA’s Linda Burger as Executive Board Chair (Executive Gov) Linda Burger, a director of a National Security Agency (NSA) office, has been elected as the Federal
Litigation, Investigation, and Law Enforcement
Trojan Shield: How the FBI Secretly Ran a Phone Network for Criminals (Vice) New court records detail how the FBI turned encrypted phone company 'Anom' into a honeypot for organized crime.
FBI-encrypted app hailed as a 'shining example' of collaboration between world cops for tricking gangs (Stuff) The FBI says Operation Trojan Shield was a 'shining example' of what could be accomplished when global law enforcement worked togeter.
Senior gang members arrested after global sting targeting organised crime (Stuff) Thirty-five people, including members of the Comancheros, Mongrel Mob and Head Hunters, have been arrested in global operation led by the FBI.
TAFEP Was Fined $29,000 Over Data Breach (Lexology) The Tripartite Alliance Limited (TAL), an organisation that oversees the Tripartite Alliance for Fair and Progressive Employment Practices (TAFEP)…
Clinical Laboratory Agrees to Settlement with HHS for Potential HIPAA Security Rule Violations Despite Not Being Involved in Data Breach | JD Supra (JD Supra) On May 25, 2021, HHS announced that Peachstate Health Management, LLC, doing business as AEON Clinical Laboratories (Peachstate), agreed to a $25,000...
Humana sued in federal court over apparent data breach (Louisville Business First) The suit alleges that Humana Inc., a contractor and a subcontractor were negligent in handling sensitive personal information and medical records of Humana members.
NY Attorney General Announces Settlement After Website Data Breach (The National Law Review) In late May, New York Attorney General Letitia James announced a $200,000 settlement agreement with Filters Fast, an online water filtration retailer, stemming from a 2019 data bre
Blinken says U.S. still probing 'Havana syndrome' attacks on diplomats (Reuters) The United States is conducting a government-wide review to get to the bottom of who or what caused the suspected "directed" radio frequency attacks that on U.S. diplomats that resulted in various neurological ailments known as "Havana syndrome", U.S. Secretary of State Antony Blinken said on Tuesday.
