Attacks, Threats, and Vulnerabilities
Leaked spreadsheet exposes details of UK Special Forces soldiers (Computing) The document was not password-protected and contained no protective markings
WSJ News Exclusive | JBS Paid $11 Million to Resolve Ransomware Attack (WSJ) The Brazilian meat supplier’s U.S. chief executive says the company paid cyberattackers to avoid more disruptions and to limit the potential impact on restaurants, grocery stores and farmers that rely on JBS.
Meatpacker JBS says it paid equivalent of $11 million in ransomware attack (Reuters) Meatpacker JBS USA paid a ransom equivalent to $11 million following a cyberattack that disrupted its North American and Australian operations, the company's CEO said in a statement on Wednesday.
JBS paid $11 million to REvil ransomware, $22.5M first demanded (BleepingComputer) JBS, the world's largest beef producer, has confirmed that they paid an $11 million ransom after the REvil ransomware operation initially demanded $22.5 million.
Pipeline Investigation Upends Idea That Bitcoin Is Untraceable (New York Times) The F.B.I.’s recovery of Bitcoins paid in the Colonial Pipeline ransomware attack showed cryptocurrencies are not as hard to track as it might seem.
Kimsuky APT continues to target South Korean government (Security Magazine) The Kimsuky APT—also known as Thallium, Black Banshee, and Velvet Chollima— continues to target the South Korean government, according to the Malwarebytes Threat Intelligence team, who is actively monitoring this actor and has been able to spot phishing websites, malicious documents, and scripts that have been used to target high profile people within the government of South Korea. The structure and TTPs used in these recent activities align with what has been reported in KISA’s report.
Russian hackers breached Dutch police systems in 2017 (The Record by Recorded Future) Hackers working on behalf of Russian intelligence services breached the internal network of Dutch police in 2017 during the country's investigation of the MH-17 crash.
Mysterious Gelsemium APT was behind February compromise of NoxPlayer, says ESET (Register) Malicious crew targets ME and Asia but also tries evading Chinese AV suites
Spain's Ministry of Labor and Social Economy hit by cyberattack (BleepingComputer) The Spanish Ministry of Labor and Social Economy (MITES) is working on restoring services after being hit by a cyberattack on Wednesday.
Ransomware gangs are increasingly going after SonicWall devices (The Record by Recorded Future) Over the course of the last few months, cybercrime groups have increasingly targeted SonicWall devices in order to breach corporate networks and deploy ransomware.
PuzzleMaker attacks exploit Windows zero-day, Chrome vulnerabilities (ZDNet) Two of the zero-days used were patched by Microsoft on Tuesday.
Computer memory maker ADATA hit by Ragnar Locker ransomware (BleepingComputer) Taiwan-based leading memory and storage manufacturer ADATA says that a ransomware attack forced it to take systems offline after hitting its network in late May.
Fastly blames global internet outage on software bug (AP NEWS) Fastly, the company hit by a major outage that caused many of the world's top websites to go offline briefly this week, blamed the problem on a software bug that was triggered when a customer changed a setting.
Qatar's Al Jazeera network says it combated cyber attack (Reuters) Pan-Arab satellite network Al Jazeera said it was subjected to continual hacking attempts over recent days but the cyber attack on Qatar's flagship broadcaster had been fended off.
Al Jazeera thwarts cyber-attacks (Gulf-Times) Al Jazeera Media Network said it was subjected to a series of cyber-hacking attempts to penetrate some of its platforms and websites this week.
Hackers Force Iowa College to Cancel Classes for Four Days (Vice) A “cyberattack” is disrupting classes at the Des Moines Area Community College, where the school has cancelled in-person classes for four days and counting.
Here’s how malware steals files (NordLocker) We analyzed how one malware stole 6 million files, 26 million online accounts, and 2 billion cookies.
Botnets: What They Are and the Risks They Pose (ZeroFOX) Botnets are a perfect tool for cybercriminals for many reasons. Learn how they work and the steps you can take to avoid getting infected.
Fujifilm systems back online after cyber attack (Printweek) Fujifilm’s Japanese HQ has been the subject of a cyber attack which resulted in knock-on disruption to its European business – although systems here were not breached.
Union School District investigating cyber attack, unauthorized access to data (Courier) Union Community Schools is responding to an incident where someone gained unauthorized access to its electronic data during a cyber attack this spring.
Consciousness of Streaming (Cybersixgill) Credentials for popular streaming services, generally harvested through credential stuffing attacks, are shared widely on the forums of the deep and dark web. Threat actors distribute them for free or sell them for several cents apiece. With so many credentials available, we attempted to discover how many Netflix and Disney+ accounts were shared from January 2020 through March 2021.
Security Patches, Mitigations, and Software Updates
Google releases urgent Chrome update to address zero-day bug under active attack (Computing) Thirteen other bugs were also fixed in the new update
Google patches Chrome zero-day linked to 'commercial exploit company (The Record by Recorded Future) Google has released an update for the Chrome browser today to fix a zero-day vulnerability the company's security team said was part of the arsenal of a "commercial exploit company."
Siemens, Schneider Electric Inform Customers About Tens of Vulnerabilities (SecurityWeek) Siemens and Schneider Electric released several advisories on Patch Tuesday to inform customers about tens of vulnerabilities affecting their products.
Intel's latest patch set plugs some serious holes in CPU, Bluetooth, server, and – ironically – security lines (Register) Reports through Chipzilla's bug bounty scheme growing, but still in the minority
Every New Privacy Feature in iOS 15 and macOS Monterey - The Mac Security Blog (The Mac Security Blog) Apple's forthcoming operating systems - iOS 15, iPadOS 15, and macOS Monterey - feature a number of powerful new privacy features. Here's everything you need to know.
Trends
APWG Q1 2021 Report: Detected Phishing Websites Maintain Historic High in Q1 2021, After Doubling in 2020 (PR Newswire) The APWG's new Phishing Activity Trends Report reveals that phishing maintained near-record levels in the first quarter of 2021, after landmark...
Digital Assets and Data Management – Disruption and Transformation (Baker Hostetler) Did we say, "Enable MFA?" It bears repeating.
Most Enterprises are Using Three or More Clouds According to Strata Identity Survey (BusinessWire) The Strata State of Multi-Cloud Identity Report 2021 focuses on adoption, distributed architectures, migration and modernization, and governance.
Global Scamdemic: Scams Become Number One Online Crime (PR Newswire) Group-IB, a global threat hunting and adversary-centric cyber intelligence company that specializes in investigating and preventing hi-tech...
New NetMotion Report Identifies Top Digital Transformation Priorities (PRWeb) NetMotion, a provider of security solutions for the world’s growing mobile and distributed workforces, today unveiled a new report identifying the top digital transf
2021 Survey Report: Workplace Safety and Preparedness (Rave) To better understand the critical communications trends of today’s world, we conducted our 4th annual Workplace Safety and Preparedness survey. Download the results today.
Check Point Software´s May 2021 Most Wanted Malware: Dridex Drops from List While Trickbot Rises to Top (Check Point Software) Check Point Research (CPR) reports that the Dridex trojan, which is often used in the initial stages of ransomware attacks, has now dropped from the index
Marketplace
Recorded Future launches its new $20M Intelligence Fund for early-stage startups (TechCrunch) The fund will provide seed and Series A funding to startups developing novel data intelligence tools.
Parsons to acquire BlackHorse Solutions (Intelligence Community News) Parsons Corporation announced that it has entered into a definitive agreement to acquire BlackHorse Solutions, Inc. in an accretive deal valued at $203 million.
Evolv Technology Announces Record Q1 Bookings and Revenue (Evolv Technology) The industry leader in AI-Based Touchless Security Screening continues to perform as venues look to reopen safely.
CrowdStrike: Future Success May Lie Outside Cybersecurity (Seeking Alpha) CrowdStrike is establishing an increasingly dominant position in security and is positioning itself to be competitive in DevOps.
Huawei reveals 'cybersecurity framework' with launch of China transparency centre (ZDNet) Chinese tech giant kicks into PR overdrive, pledging its commitment to cybersecurity with the opening of its latest transparency centre in Dongguan, adding to similar sites in Belgium and the UK, and release of a security baseline framework that it adopts for its products.
Cybrary’s new CEO looks to accelerate firm’s expansive growth as cybersecurity takes center stage (Washington Business Journal) The College Park cybersecurity training startup tapped its next CEO to build on its growth in developing sought-after cyber talent.
Takeovers changing the faces of S.A.'s cyber industry (mySA) With three of the city’s old guard cyber heavyweights gobbled up in the past year, new...
Cybersecurity Company Red Sift Sees Significant Growth in U.S. Operations as Part of Continued Rapid Global Expansion (BusinessWire) Cybersecurity company Red Sift sees significant growth in U.S. operations as part of continued rapid global expansion.
Managed Security Service Provider Foresite Appoints Matt Gyde as Chairman & CEO (Foresite) Former CEO of NTT Security to invest in ProVision, Foresite’s proprietary cybersecurity platform Overland Park KS, June 9, 2021 – Foresite, a SaaS cybersecurity solutions provider, today announced that Matt Gyde has been named Chairman and Chief Executive Officer. Gyde brings more than 25 years of leadership experience to Foresite and has led some of the […]
One Identity Strengthens Executive Team with Deep Cybersecurity and Cloud Expertise To Accelerate Market Momentum (GlobeNewswire) New leadership across product, marketing and sales enables One Identity to continue momentum around its cloud-first strategy
TrapX Security names Steve Preston as CEO (Help Net Security) TrapX Security announced that Steve Preston has been appointed CEO to take active defense forward as a critical strategy against ransomware.
Siege Technologies Names New Board of Directors (Pro News Report) SIEGE Technologies is excited to welcome Steve Parode RADM USN (ret); Randy Stilley; and Timothy White VADM USN (ret) to o
vArmour Expands Leadership Team with Appointment of Chief Revenue Officer to Fuel Next Stage of Growth (GlobeNewswire) Sales Veteran Niels Jensen Tapped to Lead to Global Sales
Products, Services, and Solutions
Honeywell Introduces Advanced Monitoring And Incident Response Service To Help Improve OT Cybersecurity And Increase Operational Resilience (PR Newswire) Honeywell (NASDAQ: HON), a global leader in industrial cybersecurity, announced today the introduction of the Honeywell Advanced Monitoring and...
Malwarebytes Launches VPN for Mobile, Expanding Privacy & Cyberprotection Across Devices (Malwarebytes Press Center) Malwarebytes announced Malwarebytes Privacy for mobile devices, a next-generation virtual private network (VPN).
Telos Corporation Expands Market Reach with the Telos CyberProtect Partner Program (Telos Corporation) DLT Solutions and Presidio Government Solutions among program’s launch partners
Approov 2.7 Delivers New “Shield Right” Mobile Application API Protections Against Automated Attacks (BusinessWire) Approov 2.7 Delivers New “Shield Right” Mobile Application API Protections Against Automated Attacks
Acronis arms service providers with Advanced Email Security to stop all email cyberthreats (Acronis) For information about Acronis and Acronis' products or to schedule an interview, please send an email or get through to Acronis' representative, using media contacts.
Contrast Security Extends DevSecOps Platform With Revolutionary Technology to Find Vulnerabilities That Matter 10x Faster (Newswire) Breakthrough pipeline-native code analysis security testing with Contrast Scan is now available with the Contrast Application Security Platform for complete coverage of the DevSecOps life cycle
Aleada Launches Partner Program; Announces Partnerships with 1Touch, Bishop Fox, Good Research, OneTrust, Privacy+ Security Academy, WireWheel, and Zeguro (BusinessWire) Aleada Launches Partner Program; Partnerships with 1Touch, Bishop Fox, Good Research, OneTrust, Privacy+ Security Academy, WireWheel, and Zeguro
ProtonMail gets a slick new look, as privacy tech eyes the mainstream (TechCrunch) End-to-end encrypted email service ProtonMail has refreshed its design, updating with a cleaner look and a more customizable user interface — including the ability to pick from a bunch of themes (dark and contrasting versions are both in the mix). Last month the Swiss company officially annou…
Vivaldi 4.0 launches with built-in email and calendar clients, RSS reader (TechCrunch) Vivaldi has always been one of the more interesting of the Chromium-based browsers, in no small part thanks to its emphasis on building tools for power users in a privacy-centric package, but also because of its pedigree, with Opera’s outspoken former CEO Jon von Tetzchner as its co-founder a…
AttackIQ Helps VMware NSX Customers Validate Efficacy of Their Network Security Controls (BusinessWire) AttackIQ®, a leading independent vendor of Breach and Attack Simulation (BAS) systems, today announced the company is working with VMware to enable VM
Arctic Wolf Backs Security Operations Portfolio with $1 Million Service Assurance Benefit (Arctic Wolf) With a proven operational approach to protecting businesses of all sizes and in all industries, Arctic Wolf® now provides customers additional peace of mind with Arctic Wolf Service Assurance, should they experience a cybersecurity incident. Introduced today as the industry's most comprehensive assurance solution, Arctic Wolf will now provide customers up to $1 million in coverage in the event of a successful cyberattack.
Apricorn's Aegis Secure Key 3NXC USB-C Flash Key Receives FIPS 140-2 Level 3 Validation (Yahoo Finance) Apricorn, the leading manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB drives, today announced the Aegis Secure Key 3NXC has been awarded FIPS 140-2 level 3 validation (certification #3943) by the National Institute of Standards and Technology (NIST). This level of certification serves to authorize a device's use in industries and institutions -- healthcare, finance, defense, and legal; both nationally and globally-- in compliance with stringent data security regulations suc
Trusted Connectivity Alliance and Eurosmart Partner to Deliver Enhanced Market Intelligence on Tamper Resistant Elements - Trusted Connectivity Alliance (Trusted Connectivity Alliance) Partnership will deliver enhanced market intelligence on the Tamper Resistant Element (TRE) sector, including UICCs, eSIMs, eSE and 5G SIMs.
Retarus Secure Email Platform Again Awarded Top Rating by Market Analysts (Yahoo Finance) In the latest "Cloud-delivered Security" Market Compass issued by analyst firm KuppingerCole, Retarus is awarded the top rating "Strong Positive" in four out of six relevant categories. In the other two categories, the Munich-based enterprise cloud provider is rated "Positive." This places Retarus in the same league as sector giants Akamai, Cisco, and Broadcom/Symantec. Another distinction is that Retarus is the only EU-based provider to be represented.
Technologies, Techniques, and Standards
Microsoft Goes Public on Having an Emergency Security Compromise Team (Redmondmag) Microsoft on Wednesday disclosed that it has a 'Compromise Recovery Security Practice' (CRSP) team that helps organizations deal with major post-breach software security incidents, such as ransomware attacks.
DevSecOps in space: the challenges of updating satellites on-orbit (Computing) 'It’s tough to hit a toaster 100 miles above your head that’s moving at 20,000 miles per hour,' says Hypergiant's Bren Briggs
Design and Innovation
Qrypt’s cloud service will distribute entropy for better cryptography (ZDNet) The service is a digital alternative to quantum key distribution.
Research and Development
Data61 cuts put spotlight on national research priorities (InnovationAus) Australia needs to be more accepting of changes in strategies and willing to let go of “sacred cow” research areas, following news Data61 will be cutting up to 70 jobs due to a refocusing, according to a former NICTA board member. Last month CSIRO confirmed that up to 70 jobs will be lost at its digital arm Data61 due to a change in research priorities, with a new focus primarily on artificial intelligence. Data61’s workforce is expected to return to its current level in two years. The announcement was met with shock and disappointment, especially around the dropping of the world-renowned seL4 microkernel team Trustworthy Systems.
Academia
James Madison University and Anomali Partner to Prepare Students to Enter the Cybersecurity Workforce (GlobeNewswire) Curriculum that Utilizes Leading Threat Intelligence Platform Gives JMU Graduates Real-World Work Experience
Legislation, Policy, and Regulation
Cyber a Component of the Next 'Modern War:' FireEye CEO (Bloomberg) FireEye Inc. CEO Kevin Mandia believes the U.S. government's ability to recover some of the Colonial Pipeline Co.'s ransom would not deter cyber criminals from attacking again. He also says the U.S. can't continue to "play goalie" all the time when dealing with cyber threats and that the nation needs to be more coordinated and prepared for the next espionage.
The Coming Tech Cold War With China (Foreign Affairs) Beijing is already countering Washington’s policy.
Japan, Australia hold security talks to counter China's rising assertiveness (Japan Today) Japan and Australia on Wednesday affirmed the importance of peace and stability across the Taiwan Strait for the first time in bilateral talks, while agreeing to deepen security cooperation amid China's rising assertiveness in regional waters. The move during virtual security talks followed similar calls for a peaceful resolution of…
Putin Warns Ukraine on NATO Ambitions After Biden-Zelenskiy Call (Bloomberg) Russia leader issues warning as Biden heads to NATO summit. Biden underlined support for Ukraine’s sovereignty in call.
Biden Warns Putin on Hostility Toward Democracy Before Summit (Bloomberg) President Joe Biden warned Russian President Vladimir Putin of U.S. retribution if he menaces other democracies, ahead of the first meeting between the two leaders in Geneva next week.
Ushering in a Transparent Revolution in Cybersecurity (The Cipher Brief) Thomas Warrick was DHS Deputy Assistant for Counterterrorism Policy from August 2008 to June 2019 and is now Director of the Future of DHS Project at the Atlantic Council. Javed Ali held senior counterterrorism positions at DHS, the FBI, the Office of the Director of National Intelligence, and the National Security Council. He is a … Continue reading "Ushering in a Transparent Revolution in Cybersecurity"
Italy to set up cybersecurity agency ahead of national cloud plan - draft (Reuters) Italy is set to create a national agency responsible for fighting cyber attacks, a draft decree showed, as it presses ahead with plans to create a unified cloud infrastructure to increase security for public administration data storage.
Pipeline CEO Defends Paying Ransom Amid Cyberattack (SecurityWeek) The CEO of Colonial Pipeline has defended his decisions to abruptly halt fuel distribution for much of the East Coast and pay millions to a criminal gang in Russia as he faced down one of the most disruptive ransomware attacks in U.S. history.
Colonial Pipeline was shut down with worst-case scenario in mind, executives say (Washington Post) CEO Joseph Blount and cybersecurity expert Charles Carmakal told a House panel that last month’s breach posed a threat to physical pipeline systems
U.S. Lawmakers Chide Colonial Pipeline for Weak Cybersecurity (BloombergQuint) U.S. Lawmakers Chide Colonial Pipeline for Weak Cybersecurity
U.S. IRS chief asks Congress for authority to collect cryptocurrency transfer data (Reuters) U.S. Internal Revenue Service Commissioner Charles Rettig said on Tuesday that Congress needs to provide clear statutory authority for the tax agency to collect information on cryptocurrency transfers valued at over $10,000 that largely go unreported.
DHS to prevent companies associated with smuggling from obtaining insurance (TheHill) The Department of Homeland Security (DHS) on Tuesday announced an expansion to its anti-human smuggling operation with a new partnership that seeks to prevent companies associated with smuggling from obtaining insur
Sen. King Urges ‘Reimagining Conflict’ On Eve Of Cyber Nominees Hearing - Breaking Defense (Breaking Defense) "Someone told me I was like Chicken Little, but I prefer Paul Revere," said Sen. King, who co-chaired the commission that recommended creating the national cyber director.
The Cybersecurity 202: The U.S. government is getting closer to having a national cyber czar (Washington Post) Congress is getting closer to confirming the first-ever national cyber director as the government lurches from one cyber crisis to the next.
Litigation, Investigation, and Law Enforcement
How could the FBI recover BTC from Colonial’s ransomware payment? (Naked Security) But Bitcoins are anonymous! However could they get refunded?
WSJ News Exclusive | Amazon Faces Possible $425 Million EU Privacy Fine (Wall Street Journal) A European Union privacy regulator has proposed a fine of more than $425 million against Amazon.com, part of a process that could yield the biggest-yet penalty under the bloc’s privacy law, people familiar with the matter said.
US Supreme Court Narrows Scope of Computer Fraud and Abuse Act in Van Buren (cyber/data/privacy insights) On June 3, 2021, the US Supreme Court issued its decision in Van Buren v. United States in the Court’s first-ever interpretation of the Computer Fraud and Abuse Act (CFAA), the federal anti-hacking statute. Van Buren presented the question of whether someone “exceeds authorized access” under the CFA
