Attacks, Threats, and Vulnerabilities
Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments (NSA | CISA | FBI | NCSC) Since at least mid-2019 through early 2021, Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS), military unit 26165, used a Kubernetes® cluster to conduct widespread, distributed, and anonymized brute force access attempts against hundreds of government and private sector targets worldwide.
Germany Thwarts Cyberattack, Denies Impact on Banking System (Bloomberg) Ministry responds to Bild report on attack on infrastructure. Attempt was thwarted quickly and likely criminally motivated.
Wegen Konflikt mit Belarus: Neuer Hacker-Angriff aus Russland! (Bild) Neuer Großangriff im Cyberkrieg gegen den Westen! Nach BILD-Informationen stammen die massiven Angriffe aus Russland.
Nein, Bild, Russland hat keine deutsche Kritis gehackt (Golem) Die Bildzeitung hat offenbar Hackergruppen verwechselt und sich zu unrecht auf das BSI berufen. Von dem "russischen Großangriff" bleibt nicht viel übrig.
Cyber Espionage on Afghanistan, Kyrgyzstan and Uzbekistan by Chinese-speaking Hacker Group - Check Point Software (Check Point Software) Check Point Research (CPR) detects an ongoing cyber espionage operation targeting the Afghan government. Attributed to a Chinese-speaking hacker group,
Researchers uncover effort by Chinese-speaking hackers to target Afghan government (TheHill) Chinese-speaking hackers recently targeted the top tiers of the Afghan government, along with the governments of other nearby nations, research published Thursday found.
Iranian Disinformation Effort Went Small to Stay Under Big Tech’s Radar (New York Times) The effort, targeting activists in Israel, was the latest indication that governments are trying new, harder-to-detect methods to sow discontent online.
Putin's Phone-in Hit by 'Cyberattacks' (SecurityWeek) A televised phone-in with Russian President Vladimir Putin was targeted by "powerful" cyberattacks, the state-run Rossiya 24 network which broadcast the event said.
Windows Admins Scrambling to Contain 'PrintNightmare' Flaw Exposure (SecurityWeek) Demo exploit code for a nasty Windows Print Spooler vulnerability is published online, prompting questions about the effectiveness of Microsoft's recent security update.
Media Land: Bulletproof Hosting Provider is a Playground for Threat Actors (RiskIQ) Bulletproof hosting (BPH) is a collection of service offerings catering to internet-based criminal activity.
Bulletproof Hosting Services: Investigating Media Land LLC (RiskIQ) This paper introduces the subject of bulletproof hosting services, and provides an overview of how most of the industry defines bulletproof hosting. We then dive into some bulletproof hosting research using RiskIQ data to profile the well-known bulletproof hosting provider, Media Land LLC.
Two years later, the NSABuffMiner botnet is still alive and kicking (The Record by Recorded Future) A crypto-mining botnet named NSABuffMiner (or Indexsinas) is still active and infecting Windows systems using three leaked NSA exploits, security firm Guardicore said today.
LinkedIn’s 1.2B Data-Scrape Victims Already Being Targeted by Attackers (Threatpost) A refined database of 88K U.S. business owners on LinkedIn has been posted in a hacker forum.
‘This is not a data breach’: LinkedIn responds to reports of 700M users’ info being sold online (NEWS10 ABC) Career networking website LinkedIn is attempting to bat down reports that private information from 700 million users is up for sale online. Several tech news websites have reported that…
LinkedIn denies exposure of 700 million user records is a data breach (ComputerWeekly.com) Data relating to 700 million users of the LinkedIn networking platform has appeared for sale, but the firm says it is the victim of data scraping, not a breach
92 per cent of all LinkedIn users' data for sale on hacker forum (Computing) LinkedIn denies the sale is the result of a data breach
REvil’s new Linux version (AT&T Cybersecurity) The ransomware-as-a-service (RaaS) operation behind REvil have become one of the most prolific and successful threat groups since the ransomware first appeared in May 2019. REvil has been primarily used to target Windows systems. However, new samples have been identified targeting Linux systems. AT&T Alien Labs™ is closely monitoring the ransomware landscape and has already identified four of these samples in the
REvil ransomware group deploys Linux encryptor against EXSi virtual machines (Security Magazine) The REvil ransomware operation have added a Linux encryptor to their arsenal that's designed to target and encrypt Vmware ESXi virtual machines.
The Most Prolific Ransomware Families: A Defenders Guide (Domain Tools) Ransomware dominates the news cycle, but with an ever-growing number of variants and the botnets behind them it’s easy for defenders to lose track of their relationships. In this article, DomainTools researchers provide a look at the three most prolific (by victim) ransomware families and the current loaders they use.
Blox Tales: PayPal Credential Phishing Using Glitch And GoDaddy (Armorblox) This blog focuses on a PayPal credential phishing attack that exploited legitimate services from GoDaddy and Glitch in its phishing flow.
Police warn of WhatsApp scams in time for Social Media Day (Naked Security) Happy Social Media Day! Make it a day to review whether your social media security really is up to scratch.
Ransomware, Data Breach, Cyberattack: What Do They Have to Do with Your Personal Information, and How Worried Should You Be? (Nextgov.com) Even if your data has not been exposed yet, why not take the time now to protect yourself?
Threats of stalking and doxing still loom on dating apps (Security Brief) While dating apps have become safer, they still pose significant risk to users, leaving them vulnerable to threats including cyberstalking and doxing.
Security Patches, Mitigations, and Software Updates
Twitter lets users disable SMS 2FA and use only security keys (The Record by Recorded Future) Twitter has updated its platform today to allow users to use security keys as their only form of two-factor authentication (2FA).
Huawei fixes a serious LTE USB stick security flaw (Texas News Today) Security researchers have discovered a code execution vulnerability in one of Huawei. LTE USB dongle.. Part of Huawei When you connect the Huawei LTE USB Stick E3372 to your computer, users can browse the Internet using the LTE network. However Cyber security Trustwave has discovered that it is easy to exploit device vulnerabilities. In a …
Callsign Warns That More Than Half of Consumers Trust Organizations Less After Receiving Scam Messages From Fraudsters Impersonating Their Brand Name (VietReader) Consumers receive 3 scams a day, with a quarter receiving more messages from fraudsters than genuine messages from friends and family.
Rise in online payments spurs questions over cybersecurity and privacy (CNBC) The latest Mastercard new payments index survey conducted across 18 markets globally, showed a majority of consumers are willing to try new payment methods.
Versa Networks raises $84M to protect cloud networks (VentureBeat) Versa Networks, a company offering security solutions for cloud networks, has raised $84 million in venture capital.
SentinelOne closes up 21% in NYSE debut as highest-valued cybersecurity IPO ever (CNBC) Cybersecurity company SentinelOne made its market debut Wednesday on the New York Stock Exchange and is now trading under the ticker symbol “S.”
SentinelOne IPO: How The Company Is Riding The AI Wave (Forbes) The company has been growing at a rapid clip and the market opportunity is enormous.
Sevco Security Launches with $15 Million in Funding (Sevco - Asset Intelligence Platform) Sevco Security Launches with $15 Million in Funding to Scale Adoption of Industry’s First Cloud-Native Security Asset Intelligence Platform
Keyfactor and PrimeKey Finalize Merger Under the Keyfactor Brand (PRWeb) Keyfactor® and PrimeKey® today announced they have completed their previously reported merger under the Keyfactor brand.
Keyfactor, the pione
Night Lion Security Announces Rebrand & New Leadership (BusinessWire) Night Lion Security Announces Rebrand & New Leadership; Night Lion Security becomes SHADOWBYTE, a products oriented company
Taiwan businesses strengthen cybersecurity amid COVID outbreak (Taiwan News) Companies plan to speed up digital transformation
Cyber reinsurance rates rocket at July renewals: Willis Re - ET CIO (ETCIO.com) A ransomware attack on Colonial Pipeline in May shut the largest fuel pipeline network in the United States for several days, crippling fuel delivery ..
KnowBe4's Erika Lance Promoted to Chief Human Resources Officer (PR Newswire) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced that its SVP of...
Jeffrey Carpenter and Dan Kaminsky newly inducted into FIRST's Incident Response Hall of Fame (FIRST — Forum of Incident Response and Security Teams) Jeffrey and Dan join past inductees Ian Cook, Don Stikvoort, and Klaus-Peter Kossakowski
Available in [PDF](FIRST-Press-Release-20210630.pdf)
ReliaQuest Expands Board of Directors With Veteran Technology Leaders (BusinessWire) ReliaQuest, the leader in Open XDR-as-a-Service, today announced the appointments of Mike Burkland, John Spiliotis and John Fernandez to its board of
Secureworks Hires Former Carbonite, Webroot Executive As CMO (MSSP Alert) MSSP Secureworks hires former Carbonite & Webroot exec Tracey Mustacchio as chief marketing officer amid Taegis managed XDR partner push.
Products, Services, and Solutions
Postman Completes SOC 2® Type II Report, Helping to Ensure a More Secure API Experience (BusinessWire) Postman, the leading platform for API development and collaboration, today announced it has successfully obtained the System and Organization Controls
Netskope Launches The SASE Accreditation (PR Newswire) Netskope, the SASE leader, today announced the SASE Accreditation, a first-of-its-kind accreditation course intended to address design...
Panzura Helps Hospitals and Healthcare Systems Improve Patient Outcome (PRWeb) Panzura and Datatility have announced a partnership to help hospitals and healthcare systems improve clinical outcomes and quickly recover
Corvus Insurance Enhances Virtual CISO Offering With vCISO Services (BusinessWire) Corvus Insurance, the leading provider of smart commercial insurance products powered by AI-driven risk data, today announced vCISO Services, an expan
Exabeam taps Exclusive Networks to drive business in New Zealand (New Zealand Reseller News) Exclusive Networks to lead the local launch of two new Exabeam cloud security products.
Radware And Acantho Partner to Provide Cloud Web Application Security Protection to Businesses in Italy (GlobeNewswire News Room) Acantho Upgrades to Radware’s Hybrid DDoS Attack Protection...
CIBC FirstCaribbean International Bank selects AU10TIX as identity verification partner for the bank's digital transformation (AU10TIX) AU10TIX identity verification will enable CIBC FirstCaribbean to offer a safe and speedy digital verification experience to its 10 million customers Caribbean bank, CIBC FirstCaribbean, has selected AU10TIX, a global leader in automated identity verification, as a major partner in the bank’s digital transformation. The collaboration will boost the speed and security of customer onboarding and […]
Technologies, Techniques, and Standards
CISA releases new ransomware self-assessment security audit tool (BleepingComputer) The US Cybersecurity and Infrastructure Security Agency (CISA) has released the Ransomware Readiness Assessment (RRA), a new module for its Cyber Security Evaluation Tool (CSET).
NIST Developing Practices for Post-Quantum Cryptography Migration (MeriTalk) The National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) is looking to develop practices that will ease the migration from public-key cryptographic algorithms to replacement algorithms that are resistant to quantum computer-based attacks.
What’s an ‘SBOM’ and what does it have to do with federal cybersecurity? (Federal News Network) For some answers, Federal Drive with Tom Temin turned to the open source Linux Foundation.
Former MI6 chief Sir Alex Younger on why "intelligence is fundamental" to cybersecurity (The Record by Recorded Future) Over his 30-year career at the U.K.'s Secret Intelligence Service, commonly known as MI6, Sir Alex Younger witnessed a sea change in the way countries gather and use intelligence.
CyberHawaii and the Cyber Readiness Institute Launch Training Program to Meet New Cybersecurity Requirements for DOD/Federal Contracts (Cyber Readiness Institute) The Free Cyber Ready Hawaii Program Will Help Small and Medium-Sized Enterprises with DOD/Federal Contracts or Those Interested in Pursuing Government Opportunities HONOLULU, HAWAII – In light of recent threats and attacks, the U.S. Department of Defense (DOD), along with an increasing number of federal agencies, are now requiring contractors to adequately secure and protect […]
Research shows dueling attitudes toward paying ransomware demands (SC Media) 72% of school parents support paying ransomware demands, says one survey, but 79% of respondents to a separate online poll are against it.
Design and Innovation
In search of 5G/IoT situational awareness (GCN) Because 5G will enable billions of internet-of-things devices to connect directly with one another, a situational awareness platform is critical for protecting personnel and systems from attack.
Fime enables quantum-resistant migration with Mastercard Ecos qualification (Finextra) Fime has been recognized by Mastercard to test solutions in line with the Mastercard’s Enhanced Contactless specifications.
The Atlanta Fed and Georgia State University Partner to Address Online Financial Fraud (Georgia State News Hub) The Federal Reserve and the Evidence-Based Cybersecurity Research Group are forming a three-year partnership to address online financial fraud.
Legislation, Policy, and Regulation
Russia’s Putin Challenges U.S. Leadership, Asserts Military Might (Wall Street Journal) The Russian president sought to portray the U.S. as a waning power during an annual event at which he answers questions from ordinary citizens.
When Does a ‘Cyber Attack’ Demand Retaliation? NATO Broadens Its View (Defense One) A set of “malicious cumulative cyber activities” may now amount to an armed attack.
Big Tech Is Gearing Up for a Massive Fight With Modi’s India (Bloomberg) Government wants the power to decide acceptable speech online. Twitter’s under scrutiny in one of its fastest-growing markets.
UK tells messaging apps not to use e2e encryption for kids’ accounts (TechCrunch) For a glimpse of the security and privacy dystopia the UK government has in store for its highly regulated ‘British Internet’, look no further than guidance put out by the Department of Digital, Media, Culture and Sport (DCMS) yesterday — aimed at social media platforms and privat…
Exclusive: Biden's spy chief, Avril Haines, on Russian cyberattacks, the climate crisis and the intelligence community's role in domestic terrorism (Yahoo) National Intelligence Director Avril Haines spoke with Daniel Klaidman, editor in chief of Yahoo News, about the challenges facing the intelligence community during the Biden administration.
House Panel Approves DHS Bill with ‘Historic’ Funding for Cybersecurity (Nextgov) The bill would increase the budget for the Cybersecurity and Infrastructure Security Agency from both the previous year’s and the president’s request for fiscal year 2022.
What does breaking up Big Tech really mean? (MIT Technology Review) Trustbusting sentiment is growing among many critics of today’s mammoth tech companies, but it’s not obvious what can be done to cut them down to size.
The need for legislative reform on secrecy orders (Microsoft On the Issues) On June 30, Tom Burt, Corporate Vice President, Customer Security & Trust at Microsoft, testified before the House Committee on the Judiciary. Here's his written testimony and a link to a video of the hearing.
Litigation, Investigation, and Law Enforcement
US Secret Service brings back its Cyber Most Wanted list (The Record by Recorded Future) The US Secret Service has updated its official website this month to add a new page where the agency is now listing the most sought-after fugitives involved in financially related cybercrime investigations.
Corruption, Cybercrime Top List of U.S. Anti-Money-Laundering Concerns (Wall Street Journal) Financial institutions had hoped prioritization of anti-money-laundering threats would help them more efficiently tailor their compliance programs.
The Cybersecurity 202: DOJ’s future is in disrupting hackers, not just indicting them (Washington Post) The Justice Department is increasingly aiming to disrupt adversaries’ hacking activity rather than just call it out in indictments.
A Government Watchdog May Have Missed Clearview AI Use By Five Federal Agencies In A New Report (BuzzFeed News) In a government accountability report about facial recognition, five federal agencies said they didn't use Clearview AI. Data reviewed by BuzzFeed News suggests they should have.
Amazon Wants FTC Chair Khan Recused Over Past Criticism (Bloomberg) Online retail giant files petition saying Khan shows bias. FTC is reviewing Amazon’s purchase of MGM movie studio.
Microsoft says a third of its government data requests have secrecy orders (TechCrunch) The company's customer security chief said Microsoft gets between 2,400 to 3,500 secrecy orders each year.
Israeli charged in global hacker-for-hire scheme wants plea deal -court filing (Reuters) An Israeli private detective detained in New York since 2019 on charges of involvement in a hacker-for-hire scheme wants a plea deal, according to a letter filed in court by his lawyer.
We Infiltrated a Counterfeit Check Ring! Now What? (KrebsOnSecurity) Imagine waking up each morning knowing the identities of thousands of people who are about to be mugged for thousands of dollars each. You know exactly when and where each of those muggings will take place, and you've shared this…
Colombian police arrest Gozi malware suspect after 8 years at large (Naked Security) Safe at home, apparently, but not so safe overseas.
Cyberattack Class Suits Have Unpredictable Insurance Impact (Law360) Companies crippled by cyberattacks often face hefty costs to manage the fallout, but subsequent class actions over compromised data can have particularly unpredictable financial impacts on these companies and their insurers, according to legal experts.