Dateline Miami and Dublin: Kaseya ransomware incident.
Update Regarding VSA Security Incident (Kaseya) Kaseya’s VSA product has unfortunately been the victim of a sophisticated cyberattack. Due to our teams’ fast response, we believe that this has been localized to a very small number of on-premises customers only.
Kaseya: "No evidence" of supply chain attack, SaaS services may come back today (Computer) On-prem service restoration could follow within 24 hours
Rapid Response: Mass MSP Ransomware Incident (Huntress Labs) Huntress is tracking a critical ransomware incident affecting MSPs and their customers, caused by a sophisticated Kaseya VSA supply chain attack.
UPDATED: Thousands attacked as REvil ransomware hijacks Kaseya VSA (Malwarebytes Labs) A reported, severe ransomware attack against Kaseya VSA means the safest, quickest option is to shutdown Kaseya VSA servers now.
Kaseya supply‑chain attack: What we know so far (WeLiveSecurity) As news breaks about the huge supply-chain ransomware attack against Kaseya's IT management software, here’s what we know so far.
Russian speaking group strikes on US Independence weekend, hitting several organizations with ransomware demands, in the biggest supply chain attack since Sunburst (Check Point Software) Highlights Massive supply chain attack during 4th of July weekend spanning numerous Kaseya customers with millions of USD in ransom demands Check Point
REvil ransomware attack against MSPs and its clients around the world (Securelist) An attack perpetrated by REvil aka Sodinokibi ransomware gang against Managed Service Providers (MSPs) and their clients was discovered on July 2.
Kaseya Rules Out Supply-Chain Attack; Says VSA 0-Day Hit Its Customers Directly (The Hacker News) Kazeya rules out supply-chain attacks and claims that a VSA 0-Day directly impacted its customers.
Kaseya: More than 1,500 downstream businesses impacted by ransomware attack (The Record by Recorded Future) Florida-based software provider Kaseya said that fewer than 60 of its customers and fewer than 1,500 downstream businesses have been impacted by the ransomware attack that took place last Friday, on July 2.
Kaseya hack floods hundreds of companies with ransomware (TechCrunch) REvil claimed responsibility for the attack, saying a million devices were infected with its ransomware.
REvil gang asks for $70 million to decrypt systems locked in Kaseya attack (The Record by Recorded Future) The REvil ransomware gang is asking for a $70 million ransom payment to publish a universal decryptor that can unlock all computers locked during the Kaseya incident that took place this past Friday, The Record has learned.
Kaseya was fixing zero-day just as REvil ransomware sprung their attack (BleepingComputer) The zero-day vulnerability used to breach on-premise Kaseya VSA servers was in the process of being fixed, just as the REvil ransomware gang used it to perform their massive Friday attack.
Hackers demand $70 million to unlock businesses hit by sprawling ransomware attack (Washington Post) Cybercriminals involved in a widespread attack said they would release their victims’ files for a ransom of $70 million
Kaseya says it's seen no sign of supply chain attack, sets SaaS restoration target of Tuesday afternoon, on-prem fix to follow (Register) Hikes numbers of known compromised customers and warns countermeasures will be needed before resuming usage
Kaseya VSA Supply Chain Cyberattack Timeline, Recovery Details (MSSP Alert) Kaseya cyberattack investigation & recovery plan. Details involving MSPs, REvil ransomware, CISA and FBI alerts, FireEye Mandiant, Huntress & more.
REvil crew wants $70m in Kaseya ransomware heist (ComputerWeekly.com) Two days after one of the largest ransomware attacks in history by the REvil/Sodinokibi gang, the security community is assessing its next moves, while over 1,000 victims remain in limbo.
Coop, other ransomware-hit firms, could take weeks to recover, say experts (Reuters) Computer systems of several companies across the world, including 800 physical grocery stores of Sweden's Coop, that were shut down after attacked by REvil ransomware could take weeks to recover, cyber security experts said.
Kaseya supply chain attack delivers mass ransomware event to US companies (Medium) Kaseya VSA is a commonly used solution by MSPs — Managed Service Providers — in the United States and United Kingdom, which helps them…
Kaseya ransomware attackers say: “Pay $70 million and we’ll set everyone free” (Naked Security) Are you feeling generous? Do you want to help others? These cybercriminals are hoping someone is and does…
IT firm Kaseya hires FireEye to help deal with ransomware outbreak (Reuters) Ransomware-hit IT firm Kaseya said on Sunday it hired cybersecurity company FireEye Inc to help deal with the fallout of a major breach that has affected hundreds of businesses worldwide.
REvil is increasing ransoms for Kaseya ransomware attack victims (BleepingComputer) The REvil ransomware gang is increasing the ransom demands for victims encrypted during Friday's Kaseya ransomware attack.
July 4th ransomware attack may be the largest ever - expert ( The Jerusalem Post | JPost.com ) This attack is different from the SolarWinds attack, which exposed sensitive data from government offices and thousands of private companies in what is possibly the largest security breach ever.
REvil Ransomware Attack; More Commentary (Which-50) More commentary is coming in on the REvil ransomware attack. Our earlier piece gave the top-down view; now the details are starting to get out; we're
Technology Provider Kaseya Warns of Cyberattack (Wall Street Journal) Kaseya warned that a key software tool used by companies to manage technology at other businesses may have been the target of a cyberattack.
Major ransomware attack aimed at tech provider leaves other companies scrambling (CBC) Businesses in at least 17 countries, including Canada, are trying to contain a ransomware attack that has paralyzed computer networks, a cybersecurity firm said.
'REvil' Cyber Attack Leaves U.S. Businesses Scrambling on July 4 Weekend (CBS Local San Francisco) Businesses around the world rushed Saturday to contain a ransomware attack that has paralyzed their computer networks, a situation complicated in the U.S. by offices lightly staffed at the start of the Fourth of July holiday weekend.
IT Software Firm Kaseya Hit By Supply Chain Ransomware Attack (SecurityWeek) Software maker Kaseya Limited is urging users of its VSA endpoint management and network monitoring tool to immediately shut down VSA servers to prevent them from being compromised in a widespread ransomware attack.
US companies hit by 'colossal' cyber-attack (Yahoo) A cyber-security firm says it believes the Russia-linked REvil ransomware gang is responsible.
REvil ransomware hits 1,000+ companies in MSP supply-chain attack (BleepingComputer) A massive REvil ransomware attack affects multiple managed service providers and their clients through a reported Kaseya supply-chain attack.
Hundreds of Businesses, From Sweden to U.S., Affected by Cyberattack (New York Times) In Sweden, a grocery chain temporarily closed its doors after the attack. Some companies have been asked for $5 million in ransom.
Ransomware hits hundreds of US companies, security firm says (Washington Post) A ransomware attack paralyzed the networks of at least 200 U.S. companies on Friday, according to a cybersecurity researcher whose company was responding to the incident.
Widespread ransomware attack likely hit ‘thousands’ of companies on eve of long weekend (Washington Post) Hackers hit a major IT software provider, which allowed their attack to spread downstream into many small businesses that now face ransom demands to unlock their computer networks.
Where do Israel, US stand post REvil mega cyberattack? (The Jerusalem Post) The current hack by the Russian-based REvil gang was not directed at any strategic footholds of American power and is not about spying.
Worldwide ransomware attack: St Peter's College and 10 other schools hit by US cyber attack (NZ Herald) Russian-linked organised crime suspected as being behind the attack.
Global cyber attack affects hundreds of Dutch companies: FD (DutchNews.nl) The cyber attack on American software maker Kaseya at the weekend has affected hundreds of Dutch companies as well, the Financieele Dagblad reports. Thousands of companies worldwide are thought to be being held to ransom by Russian hackers group REvil. The group is reportedly demanding $70m in crypto currencies in exchange for the code which will unlock the ransomware. Attempts to prevent the attack by Dutch ethical hackers group DIVD which had discovered the leak in the Kaseya software came...
Ransomware attack thought tied to Russia-linked group hitting hundreds of businesses, cybersecurity firm says (Fox Business) A cybercrime group with ties to Russia is believed to have launched a massive ransomware attack that involves hundreds of companies, according to a cybersecurity firm.
Russia-Linked Group Hacks 200 Businesses With Ransomware (Bloomberg) Attacks on managed service providers ongoing, researcher says, REvil hacking group has previously attacked meatpacker JBS.
Kaseya VSA Supply Chain Cyberattack Timeline, Recovery Details (MSSP Alert) Kaseya VSA supply chain ransomware attack updates & MSP cyberattack investigation. Updates involving Kaseya, CISA and FBI alerts, Mandiant, Huntress & more.
Kaseya Supply-Chain Attack Hits Nearly 40 Service Providers With REvil Ransomware (The Hacker News) Kaseya cyberattack hits hundreds of companies with REvil ransomware in a surprise supply chain attack.
Swedish Coop supermarkets shut due to US ransomware cyber-attack (BBC News) Some 500 stores are forced to close due to the ripple effects of a major cyber attack in the US.
Major ransomware attack against U.S. tech provider forces Swedish store closures (Reuters) One of the largest ransomware attacks in history spread worldwide on Saturday, forcing the Swedish Coop grocery store chain to close all 800 of its stores because it could not operate its cash registers.
Dutch companies also targeted in large ransomware attack (NL Times) Dutch companies were also hit by a Russian hacker gruop, security researcher Mark Loman from Sophos said according to NOS. More than 200 companies worldwide fell victim to the ransomware attacks, the new agency Bloomberg reported based on information from the cybersecurity company Huntress Labs.
At least two Dutch companies in Amsterdam and Hellevoetsluis were also targeted. Despite the hackers successfully attacking the companies, their files were saved thanks to anti-ransomware software.
Coop supermarket closes 500 stores after Kaseya ransomware attack (BleepingComputer) Swedish supermarket chain Coop has shut down approximately 500 stores after they were affected by an REvil ransomware attack targeting managed service providers through a supply-chain attack.
Major Swedish Supermarket Chain Hit by Cyberattack (Voice of America) One of Sweden's biggest supermarket chains said Saturday it had to temporarily close around 800 stores nationwide after a cyberattack blocked access to its checkouts.
"One of our subcontractors was hit by a digital attack, and that's why our checkouts aren't working any more," Coop Sweden, which accounts for around 20 percent of the sector, said in a statement.
"We regret the situation and will do all we can to reopen swiftly," the cooperative added.
Supermarket chain Coop closes 800 stores following Kaseya ransomware attack (The Record by Recorded Future) Coop, one of Sweden's largest supermarket store chains, has shut down nearly 800 stores across the country after one of its contractors was hit by ransomware in the aftermath of the Kaseya security incident on Friday.
Biggest ransomware attack on record targeted firms in 17 nations: How it spread (Hindustan Times) REvil gang, linked to Russia, is believed to be behind the ransomware attack, the biggest on record. Financial services, travel and leisure sectors in almost all continents have been hit.
Massive ransomware attack can affect thousands of victims (Bollyinside) “Based on a combination of the service providers reaching out to us for assistance along with the comments we’re seeing in the thread we are tracking on
A 'Colossal' Ransomware Attack Hits Hundreds Of U.S. Companies, A Security Firm Says (NPR.org) The attack paralyzed the networks of at least 200 firms, according to a cybersecurity researcher responding to the incident. A major Russian-speaking ransomware syndicate may be behind the attack.
$100m ransom demand after companies hit by global cyber attack (RNZ) The hackers alleged to be behind a mass ransomware attack than affected hundreds of companies worldwide are demanding $US70 million ($NZ100m) to liberate the data.
New ransomware attack targets key IT vendor (CNN) US cyber officials are tracking a major new ransomware attack by the same group that hit meat supplier JBS Foods this spring.
Biden says US will respond if Russia behind cyber attack (The Straits Times) President Joe Biden says he has directed United States intelligence agencies to investigate who was behind a sophisticated ransomware attack that hit hundreds of American businesses and led to suspicions of Russian gang involvement.. Read more at straitstimes.com.
Biden orders probe of latest ransomware attack (Reuters) President Joe Biden said on Saturday he has directed U.S. intelligence agencies to investigate who was behind a sophisticated ransomware attack that hit hundreds of American businesses and led to suspicions of Russian gang involvement.
'Colossal and devastating' cyber attack on US businesses to be investigated for ties to Russia (ABC) A cyber attack that immobilised US businesses ahead of the nation's July 4 holiday weekend will be investigated for links to Russia, US President Joe Biden says.
Biden Orders Investigation of Kaseya Ransomware Attack (BankInfoSecurity) U.S. President Joe Biden has ordered federal intelligence agencies to investigate the incident involving IT management software vendor Kaseya. Attackers reportedly
White House reaching out with assistance to latest ransomware victims (Reuters) The White House said on Sunday it was reaching out to victims of a wide-ranging ransomware outbreak that is centered on a Florida-based information technology company and has had an impact on hundreds of businesses worldwide.
Hackers conduct one of the largest supply chain cyberattacks to date (Engadget) Kaseya is warning of one of the largest supply chain ransomware attacks to date, with over 200 companies affected..
Kaseya Attack Fallout: CISA, FBI Offer Guidance (Threatpost) Following a brazen ransomware attack by the REvil cybergang, CISA and FBI offer guidance to victims.
American cyber officials tracking major new ransomware attack (Sify) Washington DC [US], July 3 (ANI): American cyber officials are now tracking a major new ransomware attack in the United States that is believed to be operated from Eastern Europe or Russia.
Kaseya supply chain attack delivers mass ransomware event to US companies (Medium) Kaseya VSA is a commonly used solution by MSPs — Managed Service Providers — in the United States and United Kingdom, which helps them…
Kaseya VSA Ransomware Attack Hits Nearly 40 MSPs (CRN) The cyberattack against Kaseya’s VSA remote monitoring and management software has affected nearly 40 of the company’s on-premises MSP customers, according to CEO Fred Voccola.
Kaseya is latest victim of supply-side ransomware attack: hundreds of companies affected (Computing) Hackers are demanding as much as $70 million
REvil gang asks for $70 million to decrypt systems locked in Kaseya attack (The Record by Recorded Future) The REvil ransomware gang is asking for a $70 million ransom payment to publish a universal decryptor that can unlock all computers locked during the Kaseya incident that took place this past Friday, The Record has learned.
REvil ransomware gang executes supply chain attack via malicious Kaseya update (The Record by Recorded Future) The REvil ransomware gang appears to have gained access to the infrastructure of Kaseya, a provider of remote management solutions, and is using a malicious update for the VSA software to deploy ransomware to companies across the world.
Kaseya zero-day involved in ransomware attack, patches coming (The Record by Recorded Future) Remote management software vendor Kaseya said it identified and is currently mitigating a vulnerability that was abused in a recent incident that saw ransomware deployed on the networks of thousands of companies worldwide.
REvil's Ransomware Success Formula: Constant Innovation (GovInfoSecurity) Just as cloud services have taken the business world by storm, the same can be said for ransomware, including one of today's most notorious strains: REvil. Also known as Sodinokibi and Sodin, REvil is a ransomware-as-a-service offering, which means a core group develops and maintains the ransomware code and makes it available to affiliates via a portal.
Why cyber gangsters extort ever higher ransom money with ransomware (Market Research Telecast) The US $ 200 that victims of the then dominant encryption Trojan CryptoWall had to pay as a ransom in 2014 seem almost cute nowadays. Meanwhile, ransomware attacks are about other sums of money: According ... Read more
Attacks, Threats, and Vulnerabilities
U.S., U.K. intel say Russian military hacking attempts "certainly still ongoing" (Axios) It has tried to access the computer networks of hundreds of businesses and government agencies.
Russian hackers are trying to brute-force hundreds of networks (Ars Technica) Moscow's Fancy Bear group has been on a password-guessing spree this whole time.
US chemical distributor shares info on DarkSide ransomware data theft (BleepingComputer) World-leading chemical distribution company Brenntag has shared additional info on what data was stolen from its network by DarkSide ransomware operators during an attack from late April 2021 that targeted its North America division.
Ransomware gangs are taking aim at 'soft target' industrial control systems (ZDNet) Cyber criminals are increasingly targeting industrial control systems that control cyber-physical systems in the hope of big pay days.
Hackers zero in on Tokyo Olympics (TheHill) Experts are sounding the alarm about potential cyberattacks on the Tokyo Summer Olympics from those looking to create chaos at the already embattled event.
Hackers spread backdoor after compromising the Mongolian CA MonPass (Security Affairs) Threat actors compromised the servers of Mongolian certificate authority (CA) MonPass and used its website to spread malware. Hackers compromised the servers of the Mongolian certificate authority (CA) MonPass and used its website to spread malware, reported Avast researchers. According to the experts, the security breach took place at least six months ago, MonPass was […]
Google removes popular Android apps for stealing Facebook passwords (Computing) The apps had more than 5.8 million combined installs
Apps with 5.8 million Google Play downloads stole users’ Facebook passwords (Ars Technica) Researchers uncovered 9 apps that used a sneaking method to pilfer credentials.
Telnet service left enabled and without a password on SIMATIC HMI Comfort Panels (The Record by Recorded Future) Siemens SIMATIC HMI Comfort Panels, devices meant to provide visualization of data received from industrial equipment, are exposing their Telnet service without any form of authentication, security researchers have discovered.
Western Digital MyCloud And MyBook Users Slammed By New Alarming 0-Day Security Flaw (HotHardware) Some WD devices may still be vulnerable to outside attack in older versions of the MyCloud OS, but security researchers have released a fix.
Another 0-Day Looms for Many Western Digital Users (KrebsOnSecurity) Countless Western Digital customers saw their MyBook Live network storage drives remotely wiped in the past month thanks to a bug in a product line the company stopped supporting in 2015, as well as a previously unknown zero-day flaw. But…
Microsoft warns of critical PowerShell 7 code execution vulnerability (BleepingComputer) Microsoft warns of a critical .NET Core remote code execution vulnerability in PowerShell 7 caused by how text encoding is performed in in .NET 5 and .NET Core.
Microsoft scraps with security analysts over vulnerability in secured-core PCs (TechRadar) Security vendor says Microsoft is 'diverting attention'
The Cybersecurity 202: Group maps alleged victims of NSO Group surveillance tool (Washington Post) Researchers built a platform to track the proliferation of a surveillance tool made by NSO Group. It is partially designed to be used as evidence in legal cases.
Experts Warn Cyber Hackers, EMP Attacks and Solar Storms Could 'Annihilate Our Electric System' (CBN News) From natural phenomena to cyberattacks like the massive SolarWinds operation and recent attack on the Colonial Gas Pipeline, security experts warn it's clear that most businesses and key infrastructure like power grids across this country are woefully vulnerable.
It may not be possible to recognize a “Cyber Pearl Harbor” as a cyber event (Control Global) IT network cyberattacks including ransomware are readily recognized as cyberattacks. Unfortunately, ransomware attacks will continue to occur as they are so profitable.
Hacker defaces Apex Legends game to complain about Titanfall cheaters (The Record by Recorded Future) A hacker is currently defacing the in-game interface of Apex Legends, a popular battle royale shooter game developed by Respawn Entertainment, with messages in support of Titanfall, another game developed by the same company in previous years.
Watch out gamers, hackers have you in their crosshairs (TechRadar) As online gaming has become more popular, cybercriminals have taken notice
Warning over FREE 'games' that hack your computer to mine Bitcoin for crooks (The US Sun) HACKERS are dressing up dangerous software as free games in a bid to infect people’s computers, anti-virus experts at Avast have warned. Top titles like Grand Theft Auto V are among those fav…
Are cybercriminals really just frustrated gamers? (Information Age) Players savagely attacked in lockdown.
Dating apps still pose threats of cyberstalking, doxing to users — Kaspersky (Back End News) Kaspersky experts gave a rundown of the security implications of dating apps at the recently concluded Mobile World Congress 2021. Dating apps are relatively safer as concerns over data privacy hei…
NHS has had thousands of personal data breaches since 2019 (Computing) The incidents include patients' records being modified without consent, and the NHS sending private details to the wrong recipient
I Almost Lost $50,000 to a Real Estate Scam — and I'm One of the Lucky Ones (Money) Real estate wire fraud has been a problem for years, and it has only worsened during the pandemic.
Amnesty, research groups map out global reach of Israeli NSO Group’s spyware (Times of Israel) Pegasus software 'has been used in some of the most insidious digital attacks on human rights defenders,' Amnesty International charges; NSO says claims are 'recycled,' inaccurate
A string of top accounts on the new pro-Trump app GETTR were hacked and defaced on its July 4 launch day, and the person claiming to be the hacker says the site still has several security bugs (Business Insider) Marjorie Taylor Greene, Mike Pompeo, and Newsmax all had their pages hacked, as did the app's founder Jason Miller.
Security Patches, Mitigations, and Software Updates
CISA Offers New Mitigation for PrintNightmare Bug (Threatpost) CERT urges administrators to disable the Windows Print spooler service in Domain Controllers and systems that don’t print, while Microsoft attempts to clarify RCE flaw with a new CVE assignment.
Actively exploited PrintNightmare zero-day gets unofficial patch (BleepingComputer) Free micropatches addressing the actively exploited PrintNightmare zero-day vulnerability in the Windows Print Spooler service are now available through the 0patch platform.
SonicWall Fixes Post-Authentication Vulnerability Discovered by Positive Technologies (Positive Technologies) Attackers could disrupt an organization’s business processes
QNAP fixes critical bug in NAS backup, disaster recovery app (BleepingComputer) Taiwan-based network-attached storage (NAS) maker QNAP has addressed a critical security vulnerability enabling attackers to compromise vulnerable NAS devices' security.
Vulnerability Summary for the Week of June 28, 2021 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Trends
McAfee Labs Threats Report | June 2021 (McAfee Labs) In this report we introduce additional context into the biggest stories dominating the year thus far and we can look no further than recent ransomware attacks.
Evgeny Kaspersky talked about Russian hackers (Positively Scottish) Kaspersky talked about Russian hackers. Photo: RBC The head of Kaspersky Lab, Evgeny Kaspersky, talked about cyber espionage and the situation with
Cyber is the New Weapons System of the Future (The Cipher Brief) OPINION — “Right now, the offensive side has all the capability and we on the defensive side have got to run a new defense.”
Bitcoin mining is now easier and more profitable as algorithm adjusts after China crackdown (CNBC) It just became a whole lot easier and much more profitable to mine for bitcoin.
Organizations increasingly reluctant to pay ransomware demands (Help Net Security) 79 percent of respondents are increasingly reluctant to pay ransomware demands, according to an online poll conducted by Menlo Security.
Security in the Brave New World of Connected Medicine (MENAFN) nnected Medicine is having a growing impact on all of our lives. It's an exciting combination of data, technology and pharmaceutical&nb
More than seven-out-of-ten people in Wales have experienced cybercrime (South Wales Argus) WALES is one of the worst affected regions in the UK for cybercrime, a new study has found.
In crosshairs of ransomware crooks, cyber insurers struggle (AP NEWS) In the past few weeks, ransomware criminals claimed as trophies at least three North American insurance brokerages that offer policies to help others survive the very network-paralyzing, data-pilfering extortion attacks they themselves apparently suffered.
The Food Industry May Be Finally Paying Attention To Its Weakness To Cyberattacks (NPR.org) A ransomware attack that shut down several big beef plants is raising concerns about cybersecurity at food companies. Critics say industry consolidation makes the food supply chain more vulnerable.
Many farmers unprepared for cyber attacks (The Bull) CANBERRA, AAP – Australia’s agricultural sector is underprepared for cyber attacks and must act now to better protect sensitive commercial data. An organisation focused on the long-term prosperity of producers has warned they must learn from the health sector, which became a cyber crime target after digitising patient records. AgriFutures Australia released a report on...
Marketplace
HPE acquires Zerto to expand HPE GreenLake cloud data services (Help Net Security) Hewlett Packard Enterprise (HPE) has entered into a definitive agreement to acquire Zerto in a transaction valued at $374 million.
Cisco, Kenna Security Execs Talk Post-Acquisition Plans (SDxCentral) Cisco closed its Kenna Security acquisition this week and will integrate Kenna’s risk-based vulnerability management technology with SecureX.
SAIC Completes Acquisition of Halfaker and Associates (BusinessWire) Science Applications International Corp. completed its acquisition of Halfaker and Associates LLC, on July 2, 2021
Thoma Bravo-backed Barracuda Networks buys Skout Cybersecurity (PE Hub) Barracuda Networks, a portfolio company of Thoma Bravo, has acquired Melville, New York-based Skout Cybersecurity, a cyber-as-a-service software for managed service providers.
Israeli startup SecuredTouch acquired by Ping Identity (CTECH) "Ping has a commitment to invest in Israeli talent. The acquisition of SecuredTouch is a significant landmark in our efforts to expand our development activity in Israel,” said Shmulik Benshemen, Ping Identity GM
Darktrace has extreme growth potential, says Berenberg (Proactiveinvestors UK) The broker said a rampant increase in cybercrime so far this year meant the outlook for the company is “only improving”
Ericsson beats out Huawei to win Malaysia 5G contract (Light Reading) Malaysia's unusual path to 5G has taken another twist, with Ericsson unexpectedly winning the contract to build the national wholesale network.
WSJ News Exclusive | Facebook, Twitter, Google Threaten to Quit Hong Kong Over Proposed Data Laws (Wall Street Journal) A letter sent by an industry group that includes Facebook, Twitter and Google said the companies are concerned that planned rules to address doxing could put their staff at risk of criminal investigation or prosecution.
How to get a lucrative job in cybersecurity (BBC News) There's a serious shortage of IT security workers, so recruiters are fishing in a bigger pool.
Report: Growing San Diego Cybersecurity Cluster Using AI to Fight Hacking Threats (Times of San Diego) San Diego's cyber cluster accounts for 24,349 local jobs across 874 firms, has an annual economic impact of $3.5 billion, and is growing rapidly thanks to defense-related projects.
Largest Pittsburgh-area Cybersecurity Firms (Pittsburgh Business Times) Information was obtained from individual firms and firm websites and could not be independently verified by the Pittsburgh Business Times. In the case of ties, companies are listed alphabetically.
Deloitte Australia launches AI Institute in Melbourne (ARN) Deloitte has launched an artificial intelligence (AI) institute in Melbourne as part of a larger global initiative dating back to last year.
Securonix appoints Joshua Neil as Chief Data Scientist (Help Net Security) Securonix announced the appointment of Joshua Neil as Chief Data Scientist to drive data science and machine learning research.
Elik Etzion to Be Appointed by Elron (Global Security Mag Online) Elron announced a new managerial appointment. Mr. Elik Etzion has been appointed to lead the Enterprise Software and Cyber Investments at Elron. Etzion will be responsible for identifying and accompanying companies specializing in Cybersecurity and Enterprise Software spaces. He will take over the role as of July 2021.
Cherie Blair advising security firm accused of helping Saudis spy on Jamal Khashoggi (The Telegraph) Human rights lawyer paid as 'external adviser' to NSO Group, alleged in lawsuit of having helped Saudi Arabia intercept journalist's phone
Former McAfee Exec Ned Miller Joins Appgate to Lead Federal Pursuits (GovCon Wire) Looking for the latest GovCon News? Check out our story: Cybersecurity Pro Ned Miller Joins Appgate to Lead Federal Pursuits. Click to read more!
SIEGE Technologies Appoints Tracie Davidson as VP of Contracts; Alex Clary Quoted (Executive Gov) SIEGE Technologies announced on Friday that Tracie Davidson, formerly of the Federal Bureau of Inves
Jim Whitehurst and Bridget van Kralingen are out in an IBM leadership shakeup (Protocol) IBM President Jim Whitehurst is stepping down from the No. 2 leadership position at the company less than three years after IBM acquired his former company, in just one of several leadership changes announced Friday.Bridget van Kralingen, senior vice president of global markets, will also leave the ...
Sydney's RMS Services taps Unisys' Ashwin Pal as risk advisory lead (CRN Australia) Joins as partner and director of risk advisory.
Products, Services, and Solutions
Meet SafeSwap: The latest innovation in the VPN industry (Atlas VPN) We're excited to introduce SafeSwap, — a brand new Atlas VPN feature that further enhances the anonymity of our users. SafeSwap allows you to have many rotating IP addresses without having to switch between different VPN servers. As of now, we are the first and only VPN provider that offers this functionality.
New York's largest state power utility and IronNet combine forces in cloud-based cybersecurity solution (SiliconANGLE) New York's largest state power utility and IronNet combine forces in cloud-based cybersecurity solution - SiliconANGLE
CEO: UAE's Beacon Red Boosts Cyber Resilience in Mideast (Breaking Defense) Over the next few years, attacks against critical infrastructure will continue to be a primary concern as industries figure out the best way to defend against threat actors.
Exabeam announces Kiwi partnership (Channel Life) The security vendor is on a major roll, with numerous announcements including a local distributor.
ThycoticCentrify rolls out privileged management security features (Security Brief) ThycoticCentrify has added new privilege management security capabilities to Thycotic Privilege Manager and made additions to Thycotic Account Lifecycle Manager, its solution for service account governance.
Secutech's new digital sourcing platform to go live from 7 July - 6 August (PR Newswire APAC) Secutech's new digital sourcing platform to go live from 7 July - 6 August
CrowdStrike picks up AWS award for Falcon cybersecurity solution (Security Brief) CrowdStrike recently took home two awards from Amazon Web Services (AWS), recognising the company’s flagship Falcon cybersecurity platform on a global and regional stage.
MSAB wins groundbreaking deal in Japan (GlobeNewswire News Room) MSAB, a world-leading company in mobile forensics, established itself in Japan in 2019. Since then, the company has gradually increased its sales of...
Identity Verification Company Trust Swiftly Launches its Customer Focused 15 Verification Method Platform with Machine Learning to Increase E-commerce Fraud Prevention (PR Newswire) Trust Swiftly launches the first-ever identity verification platform featuring 15 different methods of authentication that safely approves real...
Pinnacle introduces Cybersecurity Solutions (IT-Online) Leading ICT distributor Pinnacle is excited to introduce the launch of their new Cybersecurity division – Cybersecurity Solutions. The launch of Pinnacle’s cybersecurity offering comes as digital transformation for many organisations is still very much on-going, despite being catapulted into operating remotely and digitally throughout the last 12 months. Businesses big or small, should not […]
Technologies, Techniques, and Standards
EU device-cracking platform to receive major upgrade (The Record by Recorded Future) The European Union has allocated €4 million in funding to upgrade Cerberus, a platform used by EU law enforcement agencies to crack passwords and access encrypted devices.
P/C Insurers Defend Ransomware Reimbursements in New Cyber Principles (Insurance Journal) The nation's largest property/casualty insurance organization is defending ransom payment reimbursements by insurers in a new set of principles stressing
APCIA Announces Strong Cyber Extortion/Ransomware Guiding Principles (APCIA) The American Property Casualty Insurance Association (APCIA) today announced its Cyber Extortion/Ransomware Guiding Principles that will provide guidance as the industry develops thoughtful action-driven opportunities to address this societal problem.
Mitigating Cyber Risk In An Age of Continuous Crisis (OODA Loop) In early May we began a discussion with our OODA Network members that started with an observation. About six months prior we had been through the Solar Winds attack, which from our perspective was clearly
Council Post: Three Strategies To Combat Catastrophic Cyberattacks (Forbes) Given the gravity of the threat posed by cyberattacks, it's imperative that we mount a robust, coordinated defense, starting within our own organizations and continuing throughout the public and private sectors.
How businesses can safeguard against rogue AI (Raconteur) Artificial intelligence has become a powerful weapon against cybercrime in recent years, but it’s only a matter of...
Customized threat intelligence can track down ransomware gangs (SC Media) Today’s columnist, Troy Wachter of Cyberint, says defeating ransomware groups like the one that hit Colonial Pipeline will take teamwork across departments and threat intelligence tools that show how and where specific threats have originated and how they are evolving.
How to create an effective data-at-rest security strategy (Technology Decisions) Over the past few years, the cost of data loss due to inadequate protection and more advanced hacking has grown to a more serious level.
How a Decentralized Document Management System Can Prevent Server Failure Downtime (Mfidie.com) A centralized system often comes with the concerns of a single point of failure. In contrast, and by nature, blockchain systems are decentralized, secure, immutable, and highly fault-tolerant. This makes a decentralized document management system ideal for managing recorded archives such as financial transactions, identity management, provenance, and authentication. In addition, blockchain can be deployed […]
Design and Innovation
DIU: Zscaler, Google, McAfee Clear Hurdle for Secure Cloud Management Prototype (MeriTalk) The Pentagon’s Defense Innovation Unit (DIU) said July 1 that cloud security provider Zscaler, Google Cloud, and McAfee Public Sector have successfully completed Secure Cloud Management (SCM) prototypes as part of a year-long process under which DIU has been evaluating service offerings that “deliver fast, secure, and controlled access by DIU users to software-as-a-service (SaaS) apps directly over the internet.”
How a Berlin start-up wanted to conduct cyber war more ethically and failed (Market Research Telecast) The trade in exploits, i.e. ways and means of exploiting known and unknown security holes, is large and extremely lucrative. Many government agencies are now stocking up on private companies with such tools, also in ...
Research and Development
DARPA nails cash to project 'FENCE' — a smart camera that only sends pics when pixels change (Register) Research agency also open-sources FETT hardware bug bounty platform and tools
Legislation, Policy, and Regulation
How to stop ransomware? International cooperation, disrupting payments are key (CSO Online) Anti-ransomware acts or regulations will require global cooperation, experts say. In the meantime, ransomware victims should cooperate quickly and fully with authorities.
Hacks Are Prompting Calls For A Cyber Agreement, But Reaching One Would Be Tough (NPR.org) The recent ransomware attacks on U.S. industries have sparked renewed talk of an international cyber agreement that could set rules for what's permissible, and spell out sanctions for violators.
On New Zealand’s Lack Of Adequate Cyber Security Defences (Scoop News) Remember how, back in the olden days, we had security concerns about the Chinese firm Huawei? Allegedly, Huawei was to be shunned as a business arm of the Chinese Communist Party and supposedly some Huawei products contained security glitches that ...
Scramble for cyber space: India needs urgently to formulate its National Cyber Strategy (Times of India Blog) Two critical aspects of cyber space were explained by the Indian National Cyber Security Coordinator Lt. Gen. (Dr) Rajesh Pant at a conference organised by the Public Affairs Forum of India, which merit attention of...
EUROPE : EU cybersecurity agency maps out pan-European incident response procedures (Intelligence Online) Increasing numbers of European projects want to ramp up cooperation on cyber incident response and the European cybersecurity agency ENISA has found partners to help it shape its policy in this field.
European Union Proposes a Joint Cyber Response Unit To Coordinate Reaction to Security Incidents (CPO Magazine) The EU Cybersecurity Commission proposes a Joint Cyber Unit (JCU) to respond to the rising number of serious cyber incidents impacting public services, businesses, and citizens across the European Union.
Putin Approves Updated Russian National Security Strategy (Tasnim News Agency) Russian President Vladimir Putin approved an updated Russian National Security Strategy, with the corresponding decree published on the state portal of legal information on Saturday.
Norway Law Forces Influencers to Label Retouched Photos on Instagram (Motherboard) The new law will require advertisements where a body’s shape, size, or skin has been retouched to be labeled.
Kevin McCarthy calls Biden "weak against Putin" while pointing to ransomware attacks (Newsweek) "Remember when President Biden gave Putin a list of things that were supposed to be off-limits for cyber attacks?" McCarthy wrote in his post. "What he SHOULD have said is that ALL American targets are off-limits."
China to Revise Rules and Strengthen Supervision of Overseas Listings (Wall Street Journal) China said it would tighten rules for companies seeking to sell shares abroad and strengthen oversight of overseas-listed companies, moves that could hinder attempts by homegrown firms to raise money in the U.S.
China Likely Outed Soon For Exchange Hacks (Breaking Defense) The Exchange campaign attribution will also provide hints about the role of the first national cyber director in such incidents. NSA veteran Chris Inglis was confirmed for the position just weeks ago.
How U.S. cyber policy changed after SolarWinds (CBS News) The Biden Administration imposed sanctions on Russia, ordered new cybersecurity standards for federal contracts with software companies, and chose the nation's first National Cyber Director.
SolarWinds: How Russian spies hacked the Justice, State, Treasury, Energy and Commerce Departments (CBS News) Bill Whitaker reports on how Russian spies used a popular piece of software to unleash a virus that spread to 18,000 government and private computer networks.
Debate Heats Up as Senator Prepares to Introduce Incident-Reporting Legislation (Nextgov) Reviews are in on draft legislation Sen. Mark Warner’s office has circulated and plans to update for introduction after the holiday break.
Lawmakers, experts question whether CISA should be split from DHS after delayed confirmation of Easterly (ZDNet) Anger over the delayed confirmation of Jen Easterly has reignited calls for CISA to exist on its own.
Proposed bill would create a new federal agency to protect consumer data (CSO Online) The Data Protection Act of 2021 has wide-ranging definitions of high-risk data practices and privacy harm.
Congress Considers Measures to Improve Telecom Security (GovInfoSecurity) A House subcommittee is considering a slate of nine bills designed to improve cybersecurity practices in the telecommunications supply chains that support wireless
US Department of Homeland Security toasts success of warp-speed drive to diversify cybersecurity workforce (The Daily Swig) Federal agency has filled or found candidates for 800 positions in just 60 days
Litigation, Investigation, and Law Enforcement
Moroccan hacker Dr HeX arrested for phishing attacks, malware distribution (The Record by Recorded Future) Moroccan authorities arrested a suspect known in underground hacking circles as "Dr HeX" on accusations of orchestrating a 12-year-old cybercrime spree that included website defacements, phishing attacks, and malware distribution, Interpol announced today.
Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide (Group-IB) Group-IB, a global threat hunting and adversary-centric cyber intelligence company that specializes in investigating and preventing hi-tech cybercrimes, has supported INTERPOL in its Lyrebird operation that resulted in the identification and apprehension of a threat actor responsible for multiple attacks, including on French telecommunications companies, the county’s major banks and multinational corporations, following a two-year investigation. The attacker, who turned out to be a citizen of Morocco, was arrested in May by the Moroccan police based on the data about his cybercrimes that was provided by Group-IB.
Twitter loses immunity over user-generated content in India (Reuters) Twitter Inc (TWTR.N) no more enjoys liability protection against user-generated content in India as the U.S. microblogging giant has failed to comply with new IT rules, the Indian government said in a court filing.
China investigates Didi over cybersecurity days after its huge IPO (Reuters) Didi Global's (DIDI.N) shares fell more than 10% in New York on Friday after China's cyberspace agency said it had launched an investigation into the Chinese ride-hailing giant to protect national security and the public interest.
Didi Falls Premarket as China’s Probes of U.S.-Listed Firms Jolt Investors (Wall Street Journal) Ride-hailing giant’s shares fell 22% in premarket trading, as data-security reviews into popular Chinese mobile apps show the risks of owning shares in businesses that have come under Beijing’s microscope.
Didi is under investigation by China’s cyberspace administration (South China Morning Post) Investigation by cyberspace watchdog comes hot on the heels of mega IPO in the US and as Beijing ups regulatory scrutiny of Big Tech.
WSJ News Exclusive | Chinese Regulators Suggested Didi Delay Its U.S. IPO (Wall Street Journal) China’s cybersecurity watchdog wanted the Chinese ride-hailing giant to do a thorough study of its network security, but Didi couldn’t wait raising billions of dollars for prominent investors.
Investigation links DDoS attack on Filipino media outlets to government agencies (The Record by Recorded Future) A Swedish digital rights nonprofit said on Thursday that it has observed a targeted campaign of distributed denial-of-service (DDoS) attacks against Filipino media outlets and a human rights group that appear to be linked to the country’s Department of Science and Technology (DOST) and Army.
Evidence found on a second Indian activist’s computer was planted, report says (Washington Post) The two activists were jailed in 2018 and accused of plotting an insurgency against the government. A new forensic report concludes they also shared something else: They were both victims of the same hacker who planted evidence on their computers.
EU Watchdog Tells Apple That Security Issues Cannot Stifle Competition (PYMNTS) Margrethe Vestager, the European Commission (EC) executive vice-president and competition commissioner, said on Friday (July 2) that Apple can’t use privacy and security concerns to stifle competitors on its App Store, Yahoo Finance reported.
Thailand SEC files criminal complaint against Binance (The Block) Thailand's Securities and Exchange Commission (SEC) has filed a criminal complaint against Binance over unregistered operations.
What If Regulating Facebook Fails? (Wired) It seems increasingly likely that antitrust and content moderation tools aren’t up to the task. Here’s what we do next.
US email hacker gets his “computer trespass” conviction reversed (Naked Security) Court says that we need to “avoid a construction that makes some language mere surplusage.”
FBI assisting Monroe schools in cyber attack (The Monroe News) FBI assisting Monroe schools in cyber attack
British Airways settles with 2018 data breach victims (Reuters) British Airways has settled a case brought by customers and staff affected by a massive 2018 data breach that led to personal information being leaked, the court-appointed lead solicitors in the case said on Tuesday.
Several ‘fake stream’ sites shut down in Brazil - Music Business Worldwide (Music Business Worldwide) Streaming manipulation has no place in music; we continue to tackle it globally,' says IFPI Chief Executive…
Mike Lindell promises "cyber symposium" on election fraud will "change history," reinstate Trump (Newsweek) "These three days in August are gonna change history…you can't change these packet captures, they're forever captured in time."