Attacks, Threats, and Vulnerabilities
Pegasus spyware seller: Blame our customers, not us, for hacking (BBC News) NSO Group tells BBC News: "The finger-pointing should be at the customer."
Pegasus: Pradeo's Analysis and Recommendations (Pradeo) The current resurgence of the Pegasus spyware is shedding light on a fundamental problematic raised for years by mobile devices: How private mobile data can be?
Post Pegasus, big companies tighten cyber security measures to ward off snooping (ETCIO.com) From upping their internal security to creating centralised servers and from getting vulnerability tests to sensitising the senior management about cy..
The Cybersecurity 202: Cyber pros are on the lookout for hacks targeting the Tokyo Olympics (Washington Post) Law enforcement and cyber defenders are sounding alarms about the possibility of digital attacks from Russia or elsewhere hitting the Summer Olympics kicking off this weekend in Tokyo.
From COVID-19 to the Tokyo Olympics: Russia’s Next Cyber and Information Battle (Alliance For Securing Democracy) Covid-19 vaccines and “mask diplomacy” have been the centerpieces of many countries’ soft power strategies over the past year. Early in the pandemic, countries like Russia and China sought to use shipments of personal protective equipment (PPE) and other foreign aid to promote their image abroad, while the United States struggled to contain the
A favorite target of Russian hackers, the Olympics are on guard (NBC News) Russian hackers have targeted the Olympic Games since 2016, when Russia was suspended from full participation. The Tokyo Olympics are on guard for 2021.
Wiper malware targeting Japanese PCs discovered ahead of Tokyo Olympics opening (The Record by Recorded Future) A Japanese security firm said it discovered an Olympics-themed malware sample that contains functionality to wipe files on infected systems and appears to be targeted at Japanese PCs.
Home and office routers come under attack by China state hackers, France warns (Ars Technica) Compromised routers give the hackers anonymity in ongoing large-scale attacks.
Kaseya Gets Tool to Unlock Data After Ransomware Attack (Wall Street Journal) The tech company said it received a universal decryptor that would help restore all the computer systems affected by the July 2 hack of one of its products.
Kaseya Gets Universal Decryptor to Help REvil Ransomware Victims (The Hacker News) Kaseya has obtained a universal REvil decryptor and to assist customers in recovering data after a supply-chain ransomware attack impacted the company
Kaseya obtains REvil decryptor, starts customer data recovery operations (The Record by Recorded Future) Remote management software vendor Kaseya said today it obtained a universal decryptor for the REvil ransomware and is now in the process of helping customers recover their encrypted data following a major ransomware attack that targeted its on-premises VSA servers on July 2 this year.
Kaseya obtains decryptor tool to address REvil ransomware fallout (Computing) The key could have come from US or Russian authorities - or a paid ransom
Kaseya 'Saves Face' as Customers Get Help to Recover from Cyberattack (Channel Futures) Kaseya customers still suffering from the VSA supply chain ransomware attack received some good news this week. Kaseya has received a universal encryptor.
The world's top ransomware gangs have created a cybercrime "cartel" (CBS News) Russian cybercriminal gangs are mentoring younger groups and sharing hacking techniques, tools and data breach details.
A Defunct Video Hosting Site Is Flooding Normal Websites With Hardcore Porn (Motherboard) Stories on major news sites like ‘The Washington Post,’ and ‘New York Magazine’ currently have porn embedded in them because of an old site called Vidme.
No cyberattack in sprawling internet outage, Akamai says (CyberScoop) A global internet outage on Thursday downed tens of thousands of websites, including those of giant corporations like McDonald’s and Delta Airlines, according to companies that track web statistics.
Online banking and gaming services hit by internet outage (the Guardian) HSBC, PlayStation and others affected on Thursday in issue possibly related to Akamai Edge DNS
Akamai DNS outage knocks many major websites and services offline: PSN, Steam, Fidelity, more [U] (9to5Mac) Update 12:48 p.m. ET: Akamai says it has implemented a fix for the issue. “We have implemented a fix for this issue, and based on current observations, the service is resuming normal operations. We will continue to monitor to ensure that the impact has been fully mitigated,” it says. An apparent DNS issue is affecting […]
CISA Details Malware Used in Attacks Targeting Pulse Secure Devices (SecurityWeek) CISA has detailed more than a dozen malware samples discovered on Pulse Secure devices that were compromised in recent attacks.
New Windows and Linux Flaws Give Attackers Highest System Privileges (The Hacker News) New Linux flaws and an unpatched privilege escalation flaw in Windows could let attackers gain the highest system privileges.
Threat Thursday: Bee-ware of Hive Ransomware (BlackBerry) First seen in June 2021, the Hive ransomware family favors the increasingly common attack technique of double extortion, where data is both locally encrypted and exfiltrated. If the victim refuses to pay the ransom, their data is published to Hive’s leak site on the dark web.
Windows “HiveNightmare” bug could leak passwords – here’s what to do! (Naked Security) Windows “hives” contain registry data, some of it secret. The nightmare is that these files aren’t properly protected against snooping.
Ransomware gang breached CNA’s network via fake browser update (BleepingComputer) Leading US insurance company CNA Financial has provided a glimpse into how Phoenix CryptoLocker operators breached its network, stole data, and deployed ransomware payloads in a ransomware attack that hit its network in March 2021.
The 5 Most Notable Third-Party Data Breaches of 2021 (So Far) (Panorays) Which third-party data breaches stood out in 2021, and what can we learn from them? Read about the takeaways from five notable ones.
CWE -
2021 CWE Top 25 Most Dangerous Software Weaknesses (MITRE) Common Weakness Enumeration (CWE) is a list of software and hardware weaknesses.
Gun owners' fears after firearms dealer data breach (BBC News) Thousands of records from the popular shotgun and rifle sales site Guntrader were posted to the dark web.
UK gun owners urged to be ‘vigilant’ after Guntrader data breach (IT PRO) 100,000 customer names and addresses have been published to the dark web
Six years' worth of personal data at risk in National Lottery Community Fund data breach (Third Sector) A data breach at the National Lottery Community Fund has left more than six years of contact and bank details exposed to fraudulent behaviour.
Fear patient data may have been stolen from Auckland DHBs (Stuff) Office of the Privacy Commissioner advised of possible data breach; HealthAlliance investigating 'unusual activity'.
Pro-Trump MAGACOIN crypto launch marred by website data breach By Cointelegraph (Investing.com) Pro-Trump MAGACOIN crypto launch marred by website data breach
MAGAcoin Claims to Have Made 75M Cryptocurrency Coins, Are They Legit? (Tech Times) More than 1,000 sign-ups have flooded the website but are subject to a data breach.
Security Patches, Mitigations, and Software Updates
Atlassian Patches Critical Vulnerability in Jira Data Center Products (SecurityWeek) Atlassian has patched a critical code execution vulnerability affecting some of its Jira Data Center products.
iOS Security Update Patches Recently Disclosed Wi-Fi Vulnerability (SecurityWeek) Apple this week started rolling out security updates for iOS, macOS, iPadOS, watchOS, tvOS, and Safari, to address tens of vulnerabilities, including some that could result in arbitrary code execution.
Dell Patches Critical Vulnerabilities in OpenManage Enterprise (SecurityWeek) Patches released this week by Dell for its OpenManage Enterprise product address multiple critical-severity vulnerabilities.
Trends
What IT Pros Are Feeling, Doing and May Be Overlooking in the Post-Pandemic Environment (Open Systems) The pandemic has made for an unexpected, unprecedented and unusual year and a half.
740 ransomware victims named on data leak sites in Q2 2021: report (ZDNet) Digital Shadows' Q2 ransomware report highlighted that the number of victims posted to data leak sites increased by 47% compared to Q1.
Nearly 140 phishing incidents observed by CERT-In during H1 2021 (ETTelecom.com) Close to 140 phishing incidents were observed by CERT-In during the first half of 2021, Parliament was informed on Thursday.
740 ransomware victims named on data leak sites in Q2 2021: report (ZDNet) Digital Shadows' Q2 ransomware report highlighted that the number of victims posted to data leak sites increased by 47% compared to Q1.
Keeper Security, Ivanti Surveys Highlight Security Challenges (Channel Futures) New research by Keeper Security and Ivanti shows organizations have a long way to go in protecting themselves from ransomware and phishing attacks.
Ransomware fallout is devastating and could often be avoided, study finds (TechRepublic) Ransomware victims face tightened budgets, lost productivity and other problems. In most cases, new post-attack security measures could have prevented the ransomware attack if implemented beforehand.
Marketplace
ExtraHop Announces Completion of Acquisition by Bain Capital Private Equity and Crosspoint Capital Partners | ExtraHop (ExtraHop) Investment will accelerate ExtraHop's leading position in the growing network detection and response market segment.
Cyber risk startup Safe Security lands $33M from UK telco BT (TechCrunch) The Silicon Valley startup has raised close to $50 million to date.
Interos Raises $100 Million to Protect Supply Chains from Physical and Cyber Disruption, Child Labor and Other ESG Issues (GlobeNewswire News Room) NightDragon leads the round, which values Interos at more than $1 billion, making it one of the few female-led unicorns...
Bug Bounty and VDP Platform YesWeHack Raises $18.8 Million (SecurityWeek) European bug bounty platform YesWeHack has banked $18.8 million in Series B funding to fuel international expansion.
No rest for Israeli tech: 4 Israeli startups acquired in less than 24 hours (Geektime) From a VC fund taking control to Cybereason spending its recent $275M check, Israeli tech continues to be a staple for corporate growth...
Intel CEO Says Chip Shortage Could Stretch Into 2023 (Wall Street Journal) It could take one or two years to get back to a reasonable supply-and-demand balance in the semiconductor industry, Pat Gelsinger said in an interview after Intel posted largely flat second-quarter sales and profit.
Kevin McCarty, VP of Security, Governance, Risk and Compliance at Marriott International, Joins Kovrr Advisory Board (BusinessWire) Kovrr, a provider of cyber risk modeling and quantification for enterprises and (re)insurers, announced today that Kevin McCarty, VP of security, gove
Products, Services, and Solutions
PC Matic Selected by NIST's National Cybersecurity Center of Excellence to Demonstrate Zero Trust Architectures (PR Newswire) Today, American cybersecurity firm, PC Matic, announced it has been selected by the National Institute of Standards and Technology's (NIST)...
ConnectWise and SentinelOne Enhance Partnership to Offer TSPs Greater Cybersecurity Choice (GlobeNewswire News Room) SentinelOne endpoint detection and response products are now available directly from ConnectWise...
SynSaber Launches to Empower Industrial Operators to Comprehensively Find and Defend Critical Infrastructure Systems with Laser Precision (BusinessWire) SynSaber, an industrial asset and network monitoring solution provider, today announces the launch of the company, its leadership and seed funding.
Google Cloud Unveils New SOC, IDS Solutions (SecurityWeek) Google Cloud introduces Autonomic Security Operations to improve SOCs and Cloud IDS for network-based threat detection.
Technologies, Techniques, and Standards
Automatic Proofs of Differential Privacy (NIST) We are excited to introduce our fourth guest author in this blog series, Chike Abuah, PhD student in compute
Generation Superconnected: Coming User Authentication Shift (PYMNTS) Generation Superconnected: The Coming User Authentication Shift Report surveys 2,127 consumers on their connected device usage and authentication preferences.
Not all forms of multifactor authentication are equal (Federal News Network) Many in the industry believe a multifactor authentication mandate is overdue, but the government now has a chance to prove the cynics wrong.
Questions that help CISOs and boards have each other's back (Help Net Security) There are some essential questions that help board members in understanding their companies’ security posture, and how to protect them.
How GP practices should deal with a breach of confidential data (GP Online) Data security incidents in healthcare have increased. The MDU's Dr Ellie Mein highlights steps practices can take to prevent them and how to respond if a data breach occurs.
F Secure Oyj : Incident readiness and response work hand-in-hand (MarketScreener) While it's important to engage incident response during a cyber security incident, F-Secure Consulting's global incident response offerings put equal... | July 23, 2021
Use Screen Time to Set Restrictions and Parental Controls on iPhone, iPad, and Mac (The Mac Security Blog) Screen Time lets you keep track of how much you use your Apple devices, and allows you to set parental controls and restrictions for your children.
Design and Innovation
CyberSecure IPS Exec's Pioneering Patents in Cyber-Physical Security Earn Top Tech Influencer Award for Innovation (PR Newswire) CyberSecure IPS VP of Innovation, Bobby Nakanelua, was named one of InterCon's Top 100 Innovators & Influencers in Technology 2021 on June 25,...
Is the UK’s pingdemic good or bad? Yes. (MIT Technology Review) A covid surge was meant to be the moment that digital contact tracing apps finally came into their own. So why are so many Britons turning sour on the technology?
Academia
Meet the UAB students training to stop ransomware and other digital threats (UAB News) UAB’s cybersecurity master’s program is preparing a new workforce for a booming field with ever-increasing demand and a shortage of skills. The program has a unique focus on both cyber defense and cyber investigations.
Legislation, Policy, and Regulation
Less Than Two Months Until New Chinese Data Security Law Goes Into Effect (JD Supra) Earlier this June, China passed the Data Security Law (“DSL”), which will go into effect on September 1, 2021. Unlike many international data security...
Biden’s China Policy Borrows From Trump and Adds Allies to Raise Pressure (Wall Street Journal) The president’s policy will get a test when U.S. Deputy Secretary of State Wendy Sherman travels to China for the first face-to-face meeting of senior officials in more than three months.
US Playing Long Game To Pressure China On Cyber Ops: Experts (Breaking Defense) "It's part of a larger diplomatic strategy," cyber policy expert James Lewis said of the US attribution to China for Microsoft Exchange hacks earlier this year.
Opinion | Tough Biden Talk, Little Action (Wall Street Journal) On Nord Stream and Chinese hacking, a message of weakness.
House task force pushes Pentagon to wean itself off Chinese sources (Federal News Network) New proposals would require the Pentagon to treat supply chains as a “strategic priority” and identify a plan to get away from materials sourced from China.
Lawmakers want Pentagon to map supply chain risks, cut China products (Defense News) A bipartisan group of lawmakers wants to force the Pentagon to identify supply chain vulnerabilities.
The Hacking War Is an Unequal Contest (Foreign Policy) U.S. companies are resisting public-private partnerships against cyber-hacking attacks facilitated by foreign governments.
Senators target Section 230 to fight COVID-19 vaccine misinformation (The Verge) Tensions are rising between Facebook and the White House.
Mark Zuckerberg is betting Facebook’s future on the metaverse (The Verge) An interview with the CEO about his most sci-fi speculation.
Bills Giving FCC, NTIA Bigger Cyber Roles Advance In House (Law360) The Federal Communications Commission and the National Telecommunications and Information Administration could soon take on more cybersecurity responsibilities, thanks to a slate of eight bills now pending in the U.S. House of Representatives.
Warner says ‘time is now’ for cyber incident reporting legislation (Federal News Network) A new bill in the Senate would require federal contractors, agencies and critical infrastructure operators to report cyber intrusions within 24 hours.
Blunt, Colleagues Introduce Bipartisan Cyber Reporting Bill Following SolarWinds and Colonial Hacks (U.S. Senator Roy Blunt of Missouri) In response to growing number of cyberattacks, Blunt and his colleagues introduced legislation requiring federal contractors and operators of critical infrastructure to disclose cyber intrusions within 24 hours
The FTC Votes Unanimously to Enforce Right to Repair (Wired) The move follows an executive order issued last week by the White House urging the agency to secure consumers' rights to fix their own gadgets.
US Feds Offer Fresh Directive To Combat Cyberattacks on Pipelines (Journal of Petroleum Technology) The FBI also released a security advisory and details regarding 23 attacks on oil and gas companies from December 2011 to 2013.
TSA announces new cybersecurity regulations for critical pipeline owners and operators (Security Magazine) In response to the ongoing cybersecurity threat to pipeline systems, DHS’s Transportation Security Administration (TSA) announced the issuance of a second Security Directive that requires owners and operators of TSA-designated critical pipelines that transport hazardous liquids and natural gas to implement a number of urgently needed protections against cyber intrusions.
Connecticut Enacts New Cybersecurity Safe Harbor (The National Law Review) Connecticut recently enacted cybersecurity legislation that provides a safe harbor for businesses that implement a written cybersecurity program. Under the legislation, set to go in effect o
Litigation, Investigation, and Law Enforcement
Fraud Family phishing-as-a-service disrupted in the Netherlands - The Record by Recorded Future (The Record by Recorded Future) Dutch police have arrested two suspects this week who created and hosted phishing sites for other cybercrime groups as part of an online service they were calling The Fraud Family.
ICO imposes £25,000 fine on Mermaids charity for data protection breach (Computing) Internal emails containing sensitive data were accessible on the internet
Companies Face Growing Legal Risks Over Ransomware Data Leaks (Wall Street Journal) A cancer patient in Ireland is suing a hospital in Cork after his data was exposed online following a ransomware attack on the country’s healthcare system.
Court’s Dismissal of Data Breach Litigation Reiterates Importance of Strategic, Informed Decisions Early on Regarding Choice of Law and Nuances Among State Laws (The National Law Review) Data privacy litigators are well aware of the critical importance of a motion to dismiss to have meritless data incident claims kicked at the pleadings stage.  A recent decision underscores the c
Convenience Store Chain Can't Shield Investigative Report on Data Breach From Discovery, Judge Rules (The Legal Intelligencer) A federal judge has ruled that because an investigative report commissioned by Pennsylvania-based convenience store chain Rutter's in response to a data security breach was not prepared for litigation purposes, it is not privileged.
Class action targets CaptureRx over breach that exposed 2.4M+ patients' data (Becker's Hospital Review) CaptureRx, a health IT company that helps hospitals manage their 340B drug discount programs, is being accused of failing to properly protect health information stored on its network after a ransomware attack exposed at least 2,400,000 patients' information, according to court documents cited by Bloomberg Law.
Insurer Must Defend Landry’s Inc. in $20 Million Data Breach Row (Bloomberg Law) The Insurance Co. of the State of Pennsylvania must defend retail property operator Landry’s Inc. in litigation over a data breach that caused more than $20 million in losses to Visa and MasterCard, the Fifth Circuit held Wednesday.
Hy-Vee Data Breach Class Deal Gets OK With Reduced Lawyers’ Fees (Bloomberg Law) A consumer settlement with Hy-Vee Inc. over a credit card data breach at its stores got approved but not until after attorneys’ fees were slashed, as initially the fee request was too high relative to class members’ recovery, according to a federal court in Illinois ruling.
UPMC reaches $2.65 million settlement with employees over data breach (Pittsburgh Post-Gazette) UPMC has reached a financial settlement with thousands of employees whose personal information was hacked in 2014 and used to file phony income tax returns.
Allegheny...
AIG unit must defend Texas retailer in data breach case (Business Insurance) A federal appeals court reversed a lower court Wednesday and ruled an American International Group Inc. unit is obligated to defend a retailer in connection with a data breach.
TikTok Faces Dutch Sanction For Alleged Privacy Failings (Law360) The Netherlands' data protection regulator has hit TikTok with a €750,000 ($833,000) fine for allegedly failing to clearly disclose how it collects and uses young children's personal data, the agency said Thursday, while adding that the company may also face scrutiny from Ireland's privacy enforcer.
Attys Say Ex-CIA Coder Fit To Rep Self At Espionage Retrial (Law360) Counsel for former CIA programmer Joshua Schulte told a federal judge Thursday that Schulte is competent to represent himself at his upcoming retrial on espionage charges — a sentiment that was echoed by a prosecutor from the Manhattan U.S. attorney's office.
In CIA Leak Case Schulte Wants To Go Pro Se S (InnerCityPress) In the conclusion of the month long trial of accused CIA leaker Joshua Schulte, on the morning of March 9 the jury returned guilty verdicts on Counts 8 and 10, with mistrial granted on all other counts. U.S. District Court for the Southern District of New York Judge Paul A. Crotty set March 26 for the next date.