Attacks, Threats, and Vulnerabilities
South Africa Port Operator Declares Force Majeure Over Cyber Attack (Bloomberg) Transnet says cyberattack affects operations at four harbors. Company says it is making headway in fixing problems.
Transnet cyber attack confirmed: Port terminals division declares force majeure (Moneyweb) ‘Security intrusion and sabotage’ a major blow, but group now says ‘significant progress has been made in restoring Transnet SOC Ltd IT systems’.
Iran's secret cyber files on how cargo ships and petrol stations could be attacked (Sky News) Iran's secret cyber files on how cargo ships and petrol stations could be attacked
Secret Iran hacking plans against West revealed - report (The Jerusalem Post) Five secret documents allegedly showing Iranian plans to hack infrastructure in Western countries, including in Europe, were publicized by Sky News on Monday.
Kaseya denies paying ransom for decryptor, refuses comment on NDA (ZDNet) The company was initially vague about how the universal decryption tool was obtained.
Kaseya did not pay ransom for decryptor, refused to ‘negotiate’ with REvil (CRN Australia) Did not negotiate with REvil cyber criminals.
Tokyo Olympics 2020: Tracking the Cyber Threat Landscape (Flashpoint) As the Tokyo Olympics officially kick off, news of cyberattacks and disruptions is already emerging. Earlier this week, the U.S. FBI issued a warning that threat actors are highly likely to be targeting all organizations and “entities associated with the Tokyo 2020 Summer Olympics.” As recently as yesterday, July 22, 2021, Japanese government officials indicated […]
Zimbra 8.8.15 - Webmail Compromise via Email (SonarSource) We discovered critical code issues in Zimbra, a popular enterprise webmail solution, that could lead to a compromise of all emails by an unauthenticated attacker.
Enterprises Warned of New PetitPotam Attack Exposing Windows Domains (SecurityWeek) Enterprises have been warned of a new attack dubbed PetitPotam that can be used to completely take control of a Windows domain.
Windows “PetitPotam” network attack – how to protect against it (Naked Security) A cute name but an annoying and potentially damaging attack. Here’s what to do.
Microsoft warns of weeks-long malspam campaign abusing HTML smuggling (The Record by Recorded Future) The Microsoft security team said it detected a weeks-long email spam campaign abusing a technique known as "HTML smuggling" to bypass email security systems and deliver malware to user devices.
Fake Windows 11 installers are injecting malware into PCs, researchers warn (Computing) Cybercriminals are cashing in on Windows 11 hype
Old Dogs New Tricks: Attackers Adopt Exotic Programming Languages (BlackBerry) For defenders to maintain a competitive advantage over attackers, it’s important to recognize emerging trends by threat actors. One such trend BlackBerry has observed in 2021 is the practice by malware authors of leveraging new and uncommon programming languages to evade detection and hinder analysis.
Updated XCSSET Malware Targets Telegram, Other Apps (Trend Micro) In our last update on the XCSSET campaign, we updated some of its features targeting latest macOS 11 (Big Sur). Since then, the campaign added more features to its toolset, which we have continually monitored. We have also discovered the mechanism used to steal information from various apps, a behavior that has been present since we first discussed XCSSET.
AvosLocker Ransomware Gang Recruiting Affiliates, Partners (GovInfoSecurity) A recently discovered ransomware-as-a-service gang dubbed AvosLocker is recruiting affiliates and partners, including "pentesters" and "access
The Business of Fraud: Online Retail Fraud in the Criminal Underground (Recorded Future) As e-commerce platforms continue to grow threat actors will continue to target the online retail landscape.
What We Learn from MITRE's Most Dangerous Software Weaknesses List (SecurityWeek) MITRE’s 2021 Top 25 Most Dangerous Software Weaknesses (CWE Top 25) is a list of the most common software issues that can be and are exploited by cyber adversaries
Saudi IT experts weigh in on Clubhouse data breach reports (Arab News) Experts in Saudi Arabia have reacted to reports that audio-chatting social platform Clubhouse has experienced a data breach and billions of users’ phone numbers have been offered for sale on the darknet.
The security risks lurking for banks still using mainframes (American Banker) After recent attacks on ATM networks, the PCI Council, a prominent standards body, recommended extra protections for mainframes that handle card and payment data.
Chat platform Discord popular for spreading malware, researchers warn (mint) Discord has always been positioned as a chat platform for gamers. However, it is also used by the crypto community in India, among others
Dutch Fishing Outlet Exposes Hundreds of Thousands of Customers (SafetyDetectives) The SafetyDetectives cybersecurity team found an unsecured Microsoft Azure Blob Storage server belonging to retail outlet Raven Hengelsport (otherwise known as
Florida DEO Warns Unemployment Website Targeted By Cyberattack (Miami CBS Local) Florida’s Department of Economic Opportunity, which runs the state’s unemployment benefits website, has confirmed a cyberattack.
Florida Heart Associates recovering from ransomware hack (WFTX) A massive data hack at a Southwest Florida heart treatment center is making it difficult for patients to get their medication and see a doctor.
Vulnerability Summary for the Week of July 19, 2021 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week.
Security Patches, Mitigations, and Software Updates
Apple Patches 'Actively Exploited' Mac, iOS Security Flaw (SecurityWeek) Apple ships an out-of-band security update and warns of active zero-day attacks targeting macOS and iOS users.
Apple releases fix for iOS and macOS zero-day, 13th this year (The Record by Recorded Future) Apple has released today patches for iOS, iPadOS, and macOS to address a zero-day vulnerability that the company says has been exploited in the wild.
Signal fixes bug that sent random images to wrong contacts (BleepingComputer) Signal has fixed a serious bug in its Android app that, in some cases, sent random unintended pictures to contacts without an obvious explanation. Although the issue was reported in December 2020, given the difficulty of reproducing the bug, it isn't until this month that a fix was pushed out.
IDEMIA fixes vulnerability that can allow threat actors to open doors remotely (The Record by Recorded Future) IDEMIA, one of the largest vendors of biometrics authentication solutions, has fixed last week a series of security flaws, including a major vulnerability that would have allowed threat actors to hijack devices and open doors remotely.
Trends
Rush to adapt to pandemic working practices exposes underfunded cyber defenses amidst growing threat (EY) Adopting to new working practices, as a result of the COVID-19 pandemic, has businesses exposed to more and increasingly sophisticated cyber attacks and brought underfunded cyber defenses into the spotlight, according to the EY Global Information Security Survey 2021 (GISS).
68% of sysadmins say their organizations faced increased risk of cybersecurity attacks due to the shift to remote work (Netwrix) Netwrix study dedicated to Sysadmin Day also finds that two thirds (66%) of system administrators had to deal with an increased workload.
Ransomware has already cost victims $45 million in 2021 (Atlas VPN) Cybercriminals have started to use double extortion methods in ransomware attacks. Attackers not only encrypt your data but also threaten to sell confidential information of your business if the ransom is not paid. That leaves some organizations with no other choice but to pay criminals.
Latest HP Inc. Cybersecurity Threat Report Reveals Hackers Sharing Computer Vision Tools to Supercharge Capabilities (GlobeNewswire News Room) HP Wolf Security threat research team finds increasing cybercrime sophistication and a boom in monetization and hacking tools, while end users are still...
Appsec Stats Flash | NTT Application Security (NTT Application Security) The state of application security is rapidly evolving and there is a need for a more frequent analysis of the threat landscape.
Egress: IT Leaders Rely on Weak Security Protocols Despite Extraordinary Increase in Phishing Threats to Remote Workers (BusinessWire) A new survey of enterprise IT security leaders showed an overwhelming majority--almost 80 percent--believe remote workers are at more risk for phishin
Is Canada winning the cyber war? (Insurance Business) There is a warning about what’s to come…
Marketplace
As Cyberattacks Surge, Security Start-Ups Reap the Rewards (New York Times) Investors have poured $12.2 billion into cybersecurity companies so far this year, nearly $2 billion more than the total for all of 2020.
ArchTIS finalises Nucleus Cyber acquisition (CRN Australia) $9.75m deal wraps up after ten months.
Deloitte Acquires Zero Trust Network Access Provider (Deloitte United States) Deloitte Risk & Financial Advisory announced today its acquisition of substantially all the assets of TransientX, Inc., a Zero Trust Network Access (ZTNA) company based in Hoboken, N.J.
Deloitte Acquires Sentek Global’s Business to Expand Systems Engineering and Cyber Offerings to Support U.S. Navy, Additional Military Branches and Federal Agencies – Press Release (Deloitte United States) Deloitte announced today it has acquired substantially all the assets of Sentek Consulting, Inc. (Sentek Global), a San Diego-based systems engineering and cybersecurity firm primarily serving the U.S. Navy.
Deloitte puts down geographic, cyber footprints with Sentek acquisition (Washington Technology) Deloitte has been pushing more into what it calls the 'mission space' of the Navy. That has led the consulting firm to acquire Sentek and put down roots in a both key geographic region and technical area.
1Password valued at $2 billion in latest $100M investment round (PR Newswire) 1Password, a leader in security and privacy, today announced their latest round of funding that now values the company at $2 billion. The $100M...
Bay Area cyber insurance startup At-Bay joins unicorns with $185M funding (Silicon Valley Business Journal) The cyber insurance company led by CEO Rotem Iram was previously valued at about $324 million after raising another round about seven months ago.
Former McAfee CEO ups the cybersecurity ante with $750M venture fund (Pitchbook) As companies and investors scramble to keep up with a changing information security landscape, a new venture firm is vying to become a leader in the industry's brave new world.
Generali Global Assistance Ranked 76 in The Software Report's Top 100 Software Companies (PR Newswire) Generali Global Assistance ("GGA") today announced they were ranked in The Software Report Top 100 Software Companies list in the 76th spot....
Onfido grows revenue over 100% year-over-year and reaches more than $100M ARR (Onfido) Breaks revenue record for the 5th consecutive quarter as company propels to next phase of expansion
Cybersecurity Insurers Are Putting an End to the 'Pass the Buck' Era (TechSpective) Insurers are getting smarter about issuing cyber insurance and determining the right cost for premiums.
SentinelOne, IBD Stock Of The Day, Jumps On Praise From Wall Street (Investor's Business Daily) SentinelOne stock is forming an IPO base. The cybersecurity firm scored a bunch of positive analyst reports on Monday.
Army Cyber Command Accepting Virtual Internships (MilitarySpot.com) University students are invited to apply for a virtual internship with U.S. Army Cyber Command during the upcoming academic year. The inter
Ex-Mossad, German intel chiefs team up in cyber security (The Jerusalem Post) A mix of intelligence and technological capabilities could be the key to escaping the next mega hack, former Mossad and former German intelligence BND chiefs told the Jerusalem Post on Monday.
Egnyte appoints Stan Hansen as chief revenue officer (Intelligent CIO Middle East) Cloud content security and governance solutions provider Egnyte, has announced the appointment of Stan Hansen as chief revenue officer (CRO). Hansen will be responsible for all sales functions globally. In the first half of 2021, Egnyte has added 128 net new hires, bringing its total employee count to 789 and opened its first office in […]
Veteran CMO Brad Rinklin Joins SaaS Unicorn Infoblox (PR Newswire) Infoblox Inc., the leader in cloud-first DDI and DNS security services, today announced the appointment of cloud and cybersecurity veteran Brad...
Collibra Appoints Madalina Tanasie as Chief Technology Officer (PR Newswire) Collibra, the Data Intelligence company, today announced the appointment of Madalina Tanasie to chief technology officer. As Collibra's CTO,...
Brinqa Strengthens Leadership Team as Company Grows to Meet Accelerating Demand (BusinessWire) Brinqa™, a leader in Cyber Risk Management, today announced that the current CEO of Tricentis and former CEO of SolarWinds, Kevin Thompson, has been a
Products, Services, and Solutions
Leading SASE Provider iboss Joins Microsoft 365 Networking Partner Program (Yahoo) iboss, the leading Secure Access Service Edge (SASE) cloud security provider, today announced it is now certified to be a partner in the Microsoft 365 Networking Partner Program (NPP). The Microsoft 365 NPP is designed to offer customers a set of partners whose networking requirements and best practices are aligned with Microsoft's key principles for optimal Microsoft 365 connectivity. iboss allows users to connect to Microsoft 365 via the iboss Zero Trust SASE platform and provide direct connec
Trustwave Joins CISA’s Cyber Information Sharing and Collaboration Program (Homeland Security Today) Trustwave Government Solutions, the wholly-owned subsidiary of Trustwave Holdings, Inc., has joined the Cybersecurity and Infrastructure Security Agency (CISA) Cyber Information Sharing and Collaboration Program (CISCP).
Cybereason, Cyderes Ink MDR Security Services Partnership (MSSP Alert) Cybereason & Cyderes, the security-as-a-service division of Fishtech Group & a Top 250 MSSP, partner to deliver managed detection & response (MDR) security services.
Cryptomathic and UTIMACO Partner to Deliver Integrated eIDAS Compliant Remote Qualified e-Signature Solution for Banks, Governments and Trust Service Providers (Utimaco) Consolidated security model enables providers to leverage the functionality of their preferred authentication solution to seamlessly introduce qualified remote e-signing services with the highest level of legal assurance.
Confluera Launches Cloud eXtended Detection and Response Solution (PR Newswire) Confluera, the leading provider of next-generation cloud detection and response, today announced the launch of the company's Cloud eXtended...
New Collaboration with Adobe and MAPP (Trend Micro) Collaboration with industry partners is helping secure the digital world by distributing Trend Micro vulnerability information to security vendors more quickly.
CyberGRX Supports Organizations in the Fight Against Ransomware (BusinessWire) CyberGRX announced the availability of CyberGRX Ransomware Threat Profiles, a new resource to help customers combat ransomware.
Synopsys Advances Application Security Testing for Developers with Rapid Scan (PR Newswire) Synopsys, Inc. (Nasdaq: SNPS) today announced the availability of new Rapid Scan capabilities within the company's Coverity static application...
Datadobi Announces the First Truly Vendor-Neutral and Scalable Unstructured Data Mobility Engine (BusinessWire) Datadobi today announced the launch of the only truly vendor-neutral unstructured data mobility engine.
Aqua Security Introduces Industry’s First Unified Cloud Native Security Platform | Aqua (Aqua) Aqua's cloud native security platform eases the journey from scanning and visibility to workload protection in cloud native environments.
SpecterOps Launches BloodHound Enterprise to Improve Active Directory Security for the Enterprise (BusinessWire) SpecterOps launches BloodHound Enterprise to improve Active Directory security for the enterprise.
Optiv Security’s Zero Trust Readiness Assessment Helps Clients Strengthen Their Network Infrastructure (BusinessWire) As the world becomes more connected, the threat of cyberattacks becomes increasingly problematic. The traditional “trusted network” is no longer viabl
A new chapter for Google’s Vulnerability Reward Program (Google Online Security Blog) Posted by Jan Keller, Technical Program Manager, Google VRP A little over 10 years ago , we launched our Vulnerability Rewards Program (VR...
Reblaze Announces Curiefense 1.4.0 Milestone Release, Bringing Web Security to NGINX (GlobeNewswire News Room) Curiefense is now integrated in the world’s most popular web server, bringing inherent security capabilities to combat hostile traffic...
Technologies, Techniques, and Standards
DoE Releases C2M2 Version 2.0 With Updates to Protect Critical Infrastructure (MeriTalk) The Department of Energy (DoE) has released an updated version of its Cybersecurity Capability Maturity Model (C2M2) with updates to address the cybersecurity of critical infrastructure, DoE’s Cybersecurity, Energy Security, and Emergency Response (CESER) unit announced July 21.
The time to prepare for CMMC is now – what we learned from Coalfire (Entrust Blog) The Cybersecurity Maturity Model Certification (CMMC), which affects organizations in the US Department of Defense (DoD) supply chain, establishes a
No More Ransom saves almost €1 billion in ransomware payments in 5 years (BleepingComputer) The No More Ransom project celebrates its fifth anniversary today after helping over six million ransomware victims recover their files and saving them almost €1 billion in ransomware payments.
Army seeks cybersecurity training platform (Intelligence Community News) On July 26, the U.S. Army posted a sources sought notice for a cybersecurity training platform. Responses are due by 2:00 p.m. Eastern on July 29.
Design and Innovation
IBM emphasizes potential of homomorphic encryption in delivering stronger data security (Back End News) Months year after technology giant IBM launched the fully homomorphic encryption (FHE), it now emphasizes how the technology is poised to deliver a much stronger security posture for organizations.…
Research and Development
Cobalt Iron Awarded Patent on Automated Network Traffic Shaping for Data Protection Operations
(Wallst.com) Cobalt Iron Inc., a leading provider of SaaS-based enterprise data protection, today announced that it has received a patent on its technology for automated network traffic shaping for data protection operations. Issued on July 13, U.S. Patent 11063907 describes new capabilities for Cobalt Iron Compass®, an enterprise SaaS backup platform, that enable dynamic adjustments to networks and storage networks in response to cyberthreats and other high-security alert conditions.
Academia
Government leaders visit UTSA’s National Security Collaboration Center to replicate its model of success (UTSA Today) op government leaders from the U.S. Cyber Command’s Joint Force Headquarters-Department of Defense Information Network (JFHQ-DODIN) were the latest guests at the National Security Collaboration Center (NSCC), located at UTSA.
Legislation, Policy, and Regulation
Deputy Secretary Sherman’s Visit to the People’s Republic of China (United States Department of State) The below is attributable to Spokesperson Ned Price: Deputy Secretary of State Wendy Sherman traveled to the People’s Republic of China for meetings with State Councilor and Foreign Minister Wang Yi and other PRC officials from July 25-26. The Deputy Secretary expressed the United States’ sincere condolences for the lives lost in the devastating floods […]
Chinese Officials Blame U.S. for Stalemate in High-Level Talks (Wall Street Journal) U.S. and Chinese officials sparred over Covid-19, human rights and cybersecurity in a tense exchange in the highest-level meetings between the two countries on Chinese soil since Joe Biden became president.
US-China relations: The bitter truth (BOL News) No other diplomatic relations are more consequential than the one between the United States and China, which are not only affecting the two countries but also l
China’s Tech Regulator Orders Companies to Fix Anticompetitive, Security Issues (Wall Street Journal) The country continued its crackdown on large technology companies by announcing a new six-month rectification program aimed at correcting a range of industry problems.
Russian international information security strategy: Change and continuity (Times of India Blog) Russia revises its cyber strategy from time to time, keeping in view the fast-changing security environment and threats which are growing world-over in geometrical progression. Russia likes to use the term “information Security”. On 12th...
Why Taiwan seeks Israel’s help to combat cybersecurity threats - opinion (The Jerusalem Post) Taiwan's cybersecurity agency estimates they face about 30 million cyberattacks every month – an average of 700 attacks every minute. About half of these originate from China.
Israel defence minister to visit France to discuss NSO, Iran (Reuters) Israeli Defence Minister Benny Gantz will travel to France this week to discuss spyware sold by Israeli cyber firm NSO that was allegedly used to target French President Emmanuel Macron.
Gantz heads to Paris to discuss NSO Group with French counterpart (Times of Israel) Macron reportedly called Bennett last week to press Israel to investigate claims over Pegasus spyware, including that his phone may have been a target
Hungarians protest against alleged illegal surveillance with Pegasus spyware (Reuters) About 1,000 Hungarians protested on Monday over allegations that the government used Israeli-made Pegasus spyware for illegal surveillance of public figures in Hungary, drawing comparisons with the country's communist past.
4 Democrats suggest blacklisting Israeli spyware firm over hacks of journalists, activists (Washington Post) Four House Democrats on Monday suggested blacklisting or imposing sanctions against the Israeli firm that licensed spyware used by governments to hack the smartphones of journalists, human rights activists and business executives.
Cabinet may approve first 'National Cyber Security Policy 2021' today (Brecorder) ISLAMABAD: The federal cabinet is likely to approve the first "National Cyber Security Policy 2021" and policy...
18 new cybersecurity bills introduced as US congressional interest heats up (CSO Online) The new bills, many with bi-partisan support, aim to increase cybersecurity funding, improve breach reporting, investigate cryptocurrencies, and more.
The US House just passed a bill to incentivize cybersecurity planning for state and local gov (Technical.ly Baltimore) The State and Local Cybersecurity Improvement Act hopes to make protection from ransomware attacks a budget priority.
Lawmakers advance cyber legislation (GCN) The Senate’s 2022 defense authorization bill and a number of House measures are addressing cyber authorities, domestic microelectronics manufacture, supply chain security and raising cyber awareness among the public.
Senate defense policy bill looks to bolster DoD information warfare (Defense News) The Senate Armed Services Committee finalized its version of the National Defense Authorization Act with several provisions dedicated to trying to improve cyberspace activities, information operations and electronic warfare.
DHS Pipes Up Again: Issues Second Directive On Pipeline Security (JD Supra) On July 20, 2021, the Department of Homeland Security’s Transportation Security Administration (“TSA”) announced the issuance of a second Security...
'Software Bill of Materials' — Not just good for security, good for business (TheHill) Tech and software companies should embrace a software ingredient list now, rather than resist or wait for the inevitable regulation.
The Cybersecurity 202: Cyber experts give Biden top marks at six months (Washington Post) At his six-month mark in office, President Biden is making the right moves to ensure the United States is safer in cyberspace, according to an overwhelming majority of cybersecurity experts we polled.
Connecticut Expands Data Breach Notification Law, Changes Effective October 1, 2021 (The National Law Review) In addition to recently passing a cybersecurity safe harbor law, Connecticut also updated its data breach notification law. Connecticut joins Texas in passing changes to breach not
Litigation, Investigation, and Law Enforcement
In FTC vs. Facebook, FTC Lost the First Round, But Could Win the Fight (ProMarket) To win, the FTC would need to explain how it calculated Facebook’s market share and why several metrics could actually be useful.
Fifth Circuit Finds Potential Coverage for Data Breach; Interprets “Publication” Broadly (JD Supra) Using general contract interpretation principles, the Fifth Circuit reversed summary judgment in favor of an insurer and found a duty to defend...
One of the Leaders of the Arizona Audit Says Cyber Ninjas Might Be Cooking the Books (Slate Magazine) Bennett’s turnaround is indeed noteworthy given that he was one of the drivers of this clown car of lies.
The Cybersecurity 202: Arizona could face a more than $9 million clean up bill after a partisan election audit (Washington Post) Arizona’s heading into the red on election security, driven by a partisan audit in Maricopa County and baseless claims by former president Donald Trump and his allies that his election loss wasn’t legitimate.
Police Are Telling ShotSpotter to Alter Evidence From Gunshot-Detecting AI (Motherboard) Prosecutors in Chicago are being forced to withdraw evidence generated by the technology, which led to the police killing of 13-year-old Adam Toledo earlier this year.
Convenience Store Chain Can't Shield Investigative Report on Data Breach From Discovery, Judge Rules (The Legal Intelligencer) A federal judge has ruled that because an investigative report commissioned by Pennsylvania-based convenience store chain Rutter's in response to a data security breach was not prepared for litigation purposes, it is not privileged.
Pa. Convenience Store Must Fork Over Data Breach Report (Law360) A Pennsylvania magistrate judge has directed a chain of gas stations and convenience stores to turn over a cybersecurity firm's forensic analysis of a 2018 data breach to consumers suing over the incident, finding that the report was commissioned to determine the scope of the attack rather than to prepare for litigation.
Judge: Ex-CIA worker can represent himself in espionage case (Washington Post) A judge says a former CIA software engineer can represent himself at his upcoming retrial on espionage charges