Attacks, Threats, and Vulnerabilities
South Africa's Transnet restores operations at ports after cyber attack (U.S.) South African state logistics firm Transnet has fully restored operations at ports following a cyber attack that forced the firm to declare force majeure at its container terminals, the Ministry of Public Enterprises said.
‘Death Kitty’ Ransomware Linked to South African Port Attack (Bloomberg) South Africa’s Transnet suffered the cyberattack last week. Ransom note similar to others assessed in recent months.
Cyber-attack on Iranian railway was a wiper incident, not ransomware (The Record by Recorded Future) The cyber-attack that paralyzed Iran's national railway system at the start of the month was caused by a disk-wiping malware strain named Meteor and not by a ransomware attack, according to research published by security firms Amnpardaz and SentinelOne, which managed to obtain a copy of the malware.
Air Force special operations’ next big battlefield: Facebook (Task & Purpose) Five years after Russian troll farms made headlines for spreading disinformation in the 2016 election, the U.S. response remains 'fractured.'
US Gov Warning: VPN, Network Perimeter Product Flaws Under Constant Attack (SecurityWeek) A high-powered joint advisory calls attention to gaping holes in perimeter-type devices like VPN appliances, network access gateways and enterprise cloud applications.
FormBook Malspam Campaign Targets Standard Chartered Bank Customers Across The Globe (Bitdefender) Just a week after Bitdefender Antispam Labs reported on a phishing campaign targeting financial and personal details of Bank of America customers, cybercriminals brought out their big guns in a new, more dangerous attack on Standard Chartered Bank users. The ongoing malicious campaign seeks to infect recipients’ devices with FormBook malware under the...
New Android malware records smartphones via VNC to steal passwords (The Record by Recorded Future) Security researchers have discovered a novel piece of Android malware that uses the VNC technology to record a victim's smartphone screen in order to collect and steal their passwords.
Vultur, with a V for VNC (ThreatFabric) In late March 2021, ThreatFabric detected a new RAT malware that we dubbed Vultur due to its full visibility on victims device via VNC. For the first time we are seeing an Android banking trojan that has screen recording and keylogging as main strategy to harvest login credentials in an automated and scalable way.
Babuk: Biting off More than they Could Chew by Aiming to Encrypt VM and *nix Systems? (McAfee Blogs) Co-written with Northwave’s Noël Keijzer. Executive Summary For a long time, ransomware gangs were mostly focused on Microsoft Windows operating systems.
Babuk--Moving to VM and *Nix Systems Before Stepping Away (McAfee) For a long time, ransomware gangs were mostly focused on Microsoft Windows operating systems. Yes, we observed the occasional dedicated Unix or Linux based ransomware, but
cross-platform ransomware was not happening yet. However, cybercriminals never sleep and recent months we noticed that several ransomware gangs were experimenting with writing their binaries in the cross-platform language Golang (Go).
Criminal Market for Initial Access (Positive Technologies) Information security is a priority area for companies, and a huge amount of resources, including money, are spent on maintaining an adequate standard of security.
BlackMatter & Haron: Evil Ransomware Newborns or Rebirths (Threatpost) They’re either new or old REvil & DarkSide wine in new bottles. Both have a taste for apex companies and DarkSide-esque virtue-signaling.
Threat intel firms suggest ransomware gang 'BlackMatter' has ties to DarkSide, REvil hackers (CyberScoop) Digital sleuths at cyber threat intelligence firms have found clues that a seemingly new ransomware organization has links to DarkSide and REvil, two gangs that suddenly disappeared shortly after major attacks.
Large Food & Beverage Company Mail Service Hack Delivers a Steaming Plate of Evil to Email Recipients (INKY) Between July 13 and July 16, INKY detected 121 phishing emails in a similar attack that originated from a compromised Mailgun email marketing account used by a Large Food & Beverage Company fast-food chain. Mailgun is a similar email marketing service to Constant Contact and is widely recognized in the industry based on the email volumes it distributes.
Indonesia's BRI Life probes reported data leak of two mln users (Reuters) BRI Life, the insurance arm of Indonesia's Bank Rakyat Indonesia (BRI) (BBRI.JK), said on Tuesday it was investigating claims that the personal details of over two million of its customers had been advertised for sale by unidentified hackers.
Kaseya's Unitrends Technology Has Zero-Day Flaws (BankInfoSecurity) Researchers are warning of three zero-day vulnerabilities in Kaseya's Unitrends cloud-based enterprise backup and disaster recovery technology. The news comes after
DIVD-2021-00014 - Kaseya Unitrends (DIVD CSIRT) Users of on-premise Kaseya Unitrends are advised to not expose this service directly to the internet
Hackers posed as flirtatious UK aerobics instructor while targeting US defense contractor's employee (TheHill) Cybersecurity researchers said that hackers with ties to the Iranian government targeted U.S.
Japanese Official Says Data Leak Exposed Account Credentials of Olympics Ticket Buyers and Summer Games Volunteers (CPO Magazine) Login credentials of Tokyo Olympics ticket buyers were reportedly leaked on the internet, a government official speaking on condition of anonymity told Kyodo news.
Olympics Broadcaster Announces His Computer Password on Live TV (Motherboard) The announcer complained that it could have been a bit easier to type.
Council continues to face cyber-attack (Crowborough Life) Wealden District Council continues to face a ‘sustained’ cyber-attack, Councillors have heard.
An Innocuous Post On Social Media Could Make You A High Value Target For Cyber Criminals (International Business Times) Understanding the risk potential is important, as is knowing how to combat it and how to make sure there's a top-down approach for instituting cyber and social media hygiene policies.
Security Patches, Mitigations, and Software Updates
Foxit Plugs Multiple Security Holes in PDF Reader, Editor (SecurityWeek) Foxit Software patches vulnerabilities that put users at risk of remote code execution attacks via specially crafted PDF files.
Trends
Global Resilience Federation Releases Multi-Sector Ransomware Impact Report: Manufacturing Most Heavily Targeted Sector (My TechDecisions) Incident Data Pulled from Closed Threat Actor Forums on Dark Web HERNDON, Va.–(BUSINESS WIRE)–The nonprofit Global Resilience Federation (GRF) has created a semiannual report detailing ransomware attacks across sectors, based on incident data gathered directly from threat actor chatter on the Dark Web. The report highlights major attacks, emerging ransomware gangs, and offers analysis on […]
IBM: Average Cost of Data Breach Exceeds $4.2 Million (SecurityWeek) A global study commissioned by IBM shows that the average cost of a data breach exceeds $4.2 million, up from $3.8 million in the previous year.
Coveware: Median ransomware payment down 40% in Q2 2021 (SearchSecurity) The median ransomware payment declined 40% between Q1 and Q2 of this year, according to a Friday blog post by ransomware incident response firm Coveware.
Vulcan Cyber Survey Finds 76% of Companies Impacted by IT Vulnerabilities in the Last Year (PR Newswire) Vulcan Cyber®, developers of the industry's only risk-based remediation platform for infrastructure, application and cloud security, today...
Varonis 2021 SaaS Risk Report (Varonis) New research finds that on average, 43% of all cloud identities are abandoned and exposed. Read the full report.
Why Cyberattacks on Manufacturing are on the Rise | Radiflow (Radiflow) OT cyberattacks are on the rise with the transition to Industry 4.0. The key for mitigation is knowing and managing your network risk.
The most common cybersecurity mistakes doctors make (Medical Economics) The risks of poor cybersecurity hygiene have never been greater. Here’s how physicians can improve theirs.
Marketplace
SolCyber Launches Modern MSSP with $20 Million in Series A Funding Led by ForgePoint Capital (PR Newswire) SolCyber today launched as the first modern MSSP for the mid-market, enabling organizations to prevent, monitor and respond to cybersecurity...
Securitas acquires leading electronic security company in Germany (PR Newswire) Securitas, the world's leading intelligent protective services partner, has agreed to acquire Protection One, the German market leader...
Cybersecurity Chiefs Are in High Demand as Companies Face Rising Hacking Threats (Wall Street Journal) As companies face growing hacking risks, corporate cybersecurity chiefs are earning more money compared with last year, but in many cases are still reporting to IT leaders.
Looking for an Alternative Investing Opportunity? This Cybersecurity Firm Can be a Compelling Option. (Entrepreneur) Cybersecurity has become a major concern in the modern digital age and NanoVMs has set out to make a difference.
Products, Services, and Solutions
ZeroFox Launches New External Threat Hunting Module within Platform, Empowering Analysts with Direct Access to Full-Spectrum Threat Intelligence Data Lake (BusinessWire) ZeroFox releases advanced external threat hunting capabilities designed to provide real-time threat intelligence.
Fastly Hits Critical Milestone in Extending App and API Protection to The Network Edge With Superior Signal Technology (Fastly) Fastly’s edge cloud platform helps the world’s most popular digital businesses keep pace with their customer expectations by delivering fast, secure, and scalable online experiences.
Ermetic Joins AWS ISV Accelerate Program to Streamline Customer Experience (Ermetic) Ermetic today announced that it is joining the Amazon Web Services (AWS) Independent Software Vendor (ISV) Accelerate Program.
Identity Management Institute Enhances the Certified Identity Management Professional (CIMP)® Program (PR Newswire) Identity Management Institute has launched the study guide and examination for the Certified Identity Management Professional (CIMP)®...
Socure Reinvents KYC Accuracy and Coverage, Delivering Up to 94% Customer Approval Rates For Hard-to-Identify Populations, Including Gen Z, Millennials, and New-to-Country (BusinessWire) Socure, the leading provider of digital identity verification and trust solutions, today introduced several technologies as it further expands its KYC
Enterprise Strategy Group (ESG) Recognizes Pathlock's Access Orchestration Solution as Future of Application Security (PR Newswire) Pathlock, the leading provider of unified access orchestration, today announced the release of a groundbreaking report that underlines why a...
Technologies, Techniques, and Standards
Mitre D3FEND explained: A new knowledge graph for cybersecurity defenders (CSO Online) D3FEND is a new schema released by Mitre last month to establish a common language to help cyber defenders share strategies and methods. It is a companion project to the company’s ATT&CK framework.
Use immutable backups to prevent data loss, boost compliance (SearchDataBackup) Immutable backup enables organizations to better maintain and protect data. Learn the benefits and drawbacks of immutable backups.
Defend Against Ransomware With Relationship-Driven Incident Response (CSO Online) A large company recently had a close call with a ransomware attack. The saga started with a malware download.
On-Demand Video: CMMC Town Hall JULY 28, 2021 (NeoSystems LLC) Join NeoSystems CISO Ed Bassett, and Mike Gordon, CISO, Lockheed Martin, for an extended conversation about CMMC compliance and preparedness....
NIWC Atlantic Passes Two Command Cyber Readiness Inspections Thanks to Audit Readiness Team Efforts (DVIDS) Naval Information Warfare Center (NIWC) Atlantic announced the command’s passing of two back-to-back Command Cyber Readiness Inspections (CCRIs) held earlier this year.
Research and Development
WPI Engineer Creates Cyber-Resilient System As Cyber Defense (WPI) WPI engineer develops a second line of cyber defense to keep intelligent systems like autonomous cars, robots, & smart buildings operating safely when hacked.
FAU Invention for Privacy of Sharing Files Online Gets U.S. Patent (Florida Atlantic University) A College of Engineering and Computer Science researcher’s novel technology provides maximum privacy of sharing files online by controlling how and when documents are displayed and viewed.
Academia
Harford Community College receives $52K in supplemental grant funding for cybersecurity program (Baltimore Sun) Harford Community College, a National Center of Academic Excellence in cyber defense education, received $52,440 in supplemental funding from the National Science Foundation’s Advanced Technological Education program.
Legislation, Policy, and Regulation
Israeli defense minister in France with Pegasus spyware on the agenda (Washington Post) Israeli Defense Minister Benny Gantz met with his French counterpart on Wednesday as Israel ramped up its investigation of a spyware firm accused of facilitating surveillance against human rights activists, dissidents, as well as world leaders, including France's Emmanuel Macron.
China’s Sputnik Moment? (Foreign Affairs) How Washington boosted Beijing's quest for tech dominance.
As cyberattacks skyrocket, Canada needs to work with — and not hinder — cybersecurity experts (The Conversation) Cyberattacks are on the rise. Canada needs to work with cybersecurity experts to enable them to identify and address security vulnerabilities.
Cabinet approves National Cyber Security Policy (The Express Tribune) Information Minister Fawad Chaudhry says the threat assessment committee will make policy regarding the protocol of VIPs
In spats with Twitter, India's government begins messaging shift to rival Koo (Reuters) Twitter Inc (TWTR.N) is fast losing its sheen as a favoured communications tool for many Indian government departments and ministers keen to promote home-grown rival Koo while the U.S. firm comes under fire for non-compliance with India's laws.
Decoding Taiwan's Information Security Industry's Dilemma (Business Insider) Brain Shen, Chairman of Information Service Industry Association (CISA), has recently published an article t...
Biden Directs Agencies to Develop Cybersecurity Standards for Critical Infrastructure (Wall Street Journal) The effort is the latest by the Biden administration attempting to shore up the nation’s defenses against disruptive cyberattacks.
US Acting to Better Protect Infrastructure From Cyberthreats (SecurityWeek) The Biden administration is eyeing ways to harden cybersecurity defenses for critical infrastructure and announced the development of performance goals and a voluntary public-private partnership to protect core sectors.
White House Issues Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems (The National Law Review) On July 28, 2021, President Biden signed a National Security Memorandum entitled “Improving Cybersecurity for Critical Infrastructure Control Systems” (the “Memorandum”). The M
Biden administration eyes mandates under new effort to improve critical infrastructure cybersecurity (Federal News Network) There’s a new voluntary effort to improve critical infrastructure cybersecurity, but current and former officials see the potential for future federal mandates.
The Cybersecurity 202: Combating ransomware’s a top priority for the Senate Homeland Security Committee (Washington Post) Leaders of the Senate Homeland Security Committee are poised to introduce legislation aimed at combatting damaging ransomware attacks and launching a probe to thwart criminal hackers who use cryptocurrency to demand and receive multimilllion-dollar ransoms.
Many ransomware attacks go unreported. The FBI and Congress want to change that. (Washington Post) Congress, urged on by the nation’s top law enforcement agencies, is pushing to require companies to report ransomware attacks in an effort to help the government understand the scope of the threat.
FTC Chair Khan wants to stop Big Tech from 'supercharging' fraud, warns of 'merger boom' (SeekingAlpha) Lina Khan, the Joe Biden-nominated chairperson of the Federal Trade Commission and a well-known critic of technology behemoths like Apple (AAPL), Facebook (FB) and Google...
DOL Cyber Scrutiny Higher for ‘Those Running the Systems’ (National Association of Plan Advisors) The Labor Department wants everyone to be attentive to cybersecurity protocols as a fiduciary responsibility, but there’s a higher expectation for those “running the systems.”
Biden nominates Huawei prosecutor for key China export post (Reuters) U.S. prosecutor Thea Kendler, an attorney on the criminal case against China's Huawei and its Chief Financial Officer Meng Wanzhou, will be nominated for a Commerce Department post vital to controlling exports to China, the White House said on Wednesday.
UK's National Cyber Security Centre needs its posh Westminster digs, says Cabinet Office, because of WannaCry (Register) May need to upgrade 'bunfight' into 'cake-flinging war' over this one
Litigation, Investigation, and Law Enforcement
Israel begins investigation into NSO Group spyware abuse (MIT Technology Review) “We want them to check everything,” says the CEO of a cybersecurity company implicated in campaigns against politicians, activists, and other notable figures.
Israeli government raids NSO Group offices (The Record by Recorded Future) Officials from multiple Israeli government agencies have raided today the offices of surveillance software vendor NSO Group, the Israeli Ministry of Defense announced today.
Israeli authorities inspect offices of NSO Group (Computing) Spyware firms claims the inspection was just a 'visit', not a 'raid'
Israeli Authorities Inspect NSO Offices After Damning Investigation (Motherboard) NSO said it is working with Israeli authorities “in full transparency.”
Israeli authorities inspect NSO Group offices after Pegasus revelations (the Guardian) Officials visit offices near Tel Aviv as Israeli defence minister meets French counterpart in Paris
I worked at Israeli phone hacking firm Cellebrite. They lied to us (Haaretz) Cellebrite does nothing to prevent the abuse of its products by customers. It knowingly sells products and services to users of dubious repute
License holder of coup-linked app faces 15-year jail term in Turkey (Al-Monitor) An American citizen of Turkish origin reportedly turned himself in to Turkish authorities and faces a 15-year jail sentence for his role in founding the ByLock phone app, which state officials claim was used by supporters of a failed coup in 2016.
India Court Says Twitter in ‘Total Non Compliance’ of New Rules (Bloomberg) Twitter says it is setting up a new liaison office in India. Court gives Twitter a week to show clear steps for compliance.
Scott Cole & Associates Announces U.C. San Diego Health Data Breach Investigation (BusinessWire) Scott Cole & Associates is currently investigating the U.C. San Diego on claims of negligence and invasion of privacy arising out of the health ca
Federman & Sherwood Announces an Investigation of the UC San Diego Health Data Breach (BusinessWire) Federman & Sherwood announces that it is investigating claims on behalf of UC San Diego Health (“UCSD Health”) patients, employees, and students.
Federman & Sherwood Announces the Filing of a Class Action On Behalf of ClearBalance Data Breach Victims (BusinessWire) Federman & Sherwood announces that it has filed a class action on behalf of ClearBalance customers whose confidential information was disclosed to
What's in Your Trash? Cyber Lawsuit Blames Trash Company for Data Breach (ClearanceJobs) People can and will sift through your garbage to find sensitive information. How does the court put a cost on a data breach?
Prisoners fear drug violence from alleged medical data breach (North Shore News) “Prescription drugs have significant value and are in high demand”
In some California privacy cases, analytics trackers are in the crosshairs (Digiday) It is clear that CCPA enforcement is not just about data breaches. It's about cookies and tracking technologies — including analytics trackers.
The Justice Department Is Sending States A Second Warning About Partisan "Audits" Of The 2020 Election (BuzzFeed News) The DOJ would not say whether it plans to take any action against Arizona and other states pursuing partisan audits.