Attacks, Threats, and Vulnerabilities
The FBI’s warning to Silicon Valley: China and Russia are trying to turn your employees into spies (protocol) A top special agent in San Francisco has a stark message: "Raise your shields."
This vulnerability puts the future of U.S. warfighting at risk (Medium) Security flaws in a standardized component widely used in military and avionics systems threaten the Pentagon’s plans for an Internet of…
T-Mobile customer breach raises fears of account takeovers (Yahoo) T-Mobile confirmed a data breach affecting more than 47 million records after hackers offered customer data for sale online.
Hackers Steal $97 Million from Japanese Crypto-Exchange Liquid (SecurityWeek) The Japan-based cryptocurrency exchange says hackers stole Ethereum, Bitcoin, Stablecoins, Ripple, and other tokens.
Japanese crypto-exchange Liquid hacked for $94 million (The Record by Recorded Future) Tokyo-based cryptocurrency exchange Liquid said that hackers breached its servers and stole crypto-assets estimated to be worth at least $94 million at today's exchange rates.
No Display: New Obfuscation Tactic Emerges (Avanan) A new obfuscation technique uses display: none to bypass filters.
Cloudflare says it mitigated a record-breaking 17.2M rps DDoS attack (The Record by Recorded Future) Internet infrastructure company Cloudflare disclosed today that it mitigated the largest volumetric distributed denial of service (DDoS) attack that was recorded to date.
Cloudflare thwarts 17.2M rps DDoS attack — the largest ever reported (Cloudflare) Earlier this summer, Cloudflare’s autonomous edge DDoS protection systems automatically detected and mitigated a 17.2 million request-per-second (rps) DDoS attack, an attack almost three times larger than any previous one that we're aware of.
'Neurevt' Trojan Targets Mexican Bank Customers (BankInfoSecurity) Researchers at the security firm Cisco Talos have spotted an ongoing campaign using an updated variant of the "Neurevt" Trojan to target customers of
Unpatched Fortinet Bug Allows Firewall Takeovers (Threatpost) The OS command-injection bug, in the web application firewall (WAF) platform known as FortiWeb, will get a patch at the end of the month.
RansomClave project uses Intel SGX enclaves for ransomware attacks (The Record by Recorded Future) Academics have developed a proof-of-concept ransomware strain that uses highly secure Intel SGX enclaves to hide and keep encryption keys safe from the prying eyes of security tools.
BadAllow Flaw Endangers Millions of Cars and Medical Devices (softpedia) QNX affected by a critical C Runtime Library Vulnerability
Kerberos Authentication Spoofing: Don’t Bypass the Spec (Threatpost) Yaron Kassner, CTO at Silverfort, discusses authentication-bypass bugs in Cisco ASA, F5 Big-IP, IBM QRadar and Palo Alto Networks PAN-OS.
JPMorgan Chase Notifies Customers of Data Breach (Infosecurity Magazine) Technical issues may have allowed customers in Montana to view other customers’ personal data
Data stolen as social housing group suffers cyber security attack (Manchester Evening News) The organisation serves thousands of tenants and other clients
More Than 600K Patients Impacted by UNM Health Data Breach (HealthITSecurity) UNM Health discovered a data breach that impacted over 600,000 patients, possibly exposing personally identifiable information.
Memorial Health System progresses after attack (Marietta Times) The Memorial Health System is restoring systems after Sunday’s ransomware cyber attack, officials said on Wednesday. “The process of healing begins today,” said Memorial Health System President and CEO Scott Cantley. “In the last 24 hours, we have made progress,” he said. “We have completed an agreement and received the keys to unlock […]
Cyberattack Forces Memorial Health System to Cancel Surgeries, Divert Patients (SecurityWeek) Healthcare organization Memorial Health System is in the process of restoring operations after falling victim to a cyberattack on Sunday.
Ransomware attack exposed info of 1.4 million Georgia health system patients (Becker's Hospital Review) More than 1 million St. Joseph's/Candler patients' and employees' personal information was exposed during a ransomware attack on the Savannah, Ga.-based health system in June.
St. Joseph's/Candler ransomware investigation ongoing, patients offered identity protection (Savannah Morning News) Patients were offered membership to identity protection service, Experian, as the investigation into the ransomware attack continues.
Over 600 ICS Vulnerabilities Disclosed in First Half of 2021: Report (SecurityWeek) More than 600 ICS vulnerabilities were disclosed in the first half of 2021, according to industrial cybersecurity firm Claroty.
Security Patches, Mitigations, and Software Updates
Cisco: Critical Flaw in Older SMB Routers Will Remain Unpatched (SecurityWeek) Cisco confirms the vulnerability could allow unauthenticated, remote attackers to execute arbitrary code or cause a denial of service condition
Researchers patch Microsoft's 'Petitpotam' vulnerability patch (iTnews) August fix did not cover all vectors.
AVEVA SuiteLink Server (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.1
ATTENTION: Exploitable remotely/low attack complexity
Vendor: AVEVA Software, LLC
Equipment: SuiteLink Server
Vulnerabilities: Heap-based Buffer Overflow, Null Pointer Dereference, Improper Handling of Exceptional Conditions
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could cause the SuiteLink Server to crash.
GitHub Encourages Users to Adopt Two-Factor Authentication (SecurityWeek) GitHub is once again encouraging users to enable two-factor authentication (2FA) to better secure their accounts.
Trends
Ransomware recovery can be costly, and not just because of the ransom (TechCrunch) Ransom payments typically account for less than 20% of the total cost of a ransomware attack
Newest Target of Cyber Attacks: America's Hospitals (The Crime Report) Nearly half of all U.S. hospitals have disconnected their networks in the past six months because of the escalating ransomware attacks, according to a new study.
Marketplace
Sedulous Consulting Services and Infinity Support Services Merge to support Government Contractors and Commercial Firms in the Cybersecurity and IT Space (Yahoo Finance) Today's acquisition of Infinity Support Services by Sedulous Consulting Services brings together three minority veterans of the cybersecurity, IT and logistics space, with over 90 years of collective experience in the US military and private sector. The merger comes as Congress approves an historic and bipartisan $550 Billion infrastructure bill, and in June the Senate directed $250 Billion for basic and advanced technology research.
Tesserent acquires Loop Secure for $13.5 million (ARN) Publicly listed cyber security services provider Tesserent plans to acquire cyber security firm Loop Secure as a "strategic addition" to the company for a combined price of $13.5 million.
MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security (The Last Watchdog) So NortonLifeLock has acquired Avast for more than $8 billion. This deal reads like to the epilogue to a book titled The First 20 Years of the Supremely Lucrative Antivirus Market. Way back in 1990, Symantec acquired Norton Utilities and made Norton the heart of its antivirus subscription offering. Related: The coming of ubiquitous passwordless […]
Trend Micro Maintains Cloud Leadership with 177% Sales Growth in AWS Marketplace (PR Newswire) Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, reports increased momentum as an Amazon Web Services (AWS)...
1Kosmos Continues Year of Growth and Introduces New Brand Identity (BusinessWire) 1Kosmos, the only cybersecurity solution to provide identity proofing and passwordless authentication, announces business growth and rebrand.
Secureworks Wins Frost and Sullivans 2021 Customer Value Leadership Award for Taegis XDR (Secureworks) Prestigious honor highlights Secureworks’ excellence in delivering improved security outcomes by enabling customers to rapidly detect, prioritize and respond to threats
Detectify Teams up with Hackers for Change to Benefit Security and Ethical Hacking Communities, Bolster Security for Non-profit Organizations (PR Newswire) Detectify, the SaaS security company powered by ethical hackers, today announced its partnership with Hackers for Change. The collaboration...
Blacks In Cybersecurity Makes History with Black Badge laden Capture The Flag Competition at DEF CON 29 (Black PR Wire) Blacks in Cybersecurity (BIC) has solidified its place in the Hacker community as they received a Black Badge designation for their CTF Contest.
Oxfam Australia creates CDO role after data breach (iTnews) Exec will take charge of cyber security.
Products, Services, and Solutions
KnowBe4 Launches Resource Kit to Defend Against Mounting Cyber Attacks (BusinessWire) KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today launched a resource kit in recognition
Introducing Spamcheck: A data-driven, anti-abuse engine (GitLab) How we built, tested and deployed a new tool on GitLab that fights spam and abuse.
Blackpoint Cyber Announces New Integration with Cylance (BusinessWire) Blackpoint Cyber, founded by former US Department of Defense and Intelligence cybersecurity experts to provide real-time threat detection and response
Technologies, Techniques, and Standards
Protecting Sensitive and Personal Information from Ransomware-Caused Data Breaches (CISA) Over the past several years, the Cybersecurity and Infrastructure Security Agency (CISA) and our partners have responded to a significant number of ransomware incidents, including recent attacks against a U.S. pipeline company and a U.S. software company, which affected managed service providers (MSPs) and their downstream customers.
CISA offers ransomware response guidelines to organizations (SearchSecurity) CISA released a guide on Wednesday to help organizations defend against and recover from ransomware attacks.
Why it's important to create a common language of cyber risk (TechRepublic) All departments of an organization need to be on the same page where cybersecurity is concerned, and that will only happen if the terminology used is understood by all.
Why we need vehicle cyber security expertise more than ever before (Electric Autonomy Canada) With vehicles getting smarter and more connected, vulnerability to hacking grows and the need for a cybersecurity plan is paramount
Webroot: Security Awareness Training Is The Key To Resilience (CRN) Security awareness training is the most worthwhile investment MSPs can make to strengthen their clients’ defenses against ransomware and other cyber threats, according to Webroot.
Positive news: cyber security in the sector (Charity Digital) The first article in our new series explores the positive ways in which charities have implemented cybersecurity in recent weeks, months, and years
Design and Innovation
Opinion: We built a system like Apple’s to flag child sexual abuse material — and concluded the tech was dangerous (Washington Post) Earlier this month, Apple unveiled a system that would scan iPhone and iPad photos for child sexual abuse material (CSAM). The announcement sparked a civil liberties firestorm, and Apple’s own employees have been expressing alarm. The company insists reservations about the system are rooted in “misunderstandings.” We disagree.
OnlyFans to Bar Sexually Explicit Videos Starting in October (Bloomberg) Popularity of the website has exploded during the pandemic. Many sex workers use OnlyFans to charge customers online.
Research and Development
Only Facebook knows the extent of its misinformation problem. And it’s not sharing, even with the White House. (Washington Post) The White House, academics and other researchers have struggled as the company locks down its data about the insurrection and vaccines.
Legislation, Policy, and Regulation
Experts react: The Taliban has taken Kabul. Now what? (Atlantic Council) Atlantic Council experts, many of whom have spent many years in the trenches on Afghanistan policy, weigh in on the fall of Kabul.
Afghanistan: thousands stranded in Kabul as Taliban go door-to-door (the Guardian) Taliban checkpoints and paperwork prevent evacuees from getting to airport as militants search for those who worked with previous regime
Afghanistan’s looming cash crisis threatens to worsen a humanitarian disaster (MIT Technology Review) Insiders say the country was on the brink of modernizing its banking system before the US withdrawal.
With Afghan Collapse, Moscow Takes Charge in Central Asia (New York Times) Along with Pakistan and China, Russia has gained broad influence in security matters at the expense of the United States and India.
WSJ News Exclusive | Putin Rejected Role for U.S. Forces Near Afghanistan at Summit With Biden (Wall Street Journal) Russian President Putin at a June summit rebuffed hopes to position forces temporarily in Central Asia, a key element of the U.S. withdrawal from Afghanistan.
Opinion | How Biden Broke NATO (Wall Street Journal) The chaotic Afghan withdrawal has shocked and angered U.S. allies.
The west’s nation-building fantasy is to blame for the mess in Afghanistan (the Guardian) British MPs have turned on Johnson – but what tidy end did they expect from this imperialist experiment, asks Guardian columnist Simon Jenkins
President Biden will speak Friday on the troubled evacuation effort. (New York Times) The remarks come after days of tumult in and around Hamid Karzai International Airport since the Taliban took Kabul.
Opinion | To Save His Presidency, Biden Must Tell the Truth About Afghanistan (New York Times) He may not be able to save his ambitious legislative agenda unless he understands this crucial lesson from the past.
WSJ News Exclusive | Internal State Department Cable Warned of Kabul Collapse (Wall Street Journal) State Department officials serving in Kabul sent an internal memo to Secretary of State Antony Blinken warning of the potential collapse of the capital soon after the Aug. 31 troop withdrawal deadline.
Why Was the Administration So Slow to Evacuate US Allies in Afghanistan? (Defense One) “We have been screaming from the rooftops that we need to get these allies out,” one leader of a U.S.-based resettlement organization said.
Opinion: Biden’s ‘team of sycophants’ enabled his Afghanistan disaster (Washington Post) In 2014, Sen. John McCain (R-Ariz.) took to the Senate floor to deliver a blistering speech opposing Antony Blinken’s nomination as deputy secretary of state. Noting his years working for then-Vice President Joe Biden, McCain declared that Blinken was “not only unqualified” but also would be “dangerous to America and to the young men and women who are fighting and serving our country.”
What Biden knew: Intel community pushes back on claims of Taliban stunner (Axios) A spate of leaks assert that the intelligence agencies provided prescient Afghanistan assessments.
Ransom-where is your money going? Introduction of the Ransomware Payments Bill 2021 (Cth) (Lexology) A number of high profile media and entertainment businesses have been the victims of ransomware attacks in recent years. In Australia, a Bill has…
China orders annual security reviews for all critical information infrastructure operators (Register) Almost any org that could expose data needs a dedicated security team with an obligation to report breaches
China Passes One of the World’s Strictest Data-Privacy Laws (Wall Street Journal) China approved a sweeping privacy law that will curb data collection by technology companies, but that policy analysts say is unlikely to limit the state’s widespread use of surveillance in the country.
China passes major data protection law as regulatory scrutiny on tech sector intensifies (CNBC) China has passed the Personal Information Protection Law (PIPL), which lays out for the first time a comprehensive set of rules around data collection.
The Turkish Data Protection Board Once Again Emphasizes the Importance of Data Breach Notifications (Mondaq) See our overview of The Turkish Data Protection Board’s current view of companies that can prove that they have taken the necessary measures to prevent and control data breaches in Turkey.
Army looks to revise cyber operations doctrine (FCW) Brig. Gen. Paul Stanton, the commanding general for the Army's Cyber Center of Excellence, said the service was in the final stages of publishing a revised field manual on how it executes cyber operations.
Army Special Forces want to integrate more with other military units on info warfare (Defense News) The teams are learning the power of a new Information Warfare Center to combat adversaries below the threshold of armed conflict.
Build a More Effective Cyber Force, Not More Bureaucracy - War on the Rocks (War on the Rocks) We trained hard, but it seemed that every time we were beginning to form up into teams we would be reorganized. … e tend as a nation to meet any new
Historically called in following natural disasters and during emergencies, National Guard cybersecurity units can help municipalities in the digital realm (American City and County) Amid the busyness of news events this week, it might have been easy to miss that yet another massive cyberattack exposed the data of tens of millions of pe
Litigation, Investigation, and Law Enforcement
T-Mobile Faces Regulatory Scrutiny After Hack (Wall Street Journal) A Federal Communications Commission probe is the agency’s first high-profile cyber inquiry under a Biden administration that has promised to more aggressively police companies’ security standards and privacy safeguards.
FTC files renewed antitrust complaint against Facebook (CNBC) A federal judge dismissed the FTC's initial complaint in June but gave it a second chance to amend its filing.
FTC says Facebook has been a monopoly ‘since at least 2011’ in amended antitrust complaint (The Verge) Ten years on top
Belarus Brands Group Who Claimed to Hack Interior Ministry 'Extremist' (SecurityWeek) A court in Belarus declared Wednesday a group of hackers who claim to have carried out a massive hack on the interior ministry in an attack on President Alexander Lukashenko's regime to be an "extremist" organisation.
Lincoln-based Ameritas sued over 2019 data breach (JournalStar.com) Cynthia Weisenberger's attorney, Vince Powers, said in the past two years, she's experienced a "slew of harms," including the loss of $280 due to fraudulent activity on her Amazon account.
Deloitte Proposes to Pay $4.95 Million to End Data Breach Suit (Bloomberg Law) Deloitte Consulting LLP has agreed to pay $4.95 million to resolve claims that websites it designed for state employment agencies in Illinois, Ohio, and Colorado were unreasonably vulnerable to security breaches.